Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My Laptop is all locked up


  • This topic is locked This topic is locked
6 replies to this topic

#1 davidolson255

davidolson255

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:37 PM

Posted 13 September 2013 - 12:43 AM

As before, I have a Toshiba Satellite L875-S7208 Laptop running Windows 7 Home Premium.  It was working great until about 2 or 3 weeks ago, when I noticed that I was getting some random error when trying to open Windows Explorer and Control Panel.  So far, I've ran SecurityCheck, FSS, MiniToolBox, mbar rootkit killer, rkill and tdsskiller (as well as ComboFix).  I will try to get the log files from my laptop.  I currently have it disconnected from my network as I don't want to spread back to my desktop pc.  I'm debating on setting up my iPhone as a hotspot to connect the laptop with as the AV Definitions need to get updated.

 

 

 



BC AdBot (Login to Remove)

 


#2 davidolson255

davidolson255
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:37 PM

Posted 13 September 2013 - 01:16 AM

OK, This is becoming challenging.  I can't get the laptop wifi to connect to my phone.  It shows it in the list of nearby connections, but won't connect when i select it and click connect.  I've tried putting the log files on a USB Flash Drive, but whenever I insert the flash drive on my PC, I get all locked up and have to go into the Registry and delete the entries called Features\LOCK_WORKSTATION_FEATURE from a few locations, then reboot.  I really want/need to get this resolved, but not sure how to provide the logs.

 

BTW - I can get into DOS Prompt and Notepad on the laptop.  I use Notepad, click Open, change the file pattern from *.txt to *.* (all files), then I am able to browse my files/folders on my harddrive.  Most of the time, I can right click on a program and click on Run As Administartor and the program will run.  That's the only way I can get a program to run, but doesn't work for every program.



#3 davidolson255

davidolson255
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:37 PM

Posted 13 September 2013 - 01:27 PM

Security Check Log

 

 Results of screen317's Security Check version 0.99.73  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java™ 6 Update 25  
 Java version out of Date! 
 Google Chrome 28.0.1500.95  
 Google Chrome 29.0.1547.57  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 7% 
````````````````````End of Log`````````````````````` 
 

FSS Log

 

Farbar Service Scanner Version: 05-09-2013
Ran by merysta (administrator) on 11-09-2013 at 23:51:30
Running from "C:\Dave"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. 
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****

 

MiniToolbox

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by merysta (administrator) on 11-09-2013 at 23:54:21
Running from "C:\Dave"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : merysta-laptop
   Primary Dns Suffix  . . . . . . . : workgroup
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : workgroup
   System Quarantine State . . . . . : Not Restricted
 
 
Wireless LAN adapter Wireless Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Belkin
   Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 44-6D-57-F8-E1-5C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host yahoo.com. Please check the name and try again.
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 2ms, Maximum = 2ms, Average = 2ms
===========================================================================
Interface List
 13...44 6d 57 f8 e1 5c ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\wogsevpi.dll [49664] ()
Catalog9 02 C:\Windows\SysWOW64\wogsevpi.dll [49664] ()
Catalog9 03 C:\Windows\SysWOW64\wogsevpi.dll [49664] ()
Catalog9 04 C:\Windows\SysWOW64\wogsevpi.dll [49664] ()
Catalog9 05 C:\Windows\SysWOW64\tycetgym.dll [49664] ()
Catalog9 06 C:\Windows\SysWOW64\tycetgym.dll [49664] ()
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\tycetgym.dll [49664] ()
Catalog9 18 C:\Windows\SysWOW64\wogsevpi.dll [49664] ()
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ================================
 
Could not start eventlog service, could not read events.
 
The Windows Event Log service is starting.
The Windows Event Log service could not be started.
 
A system error has occurred.
 
System error 5 has occurred.
 
Access is denied.
 
 
=========================== Installed Programs ============================
 
Adobe AIR (Version: 3.1.0.4880)
Adobe Creative Cloud (Version: 2.1.1.220)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Photoshop CC (Version: 14.0)
Adobe Reader X MUI (Version: 10.0.0)
AntiLogger SDK version 1.6.6.247 (Version: 1.6.6.247)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.3222)
AVG 2013 (Version: 13.0.3392)
AVG 2013 (Version: 2013.0.3392)
Bejeweled 3 (Version: 2.2.0.97)
Bonjour (Version: 3.0.0.10)
Constant Guard Protection Suite (Version: 1.13.820.2)
CoolBar Sample
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
FATE (Version: 2.2.0.97)
Google Chrome (Version: 29.0.1547.57)
Google Drive (Version: 1.11.4865.2530)
Google Talk Plugin (Version: 3.18.1.12731)
Google Update Helper (Version: 1.3.21.153)
HP Deskjet 3050 J610 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 3050 J610 series Help (Version: 140.0.63.63)
Intel® Manageability Engine Firmware Recovery Agent (Version: 1.0.0.35342)
Intel® Management Engine Components (Version: 8.0.3.1427)
Intel® Processor Graphics (Version: 8.15.10.2639)
Intel® Rapid Storage Technology (Version: 11.0.0.1032)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.1.209)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.4.1)
Java™ 6 Update 25 (Version: 6.0.250)
Junk Mail filter update (Version: 15.4.3502.0922)
Letters from Nowhere 2 (Version: 2.2.0.97)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 6.0 Enterprise Edition
Microsoft Web Publishing Wizard 1.53
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
nProtect Security Platform (Version: 3.00.0000)
Pando Media Booster (Version: 2.6.0.8)
PDF Settings CC (Version: 12.0)
Penguins! (Version: 2.2.0.98)
Picasa 3 (Version: 3.9)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Polar Bowler (Version: 2.2.0.97)
Premium Sound HD (Version: 1.12.1200)
Realtek Ethernet Controller Driver (Version: 7.48.823.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6597)
Realtek USB 2.0 Card Reader (Version: 6.1.7601.30130)
Realtek WLAN Driver (Version: 2.00.0016)
SeaTools for Windows (Version: 1.2.0.7)
Skype Click to Call (Version: 6.9.12585)
Skype™ 6.6 (Version: 6.6.106)
Synaptics Pointing Device Driver (Version: 15.3.38.2)
TeamViewer 8 (Version: 8.0.20202)
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.2)
TOSHIBA Assist (Version: 4.2.3.1)
Toshiba Book Place (Version: 3.0.9490)
TOSHIBA Bulletin Board (Version: 1.6.11.64)
TOSHIBA Disc Creator (Version: 2.1.0.11 for x64)
TOSHIBA eco Utility (Version: 1.3.10.64)
TOSHIBA Face Recognition (Version: 3.1.18.64)
TOSHIBA Hardware Setup (Version: 2.00.0019)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.11)
TOSHIBA Media Controller (Version: 1.0.87.5)
TOSHIBA Media Controller Plug-in (Version: 1.0.7.7)
Toshiba Online Backup (Version: 2.0.0.31)
TOSHIBA PC Health Monitor (Version: 1.7.15.64)
TOSHIBA Quality Application (Version: 1.0.4)
TOSHIBA Recovery Media Creator (Version: 2.1.6.52020009)
TOSHIBA ReelTime (Version: 1.7.21.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.2004)
Toshiba Security Dashboard (Version: 1.0.0.48)
TOSHIBA Service Station (Version: 2.2.13)
TOSHIBA Sleep Utility (Version: 1.4.0022.000104)
TOSHIBA Supervisor Password (Version: 2.00.0008)
TOSHIBA User's Guide (Version: 1.00.02)
TOSHIBA Value Added Package (Version: 1.6.0021.640203)
TOSHIBA Web Camera Application (Version: 2.0.3.33)
TOSHIBARegistration (Version: 1.0.9)
TurboTax 2012 (Version: 2012.0)
TurboTax 2012 wdeiper (Version: 012.000.1115)
TurboTax 2012 WinPerFedFormset (Version: 012.000.1767)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0402)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0164)
TurboTax 2012 wrapper (Version: 012.000.0127)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
WildTangent Games (Version: 1.0.3.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
 
========================= Devices: ================================
 
Could not list devices.
 
========================= Memory info: ===================================
 
Percentage of memory in use: 46%
Total physical RAM: 3985.8 MB
Available physical RAM: 2144.31 MB
Total Pagefile: 7969.79 MB
Available Pagefile: 6130.38 MB
Total Virtual: 4095.88 MB
Available Virtual: 3959.71 MB
 
========================= Partitions: =====================================
 
1 Drive c: (TI106400W0E) (Fixed) (Total:581 GB) (Free:522.32 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\MERYSTA-LAPTOP
 
Administrator            Guest                    merysta                  
VUSR_MERYSTA-LAPTOP      VUSR_MERYSTAOLSON-PC     
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
Could not list Restore Points.
 
**** End of log ****
 

 

Malwarebytes Rootkit

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1005
www.malwarebytes.org
 
Database version: v2013.07.26.06
 
Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 10.0.9200.16660
merysta :: MERYSTA-LAPTOP [administrator]
 
9/11/2013 9:19:55 PM
mbar-log-2013-09-11 (21-19-55).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 268363
Time elapsed: 24 minute(s), 1 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 1
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Replace on reboot.
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 

 

Malware Rootkit

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
System is currently in a safe mode
 
Account is Administrative
 
Internet Explorer version: 10.0.9200.16660
 
Java version: 1.6.0_25
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 4179419136, free: 3517669376
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
System is currently in a safe mode
 
Account is Administrative
 
Internet Explorer version: 10.0.9200.16660
 
Java version: 1.6.0_25
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 4179419136, free: 3529179136
 
DNS error
=======================================
Initializing...
------------ Kernel report ------------
     09/11/2013 21:19:52
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\pciide.sys
\SystemRoot\system32\DRIVERS\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\DRIVERS\msahci.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\TVALZ_O.SYS
\SystemRoot\system32\DRIVERS\tos_sps64.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx64.sys
\SystemRoot\system32\DRIVERS\avgloga.sys
\SystemRoot\system32\DRIVERS\avgmfx64.sys
\SystemRoot\system32\DRIVERS\avgidsha.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx64.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\KeyCrypt64.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\tdcmdpst.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\TVALZFL.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\Drivers\RtsUStor.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\framebuf.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\fastfat.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\rpcrt4.dll
\Windows\System32\msctf.dll
\Windows\System32\setupapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\psapi.dll
\Windows\System32\difxapi.dll
\Windows\System32\user32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\urlmon.dll
\Windows\System32\usp10.dll
\Windows\System32\imagehlp.dll
\Windows\System32\ole32.dll
\Windows\System32\nsi.dll
\Windows\System32\shell32.dll
\Windows\System32\imm32.dll
\Windows\System32\comdlg32.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa8007ff1570
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000096\
Lower Device Object: 0xfffffa8007ddab60
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8006256790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa800625a050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8006256790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8004f1db90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8006256790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800625a050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: F2B634C
 
Partition information:
 
    Partition 0 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 3072000
 
    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 3074048  Numsec = 1218445312
    Partition file system is NTFS
    Partition is bootable
 
    Partition 2 type is HIDDEN (0x17)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1221519360  Numsec = 28743680
    Partition is not bootable
Hidden partition VBR is not infected.
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 640135028736 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1250243728-1250263728)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa8007ff1570, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007e2f040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007ff1570, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007ddab60, DeviceName: \Device\00000096\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C3072E18
 
Partition information:
 
    Partition 0 type is Other (0x4)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 32  Numsec = 2030560
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 1039663104 bytes
Sector size: 512 bytes
 
Done!
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowMyComputer --> [PUM.Hijack.StartMenu]
Scan finished
Creating System Restore point...
Could not create restore point...
Cleaning up...
Removal successful. No system shutdown is required.
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_1_3074048_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_2_1221519360_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 10.0.9200.16660
 
Java version: 1.6.0_25
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 4179419136, free: 2995187712
 
=======================================
 

RKILL Log

 

Rkill 2.6.1 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 09/11/2013 09:56:59 PM in x64 mode. (Safe Mode)
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Users\merysta\AppData\Local\Temp\PROCEXP64.exe (PID: 1676) [T-HEUR]
 * C:\Windows\system32\notepad.exe (PID: 1064) [WD-HEUR]
 
2 proccesses terminated!
 
Possibly Patched Files.
 
 * C:\Windows\system32\csrss.exe
 * C:\Windows\system32\csrss.exe
 * C:\Windows\system32\wininit.exe
 * C:\Windows\system32\winlogon.exe
 * C:\Windows\system32\services.exe
 * C:\Windows\system32\lsass.exe
 * C:\Windows\system32\lsm.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\Explorer.EXE
 * C:\Windows\system32\ctfmon.exe
 * C:\Windows\system32\conhost.exe
 
Checking Registry for malware related settings:
 
 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]
 * taskmgr.exe debugger. [IFEO Debugger Deleted]
 
Backup Registry file created at:
 C:\Users\merysta\Desktop\rkill\rkill-09-11-2013-09-59-37.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * Base Filtering Engine (BFE) is not Running.
   Startup Type set to: Automatic
 
 * DHCP Client (Dhcp) is not Running.
   Startup Type set to: Automatic
 
 * DNS Client (Dnscache) is not Running.
   Startup Type set to: Automatic
 
 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Automatic
 
 * Windows Firewall (MpsSvc) is not Running.
   Startup Type set to: Automatic
 
 * Network Connections (Netman) is not Running.
   Startup Type set to: Manual
 
 * Network Store Interface Service (nsi) is not Running.
   Startup Type set to: Automatic
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
 * Ancillary Function Driver for Winsock (AFD) is not Running.
   Startup Type set to: System
 
 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual
 
 * NetBT (NetBT) is not Running.
   Startup Type set to: System
 
 * NSI proxy service driver. (nsiproxy) is not Running.
   Startup Type set to: System
 
 * NetIO Legacy TDI Support Driver (tdx) is not Running.
   Startup Type set to: System
 
Searching for Missing Digital Signatures: 
 
 * C:\Windows\System32\browser.dll : 136,704 : 07/04/2012 06:13 PM : 05f5a0d14a2ee1d8255c2aa0e9e8e694 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17514_none_d70f2c28b49dffae\browser.dll : 136,192 : 11/20/2010 11:24 PM : 8ef0d5c41ec907751b8429162b1239ed [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17887_none_d6c68344b4d406bf\browser.dll : 136,704 : 07/04/2012 06:13 PM : 05f5a0d14a2ee1d8255c2aa0e9e8e694 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.22044_none_d7783703cdd41e02\browser.dll : 136,704 : 07/04/2012 06:06 PM : 156768abae1daf29ba0b0c05c21fef09 [Pos Repl]
 
 * C:\Windows\System32\cngaudit.dll : 18,944 : 07/13/2009 09:40 PM : 86fe1b1f8fd42cd0db641ab1cdb13093 [NoSig]
 +-> C:\Windows\SysWOW64\cngaudit.dll : 12,288 : 07/13/2009 09:15 PM : 50ba656134f78af64e4dd3c8b6fefd7e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll : 18,944 : 07/13/2009 09:40 PM : 86fe1b1f8fd42cd0db641ab1cdb13093 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll : 12,288 : 07/13/2009 09:15 PM : 50ba656134f78af64e4dd3c8b6fefd7e [Pos Repl]
 
 * C:\Windows\System32\comctl32.dll : 633,856 : 11/20/2010 11:24 PM : 14dfdeaf4e589ed3f1ff187a86b9408c [NoSig]
 +-> C:\Windows\SysWOW64\comctl32.dll : 530,432 : 11/20/2010 11:23 PM : bdac1aa64495d0f7e1ff810ebbf1f018 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_97c2246fee970dbb\comctl32.dll : 633,856 : 11/20/2010 11:24 PM : 14dfdeaf4e589ed3f1ff187a86b9408c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll : 633,856 : 11/20/2010 11:24 PM : 14dfdeaf4e589ed3f1ff187a86b9408c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll : 2,030,080 : 11/20/2010 11:23 PM : 7fa8fdc2c2a27817fd0f624e78d3b50c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_3ba388ec36399c85\comctl32.dll : 530,432 : 11/20/2010 11:23 PM : bdac1aa64495d0f7e1ff810ebbf1f018 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll : 530,432 : 11/20/2010 11:24 PM : bdac1aa64495d0f7e1ff810ebbf1f018 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll : 1,680,896 : 11/20/2010 11:23 PM : 352b3dc62a0d259a82a052238425c872 [Pos Repl]
 
 * C:\Windows\System32\comres.dll : 1,297,408 : 07/13/2009 09:26 PM : 1a47d52e303b7543e4e6026595b95422 [NoSig]
 +-> C:\Windows\SysWOW64\comres.dll : 1,297,408 : 07/13/2009 09:04 PM : 808d8a8b2a3074002852bc856d419576 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_88a5cc7effe2dfca\comres.dll : 1,297,408 : 07/13/2009 09:26 PM : 1a47d52e303b7543e4e6026595b95422 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_2c8730fb47856e94\comres.dll : 1,297,408 : 07/13/2009 09:04 PM : 808d8a8b2a3074002852bc856d419576 [Pos Repl]
 
 * C:\Windows\System32\conhost.exe : 338,432 : 11/29/2012 11:23 PM : 1bcdb508143b517f21bbdac10f5777bf [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17514_none_d281ccc018b94ff4\conhost.exe : 337,920 : 11/20/2010 11:23 PM : bd51024fb014064bc9fe8c715c18392f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17641_none_d25e5e0418d454e9\conhost.exe : 338,432 : 06/24/2011 01:25 AM : 448bf22538f1dfcb3412ae2b1cf123a9 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17932_none_d26a33ec18cb49c4\conhost.exe : 338,432 : 08/20/2012 02:46 PM : 402b44b31c7183fcf2c4e1083af317fa [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17965_none_d24cc50618e0e99c\conhost.exe : 338,432 : 10/04/2012 11:21 AM : 3326166011c9bc13d6a8efd856e9921c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.18015_none_d282acc418b89129\conhost.exe : 338,432 : 11/29/2012 11:23 PM : 1bcdb508143b517f21bbdac10f5777bf [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.21756_none_d2e22c5531f58f57\conhost.exe : 338,432 : 06/24/2011 01:18 AM : e86156efe7acd220dc5e705f1f735e05 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.22091_none_d2b1c721321aadf8\conhost.exe : 338,432 : 08/20/2012 02:20 PM : da688fe245286a540e394e315f19dae4 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.22125_none_d30179a331de4ce4\conhost.exe : 338,432 : 10/04/2012 11:18 AM : d1f53bedd4c2288af00142f74928ee0e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.22177_none_d2cd6a9b32050b47\conhost.exe : 338,432 : 11/30/2012 01:49 AM : b19b30e594ee374c69f71dad26198400 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.22209_none_d31b1c8931ca7785\conhost.exe : 338,432 : 01/03/2013 11:17 PM : a31ed9834a85e049585f95413a30c755 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.22379_none_d2cf6efb32033843\conhost.exe : 338,432 : 07/07/2013 11:12 PM : 1405589128012abf97cdaa99073d4fd0 [Pos Repl]
 
 * C:\Windows\System32\cryptsvc.dll : 184,320 : 07/09/2013 01:46 AM : 6b400f211bee880a37a1ed0368776bf4 [NoSig]
 +-> C:\Windows\SysWOW64\cryptsvc.dll : 140,288 : 07/09/2013 00:46 AM : 7ca1becea5de2643addad32670e7a4c9 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll : 177,152 : 11/20/2010 11:24 PM : 15597883fbe9b056f276ada3ad87d9af [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll : 184,320 : 04/24/2012 01:37 AM : 4f5414602e2544a4554d95517948b705 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll : 184,320 : 06/02/2012 01:41 AM : 9c01375be382e834cc26d1b7eaf2c4fe [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll : 184,320 : 05/10/2013 01:49 AM : 7fdc4626b01106a8ef328c88c7c0dee3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll : 184,320 : 05/13/2013 01:51 AM : d8129c49798cbbfb2e4351d4b7b8ef9c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll : 184,320 : 07/09/2013 01:46 AM : 6b400f211bee880a37a1ed0368776bf4 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll : 186,880 : 04/24/2012 01:22 AM : b7337e9c9e5936355bb700aa33e0936e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll : 186,880 : 06/04/2012 03:52 AM : 7e7d2dacf65d750d466f36bd3d09ae20 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll : 186,880 : 05/10/2013 01:18 AM : ca13c4f92bee66db48e58ab3223ddf6e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll : 186,880 : 05/11/2013 01:18 AM : 8122252f0a4acfa92fa0c1d50d18493b [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll : 186,880 : 07/09/2013 10:47 AM : 434cce8e7150cd1324c5faa088d1d061 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll : 136,192 : 11/20/2010 11:24 PM : a585bebf7d054bd9618eda0922d5484a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll : 140,288 : 04/24/2012 00:36 AM : 06e771aa596b8761107ab57e99f128d7 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll : 140,288 : 06/02/2012 00:36 AM : 96c0e38905cfd788313be8e11dae3f2f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll : 140,288 : 05/10/2013 00:49 AM : 33adf6e0853ab39ea1723be82842c1d3 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll : 140,288 : 05/13/2013 00:45 AM : 3897dff247d9ed0006190349de264e14 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll : 140,288 : 07/09/2013 00:46 AM : 7ca1becea5de2643addad32670e7a4c9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll : 142,336 : 04/24/2012 00:28 AM : 21993009e0ccb9b4fa195f14d3408626 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll : 142,336 : 06/02/2012 00:52 AM : 063dd65889d21035311463337bd268e7 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll : 142,848 : 05/10/2013 01:06 AM : e122aa1c9a3cc46ff9ddde46e5eb0c58 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll : 142,848 : 05/11/2013 00:59 AM : ac04d05309bb2c418d0d80b9fb014642 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll : 142,848 : 07/09/2013 09:57 AM : 6db499defcc827317c5371164a7cdb27 [Pos Repl]
 
 * C:\Windows\System32\csrss.exe : 7,680 : 07/13/2009 09:39 PM : 60c2862b4bf0fd9f582ef344c2b1ec72 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe : 7,680 : 07/13/2009 09:39 PM : 60c2862b4bf0fd9f582ef344c2b1ec72 [Pos Repl]
 
 * C:\Windows\System32\ctfmon.exe : 9,728 : 07/13/2009 09:39 PM : 42b6a94dd747df2b5f628a2752e62a98 [NoSig]
 +-> C:\Windows\SysWOW64\ctfmon.exe : 8,704 : 07/13/2009 09:14 PM : 4a3cdcef8ed41b221f3dbef5792fb52d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe : 9,728 : 07/13/2009 09:39 PM : 42b6a94dd747df2b5f628a2752e62a98 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe : 8,704 : 07/13/2009 09:14 PM : 4a3cdcef8ed41b221f3dbef5792fb52d [Pos Repl]
 
 * C:\Windows\System32\d3d8thk.dll : 12,288 : 07/13/2009 09:40 PM : 3044d07abdf4bbea27e2ee7b1e0c0c65 [NoSig]
 +-> C:\Windows\SysWOW64\d3d8thk.dll : 11,264 : 07/13/2009 09:15 PM : 77b1471a490b53b24efe136f09f76550 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_207372147765c03a\d3d8thk.dll : 12,288 : 07/13/2009 09:40 PM : 3044d07abdf4bbea27e2ee7b1e0c0c65 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_c454d690bf084f04\d3d8thk.dll : 11,264 : 07/13/2009 09:15 PM : 77b1471a490b53b24efe136f09f76550 [Pos Repl]
 
 * C:\Windows\System32\d3d9.dll : 2,067,456 : 11/20/2010 11:24 PM : 4c3daee652b005b483f16b8e9131c99d [NoSig]
 +-> C:\Windows\SysWOW64\d3d9.dll : 1,828,352 : 11/20/2010 11:24 PM : 6ef5f3f18413c367195f06e503ab86a6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_207372147765c03a\d3d9.dll : 2,067,456 : 11/20/2010 11:24 PM : 4c3daee652b005b483f16b8e9131c99d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_c454d690bf084f04\d3d9.dll : 1,828,352 : 11/20/2010 11:24 PM : 6ef5f3f18413c367195f06e503ab86a6 [Pos Repl]
 
 * C:\Windows\System32\ddraw.dll : 569,344 : 07/13/2009 09:40 PM : a6c09924c6730de8deed9890a12aa691 [NoSig]
 +-> C:\Windows\SysWOW64\ddraw.dll : 531,968 : 07/13/2009 09:15 PM : 198552aefeca69d646867ec8d792de95 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.1.7600.16385_none_60fa9493d9b24564\ddraw.dll : 569,344 : 07/13/2009 09:40 PM : a6c09924c6730de8deed9890a12aa691 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.1.7600.16385_none_04dbf9102154d42e\ddraw.dll : 531,968 : 07/13/2009 09:15 PM : 198552aefeca69d646867ec8d792de95 [Pos Repl]
 
 * C:\Windows\System32\dllhost.exe : 9,728 : 07/13/2009 09:39 PM : a8edb86fc2a4d6d1285e4c70384ac35a [NoSig]
 +-> C:\Windows\SysWOW64\dllhost.exe : 7,168 : 07/13/2009 09:14 PM : a63dc5c2ea944e6657203e0c8edeaf61 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_a018e05d0d33081d\dllhost.exe : 9,728 : 07/13/2009 09:39 PM : a8edb86fc2a4d6d1285e4c70384ac35a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_43fa44d954d596e7\dllhost.exe : 7,168 : 07/13/2009 09:14 PM : a63dc5c2ea944e6657203e0c8edeaf61 [Pos Repl]
 
 * C:\Windows\System32\dsound.dll : 540,672 : 07/13/2009 09:40 PM : 9110ffad124283f37d38771bb60556af [NoSig]
 +-> C:\Windows\SysWOW64\dsound.dll : 453,632 : 07/13/2009 09:15 PM : 0e85c11f8850d524b02181c6e02ba9ae [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-audio-dsound_31bf3856ad364e35_6.1.7600.16385_none_b490afff5b93e5a7\dsound.dll : 540,672 : 07/13/2009 09:40 PM : 9110ffad124283f37d38771bb60556af [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.1.7600.16385_none_5872147ba3367471\dsound.dll : 453,632 : 07/13/2009 09:15 PM : 0e85c11f8850d524b02181c6e02ba9ae [Pos Repl]
 
 * C:\Windows\System32\dwm.exe : 120,320 : 07/13/2009 09:39 PM : f162d5f5e845b9dc352dd1bad8cef1bc [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_ebc99983d3d18578\dwm.exe : 120,320 : 07/13/2009 09:39 PM : f162d5f5e845b9dc352dd1bad8cef1bc [Pos Repl]
 
 * C:\Windows\System32\es.dll : 402,944 : 07/13/2009 09:40 PM : 4166f82be4d24938977dd1746be9b8a0 [NoSig]
 +-> C:\Windows\SysWOW64\es.dll : 271,360 : 07/13/2009 09:15 PM : f6916efc29d9953d5d0df06882ae8e16 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll : 402,944 : 07/13/2009 09:40 PM : 4166f82be4d24938977dd1746be9b8a0 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll : 271,360 : 07/13/2009 09:15 PM : f6916efc29d9953d5d0df06882ae8e16 [Pos Repl]
 
 * C:\Windows\System32\hid.dll : 30,208 : 07/13/2009 09:41 PM : 896f15a6434d93edb42519d5e18e6b50 [NoSig]
 +-> C:\Windows\SysWOW64\hid.dll : 22,016 : 07/13/2009 09:15 PM : 63df770df74acb370ef5a16727069aaf [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-hid-user_31bf3856ad364e35_6.1.7600.16385_none_32a13a14a11faede\hid.dll : 30,208 : 07/13/2009 09:41 PM : 896f15a6434d93edb42519d5e18e6b50 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-hid-user_31bf3856ad364e35_6.1.7600.16385_none_3cf5e466d58070d9\hid.dll : 22,016 : 07/13/2009 09:15 PM : 63df770df74acb370ef5a16727069aaf [Pos Repl]
 
 * C:\Windows\System32\hnetcfg.dll : 424,448 : 07/13/2009 09:41 PM : 3b367397320c26dba890b260f80d1b1b [NoSig]
 +-> C:\Windows\SysWOW64\hnetcfg.dll : 288,256 : 07/13/2009 09:15 PM : 6383c60ec0133b14f5705f96369421b2 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.1.7600.16385_none_0c2b375bae4a8d38\hnetcfg.dll : 424,448 : 07/13/2009 09:41 PM : 3b367397320c26dba890b260f80d1b1b [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.1.7600.16385_none_167fe1ade2ab4f33\hnetcfg.dll : 288,256 : 07/13/2009 09:15 PM : 6383c60ec0133b14f5705f96369421b2 [Pos Repl]
 
 * C:\Windows\System32\ias.dll : 26,624 : 07/13/2009 09:41 PM : 39415b10172c431f5ab87488d79e9dc4 [NoSig]
 +-> C:\Windows\SysWOW64\ias.dll : 19,456 : 07/13/2009 09:15 PM : a1e91b5b5273573fc132b683e550b5e6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.1.7601.17514_none_5726e0135925cd59\ias.dll : 26,624 : 07/13/2009 09:41 PM : 39415b10172c431f5ab87488d79e9dc4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.1.7601.17514_none_fb08448fa0c85c23\ias.dll : 19,456 : 07/13/2009 09:15 PM : a1e91b5b5273573fc132b683e550b5e6 [Pos Repl]
 
 * C:\Windows\System32\imm32.dll : 167,424 : 07/13/2009 09:41 PM : aa2c08ce85653b1a0d2e4ab407fa176c [NoSig]
 +-> C:\Windows\SysWOW64\imm32.dll : 119,808 : 11/20/2010 11:24 PM : a6f09e5669d9a19035f6d942caa15882 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_b84b0fbd941c03a9\imm32.dll : 167,424 : 07/13/2009 09:41 PM : aa2c08ce85653b1a0d2e4ab407fa176c [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7601.17514_none_c4d0cdd7c56b493e\imm32.dll : 119,808 : 11/20/2010 11:24 PM : a6f09e5669d9a19035f6d942caa15882 [Pos Repl]
 
 * C:\Windows\System32\ipsecsvc.dll : 501,248 : 11/20/2010 11:23 PM : 4f15d75adf6156bf56eced6d4a55c389 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-n..-domain-clients-svc_31bf3856ad364e35_6.1.7601.17514_none_a2347d4102a4c8ad\IPSECSVC.DLL : 501,248 : 11/20/2010 11:23 PM : 4f15d75adf6156bf56eced6d4a55c389 [Pos Repl]
 
 * C:\Windows\System32\kernel32.dll : 1,161,216 : 11/30/2012 01:41 AM : 65c113214f7b05820f6d8a65b1485196 [NoSig]
 +-> C:\Windows\SysWOW64\kernel32.dll : 1,114,112 : 11/30/2012 00:53 AM : ac0b6f41882fc6ed186962d770ebf1d2 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll : 1,161,216 : 11/20/2010 11:24 PM : 7a6326d96d53048fdec542df23d875a0 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_f1b5ac086d0e33d5\kernel32.dll : 1,162,752 : 07/16/2011 01:37 AM : b9b42a302325537d7b9dc52d47f33a73 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_f1cc51dc6cfd0cbf\kernel32.dll : 1,162,240 : 08/20/2012 02:48 PM : eaf41cfba5281834cbc383c710ac7965 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_f1aee2f66d12ac97\kernel32.dll : 1,161,216 : 10/04/2012 01:41 PM : 1dc3504ca4c57900f1557e9a3f01d272 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_f1e4cab46cea5424\kernel32.dll : 1,161,216 : 11/30/2012 01:41 AM : 65c113214f7b05820f6d8a65b1485196 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_f22aa945863b24d8\kernel32.dll : 1,163,264 : 07/16/2011 01:28 AM : 27ac02d8ee4c02e7648c41cb880151da [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_f213e511864c70f3\kernel32.dll : 1,163,264 : 08/20/2012 02:24 PM : 624b34180c79d67c470c155db81ffb8e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_f263979386100fdf\kernel32.dll : 1,162,240 : 10/04/2012 01:37 PM : f3c594d0da3acfa6c7b781a490ab4282 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_f22f888b8636ce42\kernel32.dll : 1,163,264 : 11/30/2012 01:52 AM : b3bea6420d482356e53b7c728e05c637 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_f27d3a7985fc3a80\kernel32.dll : 1,162,240 : 01/04/2013 01:36 AM : b844114b247d8ef1e5e4e93a282d2e6f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22379_none_f2318ceb8634fb3e\kernel32.dll : 1,162,240 : 07/08/2013 01:14 AM : 38e54d419a2962e24d35d868e4724ae7 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_fc389502a14bd4ea\kernel32.dll : 837,632 : 11/20/2010 11:24 PM : e80758cf485db142fca1ee03a34ead05 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_fc0a565aa16ef5d0\kernel32.dll : 1,114,112 : 07/16/2011 00:24 AM : 99c3f8e9cc59d95666eb8d8a8b4c2beb [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_fc20fc2ea15dceba\kernel32.dll : 1,114,112 : 08/20/2012 01:37 PM : 9b98d47916ead4f69ef51b56b0c2323c [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_fc038d48a1736e92\kernel32.dll : 1,114,112 : 10/04/2012 12:47 AM : d4f3176082566cefa633b4945802d4c4 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_fc397506a14b161f\kernel32.dll : 1,114,112 : 11/30/2012 00:53 AM : ac0b6f41882fc6ed186962d770ebf1d2 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_fc7f5397ba9be6d3\kernel32.dll : 1,114,112 : 07/16/2011 00:49 AM : d3cb12854171df61d117d7c2bf22c675 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_fc688f63baad32ee\kernel32.dll : 1,114,112 : 08/20/2012 01:31 PM : 305681b4b695d4a888b941965ffc2c17 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_fcb841e5ba70d1da\kernel32.dll : 1,114,112 : 10/04/2012 12:36 AM : 5fa395364ee727e4bee6b1406c207f98 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_fc8432ddba97903d\kernel32.dll : 1,114,112 : 11/30/2012 00:57 AM : 9cc2571e3646b9a24296ad7adcc71682 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_fcd1e4cbba5cfc7b\kernel32.dll : 1,114,112 : 01/04/2013 00:52 AM : 7e55988f5cb3ba67e2732370e8d71bbb [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22379_none_fc86373dba95bd39\kernel32.dll : 1,114,112 : 07/08/2013 01:05 AM : 2997a7bc59e3eefe8e86d1b0f3a3d748 [Pos Repl]
 
 * C:\Windows\System32\ksuser.dll : 5,120 : 07/13/2009 09:41 PM : 8560fffc8eb3a806dcd4f82252cfc8c6 [NoSig]
 +-> C:\Windows\SysWOW64\ksuser.dll : 4,608 : 07/13/2009 09:15 PM : 9c67f6bbda3881cfd02095160cf91576 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7601.17514_none_4627a1cbadebced2\ksuser.dll : 5,120 : 07/13/2009 09:41 PM : 8560fffc8eb3a806dcd4f82252cfc8c6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7601.17514_none_ea090647f58e5d9c\ksuser.dll : 4,608 : 07/13/2009 09:15 PM : 9c67f6bbda3881cfd02095160cf91576 [Pos Repl]
 
 * C:\Windows\System32\linkinfo.dll : 29,696 : 07/13/2009 09:41 PM : a0a65d306a5490d2eb8e7de66898ecfd [NoSig]
 +-> C:\Windows\SysWOW64\linkinfo.dll : 22,016 : 07/13/2009 09:15 PM : 5987ea8a82c53359bcd2c29d6588583e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_945a23c3bf051859\linkinfo.dll : 29,696 : 07/13/2009 09:41 PM : a0a65d306a5490d2eb8e7de66898ecfd [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_9eaece15f365da54\linkinfo.dll : 22,016 : 07/13/2009 09:15 PM : 5987ea8a82c53359bcd2c29d6588583e [Pos Repl]
 
 * C:\Windows\System32\lpk.dll : 41,984 : 07/13/2009 09:41 PM : d202223587518b13d72d68937b7e3f70 [NoSig]
 +-> C:\Windows\SysWOW64\lpk.dll : 25,600 : 07/13/2009 09:11 PM : 384721ef4024890092625e20cadfaf85 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_07f91de77125e78d\lpk.dll : 41,984 : 07/13/2009 09:41 PM : d202223587518b13d72d68937b7e3f70 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17563_none_07c20e01714f59eb\lpk.dll : 41,984 : 07/13/2009 09:41 PM : d202223587518b13d72d68937b7e3f70 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17991_none_079fa54171696fac\lpk.dll : 41,984 : 07/13/2009 09:41 PM : d202223587518b13d72d68937b7e3f70 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18032_none_07e15d357138149f\lpk.dll : 41,984 : 07/13/2009 09:41 PM : d202223587518b13d72d68937b7e3f70 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21664_none_084cab168a6c130c\lpk.dll : 41,984 : 07/13/2009 09:41 PM : d202223587518b13d72d68937b7e3f70 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22153_none_08565a728a6505a2\lpk.dll : 41,984 : 07/13/2009 09:41 PM : d202223587518b13d72d68937b7e3f70 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_082d1b568a83a814\lpk.dll : 41,984 : 07/13/2009 09:41 PM : d202223587518b13d72d68937b7e3f70 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_124dc839a586a988\lpk.dll : 25,600 : 07/13/2009 09:11 PM : 384721ef4024890092625e20cadfaf85 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17563_none_1216b853a5b01be6\lpk.dll : 25,600 : 07/13/2009 09:11 PM : 384721ef4024890092625e20cadfaf85 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17991_none_11f44f93a5ca31a7\lpk.dll : 25,600 : 07/13/2009 09:11 PM : 384721ef4024890092625e20cadfaf85 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18032_none_12360787a598d69a\lpk.dll : 25,600 : 07/13/2009 09:11 PM : 384721ef4024890092625e20cadfaf85 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21664_none_12a15568beccd507\lpk.dll : 25,600 : 07/13/2009 09:11 PM : 384721ef4024890092625e20cadfaf85 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22153_none_12ab04c4bec5c79d\lpk.dll : 25,600 : 07/13/2009 09:11 PM : 384721ef4024890092625e20cadfaf85 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_1281c5a8bee46a0f\lpk.dll : 25,600 : 07/13/2009 09:11 PM : 384721ef4024890092625e20cadfaf85 [Pos Repl]
 
 * C:\Windows\System32\lsass.exe : 31,232 : 11/17/2011 02:33 AM : c118a82cd78818c29ab228366ebf81c3 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe : 31,232 : 07/13/2009 09:39 PM : 0793f40b9b8a1bdd266296409dbd91ea [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe : 31,232 : 11/17/2011 02:33 AM : c118a82cd78818c29ab228366ebf81c3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe : 31,232 : 11/17/2011 02:33 AM : c118a82cd78818c29ab228366ebf81c3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe : 31,232 : 11/17/2011 02:20 AM : 0a10b74fbb437ff9a23f1d5de4446a83 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe : 31,232 : 06/04/2012 03:51 AM : 79c908caa6f43021eb05f4c733a927d1 [Pos Repl]
 
 * C:\Windows\System32\lsm.exe : 343,040 : 11/20/2010 11:23 PM : 9662ee182644511439f1c53745dc1c88 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..localsessionmanager_31bf3856ad364e35_6.1.7601.17514_none_036ad230212a39ce\lsm.exe : 343,040 : 11/20/2010 11:23 PM : 9662ee182644511439f1c53745dc1c88 [Pos Repl]
 
 * C:\Windows\System32\midimap.dll : 20,480 : 07/13/2009 09:41 PM : ca2a0750ed830678997695ff61b04c30 [NoSig]
 +-> C:\Windows\SysWOW64\midimap.dll : 16,896 : 07/13/2009 09:15 PM : 5a12c364ad1d4fcc0ad0e56dbbc34462 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.1.7600.16385_none_e8f2b9ab2a40e84d\midimap.dll : 20,480 : 07/13/2009 09:41 PM : ca2a0750ed830678997695ff61b04c30 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.1.7600.16385_none_8cd41e2771e37717\midimap.dll : 16,896 : 07/13/2009 09:15 PM : 5a12c364ad1d4fcc0ad0e56dbbc34462 [Pos Repl]
 
 * C:\Windows\System32\mshtml.dll : 19,239,424 : 07/26/2013 01:12 AM : 396889142bd839db8a055a0be0ad2f79 [NoSig]
 +-> C:\Windows\SysWOW64\mshtml.dll : 14,329,344 : 07/25/2013 11:12 PM : e631b408882f8320739f6e0caf444397 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16576_none_91213bba929917b7\mshtml.dll : 19,231,232 : 05/29/2013 04:57 AM : c56ef4c50a1feed0cc9b7ae068cbbbbb [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16614_none_911097a292a6685c\mshtml.dll : 19,233,792 : 05/16/2013 08:58 PM : 945c49fa10b96570dfe37cfb145a1d10 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16618_none_91103c8292a6cee0\mshtml.dll : 19,233,792 : 06/08/2013 10:07 AM : 5c41af3f4b83340d2783ce8fde30566a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16635_none_9112816e92a4b4ab\mshtml.dll : 19,238,912 : 06/11/2013 07:25 PM : 9586ec4e1cc39ccba26a5e7dfe774c9e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16660_none_9115f43492a1808b\mshtml.dll : 19,239,424 : 07/26/2013 01:12 AM : 396889142bd839db8a055a0be0ad2f79 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20719_none_7a37af32ac566427\mshtml.dll : 19,480,576 : 05/16/2013 09:34 PM : dbb793d8b7ed6747f121d5831e749b6a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20723_none_7a39382cac54e3b8\mshtml.dll : 19,479,552 : 06/08/2013 08:23 AM : d8fea3117bea18064da7f0668fa94f38 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20742_none_7a3b4f88ac52fcc5\mshtml.dll : 19,482,112 : 06/12/2013 01:10 AM : 884691f819503dd2191a2641cc827a52 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20768_none_7a3cc76cac51c939\mshtml.dll : 19,482,112 : 07/25/2013 11:59 PM : 865eb4e69daf2de052e8d020f4f7d313 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_8c235f42afcafdda\mshtml.dll : 8,988,160 : 11/20/2010 11:24 PM : 1c8b787baa52dead1a6fec1502d652f0 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16421_none_87e150ddf4cd3dc7\mshtml.dll : 17,773,056 : 04/01/2012 10:32 PM : 82682ba2df50b94cd798b8315b3f7896 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16441_none_87cbb105f4dd75a9\mshtml.dll : 17,790,464 : 12/14/2011 03:43 AM : e61288581ad9e647abefb1489b250b5c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16448_none_87d2b30bf4d7270a\mshtml.dll : 17,809,920 : 06/29/2012 00:55 AM : 8415f4792d7bc07be328df56fe32045a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16450_none_87bfe0cff4e67843\mshtml.dll : 17,810,944 : 08/24/2012 07:15 AM : f244da6dd2c365abafd076222c22c2be [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16455_none_87c4e241f4e1f6f6\mshtml.dll : 17,811,968 : 10/08/2012 08:19 AM : 6d4f838e72eeeb3d6fb16a5a45632560 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16457_none_87c6e2d5f4e029a4\mshtml.dll : 17,811,968 : 11/14/2012 03:06 AM : cff3c4abdcc5356b0674743bdf0fb674 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16464_none_87b9120bf4eaf990\mshtml.dll : 17,812,992 : 01/08/2013 09:48 PM : 14deb733acb08a71cc0783ed02ff1f8d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16470_none_87aa40f7f4f6b025\mshtml.dll : 17,815,040 : 02/02/2013 03:31 AM : 460723a080d6f22e56d45bc8c1f15b2a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16476_none_87b042b3f4f1482f\mshtml.dll : 17,817,088 : 02/22/2013 02:57 AM : 1154fefc73880a2ef44295ef0dbdc59f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16483_none_87a271e9f4fc181b\mshtml.dll : 17,818,624 : 04/04/2013 09:51 PM : f63d8615292792d36edf24913636685d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16484_none_87a37233f4fb3172\mshtml.dll : 17,818,624 : 05/05/2013 05:36 PM : 7212340908e00ad2f28e58ea04ceb852 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20546_none_885a4f430df69426\mshtml.dll : 17,790,464 : 12/14/2011 02:57 AM : 153963f44a26a7840acdf52c2cd1b9dc [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20554_none_884d7ec30e007d69\mshtml.dll : 17,809,920 : 06/28/2012 10:39 PM : c4de0e2b31f60acb15e6b4154e26298a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20557_none_88507fa10dfdc96e\mshtml.dll : 17,810,944 : 08/24/2012 06:40 AM : 522a528c296a9aef3f0c289ff7093315 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20562_none_8840ae430e0a66ac\mshtml.dll : 17,812,992 : 10/08/2012 06:58 AM : 1fb8062d4c3a4c7b8eca7bbd1e743000 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20565_none_8843af210e07b2b1\mshtml.dll : 17,811,968 : 11/14/2012 00:57 AM : 5024cacd183e4c0fccde6db8a38eec7b [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20573_none_8836dea10e119bf4\mshtml.dll : 17,814,528 : 01/08/2013 08:46 PM : b6c5bc6d4e1d79cb8df107112a9f37cb [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20580_none_88290dd70e1c6be0\mshtml.dll : 17,815,040 : 02/02/2013 04:04 AM : 1cd82d510d370cb04bb6bd1c660aa96f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20586_none_882f0f930e1703ea\mshtml.dll : 17,817,600 : 02/22/2013 03:12 AM : 0e860bf2bcddd94202a6ab9a10ee95eb [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20593_none_88213ec90e21d3d6\mshtml.dll : 17,818,624 : 04/04/2013 08:33 PM : 43fef944ff64be0354a5c129c98eb13d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20594_none_88223f130e20ed2d\mshtml.dll : 17,819,136 : 05/05/2013 06:35 PM : e139a28843f52f383d414bf0aaef6ce4 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16576_none_9b75e60cc6f9d9b2\mshtml.dll : 14,323,712 : 05/29/2013 04:57 AM : 7a468bc721c1d34e60389d3f2f87bbea [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16614_none_9b6541f4c7072a57\mshtml.dll : 14,327,808 : 05/16/2013 09:25 PM : 69a03ab053cad761e51bae1b01f95f55 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16618_none_9b64e6d4c70790db\mshtml.dll : 14,327,808 : 06/08/2013 07:40 AM : 05920bd009621d06722a1cd339da6481 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16635_none_9b672bc0c70576a6\mshtml.dll : 14,329,856 : 06/11/2013 07:43 PM : af31e7d2c385f647adfd5f5736b3ba64 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16660_none_9b6a9e86c7024286\mshtml.dll : 14,329,344 : 07/25/2013 11:12 PM : e631b408882f8320739f6e0caf444397 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20719_none_848c5984e0b72622\mshtml.dll : 14,355,968 : 05/16/2013 09:42 PM : d77d1a53c38df6ce26749d77bed6a527 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20723_none_848de27ee0b5a5b3\mshtml.dll : 14,355,456 : 06/08/2013 07:44 AM : 2c01ea6cbf9e7c6a96535bea1ab35580 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20742_none_848ff9dae0b3bec0\mshtml.dll : 14,358,528 : 06/12/2013 00:17 AM : e6cc3f7eaa761794e13e0f99393eeb97 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20768_none_849171bee0b28b34\mshtml.dll : 14,356,480 : 07/25/2013 11:09 PM : 523d2e830830fd6da5b7faae3c251bc5 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_96780994e42bbfd5\mshtml.dll : 5,977,600 : 11/20/2010 11:25 PM : c50799f0d47dfb9774f721521b6c41d5 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16421_none_9235fb30292dffc2\mshtml.dll : 12,268,544 : 04/01/2012 10:32 PM : 4def8126cabaa6cdc12103cd74c6a919 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16441_none_92205b58293e37a4\mshtml.dll : 12,282,368 : 12/13/2011 11:30 PM : 497c9c3db953a60ec4f43a097e15f75e [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16448_none_92275d5e2937e905\mshtml.dll : 12,317,184 : 06/28/2012 08:52 PM : 5e8e869e1342308752a37a2c90cca79d [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16450_none_92148b2229473a3e\mshtml.dll : 12,319,744 : 08/24/2012 03:27 AM : bb197f54a8f69eea8356b7f70e6d3a20 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16455_none_92198c942942b8f1\mshtml.dll : 12,320,768 : 10/08/2012 04:28 AM : 8d1bb1e5a033e8817ef94a9047630165 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16457_none_921b8d282940eb9f\mshtml.dll : 12,320,256 : 11/13/2012 10:48 PM : 07f649cd36f266bbe33b814fa678aa43 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16464_none_920dbc5e294bbb8b\mshtml.dll : 12,321,280 : 01/08/2013 06:23 PM : c97434c851c4821bd92d2831fdf1ecbe [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16470_none_91feeb4a29577220\mshtml.dll : 12,321,792 : 02/02/2013 00:09 AM : 263963d93a3ca8f685efa5966f1e6581 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16476_none_9204ed0629520a2a\mshtml.dll : 12,324,352 : 02/22/2013 00:05 AM : 658ebc74bd38d16805648c4775f7fa82 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16483_none_91f71c3c295cda16\mshtml.dll : 12,324,864 : 04/04/2013 06:23 PM : 79b0d843b26bea808ea89ba2d8a026f2 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16484_none_91f81c86295bf36d\mshtml.dll : 12,324,864 : 05/05/2013 03:25 PM : 26f30066b9fa78c97a0e92803d496211 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20546_none_92aef99542575621\mshtml.dll : 12,282,368 : 12/13/2011 10:41 PM : a29cfd4b9f6f2bbe06c8d64b6d07f1d4 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20554_none_92a2291542613f64\mshtml.dll : 12,317,184 : 06/28/2012 07:11 PM : aec51857aec2f5ce4520366240afc671 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20557_none_92a529f3425e8b69\mshtml.dll : 12,319,744 : 08/24/2012 03:43 AM : 975d1ea99a0fe8104b72440995b3c20b [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20562_none_92955895426b28a7\mshtml.dll : 12,321,280 : 10/08/2012 04:12 AM : f7b251da2fa89933771289793dcaa08b [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20565_none_92985973426874ac\mshtml.dll : 12,321,280 : 11/13/2012 10:14 PM : 8021ef27048f9ece5286ea8c8eed23b8 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20573_none_928b88f342725def\mshtml.dll : 12,322,304 : 01/08/2013 05:17 PM : b6ad225b3bcc07332fbb2c2824315534 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20580_none_927db829427d2ddb\mshtml.dll : 12,322,304 : 02/02/2013 00:15 AM : 88c27474e61271b49677f22cee76fb3e [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20586_none_9283b9e54277c5e5\mshtml.dll : 12,324,864 : 02/22/2013 00:06 AM : 474d43d76e2a33fee21c6f4bb7c4a3b7 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20593_none_9275e91b428295d1\mshtml.dll : 12,325,376 : 04/04/2013 05:33 PM : 4ebf337d1f52ea9202072348ba41ca95 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20594_none_9276e9654281af28\mshtml.dll : 12,325,888 : 05/05/2013 04:26 PM : 1152de9d7fe16ec92a12165d1cbe8406 [Pos Repl]
 
 * C:\Windows\System32\msimg32.dll : 8,192 : 07/13/2009 09:41 PM : e424b3ef666b184cee0b6871aaa8c9f6 [NoSig]
 +-> C:\Windows\SysWOW64\msimg32.dll : 4,608 : 07/13/2009 09:15 PM : 18ab2e5a40064ed5f7791ac5946a90f3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-gdi-painting_31bf3856ad364e35_6.1.7600.16385_none_d360c9c235bd1868\msimg32.dll : 8,192 : 07/13/2009 09:41 PM : e424b3ef666b184cee0b6871aaa8c9f6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.1.7600.16385_none_77422e3e7d5fa732\msimg32.dll : 4,608 : 07/13/2009 09:15 PM : 18ab2e5a40064ed5f7791ac5946a90f3 [Pos Repl]
 
 * C:\Windows\System32\msprivs.dll : 2,048 : 07/13/2009 09:29 PM : 02b64609f865a39365ff88580df11738 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa-msprivs_31bf3856ad364e35_6.1.7600.16385_none_680de2b99516e12e\msprivs.dll : 2,048 : 07/13/2009 09:29 PM : 02b64609f865a39365ff88580df11738 [Pos Repl]
 
 * C:\Windows\System32\msvcrt.dll : 634,880 : 12/16/2011 04:46 AM : c391fc68282a000cdf953f8b6b55d2ef [NoSig]
 +-> C:\Windows\SysWOW64\msvcrt.dll : 690,688 : 12/16/2011 03:52 AM : 9dc80a8aaaaac397bdab3c67165a824e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_2d4a27c7b8972454\msvcrt.dll : 634,880 : 07/13/2009 09:41 PM : 7319bb10fa1f86e49e3dcf4136f6c957 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_2f5acf97b59df60f\msvcrt.dll : 634,880 : 12/16/2011 04:46 AM : c391fc68282a000cdf953f8b6b55d2ef [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_2fc7fdc6ced04f08\msvcrt.dll : 634,880 : 12/16/2011 04:39 AM : f9a4c695c86cc32048fe2c987a0bd387 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_d12b8c440039b31e\msvcrt.dll : 690,688 : 07/13/2009 09:15 PM : e46d48a7fe961401f1cbf85531cdf05d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_d33c3413fd4084d9\msvcrt.dll : 690,688 : 12/16/2011 03:52 AM : 9dc80a8aaaaac397bdab3c67165a824e [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_d3a962431672ddd2\msvcrt.dll : 690,688 : 12/16/2011 04:58 AM : 2f740c4b458331357e825e94afb0953a [Pos Repl]
 
 * C:\Windows\System32\mswsock.dll : 326,144 : 11/20/2010 11:24 PM : 1d5185a4c7e6695431ae4b55c3d7d333 [NoSig]
 +-> C:\Windows\SysWOW64\mswsock.dll : 232,448 : 11/20/2010 11:24 PM : 8999b8631c7fd9f7f9ec3cafd953ba24 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll : 326,144 : 11/20/2010 11:24 PM : 1d5185a4c7e6695431ae4b55c3d7d333 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll : 232,448 : 11/20/2010 11:24 PM : 8999b8631c7fd9f7f9ec3cafd953ba24 [Pos Repl]
 
 * C:\Windows\System32\netlogon.dll : 695,808 : 11/20/2010 11:24 PM : aa339dd8bb128ef66660dfbbb59043d3 [NoSig]
 +-> C:\Windows\SysWOW64\netlogon.dll : 563,712 : 11/20/2010 11:24 PM : c1809b9907adedaf16f50c894100883b [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll : 695,808 : 11/20/2010 11:24 PM : aa339dd8bb128ef66660dfbbb59043d3 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll : 563,712 : 11/20/2010 11:24 PM : c1809b9907adedaf16f50c894100883b [Pos Repl]
 
 * C:\Windows\System32\netman.dll : 360,448 : 07/13/2009 09:41 PM : 847d3ae376c0817161a14a82c8922a9e [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll : 360,448 : 07/13/2009 09:41 PM : 847d3ae376c0817161a14a82c8922a9e [Pos Repl]
 
 * C:\Windows\System32\ole32.dll : 2,086,912 : 11/20/2010 11:23 PM : 6c60b5aca7442efb794082cdacfc001c [NoSig]
 +-> C:\Windows\SysWOW64\ole32.dll : 1,414,144 : 11/20/2010 11:24 PM : 928cf7268086631f54c3d8e17238c6dd [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_0a43accb08f0eac5\ole32.dll : 2,086,912 : 11/20/2010 11:23 PM : 6c60b5aca7442efb794082cdacfc001c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_ae2511475093798f\ole32.dll : 1,414,144 : 11/20/2010 11:24 PM : 928cf7268086631f54c3d8e17238c6dd [Pos Repl]
 
 * C:\Windows\System32\perfctrs.dll : 44,544 : 07/13/2009 09:41 PM : 8056a3e51b569c3f437a5026a0abe66d [NoSig]
 +-> C:\Windows\SysWOW64\perfctrs.dll : 39,424 : 07/13/2009 09:16 PM : edd2ad141debd425d74a52a4d7be6ac4 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.1.7600.16385_none_8d682f6a76cad93f\perfctrs.dll : 44,544 : 07/13/2009 09:41 PM : 8056a3e51b569c3f437a5026a0abe66d [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.1.7600.16385_none_97bcd9bcab2b9b3a\perfctrs.dll : 39,424 : 07/13/2009 09:16 PM : edd2ad141debd425d74a52a4d7be6ac4 [Pos Repl]
 
 * C:\Windows\System32\powrprof.dll : 167,424 : 07/13/2009 09:41 PM : 716175021bda290504ce434273f666bc [NoSig]
 +-> C:\Windows\SysWOW64\powrprof.dll : 145,408 : 07/13/2009 09:16 PM : 08dfdbd2fd4ea951dc46b1c7661ed35a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_ff0e900816896618\powrprof.dll : 167,424 : 07/13/2009 09:41 PM : 716175021bda290504ce434273f666bc [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_a2eff4845e2bf4e2\powrprof.dll : 145,408 : 07/13/2009 09:16 PM : 08dfdbd2fd4ea951dc46b1c7661ed35a [Pos Repl]
 
 * C:\Windows\System32\psbase.dll : 52,224 : 07/13/2009 09:41 PM : ab95fbae4f9a5a56b177cec427b2b35e [NoSig]
 +-> C:\Windows\SysWOW64\psbase.dll : 50,688 : 07/13/2009 09:16 PM : 274992d0945889a6b56d0e1bd4288a6e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-s..ty-protectedstorage_31bf3856ad364e35_6.1.7600.16385_none_a43e06414a0fcb4b\psbase.dll : 52,224 : 07/13/2009 09:41 PM : ab95fbae4f9a5a56b177cec427b2b35e [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-s..ty-protectedstorage_31bf3856ad364e35_6.1.7600.16385_none_ae92b0937e708d46\psbase.dll : 50,688 : 07/13/2009 09:16 PM : 274992d0945889a6b56d0e1bd4288a6e [Pos Repl]
 
 * C:\Windows\System32\pstorsvc.dll : 36,352 : 07/13/2009 09:41 PM : 35ba5aa671887fe8a62b88a9a6229fd5 [NoSig]
 +-> C:\Windows\SysWOW64\pstorsvc.dll : 23,552 : 07/13/2009 09:16 PM : 0a3ccb2c4f603d99f34d742fc9544b97 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-s..ty-protectedstorage_31bf3856ad364e35_6.1.7600.16385_none_a43e06414a0fcb4b\pstorsvc.dll : 36,352 : 07/13/2009 09:41 PM : 35ba5aa671887fe8a62b88a9a6229fd5 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-s..ty-protectedstorage_31bf3856ad364e35_6.1.7600.16385_none_ae92b0937e708d46\pstorsvc.dll : 23,552 : 07/13/2009 09:16 PM : 0a3ccb2c4f603d99f34d742fc9544b97 [Pos Repl]
 
 * C:\Windows\System32\qmgr.dll : 849,920 : 11/20/2010 11:23 PM : 1ea7969e3271cbc59e1730697dc74682 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll : 849,920 : 11/20/2010 11:23 PM : 1ea7969e3271cbc59e1730697dc74682 [Pos Repl]
 
 * C:\Windows\System32\rasadhlp.dll : 16,384 : 07/13/2009 09:41 PM : 88351b29b622b30962d2feb6ca8d860b [NoSig]
 +-> C:\Windows\SysWOW64\rasadhlp.dll : 11,776 : 07/13/2009 09:16 PM : ed6ee83d61ebc683c2cd8e899ea6febe [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasadhlp.dll : 16,384 : 07/13/2009 09:41 PM : 88351b29b622b30962d2feb6ca8d860b [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_76239aafb364e805\rasadhlp.dll : 11,776 : 07/13/2009 09:16 PM : ed6ee83d61ebc683c2cd8e899ea6febe [Pos Repl]
 
 * C:\Windows\System32\regsvc.dll : 159,232 : 07/13/2009 09:41 PM : e4d94f24081440b5fc5aa556c7c62702 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.1.7600.16385_none_e55af7609d2857a8\regsvc.dll : 159,232 : 07/13/2009 09:41 PM : e4d94f24081440b5fc5aa556c7c62702 [Pos Repl]
 
 * C:\Windows\System32\rpcss.dll : 512,000 : 11/20/2010 11:24 PM : 5c627d1b1138676c0a7ab2c2c190d123 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll : 512,000 : 11/20/2010 11:24 PM : 5c627d1b1138676c0a7ab2c2c190d123 [Pos Repl]
 
 * C:\Windows\System32\scecli.dll : 232,960 : 11/20/2010 11:24 PM : ed78427259134c63ed69804d2132b86c [NoSig]
 +-> C:\Windows\SysWOW64\scecli.dll : 175,616 : 11/20/2010 11:23 PM : 8124944ec89d6a1815e4e53f5b96aaf4 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll : 232,960 : 11/20/2010 11:24 PM : ed78427259134c63ed69804d2132b86c [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll : 175,616 : 11/20/2010 11:23 PM : 8124944ec89d6a1815e4e53f5b96aaf4 [Pos Repl]
 
 * C:\Windows\System32\schannel.dll : 340,992 : 06/02/2012 01:45 AM : 1573c45e65de32b1bc3572634f8f1e8e [NoSig]
 +-> C:\Windows\SysWOW64\schannel.dll : 225,280 : 06/02/2012 00:40 AM : 3d3cbd1847f980fb03343a63671e7886 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17514_none_803c507d6be26102\schannel.dll : 340,992 : 11/20/2010 11:24 PM : a199de544bf5c61c134b22c7592226fc [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17725_none_803284a76be99098\schannel.dll : 340,992 : 11/17/2011 02:35 AM : fbd1d2169aceee3073861f8ca3a28c49 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17856_none_801317136c00fae9\schannel.dll : 340,992 : 06/02/2012 01:45 AM : 1573c45e65de32b1bc3572634f8f1e8e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.21861_none_808ce09a852b3aca\schannel.dll : 340,992 : 11/17/2011 02:26 AM : ed848d806f639ce611b3bedc6c958140 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22010_none_80c1c9f48503c627\schannel.dll : 340,992 : 06/04/2012 03:54 AM : f6184411925d84c41a87fb9821554da8 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17514_none_8a90facfa04322fd\schannel.dll : 224,256 : 11/20/2010 11:24 PM : 135f7ac9be35ab1df727faf2e60e92f8 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17725_none_8a872ef9a04a5293\schannel.dll : 224,768 : 11/17/2011 01:34 AM : 1affb765af1fdcc0c185c38e9ddddaee [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17856_none_8a67c165a061bce4\schannel.dll : 225,280 : 06/02/2012 00:40 AM : 3d3cbd1847f980fb03343a63671e7886 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.21861_none_8ae18aecb98bfcc5\schannel.dll : 224,768 : 11/17/2011 01:29 AM : 3dbcbd8adb406c43a2127544d7ba974e [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22010_none_8b167446b9648822\schannel.dll : 225,280 : 06/02/2012 00:55 AM : c5b2dc72f2453cef2e150a81f696703d [Pos Repl]
 
 * C:\Windows\System32\schedsvc.dll : 1,110,016 : 11/20/2010 11:24 PM : 262f6592c3299c005fd6bec90fc4463a [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7601.17514_none_8d272400ada202f9\schedsvc.dll : 1,110,016 : 11/20/2010 11:24 PM : 262f6592c3299c005fd6bec90fc4463a [Pos Repl]
 
 * C:\Windows\System32\services.exe : 328,704 : 07/13/2009 09:39 PM : 24acb7e5be595468e3b9aa488b9b4fcb [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe : 328,704 : 07/13/2009 09:39 PM : 24acb7e5be595468e3b9aa488b9b4fcb [Pos Repl]
 
 * C:\Windows\System32\setupapi.dll : 1,900,544 : 11/20/2010 11:24 PM : 5d8e6c95156ed1f79a63d1eade6f9ed5 [NoSig]
 +-> C:\Windows\SysWOW64\setupapi.dll : 1,667,584 : 11/20/2010 11:23 PM : 10fb16b50affda6d44588f3c445dc273 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-setupapi_31bf3856ad364e35_6.1.7601.17514_none_931b5f1fdcdd6496\setupapi.dll : 1,900,544 : 11/20/2010 11:24 PM : 5d8e6c95156ed1f79a63d1eade6f9ed5 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-setupapi_31bf3856ad364e35_6.1.7601.17514_none_9d700972113e2691\setupapi.dll : 1,667,584 : 11/20/2010 11:23 PM : 10fb16b50affda6d44588f3c445dc273 [Pos Repl]
 
 * C:\Windows\System32\sfc.dll : 3,072 : 07/13/2009 09:33 PM : c6dcd1d11ed6827f05c00773c3e7053c [NoSig]
 +-> C:\Windows\SysWOW64\sfc.dll : 2,560 : 07/13/2009 09:10 PM : 40caeee0eaf1b8569f7c8df6420f2cb9 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_032ab4f375e2ac1f\sfc.dll : 3,072 : 07/13/2009 09:33 PM : c6dcd1d11ed6827f05c00773c3e7053c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_a70c196fbd853ae9\sfc.dll : 2,560 : 07/13/2009 09:10 PM : 40caeee0eaf1b8569f7c8df6420f2cb9 [Pos Repl]
 
 * C:\Windows\System32\shsvcs.dll : 370,688 : 11/20/2010 11:23 PM : aaf932b4011d14052955d4b212a4da8d [NoSig]
 +-> C:\Windows\SysWOW64\shsvcs.dll : 328,192 : 11/20/2010 11:24 PM : 414da952a35bf5d50192e28263b40577 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7601.17514_none_2b566299338d2123\shsvcs.dll : 370,688 : 11/20/2010 11:23 PM : aaf932b4011d14052955d4b212a4da8d [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7601.17514_none_35ab0ceb67ede31e\shsvcs.dll : 328,192 : 11/20/2010 11:24 PM : 414da952a35bf5d50192e28263b40577 [Pos Repl]
 
 * C:\Windows\System32\smss.exe : 112,640 : 03/18/2013 11:06 PM : f0371de302ffff8f086661611be60848 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe : 112,640 : 07/13/2009 09:39 PM : 1911a3356fa3f77ccc825ccbac038c2a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe : 112,640 : 03/18/2013 11:06 PM : f0371de302ffff8f086661611be60848 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe : 112,640 : 03/18/2013 10:57 PM : 498e2a20e145199709cd100cdba8603d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe : 112,640 : 07/07/2013 10:50 PM : e65601cf4bc0cf3718afbe56a9ad846f [Pos Repl]
 
 * C:\Windows\System32\spoolsv.exe : 559,104 : 02/11/2012 02:36 AM : 85daa09a98c9286d4ea2ba8d0e644377 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe : 559,104 : 11/20/2010 11:24 PM : b96c17b5dc1424d56eea3a99e97428cd [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe : 559,104 : 02/11/2012 02:36 AM : 85daa09a98c9286d4ea2ba8d0e644377 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe : 559,616 : 02/11/2012 02:20 AM : b9d7a4858cf32a6a15d2763f1de47e0e [Pos Repl]
 
 * C:\Windows\System32\ssdpsrv.dll : 193,024 : 07/13/2009 09:41 PM : 51b52fbd583cde8aa9ba62b8b4298f33 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.1.7600.16385_none_dbbe6492eae9505c\ssdpsrv.dll : 193,024 : 07/13/2009 09:41 PM : 51b52fbd583cde8aa9ba62b8b4298f33 [Pos Repl]
 
 * C:\Windows\System32\svchost.exe : 27,648 : 03/01/2011 04:07 AM : 6f68f63794097e54f36474ed4384b759 [NoSig]
 +-> C:\Windows\SysWOW64\svchost.exe : 21,504 : 03/01/2011 04:05 AM : ecdb182f885292145826c58252b53000 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe : 27,136 : 07/13/2009 09:39 PM : c78655bc80301d76ed4fef1c1ea40a7d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_13af509c1c123937\svchost.exe : 27,648 : 03/01/2011 04:07 AM : 6f68f63794097e54f36474ed4384b759 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_14271b75353e4391\svchost.exe : 27,648 : 03/01/2011 04:10 AM : 635455a95eb8ec47ac72142e501465ed [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe : 20,992 : 07/13/2009 09:14 PM : 54a47f6b5e09a77e61649109c6a08866 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_b790b51863b4c801\svchost.exe : 21,504 : 03/01/2011 04:05 AM : ecdb182f885292145826c58252b53000 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_b8087ff17ce0d25b\svchost.exe : 21,504 : 03/01/2011 04:07 AM : a91a288c91f9d9f1cfa4faa9893c4d55 [Pos Repl]
 
 * C:\Windows\System32\tapisrv.dll : 316,928 : 11/20/2010 11:24 PM : 40f0849f65d13ee87b9a9ae3c1dd6823 [NoSig]
 +-> C:\Windows\SysWOW64\tapisrv.dll : 242,176 : 11/20/2010 11:24 PM : 613bf4820361543956909043a265c6ac [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7601.17514_none_4162de4afb9222c0\tapisrv.dll : 316,928 : 11/20/2010 11:24 PM : 40f0849f65d13ee87b9a9ae3c1dd6823 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7601.17514_none_e54442c74334b18a\tapisrv.dll : 242,176 : 11/20/2010 11:24 PM : 613bf4820361543956909043a265c6ac [Pos Repl]
 
 * C:\Windows\System32\taskeng.exe : 464,384 : 11/20/2010 11:24 PM : 65ea57712340c09b1b0c427b4848ae05 [NoSig]
 +-> C:\Windows\SysWOW64\taskeng.exe : 192,000 : 11/20/2010 11:23 PM : 4f2659160afcca990305816946f69407 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_43d2529dd579f798\taskeng.exe : 464,384 : 11/20/2010 11:24 PM : 65ea57712340c09b1b0c427b4848ae05 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe : 192,000 : 11/20/2010 11:23 PM : 4f2659160afcca990305816946f69407 [Pos Repl]
 
 * C:\Windows\System32\taskhost.exe : 68,608 : 11/22/2012 11:13 PM : 639774c9acd063f028f6084abf5593ad [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_8664adc870f5633a\taskhost.exe : 69,120 : 11/20/2010 11:24 PM : 517110bd83835338c037269e603db55d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.18010_none_86608c5a70f925bc\taskhost.exe : 68,608 : 11/22/2012 11:13 PM : 639774c9acd063f028f6084abf5593ad [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.22172_none_86ab4a318a459fda\taskhost.exe : 69,120 : 11/23/2012 01:50 AM : c671f1b7d4242a5ec7af2d548f072671 [Pos Repl]
 
 * C:\Windows\System32\termsrv.dll : 680,960 : 11/20/2010 11:24 PM : 2e648163254233755035b46dd7b89123 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll : 680,960 : 11/20/2010 11:24 PM : 2e648163254233755035b46dd7b89123 [Pos Repl]
 
 * C:\Windows\System32\upnphost.dll : 353,792 : 07/13/2009 09:41 PM : d47ec6a8e81633dd18d2436b19baf6de [NoSig]
 +-> C:\Windows\SysWOW64\upnphost.dll : 266,752 : 07/13/2009 09:16 PM : 833fbb672460efce8011d262175fad33 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.1.7600.16385_none_1ddd261c4e350476\upnphost.dll : 353,792 : 07/13/2009 09:41 PM : d47ec6a8e81633dd18d2436b19baf6de [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.1.7600.16385_none_2831d06e8295c671\upnphost.dll : 266,752 : 07/13/2009 09:16 PM : 833fbb672460efce8011d262175fad33 [Pos Repl]
 
 * C:\Windows\System32\user32.dll : 1,008,128 : 11/20/2010 11:24 PM : fe70103391a64039a921dbfff9c7ab1b [NoSig]
 +-> C:\Windows\SysWOW64\user32.dll : 833,024 : 11/20/2010 11:24 PM : 5e0db2d8b2750543cd2ebb9ea8e6cdd3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll : 1,008,128 : 11/20/2010 11:24 PM : fe70103391a64039a921dbfff9c7ab1b [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll : 833,024 : 11/20/2010 11:24 PM : 5e0db2d8b2750543cd2ebb9ea8e6cdd3 [Pos Repl]
 
 * C:\Windows\System32\userinit.exe : 30,720 : 11/20/2010 11:24 PM : bafe84e637bf7388c96ef48d4d3fdd53 [NoSig]
 +-> C:\Windows\SysWOW64\userinit.exe : 26,624 : 11/20/2010 11:23 PM : 61ac3efdfacfdd3f0f11dd4fd4044223 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe : 30,720 : 11/20/2010 11:24 PM : bafe84e637bf7388c96ef48d4d3fdd53 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe : 26,624 : 11/20/2010 11:23 PM : 61ac3efdfacfdd3f0f11dd4fd4044223 [Pos Repl]
 
 * C:\Windows\System32\usp10.dll : 800,768 : 11/22/2012 01:44 AM : dbf99fd9caf75ca66d042bd8d050ff71 [NoSig]
 +-> C:\Windows\SysWOW64\usp10.dll : 626,688 : 11/22/2012 00:45 AM : b7230010d97787af3d25e4c82f2b06b9 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_0b207e7d6f1bea6f\usp10.dll : 800,256 : 11/20/2010 11:24 PM : 2f8b1e3ee3545d3b5a8d56fa1ae07b65 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18009_none_0b302f956f0f750f\usp10.dll : 800,768 : 11/22/2012 01:44 AM : dbf99fd9caf75ca66d042bd8d050ff71 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22171_none_0b661a9c886d0db8\usp10.dll : 801,280 : 11/22/2012 01:59 AM : e4accc7927a1478df636534864e03666 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_af01e2f9b6be7939\usp10.dll : 626,176 : 11/20/2010 11:24 PM : 804aaafebb3ad5f49334dd906bcb1de5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18009_none_af119411b6b203d9\usp10.dll : 626,688 : 11/22/2012 00:45 AM : b7230010d97787af3d25e4c82f2b06b9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22171_none_af477f18d00f9c82\usp10.dll : 626,688 : 11/22/2012 01:36 AM : ca68408922b02e8d955a2967c7cbf8ce [Pos Repl]
 
 * C:\Windows\System32\UxTheme.dll : 332,288 : 07/13/2009 09:41 PM : d29e998e8277666982b4f0303bf4e7af [NoSig]
 +-> C:\Windows\SysWOW64\uxtheme.dll : 245,760 : 07/13/2009 09:11 PM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_01d98c7b2040a1b9\uxtheme.dll : 332,288 : 07/13/2009 09:41 PM : d29e998e8277666982b4f0303bf4e7af [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_0c2e36cd54a163b4\uxtheme.dll : 245,760 : 07/13/2009 09:11 PM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]
 
 * C:\Windows\System32\version.dll : 29,184 : 07/13/2009 09:41 PM : 94e026870a55aaeaff7853c1754091e9 [NoSig]
 +-> C:\Windows\SysWOW64\version.dll : 21,504 : 07/13/2009 09:16 PM : 702254574e7e52052de39408457b7149 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-version_31bf3856ad364e35_6.1.7600.16385_none_70f340d66a96c29b\version.dll : 29,184 : 07/13/2009 09:41 PM : 94e026870a55aaeaff7853c1754091e9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.1.7600.16385_none_14d4a552b2395165\version.dll : 21,504 : 07/13/2009 09:16 PM : 702254574e7e52052de39408457b7149 [Pos Repl]
 
 * C:\Windows\System32\w32time.dll : 381,952 : 07/13/2009 09:41 PM : 1c9d80cc3849b3788048078c26486e1a [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-time-service_31bf3856ad364e35_6.1.7600.16385_none_e49c555686fbabd6\w32time.dll : 381,952 : 07/13/2009 09:41 PM : 1c9d80cc3849b3788048078c26486e1a [Pos Repl]
 
 * C:\Windows\System32\wbem\wmiprvse.exe : 372,736 : 11/20/2010 11:24 PM : 619a67c9f617b7e69315bb28ecd5e1df [NoSig]
 +-> C:\Windows\SysWOW64\wbem\WmiPrvSE.exe : 257,536 : 11/20/2010 11:24 PM : 4fb491ac8d46aaf22ba8bc5c73dabef7 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.1.7601.17514_none_6e88c3faa2049408\WmiPrvSE.exe : 372,736 : 11/20/2010 11:24 PM : 619a67c9f617b7e69315bb28ecd5e1df [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.1.7601.17514_none_78dd6e4cd6655603\WmiPrvSE.exe : 257,536 : 11/20/2010 11:24 PM : 4fb491ac8d46aaf22ba8bc5c73dabef7 [Pos Repl]
 
 * C:\Windows\System32\wdigest.dll : 210,432 : 07/13/2009 09:41 PM : 95fb6ca4374e343ddd653fcc43f9d26b [NoSig]
 +-> C:\Windows\SysWOW64\wdigest.dll : 171,520 : 07/13/2009 09:16 PM : 0450cf487ecd8a67b56f59f9a96d024d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7600.16385_none_96c23cbe96661a70\wdigest.dll : 210,432 : 07/13/2009 09:41 PM : 95fb6ca4374e343ddd653fcc43f9d26b [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7600.16385_none_a116e710cac6dc6b\wdigest.dll : 171,520 : 07/13/2009 09:16 PM : 0450cf487ecd8a67b56f59f9a96d024d [Pos Repl]
 
 * C:\Windows\System32\wiaservc.dll : 580,096 : 11/20/2010 11:24 PM : 8dd52e8e6128f4b2da92ce27402871c1 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.1.7601.17514_none_90ba4080c9f2e648\wiaservc.dll : 580,096 : 11/20/2010 11:24 PM : 8dd52e8e6128f4b2da92ce27402871c1 [Pos Repl]
 
 * C:\Windows\System32\wininet.dll : 2,241,024 : 07/26/2013 01:13 AM : ac155dd9bd1e6d3b740826a4d1c68aae [NoSig]
 +-> C:\Windows\SysWOW64\wininet.dll : 1,767,936 : 07/25/2013 11:13 PM : daa3903f06116ae9ee7ac1d1b93684a4 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16576_none_7fc71c9c1242ae81\wininet.dll : 2,242,048 : 05/29/2013 04:57 AM : 27a9000c534aa9badc9ee74940f50c6d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16614_none_7fb67884124fff26\wininet.dll : 2,241,024 : 05/16/2013 08:59 PM : 12716d987d475b051f35895659159705 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16635_none_7fb86250124e4b75\wininet.dll : 2,241,024 : 06/11/2013 07:26 PM : faf6ec2460ad5fbbd38d8e1ae28b0d77 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16660_none_7fbbd516124b1755\wininet.dll : 2,241,024 : 07/26/2013 01:13 AM : ac155dd9bd1e6d3b740826a4d1c68aae [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20719_none_68dd90142bfffaf1\wininet.dll : 2,248,704 : 05/16/2013 09:34 PM : 7e43b93c0e9c138ac1008f646b06e919 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20742_none_68e1306a2bfc938f\wininet.dll : 2,248,704 : 06/12/2013 01:12 AM : 09bf0d9701f9d846bbc5abed003851cb [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20768_none_68e2a84e2bfb6003\wininet.dll : 2,248,704 : 07/26/2013 00:00 AM : 5c49f5a791b944ad8247473abd35602d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_7ac940242f7494a4\wininet.dll : 1,188,864 : 11/20/2010 11:23 PM : f6c5302e1f4813d552f41a0ac82455e5 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16421_none_768731bf7476d491\wininet.dll : 1,389,056 : 04/01/2012 10:32 PM : 1bf2bcc7e3c26fd4c8ef0c9efb0cc25d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16441_none_767191e774870c73\wininet.dll : 1,390,080 : 12/14/2011 03:04 AM : b1ac85b6adc005cf3f9eb4e28dfdcce6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16448_none_767893ed7480bdd4\wininet.dll : 1,392,128 : 06/28/2012 11:49 PM : 8ea68fd3780dddd5072f8cb830b3cb3d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16450_none_7665c1b174900f0d\wininet.dll : 1,392,128 : 08/24/2012 06:21 AM : 3d165c53e40236a68b7102d1a622d4e0 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16455_none_766ac323748b8dc0\wininet.dll : 1,392,128 : 10/08/2012 07:23 AM : a19db004d954bbc9c4ec125711e1d1c2 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16457_none_766cc3b77489c06e\wininet.dll : 1,392,128 : 11/14/2012 02:04 AM : 5121db613e10a46a3c5085b479026aa7 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16464_none_765ef2ed7494905a\wininet.dll : 1,392,128 : 01/08/2013 09:12 PM : 435e9c764e1ef70058580996452be6a2 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16470_none_765021d974a046ef\wininet.dll : 1,392,128 : 02/02/2013 02:47 AM : fa274190682aa41a46b285208ed46a74 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16476_none_76562395749adef9\wininet.dll : 1,392,128 : 02/22/2013 02:20 AM : a4f6142caba82fb7293ece5ff864b440 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16483_none_764852cb74a5aee5\wininet.dll : 1,392,128 : 04/04/2013 09:00 PM : 563c71a913cac0c3de5ffcd36edb43a0 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20546_none_770030248da02af0\wininet.dll : 1,390,080 : 12/14/2011 02:10 AM : c2fa4dbd6bb91d1afd7d155120654ab9 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20554_none_76f35fa48daa1433\wininet.dll : 1,392,128 : 06/28/2012 09:51 PM : 8ba7eda2656ed7fbc93bdd5cb02b8d4e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20557_none_76f660828da76038\wininet.dll : 1,392,128 : 08/24/2012 05:53 AM : 456d4e9006df149c250d40b813290471 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20562_none_76e68f248db3fd76\wininet.dll : 1,392,128 : 10/08/2012 06:11 AM : 789ead6f3ce42f3322818988400986e9 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20565_none_76e990028db1497b\wininet.dll : 1,392,128 : 11/14/2012 00:01 AM : 5caf48f12e8cbd96d520f4efd5b97f76 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20573_none_76dcbf828dbb32be\wininet.dll : 1,392,128 : 01/08/2013 07:55 PM : 43a6a68f1f41b13ca4d580d40dfa57ee [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20580_none_76ceeeb88dc602aa\wininet.dll : 1,392,128 : 02/02/2013 03:16 AM : 4e0669b513805a7c2a303c8ededc8e03 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20586_none_76d4f0748dc09ab4\wininet.dll : 1,392,640 : 02/22/2013 02:37 AM : e6a459c8e90c4a873c923c44f3d9510b [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20593_none_76c71faa8dcb6aa0\wininet.dll : 1,392,640 : 04/04/2013 07:41 PM : 7fd2d2be22f9a319ab2fd23dd2c9968a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16576_none_23a8811859e53d4b\wininet.dll : 1,767,424 : 05/29/2013 04:57 AM : 5abb3f36af17007f33fa275e96a2c95e [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16614_none_2397dd0059f28df0\wininet.dll : 1,767,936 : 05/16/2013 09:25 PM : 2473ca6595a2659d7039a4a89feca269 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16635_none_2399c6cc59f0da3f\wininet.dll : 1,767,936 : 06/11/2013 07:43 PM : 9bf7c7654efd098ee3a27b49492a382a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16660_none_239d399259eda61f\wininet.dll : 1,767,936 : 07/25/2013 11:13 PM : daa3903f06116ae9ee7ac1d1b93684a4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20719_none_0cbef49073a289bb\wininet.dll : 1,777,664 : 05/16/2013 09:42 PM : 425a20f1c6855222944bfd4fa9be61a5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20742_none_0cc294e6739f2259\wininet.dll : 1,777,664 : 06/12/2013 00:19 AM : 24ae444b165d11835ef3d38cf3cc7fa4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20768_none_0cc40cca739deecd\wininet.dll : 1,777,664 : 07/25/2013 11:10 PM : de581a5e0e70bb63898f8776eb274428 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll : 980,992 : 11/20/2010 11:24 PM : 44214c94911c7cfb1d52cb64d5e8368d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16421_none_1a68963bbc19635b\wininet.dll : 1,126,912 : 04/01/2012 10:32 PM : a1236375b74ea63c75657d564890c436 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16441_none_1a52f663bc299b3d\wininet.dll : 1,127,424 : 12/13/2011 10:57 PM : 1d94fa7c81d2ffe494af094619ba706f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16448_none_1a59f869bc234c9e\wininet.dll : 1,129,472 : 06/28/2012 08:09 PM : 75a97a2c060e72ab49e071e08c7dd2ba [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16450_none_1a47262dbc329dd7\wininet.dll : 1,129,472 : 08/24/2012 02:51 AM : 5553611e2f9ea6f613079177f1233068 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16455_none_1a4c279fbc2e1c8a\wininet.dll : 1,129,472 : 10/08/2012 03:48 AM : 9cb0d2a9a77d91d9614355ee9ff00519 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16457_none_1a4e2833bc2c4f38\wininet.dll : 1,129,472 : 11/13/2012 09:57 PM : 7fa3a810f383588d46220967de8b64ff [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16464_none_1a405769bc371f24\wininet.dll : 1,129,472 : 01/08/2013 06:03 PM : b49b56b64f57699a1a663d2cf7d0a56f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16470_none_1a318655bc42d5b9\wininet.dll : 1,129,472 : 02/01/2013 11:30 PM : 03728c624d05c2f157bbd46f6b7f6ea0 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16476_none_1a378811bc3d6dc3\wininet.dll : 1,129,472 : 02/21/2013 11:38 PM : c5b6468422db1c8aa36c32cbb0197e5e [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16483_none_1a29b747bc483daf\wininet.dll : 1,129,472 : 04/04/2013 06:02 PM : 2c96b3921b4cde10dbaed5aad760db67 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20546_none_1ae194a0d542b9ba\wininet.dll : 1,127,424 : 12/13/2011 10:28 PM : 022a78194e2c7106f5af9f2bc6ac8774 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20554_none_1ad4c420d54ca2fd\wininet.dll : 1,129,472 : 06/28/2012 06:54 PM : 54c30a4066a28f9a017e095e283b2762 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20557_none_1ad7c4fed549ef02\wininet.dll : 1,129,472 : 08/24/2012 03:12 AM : 2895e29efcfc0b1bcf8aee1a0c67913c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20562_none_1ac7f3a0d5568c40\wininet.dll : 1,129,472 : 10/08/2012 03:37 AM : 6e3ac8a54a1881806ba2b58539483788 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20565_none_1acaf47ed553d845\wininet.dll : 1,129,472 : 11/13/2012 09:33 PM : 0635d714351f842d43ea184e75c4a3ff [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20573_none_1abe23fed55dc188\wininet.dll : 1,129,472 : 01/08/2013 04:41 PM : 16c45e6881449c6330567e51c13920fa [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20580_none_1ab05334d5689174\wininet.dll : 1,129,472 : 02/01/2013 11:36 PM : 1284d72c04b553ed5382ea14303d66db [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20586_none_1ab654f0d563297e\wininet.dll : 1,129,984 : 02/21/2013 11:35 PM : 490e24d5e427dfa55b1c1182f0db861c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20593_none_1aa88426d56df96a\wininet.dll : 1,129,984 : 04/04/2013 04:55 PM : 28b2dd8dbaee306290a74ed03db3768f [Pos Repl]
 
 * C:\Windows\System32\wininit.exe : 129,024 : 07/13/2009 09:39 PM : 94355c28c1970635a31b3fe52eb7ceba [NoSig]
 +-> C:\Windows\SysWOW64\wininit.exe : 96,256 : 07/13/2009 09:14 PM : b5c5dcad3899512020d135600129d665 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe : 129,024 : 07/13/2009 09:39 PM : 94355c28c1970635a31b3fe52eb7ceba [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe : 96,256 : 07/13/2009 09:14 PM : b5c5dcad3899512020d135600129d665 [Pos Repl]
 
 * C:\Windows\System32\winlogon.exe : 390,656 : 11/20/2010 11:24 PM : 1151b1baa6f350b1db6598e0fea7c457 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe : 390,656 : 11/20/2010 11:24 PM : 1151b1baa6f350b1db6598e0fea7c457 [Pos Repl]
 
 * C:\Windows\System32\ws2_32.dll : 297,984 : 11/20/2010 11:24 PM : 4bbfa57f594f7e8a8edc8f377184c3f0 [NoSig]
 +-> C:\Windows\SysWOW64\ws2_32.dll : 206,848 : 11/20/2010 11:23 PM : 7ff15a4f092cd4a96055ba69f903e3e9 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll : 297,984 : 11/20/2010 11:24 PM : 4bbfa57f594f7e8a8edc8f377184c3f0 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll : 206,848 : 11/20/2010 11:23 PM : 7ff15a4f092cd4a96055ba69f903e3e9 [Pos Repl]
 
 * C:\Windows\System32\ws2help.dll : 4,608 : 07/13/2009 09:34 PM : 8396c6c26aaddfe4590ccef0f419b6b7 [NoSig]
 +-> C:\Windows\SysWOW64\ws2help.dll : 4,608 : 07/13/2009 09:11 PM : 808aabdf9337312195caff76d1804786 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\ws2help.dll : 4,608 : 07/13/2009 09:34 PM : 8396c6c26aaddfe4590ccef0f419b6b7 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\ws2help.dll : 4,608 : 07/13/2009 09:11 PM : 808aabdf9337312195caff76d1804786 [Pos Repl]
 
 * C:\Windows\explorer.exe : 2,871,808 : 02/25/2011 02:19 AM : 332feab1435662fc6c672e25beb37be3 [NoSig]
 +-> C:\Windows\SysWOW64\explorer.exe : 2,616,320 : 02/25/2011 01:30 AM : 8b88ebbb05a0e56b7dcc708498c02b3e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe : 2,872,320 : 11/20/2010 11:24 PM : ac4c51eb24aa95b77f705ab159189e24 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe : 2,871,808 : 02/25/2011 02:19 AM : 332feab1435662fc6c672e25beb37be3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe : 2,871,808 : 02/26/2011 02:14 AM : 3b69712041f3d63605529bd66dc00c48 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe : 2,616,320 : 11/20/2010 11:24 PM : 40d777b7a95e00593eb1568c68514493 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe : 2,616,320 : 02/25/2011 01:30 AM : 8b88ebbb05a0e56b7dcc708498c02b3e [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe : 2,616,320 : 02/26/2011 01:19 AM : 0fb9c74046656d1579a64660ad67b746 [Pos Repl]
 
 * C:\Windows\System32\drivers\afd.sys : 498,688 : 12/27/2011 11:59 PM : 1c7857b62de5994a75b054a9fd4c3825 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys : 499,712 : 11/20/2010 11:24 PM : d31dc7a16dea4a9baf179f3d6fbdb38c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys : 498,688 : 12/27/2011 11:59 PM : 1c7857b62de5994a75b054a9fd4c3825 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys : 498,176 : 12/28/2011 00:01 AM : 36a14fd1a23f57046361733b792ca8db [Pos Repl]
 
 * C:\Windows\System32\drivers\asyncmac.sys : 23,040 : 07/13/2009 08:10 PM : 769765ce2cc62867468cea93969b2242 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_804cc08a4e8a4516\asyncmac.sys : 23,040 : 07/13/2009 08:10 PM : 769765ce2cc62867468cea93969b2242 [Pos Repl]
 
 * C:\Windows\System32\drivers\beep.sys : 6,656 : 07/13/2009 08:00 PM : 16a47ce2decc9b099349a5f840654746 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys : 6,656 : 07/13/2009 08:00 PM : 16a47ce2decc9b099349a5f840654746 [Pos Repl]
 
 * C:\Windows\System32\drivers\bridge.sys : 95,232 : 07/13/2009 09:01 PM : 5c2f352a4e961d72518261257aae204b [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-networkbridge_31bf3856ad364e35_6.1.7600.16385_none_63dee2821fc69fce\bridge.sys : 95,232 : 07/13/2009 09:01 PM : 5c2f352a4e961d72518261257aae204b [Pos Repl]
 
 * C:\Windows\System32\drivers\cdfs.sys : 92,160 : 07/13/2009 07:19 PM : b8bd2bb284668c84865658c77574381a [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cdfs_31bf3856ad364e35_6.1.7600.16385_none_025c84b636a4ef6d\cdfs.sys : 92,160 : 07/13/2009 07:19 PM : b8bd2bb284668c84865658c77574381a [Pos Repl]
 
 * C:\Windows\System32\drivers\cdrom.sys : 147,456 : 11/20/2010 11:23 PM : f036ce71586e93d94dab220d7bdf4416 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys : 147,456 : 11/20/2010 11:23 PM : f036ce71586e93d94dab220d7bdf4416 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys : 147,456 : 11/20/2010 11:23 PM : f036ce71586e93d94dab220d7bdf4416 [Pos Repl]
 
 * C:\Windows\System32\drivers\CmBatt.sys : 17,664 : 07/13/2009 07:31 PM : 0840155d0bddf1190f84a663c284bd33 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\battery.inf_amd64_neutral_cb8fa151a7b7cb80\CmBatt.sys : 17,664 : 07/13/2009 07:31 PM : 0840155d0bddf1190f84a663c284bd33 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_battery.inf_31bf3856ad364e35_6.1.7600.16385_none_721c84936d812c57\CmBatt.sys : 17,664 : 07/13/2009 07:31 PM : 0840155d0bddf1190f84a663c284bd33 [Pos Repl]
 
 * C:\Windows\System32\drivers\drmkaud.sys : 5,632 : 07/13/2009 08:06 PM : 9b19f34400d24df84c858a421c205754 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_amd64_neutral_423894ded0ba8fdf\drmkaud.sys : 5,632 : 07/13/2009 08:06 PM : 9b19f34400d24df84c858a421c205754 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_wdmaudio.inf_31bf3856ad364e35_6.1.7600.16385_none_bc5c4aba33d6af68\drmkaud.sys : 5,632 : 07/13/2009 08:06 PM : 9b19f34400d24df84c858a421c205754 [Pos Repl]
 
 * C:\Windows\System32\drivers\drmk.sys : 116,224 : 07/13/2009 09:01 PM : 21d26064aedb4988f785bb4a3a2c051e [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_amd64_neutral_423894ded0ba8fdf\drmk.sys : 116,224 : 07/13/2009 09:01 PM : 21d26064aedb4988f785bb4a3a2c051e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_wdmaudio.inf_31bf3856ad364e35_6.1.7600.16385_none_bc5c4aba33d6af68\drmk.sys : 116,224 : 07/13/2009 09:01 PM : 21d26064aedb4988f785bb4a3a2c051e [Pos Repl]
 
 * C:\Windows\System32\drivers\dxapi.sys : 16,896 : 07/13/2009 07:38 PM : bf24d6f2ed97fe830bfd52b246f98e67 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-useros_31bf3856ad364e35_6.1.7600.16385_none_2963a67886ddf81e\dxapi.sys : 16,896 : 07/13/2009 07:38 PM : bf24d6f2ed97fe830bfd52b246f98e67 [Pos Repl]
 
 * C:\Windows\System32\drivers\dxg.sys : 98,816 : 07/13/2009 07:38 PM : fede0629ecb23650d48989517d4914da [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-dxg_31bf3856ad364e35_6.1.7600.16385_none_04e0334574ce0f74\dxg.sys : 98,816 : 07/13/2009 07:38 PM : fede0629ecb23650d48989517d4914da [Pos Repl]
 
 * C:\Windows\System32\drivers\fastfat.sys : 204,800 : 07/13/2009 07:23 PM : 0adc83218b66a6db380c330836f3e36d [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_0aa81d2771152f86\fastfat.sys : 204,800 : 07/13/2009 07:23 PM : 0adc83218b66a6db380c330836f3e36d [Pos Repl]
 
 * C:\Windows\System32\drivers\fdc.sys : 29,696 : 07/13/2009 08:00 PM : d765d19cd8ef61f650c384f62fac00ab [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\fdc.inf_amd64_neutral_bbcfca39fdc02275\fdc.sys : 29,696 : 07/13/2009 08:00 PM : d765d19cd8ef61f650c384f62fac00ab [Pos Repl]
 +-> C:\Windows\winsxs\amd64_fdc.inf_31bf3856ad364e35_6.1.7600.16385_none_5d86a514fa18ed1d\fdc.sys : 29,696 : 07/13/2009 08:00 PM : d765d19cd8ef61f650c384f62fac00ab [Pos Repl]
 
 * C:\Windows\System32\drivers\flpydisk.sys : 24,576 : 07/13/2009 08:00 PM : c172a0f53008eaeb8ea33fe10e177af5 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_amd64_neutral_f54222cc59267e1e\flpydisk.sys : 24,576 : 07/13/2009 08:00 PM : c172a0f53008eaeb8ea33fe10e177af5 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_42ff01d4942cc5ea\flpydisk.sys : 24,576 : 07/13/2009 08:00 PM : c172a0f53008eaeb8ea33fe10e177af5 [Pos Repl]
 
 * C:\Windows\System32\drivers\hidclass.sys : 76,800 : 11/20/2010 11:23 PM : 8b0e40e7e8bbf5acf390465609d89ff1 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_neutral_8693053514b10ee9\hidclass.sys : 76,800 : 11/20/2010 11:23 PM : 8b0e40e7e8bbf5acf390465609d89ff1 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_input.inf_31bf3856ad364e35_6.1.7601.17514_none_7e959f3636bd3a1c\hidclass.sys : 76,800 : 11/20/2010 11:23 PM : 8b0e40e7e8bbf5acf390465609d89ff1 [Pos Repl]
 
 * C:\Windows\System32\drivers\hidparse.sys : 32,896 : 07/13/2009 08:06 PM : 49ee2e52e6cd03947dad72f65367be06 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_neutral_8693053514b10ee9\hidparse.sys : 32,896 : 07/13/2009 08:06 PM : 49ee2e52e6cd03947dad72f65367be06 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_input.inf_31bf3856ad364e35_6.1.7601.17514_none_7e959f3636bd3a1c\hidparse.sys : 32,896 : 07/13/2009 08:06 PM : 49ee2e52e6cd03947dad72f65367be06 [Pos Repl]
 
 * C:\Windows\System32\drivers\hidusb.sys : 30,208 : 11/20/2010 11:23 PM : 9592090a7e2b61cd582b612b6df70536 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_neutral_8693053514b10ee9\hidusb.sys : 30,208 : 11/20/2010 11:23 PM : 9592090a7e2b61cd582b612b6df70536 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_input.inf_31bf3856ad364e35_6.1.7601.17514_none_7e959f3636bd3a1c\hidusb.sys : 30,208 : 11/20/2010 11:23 PM : 9592090a7e2b61cd582b612b6df70536 [Pos Repl]
 
 * C:\Windows\System32\drivers\http.sys : 753,664 : 11/20/2010 11:23 PM : 0ea7de1acb728dd5a369fd742d6eee28 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-http_31bf3856ad364e35_6.1.7601.17514_none_0ae701b82f7a7759\http.sys : 753,664 : 11/20/2010 11:23 PM : 0ea7de1acb728dd5a369fd742d6eee28 [Pos Repl]
 
 * C:\Windows\System32\drivers\i8042prt.sys : 105,472 : 07/13/2009 07:19 PM : fa55c73d4affa7ee23ac4be53b4592d3 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\i8042prt.sys : 105,472 : 07/13/2009 07:19 PM : fa55c73d4affa7ee23ac4be53b4592d3 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\i8042prt.sys : 105,472 : 07/13/2009 07:19 PM : fa55c73d4affa7ee23ac4be53b4592d3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys : 105,472 : 07/13/2009 07:19 PM : fa55c73d4affa7ee23ac4be53b4592d3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\i8042prt.sys : 105,472 : 07/13/2009 07:19 PM : fa55c73d4affa7ee23ac4be53b4592d3 [Pos Repl]
 
 * C:\Windows\System32\drivers\intelppm.sys : 62,464 : 07/13/2009 07:19 PM : ada036632c664caa754079041cf1f8c1 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\cpu.inf_amd64_neutral_ae5de2e1bf2793c3\intelppm.sys : 62,464 : 07/13/2009 07:19 PM : ada036632c664caa754079041cf1f8c1 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_cpu.inf_31bf3856ad364e35_6.1.7600.16385_none_b93f4c460912265a\intelppm.sys : 62,464 : 07/13/2009 07:19 PM : ada036632c664caa754079041cf1f8c1 [Pos Repl]
 
 * C:\Windows\System32\drivers\ipfltdrv.sys : 82,944 : 11/20/2010 11:24 PM : c9f0e1bd74365a8771590e9008d22ab6 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasipfilter_31bf3856ad364e35_6.1.7601.17514_none_458f8957d5cef9fa\ipfltdrv.sys : 82,944 : 11/20/2010 11:24 PM : c9f0e1bd74365a8771590e9008d22ab6 [Pos Repl]
 
 * C:\Windows\System32\drivers\ipnat.sys : 116,224 : 07/13/2009 08:10 PM : af9b39a7e7b6caa203b3862582e9f2d0 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ipnat_31bf3856ad364e35_6.1.7600.16385_none_b70d093f950ce2cf\ipnat.sys : 116,224 : 07/13/2009 08:10 PM : af9b39a7e7b6caa203b3862582e9f2d0 [Pos Repl]
 
 * C:\Windows\System32\drivers\irenum.sys : 17,920 : 07/13/2009 08:08 PM : 3abf5e7213eb28966d55d58b515d5ce9 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-irdaircomm_31bf3856ad364e35_6.1.7600.16385_none_84866db23e5a6f30\irenum.sys : 17,920 : 07/13/2009 08:08 PM : 3abf5e7213eb28966d55d58b515d5ce9 [Pos Repl]
 
 * C:\Windows\System32\drivers\ks.sys : 243,712 : 11/20/2010 11:24 PM : 24fbf5cc5c04150073c315a7c83521ee [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.1.7601.17514_none_b5a6c7c6ac83a58e\ks.sys : 243,712 : 11/20/2010 11:24 PM : 24fbf5cc5c04150073c315a7c83521ee [Pos Repl]
 
 * C:\Windows\System32\drivers\mcd.sys : 22,016 : 07/13/2009 08:01 PM : 3c9f072f9dca856b9fb7a20cbd4281ac [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft.windows.h..changer-driverclass_31bf3856ad364e35_6.1.7600.16385_none_249a5cc1e06b4240\mcd.sys : 22,016 : 07/13/2009 08:01 PM : 3c9f072f9dca856b9fb7a20cbd4281ac [Pos Repl]
 
 * C:\Windows\System32\drivers\modem.sys : 40,448 : 07/13/2009 08:10 PM : 800ba92f7010378b09f9ed9270f07137 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-u..em-core-classdriver_31bf3856ad364e35_6.1.7600.16385_none_8bf97498085ce154\modem.sys : 40,448 : 07/13/2009 08:10 PM : 800ba92f7010378b09f9ed9270f07137 [Pos Repl]
 
 * C:\Windows\System32\drivers\mouhid.sys : 31,232 : 07/13/2009 08:00 PM : d3bf052c40b0c4166d9fd86a4288c1e6 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\mouhid.sys : 31,232 : 07/13/2009 08:00 PM : d3bf052c40b0c4166d9fd86a4288c1e6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\mouhid.sys : 31,232 : 07/13/2009 08:00 PM : d3bf052c40b0c4166d9fd86a4288c1e6 [Pos Repl]
 
 * C:\Windows\System32\drivers\mrxdav.sys : 140,800 : 11/20/2010 11:24 PM : dc722758b8261e1abafd31a3c0a66380 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-webdavredir-mrxdav_31bf3856ad364e35_6.1.7601.17514_none_72d0eaa6dc5b2edb\mrxdav.sys : 140,800 : 11/20/2010 11:24 PM : dc722758b8261e1abafd31a3c0a66380 [Pos Repl]
 
 * C:\Windows\System32\drivers\mrxsmb.sys : 158,208 : 04/26/2011 10:40 PM : a5d9106a73dc88564c825d317cac68ac [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17514_none_ddb772a467bcf964\mrxsmb.sys : 158,208 : 11/20/2010 11:24 PM : faf015b07e3a2874a790a39b7d2c579f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17565_none_dd82635267e49e70\mrxsmb.sys : 158,208 : 02/23/2011 00:56 AM : c2b4651001a867ff3f8865863b592991 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17605_none_ddc344c067b3f3f1\mrxsmb.sys : 158,208 : 04/26/2011 10:40 PM : a5d9106a73dc88564c825d317cac68ac [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.21666_none_de0d006781015791\mrxsmb.sys : 158,208 : 02/22/2011 11:32 PM : cd291e3c21c61e17972dfaf8e2e2e5da [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.21714_none_de41115580da9655\mrxsmb.sys : 158,208 : 04/26/2011 10:31 PM : 8d841161a355809ef86819fd3c6361d3 [Pos Repl]
 
 * C:\Windows\System32\drivers\msfs.sys : 26,112 : 07/13/2009 07:19 PM : aa3fb40e17ce1388fa1bedab50ea8f96 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-msfs_31bf3856ad364e35_6.1.7600.16385_none_026531e2369d6d42\msfs.sys : 26,112 : 07/13/2009 07:19 PM : aa3fb40e17ce1388fa1bedab50ea8f96 [Pos Repl]
 
 * C:\Windows\System32\drivers\MSKSSRV.sys : 11,136 : 07/13/2009 08:00 PM : 49ccf2c4fea34ffad8b1b59d49439366 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernelstreamingsupport_31bf3856ad364e35_6.1.7600.16385_none_bde9acc8f46cb6db\mskssrv.sys : 11,136 : 07/13/2009 08:00 PM : 49ccf2c4fea34ffad8b1b59d49439366 [Pos Repl]
 
 * C:\Windows\System32\drivers\MSPCLOCK.sys : 7,168 : 07/13/2009 08:00 PM : bdd71ace35a232104ddd349ee70e1ab3 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernelstreamingsupport_31bf3856ad364e35_6.1.7600.16385_none_bde9acc8f46cb6db\mspclock.sys : 7,168 : 07/13/2009 08:00 PM : bdd71ace35a232104ddd349ee70e1ab3 [Pos Repl]
 
 * C:\Windows\System32\drivers\MSPQM.sys : 6,784 : 07/13/2009 08:00 PM : 4ed981241db27c3383d72092b618a1d0 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernelstreamingsupport_31bf3856ad364e35_6.1.7600.16385_none_bde9acc8f46cb6db\mspqm.sys : 6,784 : 07/13/2009 08:00 PM : 4ed981241db27c3383d72092b618a1d0 [Pos Repl]
 
 * C:\Windows\System32\drivers\ndistapi.sys : 24,064 : 07/13/2009 08:10 PM : 30639c932d9fef22b31268fe25a1b6e5 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_6c066d50910ecf5a\ndistapi.sys : 24,064 : 07/13/2009 08:10 PM : 30639c932d9fef22b31268fe25a1b6e5 [Pos Repl]
 
 * C:\Windows\System32\drivers\ndisuio.sys : 56,832 : 11/20/2010 11:24 PM : 136185f9fb2cc61e573e676aa5402356 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ndisuio_31bf3856ad364e35_6.1.7601.17514_none_ca170d32fd7da822\ndisuio.sys : 56,832 : 11/20/2010 11:24 PM : 136185f9fb2cc61e573e676aa5402356 [Pos Repl]
 
 * C:\Windows\System32\drivers\ndiswan.sys : 164,352 : 11/20/2010 11:24 PM : 53f7305169863f0a2bddc49e116c2e11 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase-ndiswan_31bf3856ad364e35_6.1.7601.17514_none_515e96306dea528f\ndiswan.sys : 164,352 : 11/20/2010 11:24 PM : 53f7305169863f0a2bddc49e116c2e11 [Pos Repl]
 
 * C:\Windows\System32\drivers\ndproxy.sys : 57,856 : 11/20/2010 11:24 PM : 015c0d8e0e0421b4cfd48cffe2825879 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_6c066d50910ecf5a\ndproxy.sys : 57,856 : 11/20/2010 11:24 PM : 015c0d8e0e0421b4cfd48cffe2825879 [Pos Repl]
 
 * C:\Windows\System32\drivers\netbios.sys : 44,544 : 07/13/2009 08:09 PM : 86743d9f5d2b1048062b14b1d84501c4 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-netbios_31bf3856ad364e35_6.1.7600.16385_none_b5d6a9d184d05567\netbios.sys : 44,544 : 07/13/2009 08:09 PM : 86743d9f5d2b1048062b14b1d84501c4 [Pos Repl]
 
 * C:\Windows\System32\drivers\netbt.sys : 261,632 : 11/20/2010 11:23 PM : 09594d1089c523423b32a4229263f068 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys : 261,632 : 11/20/2010 11:23 PM : 09594d1089c523423b32a4229263f068 [Pos Repl]
 
 * C:\Windows\System32\drivers\npfs.sys : 44,032 : 07/13/2009 07:19 PM : 1e4c4ab5c9b8dd13179bbdc75a2a01f7 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-npfs_31bf3856ad364e35_6.1.7600.16385_none_02667684369c39b6\npfs.sys : 44,032 : 07/13/2009 07:19 PM : 1e4c4ab5c9b8dd13179bbdc75a2a01f7 [Pos Repl]
 
 * C:\Windows\System32\drivers\null.sys : 6,144 : 07/13/2009 07:19 PM : 9899284589f75fa8724ff3d16aed75c1 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_055adf2434ae116e\null.sys : 6,144 : 07/13/2009 07:19 PM : 9899284589f75fa8724ff3d16aed75c1 [Pos Repl]
 
 * C:\Windows\System32\drivers\parport.sys : 97,280 : 07/13/2009 08:00 PM : 0086431c29c35be1dbc43f52cc273887 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\parport.sys : 97,280 : 07/13/2009 08:00 PM : 0086431c29c35be1dbc43f52cc273887 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\parport.sys : 97,280 : 07/13/2009 08:00 PM : 0086431c29c35be1dbc43f52cc273887 [Pos Repl]
 
 * C:\Windows\System32\drivers\portcls.sys : 230,400 : 07/13/2009 08:06 PM : 32e11315b5126921ffd9074840ef13d3 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_amd64_neutral_423894ded0ba8fdf\portcls.sys : 230,400 : 07/13/2009 08:06 PM : 32e11315b5126921ffd9074840ef13d3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_wdmaudio.inf_31bf3856ad364e35_6.1.7600.16385_none_bc5c4aba33d6af68\portcls.sys : 230,400 : 07/13/2009 08:06 PM : 32e11315b5126921ffd9074840ef13d3 [Pos Repl]
 
 * C:\Windows\System32\drivers\processr.sys : 60,416 : 07/13/2009 07:19 PM : 0d922e23c041efb1c3fac2a6f943c9bf [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\cpu.inf_amd64_neutral_ae5de2e1bf2793c3\processr.sys : 60,416 : 07/13/2009 07:19 PM : 0d922e23c041efb1c3fac2a6f943c9bf [Pos Repl]
 +-> C:\Windows\winsxs\amd64_cpu.inf_31bf3856ad364e35_6.1.7600.16385_none_b93f4c460912265a\processr.sys : 60,416 : 07/13/2009 07:19 PM : 0d922e23c041efb1c3fac2a6f943c9bf [Pos Repl]
 
 * C:\Windows\System32\drivers\rasacd.sys : 14,848 : 07/13/2009 08:10 PM : 5a0da8ad5762fa2d91678a8a01311704 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys : 14,848 : 07/13/2009 08:10 PM : 5a0da8ad5762fa2d91678a8a01311704 [Pos Repl]
 
 * C:\Windows\System32\drivers\rasl2tp.sys : 129,536 : 11/20/2010 11:24 PM : 471815800ae33e6f1c32fb1b97c490ca [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase-rasl2tp_31bf3856ad364e35_6.1.7601.17514_none_f802520bfe8dd487\rasl2tp.sys : 129,536 : 11/20/2010 11:24 PM : 471815800ae33e6f1c32fb1b97c490ca [Pos Repl]
 
 * C:\Windows\System32\drivers\raspppoe.sys : 92,672 : 07/13/2009 08:10 PM : 855c9b1cd4756c5e9a2aa58a15f58c25 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase-raspppoe_31bf3856ad364e35_6.1.7600.16385_none_b22875c7b448dfbb\raspppoe.sys : 92,672 : 07/13/2009 08:10 PM : 855c9b1cd4756c5e9a2aa58a15f58c25 [Pos Repl]
 
 * C:\Windows\System32\drivers\raspptp.sys : 111,104 : 11/20/2010 11:24 PM : f92a2c41117a11a00be01ca01a7fcde9 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase-raspptp_31bf3856ad364e35_6.1.7601.17514_none_f8152447fe76675d\raspptp.sys : 111,104 : 11/20/2010 11:24 PM : f92a2c41117a11a00be01ca01a7fcde9 [Pos Repl]
 
 * C:\Windows\System32\drivers\rdbss.sys : 309,248 : 11/20/2010 11:24 PM : 77f665941019a1594d887a74f301fa2f [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rdbss_31bf3856ad364e35_6.1.7601.17514_none_b7fadd3b7808f9d5\rdbss.sys : 309,248 : 11/20/2010 11:24 PM : 77f665941019a1594d887a74f301fa2f [Pos Repl]
 
 * C:\Windows\System32\drivers\rdpcdd.sys : 7,680 : 07/13/2009 08:16 PM : cea6cc257fc9b7715f1c2b4849286d24 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..niportdisplaydriver_31bf3856ad364e35_6.1.7600.16385_none_30d015c257effe8b\RDPCDD.sys : 7,680 : 07/13/2009 08:16 PM : cea6cc257fc9b7715f1c2b4849286d24 [Pos Repl]
 
 * C:\Windows\System32\drivers\rdpwd.sys : 210,944 : 04/27/2012 11:55 PM : e61608aa35e98999af9aaeeea6114b0a [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_a99b8db6eba2129b\rdpwd.sys : 210,944 : 11/20/2010 11:24 PM : 15b66c206b5cb095bab980553f38ed23 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17779_none_a95fb36cebce3342\rdpwd.sys : 210,944 : 02/17/2012 00:58 AM : 6d76e6433574b058adcb0c50df834492 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17830_none_a981f268ebb5dc96\rdpwd.sys : 210,944 : 04/27/2012 11:55 PM : e61608aa35e98999af9aaeeea6114b0a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.21924_none_aa1a604804c7c5cb\rdpwd.sys : 210,944 : 02/17/2012 00:48 AM : 0b93aa14e7dcd85cc82bc7d7d1ca9b24 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.21982_none_a9d7802c04fa3ac3\rdpwd.sys : 210,944 : 04/27/2012 11:51 PM : 1fe9863c6c5cc71e8e7e70f9efbd30e1 [Pos Repl]
 
 * C:\Windows\System32\drivers\rmcast.sys : 146,432 : 11/20/2010 11:24 PM : caf88d6573d21cd2aa27001ddbfdc74d [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rmcast_31bf3856ad364e35_6.1.7601.17514_none_b2a3d1a09e8a89b1\rmcast.sys : 146,432 : 11/20/2010 11:24 PM : caf88d6573d21cd2aa27001ddbfdc74d [Pos Repl]
 
 * C:\Windows\System32\drivers\rndismp.sys : 41,472 : 07/04/2012 04:26 PM : 0e01641d96889bdeb22de12d30575b08 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-miniport_31bf3856ad364e35_6.1.7600.16385_none_3d23a154a5966360\RNDISMP.sys : 41,472 : 07/13/2009 08:09 PM : fc6d5c50d846b795335deb3fce8b33f3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-miniport_31bf3856ad364e35_6.1.7601.17887_none_3f0c0c38a2baee0b\RNDISMP.sys : 41,472 : 07/04/2012 04:26 PM : 0e01641d96889bdeb22de12d30575b08 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-miniport_31bf3856ad364e35_6.1.7601.22044_none_3fbdbff7bbbb054e\RNDISMP.sys : 41,472 : 07/04/2012 04:16 PM : fdd71f94cd5580e4c1d16f96ef6c2856 [Pos Repl]
 
 * C:\Windows\System32\drivers\rootmdm.sys : 11,264 : 07/13/2009 08:10 PM : 388d3dd1a6457280f3badba9f3acd6b1 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-unimodem-core_31bf3856ad364e35_6.1.7600.16385_none_f08d2472ee3ef611\rootmdm.sys : 11,264 : 07/13/2009 08:10 PM : 388d3dd1a6457280f3badba9f3acd6b1 [Pos Repl]
 
 * C:\Windows\System32\drivers\serenum.sys : 23,552 : 07/13/2009 08:00 PM : cb624c0035412af0debec78c41f5ca1b [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serenum.sys : 23,552 : 07/13/2009 08:00 PM : cb624c0035412af0debec78c41f5ca1b [Pos Repl]
 +-> C:\Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serenum.sys : 23,552 : 07/13/2009 08:00 PM : cb624c0035412af0debec78c41f5ca1b [Pos Repl]
 
 * C:\Windows\System32\drivers\serial.sys : 94,208 : 07/13/2009 08:00 PM : c1d8e28b2c2adfaec4ba89e9fda69bd6 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys : 94,208 : 07/13/2009 08:00 PM : c1d8e28b2c2adfaec4ba89e9fda69bd6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys : 94,208 : 07/13/2009 08:00 PM : c1d8e28b2c2adfaec4ba89e9fda69bd6 [Pos Repl]
 
 * C:\Windows\System32\drivers\sffdisk.sys : 14,336 : 07/13/2009 08:01 PM : a554811bcd09279536440c964ae35bbf [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\sffdisk.inf_amd64_neutral_d2425e60845d17d3\sffdisk.sys : 14,336 : 07/13/2009 08:01 PM : a554811bcd09279536440c964ae35bbf [Pos Repl]
 +-> C:\Windows\winsxs\amd64_sffdisk.inf_31bf3856ad364e35_6.1.7601.17514_none_02618e7200897e0a\sffdisk.sys : 14,336 : 07/13/2009 08:01 PM : a554811bcd09279536440c964ae35bbf [Pos Repl]
 
 * C:\Windows\System32\drivers\sffp_sd.sys : 14,336 : 11/20/2010 11:23 PM : dd85b78243a19b59f0637dcf284da63c [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\sffdisk.inf_amd64_neutral_d2425e60845d17d3\sffp_sd.sys : 14,336 : 11/20/2010 11:23 PM : dd85b78243a19b59f0637dcf284da63c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_sffdisk.inf_31bf3856ad364e35_6.1.7601.17514_none_02618e7200897e0a\sffp_sd.sys : 14,336 : 11/20/2010 11:23 PM : dd85b78243a19b59f0637dcf284da63c [Pos Repl]
 
 * C:\Windows\System32\drivers\sfloppy.sys : 16,896 : 07/13/2009 08:01 PM : a9d601643a1647211a1ee2ec4e433ff4 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_amd64_neutral_f54222cc59267e1e\sfloppy.sys : 16,896 : 07/13/2009 08:01 PM : a9d601643a1647211a1ee2ec4e433ff4 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_42ff01d4942cc5ea\sfloppy.sys : 16,896 : 07/13/2009 08:01 PM : a9d601643a1647211a1ee2ec4e433ff4 [Pos Repl]
 
 * C:\Windows\System32\drivers\smclib.sys : 20,992 : 07/13/2009 08:00 PM : a80348ba03e96c70852959655ca3e084 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft.windows.s...smart_card_library_31bf3856ad364e35_6.1.7600.16385_none_55f89e9f01688dc0\smclib.sys : 20,992 : 07/13/2009 08:00 PM : a80348ba03e96c70852959655ca3e084 [Pos Repl]
 
 * C:\Windows\System32\drivers\srv.sys : 467,456 : 04/28/2011 11:06 PM : 441fba48bff01fdb9d5969ebc1838f0b [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7601.17514_none_381d6eca0d132216\srv.sys : 468,992 : 11/20/2010 11:23 PM : 2098b8556d1cec2aca9a29cd479e3692 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7601.17608_none_382c41c40d0768a8\srv.sys : 467,456 : 04/28/2011 11:06 PM : 441fba48bff01fdb9d5969ebc1838f0b [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7601.21717_none_38aa0e59262e0b0c\srv.sys : 467,456 : 04/28/2011 10:54 PM : 10586f14752ace786ab120ff8bb6bda4 [Pos Repl]
 
 * C:\Windows\System32\drivers\stream.sys : 68,864 : 07/13/2009 08:06 PM : 001cc10fa5e71ae1119115e126c8750d [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-streamclass_31bf3856ad364e35_6.1.7600.16385_none_ba5987585153b623\stream.sys : 68,864 : 07/13/2009 08:06 PM : 001cc10fa5e71ae1119115e126c8750d [Pos Repl]
 
 * C:\Windows\System32\drivers\tape.sys : 29,184 : 07/13/2009 08:01 PM : 6e316c01cba8b785fe495f5cc4f48c6f [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft.windows.h..pedrive-driverclass_31bf3856ad364e35_6.1.7600.16385_none_ee1ec21ed6ff8107\tape.sys : 29,184 : 07/13/2009 08:01 PM : 6e316c01cba8b785fe495f5cc4f48c6f [Pos Repl]
 
 * C:\Windows\System32\drivers\tdi.sys : 26,624 : 11/20/2010 11:24 PM : 6f020a220388eca0ab6062dc27bd16b6 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-tdi-driver_31bf3856ad364e35_6.1.7601.17514_none_c5144dfb4c96036b\tdi.sys : 26,624 : 11/20/2010 11:24 PM : 6f020a220388eca0ab6062dc27bd16b6 [Pos Repl]
 
 * C:\Windows\System32\drivers\tdpipe.sys : 15,872 : 07/13/2009 08:16 PM : 3371d21011695b16333a3934340c4e7c [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdpipe.sys : 15,872 : 07/13/2009 08:16 PM : 3371d21011695b16333a3934340c4e7c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17779_none_399662915b82edbf\tdpipe.sys : 15,872 : 07/13/2009 08:16 PM : 3371d21011695b16333a3934340c4e7c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.21924_none_3a510f6c747c8048\tdpipe.sys : 15,872 : 07/13/2009 08:16 PM : 3371d21011695b16333a3934340c4e7c [Pos Repl]
 
 * C:\Windows\System32\drivers\tdtcp.sys : 23,552 : 02/17/2012 00:57 AM : 51c5eceb1cdee2468a1748be550cfbc8 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdtcp.sys : 23,552 : 07/13/2009 08:16 PM : e4245bda3190a582d55ed09e137401a9 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17779_none_399662915b82edbf\tdtcp.sys : 23,552 : 02/17/2012 00:57 AM : 51c5eceb1cdee2468a1748be550cfbc8 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.21924_none_3a510f6c747c8048\tdtcp.sys : 23,552 : 02/17/2012 00:47 AM : 7463523827b104317de03a87c6d3ea1b [Pos Repl]
 
 * C:\Windows\System32\drivers\tdx.sys : 119,296 : 11/20/2010 11:24 PM : ddad5a7ab24d8b65f8d724f5c20fd806 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys : 119,296 : 11/20/2010 11:24 PM : ddad5a7ab24d8b65f8d724f5c20fd806 [Pos Repl]
 
 * C:\Windows\System32\drivers\udfs.sys : 328,192 : 11/20/2010 11:23 PM : ff4232a1a64012baa1fd97c7b67df593 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-udfs_31bf3856ad364e35_6.1.7601.17514_none_049f9db233833b25\udfs.sys : 328,192 : 11/20/2010 11:23 PM : ff4232a1a64012baa1fd97c7b67df593 [Pos Repl]
 
 * C:\Windows\System32\drivers\usb8023.sys : 19,968 : 02/12/2013 00:12 AM : 92b3172e8c14c1444682f510843a9988 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7600.16385_none_20e1b69f6c5c4250\usb8023.sys : 19,968 : 07/13/2009 08:09 PM : d0fe8cb5f84303e73ff0754437fad3d1 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7601.18076_none_22d3cb2d6979c81c\usb8023.sys : 19,968 : 02/12/2013 00:12 AM : 92b3172e8c14c1444682f510843a9988 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7601.22248_none_237fda36827d43e8\usb8023.sys : 19,968 : 02/11/2013 11:59 PM : a6db4451eefe7b9ef5bd0c5fe0c09125 [Pos Repl]
 
 * C:\Windows\System32\drivers\usbcamd2.sys : 32,896 : 11/20/2010 11:24 PM : 292a8e03b3fce04e39b5be9b14132030 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-usbcamd_31bf3856ad364e35_6.1.7601.17514_none_fdae66ff8eda989e\USBCAMD2.sys : 32,896 : 11/20/2010 11:24 PM : 292a8e03b3fce04e39b5be9b14132030 [Pos Repl]
 
 * C:\Windows\System32\drivers\usbccgp.sys : 98,816 : 03/24/2011 11:29 PM : 6f1a3157a1c89435352ceb543cdb359c [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_amd64_neutral_153b489118ee37b8\usbccgp.sys : 98,816 : 03/24/2011 11:29 PM : 6f1a3157a1c89435352ceb543cdb359c [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_amd64_neutral_269d7150439b3372\usbccgp.sys : 98,816 : 11/20/2010 11:23 PM : 481dff26b4dca8f4cbac1f7dce1d6829 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usb.inf_31bf3856ad364e35_6.1.7601.17514_none_291e6c652511ddb0\usbccgp.sys : 98,816 : 11/20/2010 11:23 PM : 481dff26b4dca8f4cbac1f7dce1d6829 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usb.inf_31bf3856ad364e35_6.1.7601.17586_none_28d4bd852548d3f5\usbccgp.sys : 98,816 : 03/24/2011 11:29 PM : 6f1a3157a1c89435352ceb543cdb359c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usb.inf_31bf3856ad364e35_6.1.7601.21692_none_294f893c3e722a54\usbccgp.sys : 99,328 : 03/24/2011 11:24 PM : 19ad7990c0b67e48dac5b26f99628223 [Pos Repl]
 
 * C:\Windows\System32\drivers\usbd.sys : 7,936 : 03/24/2011 11:28 PM : cca2ab1752a61f29c3c941cd79d78cea [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbd.sys : 7,936 : 03/24/2011 11:28 PM : cca2ab1752a61f29c3c941cd79d78cea [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbd.sys : 7,936 : 07/13/2009 08:06 PM : 63c8d74bed9f80f4dd0aa7a3101eb639 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_1be864e21a2d2b97\usbd.sys : 7,936 : 07/13/2009 08:06 PM : 63c8d74bed9f80f4dd0aa7a3101eb639 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_1b9eb6021a6421dc\usbd.sys : 7,936 : 03/24/2011 11:28 PM : cca2ab1752a61f29c3c941cd79d78cea [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_1c1981b9338d783b\usbd.sys : 7,936 : 03/24/2011 11:24 PM : 9fed58941ec600a96cb0cc37ec841ffb [Pos Repl]
 
 * C:\Windows\System32\drivers\usbehci.sys : 52,736 : 03/24/2011 11:29 PM : c025055fe7b87701eb042095df1a2d7b [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbehci.sys : 52,736 : 03/24/2011 11:29 PM : c025055fe7b87701eb042095df1a2d7b [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbehci.sys : 52,224 : 11/20/2010 11:23 PM : 74ee782b1d9c241efe425565854c661c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_1be864e21a2d2b97\usbehci.sys : 52,224 : 11/20/2010 11:23 PM : 74ee782b1d9c241efe425565854c661c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_1b9eb6021a6421dc\usbehci.sys : 52,736 : 03/24/2011 11:29 PM : c025055fe7b87701eb042095df1a2d7b [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_1c1981b9338d783b\usbehci.sys : 52,736 : 03/24/2011 11:24 PM : db1d7bfac2ae51766aad8f4edad753d0 [Pos Repl]
 
 * C:\Windows\System32\drivers\usbhub.sys : 343,040 : 03/24/2011 11:29 PM : 287c6c9410b111b68b52ca298f7b8c24 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_amd64_neutral_153b489118ee37b8\usbhub.sys : 343,040 : 03/24/2011 11:29 PM : 287c6c9410b111b68b52ca298f7b8c24 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_amd64_neutral_269d7150439b3372\usbhub.sys : 343,040 : 11/20/2010 11:23 PM : dc96bd9ccb8403251bcf25047573558e [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbhub.sys : 343,040 : 03/24/2011 11:29 PM : 287c6c9410b111b68b52ca298f7b8c24 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbhub.sys : 343,040 : 11/20/2010 11:23 PM : dc96bd9ccb8403251bcf25047573558e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usb.inf_31bf3856ad364e35_6.1.7601.17514_none_291e6c652511ddb0\usbhub.sys : 343,040 : 11/20/2010 11:23 PM : dc96bd9ccb8403251bcf25047573558e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usb.inf_31bf3856ad364e35_6.1.7601.17586_none_28d4bd852548d3f5\usbhub.sys : 343,040 : 03/24/2011 11:29 PM : 287c6c9410b111b68b52ca298f7b8c24 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usb.inf_31bf3856ad364e35_6.1.7601.21692_none_294f893c3e722a54\usbhub.sys : 343,040 : 03/24/2011 11:24 PM : 8b892002d7b79312821169a14317ab86 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_1be864e21a2d2b97\usbhub.sys : 343,040 : 11/20/2010 11:23 PM : dc96bd9ccb8403251bcf25047573558e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_1b9eb6021a6421dc\usbhub.sys : 343,040 : 03/24/2011 11:29 PM : 287c6c9410b111b68b52ca298f7b8c24 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_1c1981b9338d783b\usbhub.sys : 343,040 : 03/24/2011 11:24 PM : 8b892002d7b79312821169a14317ab86 [Pos Repl]
 
 * C:\Windows\System32\drivers\usbport.sys : 325,120 : 03/24/2011 11:29 PM : ae259c75f9a0b057b6bf9e9695632b09 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbport.sys : 325,120 : 03/24/2011 11:29 PM : ae259c75f9a0b057b6bf9e9695632b09 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbport.sys : 325,120 : 11/20/2010 11:23 PM : b6d64ee607637301ff8c33139b4950de [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_1be864e21a2d2b97\usbport.sys : 325,120 : 11/20/2010 11:23 PM : b6d64ee607637301ff8c33139b4950de [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_1b9eb6021a6421dc\usbport.sys : 325,120 : 03/24/2011 11:29 PM : ae259c75f9a0b057b6bf9e9695632b09 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_1c1981b9338d783b\usbport.sys : 325,120 : 03/24/2011 11:24 PM : 985205ef2e427b4f5e464f0f0f8671f0 [Pos Repl]
 
 * C:\Windows\System32\drivers\USBSTOR.sys : 91,648 : 03/11/2011 00:37 AM : fed648b01349a3c8395a5169db5fb7d6 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_amd64_neutral_0725c2806a159a9d\USBSTOR.SYS : 91,648 : 11/20/2010 11:23 PM : d76510cfa0fc09023077f22c2f979d86 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_amd64_neutral_26b33263a639795d\USBSTOR.SYS : 91,648 : 03/11/2011 00:37 AM : fed648b01349a3c8395a5169db5fb7d6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7601.17514_none_a6ac5425ae72a584\USBSTOR.SYS : 91,648 : 11/20/2010 11:23 PM : d76510cfa0fc09023077f22c2f979d86 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7601.17577_none_a66e757baea0992f\USBSTOR.SYS : 91,648 : 03/11/2011 00:37 AM : fed648b01349a3c8395a5169db5fb7d6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7601.21680_none_a6e64054c7cca389\USBSTOR.SYS : 91,648 : 03/11/2011 00:21 AM : 36106ac439edfbb7b8bdbf99079c7590 [Pos Repl]
 
 * C:\Windows\System32\drivers\usbuhci.sys : 30,720 : 03/24/2011 11:29 PM : 62069a34518bcf9c1fd9e74b3f6db7cd [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbuhci.sys : 30,720 : 03/24/2011 11:29 PM : 62069a34518bcf9c1fd9e74b3f6db7cd [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbuhci.sys : 30,720 : 07/13/2009 08:06 PM : 81fb2216d3a60d1284455d511797db3d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_1be864e21a2d2b97\usbuhci.sys : 30,720 : 07/13/2009 08:06 PM : 81fb2216d3a60d1284455d511797db3d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_1b9eb6021a6421dc\usbuhci.sys : 30,720 : 03/24/2011 11:29 PM : 62069a34518bcf9c1fd9e74b3f6db7cd [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_1c1981b9338d783b\usbuhci.sys : 30,720 : 03/24/2011 11:24 PM : 23d13cd7d90e8857f06647fed5d0f3dd [Pos Repl]
 
 * C:\Windows\System32\drivers\vga.sys : 29,184 : 07/13/2009 07:38 PM : 53e92a310193cb3c03bea963de7d9cfc [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-standardvga_31bf3856ad364e35_6.1.7600.16385_none_f881232cf3b0c322\vga.sys : 29,184 : 07/13/2009 07:38 PM : 53e92a310193cb3c03bea963de7d9cfc [Pos Repl]
 
 * C:\Windows\System32\drivers\videoprt.sys : 129,024 : 07/13/2009 07:38 PM : e7353d59c9842bc7299faeb7e7e09340 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-videoport_31bf3856ad364e35_6.1.7600.16385_none_180f3dba1e158073\videoprt.sys : 129,024 : 07/13/2009 07:38 PM : e7353d59c9842bc7299faeb7e7e09340 [Pos Repl]
 
 * C:\Windows\System32\drivers\wanarp.sys : 88,576 : 11/20/2010 11:24 PM : 356afd78a6ed4457169241ac3965230c [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_6c066d50910ecf5a\wanarp.sys : 88,576 : 11/20/2010 11:24 PM : 356afd78a6ed4457169241ac3965230c [Pos Repl]
 
 * C:\Windows\System32\drivers\ws2ifsl.sys : 21,504 : 07/13/2009 08:10 PM : 6bcc1d7d2fd2453957c5479a32364e52 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys : 21,504 : 07/13/2009 08:10 PM : 6bcc1d7d2fd2453957c5479a32364e52 [Pos Repl]
 
Checking HOSTS File: 
 
 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.
 
Program finished at: 09/11/2013 10:35:06 PM
Execution time: 0 hours(s), 38 minute(s), and 6 seconds(s)
 
Show-Hidden Log
 

Show Hidden by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
Show Hidden will display all hidden folders on your computer.
You can use the -f argument to display hidden files as well.
 
Program started at: 09/12/2013 01:34:08 AM
Windows Version: Windows 7
 
Please be patient while your hard drives are scanned.
 
Scanning the C:\ drive
 
 * C:\$AVG
 * C:\$Recycle.Bin\S-1-5-18
 * C:\$Recycle.Bin\S-1-5-21-2678646111-2764685650-3069370454-1008
 * C:\ProgramData\Common Files
 * C:\ProgramData\Microsoft\WwanSvc\Profiles
 * C:\System Volume Information
 * C:\Users\All Users\Common Files
 * C:\Users\All Users\Microsoft\WwanSvc\Profiles
 * C:\Users\merysta\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads
 * C:\Users\merysta\AppData\Local\Microsoft\Windows\Burn\Burn
 * C:\Users\merysta\AppData\Local\Microsoft\Windows\History\History.IE5
 * C:\Users\merysta\AppData\Local\Microsoft\Windows\History\Low\History.IE5
 * C:\Users\merysta\AppData\Local\Microsoft\Windows\Temporary Internet Files
 * C:\Users\merysta\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
 * C:\Users\merysta\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5
 * C:\Users\merysta\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
 * C:\Users\merysta\AppData\Local\Microsoft\Windows\WebCache
 * C:\Users\merysta\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore
 * C:\Users\merysta\AppData\Roaming\Microsoft\Windows\Cookies
 * C:\Users\merysta\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
 * C:\Users\merysta\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
 * C:\Users\merysta\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
 * C:\Windows\Installer
 * C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files
 * C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
 * C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files
 * C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
 * C:\Windows\winsxs\Temp\PendingDeletes
 
Finished scanning the C:\ drive. 28 hidden items found.
 
Program finished at: 09/12/2013 01:36:19 AM
Execution time: 0 hours(s), 2 minute(s), and 10 seconds(s)
 

 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,924 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:37 PM

Posted 13 September 2013 - 08:46 PM

This looks infected... But as you ran ComboFix we need to see that log and a DDS log.
Please do steps 6,7 and 8 here.. Repost your above info the CFix and DDS logs.

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 davidolson255

davidolson255
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:37 PM

Posted 14 September 2013 - 04:27 AM

I attached the log file for DDS, but can't get ComboFix to finish running.  The last attempt it got stuck on "Computer is infected on C:\Windows\System\Servers.exe".
 
Also, get a text box pop up on restart, every time.  It's a desktop.ini file.  I did my best to take a screenshot of it.  Also I had previously installed Xfinity Constant Guard.  That window always pops up on restart as well, but everytime I close it...it opens itself back up.  it's annoying.  I just want to be sure that I'm giving you as much details as possible.  I finally was able to get these network adapter working enough so that I could get this laptop online.  So as of right now, it's on my network.  Speaking of that, I noticed that there is a AdHoc listing when I look for nearby WIFI connections.  The name is merysta (which is my wifes name..this is her laptop).  We never set that up.  I'll try to get a screen shot of that as well.  I can make screenshots just fine, but finding it very difficult to be able to find a folder that will allow me to save it.  Not sure what thats about.  This laptop is possessed.  It seriously scares me.

 

 



#6 davidolson255

davidolson255
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:37 PM

Posted 14 September 2013 - 04:36 AM

Sorry...I wanted to add in the screen shot of that adhoc connection coming from this laptop.

 

http://i839.photobucket.com/albums/zz317/davidolson255/Issues/05bbdf7c-69ae-4e89-ae12-14ae17b91705_zps9f852bd4.jpg



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,924 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:37 PM

Posted 14 September 2013 - 10:31 AM

OK, that is good.. Leave ComboFix alone until asked.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 2 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users