Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ZeroAccess Reparsing point Found - I need your Help! thnx


  • This topic is locked This topic is locked
58 replies to this topic

#1 Guitarbuilder

Guitarbuilder

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 30 December 2013 - 01:48 PM

ZeroAccess Reparsing point Found:

 

I need your Help PLEASE! Thank you in advance.

 

I read a post by "backerfan",  which is almost identical to my problem.I'm working from my lap top to solve this problem which is on my PC.

 

 

I first notice a problem while using Internet Explorer, I could not access Google.com,

I then saw that Microsoft Security essentials was not running.

I tried to start MSE and just get an Error code: 0x80096001

I search for answers onthe internet from my laptop nad tried several programs:

Malwarebytes, Rkill, HitmanPro, etc. They have found varios PUP's and other maleware, and removed them. but i'm still having the same problem.

Rkill recognized a ZeroAccess point, but nothing has resolved this issue.

 

Windows Explorer stopped working, it will not allow me to search, it does nothing.

 

I was somehow able to indirectly get to microsofts website, tried to download MSE, it does nothing.

the Handwriting language toolbar started popping up when I had to allow AUC, i have since stopped it from popping up.

 

I've ran the DDS and posted text below.

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16428
Run by Brad at 12:30:05 on 2013-12-30
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3070.1405 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, enhanced for Bing and MSN
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uProxyOverride = 127.0.0.1;<local>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [SandboxieControl] "k:\sandboxie\SbieCtrl.exe"
uRun: [Wondershare Helper Compact.exe] "c:\program files\common files\wondershare\wondershare helper compact\WSHelperSetup.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F281A59C-7B65-11D3-8617-0010830243BD} -
file:///C:/Program%20Files/Land%20Desktop%203/AcPreview.ocx
TCP: NameServer = 192.168.17.1
TCP: Interfaces\{8CEE001F-F5D7-449A-B8DA-D41DC3374A93} : DHCPNameServer = 192.168.17.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Authentication Packages =  msv1_0 wvauth
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]
R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\rsdrv.sys [2013-5-17 22312]
R2 Autodesk Content Service;Autodesk Content Service;c:\program files\autodesk\content service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-12-27 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-12-27 701512]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 104768]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2013-8-9 413472]
R3 k57nd60x;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2010-3-5 273448]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-12-27 22856]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 dlbf_device;dlbf_device;c:\windows\system32\dlbfcoms.exe -service --> c:\windows\system32\dlbfcoms.exe -service [?]
S2 gupdate1cacdfadb3411c1;Google Update Service (gupdate1cacdfadb3411c1);"c:\program files\google\update\googleupdate.exe" /svc --> c:\program files\google\update\GoogleUpdate.exe [?]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2011-8-24 430136]
S2 tvnserver;TightVNC Server;"c:\program files\tightvnc\tvnserver.exe" -service --> c:\program files\tightvnc\tvnserver.exe [?]
S3 A_USBETHMP;USB PowerPacket Network Adapter;c:\windows\system32\drivers\usbethmp.sys [2009-7-9 14342]
S3 androidusb;Google Device Driver;c:\windows\system32\drivers\wsadb.sys [2013-12-2 34792]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 FEBF;FEBF;c:\users\brad\appdata\local\temp\FEBF.exe [2013-12-28 342912]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-7-1 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2013-12-28 108032]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-3-25 14848]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 STVrds;RadioShack Dual Mode Camera;c:\windows\system32\drivers\stvrds.sys [2011-12-1 113072]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-3-25 49664]
S3 ubloxusb;ubloxusb;c:\windows\system32\drivers\ubloxusb.sys [2009-11-27 75264]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-24 1343400]
S3 WLRAWMp50x86;WLRAWMp50x86 NDIS Protocol Driver;c:\windows\system32\drivers\WLRAWMp50x86.sys [2013-5-2 28312]
S3 WLRAWSp50x86;WLRAWSp50x86 NDIS Protocol Driver;c:\windows\system32\drivers\WLRAWSp50x86.sys [2013-5-2 27032]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=c:\windows\system32\notepad.exe "%1"
.
=============== Created Last 30 ================
.
2013-12-28 20:25:37 -------- d-----w- c:\users\brad\appdata\roaming\FixZeroAccess
2013-12-28 06:41:13 719224 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{fad9f7dc-742b-4773-a55b-8818dbbbe9f7}\gapaengine.dll
2013-12-28 06:40:26 5283152 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0a39b6ec-18e9-4347-96cd-7ec36aad3cdb}\mpengine.dll
2013-12-28 06:29:00 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{e032b99a-1de7-494b-ba18-a72ee0b3aaf2}\mpengine.dll
2013-12-27 17:37:11 806096 ----a-w- c:\program files\internet explorer\iexplore.exe
2013-12-27 17:31:38 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-12-27 17:15:41 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-12-27 14:12:19 -------- d-----w- c:\program files\HitmanPro
2013-12-26 15:23:57 -------- d-----w- c:\users\brad\appdata\local\CrashDumps
2013-12-26 15:21:47 -------- d-----w- c:\users\brad\appdata\roaming\MSNInstaller
2013-12-25 00:43:17 -------- d-----w- c:\programdata\HitmanPro
2013-12-25 00:35:01 -------- dc----w- C:\Fix it portable
2013-12-24 19:33:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-12-24 16:18:18 -------- d-----w- c:\users\brad\appdata\roaming\Malwarebytes
2013-12-24 16:18:07 -------- d-----w- c:\programdata\Malwarebytes
2013-12-24 16:04:24 -------- d-----w- c:\users\brad\appdata\local\NPE
2013-12-24 16:04:23 -------- d-----w- c:\programdata\Norton
2013-12-11 05:25:23 -------- d-----w- c:\windows\Migration
2013-12-11 05:18:13 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-11 05:18:12 164864 ----a-w- c:\program files\windows media player\wmplayer.exe
2013-12-10 22:44:29 301568 ----a-w- c:\windows\system32\msieftp.dll
2013-12-10 22:44:28 159232 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-10 22:44:27 163840 ----a-w- c:\windows\system32\scrrun.dll
2013-12-10 22:44:27 141824 ----a-w- c:\windows\system32\wscript.exe
2013-12-10 22:44:27 126976 ----a-w- c:\windows\system32\cscript.exe
2013-12-10 22:44:27 121856 ----a-w- c:\windows\system32\wshom.ocx
2013-12-10 22:44:25 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-10 22:44:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-10 22:44:19 2349056 ----a-w- c:\windows\system32\win32k.sys
2013-12-10 22:44:16 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-10 22:44:16 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-03 14:13:03 -------- d-----w- c:\program files\common files\SupportSoft
2013-12-02 20:52:44 -------- dc----w- C:\01 phone recovery
2013-12-02 17:53:18 34792 ----a-w- c:\windows\system32\drivers\wsadb.sys
2013-12-02 17:53:18 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2013-12-02 17:50:34 -------- d-----w- c:\users\brad\appdata\local\Wondershare
2013-12-02 17:50:28 -------- d-----w- c:\program files\common files\Wondershare
2013-12-02 17:50:03 -------- d-----w- c:\users\brad\appdata\roaming\Wondershare
2013-12-02 17:50:01 -------- d--h--w- c:\program files\DrFoneAndroid_Temp
.
==================== Find3M  ====================
.
2013-11-26 09:23:02 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 09:22:11 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 08:53:56 61952 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 08:52:26 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 08:29:55 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 08:29:52 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 08:28:16 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 07:32:06 1928192 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 06:33:33 1820160 ----a-w- c:\windows\system32\wininet.dll
2013-11-19 18:55:35 0 ----a-w- c:\windows\system32\RENA8B4.tmp
2013-11-19 18:55:35 0 ----a-w- c:\windows\system32\RENA8B3.tmp
2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-10-12 02:03:08 656896 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:01:41 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:01:25 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-05 19:57:25 1168384 ----a-w- c:\windows\system32\crypt32.dll
2013-10-04 01:58:50 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- c:\windows\system32\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- c:\windows\system32\authui.dll
2013-10-03 01:58:07 305152 ----a-w- c:\windows\system32\gdi32.dll
1997-07-21 23:30:54 1045776 --sha-w- c:\windows\system32\Msjet35.dll
1997-06-23 07:00:00 123664 --sha-w- c:\windows\system32\Msjint35.dll
1997-06-23 16:06:50 24848 --sha-w- c:\windows\system32\Msjter35.dll
1997-06-23 16:06:50 252176 --sha-w- c:\windows\system32\Msrd2x35.dll
1997-06-23 16:06:50 287504 --sha-w- c:\windows\system32\Msxbse35.dll
.
============= FINISH: 12:30:41.99 ===============

 

 

 

Attached Files


Edited by Guitarbuilder, 30 December 2013 - 05:15 PM.


BC AdBot (Login to Remove)

 


#2 Guitarbuilder

Guitarbuilder
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 30 December 2013 - 02:02 PM

Editted original post to be more thorough.

 

Patiently waiting for your assitance, thanks in advance.


Edited by Guitarbuilder, 30 December 2013 - 05:17 PM.


#3 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:17 PM

Posted 01 January 2014 - 10:36 AM

Hello and welcome.  Please follow these guidelines while we work on your PC:

  • Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I’ve given you the “All clear.”  Absence of symptoms does not mean your machine is clean!
  • Please do not run any scans or install/uninstall any applications without being directed to do so.
  • Please note that the forum is very busy and if I don't hear from you within five days this thread will be closed.

icon11.gif   Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#4 Guitarbuilder

Guitarbuilder
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 01 January 2014 - 11:03 AM

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-12-2013 01
Ran by Brad at 2014-01-01 10:50:34
Running from C:\Users\Brad\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (Version:  - Microsoft)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.174 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Photoshop Elements (Version: 1.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609 - Adobe Systems, Inc.)
Akamai NetSession Interface (Version:  - Akamai Technologies, Inc)
AnswerWorks Runtime (Version:  - )
AppInventor Setup (Version: 1.1 - Google Inc.)
Apple Application Support (Version: 1.2.1 - Apple Inc.)
Auto Care (Version:  - )
AutoCAD 2000 (Version:  - )
AutoCAD 2012 - English (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 Language Pack - English (Version: 18.2.51.0 - Autodesk)
AutoCAD 2014 - English (Version: 19.1.18.0 - Autodesk)
AutoCAD 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk)
AutoCAD Architecture 2012 - English (Version: 6.7.49.0 - Autodesk)
AutoCAD Architecture 2012 Language Pack - English (Version: 18.2.51.0 - Autodesk)
Autodesk App Manager (Version: 1.1.0 - Autodesk)
Autodesk Content Service (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service Language Pack (Version: 3.1.3.0 - Autodesk)
Autodesk Featured Apps (Version: 1.1.0 - Autodesk)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk)
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk)
Autodesk Land Desktop 3 (Version: 5.25.0.71 - Autodesk)
Autodesk Material Library 2012 (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (Version: 2.5.0.8 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk)
BioAPI Framework (Version: 1.0.1 - Dell Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (Version: 12.25.02 - Broadcom Corporation)
Common (Version: 14.0.0.342 - Corel Corporation)
Contents (Version: 14.0.0.342 - Corel Corporation)
Corel VideoStudio Pro X4 (Version: 14.3.0.5 - Corel Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft)
DCP32MMWrapper (Version: 1.6.334.60 - Broadcom Corporation)
Dell Control Point (Version: 1.6.334.60 - Broadcom Corporation)
Dell ControlPoint Security Manager (Version: 1.6.334.60 - Dell Inc.)
Dell Edoc Viewer (Version: 1.0.0 - Dell Inc)
Dell Embassy Trust Suite by Wave Systems (Version: 03.04.00.063 - Wave Systems Corp)
Dell Security Device Driver Pack (Version: 1.3.039 - Dell Inc.)
Dell System Detect (Version: 4.0.5.6 - Dell)
Desktop Support Tools (Version:  - Time Warner Cable)
DeviceIO (Version: 14.0.0.342 - Corel Corporation)
Digital Cable Advisor (Version: 1.0.0.0 - Microsoft Corporation)
Document Manager Lite (Version: 06.09.00.121 - Wave Systems Corp.)
EMBASSY Security Center (Version: 03.09.00.092 - Wave Systems Corp)
EMBASSY Security Setup (Version: 03.09.00.102 - Wave Systems Corp)
ESC Home Page Plugin (Version: 03.04.00.029 - Wave Systems Corp)
FARO LS 1.1.406.58 (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (Version: 5.1.0.30630 - FARO Scanner Production)
Gemalto (Version: 01.01.00.0000 - Wave Systems Corp)
Google Chrome (Version: 31.0.1650.63 - Google Inc.)
Google Earth (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.)
Guitar Pro 4.0.7 (Version:  - )
ICA (Version: 14.0.0.342 - Corel Corporation)
iCare Data Recovery 5.2 (Version:  - iCare Software)
Internet TV for Windows Media Center (Version: 4.2.2.0 - Microsoft Corporation)
IPM_VS_Pro (Version: 13.0 - Corel Corporation)
ISCOM (Version: 14.0.0.342 - Corel Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (Version: 12.0.4518.1068 - Microsoft Corporation)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office XP Media Content (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Office XP Small Business (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation)
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
MSN (Version: 10.50.0652.0 - Microsoft Corporation)
MSVCRT (Version: 15.4.2862.0708 - Microsoft)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0 - Microsoft Corporation)
NewBlue Free Effects for Windows (Version: 1.4 - NewBlue)
NewBlue Light Rays for Corel X4 (Version: 1.4 - NewBlue)
NTRU TCG Software Stack (Version: 2.1.29 - NTRU Cryptosystems)
NVIDIA 3D Vision Controller Driver (Version: 280.19 - NVIDIA Corporation)
NVIDIA 3D Vision Controller Driver 280.19 (Version: 280.19 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 320.78 (Version: 320.78 - NVIDIA Corporation)
NVIDIA Control Panel 320.78 (Version: 320.78 - NVIDIA Corporation)
NVIDIA Display Control Panel (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Graphics Driver 320.78 (Version: 320.78 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation)
NVIDIA PhysX (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.2078 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation)
Octoshape add-in for Adobe Flash Player (Version:  - )
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (Version: 1.3.0 - Microsoft Corporation)
PMB (Version: 5.8.02.10270 - Sony Corporation)
PowerDVD DX (Version: 8.3.5424 - CyberLink Corp.)
Preboot Manager (Version: 02.09.00.071 - Wave Systems Corp.)
Primo (Version: 1.00.0000 - Your Company Name)
Private Information Manager (Version: 06.04.00.047 - Wave Systems Corp.)
PureHD (Version: 14.0.0.342 - Corel Corporation)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation)
Realtek High Definition Audio Driver (Version: 6.0.1.5871 - Realtek Semiconductor Corp.)
Runtime (Version: 1.00.0000 - Your Company Name)
Sandboxie 4.04 (32-bit) (Version: 4.04 - Sandboxie Holdings, LLC)
SeaTools for Windows (Version: 1.2.0.6 - Seagate Technology)
Security Wizards (Version: 01.07.00.016 - Your Company Name)
Serif DrawPlus X3 (Version: 10.0.3.022 - Serif (Europe) Ltd)
Serif DrawPlus X3 Resources (Version: 10.0.1.009 - Serif (Europe) Ltd)
Serif PhotoPlus X3 (Version: 13.0.2.012 - Serif (Europe) Ltd)
Serif PhotoPlus X3 Studio Extras (Version: 13.0.0.004 - Serif (Europe) Ltd)
Serif WebPlus X4 (Version: 12.0.5.033 - Serif (Europe) Ltd)
Serif WebPlus X4 Bonus Content Pack (Version: 12.0.2.017 - Serif (Europe) Ltd)
Serif WebPlus X4 Resources (Version: 12.0.0.008 - Serif (Europe) Ltd)
Setup (Version: 14.0.0.342 - Corel Corporation)
Share (Version: 14.0.0.342 - Corel Corporation)
SketchUp Import for AutoCAD 2014 (Version: 1.1.0 - Autodesk)
Skype Click to Call (Version: 5.6.8442 - Skype Technologies S.A.)
SmartSound Common Data (Version: 1.1.0 - SmartSound Software Inc.)
SO32MMWrapper (Version: 1.6.334.60 - Broadcom Corporation)
System Requirements Lab (Version:  - )
TightVNC (Version: 2.6.0.0 - GlavSoft LLC.)
Trusted Drive Manager (Version: 3.1.0.116 - Wave Systems Corp.)
Update for 2007 Microsoft Office System (KB967642) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (Version:  - Microsoft)
UPEK TouchChip Fingerprint Reader (Version: 1.1.0 - Dell Inc.)
VIO (Version: 14.0.0.342 - Corel Corporation)
VSClassic (Version: 14.0.0.342 - Corel Corporation)
VSPro (Version: 14.0.0.342 - Corel Corporation)
Wave Infrastructure Installer (Version: 07.00.21.0000 - Wave Systems Corp)
Wave Support Software (Version: 05.10.00.046 - Wave Systems Corp)
WiLife Command Center 2.5 (Version: 2.5.968 - WiLife)
WiLife Command Center USB Driver x86 (Version: 2.5.0000 - Logitech)
Windows Driver Package - Dell Inc. PBADRV System  (01/07/2008 1.0.1.5) (Version: 01/07/2008 1.0.1.5 - Dell Inc.)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation)
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Media Center Add-in for Flash (Version: 4.1.2.0 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Encoder 9 Series (Version:  - )
Windows Media Encoder 9 Series (Version: 9.00.2980 - Microsoft Corporation)
WinRAR archiver (Version:  - )
WinUndelete 3.50 (Version:  - WinRecovery Software)
WinZip 15.0 (Version: 15.0.9302 - WinZip Computing, S.L. )
Wondershare Dr.Fone for Android(Build 3.5.1.49) (Version: 3.5.1.49 - Wondershare Software Co.,Ltd.)
Wondershare Photo Recovery (build 3.0.3) (Version:  - Wondershare Software Co., Ltd.)

==================== Restore Points  =========================

28-12-2013 05:37:12 Removed Job Cost Estimator
28-12-2013 06:25:22 Windows Update
30-12-2013 14:02:44 Removed Autodesk Material Library 2014.
30-12-2013 14:10:33 Removed Skype Click to Call
30-12-2013 15:28:39 Removed Java 7 Update 45

==================== Hosts content: ==========================

2012-08-18 16:27 - 2012-08-18 16:27 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {03715F4F-5268-4186-BC99-B193C321336D} - \59eb5760 No Task File
Task: {086333BB-382C-4136-A418-DF6B1785A574} - System32\Tasks\{F4B21A71-7388-44C7-88A5-2F930B62E1E7} => C:\Program Files\Deskshare\Video Edit Magic 4.4\Video Edit Magic.exe
Task: {099F763D-C948-4277-B7CF-1EF1C7F0985B} - \e60b00e0 No Task File
Task: {09B783F6-FF00-4A65-B662-5C8D1CD7D929} - System32\Tasks\{5907051D-68FA-41E9-BBE6-4940C4471F87} => C:\Program Files\Land Desktop 3\acad.exe [2011-09-08] (Autodesk, Inc.)
Task: {0AC8588D-F8F2-4CA9-A375-F40751F30EFE} - System32\Tasks\{0178F867-1D3E-4266-9BC6-D94931D34CE3} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.6.59.110&amp;LastError=404
Task: {0E02D5B9-411B-4C0A-8C4E-68C4FA9D430A} - System32\Tasks\{781BDC2B-89B3-4AD4-A50C-46F9E8A1A818} => C:\Program Files\Deskshare\Video Edit Magic 4.4\Video Edit Magic.exe
Task: {0E42A5F9-3DB1-4607-BA8D-3E5F987F1C03} - System32\Tasks\{3D0C03EE-CE42-4F7C-9E60-1D5FB75F7ED5} => C:\Program Files\Land Desktop 3\acad.exe [2011-09-08] (Autodesk, Inc.)
Task: {16AC1F94-86BB-483F-970F-3F54BE364B3D} - System32\Tasks\{539E030A-88D5-4262-89E9-BAD47A7E4226} => C:\Program Files\Land Desktop 3\acad.exe [2011-09-08] (Autodesk, Inc.)
Task: {1854B3F0-A74E-44DF-A5F8-B556AEDF9DB0} - \f04afea0 No Task File
Task: {28D7CF6A-27D0-45DD-A1FA-C117623050B6} - \f5fdeb68 No Task File
Task: {2D215833-5ABF-45F8-BF85-ADB6AC675FC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {2F0EB9F7-114E-4086-AC68-9C49B4961E68} - System32\Tasks\{F01E5F64-ACDF-4661-BE9A-34C0622E97BC} => C:\Program Files\Land Desktop 3\acad.exe [2011-09-08] (Autodesk, Inc.)
Task: {34C907A1-E595-4569-856A-9FDF6E2A6EAD} - \462cb560 No Task File
Task: {37C95D65-70CA-48E8-AE80-851ADDBA12ED} - \efhlwPr No Task File
Task: {3A4550EA-BE6E-4621-9853-9F0B2945946F} - \618d8554 No Task File
Task: {3F0FACE2-E06E-444E-9518-A014C6A84691} - \91f0bb00 No Task File
Task: {4B1CAF23-D4A3-4398-AB17-8E44845D1014} - System32\Tasks\JavaUpdateSched => C:\Windows\System32\jusched.exe
Task: {500B3632-379F-41AE-9706-EE5ED1302C88} - System32\Tasks\{840729D0-DB45-48FB-81E6-C501ABD3BEE9} => C:\Program Files\Land Desktop 3\acad.exe [2011-09-08] (Autodesk, Inc.)
Task: {52823AC1-57FE-4F2A-BB6C-2E2EF1B7DCF2} - System32\Tasks\{ADE2C904-3C36-4836-A44C-7683B80FFC32} => C:\Users\Brad\Downloads\Software\Video Magic\VSX3_Pro_TBYB.exe
Task: {560390E1-6437-49EB-9C02-5F23DA67E197} - System32\Tasks\{62CCAEF0-B047-4D16-B447-FDFEC5E932CE} => C:\Program Files\Deskshare\Video Edit Magic 4.4\Video Edit Magic.exe
Task: {5A800F1C-9EE6-448A-89F8-D50CC2618043} - \7345460 No Task File
Task: {5CF80DC5-D92E-430B-8B16-D50DEFCBD13D} - System32\Tasks\{931BD75F-237F-4165-AA42-038B45A4719E} => C:\Program Files\Land Desktop 3\acad.exe [2011-09-08] (Autodesk, Inc.)
Task: {5E017A60-C598-4686-95FF-719338C2BCE5} - \2d38f528 No Task File
Task: {66B581B8-6759-4A6B-86F7-3F77970E1F49} - System32\Tasks\task505840995 => C:\Users\Brad\AppData\Roaming\Total Anti Malware Protection\ScanDisk_.exe
Task: {745D5859-57DD-47D9-943C-C23FC274F1DE} - \cce39bc0 No Task File
Task: {7527C26E-0CA0-4309-B6A8-3C7E290F8F0F} - \6e30b904 No Task File
Task: {75A7A887-7763-44A8-97A0-A9B65AD95528} - System32\Tasks\{9844589D-B1BA-4EA7-958D-58F4219381F2} => C:\Program Files\Land Desktop 3\acad.exe [2011-09-08] (Autodesk, Inc.)
Task: {76F72794-EEAC-4442-A649-E5475C8C1791} - \d284e93c No Task File
Task: {794E1DA1-D2BD-46CF-927F-6F69107A98BB} - \6b0980fc No Task File
Task: {79850302-2689-46A6-8C0C-A205B589E9B5} - System32\Tasks\{6FF960B2-CB55-454D-A7C9-DF27096BA51D} => C:\Program Files\Deskshare\Video Edit Magic 4.4\Video Edit Magic.exe
Task: {7C759CE7-1EAF-44C5-8FD4-0E256F9FD247} - System32\Tasks\{60713A5E-8791-40FA-915E-4FFAF420C9B0} => C:\Program Files\Deskshare\Video Edit Magic 4.4\Video Edit Magic.exe
Task: {7CD84ADF-91A8-4B32-B78C-37E4DBD8FECC} - System32\Tasks\{0C2DBE22-5CDE-4CB5-9C23-FE6F8E1ABA2F} => C:\Program Files\Deskshare\Video Edit Magic 4.4\Video Edit Magic.exe
Task: {80F5A371-1535-490D-864F-70273E5F29B3} - System32\Tasks\{E467591C-3189-439C-A89D-3053429FAA1B} => C:\Program Files\Land Desktop 3\acad.exe [2011-09-08] (Autodesk, Inc.)
Task: {83CA7AEB-3057-4F5A-8193-53B2DC08EE0A} - System32\Tasks\{82A8E17E-3863-4442-9349-D331ED6E2E66} => C:\Program Files\Land Desktop 3\acad.exe [2011-09-08] (Autodesk, Inc.)
Task: {8E2A4766-8AAE-49E0-AE92-849F537213C0} - \7fb9dc48 No Task File
Task: {907CB2C8-CFF9-4336-8B6D-66E30D251EC6} - \1f8852c0 No Task File
Task: {95BE8655-F8A2-4EEA-AAFF-15B0E5CC8E02} - \15e84ac0 No Task File
Task: {9A5FAB46-1223-4283-8B81-69143CFCDD6A} - \e009cb14 No Task File
Task: {A1E12B90-E79C-41D8-ABEB-FF1D87127397} - System32\Tasks\{551B412C-3C27-4927-806B-336226DD062F} => C:\Program Files\Deskshare\Video Edit Magic 4.4\Video Edit Magic.exe
Task: {A2C02113-4EAE-426B-B94D-AB4CC399DCDA} - System32\Tasks\{217A9819-CB99-4815-857E-CDA51FD24E10} => C:\Program Files\All-Pro Software\StatTrak for Volleyball\Vbwin.exe
Task: {A68FAD2D-5FA6-4513-9436-46ED1B46AA6F} - System32\Tasks\{F94C03BF-4213-406E-91F5-DBB2331B67B4} => C:\Program Files\Land Desktop 3\acad.exe [2011-09-08] (Autodesk, Inc.)
Task: {A8D783EE-1BBD-4F8C-8726-F893EE625481} - System32\Tasks\{00133C4A-6B6F-4685-A22B-AC9BCA4FEEE7} => C:\Program Files\Land Desktop 3\acad.exe [2011-09-08] (Autodesk, Inc.)
Task: {B082453F-3ACF-4671-BEA1-42822DB60C6C} - System32\Tasks\{C0DC5705-C0DB-44EC-9D39-04AB89948102} => C:\Program Files\Deskshare\Video Edit Magic 4.4\Video Edit Magic.exe
Task: {B0904E45-70BE-440D-8763-BF0930A6E709} - System32\Tasks\{644CB681-A5ED-4EE3-A2FA-158DD2677C97} => C:\Program Files\Deskshare\Video Edit Magic 4.4\Video Edit Magic.exe
Task: {B35F9A6A-ADE9-479F-9E5B-8F6937D53E6B} - \e949f6c8 No Task File
Task: {BCB04694-3C09-4FAF-8019-3176CAD8CC06} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {C22C30DB-4C7D-47C2-BDBD-DD16FFA92086} - System32\Tasks\{BEE395C4-054C-4C27-B19C-E6637F243853} => C:\Program Files\Land Desktop 3\acad.exe [2011-09-08] (Autodesk, Inc.)
Task: {C8E5ED95-58D9-47B7-B5B8-7783C41C08A6} - System32\Tasks\{CC9FD46C-ED4D-4F4E-8E90-81955C81A862} => C:\Program Files\Land Desktop 3\acad.exe [2011-09-08] (Autodesk, Inc.)
Task: {D4C6A25A-1475-4B7E-882E-4D2CA280637A} - System32\Tasks\{D3B62E88-38E1-4880-A11F-15CEFB5F0C56} => C:\Program Files\Deskshare\Video Edit Magic 4.4\Video Edit Magic.exe
Task: {D57CB62A-81B3-4B6D-B454-8786BD8D5393} - \253aead8 No Task File
Task: {D6CD92C3-6A59-4A9C-B952-6F6B5CDF767C} - System32\Tasks\{BC402FCB-E4E1-4E72-9D62-34608A0BD807} => C:\Program Files\Traysoft\PhoneTray\PhoneTray.exe
Task: {E0CE0084-6D2E-4525-BD95-11840116ED9B} - \ab5f68d8 No Task File
Task: {F39ECBEC-3F1E-40A9-8E44-0CFE70DD219F} - System32\Tasks\{41796AD9-787D-4955-957E-EF4D3B67CEC2} => C:\Program Files\Deskshare\Video Edit Magic 4.4\Video Edit Magic.exe
Task: {F3C551D2-F5B5-4320-8EC3-3A36CEC40A3B} - System32\Tasks\{88A43E71-02AC-4A3E-90F3-2226C81CFAB4} => C:\Program Files\Deskshare\Video Edit Magic 4.4\Video Edit Magic.exe
Task: {F98ECCD5-9A9E-4999-BCD8-4E7F1620B0D8} - \1d0a86b4 No Task File
Task: {FA8B8E27-045F-4E2F-A08E-B1E39DB718E4} - System32\Tasks\{927E7AC5-C99C-48B2-BFDE-1A6C72F17F09} => C:\Program Files\Land Desktop 3\acad.exe [2011-09-08] (Autodesk, Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-03-22 22:40 - 2007-02-28 02:55 - 00102400 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\dlbfpp5c.dll
2010-11-24 09:50 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2009-07-27 13:15 - 2009-07-27 13:15 - 00249856 _____ () C:\Windows\system32\wxvault.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:1AE68282
AlternateDataStreams: C:\ProgramData\TEMP:58DD92AC
AlternateDataStreams: C:\ProgramData\TEMP:94A19129

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListen => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListenPush => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft RemoteAssist => ""="Service"

==================== Faulty Device Manager Devices =============

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: MpKsld59a0ee3
Description: MpKsld59a0ee3
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsld59a0ee3
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft WPD Enhanced Storage Password Driver
Description: Microsoft WPD Enhanced Storage Password Driver
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: (Enhanced Storage Device)
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: USB PowerPacket Network Adapter
Description: USB PowerPacket Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intellon
Service: A_USBETHMP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/01/2014 10:21:07 AM) (Source: Application Hang) (User: )
Description: The program WINWORD.EXE version 12.0.6683.5002 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 59c

Start Time: 01cf0704d1f4e7a2

Termination Time: 0

Application Path: C:\Program Files\Microsoft Office\Office12\WINWORD.EXE

Report Id: 4ec6453f-72f8-11e3-8c1b-002564c303b8

Error: (01/01/2014 02:48:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/31/2013 10:53:36 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb10c6
Exception code: 0xc06d007f
Fault offset: 0x0000812f
Faulting process id: 0x860
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (12/31/2013 10:51:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/30/2013 10:30:55 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/30/2013 09:16:17 AM) (Source: MsiInstaller) (User: Brad-Main-PC)
Description: Product: Skype Click to Call -- Error 1101. Error reading from file: C:\Program Files\Skype\Toolbars\Skype for Chromium\RemovePreferences.vbs.  System error 3.  Verify that the file exists and that you can access it.

Error: (12/28/2013 00:57:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/28/2013 00:57:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/28/2013 10:12:33 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb10c6
Exception code: 0xc06d007f
Fault offset: 0x0000812f
Faulting process id: 0x548
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (12/28/2013 01:01:59 AM) (Source: Microsoft Security Client Setup) (User: Brad-Main-PC)
Description: HRESULT:0x80096001
Description:Can't complete the Setup Wizard. An error has prevented Setup Wizard from continuing. Please restart your computer and try again. Error code:0x80096001. A system-level error occurred while verifying trust.

System errors:
=============
Error: (01/01/2014 08:41:17 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/01/2014 08:41:16 AM) (Source: Service Control Manager) (User: )
Description: The dlbf_device service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/01/2014 08:41:16 AM) (Source: Service Control Manager) (User: )
Description: The Indexing Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/01/2014 08:41:16 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/01/2014 08:34:16 AM) (Source: Service Control Manager) (User: )
Description: The PMBDeviceInfoProvider service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/01/2014 08:32:14 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.165.744.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.4.0304.00

 Source Path: 4.4.0304.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (01/01/2014 01:43:56 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.165.744.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.4.0304.00

 Source Path: 4.4.0304.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (12/31/2013 09:31:56 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.165.744.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.4.0304.00

 Source Path: 4.4.0304.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (12/31/2013 09:24:06 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate1cacdfadb3411c1) service failed to start due to the following error:
%%2

Error: (12/31/2013 09:22:10 AM) (Source: Microsoft-Windows-EnhancedStorage-EhStorCertDrv) (User: NT AUTHORITY)
Description: Password device is not compatible with Windows.

Microsoft Office Sessions:
=========================
Error: (11/09/2011 03:17:58 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 841897 seconds with 1140 seconds of active time.  This session ended with a crash.

CodeIntegrity Errors:
===================================
  Date: 2012-11-13 08:42:48.565
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sirenacm.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-11-13 08:42:48.425
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2012-11-13 08:42:47.988
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\COMMON~1\ULEADS~1\VIO\DVACM.acm because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 46%
Total physical RAM: 3069.65 MB
Available physical RAM: 1630.57 MB
Total Pagefile: 6137.59 MB
Available Pagefile: 4856.34 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.86 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:232.06 GB) (Free:65.03 GB) NTFS
Drive f: (FLASH DRIVE) (Removable) (Total:1.86 GB) (Free:1.35 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: B234CCC0)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=750 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 02390103)
Partition 1: (Not Active) - (Size=2 GB) - (Type=06)

==================== End Of Log ============================



#5 Guitarbuilder

Guitarbuilder
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 01 January 2014 - 11:05 AM

attached fileAttached File  Addition.txt   36.06KB   2 downloads



#6 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:17 PM

Posted 01 January 2014 - 01:49 PM

You posted addition.txt twice.  I also need to see the FRST.txt log


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#7 Guitarbuilder

Guitarbuilder
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 01 January 2014 - 01:52 PM

Sorry, got confused. here it is

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-12-2013 01
Ran by Brad (administrator) on BRAD-MAIN-PC on 01-01-2014 10:50:04
Running from C:\Users\Brad\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7Debug\mdm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKCU\...\Run: [SandboxieControl] - "K:\Sandboxie\SbieCtrl.exe"
HKCU\...\Run: [Wondershare Helper Compact.exe] - "C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe"
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\Policies\Explorer: []
Lsa: [Authentication Packages] msv1_0 wvauth

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?PC=msnHomeST&OCID=msnHomepage
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USREL/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2117678
SearchScopes: HKCU - {1BA7FEA6-4D75-49F0-9E89-C49A539F9B9E} URL =
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL =
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {C2DB4FE6-8409-45CE-8010-189A7B5CCE86} -  No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file:///C:/Program%20Files/Land%20Desktop%203/AcPreview.ocx
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.17.1

Chrome:
=======
CHR HomePage: hxxp://search.yahoo.com/?type=586383&fr=spigot-yhp-ch
CHR RestoreOnStartup: "hxxp://search.yahoo.com/?type=586383&fr=spigot-yhp-ch"
CHR Extension: () - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: () - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)
S2 dlbf_device; C:\Windows\system32\dlbfcoms.exe [538096 2007-03-09] ( )
S3 FEBF; C:\Users\Brad\AppData\Local\Temp\FEBF.exe [342912 2013-12-28] (Sysinternals - www.sysinternals.com)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2013-11-20] (Flexera Software LLC)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [1019904 2009-06-03] (Wave Systems Corp.)
S2 SupportSoft RemoteAssist; C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe [386424 2012-09-04] (SupportSoft, Inc.)
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1273856 2008-11-12] ()
R2 TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [1622016 2009-06-11] (Wave Systems Corp.)
S2 gupdate1cacdfadb3411c1; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [x]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [x]
S2 SbieSvc; "K:\Sandboxie\SbieSvc.exe" [x]
S2 tvnserver; "C:\Program Files\TightVNC\tvnserver.exe" -service [x]

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [34792 2013-12-02] (Google Inc)
S3 A_USBETHMP; C:\Windows\System32\Drivers\usbethmp.sys [14342 2009-07-09] (Intellon Corporation)
S3 Blfp; C:\Windows\System32\DRIVERS\basp.sys [84992 2009-05-11] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHDA.sys [2747424 2009-09-04] (Realtek Semiconductor Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2008-06-04] (Dell Inc)
S3 STV680; C:\Windows\System32\drivers\STV680.sys [113072 2001-08-21] (STMicroelectronics                                          )
S3 STVrds; C:\Windows\System32\drivers\STVrds.sys [113072 2001-06-22] (STMicroelectronics                                          )
S3 ubloxusb; C:\Windows\System32\DRIVERS\ubloxusb.sys [75264 2009-11-27] (u-blox AG)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
R2 WavxDMgr; C:\Windows\System32\DRIVERS\WavxDMgr.sys [200192 2009-07-27] (Wave Systems Corp.)
S3 WLRAWMp50x86; C:\Windows\System32\Drivers\WLRAWMp50x86.sys [28312 2009-07-09] (Logitech, Inc.)
S3 WLRAWSp50x86; C:\Windows\System32\Drivers\WLRAWSp50x86.sys [27032 2009-07-09] (Logitech, Inc.)
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [x]
S3 MFE_RR; \??\C:\Users\Brad\AppData\Local\Temp\mfe_rr.sys [x]
S1 MpKsld59a0ee3; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E032B99A-1DE7-494B-BA18-A72EE0B3AAF2}\MpKsld59a0ee3.sys [x]
S3 SbieDrv; \??\K:\Sandboxie\SbieDrv.sys [x]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [x]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [x]
S3 UsbGps; system32\DRIVERS\lgusbgps.sys [x]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-01 08:40 - 2013-12-24 13:02 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brad\Desktop\rkill.exe
2014-01-01 08:40 - 2013-12-24 13:02 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brad\Desktop\iExplore.exe
2014-01-01 08:40 - 2013-12-24 12:58 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brad\Desktop\rkill.com
2013-12-31 07:37 - 2013-12-31 07:37 - 00001087 _____ C:\Users\Brad\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-30 13:57 - 2013-12-30 13:57 - 00042261 _____ C:\Users\Brad\Desktop\FRST old.txt
2013-12-30 13:57 - 2013-12-30 13:57 - 00036514 _____ C:\Users\Brad\Desktop\Addition old.txt
2013-12-30 13:54 - 2013-12-30 13:54 - 00000000 ___DC C:\FRST
2013-12-30 12:31 - 2013-12-30 12:31 - 00050475 _____ C:\Users\Brad\Desktop\attach.txt
2013-12-30 12:31 - 2013-12-30 12:30 - 00014003 _____ C:\Users\Brad\Desktop\dds.txt
2013-12-30 12:26 - 2013-12-30 12:20 - 00708597 _____ (Farbar) C:\Users\Brad\Desktop\FSS.exe
2013-12-30 12:26 - 2013-12-30 12:17 - 01034531 _____ (Thisisu) C:\Users\Brad\Desktop\JRT.exe
2013-12-30 12:26 - 2013-12-30 12:15 - 01233962 _____ C:\Users\Brad\Desktop\AdwCleaner.exe
2013-12-30 12:26 - 2013-12-30 12:11 - 05159030 _____ (Swearware) C:\Users\Brad\Desktop\ComboFix.exe
2013-12-30 12:26 - 2013-12-30 12:05 - 00688992 ____R (Swearware) C:\Users\Brad\Desktop\dds.com
2013-12-30 12:26 - 2013-12-30 11:33 - 01064199 _____ (Farbar) C:\Users\Brad\Desktop\FRST.exe
2013-12-30 12:26 - 2013-11-18 09:28 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Brad\Desktop\TDSSKiller.exe
2013-12-30 08:50 - 2009-07-13 23:37 - 00000262 _____ C:\Users\Brad\Desktop\Run.lnk
2013-12-28 18:58 - 2013-12-28 19:02 - 00026448 _____ C:\Windows\diagwrn.xml
2013-12-28 18:58 - 2013-12-28 19:02 - 00001908 _____ C:\Windows\diagerr.xml
2013-12-28 18:27 - 2013-12-28 18:27 - 00000020 _____ C:\Users\Brad\Desktop\ttt.txt
2013-12-28 18:22 - 2009-07-13 20:14 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\config\sapisvr.22exe22
2013-12-28 15:25 - 2013-12-28 15:25 - 00000000 ____D C:\Users\Brad\AppData\Roaming\FixZeroAccess
2013-12-28 15:24 - 2013-12-28 15:22 - 01805736 _____ (Symantec Corporation) C:\Users\Brad\Downloads\FixZeroAccess.exe
2013-12-28 12:57 - 2013-12-27 10:00 - 10264904 _____ (SurfRight B.V.) C:\Users\Brad\Downloads\HitmanPro_x64.exe
2013-12-28 12:57 - 2013-12-27 10:00 - 00143640 _____ (SurfRight B.V.) C:\Users\Brad\Downloads\Kickstarter.exe
2013-12-28 12:57 - 2013-12-27 09:19 - 09452704 _____ (SurfRight B.V.) C:\Users\Brad\Desktop\HitmanPro.exe
2013-12-28 12:17 - 2013-12-28 13:19 - 00000033 _____ C:\Users\Brad\AppData\Roaming\mbam.context.scan
2013-12-28 11:40 - 2013-12-28 11:40 - 00318814 _____ C:\Users\Brad\Desktop\122813 Rkill.txt
2013-12-28 01:26 - 2013-11-26 05:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-28 01:26 - 2013-11-26 04:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-28 01:26 - 2013-11-26 04:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-28 01:26 - 2013-11-26 03:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-28 01:26 - 2013-11-26 03:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-28 01:26 - 2013-11-26 03:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-28 01:26 - 2013-11-26 03:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-28 01:26 - 2013-11-26 03:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-28 01:26 - 2013-11-26 03:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-28 01:26 - 2013-11-26 03:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-28 01:26 - 2013-11-26 03:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-28 01:26 - 2013-11-26 03:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-28 01:26 - 2013-11-26 03:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-28 01:26 - 2013-11-26 03:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-28 01:26 - 2013-11-26 02:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-28 01:26 - 2013-11-26 02:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-28 01:26 - 2013-11-26 01:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-28 01:26 - 2013-11-26 01:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-28 01:26 - 2013-11-26 01:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-27 16:15 - 2013-12-27 16:15 - 00000346 _____ C:\Windows\system32\.crusader
2013-12-27 12:37 - 2013-12-27 12:37 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-27 12:37 - 2013-12-27 12:37 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-27 12:37 - 2013-12-27 12:37 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-27 12:37 - 2013-12-27 12:37 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-27 12:37 - 2013-12-27 12:37 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-27 12:37 - 2013-12-27 12:37 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-27 12:37 - 2013-12-27 12:37 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-27 12:37 - 2013-12-27 12:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-27 12:37 - 2013-12-27 12:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-27 12:37 - 2013-12-27 12:37 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-27 12:31 - 2013-12-27 12:31 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-27 12:31 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-27 09:12 - 2013-12-27 09:12 - 00000000 ____D C:\Program Files\HitmanPro
2013-12-26 17:17 - 2013-12-26 17:17 - 00037083 ____C C:\acadminidump.dmp
2013-12-26 13:05 - 2013-12-27 12:04 - 00000000 ____D C:\Users\Brad\Downloads\Recovery TOOLs
2013-12-26 11:46 - 2013-12-28 11:38 - 00000000 ____D C:\Users\Brad\Downloads\proceess explorer
2013-12-26 10:23 - 2013-12-26 11:51 - 00000000 ____D C:\Users\Brad\AppData\Local\CrashDumps
2013-12-24 19:43 - 2013-12-30 10:32 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-24 19:35 - 2013-12-24 19:35 - 00000000 ___DC C:\Fix it portable
2013-12-24 14:33 - 2013-12-27 12:31 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-24 13:03 - 2014-01-01 08:51 - 00319508 _____ C:\Users\Brad\Desktop\Rkill.txt
2013-12-24 11:18 - 2013-12-24 11:18 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Malwarebytes
2013-12-24 11:18 - 2013-12-24 11:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-24 11:04 - 2013-12-25 07:05 - 00000000 ____D C:\Users\Brad\AppData\Local\NPE
2013-12-24 11:04 - 2013-12-24 11:04 - 00000000 ____D C:\ProgramData\Norton
2013-12-11 00:18 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 00:18 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 00:16 - 2013-12-11 00:16 - 00000134 _____ C:\Users\Brad\Desktop\Internet Explorer Troubleshooting.url
2013-12-11 00:15 - 2013-12-27 12:38 - 00042098 _____ C:\Windows\IE11_main.log
2013-12-10 17:44 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-10 17:44 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-10 17:44 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-10 17:44 - 2013-10-29 20:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-10 17:44 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-10 17:44 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-10 17:44 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-10 17:44 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-10 17:44 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-10 17:44 - 2013-10-03 20:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-10 17:44 - 2013-10-03 20:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-05 20:20 - 2013-12-05 20:20 - 00000000 ____D C:\Users\Brad\Documents\Dr.Fone for Android 12-05-2013 at 20.20.23
2013-12-04 07:00 - 2013-12-04 07:00 - 02243624 _____ (Google Inc.) C:\Users\Brad\Downloads\GoogleToolbarInstaller_en32_signed.exe
2013-12-03 10:35 - 2013-12-03 10:35 - 00005949 _____ C:\Users\Brad\Documents\TWC.txt
2013-12-03 09:13 - 2013-12-27 12:05 - 00000000 ____D C:\Program Files\Common Files\SupportSoft
2013-12-02 22:08 - 2013-12-02 22:08 - 00161664 _____ C:\Windows\Minidump\120213-15927-01.dmp
2013-12-02 15:52 - 2014-01-01 01:40 - 00000000 ___DC C:\01 phone recovery
2013-12-02 15:40 - 2013-12-02 15:40 - 00161672 _____ C:\Windows\Minidump\120213-38376-01.dmp
2013-12-02 13:53 - 2013-12-02 13:53 - 00161688 _____ C:\Windows\Minidump\120213-37112-01.dmp
2013-12-02 13:52 - 2013-12-02 22:08 - 345654499 _____ C:\Windows\MEMORY.DMP
2013-12-02 12:55 - 2013-12-02 12:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wsadb_01007.Wdf
2013-12-02 12:53 - 2013-12-02 12:53 - 01112288 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2013-12-02 12:53 - 2013-12-02 12:53 - 00034792 _____ (Google Inc) C:\Windows\system32\Drivers\wsadb.sys
2013-12-02 12:50 - 2013-12-27 12:02 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Wondershare
2013-12-02 12:50 - 2013-12-02 12:50 - 00002135 _____ C:\Users\Public\Desktop\Wondershare Dr.Fone for Android.lnk
2013-12-02 12:50 - 2013-12-02 12:50 - 00000000 ____D C:\Users\Brad\AppData\Local\Wondershare
2013-12-02 12:50 - 2013-12-02 12:50 - 00000000 ____D C:\Program Files\Common Files\Wondershare
2013-12-02 12:42 - 2013-12-02 12:42 - 00000000 ____D C:\Users\Brad\Downloads\android recovery

==================== One Month Modified Files and Folders =======

2014-01-01 10:49 - 2010-03-05 17:39 - 00935554 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-01 10:30 - 2010-03-29 06:45 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-01 09:30 - 2010-03-29 06:45 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-01 08:51 - 2013-12-24 13:03 - 00319508 _____ C:\Users\Brad\Desktop\Rkill.txt
2014-01-01 08:32 - 2009-07-13 23:55 - 01415355 _____ C:\Windows\WindowsUpdate.log
2014-01-01 01:40 - 2013-12-02 15:52 - 00000000 ___DC C:\01 phone recovery
2013-12-31 09:26 - 2009-07-13 23:34 - 00014256 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-31 09:26 - 2009-07-13 23:34 - 00014256 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-31 09:22 - 2013-11-13 09:52 - 00016617 _____ C:\Windows\setupact.log
2013-12-31 09:21 - 2010-03-05 19:23 - 00202592 _____ C:\Windows\PFRO.log
2013-12-31 09:21 - 2010-03-05 17:30 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-31 09:21 - 2009-07-13 23:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-31 09:21 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\Resources
2013-12-31 07:37 - 2013-12-31 07:37 - 00001087 _____ C:\Users\Brad\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-30 13:57 - 2013-12-30 13:57 - 00042261 _____ C:\Users\Brad\Desktop\FRST old.txt
2013-12-30 13:57 - 2013-12-30 13:57 - 00036514 _____ C:\Users\Brad\Desktop\Addition old.txt
2013-12-30 13:54 - 2013-12-30 13:54 - 00000000 ___DC C:\FRST
2013-12-30 12:31 - 2013-12-30 12:31 - 00050475 _____ C:\Users\Brad\Desktop\attach.txt
2013-12-30 12:30 - 2013-12-30 12:31 - 00014003 _____ C:\Users\Brad\Desktop\dds.txt
2013-12-30 12:20 - 2013-12-30 12:26 - 00708597 _____ (Farbar) C:\Users\Brad\Desktop\FSS.exe
2013-12-30 12:17 - 2013-12-30 12:26 - 01034531 _____ (Thisisu) C:\Users\Brad\Desktop\JRT.exe
2013-12-30 12:15 - 2013-12-30 12:26 - 01233962 _____ C:\Users\Brad\Desktop\AdwCleaner.exe
2013-12-30 12:11 - 2013-12-30 12:26 - 05159030 _____ (Swearware) C:\Users\Brad\Desktop\ComboFix.exe
2013-12-30 12:05 - 2013-12-30 12:26 - 00688992 ____R (Swearware) C:\Users\Brad\Desktop\dds.com
2013-12-30 11:33 - 2013-12-30 12:26 - 01064199 _____ (Farbar) C:\Users\Brad\Desktop\FRST.exe
2013-12-30 10:32 - 2013-12-24 19:43 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-30 07:50 - 2013-08-20 12:47 - 00000000 ____D C:\Users\Brad\Downloads\acad2014 dwnld files
2013-12-28 19:02 - 2013-12-28 18:58 - 00026448 _____ C:\Windows\diagwrn.xml
2013-12-28 19:02 - 2013-12-28 18:58 - 00001908 _____ C:\Windows\diagerr.xml
2013-12-28 18:58 - 2013-11-13 09:52 - 00000000 _____ C:\Windows\setuperr.log
2013-12-28 18:27 - 2013-12-28 18:27 - 00000020 _____ C:\Users\Brad\Desktop\ttt.txt
2013-12-28 15:25 - 2013-12-28 15:25 - 00000000 ____D C:\Users\Brad\AppData\Roaming\FixZeroAccess
2013-12-28 15:22 - 2013-12-28 15:24 - 01805736 _____ (Symantec Corporation) C:\Users\Brad\Downloads\FixZeroAccess.exe
2013-12-28 13:19 - 2013-12-28 12:17 - 00000033 _____ C:\Users\Brad\AppData\Roaming\mbam.context.scan
2013-12-28 11:40 - 2013-12-28 11:40 - 00318814 _____ C:\Users\Brad\Desktop\122813 Rkill.txt
2013-12-28 11:38 - 2013-12-26 11:46 - 00000000 ____D C:\Users\Brad\Downloads\proceess explorer
2013-12-28 10:48 - 2011-10-19 13:32 - 00000000 ____D C:\Program Files\Convar
2013-12-28 10:48 - 2010-03-26 14:29 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-12-28 10:16 - 2013-08-29 08:11 - 00000000 ____D C:\Users\Brad\Downloads\Com 4
2013-12-28 10:12 - 2010-03-27 17:14 - 00000000 ____D C:\Program Files\Google
2013-12-27 17:00 - 2013-03-15 07:25 - 00017011 _____ C:\Windows\IE10_main.log
2013-12-27 16:15 - 2013-12-27 16:15 - 00000346 _____ C:\Windows\system32\.crusader
2013-12-27 15:36 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\rescache
2013-12-27 14:24 - 2012-11-14 10:19 - 00000000 ____D C:\Program Files\TightVNC
2013-12-27 13:23 - 2010-03-11 15:09 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-27 13:23 - 2010-03-11 15:09 - 00000000 ____D C:\Program Files\Adobe
2013-12-27 13:20 - 2013-11-20 08:58 - 00000000 ____D C:\Users\Brad\AppData\Roaming\BitTorrent
2013-12-27 12:38 - 2013-12-11 00:15 - 00042098 _____ C:\Windows\IE11_main.log
2013-12-27 12:37 - 2013-12-27 12:37 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-27 12:37 - 2013-12-27 12:37 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-27 12:37 - 2013-12-27 12:37 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-27 12:37 - 2013-12-27 12:37 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-27 12:37 - 2013-12-27 12:37 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-27 12:37 - 2013-12-27 12:37 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-27 12:37 - 2013-12-27 12:37 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-27 12:37 - 2013-12-27 12:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-27 12:37 - 2013-12-27 12:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-27 12:37 - 2013-12-27 12:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-27 12:37 - 2013-12-27 12:37 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-27 12:31 - 2013-12-27 12:31 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-27 12:31 - 2013-12-24 14:33 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-27 12:08 - 2010-03-11 11:42 - 00000000 ____D C:\Users\Brad
2013-12-27 12:07 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\system32\wfp
2013-12-27 12:05 - 2013-12-03 09:13 - 00000000 ____D C:\Program Files\Common Files\SupportSoft
2013-12-27 12:05 - 2013-11-20 10:15 - 00000000 ____D C:\Users\Brad\AppData\Roaming\DAEMON Tools Lite
2013-12-27 12:05 - 2013-09-26 16:09 - 00000000 ____D C:\Program Files\iCare Data Recovery
2013-12-27 12:05 - 2013-05-05 18:37 - 00000000 ____D C:\Users\Brad\AppData\Roaming\GetRightToGo
2013-12-27 12:05 - 2013-05-05 17:27 - 00000000 ____D C:\Program Files\Wondershare
2013-12-27 12:05 - 2013-05-05 16:21 - 00000000 ____D C:\Program Files\WinUndelete
2013-12-27 12:05 - 2013-05-02 07:29 - 00000000 ____D C:\ProgramData\WiLife
2013-12-27 12:05 - 2013-03-25 20:12 - 00000000 ____D C:\Users\Brad\AppData\Local\Downloaded Installations
2013-12-27 12:05 - 2013-03-25 20:09 - 00000000 ____D C:\Users\Brad\AppData\Local\Traysoft_Inc
2013-12-27 12:05 - 2013-03-17 08:24 - 00000000 ____D C:\Users\Brad\AppData\Local\Akamai
2013-12-27 12:05 - 2013-03-17 08:20 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2013-12-27 12:05 - 2013-03-16 11:17 - 00000000 ____D C:\Users\Brad\AppData\Local\http___sites.google.com_s
2013-12-27 12:05 - 2013-03-13 10:15 - 00000000 ____D C:\Users\Brad\.android
2013-12-27 12:05 - 2012-05-01 07:03 - 00000000 __SHD C:\Users\Brad\AppData\Roaming\Total Anti Malware Protection
2013-12-27 12:05 - 2012-04-21 01:00 - 00000000 ____D C:\Users\Brad\AppData\Local\MSoft
2013-12-27 12:05 - 2011-12-26 09:25 - 00000000 ____D C:\Users\Brad\AppData\Local\Apps\2.0
2013-12-27 12:05 - 2011-12-23 21:05 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-12-27 12:05 - 2011-09-16 09:25 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Ulead Systems
2013-12-27 12:05 - 2011-09-15 10:09 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Ulead Systems_Test
2013-12-27 12:05 - 2011-08-06 17:55 - 00000000 ____D C:\Windows\pss
2013-12-27 12:05 - 2010-11-24 09:51 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-27 12:05 - 2010-03-22 20:07 - 00000000 ____D C:\Users\Brad\AppData\Local\Microsoft Help
2013-12-27 12:05 - 2010-03-11 22:18 - 00000000 ____D C:\Users\Brad\AppData\Roaming\MSN6
2013-12-27 12:05 - 2010-03-11 11:46 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Adobe
2013-12-27 12:05 - 2010-03-11 11:42 - 00000000 ___RD C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-27 12:05 - 2010-03-11 11:42 - 00000000 ___RD C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-27 12:05 - 2010-03-05 17:32 - 00000000 ____D C:\Windows\system32\Macromed
2013-12-27 12:05 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\AppCompat
2013-12-27 12:05 - 2009-07-13 21:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-27 12:04 - 2013-12-26 13:05 - 00000000 ____D C:\Users\Brad\Downloads\Recovery TOOLs
2013-12-27 12:04 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\registration
2013-12-27 12:03 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-27 12:02 - 2013-12-02 12:50 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Wondershare
2013-12-27 12:02 - 2010-03-12 12:41 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Serif
2013-12-27 12:02 - 2010-03-11 21:24 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Sony Corporation
2013-12-27 12:02 - 2010-03-11 11:42 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Wave Systems Corp
2013-12-27 12:01 - 2010-08-25 06:37 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Autodesk
2013-12-27 12:01 - 2010-03-11 11:56 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Macromedia
2013-12-27 11:58 - 2010-03-11 22:09 - 00000000 ____D C:\Users\Brad\AppData\Local\MicroVision Applications
2013-12-27 11:58 - 2010-03-11 11:42 - 00000000 ____D C:\Users\Brad\AppData\Local\VirtualStore
2013-12-27 11:57 - 2010-03-27 17:14 - 00000000 ____D C:\Users\Brad\AppData\Local\Google
2013-12-27 11:56 - 2013-08-19 11:40 - 00000000 ____D C:\Users\Brad\AppData\Local\Autodesk
2013-12-27 11:56 - 2013-08-19 10:57 - 00000000 ____D C:\ProgramData\Autodesk
2013-12-27 11:56 - 2011-09-16 08:47 - 00000000 ____D C:\Users\Brad\AppData\Local\Citrix
2013-12-27 11:56 - 2010-08-03 06:51 - 00000000 ____D C:\ProgramData\Google
2013-12-27 11:56 - 2010-03-17 07:04 - 00000000 ____D C:\ProgramData\Adobe
2013-12-27 11:55 - 2010-03-22 20:05 - 00000000 __RHD C:\MSOCache
2013-12-27 10:00 - 2013-12-28 12:57 - 10264904 _____ (SurfRight B.V.) C:\Users\Brad\Downloads\HitmanPro_x64.exe
2013-12-27 10:00 - 2013-12-28 12:57 - 00143640 _____ (SurfRight B.V.) C:\Users\Brad\Downloads\Kickstarter.exe
2013-12-27 09:19 - 2013-12-28 12:57 - 09452704 _____ (SurfRight B.V.) C:\Users\Brad\Desktop\HitmanPro.exe
2013-12-27 09:12 - 2013-12-27 09:12 - 00000000 ____D C:\Program Files\HitmanPro
2013-12-26 17:17 - 2013-12-26 17:17 - 00037083 ____C C:\acadminidump.dmp
2013-12-26 11:51 - 2013-12-26 10:23 - 00000000 ____D C:\Users\Brad\AppData\Local\CrashDumps
2013-12-25 07:05 - 2013-12-24 11:04 - 00000000 ____D C:\Users\Brad\AppData\Local\NPE
2013-12-24 19:35 - 2013-12-24 19:35 - 00000000 ___DC C:\Fix it portable
2013-12-24 13:02 - 2014-01-01 08:40 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brad\Desktop\rkill.exe
2013-12-24 13:02 - 2014-01-01 08:40 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brad\Desktop\iExplore.exe
2013-12-24 12:58 - 2014-01-01 08:40 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brad\Desktop\rkill.com
2013-12-24 11:18 - 2013-12-24 11:18 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Malwarebytes
2013-12-24 11:18 - 2013-12-24 11:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-24 11:04 - 2013-12-24 11:04 - 00000000 ____D C:\ProgramData\Norton
2013-12-20 17:37 - 2013-01-09 00:35 - 00000000 ____D C:\Users\Brad\Downloads\Com 6
2013-12-18 08:31 - 2013-09-05 15:59 - 00038888 _____ C:\Users\Brad\Documents\powerball clacs.xlsx
2013-12-17 12:20 - 2013-05-02 07:42 - 00000000 ___DC C:\WiLife Video
2013-12-12 13:00 - 2013-09-26 16:08 - 00000000 ____D C:\Users\Brad\Downloads\Com 1
2013-12-11 18:31 - 2010-10-22 09:02 - 00000459 _____ C:\Windows\dellstat.ini
2013-12-11 03:17 - 2009-07-13 23:33 - 00733464 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 00:39 - 2010-03-22 20:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 00:36 - 2010-06-26 09:25 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-11 00:22 - 2013-07-21 02:00 - 00000000 ____D C:\Windows\system32\MRT
2013-12-11 00:18 - 2010-03-15 07:04 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-11 00:16 - 2013-12-11 00:16 - 00000134 _____ C:\Users\Brad\Desktop\Internet Explorer Troubleshooting.url
2013-12-10 17:34 - 2011-11-24 08:51 - 00002172 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-09 11:58 - 2013-08-19 12:00 - 00000000 ____D C:\Users\Brad\AppData\Local\cache
2013-12-05 20:20 - 2013-12-05 20:20 - 00000000 ____D C:\Users\Brad\Documents\Dr.Fone for Android 12-05-2013 at 20.20.23
2013-12-05 18:25 - 2013-11-19 14:03 - 00002131 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-04 07:00 - 2013-12-04 07:00 - 02243624 _____ (Google Inc.) C:\Users\Brad\Downloads\GoogleToolbarInstaller_en32_signed.exe
2013-12-03 10:35 - 2013-12-03 10:35 - 00005949 _____ C:\Users\Brad\Documents\TWC.txt
2013-12-02 22:08 - 2013-12-02 22:08 - 00161664 _____ C:\Windows\Minidump\120213-15927-01.dmp
2013-12-02 22:08 - 2013-12-02 13:52 - 345654499 _____ C:\Windows\MEMORY.DMP
2013-12-02 22:08 - 2011-05-11 09:22 - 00000000 ____D C:\Windows\Minidump
2013-12-02 15:40 - 2013-12-02 15:40 - 00161672 _____ C:\Windows\Minidump\120213-38376-01.dmp
2013-12-02 13:53 - 2013-12-02 13:53 - 00161688 _____ C:\Windows\Minidump\120213-37112-01.dmp
2013-12-02 12:55 - 2013-12-02 12:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wsadb_01007.Wdf
2013-12-02 12:53 - 2013-12-02 12:53 - 01112288 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2013-12-02 12:53 - 2013-12-02 12:53 - 00034792 _____ (Google Inc) C:\Windows\system32\Drivers\wsadb.sys
2013-12-02 12:51 - 2011-05-19 11:51 - 00239856 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2013-12-02 12:50 - 2013-12-02 12:50 - 00002135 _____ C:\Users\Public\Desktop\Wondershare Dr.Fone for Android.lnk
2013-12-02 12:50 - 2013-12-02 12:50 - 00000000 ____D C:\Users\Brad\AppData\Local\Wondershare
2013-12-02 12:50 - 2013-12-02 12:50 - 00000000 ____D C:\Program Files\Common Files\Wondershare
2013-12-02 12:42 - 2013-12-02 12:42 - 00000000 ____D C:\Users\Brad\Downloads\android recovery
2013-12-02 08:26 - 2010-03-12 10:00 - 00000000 ____D C:\Acad Dwgs

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2894341859-449193735-290855946-1000\$7119cab43d92801844586c41e2f9504e

Files to move or delete:
====================
C:\Users\Brad\g2ax_customer_downloadhelper_win32_x86.exe
C:\Users\Brad\install_flashplayer11x32_chra_aaa_aih.exe
C:\Users\Brad\twunk_32.exe

Some content of TEMP:
====================
C:\Users\Brad\AppData\Local\Temp\AcDeltree.exe
C:\Users\Brad\AppData\Local\Temp\FEBF.exe
C:\Users\Brad\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\Brad\AppData\Local\Temp\ose00000.exe
C:\Users\Brad\AppData\Local\Temp\uninst.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



#8 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:17 PM

Posted 01 January 2014 - 07:54 PM

Please do this next:

icon11.gif   Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it in the same location as FRST (usually your desktop) as fixlist.txt

C:\$Recycle.Bin\S-1-5-21-2894341859-449193735-290855946-1000\$7119cab43d92801844586c41e2f9504e
C:\Users\Brad\twunk_32.exe
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now run FRST again.
  • When the tool opens click Yes to disclaimer.
  • Press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) please post it to your reply.

icon11.gif  Download Combofix from HERE, and save it to your desktop.  

**Note:  It is important that it is saved directly to your desktop**

--------------------------------------------------------------------
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link
--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.
  • If you have trouble, stop and post back.  Do not try to repeatedly run comboFix!
  • When finished, it will produce a report for you.
.
Note: If after running ComboFix you receive a message stating, "Illegal Operation Attempted on a registry key that has been marked for deletion" rebooting your computer will resolve the problem.

Please include the following in your next post:
  • Fixlog.txt Report
  • ComboFix log

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#9 Guitarbuilder

Guitarbuilder
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 01 January 2014 - 08:56 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-12-2013 01
Ran by Brad at 2014-01-01 20:29:31 Run:1
Running from C:\Users\Brad\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\$Recycle.Bin\S-1-5-21-2894341859-449193735-290855946-1000\$7119cab43d92801844586c41e2f9504e
C:\Users\Brad\twunk_32.exe
*****************

C:\$Recycle.Bin\S-1-5-21-2894341859-449193735-290855946-1000\$7119cab43d92801844586c41e2f9504e => Moved successfully.
C:\Users\Brad\twunk_32.exe => Moved successfully.

==== End of Fixlog ====

 

when running combofix, this warning appeared:

see attached:  warning 1.png

 

I can't find anyplace to terminate MSE. 

Task manager does not show it running.

Clicked OK

 

This warning popped up see warning 2.png

 

I have NOT clicked ok,  waiting for your suggestion.


Edited by Guitarbuilder, 02 January 2014 - 12:18 PM.


#10 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:17 PM

Posted 02 January 2014 - 12:05 AM

If you have an icon in your system tray (near the clock) for MSE, use these instructions to disable it.  If you don't, reboot into the Safe Mode and run ComboFix from there:

 

Microsoft Security Essentials

  • Right click on the system tray icon, and select "Open"

  • Click on the "Settings" tab

  • On the left side of the screen, click on "Real-time protection"

  • Uncheck "Turn on Real-time protection"

  • Click on "Save Changes"


Edited by RPMcMurphy, 02 January 2014 - 12:06 AM.

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#11 Guitarbuilder

Guitarbuilder
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 02 January 2014 - 12:09 PM

No MSE icon in system tray for MSE. (see attached images)

No MSE Process in Task Manager to disable.

Rebooted in Safe Mode and ran ComboFix at 4:00am: ComboFix got stuck on blue screen while attempting to create restore point (see attached images)  I allowed ComboFix to run from 4:00am - 11:30 am today.

 

 

 

 

 

Attached Files



#12 Guitarbuilder

Guitarbuilder
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 02 January 2014 - 12:16 PM

Can't attach the other images, I've exceed my allotted disk space.



#13 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:17 PM

Posted 02 January 2014 - 05:53 PM

OK, please reboot and do this next.  I'd also like to see the rkill log that was produced when you ran it earlier:

icon11.gif  Download TDSSKiller.zip and extract TDSSKiller.exe to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • when the window opens, click on Change Parameters
  • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
  • If Malicious objects are found then ensure Cure is selected.  Important - If there is no option to "Cure" it is critical that you select "Skip"
  • Then click Continue > Reboot now
  • Once complete, a log will be produced in c:\. It will be named for example, TDSSKiller.2.7.1.0_19.01.2012_17.24.26_log.txt
  • Post that log, please.

Please include the following in your next post:
  • rkill log from earlier
  • TDSSKiller log


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#14 Guitarbuilder

Guitarbuilder
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 02 January 2014 - 07:37 PM

Ran TDSSKiller.exe with “Detect TDLFS File System” checked

 

"No Threats found"  It Did not generate a report or reboot

 

Viewed report (from top right side of TDSSKiller main screeen, copy and pasted below.

 

 

19:17:03.0607 0x09d0  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
19:17:06.0680 0x09d0  ============================================================
19:17:06.0680 0x09d0  Current date / time: 2014/01/02 19:17:06.0680
19:17:06.0680 0x09d0  SystemInfo:
19:17:06.0680 0x09d0 
19:17:06.0680 0x09d0  OS Version: 6.1.7601 ServicePack: 1.0
19:17:06.0680 0x09d0  Product type: Workstation
19:17:06.0680 0x09d0  ComputerName: BRAD-MAIN-PC
19:17:06.0680 0x09d0  UserName: Brad
19:17:06.0680 0x09d0  Windows directory: C:\Windows
19:17:06.0680 0x09d0  System windows directory: C:\Windows
19:17:06.0680 0x09d0  Processor architecture: Intel x86
19:17:06.0680 0x09d0  Number of processors: 2
19:17:06.0680 0x09d0  Page size: 0x1000
19:17:06.0680 0x09d0  Boot type: Normal boot
19:17:06.0680 0x09d0  ============================================================
19:17:08.0724 0x09d0  KLMD registered as C:\Windows\system32\drivers\70055699.sys
19:17:08.0974 0x09d0  System UUID: {297BA782-0785-F0DA-A827-A2C216A97D85}
19:17:09.0691 0x09d0  Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:17:09.0691 0x09d0  Drive \Device\Harddisk1\DR1 - Size: 0x775F8000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:17:09.0691 0x09d0  ============================================================
19:17:09.0691 0x09d0  \Device\Harddisk0\DR0:
19:17:09.0691 0x09d0  MBR partitions:
19:17:09.0691 0x09d0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x177000
19:17:09.0691 0x09d0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x18B000, BlocksNum 0x1D01D800
19:17:09.0691 0x09d0  \Device\Harddisk1\DR1:
19:17:09.0691 0x09d0  MBR partitions:
19:17:09.0691 0x09d0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x3BAD41
19:17:09.0691 0x09d0  ============================================================
19:17:09.0722 0x09d0  C: <-> \Device\Harddisk0\DR0\Partition2
19:17:09.0722 0x09d0  ============================================================
19:17:09.0722 0x09d0  Initialize success
19:17:09.0722 0x09d0  ============================================================
19:17:44.0152 0x0c54  ============================================================
19:17:44.0152 0x0c54  Scan started
19:17:44.0152 0x0c54  Mode: Manual; TDLFS;
19:17:44.0152 0x0c54  ============================================================
19:17:44.0152 0x0c54  KSN ping started
19:17:44.0167 0x0c54  KSN ping finished: false
19:17:44.0604 0x0c54  ================ Scan system memory ========================
19:17:44.0604 0x0c54  System memory - ok
19:17:44.0604 0x0c54  ================ Scan services =============================
19:17:44.0838 0x0c54  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:17:44.0838 0x0c54  1394ohci - ok
19:17:44.0900 0x0c54  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:17:44.0916 0x0c54  ACPI - ok
19:17:44.0932 0x0c54  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:17:44.0932 0x0c54  AcpiPmi - ok
19:17:44.0978 0x0c54  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
19:17:44.0994 0x0c54  adp94xx - ok
19:17:45.0010 0x0c54  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
19:17:45.0010 0x0c54  adpahci - ok
19:17:45.0025 0x0c54  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
19:17:45.0025 0x0c54  adpu320 - ok
19:17:45.0103 0x0c54  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:17:45.0103 0x0c54  AeLookupSvc - ok
19:17:45.0150 0x0c54  [ FE3EA6E9AFC1A78E6EDCA121E006AFB7, B596ABBAC058D93C505C9DBF8685049C88E4364195A4092DB580D2D44FA8C23C ] Afc             C:\Windows\system32\drivers\Afc.sys
19:17:45.0150 0x0c54  Afc - ok
19:17:45.0212 0x0c54  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
19:17:45.0212 0x0c54  AFD - ok
19:17:45.0259 0x0c54  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
19:17:45.0259 0x0c54  agp440 - ok
19:17:45.0290 0x0c54  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
19:17:45.0290 0x0c54  aic78xx - ok
19:17:45.0322 0x0c54  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
19:17:45.0322 0x0c54  ALG - ok
19:17:45.0368 0x0c54  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:17:45.0368 0x0c54  aliide - ok
19:17:45.0400 0x0c54  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
19:17:45.0400 0x0c54  amdagp - ok
19:17:45.0415 0x0c54  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:17:45.0415 0x0c54  amdide - ok
19:17:45.0446 0x0c54  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:17:45.0446 0x0c54  AmdK8 - ok
19:17:45.0446 0x0c54  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:17:45.0446 0x0c54  AmdPPM - ok
19:17:45.0493 0x0c54  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:17:45.0493 0x0c54  amdsata - ok
19:17:45.0493 0x0c54  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:17:45.0509 0x0c54  amdsbs - ok
19:17:45.0524 0x0c54  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:17:45.0524 0x0c54  amdxata - ok
19:17:45.0540 0x0c54  andnetndis - ok
19:17:45.0587 0x0c54  [ A13E80DEEDFE801A969BE4549A8879B6, 2936C5F352FEFA624936FB578C96FDC041ADC735D75142039B10689D94806367 ] androidusb      C:\Windows\system32\Drivers\wsadb.sys
19:17:45.0587 0x0c54  androidusb - ok
19:17:45.0634 0x0c54  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
19:17:45.0634 0x0c54  AppID - ok
19:17:45.0680 0x0c54  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:17:45.0680 0x0c54  AppIDSvc - ok
19:17:45.0727 0x0c54  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
19:17:45.0727 0x0c54  Appinfo - ok
19:17:45.0758 0x0c54  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:17:45.0774 0x0c54  AppMgmt - ok
19:17:45.0790 0x0c54  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
19:17:45.0790 0x0c54  arc - ok
19:17:45.0805 0x0c54  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:17:45.0805 0x0c54  arcsas - ok
19:17:45.0883 0x0c54  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:17:45.0883 0x0c54  aspnet_state - ok
19:17:45.0899 0x0c54  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:17:45.0899 0x0c54  AsyncMac - ok
19:17:45.0946 0x0c54  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:17:45.0946 0x0c54  atapi - ok
19:17:46.0008 0x0c54  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:17:46.0024 0x0c54  AudioEndpointBuilder - ok
19:17:46.0039 0x0c54  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:17:46.0055 0x0c54  Audiosrv - ok
19:17:46.0164 0x0c54  [ 3817558D8D5BBC8B0F190CF0D7C4720F, 7CD250DD22BE0E6CF6BEA639EA8220E46158CA7DF33FF803967CEAEA7FBD14E5 ] Autodesk Content Service C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
19:17:46.0164 0x0c54  Autodesk Content Service - ok
19:17:46.0211 0x0c54  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:17:46.0211 0x0c54  AxInstSV - ok
19:17:46.0273 0x0c54  [ CFAD896F667D497873A1B28D50847D41, 11D7AA3E2ADDAE8CB8AE476051ED029A54B91BEDA4CB9079758D051477A73301 ] A_USBETHMP      C:\Windows\system32\Drivers\usbethmp.sys
19:17:46.0273 0x0c54  A_USBETHMP - ok
19:17:46.0320 0x0c54  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
19:17:46.0336 0x0c54  b06bdrv - ok
19:17:46.0367 0x0c54  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
19:17:46.0382 0x0c54  b57nd60x - ok
19:17:46.0414 0x0c54  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
19:17:46.0414 0x0c54  BDESVC - ok
19:17:46.0445 0x0c54  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:17:46.0445 0x0c54  Beep - ok
19:17:46.0507 0x0c54  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
19:17:46.0523 0x0c54  BFE - ok
19:17:46.0570 0x0c54  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
19:17:46.0585 0x0c54  BITS - ok
19:17:46.0616 0x0c54  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:17:46.0616 0x0c54  blbdrive - ok
19:17:46.0663 0x0c54  [ D2F8D15F4852920E1F6B769E982414AD, FFF12AE3DB086AB1634FEE56C77BE36030BA9DB71C72DFD6AC0C1EFAFA7AAF2B ] Blfp            C:\Windows\system32\DRIVERS\basp.sys
19:17:46.0663 0x0c54  Blfp - ok
19:17:46.0710 0x0c54  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:17:46.0710 0x0c54  bowser - ok
19:17:46.0726 0x0c54  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:17:46.0726 0x0c54  BrFiltLo - ok
19:17:46.0741 0x0c54  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:17:46.0741 0x0c54  BrFiltUp - ok
19:17:46.0788 0x0c54  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
19:17:46.0788 0x0c54  BridgeMP - ok
19:17:46.0835 0x0c54  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
19:17:46.0835 0x0c54  Browser - ok
19:17:46.0866 0x0c54  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:17:46.0866 0x0c54  Brserid - ok
19:17:46.0882 0x0c54  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:17:46.0882 0x0c54  BrSerWdm - ok
19:17:46.0897 0x0c54  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:17:46.0897 0x0c54  BrUsbMdm - ok
19:17:46.0913 0x0c54  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:17:46.0913 0x0c54  BrUsbSer - ok
19:17:46.0913 0x0c54  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:17:46.0928 0x0c54  BTHMODEM - ok
19:17:46.0960 0x0c54  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
19:17:46.0960 0x0c54  bthserv - ok
19:17:47.0053 0x0c54  catchme - ok
19:17:47.0131 0x0c54  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:17:47.0131 0x0c54  cdfs - ok
19:17:47.0178 0x0c54  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:17:47.0178 0x0c54  cdrom - ok
19:17:47.0225 0x0c54  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:17:47.0225 0x0c54  CertPropSvc - ok
19:17:47.0256 0x0c54  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:17:47.0256 0x0c54  circlass - ok
19:17:47.0303 0x0c54  [ 3E2AFAFA158C9ED670C106842BDCC81E, 8DBE3D9BBB320F2678F56DC8A3D691FF8536D0D373D55E642EB5A95E381071E1 ] CISVC           C:\Windows\system32\CISVC.EXE
19:17:47.0303 0x0c54  CISVC - ok
19:17:47.0334 0x0c54  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
19:17:47.0350 0x0c54  CLFS - ok
19:17:47.0396 0x0c54  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:17:47.0396 0x0c54  clr_optimization_v2.0.50727_32 - ok
19:17:47.0459 0x0c54  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:17:47.0474 0x0c54  clr_optimization_v4.0.30319_32 - ok
19:17:47.0490 0x0c54  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:17:47.0490 0x0c54  CmBatt - ok
19:17:47.0537 0x0c54  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:17:47.0537 0x0c54  cmdide - ok
19:17:47.0599 0x0c54  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
19:17:47.0615 0x0c54  CNG - ok
19:17:47.0646 0x0c54  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:17:47.0646 0x0c54  Compbatt - ok
19:17:47.0740 0x0c54  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:17:47.0740 0x0c54  CompositeBus - ok
19:17:47.0755 0x0c54  COMSysApp - ok
19:17:47.0771 0x0c54  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
19:17:47.0771 0x0c54  crcdisk - ok
19:17:47.0833 0x0c54  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:17:47.0833 0x0c54  CryptSvc - ok
19:17:47.0864 0x0c54  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
19:17:47.0864 0x0c54  CSC - ok
19:17:47.0927 0x0c54  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
19:17:47.0942 0x0c54  CscService - ok
19:17:47.0989 0x0c54  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:17:48.0005 0x0c54  DcomLaunch - ok
19:17:48.0098 0x0c54  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
19:17:48.0098 0x0c54  defragsvc - ok
19:17:48.0161 0x0c54  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:17:48.0161 0x0c54  DfsC - ok
19:17:48.0239 0x0c54  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:17:48.0239 0x0c54  Dhcp - ok
19:17:48.0270 0x0c54  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
19:17:48.0270 0x0c54  discache - ok
19:17:48.0301 0x0c54  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:17:48.0301 0x0c54  Disk - ok
19:17:48.0317 0x0c54  dlbf_device - ok
19:17:48.0364 0x0c54  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:17:48.0364 0x0c54  Dnscache - ok
19:17:48.0410 0x0c54  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:17:48.0410 0x0c54  dot3svc - ok
19:17:48.0473 0x0c54  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
19:17:48.0473 0x0c54  DPS - ok
19:17:48.0488 0x0c54  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:17:48.0488 0x0c54  drmkaud - ok
19:17:48.0566 0x0c54  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:17:48.0582 0x0c54  DXGKrnl - ok
19:17:48.0676 0x0c54  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
19:17:48.0676 0x0c54  EapHost - ok
19:17:48.0800 0x0c54  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
19:17:48.0847 0x0c54  ebdrv - ok
19:17:48.0894 0x0c54  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe
19:17:48.0894 0x0c54  EFS - ok
19:17:48.0956 0x0c54  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:17:48.0972 0x0c54  ehRecvr - ok
19:17:49.0003 0x0c54  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
19:17:49.0003 0x0c54  ehSched - ok
19:17:49.0050 0x0c54  [ B8EAC99B14772BDC36CA963AED109FA2, 332484E0F0E5D2C4F45A9D840B2946D247B0AA03697E1A1196F04A330A37FEDE ] ElRawDisk       C:\Windows\system32\drivers\rsdrv.sys
19:17:49.0066 0x0c54  ElRawDisk - ok
19:17:49.0097 0x0c54  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
19:17:49.0112 0x0c54  elxstor - ok
19:17:49.0159 0x0c54  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:17:49.0159 0x0c54  ErrDev - ok
19:17:49.0206 0x0c54  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
19:17:49.0206 0x0c54  EventSystem - ok
19:17:49.0222 0x0c54  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:17:49.0237 0x0c54  exfat - ok
19:17:49.0253 0x0c54  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:17:49.0253 0x0c54  fastfat - ok
19:17:49.0315 0x0c54  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
19:17:49.0331 0x0c54  Fax - ok
19:17:49.0362 0x0c54  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:17:49.0362 0x0c54  fdc - ok
19:17:49.0378 0x0c54  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
19:17:49.0378 0x0c54  fdPHost - ok
19:17:49.0393 0x0c54  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:17:49.0393 0x0c54  FDResPub - ok
19:17:49.0549 0x0c54  [ CBA4C35BB345343439C1B50B72B9A9A5, 3D48EE0D1A5729112CEFA9D8D6F4E3624A5B77E3992795CCDB24D98D5BF774FD ] FEBF            C:\Users\Brad\AppData\Local\Temp\FEBF.exe
19:17:49.0565 0x0c54  FEBF - ok
19:17:49.0627 0x0c54  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:17:49.0627 0x0c54  FileInfo - ok
19:17:49.0643 0x0c54  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:17:49.0643 0x0c54  Filetrace - ok
19:17:49.0752 0x0c54  [ 65570FE2FE17C5D3DF2132DA0FBE760B, 4AF06BE0EA231523A05727C26FC39840516526962F279C7DF892E3DDA9DB0808 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:17:49.0783 0x0c54  FLEXnet Licensing Service - ok
19:17:49.0799 0x0c54  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:17:49.0799 0x0c54  flpydisk - ok
19:17:49.0861 0x0c54  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:17:49.0861 0x0c54  FltMgr - ok
19:17:49.0970 0x0c54  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
19:17:49.0986 0x0c54  FontCache - ok
19:17:50.0080 0x0c54  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:17:50.0080 0x0c54  FontCache3.0.0.0 - ok
19:17:50.0111 0x0c54  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:17:50.0111 0x0c54  FsDepends - ok
19:17:50.0173 0x0c54  [ B0082808A6856A252F7CDD939892CE50, 3A069239629C4F54049A2CFC6642AC5102ECEAA74470BAA9DDB1AB108D1060EE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
19:17:50.0173 0x0c54  fssfltr - ok
19:17:50.0298 0x0c54  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
19:17:50.0345 0x0c54  fsssvc - ok
19:17:50.0376 0x0c54  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:17:50.0376 0x0c54  Fs_Rec - ok
19:17:50.0423 0x0c54  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:17:50.0438 0x0c54  fvevol - ok
19:17:50.0470 0x0c54  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:17:50.0470 0x0c54  gagp30kx - ok
19:17:50.0532 0x0c54  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:17:50.0548 0x0c54  gpsvc - ok
19:17:50.0594 0x0c54  gupdate1cacdfadb3411c1 - ok
19:17:50.0610 0x0c54  gupdatem - ok
19:17:50.0641 0x0c54  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:17:50.0641 0x0c54  hcw85cir - ok
19:17:50.0688 0x0c54  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:17:50.0688 0x0c54  HDAudBus - ok
19:17:50.0704 0x0c54  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
19:17:50.0704 0x0c54  HidBatt - ok
19:17:50.0704 0x0c54  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:17:50.0704 0x0c54  HidBth - ok
19:17:50.0719 0x0c54  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
19:17:50.0719 0x0c54  HidIr - ok
19:17:50.0735 0x0c54  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
19:17:50.0750 0x0c54  hidserv - ok
19:17:50.0797 0x0c54  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:17:50.0797 0x0c54  HidUsb - ok
19:17:50.0844 0x0c54  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:17:50.0844 0x0c54  hkmsvc - ok
19:17:50.0860 0x0c54  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:17:50.0875 0x0c54  HomeGroupListener - ok
19:17:50.0891 0x0c54  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:17:50.0891 0x0c54  HomeGroupProvider - ok
19:17:50.0938 0x0c54  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:17:50.0938 0x0c54  HpSAMD - ok
19:17:51.0016 0x0c54  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:17:51.0031 0x0c54  HTTP - ok
19:17:51.0031 0x0c54  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:17:51.0047 0x0c54  hwpolicy - ok
19:17:51.0094 0x0c54  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:17:51.0094 0x0c54  i8042prt - ok
19:17:51.0140 0x0c54  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:17:51.0156 0x0c54  iaStorV - ok
19:17:51.0218 0x0c54  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:17:51.0234 0x0c54  IDriverT - ok
19:17:51.0312 0x0c54  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:17:51.0328 0x0c54  idsvc - ok
19:17:51.0343 0x0c54  IEEtwCollectorService - ok
19:17:51.0374 0x0c54  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
19:17:51.0374 0x0c54  iirsp - ok
19:17:51.0421 0x0c54  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:17:51.0437 0x0c54  IKEEXT - ok
19:17:51.0562 0x0c54  [ 53613A3F3EF4E33A640CB3B1CD9BA38B, CB2BB81C5FEFAB4190B4390824D76AB04319B8D61475318B3930E94A5D148F5E ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHDA.sys
19:17:51.0608 0x0c54  IntcAzAudAddService - ok
19:17:51.0671 0x0c54  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:17:51.0671 0x0c54  intelide - ok
19:17:51.0718 0x0c54  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:17:51.0733 0x0c54  intelppm - ok
19:17:51.0749 0x0c54  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:17:51.0749 0x0c54  IPBusEnum - ok
19:17:51.0796 0x0c54  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:17:51.0811 0x0c54  IpFilterDriver - ok
19:17:51.0858 0x0c54  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:17:51.0874 0x0c54  iphlpsvc - ok
19:17:51.0920 0x0c54  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:17:51.0920 0x0c54  IPMIDRV - ok
19:17:51.0936 0x0c54  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:17:51.0936 0x0c54  IPNAT - ok
19:17:52.0045 0x0c54  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:17:52.0045 0x0c54  IRENUM - ok
19:17:52.0092 0x0c54  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:17:52.0092 0x0c54  isapnp - ok
19:17:52.0108 0x0c54  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:17:52.0123 0x0c54  iScsiPrt - ok
19:17:52.0139 0x0c54  [ 62632763D9B2B7F92D2968D40406E7AA, EC11B3CF6E0DF6515B3879E98F894A43855EE21115C4F305D9857ACAA538F6E5 ] k57nd60x        C:\Windows\system32\DRIVERS\k57nd60x.sys
19:17:52.0154 0x0c54  k57nd60x - ok
19:17:52.0201 0x0c54  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:17:52.0201 0x0c54  kbdclass - ok
19:17:52.0248 0x0c54  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:17:52.0248 0x0c54  kbdhid - ok
19:17:52.0295 0x0c54  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe
19:17:52.0295 0x0c54  KeyIso - ok
19:17:52.0357 0x0c54  [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:17:52.0357 0x0c54  KSecDD - ok
19:17:52.0420 0x0c54  [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:17:52.0420 0x0c54  KSecPkg - ok
19:17:52.0451 0x0c54  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:17:52.0466 0x0c54  KtmRm - ok
19:17:52.0513 0x0c54  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
19:17:52.0513 0x0c54  LanmanServer - ok
19:17:52.0560 0x0c54  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:17:52.0576 0x0c54  LanmanWorkstation - ok
19:17:52.0654 0x0c54  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:17:52.0654 0x0c54  lltdio - ok
19:17:52.0669 0x0c54  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:17:52.0685 0x0c54  lltdsvc - ok
19:17:52.0732 0x0c54  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:17:52.0732 0x0c54  lmhosts - ok
19:17:52.0747 0x0c54  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:17:52.0763 0x0c54  LSI_FC - ok
19:17:52.0763 0x0c54  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
19:17:52.0763 0x0c54  LSI_SAS - ok
19:17:52.0778 0x0c54  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:17:52.0778 0x0c54  LSI_SAS2 - ok
19:17:52.0778 0x0c54  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:17:52.0794 0x0c54  LSI_SCSI - ok
19:17:52.0810 0x0c54  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:17:52.0810 0x0c54  luafv - ok
19:17:52.0825 0x0c54  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
19:17:52.0825 0x0c54  MBAMProtector - ok
19:17:52.0903 0x0c54  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:17:52.0903 0x0c54  MBAMScheduler - ok
19:17:52.0950 0x0c54  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:17:52.0966 0x0c54  MBAMService - ok
19:17:53.0090 0x0c54  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:17:53.0090 0x0c54  Mcx2Svc - ok
19:17:53.0137 0x0c54  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
19:17:53.0153 0x0c54  MDM - ok
19:17:53.0168 0x0c54  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
19:17:53.0168 0x0c54  megasas - ok
19:17:53.0184 0x0c54  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:17:53.0200 0x0c54  MegaSR - ok
19:17:53.0558 0x0c54  MFE_RR - ok
19:17:53.0621 0x0c54  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
19:17:53.0621 0x0c54  MMCSS - ok
19:17:53.0652 0x0c54  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
19:17:53.0652 0x0c54  Modem - ok
19:17:53.0683 0x0c54  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:17:53.0683 0x0c54  monitor - ok
19:17:53.0730 0x0c54  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:17:53.0730 0x0c54  mouclass - ok
19:17:53.0746 0x0c54  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:17:53.0746 0x0c54  mouhid - ok
19:17:53.0792 0x0c54  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:17:53.0808 0x0c54  mountmgr - ok
19:17:53.0855 0x0c54  [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
19:17:53.0855 0x0c54  MpFilter - ok
19:17:53.0902 0x0c54  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:17:53.0902 0x0c54  mpio - ok
19:17:53.0948 0x0c54  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:17:53.0948 0x0c54  mpsdrv - ok
19:17:54.0011 0x0c54  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:17:54.0026 0x0c54  MpsSvc - ok
19:17:54.0073 0x0c54  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:17:54.0073 0x0c54  MRxDAV - ok
19:17:54.0120 0x0c54  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:17:54.0120 0x0c54  mrxsmb - ok
19:17:54.0151 0x0c54  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:17:54.0151 0x0c54  mrxsmb10 - ok
19:17:54.0182 0x0c54  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:17:54.0182 0x0c54  mrxsmb20 - ok
19:17:54.0229 0x0c54  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:17:54.0229 0x0c54  msahci - ok
19:17:54.0260 0x0c54  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:17:54.0276 0x0c54  msdsm - ok
19:17:54.0292 0x0c54  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
19:17:54.0307 0x0c54  MSDTC - ok
19:17:54.0338 0x0c54  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:17:54.0338 0x0c54  Msfs - ok
19:17:54.0354 0x0c54  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:17:54.0354 0x0c54  mshidkmdf - ok
19:17:54.0401 0x0c54  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:17:54.0401 0x0c54  msisadrv - ok
19:17:54.0448 0x0c54  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:17:54.0448 0x0c54  MSiSCSI - ok
19:17:54.0448 0x0c54  msiserver - ok
19:17:54.0479 0x0c54  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:17:54.0479 0x0c54  MSKSSRV - ok
19:17:54.0588 0x0c54  [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:17:54.0588 0x0c54  MsMpSvc - ok
19:17:54.0604 0x0c54  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:17:54.0604 0x0c54  MSPCLOCK - ok
19:17:54.0619 0x0c54  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:17:54.0619 0x0c54  MSPQM - ok
19:17:54.0650 0x0c54  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:17:54.0650 0x0c54  MsRPC - ok
19:17:54.0697 0x0c54  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:17:54.0697 0x0c54  mssmbios - ok
19:17:54.0713 0x0c54  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:17:54.0713 0x0c54  MSTEE - ok
19:17:54.0728 0x0c54  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:17:54.0728 0x0c54  MTConfig - ok
19:17:54.0744 0x0c54  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:17:54.0744 0x0c54  Mup - ok
19:17:54.0791 0x0c54  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
19:17:54.0806 0x0c54  napagent - ok
19:17:54.0838 0x0c54  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:17:54.0838 0x0c54  NativeWifiP - ok
19:17:54.0900 0x0c54  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:17:54.0916 0x0c54  NDIS - ok
19:17:54.0947 0x0c54  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:17:54.0947 0x0c54  NdisCap - ok
19:17:54.0994 0x0c54  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:17:54.0994 0x0c54  NdisTapi - ok
19:17:55.0056 0x0c54  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:17:55.0056 0x0c54  Ndisuio - ok
19:17:55.0087 0x0c54  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:17:55.0103 0x0c54  NdisWan - ok
19:17:55.0134 0x0c54  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:17:55.0134 0x0c54  NDProxy - ok
19:17:55.0212 0x0c54  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:17:55.0212 0x0c54  NetBIOS - ok
19:17:55.0290 0x0c54  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:17:55.0290 0x0c54  NetBT - ok
19:17:55.0337 0x0c54  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe
19:17:55.0337 0x0c54  Netlogon - ok
19:17:55.0368 0x0c54  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
19:17:55.0368 0x0c54  Netman - ok
19:17:55.0446 0x0c54  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:17:55.0446 0x0c54  NetMsmqActivator - ok
19:17:55.0477 0x0c54  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:17:55.0477 0x0c54  NetPipeActivator - ok
19:17:55.0508 0x0c54  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
19:17:55.0524 0x0c54  netprofm - ok
19:17:55.0540 0x0c54  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:17:55.0540 0x0c54  NetTcpActivator - ok
19:17:55.0555 0x0c54  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:17:55.0555 0x0c54  NetTcpPortSharing - ok
19:17:55.0586 0x0c54  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
19:17:55.0586 0x0c54  nfrd960 - ok
19:17:55.0618 0x0c54  [ 32FF06EC6D946EF791D98D6C838A3090, 319BDD491CB22D0CCCCE76A2854CF469D7AF046289F9C56CD03AE3D3CBC0275E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:17:55.0618 0x0c54  NisDrv - ok
19:17:55.0680 0x0c54  [ 42D33042371BFB1A7D40834590CAFD30, 53DA3618EC10293B2DF686E291A4EF6ACBBD41D116EC762D54106D201A784E87 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
19:17:55.0680 0x0c54  NisSrv - ok
19:17:55.0742 0x0c54  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:17:55.0742 0x0c54  NlaSvc - ok
19:17:55.0758 0x0c54  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:17:55.0758 0x0c54  Npfs - ok
19:17:55.0789 0x0c54  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
19:17:55.0789 0x0c54  nsi - ok
19:17:55.0805 0x0c54  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:17:55.0805 0x0c54  nsiproxy - ok
19:17:55.0898 0x0c54  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:17:55.0930 0x0c54  Ntfs - ok
19:17:55.0976 0x0c54  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
19:17:55.0976 0x0c54  Null - ok
19:17:56.0242 0x0c54  [ 01B4619D89E535B572A9F28D97801712, 36DB951DE6B48F626BAB461E834F04C47ABE13AB03E98B643315EFB5A25524B2 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:17:56.0382 0x0c54  nvlddmkm - ok
19:17:56.0444 0x0c54  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:17:56.0444 0x0c54  nvraid - ok
19:17:56.0460 0x0c54  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:17:56.0460 0x0c54  nvstor - ok
19:17:56.0491 0x0c54  [ 16DAACD80A256077B671921D616CC2B7, 6FB35DDECDCB4F15B42FF7BF2A0F52EB14318D4136960652F11E777CD2F8CBE5 ] nvsvc           C:\Windows\system32\nvvsvc.exe
19:17:56.0522 0x0c54  nvsvc - ok
19:17:56.0647 0x0c54  [ 1E6B99CB8BB7B846F65AB4FEC97DAC61, 8B3944D94652DF43D5310F80E1169D0974FDA5826506837DF7A2960987899324 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:17:56.0663 0x0c54  nvUpdatusService - ok
19:17:56.0725 0x0c54  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:17:56.0725 0x0c54  nv_agp - ok
19:17:56.0819 0x0c54  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:17:56.0834 0x0c54  odserv - ok
19:17:56.0866 0x0c54  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:17:56.0866 0x0c54  ohci1394 - ok
19:17:56.0959 0x0c54  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:17:56.0975 0x0c54  ose - ok
19:17:57.0068 0x0c54  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:17:57.0084 0x0c54  p2pimsvc - ok
19:17:57.0100 0x0c54  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:17:57.0115 0x0c54  p2psvc - ok
19:17:57.0131 0x0c54  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:17:57.0146 0x0c54  Parport - ok
19:17:57.0178 0x0c54  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:17:57.0178 0x0c54  partmgr - ok
19:17:57.0193 0x0c54  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
19:17:57.0193 0x0c54  Parvdm - ok
19:17:57.0224 0x0c54  [ 4088C1ECD1F54281A92FA663B0FDC36F, DF6EF6C6ACBF7604681D86D352773E8C11937995C512761C66D50DB126F581C2 ] PBADRV          C:\Windows\system32\DRIVERS\PBADRV.sys
19:17:57.0224 0x0c54  PBADRV - ok
19:17:57.0240 0x0c54  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:17:57.0256 0x0c54  PcaSvc - ok
19:17:57.0287 0x0c54  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
19:17:57.0287 0x0c54  pci - ok
19:17:57.0334 0x0c54  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:17:57.0334 0x0c54  pciide - ok
19:17:57.0365 0x0c54  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:17:57.0365 0x0c54  pcmcia - ok
19:17:57.0380 0x0c54  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:17:57.0380 0x0c54  pcw - ok
19:17:57.0427 0x0c54  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:17:57.0443 0x0c54  PEAUTH - ok
19:17:57.0505 0x0c54  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
19:17:57.0536 0x0c54  PeerDistSvc - ok
19:17:57.0661 0x0c54  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
19:17:57.0708 0x0c54  pla - ok
19:17:57.0755 0x0c54  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:17:57.0770 0x0c54  PlugPlay - ok
19:17:57.0864 0x0c54  [ AE6C778717DE2F6B0C0B5335036D3363, AFFD0806CE14663FAEB64E6C8AC7D43FBC7A3160236DF49C54356E518F94032F ] PMBDeviceInfoProvider C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
19:17:57.0880 0x0c54  PMBDeviceInfoProvider - ok
19:17:57.0895 0x0c54  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:17:57.0911 0x0c54  PNRPAutoReg - ok
19:17:57.0926 0x0c54  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:17:57.0942 0x0c54  PNRPsvc - ok
19:17:57.0989 0x0c54  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:17:57.0989 0x0c54  PolicyAgent - ok
19:17:58.0051 0x0c54  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
19:17:58.0051 0x0c54  Power - ok
19:17:58.0082 0x0c54  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:17:58.0082 0x0c54  PptpMiniport - ok
19:17:58.0098 0x0c54  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
19:17:58.0098 0x0c54  Processor - ok
19:17:58.0145 0x0c54  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:17:58.0160 0x0c54  ProfSvc - ok
19:17:58.0160 0x0c54  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:17:58.0160 0x0c54  ProtectedStorage - ok
19:17:58.0192 0x0c54  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:17:58.0207 0x0c54  Psched - ok
19:17:58.0223 0x0c54  [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
19:17:58.0238 0x0c54  PSI_SVC_2 - ok
19:17:58.0254 0x0c54  [ 40FEDD328F98245AD201CF5F9F311724, CE1582652B6A7CACE46D8B492CAA8E51EA46C3890EF640E8C5E1E053731A4D74 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
19:17:58.0254 0x0c54  PxHelp20 - ok
19:17:58.0316 0x0c54  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:17:58.0348 0x0c54  ql2300 - ok
19:17:58.0348 0x0c54  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:17:58.0363 0x0c54  ql40xx - ok
19:17:58.0379 0x0c54  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
19:17:58.0379 0x0c54  QWAVE - ok
19:17:58.0394 0x0c54  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:17:58.0394 0x0c54  QWAVEdrv - ok
19:17:58.0410 0x0c54  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:17:58.0410 0x0c54  RasAcd - ok
19:17:58.0457 0x0c54  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:17:58.0472 0x0c54  RasAgileVpn - ok
19:17:58.0488 0x0c54  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
19:17:58.0504 0x0c54  RasAuto - ok
19:17:58.0519 0x0c54  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:17:58.0519 0x0c54  Rasl2tp - ok
19:17:58.0613 0x0c54  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
19:17:58.0628 0x0c54  RasMan - ok
19:17:58.0675 0x0c54  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:17:58.0675 0x0c54  RasPppoe - ok
19:17:58.0691 0x0c54  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:17:58.0691 0x0c54  RasSstp - ok
19:17:58.0753 0x0c54  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:17:58.0753 0x0c54  rdbss - ok
19:17:58.0784 0x0c54  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:17:58.0784 0x0c54  rdpbus - ok
19:17:58.0816 0x0c54  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:17:58.0816 0x0c54  RDPCDD - ok
19:17:58.0862 0x0c54  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:17:58.0878 0x0c54  RDPDR - ok
19:17:58.0925 0x0c54  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:17:58.0925 0x0c54  RDPENCDD - ok
19:17:58.0925 0x0c54  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:17:58.0925 0x0c54  RDPREFMP - ok
19:17:58.0987 0x0c54  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:17:58.0987 0x0c54  RdpVideoMiniport - ok
19:17:59.0034 0x0c54  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:17:59.0034 0x0c54  RDPWD - ok
19:17:59.0096 0x0c54  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:17:59.0096 0x0c54  rdyboost - ok
19:17:59.0128 0x0c54  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:17:59.0143 0x0c54  RemoteAccess - ok
19:17:59.0159 0x0c54  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:17:59.0159 0x0c54  RemoteRegistry - ok
19:17:59.0190 0x0c54  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:17:59.0190 0x0c54  RpcEptMapper - ok
19:17:59.0221 0x0c54  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
19:17:59.0221 0x0c54  RpcLocator - ok
19:17:59.0284 0x0c54  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
19:17:59.0284 0x0c54  RpcSs - ok
19:17:59.0330 0x0c54  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:17:59.0330 0x0c54  rspndr - ok
19:17:59.0362 0x0c54  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
19:17:59.0362 0x0c54  s3cap - ok
19:17:59.0377 0x0c54  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe
19:17:59.0377 0x0c54  SamSs - ok
19:17:59.0393 0x0c54  SbieDrv - ok
19:17:59.0408 0x0c54  SbieSvc - ok
19:17:59.0440 0x0c54  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
19:17:59.0455 0x0c54  sbp2port - ok
19:17:59.0518 0x0c54  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:17:59.0518 0x0c54  SCardSvr - ok
19:17:59.0564 0x0c54  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:17:59.0564 0x0c54  scfilter - ok
19:17:59.0627 0x0c54  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
19:17:59.0658 0x0c54  Schedule - ok
19:17:59.0689 0x0c54  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:17:59.0689 0x0c54  SCPolicySvc - ok
19:17:59.0705 0x0c54  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:17:59.0705 0x0c54  SDRSVC - ok
19:17:59.0736 0x0c54  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:17:59.0736 0x0c54  secdrv - ok
19:17:59.0767 0x0c54  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
19:17:59.0767 0x0c54  seclogon - ok
19:17:59.0908 0x0c54  [ D7F978C1B6387544FE132EB5B915ED1A, A3DD9D8876CAD1843974492B45DCA8745ABB7ACCFA6CFA0565F4A1BA0212150F ] SecureStorageService C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
19:17:59.0939 0x0c54  SecureStorageService - ok
19:17:59.0970 0x0c54  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
19:17:59.0970 0x0c54  SENS - ok
19:17:59.0986 0x0c54  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:17:59.0986 0x0c54  SensrSvc - ok
19:18:00.0001 0x0c54  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:18:00.0001 0x0c54  Serenum - ok
19:18:00.0017 0x0c54  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:18:00.0017 0x0c54  Serial - ok
19:18:00.0064 0x0c54  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:18:00.0064 0x0c54  sermouse - ok
19:18:00.0126 0x0c54  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:18:00.0126 0x0c54  SessionEnv - ok
19:18:00.0173 0x0c54  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:18:00.0173 0x0c54  sffdisk - ok
19:18:00.0204 0x0c54  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:18:00.0204 0x0c54  sffp_mmc - ok
19:18:00.0235 0x0c54  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:18:00.0235 0x0c54  sffp_sd - ok
19:18:00.0266 0x0c54  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
19:18:00.0282 0x0c54  sfloppy - ok
19:18:00.0329 0x0c54  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:18:00.0344 0x0c54  SharedAccess - ok
19:18:00.0438 0x0c54  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:18:00.0454 0x0c54  ShellHWDetection - ok
19:18:00.0516 0x0c54  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
19:18:00.0516 0x0c54  sisagp - ok
19:18:00.0563 0x0c54  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:18:00.0563 0x0c54  SiSRaid2 - ok
19:18:00.0594 0x0c54  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:18:00.0594 0x0c54  SiSRaid4 - ok
19:18:00.0594 0x0c54  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:18:00.0594 0x0c54  Smb - ok
19:18:00.0641 0x0c54  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:18:00.0641 0x0c54  SNMPTRAP - ok
19:18:00.0672 0x0c54  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:18:00.0672 0x0c54  spldr - ok
19:18:00.0734 0x0c54  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
19:18:00.0750 0x0c54  Spooler - ok
19:18:00.0890 0x0c54  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
19:18:00.0953 0x0c54  sppsvc - ok
19:18:01.0000 0x0c54  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:18:01.0000 0x0c54  sppuinotify - ok
19:18:01.0031 0x0c54  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:18:01.0031 0x0c54  srv - ok
19:18:01.0046 0x0c54  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:18:01.0062 0x0c54  srv2 - ok
19:18:01.0078 0x0c54  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:18:01.0078 0x0c54  srvnet - ok
19:18:01.0109 0x0c54  [ D5DFFEAA1E15D4EFFABB9D9A3068AC5B, CBB57877DF2F4D5CCF39D65E863F4C3EC30E6EBBD95132667908BF6E638E27FA ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
19:18:01.0109 0x0c54  sscdbus - ok
19:18:01.0124 0x0c54  [ 8A1BE0C347814F482F493AEA619D57F6, 868AA830CC581FDB66F065938F8AC69621FD2E1767D5A29BAD1B9DB154C46F4A ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
19:18:01.0124 0x0c54  sscdmdfl - ok
19:18:01.0140 0x0c54  [ 5AB0B1987F682A59B15B78F84C6AD7D0, 1A7FD72E82884D16525F36C0394F2F6845FE9F3580D9A01E6066605E5B72AB8D ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
19:18:01.0140 0x0c54  sscdmdm - ok
19:18:01.0156 0x0c54  [ 751E66EB32EFA80633B80F5D7FF0A1D8, 0826F4E707D27F633CB3B0D2B3EE6B8A9FBB6E00A91A26A33D0223CCBFF4799B ] sscdserd        C:\Windows\system32\DRIVERS\sscdserd.sys
19:18:01.0156 0x0c54  sscdserd - ok
19:18:01.0202 0x0c54  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:18:01.0202 0x0c54  SSDPSRV - ok
19:18:01.0265 0x0c54  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:18:01.0280 0x0c54  SstpSvc - ok
19:18:01.0390 0x0c54  [ 40356C93EB28C97111A63F4893CC7E3E, 75C82024B955ED82F0E20A6AF9524FD95A4A40D18DEF6FB6CC1C061FF0163421 ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:18:01.0390 0x0c54  Stereo Service - ok
19:18:01.0421 0x0c54  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:18:01.0421 0x0c54  stexstor - ok
19:18:01.0468 0x0c54  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
19:18:01.0483 0x0c54  StiSvc - ok
19:18:01.0514 0x0c54  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:18:01.0514 0x0c54  storflt - ok
19:18:01.0546 0x0c54  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
19:18:01.0546 0x0c54  StorSvc - ok
19:18:01.0592 0x0c54  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:18:01.0592 0x0c54  storvsc - ok
19:18:01.0624 0x0c54  [ F27B0952AC7B70CB706BAA45962DA1B1, 0ADC0D253D6B8D722E87E1E83E975ECBFA47D54E4580DE7B6179DA1FD5C1CCC5 ] STV680          C:\Windows\system32\drivers\STV680.sys
19:18:01.0624 0x0c54  STV680 - ok
19:18:01.0670 0x0c54  [ 963AD63172A51B45D1752E74E64AA94D, 505E13404AD366F282742DE30B761B9F9715F4FBDA45AE4A8823E4FEA958D62A ] STVrds          C:\Windows\system32\drivers\STVrds.sys
19:18:01.0670 0x0c54  STVrds - ok
19:18:01.0748 0x0c54  [ 78B58486A5CB4F418D06EA2D6E961DB0, A9E3ED090F3EBD81D4D5C4702FB05CEB2E74D85656D88AD350895A8DBCF0FA90 ] SupportSoft RemoteAssist C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe
19:18:01.0764 0x0c54  SupportSoft RemoteAssist - ok
19:18:01.0811 0x0c54  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:18:01.0811 0x0c54  swenum - ok
19:18:01.0842 0x0c54  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
19:18:01.0842 0x0c54  swprv - ok
19:18:01.0920 0x0c54  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
19:18:01.0951 0x0c54  SysMain - ok
19:18:01.0998 0x0c54  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
19:18:01.0998 0x0c54  TabletInputService - ok
19:18:02.0060 0x0c54  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:18:02.0060 0x0c54  TapiSrv - ok
19:18:02.0092 0x0c54  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
19:18:02.0092 0x0c54  TBS - ok
19:18:02.0185 0x0c54  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:18:02.0216 0x0c54  Tcpip - ok
19:18:02.0279 0x0c54  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:18:02.0294 0x0c54  TCPIP6 - ok
19:18:02.0326 0x0c54  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:18:02.0341 0x0c54  tcpipreg - ok
19:18:02.0466 0x0c54  [ 69F1A38A6DBFE682491CB61A596662E3, A1FD47C8D4331132806205756F5793F2602442B233CAA0628FD27D8766321CE0 ] tcsd_win32.exe  C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
19:18:02.0497 0x0c54  tcsd_win32.exe - ok
19:18:02.0700 0x0c54  [ A62F1DE032E59C4BB35557A2219CB160, F1771365B3650D1CC14683AFFBD4D7581152D82108A8529C7ECB1F1CE10A34F4 ] TdmService      C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
19:18:02.0731 0x0c54  TdmService - ok
19:18:02.0762 0x0c54  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:18:02.0762 0x0c54  TDPIPE - ok
19:18:02.0809 0x0c54  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:18:02.0809 0x0c54  TDTCP - ok
19:18:02.0840 0x0c54  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:18:02.0856 0x0c54  tdx - ok
19:18:02.0872 0x0c54  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:18:02.0872 0x0c54  TermDD - ok
19:18:02.0934 0x0c54  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
19:18:02.0950 0x0c54  TermService - ok
19:18:02.0965 0x0c54  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
19:18:02.0981 0x0c54  Themes - ok
19:18:02.0981 0x0c54  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
19:18:02.0996 0x0c54  THREADORDER - ok
19:18:03.0012 0x0c54  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
19:18:03.0012 0x0c54  TrkWks - ok
19:18:03.0090 0x0c54  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:18:03.0106 0x0c54  TrustedInstaller - ok
19:18:03.0215 0x0c54  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:18:03.0215 0x0c54  tssecsrv - ok
19:18:03.0277 0x0c54  [ 9CE253214ACAA5A7D323327D2055EFAA, 15E7DB578EDF36DD2FD5BA960C3941B2353037323B6B96702CDCDC07588EA724 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:18:03.0277 0x0c54  TsUsbFlt - ok
19:18:03.0324 0x0c54  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:18:03.0324 0x0c54  tunnel - ok
19:18:03.0386 0x0c54  tvnserver - ok
19:18:03.0402 0x0c54  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:18:03.0402 0x0c54  uagp35 - ok
19:18:03.0464 0x0c54  [ D363D7083263704287609B607FA9BA8A, E95EF8AB30EA382B8EAEBDDAD2A688CC703042B2DB5E76802F165188D433B150 ] ubloxusb        C:\Windows\system32\DRIVERS\ubloxusb.sys
19:18:03.0480 0x0c54  ubloxusb - ok
19:18:03.0527 0x0c54  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:18:03.0527 0x0c54  udfs - ok
19:18:03.0558 0x0c54  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:18:03.0558 0x0c54  UI0Detect - ok
19:18:03.0605 0x0c54  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:18:03.0605 0x0c54  uliagpkx - ok
19:18:03.0667 0x0c54  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:18:03.0667 0x0c54  umbus - ok
19:18:03.0683 0x0c54  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:18:03.0683 0x0c54  UmPass - ok
19:18:03.0730 0x0c54  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:18:03.0730 0x0c54  UmRdpService - ok
19:18:03.0761 0x0c54  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
19:18:03.0776 0x0c54  upnphost - ok
19:18:03.0839 0x0c54  [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:18:03.0839 0x0c54  usbaudio - ok
19:18:03.0839 0x0c54  usbbus - ok
19:18:03.0886 0x0c54  [ 71D97F1A3CC47A56728F7A400A3F8295, ED3FDB73D8A98D9BAF702C0F5C7AD79D525D19DCE1487D442536913BEA5C7F15 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:18:03.0886 0x0c54  usbccgp - ok
19:18:03.0901 0x0c54  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:18:03.0901 0x0c54  usbcir - ok
19:18:03.0917 0x0c54  UsbDiag - ok
19:18:03.0964 0x0c54  [ C4FB8E7ADEA9B5CEEA885A1B504B7E40, 3E0AE5D236890452F2EA33504309A7E5FE49C567FF6F68A83A5987F05ED01BF0 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:18:03.0964 0x0c54  usbehci - ok
19:18:03.0964 0x0c54  UsbGps - ok
19:18:03.0995 0x0c54  [ 86AA95ACB611001E26CD2C0145F2225A, 584D26E8C9407A4E717DCBF2D3819DB441C2D455B5FDA6654FBA3794E19B4D51 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:18:04.0010 0x0c54  usbhub - ok
19:18:04.0010 0x0c54  USBModem - ok
19:18:04.0026 0x0c54  [ DCDF9855145A14DFCA0AB32308871961, 9A21013AD032195D54CE655DE5363E78BB74CC55C40B889520B478892F4BA40A ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:18:04.0026 0x0c54  usbohci - ok
19:18:04.0057 0x0c54  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:18:04.0057 0x0c54  usbprint - ok
19:18:04.0088 0x0c54  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
19:18:04.0088 0x0c54  usbscan - ok
19:18:04.0135 0x0c54  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:18:04.0135 0x0c54  USBSTOR - ok
19:18:04.0182 0x0c54  [ 8E51D04175BAA14C4F79AA5F6D248770, 6CE2E45E272734A5D1D0C4CE2BD7B61C61C7538903E87203E376495D198EFBD0 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
19:18:04.0182 0x0c54  usbuhci - ok
19:18:04.0213 0x0c54  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
19:18:04.0213 0x0c54  UxSms - ok
19:18:04.0229 0x0c54  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe
19:18:04.0229 0x0c54  VaultSvc - ok
19:18:04.0291 0x0c54  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:18:04.0291 0x0c54  vdrvroot - ok
19:18:04.0338 0x0c54  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
19:18:04.0354 0x0c54  vds - ok
19:18:04.0385 0x0c54  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:18:04.0385 0x0c54  vga - ok
19:18:04.0400 0x0c54  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:18:04.0400 0x0c54  VgaSave - ok
19:18:04.0447 0x0c54  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
19:18:04.0463 0x0c54  vhdmp - ok
19:18:04.0510 0x0c54  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
19:18:04.0510 0x0c54  viaagp - ok
19:18:04.0525 0x0c54  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
19:18:04.0525 0x0c54  ViaC7 - ok
19:18:04.0588 0x0c54  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:18:04.0588 0x0c54  viaide - ok
19:18:04.0634 0x0c54  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:18:04.0634 0x0c54  vmbus - ok
19:18:04.0650 0x0c54  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
19:18:04.0650 0x0c54  VMBusHID - ok
19:18:04.0681 0x0c54  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:18:04.0681 0x0c54  volmgr - ok
19:18:04.0790 0x0c54  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:18:04.0790 0x0c54  volmgrx - ok
19:18:04.0837 0x0c54  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:18:04.0837 0x0c54  volsnap - ok
19:18:04.0931 0x0c54  [ B26536ADD1D748CDA104D856C979AE79, C88FBCD63DB3607232616FAB989F0FD7FB00ED542E6AC1BC76076A7C13A6FB22 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
19:18:04.0931 0x0c54  vpcbus - ok
19:18:04.0993 0x0c54  [ A0F7E923A6261760130F22B85DF9040E, E70ED14497262C75CC2D4B67B046BB43D8F47A4B8487D258694891E9B4C6DA44 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
19:18:04.0993 0x0c54  vpcnfltr - ok
19:18:05.0024 0x0c54  [ 5F4B55E91CE7E2523C9E1E0ECE858869, 3C395198C1845A15C4E39888383587A5E481E2761B885DBB5FC2C17C7075E6B4 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
19:18:05.0024 0x0c54  vpcusb - ok
19:18:05.0040 0x0c54  [ B487191FE18D6863381A1AC55482469A, 77A6C87E833E90FFD2FF51C6B28041D8AE9C6CE293DA4166E65470C18C017971 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
19:18:05.0056 0x0c54  vpcvmm - ok
19:18:05.0071 0x0c54  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
19:18:05.0087 0x0c54  vsmraid - ok
19:18:05.0149 0x0c54  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
19:18:05.0180 0x0c54  VSS - ok
19:18:05.0227 0x0c54  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:18:05.0227 0x0c54  vwifibus - ok
19:18:05.0258 0x0c54  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
19:18:05.0258 0x0c54  W32Time - ok
19:18:05.0290 0x0c54  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:18:05.0290 0x0c54  WacomPen - ok
19:18:05.0336 0x0c54  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:18:05.0352 0x0c54  WANARP - ok
19:18:05.0352 0x0c54  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:18:05.0352 0x0c54  Wanarpv6 - ok
19:18:05.0446 0x0c54  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:18:05.0477 0x0c54  WatAdminSvc - ok
19:18:05.0524 0x0c54  [ 4011D285C449DD833040045CB0F0E3FE, 3A63BEA7D56C5651E372583FAE3D62005C44968D44AE723FB66FCE441257FB64 ] WavxDMgr        C:\Windows\system32\DRIVERS\WavxDMgr.sys
19:18:05.0524 0x0c54  WavxDMgr - ok
19:18:05.0602 0x0c54  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
19:18:05.0648 0x0c54  wbengine - ok
19:18:05.0680 0x0c54  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:18:05.0680 0x0c54  WbioSrvc - ok
19:18:05.0726 0x0c54  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:18:05.0726 0x0c54  wcncsvc - ok
19:18:05.0773 0x0c54  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:18:05.0773 0x0c54  WcsPlugInService - ok
19:18:05.0804 0x0c54  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:18:05.0804 0x0c54  Wd - ok
19:18:05.0867 0x0c54  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:18:05.0882 0x0c54  Wdf01000 - ok
19:18:05.0898 0x0c54  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:18:05.0914 0x0c54  WdiServiceHost - ok
19:18:05.0914 0x0c54  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:18:05.0929 0x0c54  WdiSystemHost - ok
19:18:05.0976 0x0c54  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
19:18:05.0992 0x0c54  WebClient - ok
19:18:06.0007 0x0c54  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:18:06.0023 0x0c54  Wecsvc - ok
19:18:06.0070 0x0c54  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:18:06.0070 0x0c54  wercplsupport - ok
19:18:06.0101 0x0c54  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
19:18:06.0101 0x0c54  WerSvc - ok
19:18:06.0148 0x0c54  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:18:06.0148 0x0c54  WfpLwf - ok
19:18:06.0163 0x0c54  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:18:06.0163 0x0c54  WIMMount - ok
19:18:06.0241 0x0c54  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
19:18:06.0257 0x0c54  WinDefend - ok
19:18:06.0272 0x0c54  WinHttpAutoProxySvc - ok
19:18:06.0319 0x0c54  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:18:06.0335 0x0c54  Winmgmt - ok
19:18:06.0428 0x0c54  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
19:18:06.0444 0x0c54  WinRM - ok
19:18:06.0600 0x0c54  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:18:06.0600 0x0c54  WinUsb - ok
19:18:06.0678 0x0c54  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:18:06.0694 0x0c54  Wlansvc - ok
19:18:06.0834 0x0c54  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:18:06.0865 0x0c54  wlidsvc - ok
19:18:06.0928 0x0c54  [ B7ECB254F65237F159C16E861528BCB5, 74E8FB46AE454FF067DDAC3958FBD6E0111561CAA19CF9B6E14E7A09B7EB71B6 ] WLRAWMp50x86    C:\Windows\system32\Drivers\WLRAWMp50x86.sys
19:18:06.0928 0x0c54  WLRAWMp50x86 - ok
19:18:06.0943 0x0c54  [ 025CB4C91201D8276E5A0AB5668AE2A2, FDA0D9A3BBEB37585827ACB9C75AEEBEB8359EA2CB87BA4C3C7E328C97729E77 ] WLRAWSp50x86    C:\Windows\system32\Drivers\WLRAWSp50x86.sys
19:18:06.0943 0x0c54  WLRAWSp50x86 - ok
19:18:06.0990 0x0c54  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:18:06.0990 0x0c54  WmiAcpi - ok
19:18:07.0021 0x0c54  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:18:07.0021 0x0c54  wmiApSrv - ok
19:18:07.0115 0x0c54  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
19:18:07.0146 0x0c54  WMPNetworkSvc - ok
19:18:07.0177 0x0c54  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:18:07.0177 0x0c54  WPCSvc - ok
19:18:07.0208 0x0c54  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:18:07.0208 0x0c54  WPDBusEnum - ok
19:18:07.0240 0x0c54  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:18:07.0240 0x0c54  ws2ifsl - ok
19:18:07.0271 0x0c54  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
19:18:07.0271 0x0c54  wscsvc - ok
19:18:07.0286 0x0c54  WSearch - ok
19:18:07.0396 0x0c54  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:18:07.0442 0x0c54  wuauserv - ok
19:18:07.0489 0x0c54  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:18:07.0489 0x0c54  WudfPf - ok
19:18:07.0520 0x0c54  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:18:07.0536 0x0c54  WUDFRd - ok
19:18:07.0552 0x0c54  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:18:07.0552 0x0c54  wudfsvc - ok
19:18:07.0614 0x0c54  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:18:07.0614 0x0c54  WwanSvc - ok
19:18:07.0630 0x0c54  ================ Scan global ===============================
19:18:07.0676 0x0c54  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
19:18:07.0708 0x0c54  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
19:18:07.0723 0x0c54  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
19:18:07.0754 0x0c54  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
19:18:07.0770 0x0c54  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
19:18:07.0786 0x0c54  [ Global ] - ok
19:18:07.0786 0x0c54  ================ Scan MBR ==================================
19:18:07.0801 0x0c54  [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
19:18:08.0004 0x0c54  \Device\Harddisk0\DR0 - ok
19:18:08.0004 0x0c54  [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1
19:18:08.0113 0x0c54  \Device\Harddisk1\DR1 - ok
19:18:08.0113 0x0c54  ================ Scan VBR ==================================
19:18:08.0144 0x0c54  [ 6DD292B2366CC69D7D06F34EFC4A424F ] \Device\Harddisk0\DR0\Partition1
19:18:08.0160 0x0c54  \Device\Harddisk0\DR0\Partition1 - ok
19:18:08.0176 0x0c54  [ 444BAFB485316DEA7B788CC8ECDE3CCE ] \Device\Harddisk0\DR0\Partition2
19:18:08.0191 0x0c54  \Device\Harddisk0\DR0\Partition2 - ok
19:18:08.0207 0x0c54  [ C58E0E94B2915AFEF734D93266129C84 ] \Device\Harddisk1\DR1\Partition1
19:18:08.0207 0x0c54  \Device\Harddisk1\DR1\Partition1 - ok
19:18:08.0222 0x0c54  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
19:18:08.0238 0x0c54  Win FW state via NFP2: enabled
19:18:08.0238 0x0c54  ============================================================
19:18:08.0238 0x0c54  Scan finished
19:18:08.0238 0x0c54  ============================================================
19:18:08.0238 0x01a0  Detected object count: 0
19:18:08.0238 0x01a0  Actual detected object count: 0



#15 Guitarbuilder

Guitarbuilder
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 02 January 2014 - 07:39 PM

Here's is the Rkill.txt you requested:

 

Rkill 2.6.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/01/2014 08:41:15 AM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Windows\system32\nvvsvc.exe (PID: 800) [FI]
 * C:\Windows\system32\nvvsvc.exe (PID: 800) [WD-HEUR]
 * C:\Windows\system32\CISVC.EXE (PID: 1772) [WD-HEUR]
 * C:\Windows\system32\dlbfcoms.exe (PID: 1796) [WD-HEUR]
 * C:\Windows\system32\SearchIndexer.exe (PID: 2468) [WD-HEUR]
 * C:\Windows\system32\nvvsvc.exe (PID: 3252) [FI]
 * C:\Windows\system32\nvvsvc.exe (PID: 3252) [WD-HEUR]
 * C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (PID: 2180) [FI]
 * C:\Windows\system32\taskmgr.exe (PID: 3880) [WD-HEUR]
 * C:\Windows\System32\WUDFHost.exe (PID: 1784) [WD-HEUR]

10 proccesses terminated!

Possibly Patched Files.

 * C:\Windows\system32\csrss.exe
 * C:\Windows\system32\wininit.exe
 * C:\Windows\system32\csrss.exe
 * C:\Windows\system32\services.exe
 * C:\Windows\system32\lsass.exe
 * C:\Windows\system32\lsm.exe
 * C:\Windows\system32\winlogon.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\System32\svchost.exe
 * C:\Windows\System32\svchost.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\System32\spoolsv.exe
 * C:\Windows\System32\svchost.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\system32\wbem\wmiprvse.exe
 * C:\Windows\system32\taskhost.exe
 * C:\Windows\system32\Dwm.exe
 * C:\Windows\system32\DllHost.exe
 * C:\Windows\system32\DllHost.exe
 * C:\Windows\system32\conhost.exe

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * ALERT: ZEROACCESS Reparse Point/Junction found!

     * C:\Windows\delete me $NtUninstallKB43197$ => c:\windows\system32\config\ [Dir]

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * C:\Windows\System32\appmgmts.dll : 149,504 : 07/13/2009 08:14 PM : a45d184df6a8803da13a0b329517a64a [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.1.7600.16385_none_81a53e87bd5d36aa\appmgmts.dll : 149,504 : 07/13/2009 08:14 PM : a45d184df6a8803da13a0b329517a64a [Pos Repl]

 * C:\Windows\System32\browser.dll : 102,912 : 07/04/2012 04:14 PM : 3daa727b5b0a45039b0e1c9a211b8400 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.16385_none_78bf7cdcff520ade\browser.dll : 102,400 : 07/13/2009 08:15 PM : 598e1280e7ff3744f4b8329366cc5635 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.17056_none_78e0d070ff38f28e\browser.dll : 102,912 : 07/04/2012 04:23 PM : a0e691dc6589d4d2cbe373171d1a49e5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.21256_none_796a6f2218568f7f\browser.dll : 102,912 : 07/04/2012 04:24 PM : f319bc3931655b9d5d145ac4f6eae7e2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17514_none_7af090a4fc408e78\browser.dll : 102,400 : 11/20/2010 07:18 AM : 6e11f33d14d020f58d5e02e4d67dfa19 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17887_none_7aa7e7c0fc769589\browser.dll : 102,912 : 07/04/2012 04:14 PM : 3daa727b5b0a45039b0e1c9a211b8400 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.22044_none_7b599b801576accc\browser.dll : 102,912 : 07/04/2012 04:17 PM : 28b0cf997de2852e9d27a36cdd6884c8 [Pos Repl]

 * C:\Windows\System32\cngaudit.dll : 12,288 : 07/13/2009 08:15 PM : 50ba656134f78af64e4dd3c8b6fefd7e [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll : 12,288 : 07/13/2009 08:15 PM : 50ba656134f78af64e4dd3c8b6fefd7e [Pos Repl]

 * C:\Windows\System32\comctl32.dll : 530,432 : 07/04/2013 06:50 AM : 75f5e1fe8d55cf8e577e0ec5f2290d3f [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7600.16385_none_39727524394b18eb\comctl32.dll : 530,432 : 07/13/2009 08:15 PM : b62aa1bb1f63839051441d2c6dd7b775 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_3ba388ec36399c85\comctl32.dll : 530,432 : 11/20/2010 07:18 AM : bdac1aa64495d0f7e1ff810ebbf1f018 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18201_none_3bab3b80363456bb\comctl32.dll : 530,432 : 07/04/2013 06:50 AM : 75f5e1fe8d55cf8e577e0ec5f2290d3f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.22376_none_3bee2a494f8638cf\comctl32.dll : 530,432 : 07/04/2013 06:54 AM : 700bd5a6aa5381d1d8adc4045149dbf6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16385_none_ebf82fc36c758ad5\comctl32.dll : 530,432 : 07/13/2009 08:15 PM : b62aa1bb1f63839051441d2c6dd7b775 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll : 530,432 : 11/20/2010 07:18 AM : bdac1aa64495d0f7e1ff810ebbf1f018 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll : 530,432 : 07/04/2013 06:50 AM : 75f5e1fe8d55cf8e577e0ec5f2290d3f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.22376_none_ee67d2d082b9f619\comctl32.dll : 530,432 : 07/04/2013 06:54 AM : 700bd5a6aa5381d1d8adc4045149dbf6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll : 1,680,896 : 07/13/2009 08:03 PM : 0fa436a553408cbeba070e3182658de3 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll : 1,680,896 : 11/20/2010 06:55 AM : 352b3dc62a0d259a82a052238425c872 [Pos Repl]

 * C:\Windows\System32\comres.dll : 1,297,408 : 07/13/2009 08:04 PM : 808d8a8b2a3074002852bc856d419576 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_2c8730fb47856e94\comres.dll : 1,297,408 : 07/13/2009 08:04 PM : 808d8a8b2a3074002852bc856d419576 [Pos Repl]

 * C:\Windows\System32\conhost.exe : 271,360 : 08/01/2013 07:52 PM : 2de16a63f71d10b42ace01e759078600 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.16385_none_74321d74636d5b24\conhost.exe : 271,360 : 07/13/2009 08:14 PM : 29d9fcdf65b7c823688a035937bb6697 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.17179_none_7440d3f46361c3e2\conhost.exe : 271,360 : 11/29/2012 10:07 PM : 6cf06608d183593d47112173b663e7ed [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.21386_none_74bca1db7c8a30bf\conhost.exe : 271,360 : 11/29/2012 09:59 PM : 0dd21b53d5bc7b1729d9dc40eeffc0ec [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17514_none_7663313c605bdebe\conhost.exe : 271,360 : 11/20/2010 07:17 AM : 156f20e7a89573c2fd7cbc305dfc181f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.18015_none_76641140605b1ff3\conhost.exe : 271,360 : 11/29/2012 09:55 PM : 3fa214b377b8711d859f950fdfeff739 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.18229_none_765d4648605f9b8e\conhost.exe : 271,360 : 08/01/2013 07:52 PM : 2de16a63f71d10b42ace01e759078600 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.22177_none_76aecf1779a79a11\conhost.exe : 271,360 : 11/29/2012 11:58 PM : 4f76642d9fef5bfd7fb3e4b16010067a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.22411_none_76e9b295797c51d6\conhost.exe : 271,360 : 08/02/2013 00:01 AM : 74cc91101c6aac54c198282c3e56db56 [Pos Repl]

 * C:\Windows\System32\cryptsvc.dll : 140,288 : 07/08/2013 11:46 PM : 7ca1becea5de2643addad32670e7a4c9 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll : 135,680 : 07/13/2009 08:15 PM : 9c231178ce4fb385f4b54b0a9080b8a4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll : 139,264 : 06/01/2012 11:45 PM : f2fde6c8dbaad44cc58d1e07e4af4eed [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll : 141,312 : 06/01/2012 11:41 PM : ea8c26ecf1656d9647ef044f115ec6da [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll : 136,192 : 11/20/2010 07:18 AM : a585bebf7d054bd9618eda0922d5484a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll : 140,288 : 06/01/2012 11:36 PM : 96c0e38905cfd788313be8e11dae3f2f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll : 140,288 : 05/09/2013 11:49 PM : 33adf6e0853ab39ea1723be82842c1d3 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll : 140,288 : 05/12/2013 11:45 PM : 3897dff247d9ed0006190349de264e14 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll : 140,288 : 07/08/2013 11:46 PM : 7ca1becea5de2643addad32670e7a4c9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll : 142,336 : 06/01/2012 11:52 PM : 063dd65889d21035311463337bd268e7 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll : 142,848 : 05/10/2013 00:06 AM : e122aa1c9a3cc46ff9ddde46e5eb0c58 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll : 142,848 : 05/10/2013 11:59 PM : ac04d05309bb2c418d0d80b9fb014642 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll : 142,848 : 07/09/2013 08:57 AM : 6db499defcc827317c5371164a7cdb27 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll : 142,848 : 10/04/2013 08:52 PM : f2d9242c3bbd1c36467fcae1ae01733f [Pos Repl]

 * C:\Windows\System32\csrss.exe : 6,144 : 07/13/2009 08:14 PM : 342271f6142e7c70805b8a81e1ba5f5c [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd\csrss.exe : 6,144 : 07/13/2009 08:14 PM : 342271f6142e7c70805b8a81e1ba5f5c [Pos Repl]

 * C:\Windows\System32\ctfmon.exe : 8,704 : 07/13/2009 08:14 PM : 4a3cdcef8ed41b221f3dbef5792fb52d [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe : 8,704 : 07/13/2009 08:14 PM : 4a3cdcef8ed41b221f3dbef5792fb52d [Pos Repl]

 * C:\Windows\System32\d3d8.dll : 1,036,800 : 07/13/2009 08:15 PM : 241a1900c52dcba38b20a4f3671444e0 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d8_31bf3856ad364e35_6.1.7600.16385_none_c222c27ec21ab213\d3d8.dll : 1,036,800 : 07/13/2009 08:15 PM : 241a1900c52dcba38b20a4f3671444e0 [Pos Repl]

 * C:\Windows\System32\d3d8thk.dll : 11,264 : 07/13/2009 08:15 PM : 77b1471a490b53b24efe136f09f76550 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7600.16385_none_c223c2c8c219cb6a\d3d8thk.dll : 11,264 : 07/13/2009 08:15 PM : 77b1471a490b53b24efe136f09f76550 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_c454d690bf084f04\d3d8thk.dll : 11,264 : 07/13/2009 08:15 PM : 77b1471a490b53b24efe136f09f76550 [Pos Repl]

 * C:\Windows\System32\d3d9.dll : 1,828,352 : 11/20/2010 07:18 AM : 6ef5f3f18413c367195f06e503ab86a6 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7600.16385_none_c223c2c8c219cb6a\d3d9.dll : 1,826,816 : 07/13/2009 08:15 PM : 7459301d21c2e21468823f73042d9f87 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_c454d690bf084f04\d3d9.dll : 1,828,352 : 11/20/2010 07:18 AM : 6ef5f3f18413c367195f06e503ab86a6 [Pos Repl]

 * C:\Windows\System32\ddraw.dll : 531,968 : 07/13/2009 08:15 PM : 198552aefeca69d646867ec8d792de95 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.1.7600.16385_none_04dbf9102154d42e\ddraw.dll : 531,968 : 07/13/2009 08:15 PM : 198552aefeca69d646867ec8d792de95 [Pos Repl]

 * C:\Windows\System32\dllhost.exe : 7,168 : 07/13/2009 08:14 PM : a63dc5c2ea944e6657203e0c8edeaf61 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_43fa44d954d596e7\dllhost.exe : 7,168 : 07/13/2009 08:14 PM : a63dc5c2ea944e6657203e0c8edeaf61 [Pos Repl]

 * C:\Windows\System32\dsound.dll : 453,632 : 07/13/2009 08:15 PM : 0e85c11f8850d524b02181c6e02ba9ae [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.1.7600.16385_none_5872147ba3367471\dsound.dll : 453,632 : 07/13/2009 08:15 PM : 0e85c11f8850d524b02181c6e02ba9ae [Pos Repl]

 * C:\Windows\System32\dssenh.dll : 156,728 : 07/13/2009 08:17 PM : 99b9343280af6a4c0f27cf2e28e94bbf [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-d..ellman_software_csp_31bf3856ad364e35_6.1.7600.16385_none_3bcf11a6e63842c7\dssenh.dll : 156,728 : 07/13/2009 08:17 PM : 99b9343280af6a4c0f27cf2e28e94bbf [Pos Repl]

 * C:\Windows\System32\dwm.exe : 92,672 : 07/13/2009 08:14 PM : 505bf4d1cadeb8d4f8bcd08d944de25d [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7600.16385_none_8d79ea381e8590a8\dwm.exe : 92,672 : 07/13/2009 08:14 PM : 505bf4d1cadeb8d4f8bcd08d944de25d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_8faafe001b741442\dwm.exe : 92,672 : 07/13/2009 08:14 PM : 505bf4d1cadeb8d4f8bcd08d944de25d [Pos Repl]

 * C:\Windows\System32\es.dll : 271,360 : 07/13/2009 08:15 PM : f6916efc29d9953d5d0df06882ae8e16 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_0cc3f540b311359a\es.dll : 271,360 : 07/13/2009 08:15 PM : f6916efc29d9953d5d0df06882ae8e16 [Pos Repl]

 * C:\Windows\System32\hid.dll : 22,016 : 07/13/2009 08:15 PM : 63df770df74acb370ef5a16727069aaf [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.1.7600.16385_none_d6829e90e8c23da8\hid.dll : 22,016 : 07/13/2009 08:15 PM : 63df770df74acb370ef5a16727069aaf [Pos Repl]

 * C:\Windows\System32\hnetcfg.dll : 288,256 : 07/13/2009 08:15 PM : 6383c60ec0133b14f5705f96369421b2 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.1.7600.16385_none_b00c9bd7f5ed1c02\hnetcfg.dll : 288,256 : 07/13/2009 08:15 PM : 6383c60ec0133b14f5705f96369421b2 [Pos Repl]

 * C:\Windows\System32\ias.dll : 19,456 : 07/13/2009 08:15 PM : a1e91b5b5273573fc132b683e550b5e6 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.1.7600.16385_none_f8d730c7a3d9d889\ias.dll : 19,456 : 07/13/2009 08:15 PM : a1e91b5b5273573fc132b683e550b5e6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.1.7601.17514_none_fb08448fa0c85c23\ias.dll : 19,456 : 07/13/2009 08:15 PM : a1e91b5b5273573fc132b683e550b5e6 [Pos Repl]

 * C:\Windows\System32\imm32.dll : 118,272 : 11/20/2010 07:19 AM : 4a8e2f20809cc161107faa94f6cf2685 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_5c2c7439dbbe9273\imm32.dll : 118,272 : 07/13/2009 08:15 PM : 5df8132adf721329234403189fc94e16 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.1.7601.17514_none_5e5d8801d8ad160d\imm32.dll : 118,272 : 11/20/2010 07:19 AM : 4a8e2f20809cc161107faa94f6cf2685 [Pos Repl]

 * C:\Windows\System32\ipsecsvc.dll : 350,208 : 11/20/2010 07:19 AM : 53946b69ba0836bd95b03759530c81ec [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-n..-domain-clients-svc_31bf3856ad364e35_6.1.7600.16385_none_43e4cdf54d58d3dd\IPSECSVC.DLL : 350,720 : 07/13/2009 08:15 PM : 48e1b75c6dc0232fd92baae4bd344721 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-n..-domain-clients-svc_31bf3856ad364e35_6.1.7601.17514_none_4615e1bd4a475777\IPSECSVC.DLL : 350,208 : 11/20/2010 07:19 AM : 53946b69ba0836bd95b03759530c81ec [Pos Repl]

 * C:\Windows\System32\kernel32.dll : 868,352 : 08/01/2013 08:49 PM : 6933e2aff444a7a95d5c67e98449163e [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_93943b64b79f1e1f\kernel32.dll : 857,088 : 07/13/2009 08:15 PM : 4605f7ee9805f7e1c98d6c959dd2949c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_93a2f1e4b79386dd\kernel32.dll : 868,352 : 11/30/2012 00:00 AM : e9f8a2515d2adcb9b1208e3576ab31d2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_941ebfcbd0bbf3ba\kernel32.dll : 868,352 : 11/29/2012 11:47 PM : 22bb6afde3d162c3f5e631267070e46d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_95c54f2cb48da1b9\kernel32.dll : 857,600 : 11/20/2010 07:19 AM : 5553784d774ca845380650e010bbda2c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_95c62f30b48ce2ee\kernel32.dll : 868,352 : 11/29/2012 11:47 PM : ae09b85158c66e2c154c5c9b3c0027b3 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18229_none_95bf6438b4915e89\kernel32.dll : 868,352 : 08/01/2013 08:49 PM : 6933e2aff444a7a95d5c67e98449163e [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_9610ed07cdd95d0c\kernel32.dll : 868,352 : 11/30/2012 00:01 AM : 6d0d4b00c7cb4fa829f396a83b327894 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22411_none_964bd085cdae14d1\kernel32.dll : 868,352 : 08/02/2013 00:54 AM : 071350d18f2abc93496040f44d44f592 [Pos Repl]

 * C:\Windows\System32\ksuser.dll : 4,608 : 07/13/2009 08:15 PM : 9c67f6bbda3881cfd02095160cf91576 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7600.16385_none_e7d7f27ff89fda02\ksuser.dll : 4,608 : 07/13/2009 08:15 PM : 9c67f6bbda3881cfd02095160cf91576 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7601.17514_none_ea090647f58e5d9c\ksuser.dll : 4,608 : 07/13/2009 08:15 PM : 9c67f6bbda3881cfd02095160cf91576 [Pos Repl]

 * C:\Windows\System32\linkinfo.dll : 22,016 : 07/13/2009 08:15 PM : 5987ea8a82c53359bcd2c29d6588583e [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_383b884006a7a723\linkinfo.dll : 22,016 : 07/13/2009 08:15 PM : 5987ea8a82c53359bcd2c29d6588583e [Pos Repl]

 * C:\Windows\System32\lpk.dll : 26,112 : 06/05/2013 11:52 PM : f632602316001d517f4ef3b53b9a6c33 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16385_none_a9a96e9bbbd9f2bd\lpk.dll : 26,624 : 07/13/2009 08:15 PM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_abda8263b8c87657\lpk.dll : 26,624 : 07/13/2009 08:15 PM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18177_none_ab9c8559b8f68f07\lpk.dll : 26,112 : 06/05/2013 11:52 PM : f632602316001d517f4ef3b53b9a6c33 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_ac34c1dcd20a42b5\lpk.dll : 26,112 : 06/06/2013 00:03 AM : 6ad2c4ae940c3a73c7e5a50b8bbdbde5 [Pos Repl]

 * C:\Windows\System32\lsass.exe : 22,016 : 09/24/2013 07:49 PM : 803b370865d907ea21dc0c2b6a8936b5 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe : 22,528 : 07/13/2009 08:14 PM : f42309c4191c506b71db5d1126d26318 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe : 22,528 : 11/17/2011 00:36 AM : c2243ff9e9aad0c30e8b1a0914da15b6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe : 22,528 : 11/17/2011 02:09 AM : 05f38cb7cab3ce8e9a1812d517da93ef [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe : 22,528 : 07/13/2009 08:14 PM : f42309c4191c506b71db5d1126d26318 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe : 22,528 : 11/17/2011 00:29 AM : 81951f51e318aecc2d68559e47485cc4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_a82d8b59bb293454\lsass.exe : 22,528 : 11/17/2011 00:29 AM : 81951f51e318aecc2d68559e47485cc4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_a80cf783bb41b5b7\lsass.exe : 22,016 : 09/24/2013 07:49 PM : 803b370865d907ea21dc0c2b6a8936b5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe : 22,528 : 11/17/2011 00:24 AM : fbcb2dfa40862daa7b1534c9538208a5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_a889f15ed46779fd\lsass.exe : 22,528 : 08/24/2012 11:53 AM : 7abc23f3d86880ad62acedc7479608f8 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_a8a66792d452b56a\lsass.exe : 22,016 : 09/24/2013 07:54 PM : 559c7769b397f07e12725ee55337d4c6 [Pos Repl]

 * C:\Windows\System32\lsm.exe : 267,776 : 11/20/2010 07:17 AM : 8aea9a37c1a3565a204d37c5e72ab791 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..localsessionmanager_31bf3856ad364e35_6.1.7600.16385_none_a51b22e46bde44fe\lsm.exe : 261,120 : 07/13/2009 08:14 PM : 398dc10274c0cb861338cfc56e727c9f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..localsessionmanager_31bf3856ad364e35_6.1.7601.17514_none_a74c36ac68ccc898\lsm.exe : 267,776 : 11/20/2010 07:17 AM : 8aea9a37c1a3565a204d37c5e72ab791 [Pos Repl]

 * C:\Windows\System32\mfc40u.dll : 954,288 : 11/20/2010 07:19 AM : ab9eb3745b03ae67ab241a82338dea7b [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7600.16385_none_f2e96828b6e3cefa\mfc40u.dll : 924,944 : 07/13/2009 08:15 PM : f8742fc618ecbda92a406725197e93ae [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7601.17514_none_f51a7bf0b3d25294\mfc40u.dll : 954,288 : 11/20/2010 07:19 AM : ab9eb3745b03ae67ab241a82338dea7b [Pos Repl]

 * C:\Windows\System32\midimap.dll : 16,896 : 07/13/2009 08:15 PM : 5a12c364ad1d4fcc0ad0e56dbbc34462 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.1.7600.16385_none_8cd41e2771e37717\midimap.dll : 16,896 : 07/13/2009 08:15 PM : 5a12c364ad1d4fcc0ad0e56dbbc34462 [Pos Repl]

 * C:\Windows\System32\mshtml.dll : 17,112,576 : 11/26/2013 05:11 AM : bfafe990c4a191e83843362b5ac64a9b [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16521_none_34fe10acda3fa7a9\mshtml.dll : 14,317,568 : 03/15/2013 07:30 AM : e3fa8aeaa2f40ec1bb00fefb2c4f3ad9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16721_none_34e870d4da4fdf8b\mshtml.dll : 14,335,488 : 09/22/2013 06:27 PM : a7221924181c8eb92b64c5a2d888bea5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16736_none_34e8ff36da4f7907\mshtml.dll : 14,355,968 : 10/12/2013 02:02 AM : 02a04841906a8892ad6cc7bdbcb5f61d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16750_none_34eb887ada4d11ef\mshtml.dll : 14,356,992 : 10/24/2013 11:44 PM : b8faac62ed026d87b3e743b339c92786 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20831_none_1e10fa96f3fe7488\mshtml.dll : 14,364,672 : 09/22/2013 06:36 PM : 9d6d52aed095bc8c9023aa739e978eac [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20848_none_1e115b68f3fe4146\mshtml.dll : 14,381,568 : 10/12/2013 01:54 AM : 9c2714e4cf56dd8cd27bf6dee9e7a1bf [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20861_none_1e13fb74f3fbc08d\mshtml.dll : 14,381,056 : 10/24/2013 07:20 PM : 0720197691de3fdbbbb115587dc39e1c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16428_none_997b8a267eda3b8c\mshtml.dll : 17,142,784 : 12/27/2013 12:37 AM : f9f114b2a6f876c92d317a755494f233 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16476_none_9980b9287ed586fd\mshtml.dll : 17,112,576 : 11/26/2013 05:11 AM : bfafe990c4a191e83843362b5ac64a9b [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16385_none_2dd3aff6fa7f090a\mshtml.dll : 5,957,632 : 07/13/2009 08:15 PM : 43592d31aff84dd957199248898d9430 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_3004c3bef76d8ca4\mshtml.dll : 5,977,600 : 11/20/2010 07:19 AM : c50799f0d47dfb9774f721521b6c41d5 [Pos Repl]

 * C:\Windows\System32\msimg32.dll : 4,608 : 07/13/2009 08:15 PM : 18ab2e5a40064ed5f7791ac5946a90f3 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.1.7600.16385_none_77422e3e7d5fa732\msimg32.dll : 4,608 : 07/13/2009 08:15 PM : 18ab2e5a40064ed5f7791ac5946a90f3 [Pos Repl]

 * C:\Windows\System32\msprivs.dll : 2,048 : 07/13/2009 08:07 PM : c90878913df3dc504790282043db5f4c [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa-msprivs_31bf3856ad364e35_6.1.7600.16385_none_0bef4735dcb96ff8\msprivs.dll : 2,048 : 07/13/2009 08:07 PM : c90878913df3dc504790282043db5f4c [Pos Repl]

 * C:\Windows\System32\msvcrt.dll : 690,688 : 12/16/2011 02:52 AM : 9dc80a8aaaaac397bdab3c67165a824e [NoSig]
 +-> C:\Windows\Installer\$PatchCache$\Managed\7D2F387583109040000000060BECB6AB\5.25.0\msvcrt.dll : 266,293 : 03/01/1999 02:44 PM : 0b9c183d1565b48fa6e5d1d3d4b86bcc [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_d12b8c440039b31e\msvcrt.dll : 690,688 : 07/13/2009 08:15 PM : e46d48a7fe961401f1cbf85531cdf05d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16930_none_d15ca5d2001597a0\msvcrt.dll : 690,688 : 12/16/2011 02:59 AM : f8a61b2e713309b4616d107919bdab6e [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.21108_none_d20e8cd31913e191\msvcrt.dll : 690,688 : 12/16/2011 02:49 AM : 10142c1975202a767c0edb3bc066fd88 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_d33c3413fd4084d9\msvcrt.dll : 690,688 : 12/16/2011 02:52 AM : 9dc80a8aaaaac397bdab3c67165a824e [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_d3a962431672ddd2\msvcrt.dll : 690,688 : 12/16/2011 03:58 AM : 2f740c4b458331357e825e94afb0953a [Pos Repl]

 * C:\Windows\System32\mswsock.dll : 231,424 : 09/07/2013 09:03 PM : e94c583cde2348950155f2af2876f34d [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_b829ad298e9f53ff\mswsock.dll : 232,448 : 07/13/2009 08:15 PM : 11a41f17527ed75d6b758fdd7f4fd00d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll : 232,448 : 11/20/2010 07:19 AM : 8999b8631c7fd9f7f9ec3cafd953ba24 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_ba2f64c78bae6989\mswsock.dll : 231,424 : 09/07/2013 09:03 PM : e94c583cde2348950155f2af2876f34d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_bac3d364a4c3ea89\mswsock.dll : 231,424 : 09/06/2013 09:04 PM : 6547d445c4b69dc0083b619ac642df04 [Pos Repl]

 * C:\Windows\System32\netlogon.dll : 563,712 : 11/20/2010 07:20 AM : c1809b9907adedaf16f50c894100883b [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll : 563,712 : 07/13/2009 08:16 PM : eaa75d9000b71f10eec04d2ae6c60e81 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll : 563,712 : 11/20/2010 07:20 AM : c1809b9907adedaf16f50c894100883b [Pos Repl]

 * C:\Windows\System32\netman.dll : 280,576 : 07/13/2009 08:16 PM : 7cccfca7510684768da22092d1fa4db2 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_0f9371b9b32368a4\netman.dll : 280,576 : 07/13/2009 08:16 PM : 7cccfca7510684768da22092d1fa4db2 [Pos Repl]

 * C:\Windows\System32\ntkrnlpa.exe : 3,969,472 : 08/28/2013 08:51 PM : 482c8cd985c727c7c78a5e9b320947f0 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16385_none_6c06b7c41576a7d9\ntkrnlpa.exe : 3,954,768 : 07/13/2009 08:20 PM : e2a8596576873bc5d509031decd8c95d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16695_none_6bfbed8a157ebb3f\ntkrnlpa.exe : 3,957,120 : 10/26/2010 11:43 PM : a6dcf9f73f2fca7a96d9585817a08b43 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16792_none_6bf8ee9215816c61\ntkrnlpa.exe : 3,957,632 : 04/09/2011 01:13 AM : eedb427eac109e0711642b65c229bc59 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16841_none_6c2dffca1559c47c\ntkrnlpa.exe : 3,957,120 : 06/22/2011 11:38 PM : 1f969255e068d451bac2d4fb0bd8c9c3 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16905_none_6c5d42881535b73b\ntkrnlpa.exe : 3,957,104 : 10/25/2011 11:42 PM : 0e5e92c8aa8ada52d37d551e322bf1fa [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16917_none_6c547330153c05da\ntkrnlpa.exe : 3,957,616 : 11/19/2011 09:25 AM : 0b77ac2b94dfe3297b7462e7966aba42 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16973_none_6c0f928015704824\ntkrnlpa.exe : 3,958,128 : 03/06/2012 00:59 AM : 06ef177fe7febb1314e42f568fcb55a3 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16988_none_6c09c4061573e2c8\ntkrnlpa.exe : 3,958,128 : 04/01/2012 11:46 PM : 9d19079820928d72a5708a668b5b62ae [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17118_none_6c554d82153b4f9a\ntkrnlpa.exe : 3,958,128 : 08/30/2012 12:18 AM : 31805bfa4dc62a55d1c2193237decc0f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17207_none_6c5f1f0a15341779\ntkrnlpa.exe : 3,957,608 : 01/05/2013 00:02 AM : 4fc77400373f727993b96cd2ad5c94cc [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17273_none_6c0f6e6e157075b4\ntkrnlpa.exe : 3,958,120 : 03/19/2013 00:06 AM : b02d4e4a4ebef9e33488969df6e9bc22 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20826_none_6cd23bf92e62adf0\ntkrnlpa.exe : 3,966,848 : 10/26/2010 11:33 PM : 8e641a407a795dfb7b3a34053ef8db39 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20941_none_6cb79c952e776446\ntkrnlpa.exe : 3,967,360 : 04/09/2011 01:21 AM : 83515cddb47b08f65f1ec7451778c3cd [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20994_none_6c848dd72e9d3c00\ntkrnlpa.exe : 3,967,872 : 06/22/2011 11:32 PM : 11486d4317d57c6f5e4dc902ef75d811 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21077_none_6c9d06af2e8a8365\ntkrnlpa.exe : 3,970,416 : 10/25/2011 11:51 PM : 0e725e4d29cba35e680dd51099eb6598 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21094_none_6c8465f92e9d6f42\ntkrnlpa.exe : 3,971,440 : 11/19/2011 06:24 AM : ac9fbc2847286ad78232ec9c66e28ca7 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21163_none_6ca3d7592e85ff3f\ntkrnlpa.exe : 3,971,440 : 03/06/2012 00:59 AM : 3b237d98a0dfc9395c7d97e33aa38acf [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21179_none_6c9f09292e88b33a\ntkrnlpa.exe : 3,970,928 : 03/30/2012 11:43 PM : c6d1d128de4148e35b6c04b6892eb71a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21315_none_6cdbeb552e5ba086\ntkrnlpa.exe : 3,971,440 : 08/30/2012 01:11 PM : 543f90836efeb1cce1dc547ef94cabac [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21417_none_6cddedcf2e59d05b\ntkrnlpa.exe : 3,970,920 : 01/04/2013 11:53 PM : 291e9950a38f49a5c0bbc097c6d1a07d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21490_none_6c806c692ea0fe82\ntkrnlpa.exe : 3,971,432 : 03/19/2013 00:04 AM : 448a0336b56c2e927aae8e903c721800 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntkrnlpa.exe : 3,966,848 : 11/20/2010 07:30 AM : 144bd78c6103c8616de047b3532142db [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntkrnlpa.exe : 3,967,872 : 04/09/2011 01:02 AM : 102a6182087b18c795664bcd22eb52e9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_6e135c8612811711\ntkrnlpa.exe : 3,967,872 : 06/22/2011 11:33 PM : a4a8ef2ace5fa5863aa0b04c9bbfeca7 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17713_none_6e36cf0e12660c6a\ntkrnlpa.exe : 3,967,856 : 10/25/2011 11:47 PM : f2368c2a4b126b2eaef1985116b88a1d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17727_none_6e30004a126a8db7\ntkrnlpa.exe : 3,968,368 : 11/19/2011 09:50 AM : 31c59b0ca08b1203e35d2ba19319279e [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_6ddd4ed012a99fed\ntkrnlpa.exe : 3,968,368 : 03/06/2012 00:59 AM : 43711abf8ae553a7b5ffff61e60c419d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_6e41a0e0125deda0\ntkrnlpa.exe : 3,968,368 : 03/30/2012 11:39 PM : 8f6d5704d7522aab8b4b82c0d35d9184 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17944_none_6e176360127d73e2\ntkrnlpa.exe : 3,968,880 : 08/30/2012 12:12 AM : 7e1ec00b7d0d33a67dfc563574eeff93 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18044_none_6e173b82127da724\ntkrnlpa.exe : 3,967,848 : 01/05/2013 00:00 AM : 660100cb90f344040ef57f52fc0681c3 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18113_none_6e36ace212663721\ntkrnlpa.exe : 3,968,856 : 03/19/2013 00:04 AM : 88355cfe81d381f93c74716daa803587 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18147_none_6e1a3e46127af050\ntkrnlpa.exe : 3,968,872 : 05/06/2013 00:06 AM : 3f63cf7df313428ca9c5d1f410df4645 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18205_none_6e437f48125c4b05\ntkrnlpa.exe : 3,968,960 : 07/09/2013 00:03 AM : dd5f17d44e9966e7ea447ae8c4d12d6c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18247_none_6e1a402c127aed77\ntkrnlpa.exe : 3,969,472 : 08/28/2013 08:51 PM : 482c8cd985c727c7c78a5e9b320947f0 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntkrnlpa.exe : 3,967,872 : 04/09/2011 01:01 AM : 9cf7f5d025183fa10e130445bc071b70 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_6e972ad72ba2517f\ntkrnlpa.exe : 3,967,872 : 06/23/2011 00:55 AM : 3624d782f8b061b6fba3a35e2fe53cfd [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21847_none_6ea3fd3d2b986563\ntkrnlpa.exe : 3,970,928 : 10/26/2011 02:01 AM : fc9183a26d2ad7bd68f471262cf3946d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21863_none_6e8a5c3d2bac37e9\ntkrnlpa.exe : 3,971,440 : 11/19/2011 06:11 AM : 2eda0dccf5f00cdb91a9ecbe45cb0b3d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_6eadcec52b912d42\ntkrnlpa.exe : 3,972,464 : 03/06/2012 00:41 AM : 07b026e7a2c873d09f0073141ee2099e [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_6e972ea32ba24bcd\ntkrnlpa.exe : 3,971,952 : 03/30/2012 11:37 PM : 93358348d0b79812caaa83a1377e4449 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22103_none_6ecb17b32b7bbdd3\ntkrnlpa.exe : 3,972,464 : 08/30/2012 12:06 AM : 770feea2823e463d68e170d7ea6faeba [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22210_none_6ebd48cf2b868ae6\ntkrnlpa.exe : 3,971,928 : 01/04/2013 11:49 PM : 8e43161944ce6e3a1f2b2618b992a8ce [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22280_none_6e71995b2bbf4e7d\ntkrnlpa.exe : 3,972,440 : 03/18/2013 11:41 PM : 3dfcbeee97df8bbaa749caacfc9c43e1 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22318_none_6ec54d052b7f52c5\ntkrnlpa.exe : 3,972,968 : 05/06/2013 00:10 AM : 02e107f819e1ee4ed0423b045d042789 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22379_none_6e856dc72baf13c2\ntkrnlpa.exe : 3,973,056 : 07/08/2013 00:08 AM : 16a6c242c9b4dca5a0b0fb7a95a75d70 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22436_none_6eadae7f2b915520\ntkrnlpa.exe : 3,973,568 : 08/28/2013 08:58 PM : eb6b2fb5ee07337c8b4f3a16cbc18be3 [Pos Repl]

 * C:\Windows\System32\ntoskrnl.exe : 3,914,176 : 08/28/2013 08:51 PM : 813a7f5a2d6d366eb3ffb643b851bce5 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16385_none_6c06b7c41576a7d9\ntoskrnl.exe : 3,899,472 : 07/13/2009 08:20 PM : b9d673f7707219dfd264891a26c21ecb [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16695_none_6bfbed8a157ebb3f\ntoskrnl.exe : 3,901,824 : 10/26/2010 11:43 PM : 776201760b5692f10dda3be85b54f213 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16792_none_6bf8ee9215816c61\ntoskrnl.exe : 3,901,824 : 04/09/2011 01:13 AM : d9fd1d6337f15aaf2012c69909615db5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16841_none_6c2dffca1559c47c\ntoskrnl.exe : 3,902,336 : 06/22/2011 11:38 PM : dfb0e9f902fdab7cd2e180e4072d45dd [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16905_none_6c5d42881535b73b\ntoskrnl.exe : 3,901,808 : 10/25/2011 11:42 PM : 7539cef9f7ff4ddae24dae5389dde2c3 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16917_none_6c547330153c05da\ntoskrnl.exe : 3,902,320 : 11/19/2011 09:25 AM : fbf900df512ec6c5818e1554ec69a7a5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16973_none_6c0f928015704824\ntoskrnl.exe : 3,902,320 : 03/06/2012 00:59 AM : 0fb535b17a519134c5f9867841b019af [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16988_none_6c09c4061573e2c8\ntoskrnl.exe : 3,902,320 : 04/01/2012 11:46 PM : 678ad0f9db55f9127851cd631456f483 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17118_none_6c554d82153b4f9a\ntoskrnl.exe : 3,902,832 : 08/30/2012 12:18 AM : 8c8fc2396921c0f897721718abd5e70b [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17207_none_6c5f1f0a15341779\ntoskrnl.exe : 3,902,312 : 01/05/2013 00:02 AM : b089270bacb16b8a1f0fde1529dbfe65 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17273_none_6c0f6e6e157075b4\ntoskrnl.exe : 3,902,312 : 03/19/2013 00:06 AM : d1751cb2e03d7f57ac04c702d02974ac [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20826_none_6cd23bf92e62adf0\ntoskrnl.exe : 3,911,552 : 10/26/2010 11:33 PM : c6169f5fdc8399e0c6c0729ab6ef2ef8 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20941_none_6cb79c952e776446\ntoskrnl.exe : 3,911,552 : 04/09/2011 01:21 AM : 0f4a148499cc6fa5d84a0f1587869051 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20994_none_6c848dd72e9d3c00\ntoskrnl.exe : 3,911,552 : 06/22/2011 11:32 PM : 638a384e9968036d42bdbde499a1c8b8 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21077_none_6c9d06af2e8a8365\ntoskrnl.exe : 3,915,120 : 10/25/2011 11:51 PM : 8b5b4bec86a77d10820e0ba21249a6b7 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21094_none_6c8465f92e9d6f42\ntoskrnl.exe : 3,915,632 : 11/19/2011 06:24 AM : 46f86a3471ae24a604cb7e56983c8ae4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21163_none_6ca3d7592e85ff3f\ntoskrnl.exe : 3,915,632 : 03/06/2012 00:59 AM : b83e403a94c4cb2d0576dd6945469d16 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21179_none_6c9f09292e88b33a\ntoskrnl.exe : 3,915,632 : 03/30/2012 11:43 PM : d909eafa618bc9db2615303da3d9c830 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21315_none_6cdbeb552e5ba086\ntoskrnl.exe : 3,915,632 : 08/30/2012 01:11 PM : 60d216c90a0a306a2a1e69b9ec4a2ba7 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21417_none_6cddedcf2e59d05b\ntoskrnl.exe : 3,915,112 : 01/04/2013 11:53 PM : d93b06f0419392a2bea3ddcffb78ff37 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21490_none_6c806c692ea0fe82\ntoskrnl.exe : 3,915,608 : 03/19/2013 00:04 AM : 9eba1c36121835e6828ac9903f1f9ae0 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntoskrnl.exe : 3,911,040 : 11/20/2010 07:30 AM : 2088d9994332583edb3c561de31ea5ad [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntoskrnl.exe : 3,912,576 : 04/09/2011 01:02 AM : 5d21c487f79f8245e799071589e035bf [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_6e135c8612811711\ntoskrnl.exe : 3,912,576 : 06/22/2011 11:33 PM : fb58abd5e1f75a2cf713c9dff0ec0804 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17713_none_6e36cf0e12660c6a\ntoskrnl.exe : 3,912,560 : 10/25/2011 11:47 PM : 9dbee8d5230881b583cf95f7c3bb8bb0 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17727_none_6e30004a126a8db7\ntoskrnl.exe : 3,913,584 : 11/19/2011 09:50 AM : f0f0e99a65f598a1a7720f5111c4da8f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_6ddd4ed012a99fed\ntoskrnl.exe : 3,913,072 : 03/06/2012 00:59 AM : 53b4bdea12a032eec71e60b6bff42f37 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_6e41a0e0125deda0\ntoskrnl.exe : 3,913,072 : 03/30/2012 11:39 PM : 28f44480e411c3ddf04b63f6560e6ef4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17944_none_6e176360127d73e2\ntoskrnl.exe : 3,914,096 : 08/30/2012 12:12 AM : 948f0b444cb6cc35fe5f9de52420cb95 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18044_none_6e173b82127da724\ntoskrnl.exe : 3,913,064 : 01/05/2013 00:00 AM : 82ff919e9236b0137b5c7455b0e1418a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18113_none_6e36ace212663721\ntoskrnl.exe : 3,913,560 : 03/19/2013 00:04 AM : 2dfab8c3c394e95d262e1325bda5dfe4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18147_none_6e1a3e46127af050\ntoskrnl.exe : 3,913,576 : 05/06/2013 00:06 AM : 575ddd83b40880e1deb48758673bda71 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18205_none_6e437f48125c4b05\ntoskrnl.exe : 3,913,664 : 07/09/2013 00:03 AM : 9fa7bf625122ccac90fcd307174d8cf3 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18247_none_6e1a402c127aed77\ntoskrnl.exe : 3,914,176 : 08/28/2013 08:51 PM : 813a7f5a2d6d366eb3ffb643b851bce5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntoskrnl.exe : 3,912,576 : 04/09/2011 01:01 AM : d385343510b75545ec5db3a64c2d2492 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_6e972ad72ba2517f\ntoskrnl.exe : 3,912,576 : 06/23/2011 00:55 AM : 90efdb506f6140eea9dee398d9449d86 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21847_none_6ea3fd3d2b986563\ntoskrnl.exe : 3,915,120 : 10/26/2011 02:01 AM : eb58b25af04d7c036e648e0406aab431 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21863_none_6e8a5c3d2bac37e9\ntoskrnl.exe : 3,916,656 : 11/19/2011 06:11 AM : 00b12ea93ed392fbd09f07b63e926647 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_6eadcec52b912d42\ntoskrnl.exe : 3,916,656 : 03/06/2012 00:41 AM : 57b7de30c4e65ad19ca13ac3065ee60b [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_6e972ea32ba24bcd\ntoskrnl.exe : 3,916,656 : 03/30/2012 11:37 PM : 2e02a17e8965ad671e4987e503ad38b1 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22103_none_6ecb17b32b7bbdd3\ntoskrnl.exe : 3,917,168 : 08/30/2012 12:06 AM : 5355a85d26eecfa3a68b1f55b0c59a20 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22210_none_6ebd48cf2b868ae6\ntoskrnl.exe : 3,916,648 : 01/04/2013 11:49 PM : 2e083c7d9ca98b63fa8f8062874e9327 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22280_none_6e71995b2bbf4e7d\ntoskrnl.exe : 3,916,632 : 03/18/2013 11:41 PM : 80a652978002318c9723d43cfa618816 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22318_none_6ec54d052b7f52c5\ntoskrnl.exe : 3,917,160 : 05/06/2013 00:10 AM : e11bcb5515281519820f1d6eeac4ede7 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22379_none_6e856dc72baf13c2\ntoskrnl.exe : 3,918,272 : 07/08/2013 00:08 AM : 49248651e41ee81d4c1ffde28fdc096c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22436_none_6eadae7f2b915520\ntoskrnl.exe : 3,918,272 : 08/28/2013 08:58 PM : 998141eb656327f13b8eec01baadc5d4 [Pos Repl]

 * C:\Windows\System32\ole32.dll : 1,414,144 : 11/20/2010 07:20 AM : 928cf7268086631f54c3d8e17238c6dd [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7600.16385_none_abf3fd7f53a4f5f5\ole32.dll : 1,412,608 : 07/13/2009 08:16 PM : 4acb903ad1693858a918907358cbd9e4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_ae2511475093798f\ole32.dll : 1,414,144 : 11/20/2010 07:20 AM : 928cf7268086631f54c3d8e17238c6dd [Pos Repl]

 * C:\Windows\System32\olepro32.dll : 90,112 : 11/20/2010 07:20 AM : 703ffd301ab900b047337c5d40fd6f96 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.1.7600.16385_none_39ea10b66307dbef\olepro32.dll : 90,112 : 07/13/2009 08:16 PM : c10459dbdc2099c5a8428cb7d87db85f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.1.7601.17514_none_3c1b247e5ff65f89\olepro32.dll : 90,112 : 11/20/2010 07:20 AM : 703ffd301ab900b047337c5d40fd6f96 [Pos Repl]

 * C:\Windows\System32\perfctrs.dll : 39,424 : 07/13/2009 08:16 PM : edd2ad141debd425d74a52a4d7be6ac4 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.1.7600.16385_none_314993e6be6d6809\perfctrs.dll : 39,424 : 07/13/2009 08:16 PM : edd2ad141debd425d74a52a4d7be6ac4 [Pos Repl]

 * C:\Windows\System32\powrprof.dll : 145,408 : 07/13/2009 08:16 PM : 08dfdbd2fd4ea951dc46b1c7661ed35a [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_a2eff4845e2bf4e2\powrprof.dll : 145,408 : 07/13/2009 08:16 PM : 08dfdbd2fd4ea951dc46b1c7661ed35a [Pos Repl]

 * C:\Windows\System32\psbase.dll : 50,688 : 07/13/2009 08:16 PM : 274992d0945889a6b56d0e1bd4288a6e [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-s..ty-protectedstorage_31bf3856ad364e35_6.1.7600.16385_none_481f6abd91b25a15\psbase.dll : 50,688 : 07/13/2009 08:16 PM : 274992d0945889a6b56d0e1bd4288a6e [Pos Repl]

 * C:\Windows\System32\pstorsvc.dll : 23,552 : 07/13/2009 08:16 PM : 0a3ccb2c4f603d99f34d742fc9544b97 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-s..ty-protectedstorage_31bf3856ad364e35_6.1.7600.16385_none_481f6abd91b25a15\pstorsvc.dll : 23,552 : 07/13/2009 08:16 PM : 0a3ccb2c4f603d99f34d742fc9544b97 [Pos Repl]

 * C:\Windows\System32\qmgr.dll : 585,728 : 11/20/2010 07:20 AM : e585445d5021971fae10393f0f1c3961 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_23671b105ac5a0fd\qmgr.dll : 589,312 : 07/13/2009 08:16 PM : 53f476476f55a27f580661bde09c4ec4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_25982ed857b42497\qmgr.dll : 585,728 : 11/20/2010 07:20 AM : e585445d5021971fae10393f0f1c3961 [Pos Repl]

 * C:\Windows\System32\rasadhlp.dll : 11,776 : 07/13/2009 08:16 PM : ed6ee83d61ebc683c2cd8e899ea6febe [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_0fb054d9c6a6b4d4\rasadhlp.dll : 11,776 : 07/13/2009 08:16 PM : ed6ee83d61ebc683c2cd8e899ea6febe [Pos Repl]

 * C:\Windows\System32\regsvc.dll : 112,640 : 07/13/2009 08:16 PM : cb9a8683f4ef2bf99e123d79950d7935 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.1.7600.16385_none_893c5bdce4cae672\regsvc.dll : 112,640 : 07/13/2009 08:16 PM : cb9a8683f4ef2bf99e123d79950d7935 [Pos Repl]

 * C:\Windows\System32\rpcss.dll : 376,832 : 11/20/2010 07:21 AM : 7660f01d3b38aca1747e397d21d790af [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_69a1321f9f3393ad\rpcss.dll : 376,320 : 07/13/2009 08:16 PM : b82cd39e336973359d7c9bf911e8e84f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_6bd245e79c221747\rpcss.dll : 376,832 : 11/20/2010 07:21 AM : 7660f01d3b38aca1747e397d21d790af [Pos Repl]

 * C:\Windows\System32\scecli.dll : 175,616 : 11/20/2010 07:21 AM : 8124944ec89d6a1815e4e53f5b96aaf4 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll : 175,616 : 07/13/2009 08:16 PM : 26073302daea83cc5b944c546d6b47d2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll : 175,616 : 11/20/2010 07:21 AM : 8124944ec89d6a1815e4e53f5b96aaf4 [Pos Repl]

 * C:\Windows\System32\schannel.dll : 247,808 : 09/24/2013 08:57 PM : aa6f6457116b559b76bc6a012cb4c293 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16385_none_21eca131b6966c32\schannel.dll : 220,160 : 07/13/2009 08:16 PM : 0a53fd4ebbd92002ccc362a9b8087885 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16915_none_22385c09b65d9785\schannel.dll : 224,768 : 11/17/2011 00:39 AM : 83041697ae93aa4b783ae8746904edd2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.21092_none_22684ed2cfbf00ed\schannel.dll : 224,768 : 11/17/2011 02:15 AM : cb6b6b1f8d283de4540445c5313cb445 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17514_none_241db4f9b384efcc\schannel.dll : 224,256 : 11/20/2010 07:21 AM : 135f7ac9be35ab1df727faf2e60e92f8 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17725_none_2413e923b38c1f62\schannel.dll : 224,768 : 11/17/2011 00:34 AM : 1affb765af1fdcc0c185c38e9ddddaee [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17940_none_23f94ba5b3a0d2df\schannel.dll : 247,808 : 08/24/2012 11:57 AM : af78f66116814fdd6677cebd73035cdd [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.18270_none_23d8b7cfb3b95442\schannel.dll : 247,808 : 09/24/2013 08:57 PM : aa6f6457116b559b76bc6a012cb4c293 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.21861_none_246e4516cccdc994\schannel.dll : 224,768 : 11/17/2011 00:29 AM : 3dbcbd8adb406c43a2127544d7ba974e [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22099_none_2455b1aaccdf1888\schannel.dll : 247,808 : 08/24/2012 11:58 AM : abf890af1b55146f7dfe7a937f503b0a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22465_none_247227deccca53f5\schannel.dll : 247,808 : 09/24/2013 09:00 PM : b3d791020560fff9438fca764027ce3d [Pos Repl]

 * C:\Windows\System32\schedsvc.dll : 750,592 : 11/20/2010 07:21 AM : a04bb13f8a72f8b6e8b4071723e4e336 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7600.16385_none_2ed774b4f8560e29\schedsvc.dll : 743,424 : 07/13/2009 08:16 PM : 3e8b0c453e25613a1f59762a5c42aa75 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7600.16699_none_2ed0aba2f85a86eb\schedsvc.dll : 749,056 : 11/01/2010 11:39 PM : df1e5c82e4d09cf8105cc644980c4803 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7600.20830_none_2f922742114f9827\schedsvc.dll : 749,056 : 11/01/2010 11:28 PM : 0f7a8520f0895e6f0f1a0a3fd3ea40d4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7601.17514_none_3108887cf54491c3\schedsvc.dll : 750,592 : 11/20/2010 07:21 AM : a04bb13f8a72f8b6e8b4071723e4e336 [Pos Repl]

 * C:\Windows\System32\services.exe : 259,072 : 07/13/2009 08:14 PM : 5f1b6a9c35d3d5ca72d6d6fdef9747d6 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe : 259,072 : 07/13/2009 08:14 PM : 5f1b6a9c35d3d5ca72d6d6fdef9747d6 [Pos Repl]

 * C:\Windows\System32\setupapi.dll : 1,667,584 : 11/20/2010 07:21 AM : 10fb16b50affda6d44588f3c445dc273 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-setupapi_31bf3856ad364e35_6.1.7600.16385_none_34cbafd427916fc6\setupapi.dll : 1,668,608 : 07/13/2009 08:16 PM : 41323ab614a2b66ad77b1121d24ac895 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-setupapi_31bf3856ad364e35_6.1.7601.17514_none_36fcc39c247ff360\setupapi.dll : 1,667,584 : 11/20/2010 07:21 AM : 10fb16b50affda6d44588f3c445dc273 [Pos Repl]

 * C:\Windows\System32\sfc.dll : 2,560 : 07/13/2009 08:10 PM : 40caeee0eaf1b8569f7c8df6420f2cb9 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_a70c196fbd853ae9\sfc.dll : 2,560 : 07/13/2009 08:10 PM : 40caeee0eaf1b8569f7c8df6420f2cb9 [Pos Repl]

 * C:\Windows\System32\shsvcs.dll : 328,192 : 11/20/2010 07:21 AM : 414da952a35bf5d50192e28263b40577 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7600.16385_none_cd06b34d7e412c53\shsvcs.dll : 328,192 : 07/13/2009 08:16 PM : cd2e48fa5b29ee2b3b5858056d246ef2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7601.17514_none_cf37c7157b2fafed\shsvcs.dll : 328,192 : 11/20/2010 07:21 AM : 414da952a35bf5d50192e28263b40577 [Pos Repl]

 * C:\Windows\System32\smss.exe : 69,632 : 03/18/2013 09:49 PM : de91dcc7bc55e940979097e98f743205 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe : 69,632 : 07/13/2009 08:14 PM : 16742790895960690237a5143cedec8b [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_ac19b4ca7a7f0306\smss.exe : 69,632 : 03/18/2013 09:50 PM : b24bf638652522bb5e14ab7993fd4a5d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_ac8ab2c593af8bd4\smss.exe : 69,632 : 03/18/2013 09:51 PM : 37f4765554f2cd34aaab616f696e5539 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_ae40f33e7774c473\smss.exe : 69,632 : 03/18/2013 09:49 PM : de91dcc7bc55e940979097e98f743205 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_ae7bdfb790cddbcf\smss.exe : 69,632 : 03/18/2013 09:43 PM : 0294cc751d7faeb13621eefb8a749429 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22318_none_aecf9361908de017\smss.exe : 69,632 : 05/05/2013 10:02 PM : ec745c0949b101129ab6d39cd63808a6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_ae8fb42390bda114\smss.exe : 69,632 : 07/07/2013 10:02 PM : 634e0b45780f502304592c5615a31089 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_aeb7f4db909fe272\smss.exe : 69,632 : 08/28/2013 07:51 PM : d2a72c71cd6c18a99e920ec5761f0c7d [Pos Repl]

 * C:\Windows\System32\spoolsv.exe : 317,440 : 02/11/2012 00:37 AM : 9aea093b8f9c37cf45538382caba2475 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_d621f94522dc5a87\spoolsv.exe : 316,416 : 07/13/2009 08:14 PM : 49b6dd6ab3715b7a67965f17194e98a9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16962_none_d634a3a322cec58a\spoolsv.exe : 316,928 : 02/11/2012 00:41 AM : e17323b0aa9fb3ff9945731d736eda2f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.21149_none_d6daba6e3bd61215\spoolsv.exe : 316,928 : 02/11/2012 00:31 AM : 13b48314bf02091b30597df20b71cbac [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_d8530d0d1fcade21\spoolsv.exe : 317,440 : 11/20/2010 07:17 AM : 866a43013535dc8587c258e43579c764 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_d815322f1ff8cc1a\spoolsv.exe : 317,440 : 02/11/2012 00:37 AM : 9aea093b8f9c37cf45538382caba2475 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_d8cedec038f3454c\spoolsv.exe : 317,952 : 02/11/2012 00:21 AM : cae10a25f936c053e41cbe0fa06ff15d [Pos Repl]

 * C:\Windows\System32\ssdpsrv.dll : 162,816 : 07/13/2009 08:16 PM : d887c9fd02ac9fa880f6e5027a43e118 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.1.7600.16385_none_7f9fc90f328bdf26\ssdpsrv.dll : 162,816 : 07/13/2009 08:16 PM : d887c9fd02ac9fa880f6e5027a43e118 [Pos Repl]

 * C:\Windows\System32\svchost.exe : 20,992 : 07/13/2009 08:14 PM : 54a47f6b5e09a77e61649109c6a08866 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe : 20,992 : 07/13/2009 08:14 PM : 54a47f6b5e09a77e61649109c6a08866 [Pos Repl]

 * C:\Windows\System32\tapisrv.dll : 242,176 : 11/20/2010 07:21 AM : 613bf4820361543956909043a265c6ac [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7600.16385_none_e3132eff46462df0\tapisrv.dll : 241,664 : 07/13/2009 08:16 PM : 2f46b0c70a4adc8c90cf825da3b4feaf [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7601.17514_none_e54442c74334b18a\tapisrv.dll : 242,176 : 11/20/2010 07:21 AM : 613bf4820361543956909043a265c6ac [Pos Repl]

 * C:\Windows\System32\taskeng.exe : 192,000 : 11/20/2010 07:17 AM : 4f2659160afcca990305816946f69407 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_e582a352202e02c8\taskeng.exe : 190,464 : 07/13/2009 08:14 PM : de5dacebd4c89834ec6d2c41c8643cda [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_e57bda4020327b8a\taskeng.exe : 192,000 : 11/01/2010 11:34 PM : f8952e80b7f778da2f7aa8393ca2d30e [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_e63d55df39278cc6\taskeng.exe : 192,000 : 11/01/2010 11:24 PM : 41c52af44fb96bddb1efb25d2d943bba [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe : 192,000 : 11/20/2010 07:17 AM : 4f2659160afcca990305816946f69407 [Pos Repl]

 * C:\Windows\System32\taskhost.exe : 49,152 : 11/22/2012 09:48 PM : 72e953215cade1a726c04aafdf6b463d [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7600.16385_none_2814fe7cbba96e6a\taskhost.exe : 49,152 : 07/13/2009 08:14 PM : 8f4f5a5c1bae72ce6eaeea1ca3f98ca2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_2a461244b897f204\taskhost.exe : 49,152 : 11/20/2010 07:17 AM : 7fa8ba5a780e4757964ac9d4238302b9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.18010_none_2a41f0d6b89bb486\taskhost.exe : 49,152 : 11/22/2012 09:48 PM : 72e953215cade1a726c04aafdf6b463d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.22172_none_2a8caeadd1e82ea4\taskhost.exe : 49,152 : 11/23/2012 00:39 AM : 7cc22b26114a4101de18a35aebece9cc [Pos Repl]

 * C:\Windows\System32\termsrv.dll : 521,216 : 11/20/2010 07:21 AM : 382c804c92811be57829d8e550a900e2 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7600.16385_none_8e7597ebb597acd3\termsrv.dll : 543,232 : 07/13/2009 08:16 PM : a01e50a04d7b1960b33e92b9080e6a94 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_90a6abb3b286306d\termsrv.dll : 521,216 : 11/20/2010 07:21 AM : 382c804c92811be57829d8e550a900e2 [Pos Repl]

 * C:\Windows\System32\upnphost.dll : 266,752 : 07/13/2009 08:16 PM : 833fbb672460efce8011d262175fad33 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.1.7600.16385_none_c1be8a9895d79340\upnphost.dll : 266,752 : 07/13/2009 08:16 PM : 833fbb672460efce8011d262175fad33 [Pos Repl]

 * C:\Windows\System32\user32.dll : 811,520 : 11/20/2010 07:21 AM : f1dd3acaee5e6b4bbc69bc6df75cef66 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll : 811,520 : 07/13/2009 08:16 PM : 34b7e222e81fafa885f0c5f2cfa56861 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll : 811,520 : 11/20/2010 07:21 AM : f1dd3acaee5e6b4bbc69bc6df75cef66 [Pos Repl]

 * C:\Windows\System32\userinit.exe : 26,624 : 11/20/2010 07:17 AM : 61ac3efdfacfdd3f0f11dd4fd4044223 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe : 26,112 : 07/13/2009 08:14 PM : 6de80f60d7de9ce6b8c2ddfdf79ef175 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe : 26,624 : 11/20/2010 07:17 AM : 61ac3efdfacfdd3f0f11dd4fd4044223 [Pos Repl]

 * C:\Windows\System32\usp10.dll : 626,688 : 11/21/2012 11:45 PM : b7230010d97787af3d25e4c82f2b06b9 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.16385_none_acd0cf31b9cff59f\usp10.dll : 627,200 : 07/13/2009 08:16 PM : 0ba19f3198c40ac4e8cc66ee02eda6c6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.17174_none_acda843fb9c8dfaa\usp10.dll : 627,712 : 11/22/2012 04:33 AM : 011b7a81e28c748d7631cf3d72323dd2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.21379_none_ad692462d2e1fb4e\usp10.dll : 626,688 : 11/22/2012 00:04 AM : 36cd8d6ebce6468bbeeb8bf175980f53 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_af01e2f9b6be7939\usp10.dll : 626,176 : 11/20/2010 07:21 AM : 804aaafebb3ad5f49334dd906bcb1de5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18009_none_af119411b6b203d9\usp10.dll : 626,688 : 11/21/2012 11:45 PM : b7230010d97787af3d25e4c82f2b06b9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22171_none_af477f18d00f9c82\usp10.dll : 626,688 : 11/22/2012 00:36 AM : ca68408922b02e8d955a2967c7cbf8ce [Pos Repl]

 * C:\Windows\System32\UxTheme.dll : 249,856 : 07/13/2009 08:16 PM : 63bfdf555da2075a77d677829c3cccd0 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_a5baf0f767e33083\uxtheme.dll : 249,856 : 07/13/2009 08:16 PM : 63bfdf555da2075a77d677829c3cccd0 [Pos Repl]

 * C:\Windows\System32\version.dll : 21,504 : 07/13/2009 08:16 PM : 702254574e7e52052de39408457b7149 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.1.7600.16385_none_14d4a552b2395165\version.dll : 21,504 : 07/13/2009 08:16 PM : 702254574e7e52052de39408457b7149 [Pos Repl]

 * C:\Windows\System32\w32time.dll : 288,768 : 07/13/2009 08:16 PM : 55187fd710e27d5095d10a472c8baf1c [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.1.7600.16385_none_887db9d2ce9e3aa0\w32time.dll : 288,768 : 07/13/2009 08:16 PM : 55187fd710e27d5095d10a472c8baf1c [Pos Repl]

 * C:\Windows\System32\wbem\wmiprvse.exe : 257,536 : 11/20/2010 07:17 AM : 4fb491ac8d46aaf22ba8bc5c73dabef7 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.1.7600.16385_none_103914aeecb89f38\WmiPrvSE.exe : 254,976 : 07/13/2009 08:14 PM : 203c3380a744ca5b9b1a9caeb57f7d57 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.1.7601.17514_none_126a2876e9a722d2\WmiPrvSE.exe : 257,536 : 11/20/2010 07:17 AM : 4fb491ac8d46aaf22ba8bc5c73dabef7 [Pos Repl]

 * C:\Windows\System32\wdigest.dll : 171,520 : 07/13/2009 08:16 PM : 0450cf487ecd8a67b56f59f9a96d024d [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7600.16385_none_3aa3a13ade08a93a\wdigest.dll : 171,520 : 07/13/2009 08:16 PM : 0450cf487ecd8a67b56f59f9a96d024d [Pos Repl]

 * C:\Windows\System32\wiaservc.dll : 463,360 : 11/20/2010 07:21 AM : e1fb3706030fb4578a0d72c2fc3689e4 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.1.7600.16385_none_326a913514a6f178\wiaservc.dll : 462,336 : 07/13/2009 08:16 PM : a22825e7bb7018e8af3e229a5af17221 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.1.7601.17514_none_349ba4fd11957512\wiaservc.dll : 463,360 : 11/20/2010 07:21 AM : e1fb3706030fb4578a0d72c2fc3689e4 [Pos Repl]

 * C:\Windows\System32\wininet.dll : 1,820,160 : 11/26/2013 01:33 AM : 927fa6456ad6d7630f6854828d2fd16b [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16521_none_23a3f18e59e93e73\wininet.dll : 1,766,912 : 03/15/2013 07:30 AM : ba15504fa59a8dc304f1cbaeba6252a1 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16721_none_238e51b659f97655\wininet.dll : 1,767,936 : 09/22/2013 06:28 PM : e4feb264b47360b7296aea4e052f88d8 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16736_none_238ee01859f90fd1\wininet.dll : 1,767,936 : 10/12/2013 02:03 AM : 5fd4335dcd343d0fea9fa6b18ed408d9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16750_none_2391695c59f6a8b9\wininet.dll : 1,767,936 : 10/24/2013 11:45 PM : 3aa6fd9b534f17cbd5d311ddc077973c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20831_none_0cb6db7873a80b52\wininet.dll : 1,777,152 : 09/22/2013 06:36 PM : 67220eb57550f10e1219d57d89937456 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20848_none_0cb73c4a73a7d810\wininet.dll : 1,777,152 : 10/12/2013 01:55 AM : 06715e12e72efbc2d660a779fff32944 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20861_none_0cb9dc5673a55757\wininet.dll : 1,777,664 : 10/24/2013 07:20 PM : 46e150a0356d73f99a9f9ec2a9d279f4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16428_none_88216b07fe83d256\wininet.dll : 1,818,112 : 12/27/2013 12:37 AM : b5eb5bd3066959611e1f7a80fd6cc172 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16476_none_88269a09fe7f1dc7\wininet.dll : 1,820,160 : 11/26/2013 01:33 AM : 927fa6456ad6d7630f6854828d2fd16b [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_1c7990d87a289fd4\wininet.dll : 977,920 : 07/13/2009 08:16 PM : 0d874f3bc751cc2198af2e6783fb8b35 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll : 980,992 : 11/20/2010 07:21 AM : 44214c94911c7cfb1d52cb64d5e8368d [Pos Repl]

 * C:\Windows\System32\wininit.exe : 96,256 : 07/13/2009 08:14 PM : b5c5dcad3899512020d135600129d665 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe : 96,256 : 07/13/2009 08:14 PM : b5c5dcad3899512020d135600129d665 [Pos Repl]

 * C:\Windows\System32\winlogon.exe : 286,720 : 11/20/2010 07:17 AM : 6d13e1406f50c66e2a95d97f22c47560 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe : 285,696 : 07/13/2009 08:14 PM : 8ec6a4ab12b8f3759e21f8e3a388f2cf [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe : 286,720 : 11/20/2010 07:17 AM : 6d13e1406f50c66e2a95d97f22c47560 [Pos Repl]

 * C:\Windows\System32\ws2_32.dll : 206,848 : 11/20/2010 07:21 AM : 7ff15a4f092cd4a96055ba69f903e3e9 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll : 206,336 : 07/13/2009 08:16 PM : daae8a9b8c0acc7f858454132553c30d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll : 206,848 : 11/20/2010 07:21 AM : 7ff15a4f092cd4a96055ba69f903e3e9 [Pos Repl]

 * C:\Windows\System32\ws2help.dll : 4,608 : 07/13/2009 08:11 PM : 808aabdf9337312195caff76d1804786 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\ws2help.dll : 4,608 : 07/13/2009 08:11 PM : 808aabdf9337312195caff76d1804786 [Pos Repl]

 * C:\Windows\System32\wuauclt.exe : 53,784 : 06/02/2012 05:19 PM : 2e0b0a051ffaa86e358465bb0880d453 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.3.7600.16385_none_3086c9dad36a69b3\wuauclt.exe : 47,104 : 07/13/2009 08:14 PM : b0da80ff42a0819d162a86612896aaf2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.5.7601.17514_none_c315782c0def9f8f\wuauclt.exe : 47,104 : 11/20/2010 07:17 AM : 75b06acd9d8dc0fe3603294e1899f496 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_79d6786e99338140\wuauclt.exe : 53,784 : 06/02/2012 05:19 PM : 2e0b0a051ffaa86e358465bb0880d453 [Pos Repl]

 * C:\Windows\explorer.exe : 2,616,320 : 02/25/2011 00:30 AM : 8b88ebbb05a0e56b7dcc708498c02b3e [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe : 2,613,248 : 07/13/2009 08:14 PM : 15bc38a7492befe831966adb477cf76f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe : 2,614,784 : 02/26/2011 00:33 AM : 2af58d15edc06ec6fdacce1f19482bbf [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe : 2,614,784 : 02/26/2011 00:51 AM : 255cf508d7cfb10e0794d6ac93280bd8 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe : 2,616,320 : 11/20/2010 07:17 AM : 40d777b7a95e00593eb1568c68514493 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe : 2,616,320 : 02/25/2011 00:30 AM : 8b88ebbb05a0e56b7dcc708498c02b3e [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe : 2,616,320 : 02/26/2011 00:19 AM : 0fb9c74046656d1579a64660ad67b746 [Pos Repl]

 * C:\Windows\System32\drivers\acpi.sys : 274,304 : 11/20/2010 07:29 AM : cea80c80bed809aa0da6febc04733349 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\acpi.inf_x86_neutral_a1f4891fe0de4401\acpi.sys : 274,304 : 11/20/2010 07:29 AM : cea80c80bed809aa0da6febc04733349 [Pos Repl]
 +-> C:\Windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.1.7600.16385_none_225f1a272f5b64b9\acpi.sys : 274,496 : 07/13/2009 08:26 PM : f0e07d144c8685b8774bc32fc8da4df0 [Pos Repl]
 +-> C:\Windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.1.7601.17514_none_24902def2c49e853\acpi.sys : 274,304 : 11/20/2010 07:29 AM : cea80c80bed809aa0da6febc04733349 [Pos Repl]

 * C:\Windows\System32\drivers\afd.sys : 338,944 : 09/13/2013 07:48 PM : f81bb7e487edceab630a7ee66cf23913 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_d7be98b5bfc0b4c1\afd.sys : 338,944 : 07/13/2009 06:12 PM : ddc040fdb01ef1712a6b13e52afb104c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_d9efac7dbcaf385b\afd.sys : 338,944 : 11/20/2010 03:40 AM : 1151fd4fb0216cfed887bfde29ebd516 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18264_none_d9b98067bcd7e63c\afd.sys : 338,944 : 09/13/2013 07:48 PM : f81bb7e487edceab630a7ee66cf23913 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22457_none_da50efe2d5eab341\afd.sys : 338,944 : 09/13/2013 07:57 PM : 66dd39ca12baeb8d32111581769d9117 [Pos Repl]

 * C:\Windows\System32\drivers\agp440.sys : 53,312 : 07/13/2009 08:26 PM : 507812c3054c21cef746b6ee3d04dd6e [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys : 53,312 : 07/13/2009 08:26 PM : 507812c3054c21cef746b6ee3d04dd6e [Pos Repl]
 +-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys : 53,312 : 07/13/2009 08:26 PM : 507812c3054c21cef746b6ee3d04dd6e [Pos Repl]
 +-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys : 53,312 : 07/13/2009 08:26 PM : 507812c3054c21cef746b6ee3d04dd6e [Pos Repl]

 * C:\Windows\System32\drivers\asyncmac.sys : 17,920 : 07/13/2009 06:54 PM : add2ade1c2b285ab8378d2daaf991481 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_242e2506962cd3e0\asyncmac.sys : 17,920 : 07/13/2009 06:54 PM : add2ade1c2b285ab8378d2daaf991481 [Pos Repl]

 * C:\Windows\System32\drivers\atapi.sys : 21,584 : 07/13/2009 08:26 PM : 338c86357871c167a96ab976519bf59e [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys : 21,584 : 07/13/2009 08:26 PM : 338c86357871c167a96ab976519bf59e [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys : 21,584 : 07/13/2009 08:26 PM : 338c86357871c167a96ab976519bf59e [Pos Repl]
 +-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys : 21,584 : 07/13/2009 08:26 PM : 338c86357871c167a96ab976519bf59e [Pos Repl]
 +-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys : 21,584 : 07/13/2009 08:26 PM : 338c86357871c167a96ab976519bf59e [Pos Repl]
 +-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys : 21,584 : 07/13/2009 08:26 PM : 338c86357871c167a96ab976519bf59e [Pos Repl]
 +-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys : 21,584 : 07/13/2009 08:26 PM : 338c86357871c167a96ab976519bf59e [Pos Repl]

 * C:\Windows\System32\drivers\battc.sys : 25,168 : 07/13/2009 08:26 PM : 2b8ee031fd700ab942ebe60665440e83 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\battery.inf_x86_neutral_5752155055c5e2d7\battc.sys : 25,168 : 07/13/2009 08:26 PM : 2b8ee031fd700ab942ebe60665440e83 [Pos Repl]
 +-> C:\Windows\winsxs\x86_battery.inf_31bf3856ad364e35_6.1.7600.16385_none_15fde90fb523bb21\battc.sys : 25,168 : 07/13/2009 08:26 PM : 2b8ee031fd700ab942ebe60665440e83 [Pos Repl]

 * C:\Windows\System32\drivers\beep.sys : 6,144 : 07/13/2009 06:45 PM : 505506526a9d467307b3c393dedaf858 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys : 6,144 : 07/13/2009 06:45 PM : 505506526a9d467307b3c393dedaf858 [Pos Repl]

 * C:\Windows\System32\drivers\bridge.sys : 78,336 : 07/13/2009 07:41 PM : 77361d72a04f18809d0efb6cceb74d4b [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.1.7600.16385_none_07c046fe67692e98\bridge.sys : 78,336 : 07/13/2009 07:41 PM : 77361d72a04f18809d0efb6cceb74d4b [Pos Repl]

 * C:\Windows\System32\drivers\cdfs.sys : 70,656 : 07/13/2009 06:11 PM : 77ea11b065e0a8ab902d78145ca51e10 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cdfs_31bf3856ad364e35_6.1.7600.16385_none_a63de9327e477e37\cdfs.sys : 70,656 : 07/13/2009 06:11 PM : 77ea11b065e0a8ab902d78145ca51e10 [Pos Repl]

 * C:\Windows\System32\drivers\cdrom.sys : 108,544 : 11/20/2010 03:38 AM : be167ed0fdb9c1fa1133953c18d5a6c9 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys : 108,544 : 11/20/2010 03:38 AM : be167ed0fdb9c1fa1133953c18d5a6c9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys : 108,544 : 07/13/2009 06:11 PM : ba6e70aa0e6091bc39de29477d866a77 [Pos Repl]
 +-> C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys : 108,544 : 11/20/2010 03:38 AM : be167ed0fdb9c1fa1133953c18d5a6c9 [Pos Repl]

 * C:\Windows\System32\drivers\classpnp.sys : 140,864 : 07/13/2009 08:26 PM : a6388a5abf92c7927c085db0a958125f [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-classpnp_31bf3856ad364e35_6.1.7600.16385_none_155984bf0d656ab3\Classpnp.sys : 140,864 : 07/13/2009 08:26 PM : a6388a5abf92c7927c085db0a958125f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-classpnp_31bf3856ad364e35_6.1.7601.17514_none_178a98870a53ee4d\Classpnp.sys : 140,864 : 07/13/2009 08:26 PM : a6388a5abf92c7927c085db0a958125f [Pos Repl]

 * C:\Windows\System32\drivers\CmBatt.sys : 14,080 : 07/13/2009 06:19 PM : dea805815e587dad1dd2c502220b5616 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\battery.inf_x86_neutral_5752155055c5e2d7\CmBatt.sys : 14,080 : 07/13/2009 06:19 PM : dea805815e587dad1dd2c502220b5616 [Pos Repl]
 +-> C:\Windows\winsxs\x86_battery.inf_31bf3856ad364e35_6.1.7600.16385_none_15fde90fb523bb21\CmBatt.sys : 14,080 : 07/13/2009 06:19 PM : dea805815e587dad1dd2c502220b5616 [Pos Repl]

 * C:\Windows\System32\drivers\compbatt.sys : 19,024 : 07/13/2009 08:26 PM : a6023d3823c37043986713f118a89bee [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\battery.inf_x86_neutral_5752155055c5e2d7\compbatt.sys : 19,024 : 07/13/2009 08:26 PM : a6023d3823c37043986713f118a89bee [Pos Repl]
 +-> C:\Windows\winsxs\x86_battery.inf_31bf3856ad364e35_6.1.7600.16385_none_15fde90fb523bb21\compbatt.sys : 19,024 : 07/13/2009 08:26 PM : a6023d3823c37043986713f118a89bee [Pos Repl]

 * C:\Windows\System32\drivers\diskdump.sys : 27,008 : 04/22/2011 02:14 PM : d0f0d7a97c90fe72a79732812e65f822 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-diskdump_31bf3856ad364e35_6.1.7600.16385_none_66948c2ff899c64e\Diskdump.sys : 26,688 : 07/13/2009 08:20 PM : 9e9c3566083e3a152d4d5c5311a852ab [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-diskdump_31bf3856ad364e35_6.1.7600.16800_none_66e6139bf85d59d6\Diskdump.sys : 26,496 : 04/22/2011 02:36 PM : c78ea24ce267eaa6bf67caaeb11c0520 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-diskdump_31bf3856ad364e35_6.1.7600.20949_none_674d735111934d73\Diskdump.sys : 26,496 : 04/22/2011 02:17 PM : 36b1f9025f87f385f1af40e8200f6df6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-diskdump_31bf3856ad364e35_6.1.7601.17514_none_68c59ff7f58849e8\Diskdump.sys : 27,008 : 11/20/2010 07:29 AM : 81773be2b369f54ede42ae62b59bb895 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-diskdump_31bf3856ad364e35_6.1.7601.17601_none_68cd70ebf582df19\Diskdump.sys : 27,008 : 04/22/2011 02:14 PM : d0f0d7a97c90fe72a79732812e65f822 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-diskdump_31bf3856ad364e35_6.1.7601.21710_none_694b3d810ea9817d\Diskdump.sys : 27,008 : 04/22/2011 02:57 PM : 0a49d7de1c0be2aa67fdaf672a369340 [Pos Repl]

 * C:\Windows\System32\drivers\disk.sys : 57,424 : 07/13/2009 08:20 PM : 565003f326f99802e68ca78f2a68e9ff [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys : 57,424 : 07/13/2009 08:20 PM : 565003f326f99802e68ca78f2a68e9ff [Pos Repl]
 +-> C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys : 57,424 : 07/13/2009 08:20 PM : 565003f326f99802e68ca78f2a68e9ff [Pos Repl]

 * C:\Windows\System32\drivers\drmkaud.sys : 5,120 : 07/13/2009 06:50 PM : b918e7c5f9bf77202f89e1a9539f2eb4 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_aed2a4456700dfde\drmkaud.sys : 5,120 : 07/13/2009 06:50 PM : b918e7c5f9bf77202f89e1a9539f2eb4 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_df2ea65e936720f7\drmkaud.sys : 5,120 : 07/13/2009 06:50 PM : b918e7c5f9bf77202f89e1a9539f2eb4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.1.7600.16385_none_603daf367b793e32\drmkaud.sys : 5,120 : 07/13/2009 06:50 PM : b918e7c5f9bf77202f89e1a9539f2eb4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.1.7601.18276_none_622fc7907896be4c\drmkaud.sys : 5,120 : 07/13/2009 06:50 PM : b918e7c5f9bf77202f89e1a9539f2eb4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.1.7601.22472_none_62b5651991b7f5e1\drmkaud.sys : 5,120 : 07/13/2009 06:50 PM : b918e7c5f9bf77202f89e1a9539f2eb4 [Pos Repl]

 * C:\Windows\System32\drivers\drmk.sys : 81,408 : 10/03/2013 08:49 PM : 9842041e2f5ace1e2f5fb4ef02053dc8 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_aed2a4456700dfde\drmk.sys : 80,896 : 07/13/2009 07:41 PM : 27f9288af019e6daca281ede51ff5928 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_df2ea65e936720f7\drmk.sys : 81,408 : 10/03/2013 08:49 PM : 9842041e2f5ace1e2f5fb4ef02053dc8 [Pos Repl]
 +-> C:\Windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.1.7600.16385_none_603daf367b793e32\drmk.sys : 80,896 : 07/13/2009 07:41 PM : 27f9288af019e6daca281ede51ff5928 [Pos Repl]
 +-> C:\Windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.1.7601.18276_none_622fc7907896be4c\drmk.sys : 81,408 : 10/03/2013 08:49 PM : 9842041e2f5ace1e2f5fb4ef02053dc8 [Pos Repl]
 +-> C:\Windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.1.7601.22472_none_62b5651991b7f5e1\drmk.sys : 81,408 : 10/03/2013 08:56 PM : b18626d736d6a1faf61a958773f42fcb [Pos Repl]

 * C:\Windows\System32\drivers\dxapi.sys : 13,312 : 07/13/2009 06:25 PM : 5fcd3320aae71506b43f9e12e4e72172 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-useros_31bf3856ad364e35_6.1.7600.16385_none_cd450af4ce8086e8\dxapi.sys : 13,312 : 07/13/2009 06:25 PM : 5fcd3320aae71506b43f9e12e4e72172 [Pos Repl]

 * C:\Windows\System32\drivers\dxg.sys : 76,288 : 07/13/2009 06:25 PM : 1b6242b20cb56f85a158e67f09ee84fe [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-dxg_31bf3856ad364e35_6.1.7600.16385_none_a8c197c1bc709e3e\dxg.sys : 76,288 : 07/13/2009 06:25 PM : 1b6242b20cb56f85a158e67f09ee84fe [Pos Repl]

 * C:\Windows\System32\drivers\fastfat.sys : 148,480 : 07/13/2009 06:14 PM : 7e0ab74553476622fb6ae36f73d97d35 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_ae8981a3b8b7be50\fastfat.sys : 148,480 : 07/13/2009 06:14 PM : 7e0ab74553476622fb6ae36f73d97d35 [Pos Repl]

 * C:\Windows\System32\drivers\fdc.sys : 25,088 : 07/13/2009 06:45 PM : e817a017f82df2a1f8cfdbda29388b29 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\fdc.inf_x86_neutral_67322cb863995ea8\fdc.sys : 25,088 : 07/13/2009 06:45 PM : e817a017f82df2a1f8cfdbda29388b29 [Pos Repl]
 +-> C:\Windows\winsxs\x86_fdc.inf_31bf3856ad364e35_6.1.7600.16385_none_0168099141bb7be7\fdc.sys : 25,088 : 07/13/2009 06:45 PM : e817a017f82df2a1f8cfdbda29388b29 [Pos Repl]

 * C:\Windows\System32\drivers\flpydisk.sys : 19,968 : 07/13/2009 06:45 PM : 87907aa70cb3c56600f1c2fb8841579b [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_x86_neutral_2102f5344367a352\flpydisk.sys : 19,968 : 07/13/2009 06:45 PM : 87907aa70cb3c56600f1c2fb8841579b [Pos Repl]
 +-> C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_e6e06650dbcf54b4\flpydisk.sys : 19,968 : 07/13/2009 06:45 PM : 87907aa70cb3c56600f1c2fb8841579b [Pos Repl]

 * C:\Windows\System32\drivers\fltMgr.sys : 198,208 : 07/13/2009 08:20 PM : 7520ec808e0c35e0ee6f841294316653 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-filtermanager-core_31bf3856ad364e35_6.1.7600.16385_none_10dfc9158c1fa6f6\fltMgr.sys : 198,208 : 07/13/2009 08:20 PM : 7520ec808e0c35e0ee6f841294316653 [Pos Repl]

 * C:\Windows\System32\drivers\fs_rec.sys : 19,824 : 03/01/2012 00:46 AM : 7dae5ebcc80e45d3253f4923dc424d05 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7600.16385_none_25289c6a9fa4dca8\fs_rec.sys : 19,536 : 07/13/2009 08:20 PM : a574b4360e438977038aae4bf60d79a2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7600.16970_none_252e76489fa130ee\fs_rec.sys : 19,312 : 03/01/2012 00:53 AM : 500a9814fd9446a8126858a5a7f7d273 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7600.21160_none_25c2bb21b8b6e809\fs_rec.sys : 19,312 : 03/01/2012 00:34 AM : 4f7b22cd40d4acfb9dd89f1080d3e9fe [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7601.17514_none_2759b0329c936042\fs_rec.sys : 19,536 : 07/13/2009 08:20 PM : a574b4360e438977038aae4bf60d79a2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7601.17787_none_271105689cc96a2c\fs_rec.sys : 19,824 : 03/01/2012 00:46 AM : 7dae5ebcc80e45d3253f4923dc424d05 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7601.18288_none_2711e56c9cc8ab61\fs_rec.sys : 19,824 : 03/01/2012 00:46 AM : 7dae5ebcc80e45d3253f4923dc424d05 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7601.21933_none_27ccb28db5c2160c\fs_rec.sys : 19,824 : 03/01/2012 00:31 AM : d550d49eebe4bf9d351769fd66ca3c8f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7601.22484_none_279782f5b5e9e2f6\fs_rec.sys : 19,536 : 07/13/2009 08:20 PM : a574b4360e438977038aae4bf60d79a2 [Pos Repl]

 * C:\Windows\System32\drivers\hidclass.sys : 55,808 : 07/02/2013 10:36 PM : 50abe682ebe752eaf62b18790d6d491c [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\input.inf_x86_neutral_1436b88c77b8881d\hidclass.sys : 55,808 : 07/02/2013 10:36 PM : 50abe682ebe752eaf62b18790d6d491c [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\input.inf_x86_neutral_9e1eba5724be176f\hidclass.sys : 55,808 : 11/20/2010 04:59 AM : 931a1df1520abc6e84ba4a75e6957025 [Pos Repl]
 +-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7600.16385_none_2045efea8171454c\hidclass.sys : 55,808 : 07/13/2009 06:51 PM : b682e1cc0fdc7ac04b71d1fa9a07ef21 [Pos Repl]
 +-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7601.17514_none_227703b27e5fc8e6\hidclass.sys : 55,808 : 11/20/2010 04:59 AM : 931a1df1520abc6e84ba4a75e6957025 [Pos Repl]
 +-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7601.18199_none_222567647e9c4c26\hidclass.sys : 55,808 : 07/02/2013 10:36 PM : 50abe682ebe752eaf62b18790d6d491c [Pos Repl]
 +-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7601.22374_none_22bfa47b97ae3282\hidclass.sys : 55,808 : 07/01/2013 10:45 PM : 88b69d95d2e9555d58e9aad74ba04c87 [Pos Repl]

 * C:\Windows\System32\drivers\hidparse.sys : 25,728 : 07/02/2013 10:36 PM : f1b27299f547d452edaef01fc187cb91 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\input.inf_x86_neutral_1436b88c77b8881d\hidparse.sys : 25,728 : 07/02/2013 10:36 PM : f1b27299f547d452edaef01fc187cb91 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\input.inf_x86_neutral_9e1eba5724be176f\hidparse.sys : 25,728 : 07/13/2009 06:51 PM : 6c26122f1931d4d7810240f32ddce890 [Pos Repl]
 +-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7600.16385_none_2045efea8171454c\hidparse.sys : 25,728 : 07/13/2009 06:51 PM : 6c26122f1931d4d7810240f32ddce890 [Pos Repl]
 +-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7601.17514_none_227703b27e5fc8e6\hidparse.sys : 25,728 : 07/13/2009 06:51 PM : 6c26122f1931d4d7810240f32ddce890 [Pos Repl]
 +-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7601.18199_none_222567647e9c4c26\hidparse.sys : 25,728 : 07/02/2013 10:36 PM : f1b27299f547d452edaef01fc187cb91 [Pos Repl]
 +-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7601.22374_none_22bfa47b97ae3282\hidparse.sys : 25,728 : 07/01/2013 10:45 PM : a525dab2db79fd7c8a30c8c35009c253 [Pos Repl]

 * C:\Windows\System32\drivers\hidusb.sys : 24,064 : 11/20/2010 04:59 AM : 10c19f8290891af023eaec0832e1eb4d [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\input.inf_x86_neutral_1436b88c77b8881d\hidusb.sys : 24,064 : 11/20/2010 04:59 AM : 10c19f8290891af023eaec0832e1eb4d [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\input.inf_x86_neutral_9e1eba5724be176f\hidusb.sys : 24,064 : 11/20/2010 04:59 AM : 10c19f8290891af023eaec0832e1eb4d [Pos Repl]
 +-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7600.16385_none_2045efea8171454c\hidusb.sys : 24,064 : 07/13/2009 06:51 PM : 25072fb35ac90b25f9e4e3bacf774102 [Pos Repl]
 +-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7601.17514_none_227703b27e5fc8e6\hidusb.sys : 24,064 : 11/20/2010 04:59 AM : 10c19f8290891af023eaec0832e1eb4d [Pos Repl]
 +-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7601.18199_none_222567647e9c4c26\hidusb.sys : 24,064 : 11/20/2010 04:59 AM : 10c19f8290891af023eaec0832e1eb4d [Pos Repl]
 +-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7601.22374_none_22bfa47b97ae3282\hidusb.sys : 24,064 : 11/20/2010 04:59 AM : 10c19f8290891af023eaec0832e1eb4d [Pos Repl]

 * C:\Windows\System32\drivers\http.sys : 513,536 : 11/20/2010 03:40 AM : 871917b07a141bff43d76d8844d48106 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-http_31bf3856ad364e35_6.1.7600.16385_none_ac97526c7a2e8289\http.sys : 513,024 : 07/13/2009 06:12 PM : c531c7fd9e8b62021112787c4e2c5a5a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-http_31bf3856ad364e35_6.1.7601.17514_none_aec86634771d0623\http.sys : 513,536 : 11/20/2010 03:40 AM : 871917b07a141bff43d76d8844d48106 [Pos Repl]

 * C:\Windows\System32\drivers\i8042prt.sys : 80,896 : 07/13/2009 06:11 PM : f151f0bdc47f4a28b1b20a0818ea36d6 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_x86_neutral_50ad659974198591\i8042prt.sys : 80,896 : 07/13/2009 06:11 PM : f151f0bdc47f4a28b1b20a0818ea36d6 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_x86_neutral_7a9084e0177406eb\i8042prt.sys : 80,896 : 07/13/2009 06:11 PM : f151f0bdc47f4a28b1b20a0818ea36d6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_9724c3fc3a4c81ef\i8042prt.sys : 80,896 : 07/13/2009 06:11 PM : f151f0bdc47f4a28b1b20a0818ea36d6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_9955d7c4373b0589\i8042prt.sys : 80,896 : 07/13/2009 06:11 PM : f151f0bdc47f4a28b1b20a0818ea36d6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_4e0a61a033aec8c3\i8042prt.sys : 80,896 : 07/13/2009 06:11 PM : f151f0bdc47f4a28b1b20a0818ea36d6 [Pos Repl]

 * C:\Windows\System32\drivers\intelide.sys : 15,424 : 07/13/2009 08:20 PM : a0f12f2c9ba6c72f3987ce780e77c130 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\intelide.sys : 15,424 : 07/13/2009 08:20 PM : a0f12f2c9ba6c72f3987ce780e77c130 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\intelide.sys : 15,424 : 07/13/2009 08:20 PM : a0f12f2c9ba6c72f3987ce780e77c130 [Pos Repl]
 +-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\intelide.sys : 15,424 : 07/13/2009 08:20 PM : a0f12f2c9ba6c72f3987ce780e77c130 [Pos Repl]
 +-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\intelide.sys : 15,424 : 07/13/2009 08:20 PM : a0f12f2c9ba6c72f3987ce780e77c130 [Pos Repl]
 +-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\intelide.sys : 15,424 : 07/13/2009 08:20 PM : a0f12f2c9ba6c72f3987ce780e77c130 [Pos Repl]
 +-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\intelide.sys : 15,424 : 07/13/2009 08:20 PM : a0f12f2c9ba6c72f3987ce780e77c130 [Pos Repl]

 * C:\Windows\System32\drivers\intelppm.sys : 53,760 : 07/13/2009 06:11 PM : 3b514d27bfc4accb4037bc6685f766e0 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\cpu.inf_x86_neutral_729b871528391032\intelppm.sys : 53,760 : 07/13/2009 06:11 PM : 3b514d27bfc4accb4037bc6685f766e0 [Pos Repl]
 +-> C:\Windows\winsxs\x86_cpu.inf_31bf3856ad364e35_6.1.7600.16385_none_5d20b0c250b4b524\intelppm.sys : 53,760 : 07/13/2009 06:11 PM : 3b514d27bfc4accb4037bc6685f766e0 [Pos Repl]

 * C:\Windows\System32\drivers\ipfltdrv.sys : 58,880 : 07/13/2009 06:54 PM : 709d1761d3b19a932ff0238ea6d50200 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rasipfilter_31bf3856ad364e35_6.1.7600.16385_none_e73fda0c2083052a\ipfltdrv.sys : 58,880 : 07/13/2009 06:54 PM : 709d1761d3b19a932ff0238ea6d50200 [Pos Repl]

 * C:\Windows\System32\drivers\ipnat.sys : 101,888 : 07/13/2009 06:54 PM : a5fa468d67abcdaa36264e463a7bb0cd [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ipnat_31bf3856ad364e35_6.1.7600.16385_none_5aee6dbbdcaf7199\ipnat.sys : 101,888 : 07/13/2009 06:54 PM : a5fa468d67abcdaa36264e463a7bb0cd [Pos Repl]

 * C:\Windows\System32\drivers\irenum.sys : 13,824 : 07/13/2009 06:53 PM : 42996cff20a3084a56017b7902307e9f [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-irdaircomm_31bf3856ad364e35_6.1.7600.16385_none_2867d22e85fcfdfa\irenum.sys : 13,824 : 07/13/2009 06:53 PM : 42996cff20a3084a56017b7902307e9f [Pos Repl]

 * C:\Windows\System32\drivers\isapnp.sys : 46,656 : 07/13/2009 08:20 PM : 1f32bb6b38f62f7df1a7ab7292638a35 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys : 46,656 : 07/13/2009 08:20 PM : 1f32bb6b38f62f7df1a7ab7292638a35 [Pos Repl]
 +-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys : 46,656 : 07/13/2009 08:20 PM : 1f32bb6b38f62f7df1a7ab7292638a35 [Pos Repl]
 +-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys : 46,656 : 07/13/2009 08:20 PM : 1f32bb6b38f62f7df1a7ab7292638a35 [Pos Repl]

 * C:\Windows\System32\drivers\kbdclass.sys : 42,576 : 07/13/2009 08:20 PM : adef52ca1aeae82b50df86b56413107e [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_x86_neutral_50ad659974198591\kbdclass.sys : 42,576 : 07/13/2009 08:20 PM : adef52ca1aeae82b50df86b56413107e [Pos Repl]
 +-> C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_9724c3fc3a4c81ef\kbdclass.sys : 42,576 : 07/13/2009 08:20 PM : adef52ca1aeae82b50df86b56413107e [Pos Repl]
 +-> C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_9955d7c4373b0589\kbdclass.sys : 42,576 : 07/13/2009 08:20 PM : adef52ca1aeae82b50df86b56413107e [Pos Repl]

 * C:\Windows\System32\drivers\ksecdd.sys : 67,520 : 09/24/2013 09:01 PM : f286830298323272260332d6abc905c1 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\ksecdd.sys : 67,664 : 07/13/2009 08:20 PM : e36a061ec11b373826905b21be10948f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\ksecdd.sys : 67,440 : 11/17/2011 00:48 AM : 0263364acb9c834ace52fb85c2c064ec [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\ksecdd.sys : 67,440 : 11/17/2011 02:20 AM : eb58ce9c7291ae1917eecf25543b3a9d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\ksecdd.sys : 67,456 : 11/20/2010 07:30 AM : 412cea1aa78cc02a447f5c9e62b32ff1 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\ksecdd.sys : 67,440 : 11/17/2011 00:41 AM : f4647bb23db9038a7536cf6b68f4207f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_a82d8b59bb293454\ksecdd.sys : 67,440 : 06/01/2012 11:45 PM : b7895b4182c0d16f6efadeb8081e8d36 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_a80cf783bb41b5b7\ksecdd.sys : 67,520 : 09/24/2013 09:01 PM : f286830298323272260332d6abc905c1 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\ksecdd.sys : 67,440 : 11/17/2011 00:35 AM : 91beb3c853eb11ab8363f2f261875fea [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_a889f15ed46779fd\ksecdd.sys : 67,440 : 08/24/2012 12:08 AM : 4b39e0e306d64ba64ffbb5ab956486e9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_a8a66792d452b56a\ksecdd.sys : 67,520 : 09/24/2013 09:04 PM : 0cedb8814307b63889afb0759a7cf270 [Pos Repl]

 * C:\Windows\System32\drivers\ks.sys : 190,976 : 11/20/2010 04:50 AM : 5dcef0c32be0f33277326586fa503689 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.1.7600.16385_none_5757187af737b0be\ks.sys : 190,976 : 07/13/2009 06:45 PM : f762edd3acca095f5af4d719f3b8ae3d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.1.7601.17514_none_59882c42f4263458\ks.sys : 190,976 : 11/20/2010 04:50 AM : 5dcef0c32be0f33277326586fa503689 [Pos Repl]

 * C:\Windows\System32\drivers\mcd.sys : 18,432 : 07/13/2009 06:45 PM : ef08d2ebe3eabba43cc57eee001027b6 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft.windows.h..changer-driverclass_31bf3856ad364e35_6.1.7600.16385_none_c87bc13e280dd10a\mcd.sys : 18,432 : 07/13/2009 06:45 PM : ef08d2ebe3eabba43cc57eee001027b6 [Pos Repl]

 * C:\Windows\System32\drivers\modem.sys : 31,744 : 07/13/2009 06:55 PM : f001861e5700ee84e2d4e52c712f4964 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-u..em-core-classdriver_31bf3856ad364e35_6.1.7600.16385_none_2fdad9144fff701e\modem.sys : 31,744 : 07/13/2009 06:55 PM : f001861e5700ee84e2d4e52c712f4964 [Pos Repl]

 * C:\Windows\System32\drivers\mouclass.sys : 41,552 : 07/13/2009 08:20 PM : fb18cc1d4c2e716b6b903b0ac0cc0609 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_x86_neutral_7a9084e0177406eb\mouclass.sys : 41,552 : 07/13/2009 08:20 PM : fb18cc1d4c2e716b6b903b0ac0cc0609 [Pos Repl]
 +-> C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_4e0a61a033aec8c3\mouclass.sys : 41,552 : 07/13/2009 08:20 PM : fb18cc1d4c2e716b6b903b0ac0cc0609 [Pos Repl]

 * C:\Windows\System32\drivers\mouhid.sys : 26,112 : 07/13/2009 06:45 PM : 2c388d2cd01c9042596cf3c8f3c7b24d [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_x86_neutral_7a9084e0177406eb\mouhid.sys : 26,112 : 07/13/2009 06:45 PM : 2c388d2cd01c9042596cf3c8f3c7b24d [Pos Repl]
 +-> C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_4e0a61a033aec8c3\mouhid.sys : 26,112 : 07/13/2009 06:45 PM : 2c388d2cd01c9042596cf3c8f3c7b24d [Pos Repl]

 * C:\Windows\System32\drivers\mountmgr.sys : 78,208 : 11/20/2010 07:30 AM : fc8771f45ecccfd89684e38842539b9b [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7600.16385_none_f26e7ae968595905\mountmgr.sys : 78,416 : 07/13/2009 08:20 PM : 921c18727c5920d6c0300736646931c2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7601.17514_none_f49f8eb16547dc9f\mountmgr.sys : 78,208 : 11/20/2010 07:30 AM : fc8771f45ecccfd89684e38842539b9b [Pos Repl]

 * C:\Windows\System32\drivers\mrxdav.sys : 115,712 : 07/04/2013 04:48 AM : 21f4b24acfc79a483515bd986dd9043f [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-webdavredir-mrxdav_31bf3856ad364e35_6.1.7600.16385_none_14813b5b270f3a0b\mrxdav.sys : 115,712 : 07/13/2009 06:14 PM : b1be47008d20e43da3adc37c24cdb89d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-webdavredir-mrxdav_31bf3856ad364e35_6.1.7601.17514_none_16b24f2323fdbda5\mrxdav.sys : 115,712 : 11/20/2010 03:42 AM : ceb46ab7c01c9f825f8cc6babc18166a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-webdavredir-mrxdav_31bf3856ad364e35_6.1.7601.18201_none_16ba01b723f877db\mrxdav.sys : 115,712 : 07/04/2013 04:48 AM : 21f4b24acfc79a483515bd986dd9043f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-webdavredir-mrxdav_31bf3856ad364e35_6.1.7601.22376_none_16fcf0803d4a59ef\mrxdav.sys : 116,736 : 07/04/2013 05:01 AM : 42705b8bce824c8a6f4a12d706a9cede [Pos Repl]

 * C:\Windows\System32\drivers\mrxsmb.sys : 123,904 : 04/26/2011 09:17 PM : 5d16c921e3671636c0eba3bbaac5fd25 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16385_none_7f67c358b2710494\mrxsmb.sys : 123,392 : 07/13/2009 06:14 PM : f4a054be78af7f410129c4b64b07dc9b [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16765_none_7f7d6ac8b260c14e\mrxsmb.sys : 123,392 : 02/23/2011 00:05 AM : b4c76ef46322a9711c7b0f4e21ef6ea5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16808_none_7fc14d14b22d62d4\mrxsmb.sys : 123,392 : 05/03/2011 09:43 PM : ca7570e42522e24324a12161db14ec02 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.20907_none_8049e995cb4be947\mrxsmb.sys : 123,904 : 02/22/2011 10:37 PM : 5dc06ceb9aa4b65e724376766eb410ab [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.20959_none_8015da8dcb72a7aa\mrxsmb.sys : 123,904 : 05/03/2011 09:23 PM : ae6248d356c6c1de1623f0610b7fb0a3 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17514_none_8198d720af5f882e\mrxsmb.sys : 123,904 : 11/20/2010 03:42 AM : b272b4c3e085ea860c12f2e4faf2ffa2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17565_none_8163c7ceaf872d3a\mrxsmb.sys : 123,904 : 02/22/2011 11:47 PM : ed3d3419b064f28d812995ed8cadc541 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17605_none_81a4a93caf5682bb\mrxsmb.sys : 123,904 : 04/26/2011 09:17 PM : 5d16c921e3671636c0eba3bbaac5fd25 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.21666_none_81ee64e3c8a3e65b\mrxsmb.sys : 123,904 : 02/22/2011 10:09 PM : c76fd653db8b90da85ead12b12fffc9f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.21714_none_822275d1c87d251f\mrxsmb.sys : 123,904 : 04/26/2011 09:15 PM : 39a8ff477b3f5d0edfe814155841c735 [Pos Repl]

 * C:\Windows\System32\drivers\msfs.sys : 22,528 : 07/13/2009 06:11 PM : daefb28e3af5a76abcc2c3078c07327f [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-msfs_31bf3856ad364e35_6.1.7600.16385_none_a646965e7e3ffc0c\msfs.sys : 22,528 : 07/13/2009 06:11 PM : daefb28e3af5a76abcc2c3078c07327f [Pos Repl]

 * C:\Windows\System32\drivers\MSKSSRV.sys : 8,320 : 07/13/2009 06:45 PM : 8c0860d6366aaffb6c5bb9df9448e631 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-kernelstreamingsupport_31bf3856ad364e35_6.1.7600.16385_none_61cb11453c0f45a5\mskssrv.sys : 8,320 : 07/13/2009 06:45 PM : 8c0860d6366aaffb6c5bb9df9448e631 [Pos Repl]

 * C:\Windows\System32\drivers\MSPCLOCK.sys : 5,888 : 07/13/2009 06:45 PM : 3ea8b949f963562cedbb549eac0c11ce [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-kernelstreamingsupport_31bf3856ad364e35_6.1.7600.16385_none_61cb11453c0f45a5\mspclock.sys : 5,888 : 07/13/2009 06:45 PM : 3ea8b949f963562cedbb549eac0c11ce [Pos Repl]

 * C:\Windows\System32\drivers\MSPQM.sys : 5,504 : 07/13/2009 06:45 PM : f456e973590d663b1073e9c463b40932 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-kernelstreamingsupport_31bf3856ad364e35_6.1.7600.16385_none_61cb11453c0f45a5\mspqm.sys : 5,504 : 07/13/2009 06:45 PM : f456e973590d663b1073e9c463b40932 [Pos Repl]

 * C:\Windows\System32\drivers\mssmbios.sys : 28,240 : 07/13/2009 08:20 PM : fc6b9ff600cc585ea38b12589bd4e246 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\mssmbios.sys : 28,240 : 07/13/2009 08:20 PM : fc6b9ff600cc585ea38b12589bd4e246 [Pos Repl]
 +-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\mssmbios.sys : 28,240 : 07/13/2009 08:20 PM : fc6b9ff600cc585ea38b12589bd4e246 [Pos Repl]
 +-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\mssmbios.sys : 28,240 : 07/13/2009 08:20 PM : fc6b9ff600cc585ea38b12589bd4e246 [Pos Repl]

 * C:\Windows\System32\drivers\mup.sys : 49,728 : 07/13/2009 08:20 PM : 159fad02f64e6381758c990f753bcc80 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-mup_31bf3856ad364e35_6.1.7600.16385_none_acc89f51b9d75e29\mup.sys : 49,728 : 07/13/2009 08:20 PM : 159fad02f64e6381758c990f753bcc80 [Pos Repl]

 * C:\Windows\System32\drivers\ndis.sys : 712,048 : 08/22/2012 12:16 AM : 8c9c922d71f1cd4def73f186416b7896 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys : 710,720 : 07/13/2009 08:20 PM : 23759d175a0a9baaf04d05047bc135a8 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys : 712,576 : 11/20/2010 07:30 AM : e7c54812a2aaf43316eb6930c1ffa108 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys : 712,048 : 08/22/2012 12:16 AM : 8c9c922d71f1cd4def73f186416b7896 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys : 712,048 : 08/22/2012 12:05 AM : 15b74b6283cebcce3054c1001ca01b5e [Pos Repl]

 * C:\Windows\System32\drivers\ndistapi.sys : 20,992 : 07/13/2009 06:54 PM : e4a8aec125a2e43a9e32afeea7c9c888 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7600.16385_none_0db6be04dbc2da8a\ndistapi.sys : 20,992 : 07/13/2009 06:54 PM : e4a8aec125a2e43a9e32afeea7c9c888 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_0fe7d1ccd8b15e24\ndistapi.sys : 20,992 : 07/13/2009 06:54 PM : e4a8aec125a2e43a9e32afeea7c9c888 [Pos Repl]

 * C:\Windows\System32\drivers\ndisuio.sys : 46,080 : 11/20/2010 05:06 AM : d8a65dafb3eb41cbb622745676fcd072 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ndisuio_31bf3856ad364e35_6.1.7600.16385_none_6bc75de74831b352\ndisuio.sys : 45,568 : 07/13/2009 06:53 PM : b30ae7f2b6d7e343b0df32e6c08fce75 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ndisuio_31bf3856ad364e35_6.1.7601.17514_none_6df871af452036ec\ndisuio.sys : 46,080 : 11/20/2010 05:06 AM : d8a65dafb3eb41cbb622745676fcd072 [Pos Repl]

 * C:\Windows\System32\drivers\ndiswan.sys : 118,784 : 11/20/2010 05:07 AM : 38fbe267e7e6983311179230facb1017 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rasbase-ndiswan_31bf3856ad364e35_6.1.7600.16385_none_f30ee6e4b89e5dbf\ndiswan.sys : 118,784 : 07/13/2009 06:54 PM : 267c415eadcbe53c9ca873dee39cf3a4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rasbase-ndiswan_31bf3856ad364e35_6.1.7601.17514_none_f53ffaacb58ce159\ndiswan.sys : 118,784 : 11/20/2010 05:07 AM : 38fbe267e7e6983311179230facb1017 [Pos Repl]

 * C:\Windows\System32\drivers\ndproxy.sys : 48,640 : 11/20/2010 05:07 AM : a4bdc541e69674fbff1a8ff00be913f2 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7600.16385_none_0db6be04dbc2da8a\ndproxy.sys : 48,128 : 07/13/2009 06:54 PM : af7e7c63dcef3f8772726f86039d6eb4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_0fe7d1ccd8b15e24\ndproxy.sys : 48,640 : 11/20/2010 05:07 AM : a4bdc541e69674fbff1a8ff00be913f2 [Pos Repl]

 * C:\Windows\System32\drivers\netbios.sys : 36,352 : 07/13/2009 06:53 PM : 80b275b1ce3b0e79909db7b39af74d51 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-netbios_31bf3856ad364e35_6.1.7600.16385_none_59b80e4dcc72e431\netbios.sys : 36,352 : 07/13/2009 06:53 PM : 80b275b1ce3b0e79909db7b39af74d51 [Pos Repl]

 * C:\Windows\System32\drivers\netbt.sys : 187,904 : 11/20/2010 03:39 AM : 280122ddcf04b378edd1ad54d71c1e54 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_603b1e855897bcd6\netbt.sys : 187,904 : 07/13/2009 06:12 PM : dd52a733bf4ca5af84562a5e2f963b91 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_626c324d55864070\netbt.sys : 187,904 : 11/20/2010 03:39 AM : 280122ddcf04b378edd1ad54d71c1e54 [Pos Repl]

 * C:\Windows\System32\drivers\npfs.sys : 35,328 : 07/13/2009 06:11 PM : 1db262a9f8c087e8153d89bef3d2235f [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-npfs_31bf3856ad364e35_6.1.7600.16385_none_a647db007e3ec880\npfs.sys : 35,328 : 07/13/2009 06:11 PM : 1db262a9f8c087e8153d89bef3d2235f [Pos Repl]

 * C:\Windows\System32\drivers\ntfs.sys : 1,211,752 : 04/12/2013 08:45 AM : 5e43d2b0ee64123d4880dfa6626defde [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_a6477fe07e3f2f04\ntfs.sys : 1,210,432 : 07/13/2009 08:20 PM : 3795dcd21f740ee799fb7223234215af [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_a65558427e3453b4\ntfs.sys : 1,210,240 : 03/11/2011 00:44 AM : 187002ce05693c306f43c873f821381f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.17281_none_a643660a7e42e622\ntfs.sys : 1,210,728 : 04/12/2013 08:58 AM : a8f59428e9f361c7ac42a94ac1560bc9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_a70e0489972fb38f\ntfs.sys : 1,210,752 : 03/11/2011 00:52 AM : a7266d82db9675afbded39695b69edac [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.21499_none_a6ca371f976169bc\ntfs.sys : 1,211,240 : 04/12/2013 10:59 AM : e3b53a54a7af3b3098701783ba15ff75 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_a87893a87b2db29e\ntfs.sys : 1,211,264 : 11/20/2010 07:30 AM : 33c3093d09017cfe2e219f2472bff6eb [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_a83ab4fe7b5ba649\ntfs.sys : 1,211,264 : 03/11/2011 00:39 AM : 81189c3d7763838e55c397759d49007a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.18127_none_a870a63a7b333f99\ntfs.sys : 1,211,752 : 04/12/2013 08:45 AM : 5e43d2b0ee64123d4880dfa6626defde [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_a8b27fd79487b0a3\ntfs.sys : 1,211,264 : 03/11/2011 00:28 AM : e2ede3f02f95b896a1c7c6f0cc0c4083 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22297_none_a8ae93919489a2fa\ntfs.sys : 1,213,288 : 04/12/2013 08:53 AM : a543d7fd38f51123ca6b8b4722e4d322 [Pos Repl]

 * C:\Windows\System32\drivers\null.sys : 4,608 : 07/13/2009 06:11 PM : f9756a98d69098dca8945d62858a812c [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_a93c43a07c50a038\null.sys : 4,608 : 07/13/2009 06:11 PM : f9756a98d69098dca8945d62858a812c [Pos Repl]

 * C:\Windows\System32\drivers\parport.sys : 79,360 : 07/13/2009 06:45 PM : 2ea877ed5dd9713c5ac74e8ea7348d14 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\parport.sys : 79,360 : 07/13/2009 06:45 PM : 2ea877ed5dd9713c5ac74e8ea7348d14 [Pos Repl]
 +-> C:\Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\parport.sys : 79,360 : 07/13/2009 06:45 PM : 2ea877ed5dd9713c5ac74e8ea7348d14 [Pos Repl]

 * C:\Windows\System32\drivers\partmgr.sys : 56,176 : 03/17/2012 02:27 AM : 3f34a1b4c5f6475f320c275e63afce9b [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7600.16385_none_e17269af1bc32604\partmgr.sys : 56,912 : 07/13/2009 08:20 PM : ff4218952b51de44fe910953a3e686b9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7600.16979_none_e18146271bb75e59\partmgr.sys : 56,688 : 03/17/2012 02:20 AM : 66d3415c159741ade7038a277efff99f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7600.21172_none_e203b90e34db8004\partmgr.sys : 56,176 : 03/17/2012 02:25 AM : 58916826a13a721e7f73f454daa6c9c8 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7601.17514_none_e3a37d7718b1a99e\partmgr.sys : 56,192 : 11/20/2010 07:30 AM : bf8f6af06da75b336f07e23aef97d93b [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7601.17796_none_e34f027718f0b622\partmgr.sys : 56,176 : 03/17/2012 02:27 AM : 3f34a1b4c5f6475f320c275e63afce9b [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7601.21946_none_e40eb0c431e5c75e\partmgr.sys : 56,176 : 03/17/2012 02:05 AM : 2dbfa1d13f039e222d18bc7b36ac6cdb [Pos Repl]

 * C:\Windows\System32\drivers\parvdm.sys : 8,704 : 07/13/2009 06:45 PM : eb0a59f29c19b86479d36b35983daadc [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\parvdm.sys : 8,704 : 07/13/2009 06:45 PM : eb0a59f29c19b86479d36b35983daadc [Pos Repl]
 +-> C:\Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\parvdm.sys : 8,704 : 07/13/2009 06:45 PM : eb0a59f29c19b86479d36b35983daadc [Pos Repl]

 * C:\Windows\System32\drivers\pciidex.sys : 42,560 : 07/13/2009 08:19 PM : ede040d666ff81bf1978d0f19f799e7a [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\pciidex.sys : 42,560 : 07/13/2009 08:19 PM : ede040d666ff81bf1978d0f19f799e7a [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\pciidex.sys : 42,560 : 07/13/2009 08:19 PM : ede040d666ff81bf1978d0f19f799e7a [Pos Repl]
 +-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\pciidex.sys : 42,560 : 07/13/2009 08:19 PM : ede040d666ff81bf1978d0f19f799e7a [Pos Repl]
 +-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\pciidex.sys : 42,560 : 07/13/2009 08:19 PM : ede040d666ff81bf1978d0f19f799e7a [Pos Repl]
 +-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\pciidex.sys : 42,560 : 07/13/2009 08:19 PM : ede040d666ff81bf1978d0f19f799e7a [Pos Repl]
 +-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\pciidex.sys : 42,560 : 07/13/2009 08:19 PM : ede040d666ff81bf1978d0f19f799e7a [Pos Repl]

 * C:\Windows\System32\drivers\pci.sys : 153,984 : 11/20/2010 07:30 AM : 673e55c3498eb970088e812ea820aa8f [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\pci.sys : 153,984 : 11/20/2010 07:30 AM : 673e55c3498eb970088e812ea820aa8f [Pos Repl]
 +-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\pci.sys : 153,680 : 07/13/2009 08:20 PM : c858cb77c577780ecc456a892e7e7d0f [Pos Repl]
 +-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\pci.sys : 153,984 : 11/20/2010 07:30 AM : 673e55c3498eb970088e812ea820aa8f [Pos Repl]

 * C:\Windows\System32\drivers\pcmcia.sys : 180,288 : 07/13/2009 08:19 PM : f396431b31693e71e8a80687ef523506 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\pcmcia.inf_x86_neutral_42dda5eb5768a3df\pcmcia.sys : 180,288 : 07/13/2009 08:19 PM : f396431b31693e71e8a80687ef523506 [Pos Repl]
 +-> C:\Windows\winsxs\x86_pcmcia.inf_31bf3856ad364e35_6.1.7600.16385_none_85a22802fc99e371\pcmcia.sys : 180,288 : 07/13/2009 08:19 PM : f396431b31693e71e8a80687ef523506 [Pos Repl]

 * C:\Windows\System32\drivers\portcls.sys : 177,152 : 10/03/2013 08:17 PM : eb6137d696a9b4e9718ac6f8641cb4c9 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_aed2a4456700dfde\portcls.sys : 177,152 : 07/13/2009 06:51 PM : d72708c9f49500c13d7d067e169b7715 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_df2ea65e936720f7\portcls.sys : 177,152 : 10/03/2013 08:17 PM : eb6137d696a9b4e9718ac6f8641cb4c9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.1.7600.16385_none_603daf367b793e32\portcls.sys : 177,152 : 07/13/2009 06:51 PM : d72708c9f49500c13d7d067e169b7715 [Pos Repl]
 +-> C:\Windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.1.7601.18276_none_622fc7907896be4c\portcls.sys : 177,152 : 10/03/2013 08:17 PM : eb6137d696a9b4e9718ac6f8641cb4c9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.1.7601.22472_none_62b5651991b7f5e1\portcls.sys : 177,152 : 10/03/2013 08:23 PM : b3e02d59c6e49f6a4293eecd67a67be0 [Pos Repl]

 * C:\Windows\System32\drivers\processr.sys : 52,224 : 07/13/2009 06:11 PM : 85b1e3a0c7585bc4aae6899ec6fcf011 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\cpu.inf_x86_neutral_729b871528391032\processr.sys : 52,224 : 07/13/2009 06:11 PM : 85b1e3a0c7585bc4aae6899ec6fcf011 [Pos Repl]
 +-> C:\Windows\winsxs\x86_cpu.inf_31bf3856ad364e35_6.1.7600.16385_none_5d20b0c250b4b524\processr.sys : 52,224 : 07/13/2009 06:11 PM : 85b1e3a0c7585bc4aae6899ec6fcf011 [Pos Repl]

 * C:\Windows\System32\drivers\rasacd.sys : 11,776 : 07/13/2009 06:54 PM : 30a81b53c766d0133bb86d234e5556ab [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_0fb054d9c6a6b4d4\rasacd.sys : 11,776 : 07/13/2009 06:54 PM : 30a81b53c766d0133bb86d234e5556ab [Pos Repl]

 * C:\Windows\System32\drivers\rasl2tp.sys : 78,848 : 07/13/2009 06:54 PM : d9f91eafec2815365cbe6d167e4e332a [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rasbase-rasl2tp_31bf3856ad364e35_6.1.7600.16385_none_99b2a2c04941dfb7\rasl2tp.sys : 78,848 : 07/13/2009 06:54 PM : d9f91eafec2815365cbe6d167e4e332a [Pos Repl]

 * C:\Windows\System32\drivers\raspppoe.sys : 77,824 : 07/13/2009 06:54 PM : 0fe8b15916307a6ac12bfb6a63e45507 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rasbase-raspppoe_31bf3856ad364e35_6.1.7600.16385_none_5609da43fbeb6e85\raspppoe.sys : 77,824 : 07/13/2009 06:54 PM : 0fe8b15916307a6ac12bfb6a63e45507 [Pos Repl]

 * C:\Windows\System32\drivers\raspptp.sys : 73,728 : 07/13/2009 06:54 PM : 631e3e205ad6d86f2aed6a4a8e69f2db [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rasbase-raspptp_31bf3856ad364e35_6.1.7600.16385_none_99c574fc492a728d\raspptp.sys : 73,728 : 07/13/2009 06:54 PM : 631e3e205ad6d86f2aed6a4a8e69f2db [Pos Repl]

 * C:\Windows\System32\drivers\rdbss.sys : 242,688 : 11/20/2010 03:44 AM : d528bc58a489409ba40334ebf96a311b [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rdbss_31bf3856ad364e35_6.1.7600.16385_none_59ab2defc2bd0505\rdbss.sys : 241,664 : 07/13/2009 06:14 PM : 835d7e81bf517a3b72384bdcc85e1ce6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rdbss_31bf3856ad364e35_6.1.7601.17514_none_5bdc41b7bfab889f\rdbss.sys : 242,688 : 11/20/2010 03:44 AM : d528bc58a489409ba40334ebf96a311b [Pos Repl]

 * C:\Windows\System32\drivers\rdpcdd.sys : 6,656 : 11/20/2010 05:22 AM : 23dae03f29d253ae74c44f99e515f9a1 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..niportdisplaydriver_31bf3856ad364e35_6.1.7600.16385_none_d4b17a3e9f928d55\RDPCDD.sys : 6,656 : 07/13/2009 07:01 PM : 1e016846895b15a99f9a176a05029075 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..niportdisplaydriver_31bf3856ad364e35_6.1.7601.17514_none_d6e28e069c8110ef\RDPCDD.sys : 6,656 : 11/20/2010 05:22 AM : 23dae03f29d253ae74c44f99e515f9a1 [Pos Repl]

 * C:\Windows\System32\drivers\rdpdr.sys : 133,632 : 11/20/2010 05:24 AM : b973fcfc50dc1434e1970a146f7e3885 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-terminalservices-rdpdr_31bf3856ad364e35_6.1.7600.16385_none_011065d1aa5ad954\rdpdr.sys : 133,120 : 07/13/2009 07:02 PM : c5ff95883ffef704d50c40d21cfb3ab5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-terminalservices-rdpdr_31bf3856ad364e35_6.1.7601.17514_none_03417999a7495cee\rdpdr.sys : 133,632 : 11/20/2010 05:24 AM : b973fcfc50dc1434e1970a146f7e3885 [Pos Repl]

 * C:\Windows\System32\drivers\rdpwd.sys : 183,808 : 04/27/2012 10:17 PM : f031683e6d1fea157abb2ff260b51e61 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_4b4bde6b36561dcb\rdpwd.sys : 177,152 : 07/13/2009 07:01 PM : 801371ba9782282892d00aadb08ee367 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16963_none_4b5f89133647a225\rdpwd.sys : 177,152 : 02/14/2012 11:22 PM : 0399c725a9c95a6f1862b93f008ddf4a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.17011_none_4b93703d36211704\rdpwd.sys : 177,152 : 04/27/2012 10:19 PM : c5b8d47a4688de9d335204ea757c2240 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.21151_none_4bf1cd584f5f2692\rdpwd.sys : 178,176 : 02/16/2012 11:16 PM : 9abed8c1607153bb89488187529c3db5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.21202_none_4c28df244f35b15b\rdpwd.sys : 178,176 : 04/27/2012 10:19 PM : 9a67f7b4939f6a3ec7464c07737682f6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_4d7cf2333344a165\rdpwd.sys : 183,808 : 11/20/2010 05:22 AM : 288b06960d78428ff89e811632684e20 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17779_none_4d4117e93370c20c\rdpwd.sys : 183,808 : 02/16/2012 11:14 PM : 244c83332f44589ae98fc347f11b2693 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17830_none_4d6356e533586b60\rdpwd.sys : 183,808 : 04/27/2012 10:17 PM : f031683e6d1fea157abb2ff260b51e61 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.21924_none_4dfbc4c44c6a5495\rdpwd.sys : 183,808 : 02/16/2012 11:09 PM : 2570d1f85c0ce1096e075f2de96d11d9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.21982_none_4db8e4a84c9cc98d\rdpwd.sys : 183,808 : 04/27/2012 10:08 PM : f665adb892f8002248274d9a22dddb00 [Pos Repl]

 * C:\Windows\System32\drivers\rmcast.sys : 117,760 : 11/20/2010 05:06 AM : 906dcfc5ebf4ec0433f8d4fffb0ba334 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.1.7600.16385_none_54542254e93e94e1\rmcast.sys : 117,248 : 07/13/2009 06:53 PM : b4090006a82eeb608c358ab5d37de85a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.1.7601.17514_none_5685361ce62d187b\rmcast.sys : 117,760 : 11/20/2010 05:06 AM : 906dcfc5ebf4ec0433f8d4fffb0ba334 [Pos Repl]

 * C:\Windows\System32\drivers\rndismp.sys : 33,280 : 07/04/2012 02:45 PM : ed80d303102a746d30c1684b387bcbf1 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rndis-miniport_31bf3856ad364e35_6.1.7600.16385_none_e10505d0ed38f22a\RNDISMP.sys : 33,280 : 07/13/2009 06:54 PM : 7400cfab5cf36f2294e80b3f3bda3ebc [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rndis-miniport_31bf3856ad364e35_6.1.7601.17887_none_e2ed70b4ea5d7cd5\RNDISMP.sys : 33,280 : 07/04/2012 02:45 PM : ed80d303102a746d30c1684b387bcbf1 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rndis-miniport_31bf3856ad364e35_6.1.7601.22044_none_e39f2474035d9418\RNDISMP.sys : 33,280 : 07/04/2012 02:41 PM : d501fe23fef6c001f1bf21975eec7808 [Pos Repl]

 * C:\Windows\System32\drivers\rootmdm.sys : 8,192 : 07/13/2009 06:55 PM : 564297827d213f52c7a3a2ff749568ca [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-unimodem-core_31bf3856ad364e35_6.1.7600.16385_none_946e88ef35e184db\rootmdm.sys : 8,192 : 07/13/2009 06:55 PM : 564297827d213f52c7a3a2ff749568ca [Pos Repl]

 * C:\Windows\System32\drivers\scsiport.sys : 140,160 : 11/20/2010 07:30 AM : 099972e1faf4950d3994fbab9dd21253 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft.windows.s..se.scsi_port_driver_31bf3856ad364e35_6.1.7600.16385_none_e55684068b7262bb\scsiport.sys : 140,368 : 07/13/2009 08:19 PM : f9882099e58ecf8b0e1c7afa5d2cc56d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft.windows.s..se.scsi_port_driver_31bf3856ad364e35_6.1.7601.17514_none_e78797ce8860e655\scsiport.sys : 140,160 : 11/20/2010 07:30 AM : 099972e1faf4950d3994fbab9dd21253 [Pos Repl]

 * C:\Windows\System32\drivers\serenum.sys : 17,920 : 07/13/2009 06:45 PM : 9ad8b8b515e3df6acd4212ef465de2d1 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serenum.sys : 17,920 : 07/13/2009 06:45 PM : 9ad8b8b515e3df6acd4212ef465de2d1 [Pos Repl]
 +-> C:\Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serenum.sys : 17,920 : 07/13/2009 06:45 PM : 9ad8b8b515e3df6acd4212ef465de2d1 [Pos Repl]

 * C:\Windows\System32\drivers\serial.sys : 83,456 : 07/13/2009 06:45 PM : 5fb7fcea0490d821f26f39cc5ea3d1e2 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys : 83,456 : 07/13/2009 06:45 PM : 5fb7fcea0490d821f26f39cc5ea3d1e2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys : 83,456 : 07/13/2009 06:45 PM : 5fb7fcea0490d821f26f39cc5ea3d1e2 [Pos Repl]

 * C:\Windows\System32\drivers\sffdisk.sys : 11,264 : 07/13/2009 06:45 PM : 9f976e1eb233df46fce808d9dea3eb9c [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\sffdisk.inf_x86_neutral_7e5210507f8fc265\sffdisk.sys : 11,264 : 07/13/2009 06:45 PM : 9f976e1eb233df46fce808d9dea3eb9c [Pos Repl]
 +-> C:\Windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.1.7600.16385_none_a411df264b3d893a\sffdisk.sys : 11,264 : 07/13/2009 06:45 PM : 9f976e1eb233df46fce808d9dea3eb9c [Pos Repl]
 +-> C:\Windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.1.7601.17514_none_a642f2ee482c0cd4\sffdisk.sys : 11,264 : 07/13/2009 06:45 PM : 9f976e1eb233df46fce808d9dea3eb9c [Pos Repl]

 * C:\Windows\System32\drivers\sffp_sd.sys : 12,800 : 11/20/2010 04:50 AM : 6d4ccaedc018f1cf52866bbbaa235982 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\sffdisk.inf_x86_neutral_7e5210507f8fc265\sffp_sd.sys : 12,800 : 11/20/2010 04:50 AM : 6d4ccaedc018f1cf52866bbbaa235982 [Pos Repl]
 +-> C:\Windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.1.7600.16385_none_a411df264b3d893a\sffp_sd.sys : 12,800 : 07/13/2009 06:45 PM : 4f1e5b0fe7c8050668dbfade8999aefb [Pos Repl]
 +-> C:\Windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.1.7601.17514_none_a642f2ee482c0cd4\sffp_sd.sys : 12,800 : 11/20/2010 04:50 AM : 6d4ccaedc018f1cf52866bbbaa235982 [Pos Repl]

 * C:\Windows\System32\drivers\sfloppy.sys : 13,824 : 07/13/2009 06:45 PM : db96666cc8312ebc45032f30b007a547 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_x86_neutral_2102f5344367a352\sfloppy.sys : 13,824 : 07/13/2009 06:45 PM : db96666cc8312ebc45032f30b007a547 [Pos Repl]
 +-> C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_e6e06650dbcf54b4\sfloppy.sys : 13,824 : 07/13/2009 06:45 PM : db96666cc8312ebc45032f30b007a547 [Pos Repl]

 * C:\Windows\System32\drivers\smclib.sys : 17,408 : 07/13/2009 06:45 PM : 2e467e6ca8e0a140c08011844c0d3936 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft.windows.s...smart_card_library_31bf3856ad364e35_6.1.7600.16385_none_f9da031b490b1c8a\smclib.sys : 17,408 : 07/13/2009 06:45 PM : 2e467e6ca8e0a140c08011844c0d3936 [Pos Repl]

 * C:\Windows\System32\drivers\srv.sys : 311,808 : 04/28/2011 09:46 PM : e4c2764065d66ea1d2d3ebc28fe99c46 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7600.16385_none_d9cdbf7e57c72d46\srv.sys : 309,760 : 07/13/2009 06:15 PM : 2ba4ebc7dfba845a1edbe1f75913be33 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7600.16806_none_da2548a6578558d8\srv.sys : 311,296 : 04/28/2011 09:57 PM : c4a027b8c0bd3fc0699f41fa5e9e0c87 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7600.20956_none_da78d5d570cb8457\srv.sys : 311,808 : 04/28/2011 09:49 PM : 110ad8cd36f173e917b1145950042b79 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7601.17514_none_dbfed34654b5b0e0\srv.sys : 311,296 : 11/20/2010 03:45 AM : 112127c3b2e64d7680cc39cd0a39dd7e [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7601.17608_none_dc0da64054a9f772\srv.sys : 311,808 : 04/28/2011 09:46 PM : e4c2764065d66ea1d2d3ebc28fe99c46 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7601.21717_none_dc8b72d56dd099d6\srv.sys : 311,808 : 04/28/2011 10:19 PM : b9526afe58b0eb537a391dfa925a1e40 [Pos Repl]

 * C:\Windows\System32\drivers\stream.sys : 53,632 : 07/13/2009 06:50 PM : 45b44fc9e5ac0db02b19d515ee809de5 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-streamclass_31bf3856ad364e35_6.1.7600.16385_none_5e3aebd498f644ed\stream.sys : 53,632 : 07/13/2009 06:50 PM : 45b44fc9e5ac0db02b19d515ee809de5 [Pos Repl]

 * C:\Windows\System32\drivers\swenum.sys : 12,240 : 07/13/2009 08:19 PM : e58c78a848add9610a4db6d214af5224 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\swenum.sys : 12,240 : 07/13/2009 08:19 PM : e58c78a848add9610a4db6d214af5224 [Pos Repl]
 +-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\swenum.sys : 12,240 : 07/13/2009 08:19 PM : e58c78a848add9610a4db6d214af5224 [Pos Repl]
 +-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\swenum.sys : 12,240 : 07/13/2009 08:19 PM : e58c78a848add9610a4db6d214af5224 [Pos Repl]

 * C:\Windows\System32\drivers\tape.sys : 24,576 : 07/13/2009 06:45 PM : 949c35bf4ae6c110a924ab5e2175dda7 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft.windows.h..pedrive-driverclass_31bf3856ad364e35_6.1.7600.16385_none_9200269b1ea20fd1\tape.sys : 24,576 : 07/13/2009 06:45 PM : 949c35bf4ae6c110a924ab5e2175dda7 [Pos Repl]

 * C:\Windows\System32\Drivers\tcpip.sys : 1,294,272 : 09/07/2013 09:07 PM : ca59f7c570af70bc174f477cfe2d9ee3 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys : 1,285,712 : 07/13/2009 08:19 PM : 2cc3d75488abd3ec628bbb9a4fc84efc [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys : 1,287,528 : 01/03/2013 11:55 PM : bbceaeff1fd72a026f827cbb2f4aa8ad [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys : 1,303,912 : 01/03/2013 00:01 AM : 34ae5cc0c7417ab701c2aa8a7bc75417 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys : 1,290,112 : 11/20/2010 07:30 AM : 37e8fa3779668837ca9e2c36d2415949 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys : 1,292,144 : 08/22/2012 12:16 AM : a5ebb8f648000e88b7d9390b514976bf [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys : 1,293,680 : 10/03/2012 11:58 AM : e23a56f843e2aebbb209d0acca73c640 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys : 1,293,672 : 01/03/2013 00:05 AM : 7c0507d2391af5933600cbced799f277 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys : 1,293,672 : 05/08/2013 00:38 AM : d32fdac73fcd76b85389c39bc1087f2a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys : 1,293,760 : 07/06/2013 00:05 AM : 4e8b9be71b807b3baedb7f4243f85e3c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys : 1,294,272 : 09/07/2013 09:07 PM : ca59f7c570af70bc174f477cfe2d9ee3 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys : 1,306,992 : 08/22/2012 12:05 AM : 23790a44d9a6b67f8690c34d4f516446 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys : 1,308,040 : 10/03/2012 11:44 AM : d490dd0a91b4eac3b4ee08d11ee37c31 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys : 1,308,504 : 01/03/2013 11:56 PM : 4a95845c5f33a4ddeb6aef6367fb6520 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys : 1,309,032 : 05/08/2013 01:15 AM : 6088d01fad49729ea0a5a3d9b9ba8b84 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys : 1,309,120 : 07/05/2013 11:57 PM : 528f7cc60391dd0fab0344f32f051fdf [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys : 1,309,120 : 09/06/2013 09:06 PM : 6c4f3d92764ffa22d28061a4d9235446 [Pos Repl]

 * C:\Windows\System32\drivers\tdi.sys : 21,504 : 11/20/2010 03:39 AM : 2f885864d5bc8a16c86bee595969a48a [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tdi-driver_31bf3856ad364e35_6.1.7600.16385_none_66c49eaf974a0e9b\tdi.sys : 20,992 : 07/13/2009 06:12 PM : 52639c994fe3cd975bfe7428b939b320 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tdi-driver_31bf3856ad364e35_6.1.7601.17514_none_68f5b27794389235\tdi.sys : 21,504 : 11/20/2010 03:39 AM : 2f885864d5bc8a16c86bee595969a48a [Pos Repl]

 * C:\Windows\System32\drivers\tdpipe.sys : 18,432 : 11/20/2010 05:21 AM : 1cb91b2bd8f6dd367dfc2ef26fd751b2 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_db828d8fa60ad848\tdpipe.sys : 17,920 : 07/13/2009 07:01 PM : 1875c1490d99e70e449e3afae9fcbadf [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16963_none_db963837a5fc5ca2\tdpipe.sys : 17,920 : 07/13/2009 07:01 PM : 1875c1490d99e70e449e3afae9fcbadf [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.21151_none_dc287c7cbf13e10f\tdpipe.sys : 17,920 : 07/13/2009 07:01 PM : 1875c1490d99e70e449e3afae9fcbadf [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdpipe.sys : 18,432 : 11/20/2010 05:21 AM : 1cb91b2bd8f6dd367dfc2ef26fd751b2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17779_none_dd77c70da3257c89\tdpipe.sys : 18,432 : 11/20/2010 05:21 AM : 1cb91b2bd8f6dd367dfc2ef26fd751b2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.21924_none_de3273e8bc1f0f12\tdpipe.sys : 18,432 : 11/20/2010 05:21 AM : 1cb91b2bd8f6dd367dfc2ef26fd751b2 [Pos Repl]

 * C:\Windows\System32\drivers\tdtcp.sys : 24,576 : 02/16/2012 11:13 PM : 2c2c5afe7ee4f620d69c23c0617651a8 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_db828d8fa60ad848\tdtcp.sys : 24,064 : 07/13/2009 07:01 PM : 7551e91ea999ee9a8e9c331d5a9c31f3 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16963_none_db963837a5fc5ca2\tdtcp.sys : 24,064 : 02/14/2012 11:22 PM : 7156308896d34ea75a582f9a09e50c17 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.21151_none_dc287c7cbf13e10f\tdtcp.sys : 24,064 : 02/16/2012 11:16 PM : b311ac66edb0201981f6c1a444e42454 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdtcp.sys : 24,576 : 11/20/2010 05:21 AM : 2c10395baa4847f83042813c515cc289 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17779_none_dd77c70da3257c89\tdtcp.sys : 24,576 : 02/16/2012 11:13 PM : 2c2c5afe7ee4f620d69c23c0617651a8 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.21924_none_de3273e8bc1f0f12\tdtcp.sys : 24,576 : 02/16/2012 11:09 PM : 010560bc6586d1c1cc7cef24b5db4d94 [Pos Repl]

 * C:\Windows\System32\drivers\tdx.sys : 74,752 : 11/20/2010 03:39 AM : b459575348c20e8121d6039da063c704 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys : 74,240 : 07/13/2009 06:12 PM : cb39e896a2a83702d1737bfd402b3542 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_ec4532373a57c1c2\tdx.sys : 74,752 : 11/20/2010 03:39 AM : b459575348c20e8121d6039da063c704 [Pos Repl]

 * C:\Windows\System32\drivers\termdd.sys : 53,120 : 11/20/2010 07:30 AM : 04dbf4b01ea4bf25a9a3e84affac9b20 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\termdd.sys : 53,120 : 11/20/2010 07:30 AM : 04dbf4b01ea4bf25a9a3e84affac9b20 [Pos Repl]
 +-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\termdd.sys : 51,776 : 07/13/2009 08:19 PM : c36f41ee20e6999dbf4b0425963268a5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\termdd.sys : 53,120 : 11/20/2010 07:30 AM : 04dbf4b01ea4bf25a9a3e84affac9b20 [Pos Repl]

 * C:\Windows\System32\drivers\udfs.sys : 246,784 : 11/20/2010 03:42 AM : ee43346c7e4b5e63e54f927babbb32ff [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-udfs_31bf3856ad364e35_6.1.7600.16385_none_a64fee667e374655\udfs.sys : 246,784 : 07/13/2009 06:14 PM : 09cc3e16f8e5ee7168e01cf8fcbe061a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-udfs_31bf3856ad364e35_6.1.7601.17514_none_a881022e7b25c9ef\udfs.sys : 246,784 : 11/20/2010 03:42 AM : ee43346c7e4b5e63e54f927babbb32ff [Pos Repl]

 * C:\Windows\System32\drivers\usb8023.sys : 15,872 : 02/11/2013 10:32 PM : fe8a57c8e04edd3aa8add8f3c8f65297 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7600.16385_none_c4c31b1bb3fed11a\usb8023.sys : 15,872 : 07/13/2009 06:54 PM : b71da871254d96d0349639d03e4c1cc1 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7600.17233_none_c4f71175b3d82f31\usb8023.sys : 15,872 : 02/12/2013 08:51 AM : a9645d3f7b14f6c8f4bfac4ff81b4cbb [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7600.21444_none_c576e084ccfd016a\usb8023.sys : 15,872 : 02/11/2013 10:31 PM : 3f39ee7c311b3d65ce5354fcb4de7bef [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7601.18076_none_c6b52fa9b11c56e6\usb8023.sys : 15,872 : 02/11/2013 10:32 PM : fe8a57c8e04edd3aa8add8f3c8f65297 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7601.22248_none_c7613eb2ca1fd2b2\usb8023.sys : 15,872 : 02/11/2013 10:20 PM : 81c26bc6f9c73334df29b859ad3e5659 [Pos Repl]

 * C:\Windows\System32\drivers\usbcamd2.sys : 25,856 : 11/20/2010 05:00 AM : e071e5be621fec4590117c488a78ae32 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usbcamd_31bf3856ad364e35_6.1.7600.16385_none_9f5eb7b3d98ea3ce\USBCAMD2.sys : 25,856 : 07/13/2009 06:51 PM : 2190f65ec7e9ae7a301e01e4261acef8 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usbcamd_31bf3856ad364e35_6.1.7601.17514_none_a18fcb7bd67d2768\USBCAMD2.sys : 25,856 : 11/20/2010 05:00 AM : e071e5be621fec4590117c488a78ae32 [Pos Repl]

 * C:\Windows\System32\drivers\usbcamd.sys : 25,856 : 11/20/2010 05:00 AM : fd82d2b38c465a55c527e339ba1201b1 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usbcamd_31bf3856ad364e35_6.1.7600.16385_none_9f5eb7b3d98ea3ce\USBCAMD.sys : 25,856 : 07/13/2009 06:51 PM : 47d88f155eb4e4be60ebd76ac8d17db7 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usbcamd_31bf3856ad364e35_6.1.7601.17514_none_a18fcb7bd67d2768\USBCAMD.sys : 25,856 : 11/20/2010 05:00 AM : fd82d2b38c465a55c527e339ba1201b1 [Pos Repl]

 * C:\Windows\System32\drivers\usbccgp.sys : 76,288 : 09/03/2013 08:14 PM : 71d97f1a3cc47a56728f7a400a3f8295 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_2620fd493cad7d41\usbccgp.sys : 75,776 : 11/20/2010 05:00 AM : 7e72e7d7e0757d59481d530fd2b0bfae [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_ef2e2e69da5c57df\usbccgp.sys : 76,288 : 09/03/2013 08:14 PM : 71d97f1a3cc47a56728f7a400a3f8295 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7600.16385_none_cacebd196fc5e8e0\usbccgp.sys : 75,264 : 07/13/2009 06:51 PM : 8455c4ed038efd09e99327f9d2d48ffa [Pos Repl]
 +-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.17514_none_ccffd0e16cb46c7a\usbccgp.sys : 75,776 : 11/20/2010 05:00 AM : 7e72e7d7e0757d59481d530fd2b0bfae [Pos Repl]
 +-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.18251_none_ccd173d96cd7b265\usbccgp.sys : 76,288 : 09/03/2013 08:14 PM : 71d97f1a3cc47a56728f7a400a3f8295 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.22441_none_cd65e27685ed3365\usbccgp.sys : 76,288 : 09/03/2013 08:18 PM : e4ec748eab50e6bc7fd7e4f5d507a639 [Pos Repl]

 * C:\Windows\System32\drivers\usbd.sys : 6,016 : 09/03/2013 08:14 PM : 6fb17d7a2e76b838886e5e8c60239dae [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_12acda10f5c2fedf\usbd.sys : 6,016 : 09/03/2013 08:14 PM : 6fb17d7a2e76b838886e5e8c60239dae [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_f9abf85fd00186bd\usbd.sys : 5,888 : 07/13/2009 06:51 PM : 18e71ea0e063037a5c3c8272a5262b7c [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16385_none_bd98b59664e136c7\usbd.sys : 5,888 : 07/13/2009 06:51 PM : 18e71ea0e063037a5c3c8272a5262b7c [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_bfc9c95e61cfba61\usbd.sys : 5,888 : 07/13/2009 06:51 PM : 18e71ea0e063037a5c3c8272a5262b7c [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.18251_none_bf9b6c5661f3004c\usbd.sys : 6,016 : 09/03/2013 08:14 PM : 6fb17d7a2e76b838886e5e8c60239dae [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.22441_none_c02fdaf37b08814c\usbd.sys : 6,016 : 09/03/2013 08:18 PM : cfbc3568aeb4a5329a8466b80e7f1ea4 [Pos Repl]

 * C:\Windows\System32\drivers\usbehci.sys : 43,008 : 09/03/2013 08:14 PM : c4fb8e7adea9b5ceea885a1b504b7e40 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_12acda10f5c2fedf\usbehci.sys : 43,008 : 09/03/2013 08:14 PM : c4fb8e7adea9b5ceea885a1b504b7e40 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_f9abf85fd00186bd\usbehci.sys : 42,496 : 11/20/2010 04:59 AM : cfbce999c057d78979a181c9c60f208e [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16385_none_bd98b59664e136c7\usbehci.sys : 41,472 : 07/13/2009 06:51 PM : 1c333bfd60f2fed2c7ad5daf533cb742 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_bfc9c95e61cfba61\usbehci.sys : 42,496 : 11/20/2010 04:59 AM : cfbce999c057d78979a181c9c60f208e [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.18251_none_bf9b6c5661f3004c\usbehci.sys : 43,008 : 09/03/2013 08:14 PM : c4fb8e7adea9b5ceea885a1b504b7e40 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.22441_none_c02fdaf37b08814c\usbehci.sys : 43,008 : 09/03/2013 08:18 PM : ccb7e9f2963089872036b8f29d067d82 [Pos Repl]

 * C:\Windows\System32\drivers\usbhub.sys : 258,560 : 09/03/2013 08:15 PM : 86aa95acb611001e26cd2c0145f2225a [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_2620fd493cad7d41\usbhub.sys : 258,560 : 11/20/2010 05:01 AM : 9d22aad9ac6a07c691a1113e5f860868 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_ef2e2e69da5c57df\usbhub.sys : 258,560 : 09/03/2013 08:15 PM : 86aa95acb611001e26cd2c0145f2225a [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_12acda10f5c2fedf\usbhub.sys : 258,560 : 09/03/2013 08:15 PM : 86aa95acb611001e26cd2c0145f2225a [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_f9abf85fd00186bd\usbhub.sys : 258,560 : 11/20/2010 05:01 AM : 9d22aad9ac6a07c691a1113e5f860868 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7600.16385_none_cacebd196fc5e8e0\usbhub.sys : 258,560 : 07/13/2009 06:52 PM : ee6ef93ccfa94fae8c6ab298273d8ae2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.17514_none_ccffd0e16cb46c7a\usbhub.sys : 258,560 : 11/20/2010 05:01 AM : 9d22aad9ac6a07c691a1113e5f860868 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.18251_none_ccd173d96cd7b265\usbhub.sys : 258,560 : 09/03/2013 08:15 PM : 86aa95acb611001e26cd2c0145f2225a [Pos Repl]
 +-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.22441_none_cd65e27685ed3365\usbhub.sys : 258,560 : 09/03/2013 08:19 PM : d61ec91f6f46c6b5c20413b9c09df06f [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16385_none_bd98b59664e136c7\usbhub.sys : 258,560 : 07/13/2009 06:52 PM : ee6ef93ccfa94fae8c6ab298273d8ae2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_bfc9c95e61cfba61\usbhub.sys : 258,560 : 11/20/2010 05:01 AM : 9d22aad9ac6a07c691a1113e5f860868 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.18251_none_bf9b6c5661f3004c\usbhub.sys : 258,560 : 09/03/2013 08:15 PM : 86aa95acb611001e26cd2c0145f2225a [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.22441_none_c02fdaf37b08814c\usbhub.sys : 258,560 : 09/03/2013 08:19 PM : d61ec91f6f46c6b5c20413b9c09df06f [Pos Repl]

 * C:\Windows\System32\drivers\usbport.sys : 284,672 : 09/03/2013 08:14 PM : fda6f2bb7fa034d95863ed8788b4e416 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_12acda10f5c2fedf\usbport.sys : 284,672 : 09/03/2013 08:14 PM : fda6f2bb7fa034d95863ed8788b4e416 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_f9abf85fd00186bd\usbport.sys : 284,672 : 11/20/2010 05:00 AM : f3adcfb2f0ba791a26ac8e9c33d7e20e [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16385_none_bd98b59664e136c7\usbport.sys : 284,160 : 07/13/2009 06:51 PM : f6d1c957c5bf4f274aad1da7059916e4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_bfc9c95e61cfba61\usbport.sys : 284,672 : 11/20/2010 05:00 AM : f3adcfb2f0ba791a26ac8e9c33d7e20e [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.18251_none_bf9b6c5661f3004c\usbport.sys : 284,672 : 09/03/2013 08:14 PM : fda6f2bb7fa034d95863ed8788b4e416 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.22441_none_c02fdaf37b08814c\usbport.sys : 284,672 : 09/03/2013 08:18 PM : 3d2040435e565477fbfa760358a2982b [Pos Repl]

 * C:\Windows\System32\drivers\USBSTOR.sys : 76,288 : 03/10/2011 11:01 PM : f991ab9cc6b908db552166768176896a [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_x86_neutral_c77d41a490bdc63d\USBSTOR.SYS : 76,288 : 11/20/2010 05:00 AM : bf63ebfc6979fefb2bc03df7989a0c1a [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_x86_neutral_e6d53e776821c5b8\USBSTOR.SYS : 76,288 : 03/10/2011 11:01 PM : f991ab9cc6b908db552166768176896a [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7600.16385_none_485ca4d9f926b0b4\USBSTOR.SYS : 74,752 : 07/13/2009 06:51 PM : d8889d56e0d27e57ed4591837fe71d27 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7600.16778_none_486a7d3bf91bd564\USBSTOR.SYS : 75,776 : 03/10/2011 11:08 PM : 1c4287739a93594e57e2a9e6a3ed7353 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7600.20921_none_492329831217353f\USBSTOR.SYS : 75,776 : 03/10/2011 11:14 PM : e3d648ebd6eaae3c1a93e640c467d625 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7601.17514_none_4a8db8a1f615344e\USBSTOR.SYS : 76,288 : 11/20/2010 05:00 AM : bf63ebfc6979fefb2bc03df7989a0c1a [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7601.17577_none_4a4fd9f7f64327f9\USBSTOR.SYS : 76,288 : 03/10/2011 11:01 PM : f991ab9cc6b908db552166768176896a [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7601.21680_none_4ac7a4d10f6f3253\USBSTOR.SYS : 76,288 : 03/10/2011 10:48 PM : 6a3db51d317307f3ac65cb127b9a2beb [Pos Repl]

 * C:\Windows\System32\drivers\usbuhci.sys : 24,064 : 09/03/2013 08:14 PM : 8e51d04175baa14c4f79aa5f6d248770 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_12acda10f5c2fedf\usbuhci.sys : 24,064 : 09/03/2013 08:14 PM : 8e51d04175baa14c4f79aa5f6d248770 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_f9abf85fd00186bd\usbuhci.sys : 24,064 : 07/13/2009 06:51 PM : 78780c3ebce17405b1ccd07a3a8a7d72 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16385_none_bd98b59664e136c7\usbuhci.sys : 24,064 : 07/13/2009 06:51 PM : 78780c3ebce17405b1ccd07a3a8a7d72 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_bfc9c95e61cfba61\usbuhci.sys : 24,064 : 07/13/2009 06:51 PM : 78780c3ebce17405b1ccd07a3a8a7d72 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.18251_none_bf9b6c5661f3004c\usbuhci.sys : 24,064 : 09/03/2013 08:14 PM : 8e51d04175baa14c4f79aa5f6d248770 [Pos Repl]
 +-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.22441_none_c02fdaf37b08814c\usbuhci.sys : 24,576 : 09/03/2013 08:18 PM : bf11c0d7a8d2aeb3a010c28df7b15b75 [Pos Repl]

 * C:\Windows\System32\drivers\vga.sys : 25,088 : 07/13/2009 06:25 PM : 8e38096ad5c8570a6f1570a61e251561 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-standardvga_31bf3856ad364e35_6.1.7600.16385_none_9c6287a93b5351ec\vga.sys : 25,088 : 07/13/2009 06:25 PM : 8e38096ad5c8570a6f1570a61e251561 [Pos Repl]

 * C:\Windows\System32\drivers\videoprt.sys : 111,616 : 07/13/2009 06:25 PM : 15c126d1b55814b9e5cab10a9c1f4c67 [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-videoport_31bf3856ad364e35_6.1.7600.16385_none_bbf0a23665b80f3d\videoprt.sys : 111,616 : 07/13/2009 06:25 PM : 15c126d1b55814b9e5cab10a9c1f4c67 [Pos Repl]

 * C:\Windows\System32\drivers\volsnap.sys : 245,632 : 11/20/2010 07:30 AM : f497f67932c6fa693d7de2780631cfe7 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys : 245,632 : 11/20/2010 07:30 AM : f497f67932c6fa693d7de2780631cfe7 [Pos Repl]
 +-> C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_158d0da45d68903e\volsnap.sys : 245,328 : 07/13/2009 08:19 PM : 58df9d2481a56edde167e51b334d44fd [Pos Repl]
 +-> C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys : 245,632 : 11/20/2010 07:30 AM : f497f67932c6fa693d7de2780631cfe7 [Pos Repl]

 * C:\Windows\System32\drivers\wanarp.sys : 63,488 : 11/20/2010 05:07 AM : 3c3c78515f5ab448b022bdf5b8ffdd2e [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7600.16385_none_0db6be04dbc2da8a\wanarp.sys : 63,488 : 07/13/2009 06:55 PM : 692a712062146e96d28ba0b7d75de31b [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_0fe7d1ccd8b15e24\wanarp.sys : 63,488 : 11/20/2010 05:07 AM : 3c3c78515f5ab448b022bdf5b8ffdd2e [Pos Repl]

 * C:\Windows\System32\drivers\wmilib.sys : 14,912 : 07/13/2009 08:19 PM : 9a5b1059fe015db5269fbb25acbf841d [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-wmilib_31bf3856ad364e35_6.1.7600.16385_none_592b507a658046bb\wmilib.sys : 14,912 : 07/13/2009 08:19 PM : 9a5b1059fe015db5269fbb25acbf841d [Pos Repl]

 * C:\Windows\System32\drivers\ws2ifsl.sys : 16,384 : 07/13/2009 06:55 PM : 6db3276587b853bf886b69528fdb048c [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys : 16,384 : 07/13/2009 06:55 PM : 6db3276587b853bf886b69528fdb048c [Pos Repl]

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost
  ::1             localhost

Program finished at: 01/01/2014 08:51:27 AM
Execution time: 0 hours(s), 10 minute(s), and 12 seconds(s)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users