Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think i have some infection/trojan


  • This topic is locked This topic is locked
3 replies to this topic

#1 nevermore_32

nevermore_32

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:31 PM

Posted 03 January 2017 - 07:27 PM

Hi,

 

I have been having problems recently with my browser then windows update(the past 2 days specifically). While trying to sort that it became more obvious it was malware/virus/trojan. MBAM deteced Geekbuddy as PUP. I suspected it was being used/hijacked(have a screenshot). I uninstalled Comodo as it seemed to have something to do with it. I noticed files started appearing with unknown publisher. When I went to services.msc to sort out windows update for instance it was an unknown publisher. Geekbuddy and others would not uninstall. Almost total destruction yesterday with restart cycles on startup. I installed comodo stand alone cloud antivirus but it cannot connect to cloud(i suspect something is stopping it) and it gets stuck. It is constantly sandboxing windows files. It will run safe mode. Ran ESET online scanner in safe mode. Found 10 threats one of which Win32/FusionCore.k  I have a screenshot. It was able to complete and clean. TDSS killer cannot finish and on restart to safe mode is deleted. MBAM still does not detect anything. I reinstalled that as other suggestions but still nothing. On normal start it goes to black screen very slow (10 minutes+)and then shows my computer folder which is sandboxed. It can run Rkill which gives varying results. I will add in the most recent here. I have also tried adw cleaner -no results, hitman pro - no results, rogue killer - no results, spybot - no results and windows all-in-one at the start which did sort some of the windows files re the original windows update issue.

I was so worried about data being leaked and online banking and such. I am going through and checking/changing passwords on a safe separate computer. I have moved some files that I want to keep should it become irreparable to a usb stick. I realize I can't use this unless it is somehow decontaminated - I will find out about USB panda vaccine or such. I will attempt to clean with rogue killer again and see if i can bring my antivirus back online in the mean time. I am keeping it off the internet as much as possible. I hope this can be fixed!! :radioactive: :smash:

 

Below is the latest Rkill I ran. I have others and one came up with malware processes to terminate system32\SearchIndexer.exe and system32\SearchProtocolHost.exe . I saved the logs.

 

Thanks!! You guys are great - I always keep an eye on the site.

 

Rkill 2.8.4 by Lawrence Abrams (Grinler)
Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 01/03/2017 11:35:26 PM in x64 mode. (Safe Mode)
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Possibly Patched Files.
 
 * C:\Windows\system32\csrss.exe
 * C:\Windows\system32\wininit.exe
 * C:\Windows\system32\csrss.exe
 * C:\Windows\system32\services.exe
 * C:\Windows\system32\lsass.exe
 * C:\Windows\system32\lsm.exe
 * C:\Windows\system32\winlogon.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\System32\svchost.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\system32\svchost.exe
 * C:\Windows\Explorer.EXE
 * C:\Windows\system32\ctfmon.exe
 * C:\Windows\system32\DllHost.exe
 * C:\Windows\system32\DllHost.exe
 * C:\Windows\system32\conhost.exe
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Automatic
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Automatic
 
 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
Searching for Missing Digital Signatures: 
 
 * C:\Windows\System32\browser.dll : 136,704 : 07/04/2012 11:13 PM : 05f5a0d14a2ee1d8255c2aa0e9e8e694 [NoSig]
 +-> C:\Windows\erdnt\cache64\browser.dll : 136,704 : 07/04/2012 11:13 PM : 05f5a0d14a2ee1d8255c2aa0e9e8e694 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17514_none_d70f2c28b49dffae\browser.dll : 136,192 : 11/21/2010 04:24 AM : 8ef0d5c41ec907751b8429162b1239ed [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17887_none_d6c68344b4d406bf\browser.dll : 136,704 : 07/04/2012 11:13 PM : 05f5a0d14a2ee1d8255c2aa0e9e8e694 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.22044_none_d7783703cdd41e02\browser.dll : 136,704 : 07/04/2012 11:06 PM : 156768abae1daf29ba0b0c05c21fef09 [Pos Repl]
 
 * C:\Windows\System32\cngaudit.dll : 18,944 : 07/14/2009 02:40 AM : 86fe1b1f8fd42cd0db641ab1cdb13093 [NoSig]
 +-> C:\Windows\erdnt\cache64\cngaudit.dll : 18,944 : 07/14/2009 02:40 AM : 86fe1b1f8fd42cd0db641ab1cdb13093 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\cngaudit.dll : 12,288 : 07/14/2009 02:15 AM : 50ba656134f78af64e4dd3c8b6fefd7e [Pos Repl]
 +-> C:\Windows\SysWOW64\cngaudit.dll : 12,288 : 07/14/2009 02:15 AM : 50ba656134f78af64e4dd3c8b6fefd7e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll : 18,944 : 07/14/2009 02:40 AM : 86fe1b1f8fd42cd0db641ab1cdb13093 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll : 12,288 : 07/14/2009 02:15 AM : 50ba656134f78af64e4dd3c8b6fefd7e [Pos Repl]
 
 * C:\Windows\System32\comctl32.dll : 633,856 : 04/24/2015 07:17 PM : 51f89ce2d0fec66070354504e6c4c3e4 [NoSig]
 +-> C:\Windows\erdnt\cache64\comctl32.dll : 633,856 : 04/24/2015 07:17 PM : 51f89ce2d0fec66070354504e6c4c3e4 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\comctl32.dll : 530,432 : 04/24/2015 06:56 PM : 58788565442368b0615ddaf1d452b843 [Pos Repl]
 +-> C:\Windows\SysWOW64\comctl32.dll : 530,432 : 04/24/2015 06:56 PM : 58788565442368b0615ddaf1d452b843 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_97c2246fee970dbb\comctl32.dll : 633,856 : 11/21/2010 04:24 AM : 14dfdeaf4e589ed3f1ff187a86b9408c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18837_none_97af745feea4a2b8\comctl32.dll : 633,856 : 04/24/2015 07:17 PM : 51f89ce2d0fec66070354504e6c4c3e4 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.23039_none_983ae9e107c0a872\comctl32.dll : 633,856 : 04/24/2015 07:23 PM : 8b2db34ccd937cd4adf7de62c9e79069 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll : 633,856 : 11/21/2010 04:24 AM : 14dfdeaf4e589ed3f1ff187a86b9408c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll : 633,856 : 04/24/2015 07:17 PM : 51f89ce2d0fec66070354504e6c4c3e4 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.23039_none_a6b7fbc96e401250\comctl32.dll : 633,856 : 04/24/2015 07:23 PM : 8b2db34ccd937cd4adf7de62c9e79069 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll : 2,030,080 : 11/21/2010 04:23 AM : 7fa8fdc2c2a27817fd0f624e78d3b50c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll : 2,030,592 : 04/24/2015 07:12 PM : 271dc9a33422d9a85e3790a0af0a91ef [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23039_none_e36d4d173100d4ed\comctl32.dll : 2,030,592 : 04/24/2015 07:15 PM : e6fd06e7948b35b604cf188b554e9760 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_3ba388ec36399c85\comctl32.dll : 530,432 : 11/21/2010 04:23 AM : bdac1aa64495d0f7e1ff810ebbf1f018 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18837_none_3b90d8dc36473182\comctl32.dll : 530,432 : 04/24/2015 06:56 PM : 58788565442368b0615ddaf1d452b843 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.23039_none_3c1c4e5d4f63373c\comctl32.dll : 530,432 : 04/24/2015 07:00 PM : 71dd9528dd7d36eb853020401d66089d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll : 530,432 : 11/21/2010 04:24 AM : bdac1aa64495d0f7e1ff810ebbf1f018 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll : 530,432 : 04/24/2015 06:56 PM : 58788565442368b0615ddaf1d452b843 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.23039_none_ee6532a082bc3b56\comctl32.dll : 530,432 : 04/24/2015 07:00 PM : 71dd9528dd7d36eb853020401d66089d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll : 1,680,896 : 11/21/2010 04:23 AM : 352b3dc62a0d259a82a052238425c872 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll : 1,680,896 : 04/24/2015 06:54 PM : 885e18b2d0a445fb637850282530eb72 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23039_none_2b1a83ee457cfdf3\comctl32.dll : 1,680,896 : 04/24/2015 06:57 PM : f7f754ddaa6af9d3f3549f7013bfdf70 [Pos Repl]
 
 * C:\Windows\System32\comres.dll : 1,297,408 : 07/14/2009 02:26 AM : 1a47d52e303b7543e4e6026595b95422 [NoSig]
 +-> C:\Windows\erdnt\cache64\comres.dll : 1,297,408 : 07/14/2009 02:26 AM : 1a47d52e303b7543e4e6026595b95422 [Pos Repl]
 +-> C:\Windows\SysWOW64\comres.dll : 1,297,408 : 07/14/2009 02:04 AM : 808d8a8b2a3074002852bc856d419576 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_88a5cc7effe2dfca\comres.dll : 1,297,408 : 07/14/2009 02:26 AM : 1a47d52e303b7543e4e6026595b95422 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_2c8730fb47856e94\comres.dll : 1,297,408 : 07/14/2009 02:04 AM : 808d8a8b2a3074002852bc856d419576 [Pos Repl]
 
 * C:\Windows\System32\conhost.exe : 338,432 : 05/09/2015 04:25 AM : bbfa57e64ce337686c2bc3f56881d55b [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17514_none_d281ccc018b94ff4\conhost.exe : 337,920 : 11/21/2010 04:23 AM : bd51024fb014064bc9fe8c715c18392f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.18015_none_d282acc418b89129\conhost.exe : 338,432 : 05/26/2014 04:45 PM : 1bcdb508143b517f21bbdac10f5777bf [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.18229_none_d27be1cc18bd0cc4\conhost.exe : 338,432 : 08/02/2013 02:09 AM : bf95ea5809e3bbf55370f7cb309febd0 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.18798_none_d22f3b8c18f6a8c7\conhost.exe : 338,432 : 03/17/2015 06:15 AM : a32ca33e8692da882133341af31a4c36 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.18847_none_d2644cc418cf00e2\conhost.exe : 338,432 : 05/09/2015 04:25 AM : bbfa57e64ce337686c2bc3f56881d55b [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.22177_none_d2cd6a9b32050b47\conhost.exe : 338,432 : 11/30/2012 06:49 AM : b19b30e594ee374c69f71dad26198400 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.22436_none_d2f7afb331e579a1\conhost.exe : 338,432 : 05/26/2014 04:45 PM : d62757257b2dcbd15b1ba9ea3b385c1a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.22653_none_d2df12c931f85fcc\conhost.exe : 338,432 : 04/12/2014 03:31 AM : e1936d112524bdc9bd05ce3eb9184088 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.23002_none_d313ffef31d0e577\conhost.exe : 338,432 : 03/17/2015 06:10 AM : 98177f6a2c466346b9ab0705adabadd1 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.23049_none_d2efc24531eb069c\conhost.exe : 338,432 : 05/09/2015 07:04 AM : fa0fd0eb07bd1ddd05b6d0f9f8946a7e [Pos Repl]
 
 * C:\Windows\System32\cryptsvc.dll : 188,416 : 04/27/2015 08:23 PM : 7bc3e861f7e8eb543a630090fae779e0 [NoSig]
 +-> C:\Windows\erdnt\cache64\cryptsvc.dll : 188,416 : 04/27/2015 08:23 PM : 7bc3e861f7e8eb543a630090fae779e0 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\cryptsvc.dll : 143,872 : 04/27/2015 08:04 PM : 33f67bbcc3c0499d3f3382473114cfa8 [Pos Repl]
 +-> C:\Windows\SysWOW64\cryptsvc.dll : 143,872 : 04/27/2015 08:04 PM : 33f67bbcc3c0499d3f3382473114cfa8 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll : 177,152 : 11/21/2010 04:24 AM : 15597883fbe9b056f276ada3ad87d9af [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll : 184,320 : 05/10/2013 06:49 AM : 7fdc4626b01106a8ef328c88c7c0dee3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll : 184,320 : 05/13/2013 06:51 AM : d8129c49798cbbfb2e4351d4b7b8ef9c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18741_none_d4021b35b189f3e7\cryptsvc.dll : 187,904 : 02/03/2015 04:30 AM : 1cd76a83b9e8e9a5a3519b39e28354d9 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18839_none_d414ef57b17a9fd5\cryptsvc.dll : 188,416 : 04/27/2015 08:23 PM : 7bc3e861f7e8eb543a630090fae779e0 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll : 186,880 : 05/10/2013 06:18 AM : ca13c4f92bee66db48e58ab3223ddf6e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll : 186,880 : 05/11/2013 06:18 AM : 8122252f0a4acfa92fa0c1d50d18493b [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22948_none_d492bbeccaa14239\cryptsvc.dll : 190,976 : 02/03/2015 04:50 AM : 00d0f7ba3b27126a3e25b540979a9f39 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.23040_none_d48a91becaa8aac3\cryptsvc.dll : 190,976 : 04/27/2015 08:17 PM : 0925e2beac4493c887099f850d69ba3b [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll : 136,192 : 11/21/2010 04:24 AM : a585bebf7d054bd9618eda0922d5484a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll : 140,288 : 05/10/2013 05:49 AM : 33adf6e0853ab39ea1723be82842c1d3 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll : 140,288 : 05/13/2013 05:45 AM : 3897dff247d9ed0006190349de264e14 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18741_none_77e37fb1f92c82b1\cryptsvc.dll : 143,872 : 02/03/2015 04:12 AM : 49474b3e37969af4b5c076f42b623aff [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18839_none_77f653d3f91d2e9f\cryptsvc.dll : 143,872 : 04/27/2015 08:04 PM : 33f67bbcc3c0499d3f3382473114cfa8 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll : 142,848 : 05/10/2013 06:06 AM : e122aa1c9a3cc46ff9ddde46e5eb0c58 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll : 142,848 : 05/11/2013 05:59 AM : ac04d05309bb2c418d0d80b9fb014642 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22948_none_787420691243d103\cryptsvc.dll : 145,920 : 02/03/2015 04:31 AM : b97e16d36db7b7dd22c97857506fa58a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.23040_none_786bf63b124b398d\cryptsvc.dll : 145,920 : 04/27/2015 07:55 PM : 59af628bef750ee470fd36751ca52137 [Pos Repl]
 
 * C:\Windows\System32\csrss.exe : 7,680 : 07/14/2009 02:39 AM : 60c2862b4bf0fd9f582ef344c2b1ec72 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe : 7,680 : 07/14/2009 02:39 AM : 60c2862b4bf0fd9f582ef344c2b1ec72 [Pos Repl]
 
 * C:\Windows\System32\ctfmon.exe : 9,728 : 07/14/2009 02:39 AM : 42b6a94dd747df2b5f628a2752e62a98 [NoSig]
 +-> C:\Windows\erdnt\cache64\ctfmon.exe : 9,728 : 07/14/2009 02:39 AM : 42b6a94dd747df2b5f628a2752e62a98 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\ctfmon.exe : 8,704 : 07/14/2009 02:14 AM : 4a3cdcef8ed41b221f3dbef5792fb52d [Pos Repl]
 +-> C:\Windows\SysWOW64\ctfmon.exe : 8,704 : 07/14/2009 02:14 AM : 4a3cdcef8ed41b221f3dbef5792fb52d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe : 9,728 : 07/14/2009 02:39 AM : 42b6a94dd747df2b5f628a2752e62a98 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe : 8,704 : 07/14/2009 02:14 AM : 4a3cdcef8ed41b221f3dbef5792fb52d [Pos Repl]
 
 * C:\Windows\System32\d3d8thk.dll : 12,288 : 07/14/2009 02:40 AM : 3044d07abdf4bbea27e2ee7b1e0c0c65 [NoSig]
 +-> C:\Windows\SysWOW64\d3d8thk.dll : 11,264 : 07/14/2009 02:15 AM : 77b1471a490b53b24efe136f09f76550 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_207372147765c03a\d3d8thk.dll : 12,288 : 07/14/2009 02:40 AM : 3044d07abdf4bbea27e2ee7b1e0c0c65 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_c454d690bf084f04\d3d8thk.dll : 11,264 : 07/14/2009 02:15 AM : 77b1471a490b53b24efe136f09f76550 [Pos Repl]
 
 * C:\Windows\System32\d3d9.dll : 2,067,456 : 11/21/2010 04:24 AM : 4c3daee652b005b483f16b8e9131c99d [NoSig]
 +-> C:\Windows\erdnt\cache86\d3d9.dll : 1,828,352 : 11/21/2010 04:24 AM : 6ef5f3f18413c367195f06e503ab86a6 [Pos Repl]
 +-> C:\Windows\SysWOW64\d3d9.dll : 1,828,352 : 11/21/2010 04:24 AM : 6ef5f3f18413c367195f06e503ab86a6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_207372147765c03a\d3d9.dll : 2,067,456 : 11/21/2010 04:24 AM : 4c3daee652b005b483f16b8e9131c99d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_c454d690bf084f04\d3d9.dll : 1,828,352 : 11/21/2010 04:24 AM : 6ef5f3f18413c367195f06e503ab86a6 [Pos Repl]
 
 * C:\Windows\System32\ddraw.dll : 569,344 : 07/14/2009 02:40 AM : a6c09924c6730de8deed9890a12aa691 [NoSig]
 +-> C:\Windows\erdnt\cache86\ddraw.dll : 531,968 : 07/14/2009 02:15 AM : 198552aefeca69d646867ec8d792de95 [Pos Repl]
 +-> C:\Windows\SysWOW64\ddraw.dll : 531,968 : 07/14/2009 02:15 AM : 198552aefeca69d646867ec8d792de95 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.1.7600.16385_none_60fa9493d9b24564\ddraw.dll : 569,344 : 07/14/2009 02:40 AM : a6c09924c6730de8deed9890a12aa691 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.1.7600.16385_none_04dbf9102154d42e\ddraw.dll : 531,968 : 07/14/2009 02:15 AM : 198552aefeca69d646867ec8d792de95 [Pos Repl]
 
 * C:\Windows\System32\dllhost.exe : 9,728 : 07/14/2009 02:39 AM : a8edb86fc2a4d6d1285e4c70384ac35a [NoSig]
 +-> C:\Windows\SysWOW64\dllhost.exe : 7,168 : 07/14/2009 02:14 AM : a63dc5c2ea944e6657203e0c8edeaf61 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_a018e05d0d33081d\dllhost.exe : 9,728 : 07/14/2009 02:39 AM : a8edb86fc2a4d6d1285e4c70384ac35a [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_43fa44d954d596e7\dllhost.exe : 7,168 : 07/14/2009 02:14 AM : a63dc5c2ea944e6657203e0c8edeaf61 [Pos Repl]
 
 * C:\Windows\System32\dnsapi.dll : 357,888 : 03/03/2011 07:24 AM : 492d07d79e7024ca310867b526d9636d [NoSig]
 +-> C:\Windows\SysWOW64\dnsapi.dll : 270,336 : 03/03/2011 06:38 AM : b40420876b9288e0a1c8cca8a84e5dc9 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsapi.dll : 357,888 : 11/21/2010 04:24 AM : a52b6cc24063cc83c78c0e6f24deec01 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsapi.dll : 357,888 : 03/03/2011 07:24 AM : 492d07d79e7024ca310867b526d9636d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll : 357,888 : 03/03/2011 07:12 AM : dcc0888655823103f19ef8ffd330080d [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4a5d2c9ecd59afa7\dnsapi.dll : 270,336 : 11/21/2010 04:24 AM : 59df156711a76bcb993253ec6c9bbf41 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_4a184beecd8df1f1\dnsapi.dll : 270,336 : 03/03/2011 06:38 AM : b40420876b9288e0a1c8cca8a84e5dc9 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll : 270,336 : 03/03/2011 06:12 AM : 1f79f611109c2b97260b68fd6b4fc7dd [Pos Repl]
 
 * C:\Windows\System32\dsound.dll : 540,672 : 07/14/2009 02:40 AM : 9110ffad124283f37d38771bb60556af [NoSig]
 +-> C:\Windows\erdnt\cache86\dsound.dll : 453,632 : 07/14/2009 02:15 AM : 0e85c11f8850d524b02181c6e02ba9ae [Pos Repl]
 +-> C:\Windows\SysWOW64\dsound.dll : 453,632 : 07/14/2009 02:15 AM : 0e85c11f8850d524b02181c6e02ba9ae [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-audio-dsound_31bf3856ad364e35_6.1.7600.16385_none_b490afff5b93e5a7\dsound.dll : 540,672 : 07/14/2009 02:40 AM : 9110ffad124283f37d38771bb60556af [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.1.7600.16385_none_5872147ba3367471\dsound.dll : 453,632 : 07/14/2009 02:15 AM : 0e85c11f8850d524b02181c6e02ba9ae [Pos Repl]
 
 * C:\Windows\System32\dwm.exe : 120,320 : 07/14/2009 02:39 AM : f162d5f5e845b9dc352dd1bad8cef1bc [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_ebc99983d3d18578\dwm.exe : 120,320 : 07/14/2009 02:39 AM : f162d5f5e845b9dc352dd1bad8cef1bc [Pos Repl]
 
 * C:\Windows\System32\es.dll : 402,944 : 07/14/2009 02:40 AM : 4166f82be4d24938977dd1746be9b8a0 [NoSig]
 +-> C:\Windows\erdnt\cache64\es.dll : 402,944 : 07/14/2009 02:40 AM : 4166f82be4d24938977dd1746be9b8a0 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\es.dll : 271,360 : 07/14/2009 02:15 AM : f6916efc29d9953d5d0df06882ae8e16 [Pos Repl]
 +-> C:\Windows\SysWOW64\es.dll : 271,360 : 07/14/2009 02:15 AM : f6916efc29d9953d5d0df06882ae8e16 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll : 402,944 : 07/14/2009 02:40 AM : 4166f82be4d24938977dd1746be9b8a0 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll : 271,360 : 07/14/2009 02:15 AM : f6916efc29d9953d5d0df06882ae8e16 [Pos Repl]
 
 * C:\Windows\System32\hid.dll : 30,208 : 07/14/2009 02:41 AM : 896f15a6434d93edb42519d5e18e6b50 [NoSig]
 +-> C:\Windows\SysWOW64\hid.dll : 22,016 : 07/14/2009 02:15 AM : 63df770df74acb370ef5a16727069aaf [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-hid-user_31bf3856ad364e35_6.1.7600.16385_none_32a13a14a11faede\hid.dll : 30,208 : 07/14/2009 02:41 AM : 896f15a6434d93edb42519d5e18e6b50 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-hid-user_31bf3856ad364e35_6.1.7600.16385_none_3cf5e466d58070d9\hid.dll : 22,016 : 07/14/2009 02:15 AM : 63df770df74acb370ef5a16727069aaf [Pos Repl]
 
 * C:\Windows\System32\hnetcfg.dll : 424,448 : 07/14/2009 02:41 AM : 3b367397320c26dba890b260f80d1b1b [NoSig]
 +-> C:\Windows\erdnt\cache64\hnetcfg.dll : 424,448 : 07/14/2009 02:41 AM : 3b367397320c26dba890b260f80d1b1b [Pos Repl]
 +-> C:\Windows\SysWOW64\hnetcfg.dll : 288,256 : 07/14/2009 02:15 AM : 6383c60ec0133b14f5705f96369421b2 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.1.7600.16385_none_0c2b375bae4a8d38\hnetcfg.dll : 424,448 : 07/14/2009 02:41 AM : 3b367397320c26dba890b260f80d1b1b [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.1.7600.16385_none_167fe1ade2ab4f33\hnetcfg.dll : 288,256 : 07/14/2009 02:15 AM : 6383c60ec0133b14f5705f96369421b2 [Pos Repl]
 
 * C:\Windows\System32\ias.dll : 26,624 : 07/14/2009 02:41 AM : 39415b10172c431f5ab87488d79e9dc4 [NoSig]
 +-> C:\Windows\erdnt\cache86\ias.dll : 19,456 : 07/14/2009 02:15 AM : a1e91b5b5273573fc132b683e550b5e6 [Pos Repl]
 +-> C:\Windows\SysWOW64\ias.dll : 19,456 : 07/14/2009 02:15 AM : a1e91b5b5273573fc132b683e550b5e6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.1.7601.17514_none_5726e0135925cd59\ias.dll : 26,624 : 07/14/2009 02:41 AM : 39415b10172c431f5ab87488d79e9dc4 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.1.7601.17514_none_fb08448fa0c85c23\ias.dll : 19,456 : 07/14/2009 02:15 AM : a1e91b5b5273573fc132b683e550b5e6 [Pos Repl]
 
 * C:\Windows\System32\imm32.dll : 167,424 : 07/14/2009 02:41 AM : aa2c08ce85653b1a0d2e4ab407fa176c [NoSig]
 +-> C:\Windows\erdnt\cache64\imm32.dll : 167,424 : 07/14/2009 02:41 AM : aa2c08ce85653b1a0d2e4ab407fa176c [Pos Repl]
 +-> C:\Windows\erdnt\cache86\imm32.dll : 119,808 : 11/21/2010 04:24 AM : a6f09e5669d9a19035f6d942caa15882 [Pos Repl]
 +-> C:\Windows\SysWOW64\imm32.dll : 119,808 : 11/21/2010 04:24 AM : a6f09e5669d9a19035f6d942caa15882 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_b84b0fbd941c03a9\imm32.dll : 167,424 : 07/14/2009 02:41 AM : aa2c08ce85653b1a0d2e4ab407fa176c [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7601.17514_none_c4d0cdd7c56b493e\imm32.dll : 119,808 : 11/21/2010 04:24 AM : a6f09e5669d9a19035f6d942caa15882 [Pos Repl]
 
 * C:\Windows\System32\ipsecsvc.dll : 501,248 : 11/21/2010 04:23 AM : 4f15d75adf6156bf56eced6d4a55c389 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-n..-domain-clients-svc_31bf3856ad364e35_6.1.7601.17514_none_a2347d4102a4c8ad\IPSECSVC.DLL : 501,248 : 11/21/2010 04:23 AM : 4f15d75adf6156bf56eced6d4a55c389 [Pos Repl]
 
 * C:\Windows\System32\kernel32.dll : 1,162,752 : 05/09/2015 04:26 AM : 6aa0dd89d7a90033fc3111cc83187c1d [NoSig]
 +-> C:\Windows\erdnt\cache64\kernel32.dll : 1,162,752 : 05/09/2015 04:26 AM : 6aa0dd89d7a90033fc3111cc83187c1d [Pos Repl]
 +-> C:\Windows\erdnt\cache86\kernel32.dll : 1,114,112 : 05/09/2015 04:12 AM : 84433e17027542d333861ab5615dca2d [Pos Repl]
 +-> C:\Windows\SysWOW64\kernel32.dll : 1,114,112 : 05/09/2015 04:12 AM : 84433e17027542d333861ab5615dca2d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll : 1,161,216 : 11/21/2010 04:24 AM : 7a6326d96d53048fdec542df23d875a0 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_f1e4cab46cea5424\kernel32.dll : 1,161,216 : 05/26/2014 04:45 PM : 65c113214f7b05820f6d8a65b1485196 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_f1f3a3606cde922b\kernel32.dll : 1,163,264 : 03/04/2014 10:44 AM : d2a513ee880d71bde7f0257f38b9d019 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18798_none_f191597c6d286bc2\kernel32.dll : 1,163,264 : 03/17/2015 06:16 AM : e75074efbe3c24fbc95c7c1985e08fde [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18847_none_f1c66ab46d00c3dd\kernel32.dll : 1,162,752 : 05/09/2015 04:26 AM : 6aa0dd89d7a90033fc3111cc83187c1d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_f22f888b8636ce42\kernel32.dll : 1,163,264 : 11/30/2012 06:52 AM : b3bea6420d482356e53b7c728e05c637 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22436_none_f259cda386173c9c\kernel32.dll : 1,162,240 : 05/26/2014 04:45 PM : 786d234a90fcac72633ae6fc52653a49 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_f24130b9862a22c7\kernel32.dll : 1,164,800 : 04/12/2014 03:32 AM : 77bbbf70bce286cd19e1e68f248363fa [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23002_none_f2761ddf8602a872\kernel32.dll : 1,164,800 : 03/17/2015 06:11 AM : 36f241a637a424a75c98926189115502 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23049_none_f251e035861cc997\kernel32.dll : 1,163,776 : 05/09/2015 07:05 AM : b4e1d3b522a9fd13581a1880a13e68e7 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_fc389502a14bd4ea\kernel32.dll : 837,632 : 11/21/2010 04:24 AM : e80758cf485db142fca1ee03a34ead05 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_fc397506a14b161f\kernel32.dll : 1,114,112 : 05/26/2014 04:45 PM : ac0b6f41882fc6ed186962d770ebf1d2 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_fc484db2a13f5426\kernel32.dll : 1,114,112 : 03/04/2014 10:16 AM : 76161b9d78a275f8f28dd67436013110 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18798_none_fbe603cea1892dbd\kernel32.dll : 1,114,112 : 03/17/2015 05:56 AM : 99de8badc0e85c9ab4a8301a3723ffea [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18847_none_fc1b1506a16185d8\kernel32.dll : 1,114,112 : 05/09/2015 04:12 AM : 84433e17027542d333861ab5615dca2d [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_fc8432ddba97903d\kernel32.dll : 1,114,112 : 11/30/2012 05:57 AM : 9cc2571e3646b9a24296ad7adcc71682 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22436_none_fcae77f5ba77fe97\kernel32.dll : 1,114,112 : 05/26/2014 04:45 PM : ee751cbd5d0c332fdf3df7187b612416 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_fc95db0bba8ae4c2\kernel32.dll : 1,114,112 : 04/12/2014 03:05 AM : c8c41ebee097feb29fb816854d3ad1e7 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23002_none_fccac831ba636a6d\kernel32.dll : 1,114,112 : 03/17/2015 05:44 AM : 9fba00aa15c45a2f1d26776193e543c1 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23049_none_fca68a87ba7d8b92\kernel32.dll : 1,114,112 : 05/09/2015 06:39 AM : fe8aa1f56e845c0a36c12d2f83243c4c [Pos Repl]
 
 * C:\Windows\System32\ksuser.dll : 5,120 : 07/14/2009 02:41 AM : 8560fffc8eb3a806dcd4f82252cfc8c6 [NoSig]
 +-> C:\Windows\erdnt\cache64\ksuser.dll : 5,120 : 07/14/2009 02:41 AM : 8560fffc8eb3a806dcd4f82252cfc8c6 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\ksuser.dll : 4,608 : 07/14/2009 02:15 AM : 9c67f6bbda3881cfd02095160cf91576 [Pos Repl]
 +-> C:\Windows\SysWOW64\ksuser.dll : 4,608 : 07/14/2009 02:15 AM : 9c67f6bbda3881cfd02095160cf91576 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7601.17514_none_4627a1cbadebced2\ksuser.dll : 5,120 : 07/14/2009 02:41 AM : 8560fffc8eb3a806dcd4f82252cfc8c6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7601.17514_none_ea090647f58e5d9c\ksuser.dll : 4,608 : 07/14/2009 02:15 AM : 9c67f6bbda3881cfd02095160cf91576 [Pos Repl]
 
 * C:\Windows\System32\linkinfo.dll : 29,696 : 07/14/2009 02:41 AM : a0a65d306a5490d2eb8e7de66898ecfd [NoSig]
 +-> C:\Windows\erdnt\cache64\linkinfo.dll : 29,696 : 07/14/2009 02:41 AM : a0a65d306a5490d2eb8e7de66898ecfd [Pos Repl]
 +-> C:\Windows\erdnt\cache86\linkinfo.dll : 22,016 : 07/14/2009 02:15 AM : 5987ea8a82c53359bcd2c29d6588583e [Pos Repl]
 +-> C:\Windows\SysWOW64\linkinfo.dll : 22,016 : 07/14/2009 02:15 AM : 5987ea8a82c53359bcd2c29d6588583e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_945a23c3bf051859\linkinfo.dll : 29,696 : 07/14/2009 02:41 AM : a0a65d306a5490d2eb8e7de66898ecfd [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_9eaece15f365da54\linkinfo.dll : 22,016 : 07/14/2009 02:15 AM : 5987ea8a82c53359bcd2c29d6588583e [Pos Repl]
 
 * C:\Windows\System32\lpk.dll : 41,984 : 07/15/2015 04:19 AM : d57c03d365bc71c7a30504644515f3f8 [NoSig]
 +-> C:\Windows\erdnt\cache64\lpk.dll : 41,984 : 07/15/2015 04:19 AM : d57c03d365bc71c7a30504644515f3f8 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\lpk.dll : 25,600 : 07/15/2015 03:54 AM : d80ecb18d64ae3c2a9d8220abebce40a [Pos Repl]
 +-> C:\Windows\SysWOW64\lpk.dll : 25,600 : 07/15/2015 03:54 AM : d80ecb18d64ae3c2a9d8220abebce40a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_07f91de77125e78d\lpk.dll : 41,984 : 07/14/2009 02:41 AM : d202223587518b13d72d68937b7e3f70 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18923_none_07ed3e81712ef864\lpk.dll : 41,984 : 07/15/2015 04:19 AM : d57c03d365bc71c7a30504644515f3f8 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23126_none_0879b44c8a4a1775\lpk.dll : 41,984 : 07/15/2015 04:20 AM : 7f55fe319ef06c1986b994a3e86c52b4 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_124dc839a586a988\lpk.dll : 25,600 : 07/14/2009 02:11 AM : 384721ef4024890092625e20cadfaf85 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18923_none_1241e8d3a58fba5f\lpk.dll : 25,600 : 07/15/2015 03:54 AM : d80ecb18d64ae3c2a9d8220abebce40a [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23126_none_12ce5e9ebeaad970\lpk.dll : 25,600 : 07/15/2015 03:58 AM : 20503eb76cae40d601abd38fc1b2cdcf [Pos Repl]
 
 * C:\Windows\System32\lsass.exe : 31,232 : 07/01/2015 09:47 PM : 97d879a884e7cdfed51ad63348a35254 [NoSig]
 +-> C:\Windows\erdnt\cache64\lsass.exe : 31,232 : 07/01/2015 09:47 PM : 97d879a884e7cdfed51ad63348a35254 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe : 31,232 : 07/14/2009 02:39 AM : 0793f40b9b8a1bdd266296409dbd91ea [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe : 31,232 : 11/17/2011 07:33 AM : c118a82cd78818c29ab228366ebf81c3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe : 31,232 : 11/17/2011 07:33 AM : c118a82cd78818c29ab228366ebf81c3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe : 31,232 : 04/12/2014 03:19 AM : 204f3f58212b3e422c90bd9691a2df28 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_0467aa1173712ab7\lsass.exe : 31,232 : 04/12/2014 03:19 AM : 204f3f58212b3e422c90bd9691a2df28 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18606_none_047d4bcf7360effc\lsass.exe : 31,232 : 09/19/2014 10:42 AM : 341655b216721d89cade9dea2f33872f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18637_none_045ddc5573785d26\lsass.exe : 31,232 : 04/12/2014 03:19 AM : 204f3f58212b3e422c90bd9691a2df28 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18741_none_044d0c937385de34\lsass.exe : 31,232 : 02/03/2015 04:30 AM : 7554a1b82b4a222fd4cc292abd38a558 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18798_none_041dfefd73a81b4a\lsass.exe : 31,232 : 03/17/2015 06:15 AM : ca4fc33fb22d92368a0b221092b46374 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18812_none_046e7e87736ca0df\lsass.exe : 31,232 : 04/04/2015 04:20 AM : 4c3fac816925f73a34ad52f1f7c0a7ea [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18912_none_046e806d736c9e06\lsass.exe : 31,232 : 07/01/2015 09:47 PM : 97d879a884e7cdfed51ad63348a35254 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe : 31,232 : 11/17/2011 07:20 AM : 0a10b74fbb437ff9a23f1d5de4446a83 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe : 31,232 : 08/24/2012 06:43 PM : 77119f1f9b492b260030c34f9be327fa [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe : 31,232 : 04/12/2014 03:31 AM : 6598ebc4d209318ebd81f76833ecbedb [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_0507eaca8c7da644\lsass.exe : 31,232 : 04/12/2014 03:31 AM : 6598ebc4d209318ebd81f76833ecbedb [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22814_none_04fa1a008c887630\lsass.exe : 31,232 : 09/19/2014 10:47 AM : b84317193b6a29f5f5dcf538c34fdced [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22843_none_04d8a9f28ca1b0ac\lsass.exe : 31,232 : 04/12/2014 03:31 AM : 6598ebc4d209318ebd81f76833ecbedb [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22948_none_04ddad4a8c9d2c86\lsass.exe : 31,232 : 02/03/2015 04:50 AM : cbb80cc43e683f929f8d5e50330f7ba6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23002_none_0502c3608c8257fa\lsass.exe : 31,232 : 03/17/2015 06:11 AM : dccdd65a4e68360e5cf57afc864c64e0 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23017_none_04fcf4e68c85f29e\lsass.exe : 31,232 : 04/04/2015 04:25 AM : bb9c1b746086558899935e3333cd4580 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23115_none_04faf6388c87bd17\lsass.exe : 31,232 : 07/01/2015 07:20 PM : 5f8423e7fda0eb902c6d156f6121e094 [Pos Repl]
 
 * C:\Windows\System32\lsm.exe : 343,040 : 11/21/2010 04:23 AM : 9662ee182644511439f1c53745dc1c88 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..localsessionmanager_31bf3856ad364e35_6.1.7601.17514_none_036ad230212a39ce\lsm.exe : 343,040 : 11/21/2010 04:23 AM : 9662ee182644511439f1c53745dc1c88 [Pos Repl]
 
 * C:\Windows\System32\midimap.dll : 20,480 : 07/14/2009 02:41 AM : ca2a0750ed830678997695ff61b04c30 [NoSig]
 +-> C:\Windows\erdnt\cache86\midimap.dll : 16,896 : 07/14/2009 02:15 AM : 5a12c364ad1d4fcc0ad0e56dbbc34462 [Pos Repl]
 +-> C:\Windows\SysWOW64\midimap.dll : 16,896 : 07/14/2009 02:15 AM : 5a12c364ad1d4fcc0ad0e56dbbc34462 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.1.7600.16385_none_e8f2b9ab2a40e84d\midimap.dll : 20,480 : 07/14/2009 02:41 AM : ca2a0750ed830678997695ff61b04c30 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.1.7600.16385_none_8cd41e2771e37717\midimap.dll : 16,896 : 07/14/2009 02:15 AM : 5a12c364ad1d4fcc0ad0e56dbbc34462 [Pos Repl]
 
 * C:\Windows\System32\mshtml.dll : 25,193,984 : 07/02/2015 09:49 PM : d74e2be157b8a2a9cf29bebb052b8a42 [NoSig]
 +-> C:\Windows\erdnt\cache64\mshtml.dll : 25,193,984 : 07/02/2015 09:49 PM : d74e2be157b8a2a9cf29bebb052b8a42 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\mshtml.dll : 19,877,376 : 07/02/2015 10:21 PM : 116f506573b59b85cd0dc18527e9951a [Pos Repl]
 +-> C:\Windows\SysWOW64\mshtml.dll : 19,877,376 : 07/02/2015 10:21 PM : 116f506573b59b85cd0dc18527e9951a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16521_none_f58ff536373f154c\mshtml.dll : 23,133,696 : 03/01/2014 07:05 AM : 4e0709d9bb951ad1c22e4ff519b90839 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17041_none_f5c8074c3714b96c\mshtml.dll : 23,549,440 : 05/26/2014 04:46 PM : 37d0fb9e5e8eda40b66fc3fb3d660261 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17107_none_f5b8ad88372109c7\mshtml.dll : 23,544,320 : 05/06/2014 05:40 AM : 797e2e5c309aff76990d5b7af457eaca [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17126_none_f5bac4e4371f22d4\mshtml.dll : 23,414,784 : 05/30/2014 11:21 AM : 56803b20d168c1b740d12ce0be4588f5 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17207_none_f5addd9c372925b8\mshtml.dll : 23,464,448 : 06/19/2014 02:39 AM : fec19c351ef1b2c998a85d1bfd765675 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17239_none_f5b0b0ea3726a4ff\mshtml.dll : 23,645,696 : 07/25/2014 03:52 PM : eca387dcd57f683c52171c766cf400f0 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17420_none_f59addd03736dce1\mshtml.dll : 25,110,016 : 11/06/2014 05:03 AM : bbd6a636aaa65d874f3863280cd8373d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17501_none_f58df6883740dfc5\mshtml.dll : 25,059,840 : 11/22/2014 04:13 AM : d478a4cf07fb8adf72fb16b88e8030b8 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17633_none_f585f9ea37467afd\mshtml.dll : 25,056,256 : 01/12/2015 04:09 AM : cd726c899bd9a398e8420564a957320b [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17691_none_f58c29363740dfc5\mshtml.dll : 25,021,440 : 02/21/2015 02:16 AM : 1193400d8e29a5a010135fb09a4eb1e8 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17728_none_f579b7cc374ffdbc\mshtml.dll : 24,980,480 : 03/13/2015 05:32 AM : dbc0c4554a8b2a81f68690d30f12c99e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17843_none_f5715a5c3755cc36\mshtml.dll : 24,917,504 : 05/27/2015 03:35 PM : a29bafc1543f9d2234afffea9bce76c8 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17914_none_f56372ca3760b5c3\mshtml.dll : 25,195,008 : 06/25/2015 04:40 AM : 6755794418fd4c81e3372c4622956b6c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17923_none_f56489dc375fb579\mshtml.dll : 25,193,984 : 07/02/2015 09:49 PM : d74e2be157b8a2a9cf29bebb052b8a42 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_8c235f42afcafdda\mshtml.dll : 8,988,160 : 11/21/2010 04:24 AM : 1c8b787baa52dead1a6fec1502d652f0 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16521_none_ffe49f886b9fd747\mshtml.dll : 17,074,688 : 03/01/2014 05:30 AM : 70462e0a4e293fc80620ab945d8a59bb [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17041_none_001cb19e6b757b67\mshtml.dll : 17,387,008 : 05/26/2014 04:46 PM : ea85144f35ede6ee25c484d4242ff2c8 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17107_none_000d57da6b81cbc2\mshtml.dll : 17,382,912 : 05/06/2014 04:25 AM : eb5347f6149d3ff25f4d609a21a3bd67 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17126_none_000f6f366b7fe4cf\mshtml.dll : 17,271,296 : 05/30/2014 10:18 AM : d5ecbb3bfdc73a59440d9ca79ab3a342 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17207_none_000287ee6b89e7b3\mshtml.dll : 17,276,416 : 06/19/2014 01:16 AM : dfa59840bb1220afd261fdae83543959 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17239_none_00055b3c6b8766fa\mshtml.dll : 17,524,224 : 07/25/2014 02:51 PM : 8453ddf167ce2986aa4ab04bc6824925 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17420_none_ffef88226b979edc\mshtml.dll : 19,781,632 : 11/06/2014 04:10 AM : 93074c4fa92a8399404d032f6af72c1b [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17501_none_ffe2a0da6ba1a1c0\mshtml.dll : 19,749,376 : 11/22/2014 03:22 AM : 220505b0b3e96c857dd01729af0cd369 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17633_none_ffdaa43c6ba73cf8\mshtml.dll : 19,740,160 : 01/12/2015 03:25 AM : 61c74d794c14e9fc94d93f5f0f72a3f9 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17691_none_ffe0d3886ba1a1c0\mshtml.dll : 19,720,192 : 02/21/2015 01:25 AM : 95cb6079b3e62d4301958023c2070a48 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17728_none_ffce621e6bb0bfb7\mshtml.dll : 19,695,616 : 03/13/2015 04:42 AM : 2f42037dd6f2831332653eb7f35d7e9a [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17843_none_ffc604ae6bb68e31\mshtml.dll : 19,607,040 : 05/27/2015 03:08 PM : 975421ac32f9f6e27a58f75dab4b5871 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17914_none_ffb81d1c6bc177be\mshtml.dll : 19,877,376 : 06/25/2015 04:10 AM : fa9dfdaf0d0ba0f2e5bf85c2aa557a6f [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17923_none_ffb9342e6bc07774\mshtml.dll : 19,877,376 : 07/02/2015 10:21 PM : 116f506573b59b85cd0dc18527e9951a [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_96780994e42bbfd5\mshtml.dll : 5,977,600 : 11/21/2010 04:25 AM : c50799f0d47dfb9774f721521b6c41d5 [Pos Repl]
 
 * C:\Windows\System32\msimg32.dll : 8,192 : 07/14/2009 02:41 AM : e424b3ef666b184cee0b6871aaa8c9f6 [NoSig]
 +-> C:\Windows\erdnt\cache64\msimg32.dll : 8,192 : 07/14/2009 02:41 AM : e424b3ef666b184cee0b6871aaa8c9f6 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\msimg32.dll : 4,608 : 07/14/2009 02:15 AM : 18ab2e5a40064ed5f7791ac5946a90f3 [Pos Repl]
 +-> C:\Windows\SysWOW64\msimg32.dll : 4,608 : 07/14/2009 02:15 AM : 18ab2e5a40064ed5f7791ac5946a90f3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-gdi-painting_31bf3856ad364e35_6.1.7600.16385_none_d360c9c235bd1868\msimg32.dll : 8,192 : 07/14/2009 02:41 AM : e424b3ef666b184cee0b6871aaa8c9f6 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.1.7600.16385_none_77422e3e7d5fa732\msimg32.dll : 4,608 : 07/14/2009 02:15 AM : 18ab2e5a40064ed5f7791ac5946a90f3 [Pos Repl]
 
 * C:\Windows\System32\msprivs.dll : 2,048 : 07/14/2009 02:29 AM : 02b64609f865a39365ff88580df11738 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-lsa-msprivs_31bf3856ad364e35_6.1.7600.16385_none_680de2b99516e12e\msprivs.dll : 2,048 : 07/14/2009 02:29 AM : 02b64609f865a39365ff88580df11738 [Pos Repl]
 
 * C:\Windows\System32\msvcrt.dll : 634,880 : 12/16/2011 09:46 AM : c391fc68282a000cdf953f8b6b55d2ef [NoSig]
 +-> C:\Windows\erdnt\cache64\msvcrt.dll : 634,880 : 12/16/2011 09:46 AM : c391fc68282a000cdf953f8b6b55d2ef [Pos Repl]
 +-> C:\Windows\erdnt\cache86\msvcrt.dll : 690,688 : 12/16/2011 08:52 AM : 9dc80a8aaaaac397bdab3c67165a824e [Pos Repl]
 +-> C:\Windows\SysWOW64\msvcrt.dll : 690,688 : 12/16/2011 08:52 AM : 9dc80a8aaaaac397bdab3c67165a824e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_2d4a27c7b8972454\msvcrt.dll : 634,880 : 07/14/2009 02:41 AM : 7319bb10fa1f86e49e3dcf4136f6c957 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_2f5acf97b59df60f\msvcrt.dll : 634,880 : 12/16/2011 09:46 AM : c391fc68282a000cdf953f8b6b55d2ef [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_2fc7fdc6ced04f08\msvcrt.dll : 634,880 : 12/16/2011 09:39 AM : f9a4c695c86cc32048fe2c987a0bd387 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_d12b8c440039b31e\msvcrt.dll : 690,688 : 07/14/2009 02:15 AM : e46d48a7fe961401f1cbf85531cdf05d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_d33c3413fd4084d9\msvcrt.dll : 690,688 : 12/16/2011 08:52 AM : 9dc80a8aaaaac397bdab3c67165a824e [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_d3a962431672ddd2\msvcrt.dll : 690,688 : 12/16/2011 09:58 AM : 2f740c4b458331357e825e94afb0953a [Pos Repl]
 
 * C:\Windows\System32\mswsock.dll : 327,168 : 05/26/2014 04:45 PM : 9a9f9f1a77d6a80ee28b57664f00013e [NoSig]
 +-> C:\Windows\erdnt\cache64\mswsock.dll : 327,168 : 05/26/2014 04:45 PM : 9a9f9f1a77d6a80ee28b57664f00013e [Pos Repl]
 +-> C:\Windows\erdnt\cache86\mswsock.dll : 231,424 : 05/26/2014 04:45 PM : e94c583cde2348950155f2af2876f34d [Pos Repl]
 +-> C:\Windows\SysWOW64\mswsock.dll : 231,424 : 05/26/2014 04:45 PM : e94c583cde2348950155f2af2876f34d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll : 326,144 : 11/21/2010 04:24 AM : 1d5185a4c7e6695431ae4b55c3d7d333 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_164e004b440bdabf\mswsock.dll : 327,168 : 05/26/2014 04:45 PM : 9a9f9f1a77d6a80ee28b57664f00013e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_16e26ee85d215bbf\mswsock.dll : 327,168 : 05/26/2014 04:45 PM : bddb1fd258b92dee00f222d3304b5d9c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll : 232,448 : 11/21/2010 04:24 AM : 8999b8631c7fd9f7f9ec3cafd953ba24 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_ba2f64c78bae6989\mswsock.dll : 231,424 : 05/26/2014 04:45 PM : e94c583cde2348950155f2af2876f34d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_bac3d364a4c3ea89\mswsock.dll : 231,424 : 05/26/2014 04:45 PM : 6547d445c4b69dc0083b619ac642df04 [Pos Repl]
 
 * C:\Windows\System32\netlogon.dll : 695,808 : 11/21/2010 04:24 AM : aa339dd8bb128ef66660dfbbb59043d3 [NoSig]
 +-> C:\Windows\erdnt\cache64\netlogon.dll : 695,808 : 11/21/2010 04:24 AM : aa339dd8bb128ef66660dfbbb59043d3 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\netlogon.dll : 563,712 : 11/21/2010 04:24 AM : c1809b9907adedaf16f50c894100883b [Pos Repl]
 +-> C:\Windows\SysWOW64\netlogon.dll : 563,712 : 11/21/2010 04:24 AM : c1809b9907adedaf16f50c894100883b [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll : 695,808 : 11/21/2010 04:24 AM : aa339dd8bb128ef66660dfbbb59043d3 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll : 563,712 : 11/21/2010 04:24 AM : c1809b9907adedaf16f50c894100883b [Pos Repl]
 
 * C:\Windows\System32\netman.dll : 360,448 : 07/14/2009 02:41 AM : 847d3ae376c0817161a14a82c8922a9e [NoSig]
 +-> C:\Windows\erdnt\cache64\netman.dll : 360,448 : 07/14/2009 02:41 AM : 847d3ae376c0817161a14a82c8922a9e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll : 360,448 : 07/14/2009 02:41 AM : 847d3ae376c0817161a14a82c8922a9e [Pos Repl]
 
 * C:\Windows\System32\ole32.dll : 2,087,424 : 07/04/2015 07:07 PM : e3eb94b45a2735d4559558b5899732e8 [NoSig]
 +-> C:\Windows\erdnt\cache64\ole32.dll : 2,087,424 : 07/04/2015 07:07 PM : e3eb94b45a2735d4559558b5899732e8 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\ole32.dll : 1,414,656 : 07/04/2015 06:48 PM : 4548507ed3c17db4739dbbeaf6378004 [Pos Repl]
 +-> C:\Windows\SysWOW64\ole32.dll : 1,414,656 : 07/04/2015 06:48 PM : 4548507ed3c17db4739dbbeaf6378004 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_0a43accb08f0eac5\ole32.dll : 2,086,912 : 11/21/2010 04:23 AM : 6c60b5aca7442efb794082cdacfc001c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.18915_none_0a449de508f01259\ole32.dll : 2,087,424 : 07/04/2015 07:07 PM : e3eb94b45a2735d4559558b5899732e8 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.23118_none_0ad113b0220b316a\ole32.dll : 2,086,912 : 07/04/2015 07:14 PM : c0eacfb89f9f32705f5576d49cc32e9b [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_ae2511475093798f\ole32.dll : 1,414,144 : 11/21/2010 04:24 AM : 928cf7268086631f54c3d8e17238c6dd [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.18915_none_ae2602615092a123\ole32.dll : 1,414,656 : 07/04/2015 06:48 PM : 4548507ed3c17db4739dbbeaf6378004 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.23118_none_aeb2782c69adc034\ole32.dll : 1,414,656 : 07/04/2015 06:48 PM : 1327be7f332b0695c0158d6dde9551a9 [Pos Repl]
 
 * C:\Windows\System32\perfctrs.dll : 44,544 : 07/14/2009 02:41 AM : 8056a3e51b569c3f437a5026a0abe66d [NoSig]
 +-> C:\Windows\erdnt\cache86\perfctrs.dll : 39,424 : 07/14/2009 02:16 AM : edd2ad141debd425d74a52a4d7be6ac4 [Pos Repl]
 +-> C:\Windows\SysWOW64\perfctrs.dll : 39,424 : 07/14/2009 02:16 AM : edd2ad141debd425d74a52a4d7be6ac4 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.1.7600.16385_none_8d682f6a76cad93f\perfctrs.dll : 44,544 : 07/14/2009 02:41 AM : 8056a3e51b569c3f437a5026a0abe66d [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.1.7600.16385_none_97bcd9bcab2b9b3a\perfctrs.dll : 39,424 : 07/14/2009 02:16 AM : edd2ad141debd425d74a52a4d7be6ac4 [Pos Repl]
 
 * C:\Windows\System32\powrprof.dll : 167,424 : 07/14/2009 02:41 AM : 716175021bda290504ce434273f666bc [NoSig]
 +-> C:\Windows\erdnt\cache64\powrprof.dll : 167,424 : 07/14/2009 02:41 AM : 716175021bda290504ce434273f666bc [Pos Repl]
 +-> C:\Windows\erdnt\cache86\powrprof.dll : 145,408 : 07/14/2009 02:16 AM : 08dfdbd2fd4ea951dc46b1c7661ed35a [Pos Repl]
 +-> C:\Windows\SysWOW64\powrprof.dll : 145,408 : 07/14/2009 02:16 AM : 08dfdbd2fd4ea951dc46b1c7661ed35a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_ff0e900816896618\powrprof.dll : 167,424 : 07/14/2009 02:41 AM : 716175021bda290504ce434273f666bc [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_a2eff4845e2bf4e2\powrprof.dll : 145,408 : 07/14/2009 02:16 AM : 08dfdbd2fd4ea951dc46b1c7661ed35a [Pos Repl]
 
 * C:\Windows\System32\psbase.dll : 52,224 : 07/14/2009 02:41 AM : ab95fbae4f9a5a56b177cec427b2b35e [NoSig]
 +-> C:\Windows\SysWOW64\psbase.dll : 50,688 : 07/14/2009 02:16 AM : 274992d0945889a6b56d0e1bd4288a6e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-s..ty-protectedstorage_31bf3856ad364e35_6.1.7600.16385_none_a43e06414a0fcb4b\psbase.dll : 52,224 : 07/14/2009 02:41 AM : ab95fbae4f9a5a56b177cec427b2b35e [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-s..ty-protectedstorage_31bf3856ad364e35_6.1.7600.16385_none_ae92b0937e708d46\psbase.dll : 50,688 : 07/14/2009 02:16 AM : 274992d0945889a6b56d0e1bd4288a6e [Pos Repl]
 
 * C:\Windows\System32\pstorsvc.dll : 36,352 : 07/14/2009 02:41 AM : 35ba5aa671887fe8a62b88a9a6229fd5 [NoSig]
 +-> C:\Windows\SysWOW64\pstorsvc.dll : 23,552 : 07/14/2009 02:16 AM : 0a3ccb2c4f603d99f34d742fc9544b97 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-s..ty-protectedstorage_31bf3856ad364e35_6.1.7600.16385_none_a43e06414a0fcb4b\pstorsvc.dll : 36,352 : 07/14/2009 02:41 AM : 35ba5aa671887fe8a62b88a9a6229fd5 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-s..ty-protectedstorage_31bf3856ad364e35_6.1.7600.16385_none_ae92b0937e708d46\pstorsvc.dll : 23,552 : 07/14/2009 02:16 AM : 0a3ccb2c4f603d99f34d742fc9544b97 [Pos Repl]
 
 * C:\Windows\System32\qmgr.dll : 849,920 : 11/21/2010 04:23 AM : 1ea7969e3271cbc59e1730697dc74682 [NoSig]
 +-> C:\Windows\erdnt\cache64\qmgr.dll : 849,920 : 11/21/2010 04:23 AM : 1ea7969e3271cbc59e1730697dc74682 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll : 849,920 : 11/21/2010 04:23 AM : 1ea7969e3271cbc59e1730697dc74682 [Pos Repl]
 
 * C:\Windows\System32\rasadhlp.dll : 16,384 : 07/14/2009 02:41 AM : 88351b29b622b30962d2feb6ca8d860b [NoSig]
 +-> C:\Windows\erdnt\cache86\rasadhlp.dll : 11,776 : 07/14/2009 02:16 AM : ed6ee83d61ebc683c2cd8e899ea6febe [Pos Repl]
 +-> C:\Windows\SysWOW64\rasadhlp.dll : 11,776 : 07/14/2009 02:16 AM : ed6ee83d61ebc683c2cd8e899ea6febe [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasadhlp.dll : 16,384 : 07/14/2009 02:41 AM : 88351b29b622b30962d2feb6ca8d860b [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_76239aafb364e805\rasadhlp.dll : 11,776 : 07/14/2009 02:16 AM : ed6ee83d61ebc683c2cd8e899ea6febe [Pos Repl]
 
 * C:\Windows\System32\regsvc.dll : 159,232 : 07/14/2009 02:41 AM : e4d94f24081440b5fc5aa556c7c62702 [NoSig]
 +-> C:\Windows\erdnt\cache64\regsvc.dll : 159,232 : 07/14/2009 02:41 AM : e4d94f24081440b5fc5aa556c7c62702 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.1.7600.16385_none_e55af7609d2857a8\regsvc.dll : 159,232 : 07/14/2009 02:41 AM : e4d94f24081440b5fc5aa556c7c62702 [Pos Repl]
 
 * C:\Windows\System32\rpcss.dll : 512,000 : 11/21/2010 04:24 AM : 5c627d1b1138676c0a7ab2c2c190d123 [NoSig]
 +-> C:\Windows\erdnt\cache64\rpcss.dll : 512,000 : 11/21/2010 04:24 AM : 5c627d1b1138676c0a7ab2c2c190d123 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll : 512,000 : 11/21/2010 04:24 AM : 5c627d1b1138676c0a7ab2c2c190d123 [Pos Repl]
 
 * C:\Windows\System32\scecli.dll : 232,960 : 11/21/2010 04:24 AM : ed78427259134c63ed69804d2132b86c [NoSig]
 +-> C:\Windows\erdnt\cache64\scecli.dll : 232,960 : 11/21/2010 04:24 AM : ed78427259134c63ed69804d2132b86c [Pos Repl]
 +-> C:\Windows\erdnt\cache86\scecli.dll : 175,616 : 11/21/2010 04:23 AM : 8124944ec89d6a1815e4e53f5b96aaf4 [Pos Repl]
 +-> C:\Windows\SysWOW64\scecli.dll : 175,616 : 11/21/2010 04:23 AM : 8124944ec89d6a1815e4e53f5b96aaf4 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll : 232,960 : 11/21/2010 04:24 AM : ed78427259134c63ed69804d2132b86c [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll : 175,616 : 11/21/2010 04:23 AM : 8124944ec89d6a1815e4e53f5b96aaf4 [Pos Repl]
 
 * C:\Windows\System32\schannel.dll : 342,016 : 07/01/2015 09:49 PM : 9ea6da45b95599c27b1661c1d99307d7 [NoSig]
 +-> C:\Windows\SysWOW64\schannel.dll : 248,832 : 07/01/2015 09:30 PM : 98226182583df1715f1be6ccea6e8d95 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17514_none_803c507d6be26102\schannel.dll : 340,992 : 11/21/2010 04:24 AM : a199de544bf5c61c134b22c7592226fc [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17725_none_803284a76be99098\schannel.dll : 340,992 : 11/17/2011 07:35 AM : fbd1d2169aceee3073861f8ca3a28c49 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17940_none_8017e7296bfe4415\schannel.dll : 340,992 : 08/24/2012 07:05 PM : b7d42cb36c08fa017e73ff2433cd7287 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.18409_none_804c092d6bd5e03e\schannel.dll : 340,992 : 03/04/2014 10:44 AM : 481f70241d4ea038bb02590a30f15a23 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.18489_none_7ff589cd6c16bfc6\schannel.dll : 340,992 : 05/30/2014 09:08 AM : e8e98b3b7a6e1250f4aa7af8fa17d5bb [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.18606_none_80490c1b6bd88e87\schannel.dll : 342,016 : 09/19/2014 10:42 AM : a71b81ac2c14aba013ccf1225d9e3e36 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.18741_none_8018ccdf6bfd7cbf\schannel.dll : 341,504 : 02/03/2015 04:31 AM : 7d483fe15799c3a0a676a97ef1bfa5dc [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.18798_none_7fe9bf496c1fb9d5\schannel.dll : 341,504 : 03/17/2015 06:16 AM : 5ea8a53a243ed52da1f705d000854b2a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.18843_none_801acf596bfbac94\schannel.dll : 342,016 : 05/05/2015 02:29 AM : 8ad8d17425c75d2621b2cdfe0deabd21 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.18912_none_803a40b96be43c91\schannel.dll : 342,016 : 07/01/2015 09:49 PM : 9ea6da45b95599c27b1661c1d99307d7 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.21861_none_808ce09a852b3aca\schannel.dll : 340,992 : 11/17/2011 07:26 AM : ed848d806f639ce611b3bedc6c958140 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22099_none_80744d2e853c89be\schannel.dll : 340,992 : 08/24/2012 06:47 PM : ecedbcd983f193ea8178836094f80c54 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22616_none_80c7d71484fe4d1b\schannel.dll : 340,992 : 03/04/2014 12:08 AM : 6b5f46014ead4e77d87815cc8b5aaba9 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22807_none_80d3ab1684f544cf\schannel.dll : 341,504 : 07/07/2014 03:06 AM : 5eb5654f3153f1c606323ef31c8c52a6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22814_none_80c5da4c850014bb\schannel.dll : 341,504 : 09/19/2014 10:48 AM : ec0f72e63a48291e0f6ceb4320b901d6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22843_none_80a46a3e85194f37\schannel.dll : 341,504 : 10/14/2014 03:16 AM : 365406bd88682252672a687200ecfd11 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22865_none_8090cafa8527b9c7\schannel.dll : 341,504 : 10/14/2014 03:16 AM : 365406bd88682252672a687200ecfd11 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22948_none_80a96d968514cb11\schannel.dll : 341,504 : 02/03/2015 04:51 AM : f4731e851c2a635368e1219b2733cb45 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.23002_none_80ce83ac84f9f685\schannel.dll : 341,504 : 03/17/2015 06:11 AM : 00f4fcd90332a8f82900f964229753bf [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.23045_none_80a644da8517b24e\schannel.dll : 342,528 : 05/05/2015 04:43 AM : 16c331f388a8fd75c964ee29f9d72d1f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.23115_none_80c6b68484ff5ba2\schannel.dll : 342,016 : 07/01/2015 07:20 PM : ea97428a88f59d0398467a36c7f5c63f [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17514_none_8a90facfa04322fd\schannel.dll : 224,256 : 11/21/2010 04:24 AM : 135f7ac9be35ab1df727faf2e60e92f8 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17725_none_8a872ef9a04a5293\schannel.dll : 224,768 : 11/17/2011 06:34 AM : 1affb765af1fdcc0c185c38e9ddddaee [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17940_none_8a6c917ba05f0610\schannel.dll : 247,808 : 08/24/2012 05:57 PM : af78f66116814fdd6677cebd73035cdd [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.18409_none_8aa0b37fa036a239\schannel.dll : 247,808 : 03/04/2014 10:17 AM : 828185688fdaae6c7959b884abed1766 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.18489_none_8a4a341fa07781c1\schannel.dll : 247,808 : 05/30/2014 08:52 AM : f95e1e9d97d25c11f29ca34c843a6f4d [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.18606_none_8a9db66da0395082\schannel.dll : 248,832 : 09/19/2014 10:23 AM : 8cfaefcd7f1e004950fcae870a501b3e [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.18741_none_8a6d7731a05e3eba\schannel.dll : 248,832 : 02/03/2015 04:12 AM : 77949ecd7d87bc4a181c9b5e3d019d4f [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.18798_none_8a3e699ba0807bd0\schannel.dll : 248,832 : 03/17/2015 05:57 AM : bc09159aff6639db2cb28058731199f0 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.18843_none_8a6f79aba05c6e8f\schannel.dll : 248,832 : 05/05/2015 02:12 AM : 2665a3d34d1c62df303723422215b001 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.18912_none_8a8eeb0ba044fe8c\schannel.dll : 248,832 : 07/01/2015 09:30 PM : 98226182583df1715f1be6ccea6e8d95 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.21861_none_8ae18aecb98bfcc5\schannel.dll : 224,768 : 11/17/2011 06:29 AM : 3dbcbd8adb406c43a2127544d7ba974e [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22099_none_8ac8f780b99d4bb9\schannel.dll : 247,808 : 08/24/2012 05:58 PM : abf890af1b55146f7dfe7a937f503b0a [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22616_none_8b1c8166b95f0f16\schannel.dll : 247,808 : 03/04/2014 11:39 AM : 2ca65ec66d4ea3c6e8bad9f2115aaa64 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22807_none_8b285568b95606ca\schannel.dll : 247,808 : 07/07/2014 02:40 AM : c2597cc43e9f3f54f87526045e5d616a [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22814_none_8b1a849eb960d6b6\schannel.dll : 248,832 : 09/19/2014 10:29 AM : f07fc786d166ab6c6c7e217c82ad4a78 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22843_none_8af91490b97a1132\schannel.dll : 248,832 : 10/14/2014 02:50 AM : 51499f7d51aa8ee15d94e397796a8da2 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22865_none_8ae5754cb9887bc2\schannel.dll : 248,832 : 10/14/2014 02:50 AM : 51499f7d51aa8ee15d94e397796a8da2 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22948_none_8afe17e8b9758d0c\schannel.dll : 248,832 : 02/03/2015 04:32 AM : 86ceda9380e183b19c76adc62e380301 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.23002_none_8b232dfeb95ab880\schannel.dll : 248,832 : 03/17/2015 05:45 AM : 7cc414a44d15221a14f7e8ec7994c2f9 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.23045_none_8afaef2cb9787449\schannel.dll : 248,832 : 05/05/2015 04:27 AM : 81e49397682c109eb2b0a9fe7838d89c [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.23115_none_8b1b60d6b9601d9d\schannel.dll : 248,832 : 07/01/2015 06:52 PM : 2a6acff1df12d136e55a3578380778e7 [Pos Repl]
 
 * C:\Windows\System32\schedsvc.dll : 1,110,016 : 11/21/2010 04:24 AM : 262f6592c3299c005fd6bec90fc4463a [NoSig]
 +-> C:\Windows\erdnt\cache64\schedsvc.dll : 1,110,016 : 11/21/2010 04:24 AM : 262f6592c3299c005fd6bec90fc4463a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7601.17514_none_8d272400ada202f9\schedsvc.dll : 1,110,016 : 11/21/2010 04:24 AM : 262f6592c3299c005fd6bec90fc4463a [Pos Repl]
 
 * C:\Windows\System32\services.exe : 328,704 : 04/13/2015 04:28 AM : 71c85477df9347fe8e7bc55768473fca [NoSig]
 +-> C:\Windows\erdnt\cache64\services.exe : 328,704 : 04/13/2015 04:28 AM : 71c85477df9347fe8e7bc55768473fca [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe : 328,704 : 07/14/2009 02:39 AM : 24acb7e5be595468e3b9aa488b9b4fcb [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe : 328,704 : 04/13/2015 04:28 AM : 71c85477df9347fe8e7bc55768473fca [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe : 328,704 : 04/11/2015 05:31 AM : 43dcec23557c32f7702c8d5bc729738f [Pos Repl]
 
 * C:\Windows\System32\setupapi.dll : 1,900,544 : 11/21/2010 04:24 AM : 5d8e6c95156ed1f79a63d1eade6f9ed5 [NoSig]
 +-> C:\Windows\SysWOW64\setupapi.dll : 1,667,584 : 11/21/2010 04:23 AM : 10fb16b50affda6d44588f3c445dc273 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-setupapi_31bf3856ad364e35_6.1.7601.17514_none_931b5f1fdcdd6496\setupapi.dll : 1,900,544 : 11/21/2010 04:24 AM : 5d8e6c95156ed1f79a63d1eade6f9ed5 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-setupapi_31bf3856ad364e35_6.1.7601.17514_none_9d700972113e2691\setupapi.dll : 1,667,584 : 11/21/2010 04:23 AM : 10fb16b50affda6d44588f3c445dc273 [Pos Repl]
 
 * C:\Windows\System32\sfc.dll : 3,072 : 07/14/2009 02:33 AM : c6dcd1d11ed6827f05c00773c3e7053c [NoSig]
 +-> C:\Windows\erdnt\cache64\sfc.dll : 3,072 : 07/14/2009 02:33 AM : c6dcd1d11ed6827f05c00773c3e7053c [Pos Repl]
 +-> C:\Windows\erdnt\cache86\sfc.dll : 2,560 : 07/14/2009 02:10 AM : 40caeee0eaf1b8569f7c8df6420f2cb9 [Pos Repl]
 +-> C:\Windows\SysWOW64\sfc.dll : 2,560 : 07/14/2009 02:10 AM : 40caeee0eaf1b8569f7c8df6420f2cb9 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_032ab4f375e2ac1f\sfc.dll : 3,072 : 07/14/2009 02:33 AM : c6dcd1d11ed6827f05c00773c3e7053c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_a70c196fbd853ae9\sfc.dll : 2,560 : 07/14/2009 02:10 AM : 40caeee0eaf1b8569f7c8df6420f2cb9 [Pos Repl]
 
 * C:\Windows\System32\shsvcs.dll : 370,688 : 11/21/2010 04:23 AM : aaf932b4011d14052955d4b212a4da8d [NoSig]
 +-> C:\Windows\erdnt\cache64\shsvcs.dll : 370,688 : 11/21/2010 04:23 AM : aaf932b4011d14052955d4b212a4da8d [Pos Repl]
 +-> C:\Windows\erdnt\cache86\shsvcs.dll : 328,192 : 11/21/2010 04:24 AM : 414da952a35bf5d50192e28263b40577 [Pos Repl]
 +-> C:\Windows\SysWOW64\shsvcs.dll : 328,192 : 11/21/2010 04:24 AM : 414da952a35bf5d50192e28263b40577 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7601.17514_none_2b566299338d2123\shsvcs.dll : 370,688 : 11/21/2010 04:23 AM : aaf932b4011d14052955d4b212a4da8d [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7601.17514_none_35ab0ceb67ede31e\shsvcs.dll : 328,192 : 11/21/2010 04:24 AM : 414da952a35bf5d50192e28263b40577 [Pos Repl]
 
 * C:\Windows\System32\smss.exe : 112,640 : 03/17/2015 06:16 AM : 0b6514a14631e41de4d6d40d1c80be68 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe : 112,640 : 07/14/2009 02:39 AM : 1911a3356fa3f77ccc825ccbac038c2a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe : 112,640 : 05/26/2014 04:45 PM : f0371de302ffff8f086661611be60848 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe : 112,640 : 08/02/2013 01:59 AM : f0970a4bc8395659c22bf53d0fadf16f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18741_none_0a3d29ce2fec45b8\smss.exe : 112,640 : 02/03/2015 04:30 AM : 63d3c30b497347495b8ea78a38188969 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18798_none_0a0e1c38300e82ce\smss.exe : 112,640 : 03/17/2015 06:16 AM : 0b6514a14631e41de4d6d40d1c80be68 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe : 112,640 : 05/26/2014 04:45 PM : b2b31d4c79efd883097fa24d02e79c12 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe : 112,640 : 04/12/2014 03:31 AM : 3442a918386d4716d74c661543151746 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22948_none_0acdca854903940a\smss.exe : 112,640 : 02/03/2015 04:50 AM : 8cd5a97b8d155718d357b2d9bc6b113d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23002_none_0af2e09b48e8bf7e\smss.exe : 112,640 : 03/17/2015 06:11 AM : 206a6b71ac09d9f7651f0a8b015676c7 [Pos Repl]
 
 * C:\Windows\System32\spoolsv.exe : 559,104 : 02/11/2012 07:36 AM : 85daa09a98c9286d4ea2ba8d0e644377 [NoSig]
 +-> C:\Windows\erdnt\cache64\spoolsv.exe : 559,104 : 02/11/2012 07:36 AM : 85daa09a98c9286d4ea2ba8d0e644377 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe : 559,104 : 11/21/2010 04:24 AM : b96c17b5dc1424d56eea3a99e97428cd [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe : 559,104 : 02/11/2012 07:36 AM : 85daa09a98c9286d4ea2ba8d0e644377 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe : 559,616 : 02/11/2012 07:20 AM : b9d7a4858cf32a6a15d2763f1de47e0e [Pos Repl]
 
 * C:\Windows\System32\ssdpsrv.dll : 193,024 : 07/14/2009 02:41 AM : 51b52fbd583cde8aa9ba62b8b4298f33 [NoSig]
 +-> C:\Windows\erdnt\cache64\ssdpsrv.dll : 193,024 : 07/14/2009 02:41 AM : 51b52fbd583cde8aa9ba62b8b4298f33 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.1.7600.16385_none_dbbe6492eae9505c\ssdpsrv.dll : 193,024 : 07/14/2009 02:41 AM : 51b52fbd583cde8aa9ba62b8b4298f33 [Pos Repl]
 
 * C:\Windows\System32\svchost.exe : 27,136 : 07/14/2009 02:39 AM : c78655bc80301d76ed4fef1c1ea40a7d [NoSig]
 +-> C:\Windows\erdnt\cache64\svchost.exe : 27,136 : 07/14/2009 02:39 AM : c78655bc80301d76ed4fef1c1ea40a7d [Pos Repl]
 +-> C:\Windows\erdnt\cache86\svchost.exe : 20,992 : 07/14/2009 02:14 AM : 54a47f6b5e09a77e61649109c6a08866 [Pos Repl]
 +-> C:\Windows\SysWOW64\svchost.exe : 20,992 : 07/14/2009 02:14 AM : 54a47f6b5e09a77e61649109c6a08866 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe : 27,136 : 07/14/2009 02:39 AM : c78655bc80301d76ed4fef1c1ea40a7d [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe : 20,992 : 07/14/2009 02:14 AM : 54a47f6b5e09a77e61649109c6a08866 [Pos Repl]
 
 * C:\Windows\System32\tapisrv.dll : 316,928 : 11/21/2010 04:24 AM : 40f0849f65d13ee87b9a9ae3c1dd6823 [NoSig]
 +-> C:\Windows\erdnt\cache64\tapisrv.dll : 316,928 : 11/21/2010 04:24 AM : 40f0849f65d13ee87b9a9ae3c1dd6823 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\tapisrv.dll : 242,176 : 11/21/2010 04:24 AM : 613bf4820361543956909043a265c6ac [Pos Repl]
 +-> C:\Windows\SysWOW64\tapisrv.dll : 242,176 : 11/21/2010 04:24 AM : 613bf4820361543956909043a265c6ac [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7601.17514_none_4162de4afb9222c0\tapisrv.dll : 316,928 : 11/21/2010 04:24 AM : 40f0849f65d13ee87b9a9ae3c1dd6823 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7601.17514_none_e54442c74334b18a\tapisrv.dll : 242,176 : 11/21/2010 04:24 AM : 613bf4820361543956909043a265c6ac [Pos Repl]
 
 * C:\Windows\System32\taskeng.exe : 464,384 : 11/21/2010 04:24 AM : 65ea57712340c09b1b0c427b4848ae05 [NoSig]
 +-> C:\Windows\SysWOW64\taskeng.exe : 192,000 : 11/21/2010 04:23 AM : 4f2659160afcca990305816946f69407 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_43d2529dd579f798\taskeng.exe : 464,384 : 11/21/2010 04:24 AM : 65ea57712340c09b1b0c427b4848ae05 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe : 192,000 : 11/21/2010 04:23 AM : 4f2659160afcca990305816946f69407 [Pos Repl]
 
 * C:\Windows\System32\taskhost.exe : 68,608 : 11/23/2012 04:13 AM : 639774c9acd063f028f6084abf5593ad [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_8664adc870f5633a\taskhost.exe : 69,120 : 11/21/2010 04:24 AM : 517110bd83835338c037269e603db55d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.18010_none_86608c5a70f925bc\taskhost.exe : 68,608 : 11/23/2012 04:13 AM : 639774c9acd063f028f6084abf5593ad [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.22172_none_86ab4a318a459fda\taskhost.exe : 69,120 : 11/23/2012 06:50 AM : c671f1b7d4242a5ec7af2d548f072671 [Pos Repl]
 
 * C:\Windows\System32\termsrv.dll : 683,520 : 10/14/2014 03:13 AM : 008cd4ebfabcf78d0f19b3778492648c [NoSig]
 +-> C:\Windows\erdnt\cache64\termsrv.dll : 683,520 : 10/14/2014 03:13 AM : 008cd4ebfabcf78d0f19b3778492648c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll : 680,960 : 11/21/2010 04:24 AM : 2e648163254233755035b46dd7b89123 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.18540_none_eca0bf836affa9bb\termsrv.dll : 681,984 : 07/17/2014 03:07 AM : 4fc4c50985e5b840f4d72e57286887b8 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.18637_none_ecb2935b6af13c52\termsrv.dll : 683,520 : 10/14/2014 03:13 AM : 008cd4ebfabcf78d0f19b3778492648c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.22750_none_ed1f8e488425629d\termsrv.dll : 686,080 : 07/16/2014 04:23 AM : f4d7114060c034134a440846f411bb7f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.22843_none_ed2d60f8841a8fd8\termsrv.dll : 686,592 : 10/14/2014 03:16 AM : 6a5b600ad0041e9af564de73b716f3d2 [Pos Repl]
 
 * C:\Windows\System32\upnphost.dll : 353,792 : 07/14/2009 02:41 AM : d47ec6a8e81633dd18d2436b19baf6de [NoSig]
 +-> C:\Windows\erdnt\cache86\upnphost.dll : 266,752 : 07/14/2009 02:16 AM : 833fbb672460efce8011d262175fad33 [Pos Repl]
 +-> C:\Windows\SysWOW64\upnphost.dll : 266,752 : 07/14/2009 02:16 AM : 833fbb672460efce8011d262175fad33 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.1.7600.16385_none_1ddd261c4e350476\upnphost.dll : 353,792 : 07/14/2009 02:41 AM : d47ec6a8e81633dd18d2436b19baf6de [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.1.7600.16385_none_2831d06e8295c671\upnphost.dll : 266,752 : 07/14/2009 02:16 AM : 833fbb672460efce8011d262175fad33 [Pos Repl]
 
 * C:\Windows\System32\user32.dll : 1,008,640 : 10/03/2016 01:22 PM : 06bf84d26a05d400f6b3fb3d3de0b03a [NoSig]
 +-> C:\Windows\erdnt\cache64\user32.dll : 1,008,640 : 10/03/2016 01:22 PM : 06bf84d26a05d400f6b3fb3d3de0b03a [Pos Repl]
 +-> C:\Windows\erdnt\cache86\user32.dll : 833,024 : 10/03/2016 01:22 PM : 0a78439765e31510d75c9e2284f3a722 [Pos Repl]
 +-> C:\Windows\SysWOW64\user32.dll : 833,024 : 10/03/2016 01:22 PM : 0a78439765e31510d75c9e2284f3a722 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll : 1,008,128 : 11/21/2010 04:24 AM : fe70103391a64039a921dbfff9c7ab1b [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.19061_none_2b252a2884278aa2\user32.dll : 1,008,640 : 10/03/2016 01:22 PM : 06bf84d26a05d400f6b3fb3d3de0b03a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.23265_none_2bb2ca019d418cef\user32.dll : 1,009,152 : 10/03/2016 01:22 PM : e42cb2576d5c8456c60988b1c908f41a [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll : 833,024 : 11/21/2010 04:24 AM : 5e0db2d8b2750543cd2ebb9ea8e6cdd3 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.19061_none_3579d47ab8884c9d\user32.dll : 833,024 : 10/03/2016 01:22 PM : 0a78439765e31510d75c9e2284f3a722 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.23265_none_36077453d1a24eea\user32.dll : 833,024 : 10/03/2016 01:22 PM : d0a3a0dbf77ee35ce97e55de92014e05 [Pos Repl]
 
 * C:\Windows\System32\userinit.exe : 30,720 : 11/21/2010 04:24 AM : bafe84e637bf7388c96ef48d4d3fdd53 [NoSig]
 +-> C:\Windows\erdnt\cache64\userinit.exe : 30,720 : 11/21/2010 04:24 AM : bafe84e637bf7388c96ef48d4d3fdd53 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\userinit.exe : 26,624 : 11/21/2010 04:23 AM : 61ac3efdfacfdd3f0f11dd4fd4044223 [Pos Repl]
 +-> C:\Windows\SysWOW64\userinit.exe : 26,624 : 11/21/2010 04:23 AM : 61ac3efdfacfdd3f0f11dd4fd4044223 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe : 30,720 : 11/21/2010 04:24 AM : bafe84e637bf7388c96ef48d4d3fdd53 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe : 26,624 : 11/21/2010 04:23 AM : 61ac3efdfacfdd3f0f11dd4fd4044223 [Pos Repl]
 
 * C:\Windows\System32\usp10.dll : 801,280 : 04/25/2014 03:34 AM : 088cf6afcd5cdd44e40c0acde3c1a5e0 [NoSig]
 +-> C:\Windows\erdnt\cache64\usp10.dll : 801,280 : 04/25/2014 03:34 AM : 088cf6afcd5cdd44e40c0acde3c1a5e0 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\usp10.dll : 626,688 : 04/25/2014 03:06 AM : a5f833506bf6a1b5d693e1499dee2444 [Pos Repl]
 +-> C:\Windows\SysWOW64\usp10.dll : 626,688 : 04/25/2014 03:06 AM : a5f833506bf6a1b5d693e1499dee2444 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_0b207e7d6f1bea6f\usp10.dll : 800,256 : 11/21/2010 04:24 AM : 2f8b1e3ee3545d3b5a8d56fa1ae07b65 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18454_none_0af5261f6f3c76ad\usp10.dll : 801,280 : 04/25/2014 03:34 AM : 088cf6afcd5cdd44e40c0acde3c1a5e0 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22666_none_0b75f5788860623d\usp10.dll : 801,792 : 04/25/2014 03:27 AM : bb2b03c6b6778a9b2866a049cc600d55 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_af01e2f9b6be7939\usp10.dll : 626,176 : 11/21/2010 04:24 AM : 804aaafebb3ad5f49334dd906bcb1de5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18454_none_aed68a9bb6df0577\usp10.dll : 626,688 : 04/25/2014 03:06 AM : a5f833506bf6a1b5d693e1499dee2444 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22666_none_af5759f4d002f107\usp10.dll : 626,688 : 04/25/2014 02:58 AM : 5a7b3405c2aae5369f6cb42fe248fbb0 [Pos Repl]
 
 * C:\Windows\System32\UxTheme.dll : 332,288 : 07/14/2009 02:41 AM : d29e998e8277666982b4f0303bf4e7af [NoSig]
 +-> C:\Windows\SysWOW64\uxtheme.dll : 245,760 : 07/14/2009 02:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_01d98c7b2040a1b9\uxtheme.dll : 332,288 : 07/14/2009 02:41 AM : d29e998e8277666982b4f0303bf4e7af [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_0c2e36cd54a163b4\uxtheme.dll : 245,760 : 07/14/2009 02:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]
 
 * C:\Windows\System32\version.dll : 29,184 : 07/14/2009 02:41 AM : 94e026870a55aaeaff7853c1754091e9 [NoSig]
 +-> C:\Windows\erdnt\cache86\version.dll : 21,504 : 07/14/2009 02:16 AM : 702254574e7e52052de39408457b7149 [Pos Repl]
 +-> C:\Windows\SysWOW64\version.dll : 21,504 : 07/14/2009 02:16 AM : 702254574e7e52052de39408457b7149 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-version_31bf3856ad364e35_6.1.7600.16385_none_70f340d66a96c29b\version.dll : 29,184 : 07/14/2009 02:41 AM : 94e026870a55aaeaff7853c1754091e9 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.1.7600.16385_none_14d4a552b2395165\version.dll : 21,504 : 07/14/2009 02:16 AM : 702254574e7e52052de39408457b7149 [Pos Repl]
 
 * C:\Windows\System32\w32time.dll : 381,952 : 07/14/2009 02:41 AM : 1c9d80cc3849b3788048078c26486e1a [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-time-service_31bf3856ad364e35_6.1.7600.16385_none_e49c555686fbabd6\w32time.dll : 381,952 : 07/14/2009 02:41 AM : 1c9d80cc3849b3788048078c26486e1a [Pos Repl]
 
 * C:\Windows\System32\wbem\wmiprvse.exe : 372,736 : 11/21/2010 04:24 AM : 619a67c9f617b7e69315bb28ecd5e1df [NoSig]
 +-> C:\Windows\SysWOW64\wbem\WmiPrvSE.exe : 257,536 : 11/21/2010 04:24 AM : 4fb491ac8d46aaf22ba8bc5c73dabef7 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.1.7601.17514_none_6e88c3faa2049408\WmiPrvSE.exe : 372,736 : 11/21/2010 04:24 AM : 619a67c9f617b7e69315bb28ecd5e1df [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.1.7601.17514_none_78dd6e4cd6655603\WmiPrvSE.exe : 257,536 : 11/21/2010 04:24 AM : 4fb491ac8d46aaf22ba8bc5c73dabef7 [Pos Repl]
 
 * C:\Windows\System32\wdigest.dll : 210,944 : 07/01/2015 09:49 PM : 09730d830b2b69b626817f4a95945308 [NoSig]
 +-> C:\Windows\SysWOW64\wdigest.dll : 172,032 : 07/01/2015 09:30 PM : 6ae6e08938d5ba9d8ba305506620b48d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7600.16385_none_96c23cbe96661a70\wdigest.dll : 210,432 : 07/14/2009 02:41 AM : 95fb6ca4374e343ddd653fcc43f9d26b [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.18409_none_9903093693481d46\wdigest.dll : 210,944 : 03/04/2014 10:44 AM : 26af184300c0868d854d5a3092234e24 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.18489_none_98ac89d69388fcce\wdigest.dll : 210,944 : 05/30/2014 09:08 AM : bfc98590eab40c785d6134b1fa818a62 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.18606_none_99000c24934acb8f\wdigest.dll : 210,944 : 09/19/2014 10:42 AM : 55f0cf40479a1fc89cfa578909a540f2 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.18741_none_98cfcce8936fb9c7\wdigest.dll : 210,944 : 02/03/2015 04:31 AM : 1fcdcf88da3e83a7ff4bc7078a305210 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.18798_none_98a0bf529391f6dd\wdigest.dll : 210,944 : 03/17/2015 06:16 AM : 7220246418a40d3bf7470058a2db939a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.18812_none_98f13edc93567c72\wdigest.dll : 210,944 : 04/04/2015 04:22 AM : c6430870504e2d73ead55a863d6fb310 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.18912_none_98f140c293567999\wdigest.dll : 210,944 : 07/01/2015 09:49 PM : 09730d830b2b69b626817f4a95945308 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.22616_none_997ed71dac708a23\wdigest.dll : 210,944 : 03/04/2014 12:08 AM : 8416bdbdca85f783b56631d3d5ba0829 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.22807_none_998aab1fac6781d7\wdigest.dll : 210,944 : 03/04/2014 12:08 AM : 8416bdbdca85f783b56631d3d5ba0829 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.22814_none_997cda55ac7251c3\wdigest.dll : 210,944 : 09/19/2014 10:48 AM : 4f9e08a6da15029f9216abd3ca59201e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.22843_none_995b6a47ac8b8c3f\wdigest.dll : 210,944 : 03/04/2014 12:08 AM : 8416bdbdca85f783b56631d3d5ba0829 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.22865_none_9947cb03ac99f6cf\wdigest.dll : 210,944 : 03/04/2014 12:08 AM : 8416bdbdca85f783b56631d3d5ba0829 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.22948_none_99606d9fac870819\wdigest.dll : 210,944 : 02/03/2015 04:51 AM : 57d2bc9c2402367d83eeaf5ba564de33 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.23002_none_998583b5ac6c338d\wdigest.dll : 210,944 : 03/17/2015 06:11 AM : 6deec85dc8bec1229e3b7fadf1c549d2 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.23017_none_997fb53bac6fce31\wdigest.dll : 210,944 : 04/04/2015 04:26 AM : 858003a38b3393b61b103b1db3c43738 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.23115_none_997db68dac7198aa\wdigest.dll : 210,944 : 07/01/2015 07:21 PM : bbae23b46dae85911eca7ac5019969be [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7600.16385_none_a116e710cac6dc6b\wdigest.dll : 171,520 : 07/14/2009 02:16 AM : 0450cf487ecd8a67b56f59f9a96d024d [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.18409_none_a357b388c7a8df41\wdigest.dll : 172,032 : 03/04/2014 10:17 AM : 3a1abe045a3e30799576e83a2d012b43 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.18489_none_a3013428c7e9bec9\wdigest.dll : 172,032 : 05/30/2014 08:52 AM : c71cc796f0e2e9bd542c87532706fcfe [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.18606_none_a354b676c7ab8d8a\wdigest.dll : 172,032 : 09/19/2014 10:23 AM : 37bc079204bf9b087d6de6b728908b4b [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.18741_none_a324773ac7d07bc2\wdigest.dll : 172,032 : 02/03/2015 04:12 AM : 49376c9720930363acf92799c6878bff [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.18798_none_a2f569a4c7f2b8d8\wdigest.dll : 172,032 : 03/17/2015 05:57 AM : 655c88135254c78e6fb66b6c2f6ac5da [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.18812_none_a345e92ec7b73e6d\wdigest.dll : 172,032 : 04/04/2015 04:05 AM : 6954b10c2cf2d99e3f138fb9bdf32547 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.18912_none_a345eb14c7b73b94\wdigest.dll : 172,032 : 07/01/2015 09:30 PM : 6ae6e08938d5ba9d8ba305506620b48d [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.22616_none_a3d3816fe0d14c1e\wdigest.dll : 172,032 : 03/04/2014 11:39 AM : 2d934b2b5ca353d353a8166c0125d122 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.22807_none_a3df5571e0c843d2\wdigest.dll : 172,032 : 03/04/2014 11:39 AM : 2d934b2b5ca353d353a8166c0125d122 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.22814_none_a3d184a7e0d313be\wdigest.dll : 172,032 : 09/19/2014 10:29 AM : 3d46ee1128a16acc8df8ac9e44939c0d [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.22843_none_a3b01499e0ec4e3a\wdigest.dll : 172,032 : 03/04/2014 11:39 AM : 2d934b2b5ca353d353a8166c0125d122 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.22865_none_a39c7555e0fab8ca\wdigest.dll : 172,032 : 03/04/2014 11:39 AM : 2d934b2b5ca353d353a8166c0125d122 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.22948_none_a3b517f1e0e7ca14\wdigest.dll : 172,032 : 02/03/2015 04:32 AM : ac863cc3ed0fe6faad8cc1a5f4a9507b [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.23002_none_a3da2e07e0ccf588\wdigest.dll : 172,032 : 03/17/2015 05:45 AM : 94956fceb403a6a5d32f22fbcf4a45a9 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.23017_none_a3d45f8de0d0902c\wdigest.dll : 172,032 : 04/04/2015 04:11 AM : d8620bb81e6b8d0f861a59705cd902d6 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7601.23115_none_a3d260dfe0d25aa5\wdigest.dll : 172,032 : 07/01/2015 06:52 PM : ef7087780f9dc32f9f6c554bd1257900 [Pos Repl]
 
 * C:\Windows\System32\wiaservc.dll : 580,096 : 11/21/2010 04:24 AM : 8dd52e8e6128f4b2da92ce27402871c1 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.1.7601.17514_none_90ba4080c9f2e648\wiaservc.dll : 580,096 : 11/21/2010 04:24 AM : 8dd52e8e6128f4b2da92ce27402871c1 [Pos Repl]
 
 * C:\Windows\System32\wininet.dll : 2,427,392 : 06/20/2015 07:26 PM : e066fdc3a2074d926903b8c31ef3b347 [NoSig]
 +-> C:\Windows\erdnt\cache64\wininet.dll : 2,427,392 : 06/20/2015 07:26 PM : e066fdc3a2074d926903b8c31ef3b347 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\wininet.dll : 1,951,232 : 06/19/2015 06:15 PM : 63b01f72fd727d5736dbef54174d8f93 [Pos Repl]
 +-> C:\Windows\SysWOW64\wininet.dll : 1,951,232 : 06/19/2015 06:15 PM : 63b01f72fd727d5736dbef54174d8f93 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16521_none_e435d617b6e8ac16\wininet.dll : 2,334,208 : 03/01/2014 04:10 AM : df79ce9b950c62677d232154e93a81c7 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17041_none_e46de82db6be5036\wininet.dll : 2,260,480 : 05/26/2014 04:46 PM : f220ba78ab542c70211d73ae4729b2cd [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17126_none_e460a5c5b6c8b99e\wininet.dll : 2,266,112 : 05/30/2014 08:56 AM : 40bfd9d6ec8e174145f012246ca73ccd [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17207_none_e453be7db6d2bc82\wininet.dll : 2,266,112 : 06/18/2014 11:58 PM : 2ee102df0edd8a1edd3d1e9b99a91bec [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17239_none_e45691cbb6d03bc9\wininet.dll : 2,266,624 : 07/25/2014 11:52 AM : 8e71a5cb5312b8392d4da4ca37bb5868 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17420_none_e440beb1b6e073ab\wininet.dll : 2,365,440 : 11/06/2014 03:17 AM : 6fc2819a4f80aab2dadedfc1efee3c3f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17501_none_e433d769b6ea768f\wininet.dll : 2,358,272 : 11/22/2014 02:28 AM : 4af089160fe082e5ea5c4aa72782dca2 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17633_none_e42bdacbb6f011c7\wininet.dll : 2,358,272 : 01/12/2015 02:27 AM : 9dfe41a69df70aab75cb5ba8c1109ea2 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17691_none_e4320a17b6ea768f\wininet.dll : 2,358,784 : 02/20/2015 02:28 AM : 36f99bd8a0f09bdbb7850a138845a014 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17728_none_e41f98adb6f99486\wininet.dll : 2,358,784 : 03/13/2015 03:45 AM : 77b35d0fc22a2d2eac8d07c3f9784dbf [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17843_none_e4173b3db6ff6300\wininet.dll : 2,426,880 : 05/22/2015 06:50 PM : 417f80e4afba1aa9ebbd618f1c6d9165 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17914_none_e40953abb70a4c8d\wininet.dll : 2,427,392 : 06/20/2015 07:26 PM : e066fdc3a2074d926903b8c31ef3b347 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_7ac940242f7494a4\wininet.dll : 1,188,864 : 11/21/2010 04:23 AM : f6c5302e1f4813d552f41a0ac82455e5 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16521_none_88173a93fe8b3ae0\wininet.dll : 1,820,160 : 03/01/2014 03:32 AM : aafeab4fc9d70253f8c7e353e879e8a2 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17041_none_884f4ca9fe60df00\wininet.dll : 1,789,440 : 05/26/2014 04:46 PM : e4e829ee073e046b0eb19b5fecb19b8c [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17126_none_88420a41fe6b4868\wininet.dll : 1,790,976 : 05/30/2014 08:21 AM : 771cdbc3d62437d6db070820bb1edccf [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17207_none_883522f9fe754b4c\wininet.dll : 1,791,488 : 06/18/2014 11:13 PM : ccc198257901beea2fbf8eb1e7678356 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17239_none_8837f647fe72ca93\wininet.dll : 1,792,512 : 07/25/2014 11:05 AM : b945baa81b4805ad6bddf4d026dcfb47 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17420_none_8822232dfe830275\wininet.dll : 1,892,864 : 11/06/2014 02:52 AM : 6dd7d61a8ef3dfec4faefeb395e77424 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17501_none_88153be5fe8d0559\wininet.dll : 1,888,256 : 11/22/2014 02:00 AM : 5e4e0e43e0a5bf9f089696dfa7a3d677 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17633_none_880d3f47fe92a091\wininet.dll : 1,888,256 : 01/12/2015 02:00 AM : f285d499ec42969d963ca49eada63218 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17691_none_88136e93fe8d0559\wininet.dll : 1,888,256 : 02/20/2015 02:01 AM : ea6ea6912f27f05c61d8d747517eb47e [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17728_none_8800fd29fe9c2350\wininet.dll : 1,888,256 : 03/13/2015 03:20 AM : c46904f2e9e121a91dddabb48d7648c3 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17843_none_87f89fb9fea1f1ca\wininet.dll : 1,950,720 : 05/23/2015 03:20 AM : e4eb138060bae0dbab1a3b71a3141fe7 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17914_none_87eab827feacdb57\wininet.dll : 1,951,232 : 06/19/2015 06:15 PM : 63b01f72fd727d5736dbef54174d8f93 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll : 980,992 : 11/21/2010 04:24 AM : 44214c94911c7cfb1d52cb64d5e8368d [Pos Repl]
 
 * C:\Windows\System32\wininit.exe : 129,024 : 07/14/2009 02:39 AM : 94355c28c1970635a31b3fe52eb7ceba [NoSig]
 +-> C:\Windows\erdnt\cache64\wininit.exe : 129,024 : 07/14/2009 02:39 AM : 94355c28c1970635a31b3fe52eb7ceba [Pos Repl]
 +-> C:\Windows\erdnt\cache86\wininit.exe : 96,256 : 07/14/2009 02:14 AM : b5c5dcad3899512020d135600129d665 [Pos Repl]
 +-> C:\Windows\SysWOW64\wininit.exe : 96,256 : 07/14/2009 02:14 AM : b5c5dcad3899512020d135600129d665 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe : 129,024 : 07/14/2009 02:39 AM : 94355c28c1970635a31b3fe52eb7ceba [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe : 96,256 : 07/14/2009 02:14 AM : b5c5dcad3899512020d135600129d665 [Pos Repl]
 
 * C:\Windows\System32\winlogon.exe : 455,168 : 07/17/2014 03:07 AM : 8cebd9d0a0a879cde9f36f4383b7caea [NoSig]
 +-> C:\Windows\erdnt\cache64\winlogon.exe : 455,168 : 07/17/2014 03:07 AM : 8cebd9d0a0a879cde9f36f4383b7caea [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe : 390,656 : 11/21/2010 04:24 AM : 1151b1baa6f350b1db6598e0fea7c457 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe : 455,168 : 03/04/2014 10:43 AM : 88ab9b72b4bf3963a0de0820b4b0b06c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe : 455,168 : 07/17/2014 03:07 AM : 8cebd9d0a0a879cde9f36f4383b7caea [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe : 455,680 : 03/04/2014 12:08 AM : 6ce2ae073bd21c542fc2c707cae944cc [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe : 455,680 : 07/16/2014 04:23 AM : 98aa0bfee089c7e5dadb94190d93456c [Pos Repl]
 
 * C:\Windows\System32\ws2_32.dll : 297,984 : 11/21/2010 04:24 AM : 4bbfa57f594f7e8a8edc8f377184c3f0 [NoSig]
 +-> C:\Windows\erdnt\cache64\ws2_32.dll : 297,984 : 11/21/2010 04:24 AM : 4bbfa57f594f7e8a8edc8f377184c3f0 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\ws2_32.dll : 206,848 : 11/21/2010 04:23 AM : 7ff15a4f092cd4a96055ba69f903e3e9 [Pos Repl]
 +-> C:\Windows\SysWOW64\ws2_32.dll : 206,848 : 11/21/2010 04:23 AM : 7ff15a4f092cd4a96055ba69f903e3e9 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll : 297,984 : 11/21/2010 04:24 AM : 4bbfa57f594f7e8a8edc8f377184c3f0 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll : 206,848 : 11/21/2010 04:23 AM : 7ff15a4f092cd4a96055ba69f903e3e9 [Pos Repl]
 
 * C:\Windows\System32\ws2help.dll : 4,608 : 07/14/2009 02:34 AM : 8396c6c26aaddfe4590ccef0f419b6b7 [NoSig]
 +-> C:\Windows\erdnt\cache64\ws2help.dll : 4,608 : 07/14/2009 02:34 AM : 8396c6c26aaddfe4590ccef0f419b6b7 [Pos Repl]
 +-> C:\Windows\erdnt\cache86\ws2help.dll : 4,608 : 07/14/2009 02:11 AM : 808aabdf9337312195caff76d1804786 [Pos Repl]
 +-> C:\Windows\SysWOW64\ws2help.dll : 4,608 : 07/14/2009 02:11 AM : 808aabdf9337312195caff76d1804786 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\ws2help.dll : 4,608 : 07/14/2009 02:34 AM : 8396c6c26aaddfe4590ccef0f419b6b7 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\ws2help.dll : 4,608 : 07/14/2009 02:11 AM : 808aabdf9337312195caff76d1804786 [Pos Repl]
 
 * C:\Windows\System32\wuauclt.exe : 139,776 : 07/09/2015 06:58 PM : 3f9239d5f65f1318a53ebaec01c092f1 [NoSig]
 +-> C:\Windows\erdnt\cache64\wuauclt.exe : 139,776 : 07/09/2015 06:58 PM : 3f9239d5f65f1318a53ebaec01c092f1 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.5.7601.17514_none_1f3413afc64d10c5\wuauclt.exe : 51,200 : 11/21/2010 04:24 AM : 7fbfaa84fe176d9ae932abc585ab68d5 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.320_none_d5f64d30518fd000\wuauclt.exe : 58,336 : 05/14/2014 05:23 PM : ead9e413a6ceb9fd8e2ad9dc0716c061 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7601.18804_none_e76d9fca65105f0b\wuauclt.exe : 135,168 : 03/25/2015 04:23 AM : aea602b4036cf95522818e911654f52e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7601.18917_none_e765d2a26515c428\wuauclt.exe : 139,776 : 07/09/2015 06:58 PM : 3f9239d5f65f1318a53ebaec01c092f1 [Pos Repl]
 
 * C:\Windows\explorer.exe : 2,871,808 : 02/25/2011 07:19 AM : 332feab1435662fc6c672e25beb37be3 [NoSig]
 +-> C:\Windows\erdnt\cache86\explorer.exe : 2,871,808 : 02/25/2011 07:19 AM : 332feab1435662fc6c672e25beb37be3 [Pos Repl]
 +-> C:\Windows\SysWOW64\explorer.exe : 2,616,320 : 02/25/2011 06:30 AM : 8b88ebbb05a0e56b7dcc708498c02b3e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe : 2,872,320 : 11/21/2010 04:24 AM : ac4c51eb24aa95b77f705ab159189e24 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe : 2,871,808 : 02/25/2011 07:19 AM : 332feab1435662fc6c672e25beb37be3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe : 2,871,808 : 02/26/2011 07:14 AM : 3b69712041f3d63605529bd66dc00c48 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe : 2,616,320 : 11/21/2010 04:24 AM : 40d777b7a95e00593eb1568c68514493 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe : 2,616,320 : 02/25/2011 06:30 AM : 8b88ebbb05a0e56b7dcc708498c02b3e [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe : 2,616,320 : 02/26/2011 06:19 AM : 0fb9c74046656d1579a64660ad67b746 [Pos Repl]
 
 * C:\Windows\System32\drivers\afd.sys : 497,152 : 05/30/2014 07:45 AM : fa886682cfc5d36718d3e436aacf10b9 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys : 499,712 : 11/21/2010 04:24 AM : d31dc7a16dea4a9baf179f3d6fbdb38c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18264_none_35d81beb75355772\afd.sys : 497,152 : 05/26/2014 04:45 PM : 314c17917ac8523ec77a710215012a65 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18489_none_35c7815175410855\afd.sys : 497,152 : 05/30/2014 07:45 AM : fa886682cfc5d36718d3e436aacf10b9 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22457_none_366f8b668e482477\afd.sys : 496,128 : 05/26/2014 04:45 PM : 26ef7e0df4edcd898eb7a671529410b8 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22705_none_36a3a0208e215d89\afd.sys : 496,640 : 05/30/2014 07:41 AM : bdf76c3ce993ffb6214287272708364f [Pos Repl]
 
 * C:\Windows\System32\drivers\asyncmac.sys : 23,040 : 07/14/2009 01:10 AM : 769765ce2cc62867468cea93969b2242 [NoSig]
 +-> C:\Windows\erdnt\cache64\asyncmac.sys : 23,040 : 07/14/2009 01:10 AM : 769765ce2cc62867468cea93969b2242 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_804cc08a4e8a4516\asyncmac.sys : 23,040 : 07/14/2009 01:10 AM : 769765ce2cc62867468cea93969b2242 [Pos Repl]
 
 * C:\Windows\System32\drivers\beep.sys : 6,656 : 07/14/2009 01:00 AM : 16a47ce2decc9b099349a5f840654746 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys : 6,656 : 07/14/2009 01:00 AM : 16a47ce2decc9b099349a5f840654746 [Pos Repl]
 
 * C:\Windows\System32\drivers\bridge.sys : 95,232 : 07/14/2009 02:01 AM : 5c2f352a4e961d72518261257aae204b [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-networkbridge_31bf3856ad364e35_6.1.7600.16385_none_63dee2821fc69fce\bridge.sys : 95,232 : 07/14/2009 02:01 AM : 5c2f352a4e961d72518261257aae204b [Pos Repl]
 
 * C:\Windows\System32\drivers\cdfs.sys : 92,160 : 07/14/2009 00:19 AM : b8bd2bb284668c84865658c77574381a [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-cdfs_31bf3856ad364e35_6.1.7600.16385_none_025c84b636a4ef6d\cdfs.sys : 92,160 : 07/14/2009 00:19 AM : b8bd2bb284668c84865658c77574381a [Pos Repl]
 
 * C:\Windows\System32\drivers\cdrom.sys : 147,456 : 11/21/2010 04:23 AM : f036ce71586e93d94dab220d7bdf4416 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys : 147,456 : 11/21/2010 04:23 AM : f036ce71586e93d94dab220d7bdf4416 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys : 147,456 : 11/21/2010 04:23 AM : f036ce71586e93d94dab220d7bdf4416 [Pos Repl]
 
 * C:\Windows\System32\drivers\CmBatt.sys : 17,664 : 07/14/2009 00:31 AM : 0840155d0bddf1190f84a663c284bd33 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\battery.inf_amd64_neutral_cb8fa151a7b7cb80\CmBatt.sys : 17,664 : 07/14/2009 00:31 AM : 0840155d0bddf1190f84a663c284bd33 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_battery.inf_31bf3856ad364e35_6.1.7600.16385_none_721c84936d812c57\CmBatt.sys : 17,664 : 07/14/2009 00:31 AM : 0840155d0bddf1190f84a663c284bd33 [Pos Repl]
 
 * C:\Windows\System32\drivers\drmkaud.sys : 5,632 : 07/14/2009 01:06 AM : 9b19f34400d24df84c858a421c205754 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_amd64_neutral_3386f4c08ca19351\drmkaud.sys : 5,632 : 07/14/2009 01:06 AM : 9b19f34400d24df84c858a421c205754 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_amd64_neutral_423894ded0ba8fdf\drmkaud.sys : 5,632 : 07/14/2009 01:06 AM : 9b19f34400d24df84c858a421c205754 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_wdmaudio.inf_31bf3856ad364e35_6.1.7600.16385_none_bc5c4aba33d6af68\drmkaud.sys : 5,632 : 07/14/2009 01:06 AM : 9b19f34400d24df84c858a421c205754 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_wdmaudio.inf_31bf3856ad364e35_6.1.7601.18276_none_be4e631430f42f82\drmkaud.sys : 5,632 : 07/14/2009 01:06 AM : 9b19f34400d24df84c858a421c205754 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_wdmaudio.inf_31bf3856ad364e35_6.1.7601.22472_none_bed4009d4a156717\drmkaud.sys : 5,632 : 07/14/2009 01:06 AM : 9b19f34400d24df84c858a421c205754 [Pos Repl]
 
 * C:\Windows\System32\drivers\drmk.sys : 116,736 : 10/04/2013 03:16 AM : e0d3cd5841e5c7be7b94ba946af1e498 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_amd64_neutral_3386f4c08ca19351\drmk.sys : 116,736 : 10/04/2013 03:16 AM : e0d3cd5841e5c7be7b94ba946af1e498 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_amd64_neutral_423894ded0ba8fdf\drmk.sys : 116,224 : 07/14/2009 02:01 AM : 21d26064aedb4988f785bb4a3a2c051e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_wdmaudio.inf_31bf3856ad364e35_6.1.7600.16385_none_bc5c4aba33d6af68\drmk.sys : 116,224 : 07/14/2009 02:01 AM : 21d26064aedb4988f785bb4a3a2c051e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_wdmaudio.inf_31bf3856ad364e35_6.1.7601.18276_none_be4e631430f42f82\drmk.sys : 116,736 : 10/04/2013 03:16 AM : e0d3cd5841e5c7be7b94ba946af1e498 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_wdmaudio.inf_31bf3856ad364e35_6.1.7601.22472_none_bed4009d4a156717\drmk.sys : 116,736 : 10/04/2013 03:17 AM : 5c5d9ab48169b2681533c97a1df13994 [Pos Repl]
 
 * C:\Windows\System32\drivers\dxapi.sys : 16,896 : 07/14/2009 00:38 AM : bf24d6f2ed97fe830bfd52b246f98e67 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-useros_31bf3856ad364e35_6.1.7600.16385_none_2963a67886ddf81e\dxapi.sys : 16,896 : 07/14/2009 00:38 AM : bf24d6f2ed97fe830bfd52b246f98e67 [Pos Repl]
 
 * C:\Windows\System32\drivers\dxg.sys : 98,816 : 07/14/2009 00:38 AM : fede0629ecb23650d48989517d4914da [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-dxg_31bf3856ad364e35_6.1.7600.16385_none_04e0334574ce0f74\dxg.sys : 98,816 : 07/14/2009 00:38 AM : fede0629ecb23650d48989517d4914da [Pos Repl]
 
 * C:\Windows\System32\drivers\fastfat.sys : 204,800 : 07/14/2009 00:23 AM : 0adc83218b66a6db380c330836f3e36d [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_0aa81d2771152f86\fastfat.sys : 204,800 : 07/14/2009 00:23 AM : 0adc83218b66a6db380c330836f3e36d [Pos Repl]
 
 * C:\Windows\System32\drivers\fdc.sys : 29,696 : 07/14/2009 01:00 AM : d765d19cd8ef61f650c384f62fac00ab [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\fdc.inf_amd64_neutral_bbcfca39fdc02275\fdc.sys : 29,696 : 07/14/2009 01:00 AM : d765d19cd8ef61f650c384f62fac00ab [Pos Repl]
 +-> C:\Windows\winsxs\amd64_fdc.inf_31bf3856ad364e35_6.1.7600.16385_none_5d86a514fa18ed1d\fdc.sys : 29,696 : 07/14/2009 01:00 AM : d765d19cd8ef61f650c384f62fac00ab [Pos Repl]
 
 * C:\Windows\System32\drivers\flpydisk.sys : 24,576 : 07/14/2009 01:00 AM : c172a0f53008eaeb8ea33fe10e177af5 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_amd64_neutral_f54222cc59267e1e\flpydisk.sys : 24,576 : 07/14/2009 01:00 AM : c172a0f53008eaeb8ea33fe10e177af5 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_42ff01d4942cc5ea\flpydisk.sys : 24,576 : 07/14/2009 01:00 AM : c172a0f53008eaeb8ea33fe10e177af5 [Pos Repl]
 
 * C:\Windows\System32\drivers\hidclass.sys : 76,800 : 07/03/2013 05:05 AM : 597c3699384e53cc59587ed50cce5ca2 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_neutral_8693053514b10ee9\hidclass.sys : 76,800 : 11/21/2010 04:23 AM : 8b0e40e7e8bbf5acf390465609d89ff1 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_neutral_fccb715ac7d8c66d\hidclass.sys : 76,800 : 07/03/2013 05:05 AM : 597c3699384e53cc59587ed50cce5ca2 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_input.inf_31bf3856ad364e35_6.1.7601.17514_none_7e959f3636bd3a1c\hidclass.sys : 76,800 : 11/21/2010 04:23 AM : 8b0e40e7e8bbf5acf390465609d89ff1 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_input.inf_31bf3856ad364e35_6.1.7601.18199_none_7e4402e836f9bd5c\hidclass.sys : 76,800 : 07/03/2013 05:05 AM : 597c3699384e53cc59587ed50cce5ca2 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_input.inf_31bf3856ad364e35_6.1.7601.22374_none_7ede3fff500ba3b8\hidclass.sys : 76,800 : 07/02/2013 04:49 AM : a68903c267bf0ac5775fe756a9283b1d [Pos Repl]
 
 * C:\Windows\System32\drivers\hidparse.sys : 32,896 : 07/03/2013 05:05 AM : 856e76b3641746abbc2946bed1372098 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_neutral_8693053514b10ee9\hidparse.sys : 32,896 : 07/14/2009 01:06 AM : 49ee2e52e6cd03947dad72f65367be06 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_neutral_fccb715ac7d8c66d\hidparse.sys : 32,896 : 07/03/2013 05:05 AM : 856e76b3641746abbc2946bed1372098 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_input.inf_31bf3856ad364e35_6.1.7601.17514_none_7e959f3636bd3a1c\hidparse.sys : 32,896 : 07/14/2009 01:06 AM : 49ee2e52e6cd03947dad72f65367be06 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_input.inf_31bf3856ad364e35_6.1.7601.18199_none_7e4402e836f9bd5c\hidparse.sys : 32,896 : 07/03/2013 05:05 AM : 856e76b3641746abbc2946bed1372098 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_input.inf_31bf3856ad364e35_6.1.7601.22374_none_7ede3fff500ba3b8\hidparse.sys : 32,896 : 07/02/2013 04:49 AM : 100a1815f5282cffb99dd77f8bee8742 [Pos Repl]
 
 * C:\Windows\System32\drivers\hidusb.sys : 30,208 : 11/21/2010 04:23 AM : 9592090a7e2b61cd582b612b6df70536 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_neutral_8693053514b10ee9\hidusb.sys : 30,208 : 11/21/2010 04:23 AM : 9592090a7e2b61cd582b612b6df70536 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_neutral_fccb715ac7d8c66d\hidusb.sys : 30,208 : 11/21/2010 04:23 AM : 9592090a7e2b61cd582b612b6df70536 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_input.inf_31bf3856ad364e35_6.1.7601.17514_none_7e959f3636bd3a1c\hidusb.sys : 30,208 : 11/21/2010 04:23 AM : 9592090a7e2b61cd582b612b6df70536 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_input.inf_31bf3856ad364e35_6.1.7601.18199_none_7e4402e836f9bd5c\hidusb.sys : 30,208 : 11/21/2010 04:23 AM : 9592090a7e2b61cd582b612b6df70536 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_input.inf_31bf3856ad364e35_6.1.7601.22374_none_7ede3fff500ba3b8\hidusb.sys : 30,208 : 11/21/2010 04:23 AM : 9592090a7e2b61cd582b612b6df70536 [Pos Repl]
 
 * C:\Windows\System32\drivers\http.sys : 754,688 : 02/25/2015 04:18 AM : f61634bec53f73702a10de69f6dcaf57 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-http_31bf3856ad364e35_6.1.7601.17514_none_0ae701b82f7a7759\http.sys : 753,664 : 11/21/2010 04:23 AM : 0ea7de1acb728dd5a369fd742d6eee28 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-http_31bf3856ad364e35_6.1.7601.18772_none_0aa40ea02fad0040\http.sys : 754,688 : 02/25/2015 04:18 AM : f61634bec53f73702a10de69f6dcaf57 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-http_31bf3856ad364e35_6.1.7601.22976_none_0b31ae7948c7028d\http.sys : 754,688 : 02/24/2015 07:06 AM : 26647a4f267d13d67ed6b99eae2a7f78 [Pos Repl]
 
 * C:\Windows\System32\drivers\i8042prt.sys : 105,472 : 07/14/2009 00:19 AM : fa55c73d4affa7ee23ac4be53b4592d3 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\i8042prt.sys : 105,472 : 07/14/2009 00:19 AM : fa55c73d4affa7ee23ac4be53b4592d3 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\i8042prt.sys : 105,472 : 07/14/2009 00:19 AM : fa55c73d4affa7ee23ac4be53b4592d3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys : 105,472 : 07/14/2009 00:19 AM : fa55c73d4affa7ee23ac4be53b4592d3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\i8042prt.sys : 105,472 : 07/14/2009 00:19 AM : fa55c73d4affa7ee23ac4be53b4592d3 [Pos Repl]
 
 * C:\Windows\System32\drivers\intelppm.sys : 62,464 : 07/14/2009 00:19 AM : ada036632c664caa754079041cf1f8c1 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\cpu.inf_amd64_neutral_ae5de2e1bf2793c3\intelppm.sys : 62,464 : 07/14/2009 00:19 AM : ada036632c664caa754079041cf1f8c1 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_cpu.inf_31bf3856ad364e35_6.1.7600.16385_none_b93f4c460912265a\intelppm.sys : 62,464 : 07/14/2009 00:19 AM : ada036632c664caa754079041cf1f8c1 [Pos Repl]
 
 * C:\Windows\System32\drivers\ipfltdrv.sys : 82,944 : 11/21/2010 04:24 AM : c9f0e1bd74365a8771590e9008d22ab6 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasipfilter_31bf3856ad364e35_6.1.7601.17514_none_458f8957d5cef9fa\ipfltdrv.sys : 82,944 : 11/21/2010 04:24 AM : c9f0e1bd74365a8771590e9008d22ab6 [Pos Repl]
 
 * C:\Windows\System32\drivers\ipnat.sys : 116,224 : 07/14/2009 01:10 AM : af9b39a7e7b6caa203b3862582e9f2d0 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ipnat_31bf3856ad364e35_6.1.7600.16385_none_b70d093f950ce2cf\ipnat.sys : 116,224 : 07/14/2009 01:10 AM : af9b39a7e7b6caa203b3862582e9f2d0 [Pos Repl]
 
 * C:\Windows\System32\drivers\irenum.sys : 17,920 : 07/14/2009 01:08 AM : 3abf5e7213eb28966d55d58b515d5ce9 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-irdaircomm_31bf3856ad364e35_6.1.7600.16385_none_84866db23e5a6f30\irenum.sys : 17,920 : 07/14/2009 01:08 AM : 3abf5e7213eb28966d55d58b515d5ce9 [Pos Repl]
 
 * C:\Windows\System32\drivers\ks.sys : 243,712 : 11/21/2010 04:24 AM : 24fbf5cc5c04150073c315a7c83521ee [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.1.7601.17514_none_b5a6c7c6ac83a58e\ks.sys : 243,712 : 11/21/2010 04:24 AM : 24fbf5cc5c04150073c315a7c83521ee [Pos Repl]
 
 * C:\Windows\System32\drivers\mcd.sys : 22,016 : 07/14/2009 01:01 AM : 3c9f072f9dca856b9fb7a20cbd4281ac [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft.windows.h..changer-driverclass_31bf3856ad364e35_6.1.7600.16385_none_249a5cc1e06b4240\mcd.sys : 22,016 : 07/14/2009 01:01 AM : 3c9f072f9dca856b9fb7a20cbd4281ac [Pos Repl]
 
 * C:\Windows\System32\drivers\modem.sys : 40,448 : 07/14/2009 01:10 AM : 800ba92f7010378b09f9ed9270f07137 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-u..em-core-classdriver_31bf3856ad364e35_6.1.7600.16385_none_8bf97498085ce154\modem.sys : 40,448 : 07/14/2009 01:10 AM : 800ba92f7010378b09f9ed9270f07137 [Pos Repl]
 
 * C:\Windows\System32\drivers\mouhid.sys : 31,232 : 07/14/2009 01:00 AM : d3bf052c40b0c4166d9fd86a4288c1e6 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\mouhid.sys : 31,232 : 07/14/2009 01:00 AM : d3bf052c40b0c4166d9fd86a4288c1e6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\mouhid.sys : 31,232 : 07/14/2009 01:00 AM : d3bf052c40b0c4166d9fd86a4288c1e6 [Pos Repl]
 
 * C:\Windows\System32\drivers\mrxdav.sys : 141,312 : 12/19/2014 02:46 AM : ae3334958d8f631ff14a0aeb3d7efb3a [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-webdavredir-mrxdav_31bf3856ad364e35_6.1.7601.17514_none_72d0eaa6dc5b2edb\mrxdav.sys : 140,800 : 11/21/2010 04:24 AM : dc722758b8261e1abafd31a3c0a66380 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-webdavredir-mrxdav_31bf3856ad364e35_6.1.7601.18201_none_72d89d3adc55e911\mrxdav.sys : 140,800 : 07/04/2013 11:11 AM : 1a4f75e63c9fb84b85dffc6b63fd5404 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-webdavredir-mrxdav_31bf3856ad364e35_6.1.7601.18706_none_72dda82adc515987\mrxdav.sys : 141,312 : 12/19/2014 02:46 AM : ae3334958d8f631ff14a0aeb3d7efb3a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-webdavredir-mrxdav_31bf3856ad364e35_6.1.7601.22376_none_731b8c03f5a7cb25\mrxdav.sys : 141,824 : 07/04/2013 10:54 AM : 83a296715a67d696f101130ab44b92a7 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-webdavredir-mrxdav_31bf3856ad364e35_6.1.7601.22913_none_73597611f579c664\mrxdav.sys : 142,336 : 12/19/2014 02:53 AM : 0ae0ab07eb9166ea6030153830148c02 [Pos Repl]
 
 * C:\Windows\System32\drivers\mrxsmb.sys : 159,232 : 07/01/2015 08:27 PM : 1877eb1495cfbdab27d6a32f6ddf3818 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17514_none_ddb772a467bcf964\mrxsmb.sys : 158,208 : 11/21/2010 04:24 AM : faf015b07e3a2874a790a39b7d2c579f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17565_none_dd82635267e49e70\mrxsmb.sys : 158,208 : 02/23/2011 05:56 AM : c2b4651001a867ff3f8865863b592991 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.18912_none_ddb562e067bed4f3\mrxsmb.sys : 159,232 : 07/01/2015 08:27 PM : 1877eb1495cfbdab27d6a32f6ddf3818 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.21666_none_de0d006781015791\mrxsmb.sys : 158,208 : 02/23/2011 04:32 AM : cd291e3c21c61e17972dfaf8e2e2e5da [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23115_none_de41d8ab80d9f404\mrxsmb.sys : 159,744 : 07/01/2015 05:55 PM : e9dd0e8829567362c1051e0905174dde [Pos Repl]
 
 * C:\Windows\System32\drivers\msfs.sys : 26,112 : 07/14/2009 00:19 AM : aa3fb40e17ce1388fa1bedab50ea8f96 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-msfs_31bf3856ad364e35_6.1.7600.16385_none_026531e2369d6d42\msfs.sys : 26,112 : 07/14/2009 00:19 AM : aa3fb40e17ce1388fa1bedab50ea8f96 [Pos Repl]
 
 * C:\Windows\System32\drivers\MSKSSRV.sys : 11,136 : 07/14/2009 01:00 AM : 49ccf2c4fea34ffad8b1b59d49439366 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernelstreamingsupport_31bf3856ad364e35_6.1.7600.16385_none_bde9acc8f46cb6db\mskssrv.sys : 11,136 : 07/14/2009 01:00 AM : 49ccf2c4fea34ffad8b1b59d49439366 [Pos Repl]
 
 * C:\Windows\System32\drivers\MSPCLOCK.sys : 7,168 : 07/14/2009 01:00 AM : bdd71ace35a232104ddd349ee70e1ab3 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernelstreamingsupport_31bf3856ad364e35_6.1.7600.16385_none_bde9acc8f46cb6db\mspclock.sys : 7,168 : 07/14/2009 01:00 AM : bdd71ace35a232104ddd349ee70e1ab3 [Pos Repl]
 
 * C:\Windows\System32\drivers\MSPQM.sys : 6,784 : 07/14/2009 01:00 AM : 4ed981241db27c3383d72092b618a1d0 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-kernelstreamingsupport_31bf3856ad364e35_6.1.7600.16385_none_bde9acc8f46cb6db\mspqm.sys : 6,784 : 07/14/2009 01:00 AM : 4ed981241db27c3383d72092b618a1d0 [Pos Repl]
 
 * C:\Windows\System32\drivers\ndistapi.sys : 24,064 : 07/14/2009 01:10 AM : 30639c932d9fef22b31268fe25a1b6e5 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_6c066d50910ecf5a\ndistapi.sys : 24,064 : 07/14/2009 01:10 AM : 30639c932d9fef22b31268fe25a1b6e5 [Pos Repl]
 
 * C:\Windows\System32\drivers\ndisuio.sys : 56,832 : 11/21/2010 04:24 AM : 136185f9fb2cc61e573e676aa5402356 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-ndisuio_31bf3856ad364e35_6.1.7601.17514_none_ca170d32fd7da822\ndisuio.sys : 56,832 : 11/21/2010 04:24 AM : 136185f9fb2cc61e573e676aa5402356 [Pos Repl]
 
 * C:\Windows\System32\drivers\ndiswan.sys : 164,352 : 11/21/2010 04:24 AM : 53f7305169863f0a2bddc49e116c2e11 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase-ndiswan_31bf3856ad364e35_6.1.7601.17514_none_515e96306dea528f\ndiswan.sys : 164,352 : 11/21/2010 04:24 AM : 53f7305169863f0a2bddc49e116c2e11 [Pos Repl]
 
 * C:\Windows\System32\drivers\ndproxy.sys : 57,856 : 11/21/2010 04:24 AM : 015c0d8e0e0421b4cfd48cffe2825879 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_6c066d50910ecf5a\ndproxy.sys : 57,856 : 11/21/2010 04:24 AM : 015c0d8e0e0421b4cfd48cffe2825879 [Pos Repl]
 
 * C:\Windows\System32\drivers\netbios.sys : 44,544 : 07/14/2009 01:09 AM : 86743d9f5d2b1048062b14b1d84501c4 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-netbios_31bf3856ad364e35_6.1.7600.16385_none_b5d6a9d184d05567\netbios.sys : 44,544 : 07/14/2009 01:09 AM : 86743d9f5d2b1048062b14b1d84501c4 [Pos Repl]
 
 * C:\Windows\System32\drivers\netbt.sys : 261,632 : 11/21/2010 04:23 AM : 09594d1089c523423b32a4229263f068 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys : 261,632 : 11/21/2010 04:23 AM : 09594d1089c523423b32a4229263f068 [Pos Repl]
 
 * C:\Windows\System32\drivers\npfs.sys : 44,032 : 07/14/2009 00:19 AM : 1e4c4ab5c9b8dd13179bbdc75a2a01f7 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-npfs_31bf3856ad364e35_6.1.7600.16385_none_02667684369c39b6\npfs.sys : 44,032 : 07/14/2009 00:19 AM : 1e4c4ab5c9b8dd13179bbdc75a2a01f7 [Pos Repl]
 
 * C:\Windows\System32\drivers\null.sys : 6,144 : 07/14/2009 00:19 AM : 9899284589f75fa8724ff3d16aed75c1 [NoSig]
 +-> C:\Windows\erdnt\cache64\null.sys : 6,144 : 07/14/2009 00:19 AM : 9899284589f75fa8724ff3d16aed75c1 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_055adf2434ae116e\null.sys : 6,144 : 07/14/2009 00:19 AM : 9899284589f75fa8724ff3d16aed75c1 [Pos Repl]
 
 * C:\Windows\System32\drivers\parport.sys : 97,280 : 07/14/2009 01:00 AM : 0086431c29c35be1dbc43f52cc273887 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\parport.sys : 97,280 : 07/14/2009 01:00 AM : 0086431c29c35be1dbc43f52cc273887 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\parport.sys : 97,280 : 07/14/2009 01:00 AM : 0086431c29c35be1dbc43f52cc273887 [Pos Repl]
 
 * C:\Windows\System32\drivers\portcls.sys : 230,400 : 10/04/2013 02:36 AM : 1e0b4cbba91c6b041a14ecc2186f7e24 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_amd64_neutral_3386f4c08ca19351\portcls.sys : 230,400 : 10/04/2013 02:36 AM : 1e0b4cbba91c6b041a14ecc2186f7e24 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_amd64_neutral_423894ded0ba8fdf\portcls.sys : 230,400 : 07/14/2009 01:06 AM : 32e11315b5126921ffd9074840ef13d3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_wdmaudio.inf_31bf3856ad364e35_6.1.7600.16385_none_bc5c4aba33d6af68\portcls.sys : 230,400 : 07/14/2009 01:06 AM : 32e11315b5126921ffd9074840ef13d3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_wdmaudio.inf_31bf3856ad364e35_6.1.7601.18276_none_be4e631430f42f82\portcls.sys : 230,400 : 10/04/2013 02:36 AM : 1e0b4cbba91c6b041a14ecc2186f7e24 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_wdmaudio.inf_31bf3856ad364e35_6.1.7601.22472_none_bed4009d4a156717\portcls.sys : 230,400 : 10/04/2013 02:37 AM : b99d370242119ac4f67d6e8183dd6ac6 [Pos Repl]
 
 * C:\Windows\System32\drivers\processr.sys : 60,416 : 07/14/2009 00:19 AM : 0d922e23c041efb1c3fac2a6f943c9bf [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\cpu.inf_amd64_neutral_ae5de2e1bf2793c3\processr.sys : 60,416 : 07/14/2009 00:19 AM : 0d922e23c041efb1c3fac2a6f943c9bf [Pos Repl]
 +-> C:\Windows\winsxs\amd64_cpu.inf_31bf3856ad364e35_6.1.7600.16385_none_b93f4c460912265a\processr.sys : 60,416 : 07/14/2009 00:19 AM : 0d922e23c041efb1c3fac2a6f943c9bf [Pos Repl]
 
 * C:\Windows\System32\drivers\rasacd.sys : 14,848 : 07/14/2009 01:10 AM : 5a0da8ad5762fa2d91678a8a01311704 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys : 14,848 : 07/14/2009 01:10 AM : 5a0da8ad5762fa2d91678a8a01311704 [Pos Repl]
 
 * C:\Windows\System32\drivers\rasl2tp.sys : 129,536 : 11/21/2010 04:24 AM : 471815800ae33e6f1c32fb1b97c490ca [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase-rasl2tp_31bf3856ad364e35_6.1.7601.17514_none_f802520bfe8dd487\rasl2tp.sys : 129,536 : 11/21/2010 04:24 AM : 471815800ae33e6f1c32fb1b97c490ca [Pos Repl]
 
 * C:\Windows\System32\drivers\raspppoe.sys : 92,672 : 07/14/2009 01:10 AM : 855c9b1cd4756c5e9a2aa58a15f58c25 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase-raspppoe_31bf3856ad364e35_6.1.7600.16385_none_b22875c7b448dfbb\raspppoe.sys : 92,672 : 07/14/2009 01:10 AM : 855c9b1cd4756c5e9a2aa58a15f58c25 [Pos Repl]
 
 * C:\Windows\System32\drivers\raspptp.sys : 111,104 : 11/21/2010 04:24 AM : f92a2c41117a11a00be01ca01a7fcde9 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase-raspptp_31bf3856ad364e35_6.1.7601.17514_none_f8152447fe76675d\raspptp.sys : 111,104 : 11/21/2010 04:24 AM : f92a2c41117a11a00be01ca01a7fcde9 [Pos Repl]
 
 * C:\Windows\System32\drivers\rdbss.sys : 309,248 : 11/21/2010 04:24 AM : 77f665941019a1594d887a74f301fa2f [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rdbss_31bf3856ad364e35_6.1.7601.17514_none_b7fadd3b7808f9d5\rdbss.sys : 309,248 : 11/21/2010 04:24 AM : 77f665941019a1594d887a74f301fa2f [Pos Repl]
 
 * C:\Windows\System32\drivers\rdpcdd.sys : 7,680 : 07/14/2009 01:16 AM : cea6cc257fc9b7715f1c2b4849286d24 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..niportdisplaydriver_31bf3856ad364e35_6.1.7600.16385_none_30d015c257effe8b\RDPCDD.sys : 7,680 : 07/14/2009 01:16 AM : cea6cc257fc9b7715f1c2b4849286d24 [Pos Repl]
 
 * C:\Windows\System32\drivers\rdpwd.sys : 212,480 : 07/17/2014 02:21 AM : fe571e088c2d83619d2d48d4e961bf41 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_a99b8db6eba2129b\rdpwd.sys : 210,944 : 11/21/2010 04:24 AM : 15b66c206b5cb095bab980553f38ed23 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17779_none_a95fb36cebce3342\rdpwd.sys : 210,944 : 02/17/2012 05:58 AM : 6d76e6433574b058adcb0c50df834492 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.18540_none_a9770602ebbe1ab3\rdpwd.sys : 212,480 : 07/17/2014 02:21 AM : fe571e088c2d83619d2d48d4e961bf41 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.21924_none_aa1a604804c7c5cb\rdpwd.sys : 210,944 : 02/17/2012 05:48 AM : 0b93aa14e7dcd85cc82bc7d7d1ca9b24 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.22750_none_a9f5d4c804e3d395\rdpwd.sys : 212,992 : 07/16/2014 03:39 AM : 6f426dcf2dddccf6ba4dfd34e9803e5b [Pos Repl]
 
 * C:\Windows\System32\drivers\rmcast.sys : 146,432 : 11/21/2010 04:24 AM : caf88d6573d21cd2aa27001ddbfdc74d [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rmcast_31bf3856ad364e35_6.1.7601.17514_none_b2a3d1a09e8a89b1\rmcast.sys : 146,432 : 11/21/2010 04:24 AM : caf88d6573d21cd2aa27001ddbfdc74d [Pos Repl]
 
 * C:\Windows\System32\drivers\rndismp.sys : 41,472 : 07/04/2012 09:26 PM : 0e01641d96889bdeb22de12d30575b08 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-miniport_31bf3856ad364e35_6.1.7600.16385_none_3d23a154a5966360\RNDISMP.sys : 41,472 : 07/14/2009 01:09 AM : fc6d5c50d846b795335deb3fce8b33f3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-miniport_31bf3856ad364e35_6.1.7601.17887_none_3f0c0c38a2baee0b\RNDISMP.sys : 41,472 : 07/04/2012 09:26 PM : 0e01641d96889bdeb22de12d30575b08 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-miniport_31bf3856ad364e35_6.1.7601.22044_none_3fbdbff7bbbb054e\RNDISMP.sys : 41,472 : 07/04/2012 09:16 PM : fdd71f94cd5580e4c1d16f96ef6c2856 [Pos Repl]
 
 * C:\Windows\System32\drivers\rootmdm.sys : 11,264 : 07/14/2009 01:10 AM : 388d3dd1a6457280f3badba9f3acd6b1 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-unimodem-core_31bf3856ad364e35_6.1.7600.16385_none_f08d2472ee3ef611\rootmdm.sys : 11,264 : 07/14/2009 01:10 AM : 388d3dd1a6457280f3badba9f3acd6b1 [Pos Repl]
 
 * C:\Windows\System32\drivers\serenum.sys : 23,552 : 07/14/2009 01:00 AM : cb624c0035412af0debec78c41f5ca1b [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serenum.sys : 23,552 : 07/14/2009 01:00 AM : cb624c0035412af0debec78c41f5ca1b [Pos Repl]
 +-> C:\Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serenum.sys : 23,552 : 07/14/2009 01:00 AM : cb624c0035412af0debec78c41f5ca1b [Pos Repl]
 
 * C:\Windows\System32\drivers\serial.sys : 94,208 : 07/14/2009 01:00 AM : c1d8e28b2c2adfaec4ba89e9fda69bd6 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys : 94,208 : 07/14/2009 01:00 AM : c1d8e28b2c2adfaec4ba89e9fda69bd6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys : 94,208 : 07/14/2009 01:00 AM : c1d8e28b2c2adfaec4ba89e9fda69bd6 [Pos Repl]
 
 * C:\Windows\System32\drivers\sffdisk.sys : 14,336 : 07/14/2009 01:01 AM : a554811bcd09279536440c964ae35bbf [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\sffdisk.inf_amd64_neutral_d2425e60845d17d3\sffdisk.sys : 14,336 : 07/14/2009 01:01 AM : a554811bcd09279536440c964ae35bbf [Pos Repl]
 +-> C:\Windows\winsxs\amd64_sffdisk.inf_31bf3856ad364e35_6.1.7601.17514_none_02618e7200897e0a\sffdisk.sys : 14,336 : 07/14/2009 01:01 AM : a554811bcd09279536440c964ae35bbf [Pos Repl]
 
 * C:\Windows\System32\drivers\sffp_sd.sys : 14,336 : 11/21/2010 04:23 AM : dd85b78243a19b59f0637dcf284da63c [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\sffdisk.inf_amd64_neutral_d2425e60845d17d3\sffp_sd.sys : 14,336 : 11/21/2010 04:23 AM : dd85b78243a19b59f0637dcf284da63c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_sffdisk.inf_31bf3856ad364e35_6.1.7601.17514_none_02618e7200897e0a\sffp_sd.sys : 14,336 : 11/21/2010 04:23 AM : dd85b78243a19b59f0637dcf284da63c [Pos Repl]
 
 * C:\Windows\System32\drivers\sfloppy.sys : 16,896 : 07/14/2009 01:01 AM : a9d601643a1647211a1ee2ec4e433ff4 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_amd64_neutral_f54222cc59267e1e\sfloppy.sys : 16,896 : 07/14/2009 01:01 AM : a9d601643a1647211a1ee2ec4e433ff4 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_42ff01d4942cc5ea\sfloppy.sys : 16,896 : 07/14/2009 01:01 AM : a9d601643a1647211a1ee2ec4e433ff4 [Pos Repl]
 
 * C:\Windows\System32\drivers\smclib.sys : 20,992 : 07/14/2009 01:00 AM : a80348ba03e96c70852959655ca3e084 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft.windows.s...smart_card_library_31bf3856ad364e35_6.1.7600.16385_none_55f89e9f01688dc0\smclib.sys : 20,992 : 07/14/2009 01:00 AM : a80348ba03e96c70852959655ca3e084 [Pos Repl]
 
 * C:\Windows\System32\drivers\srv.sys : 467,456 : 04/29/2011 04:06 AM : 441fba48bff01fdb9d5969ebc1838f0b [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7601.17514_none_381d6eca0d132216\srv.sys : 468,992 : 11/21/2010 04:23 AM : 2098b8556d1cec2aca9a29cd479e3692 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7601.17608_none_382c41c40d0768a8\srv.sys : 467,456 : 04/29/2011 04:06 AM : 441fba48bff01fdb9d5969ebc1838f0b [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7601.21717_none_38aa0e59262e0b0c\srv.sys : 467,456 : 04/29/2011 03:54 AM : 10586f14752ace786ab120ff8bb6bda4 [Pos Repl]
 
 * C:\Windows\System32\drivers\stream.sys : 69,888 : 04/11/2015 04:19 AM : 36e0ddd19038c92b7c7709bfa03f813f [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-streamclass_31bf3856ad364e35_6.1.7600.16385_none_ba5987585153b623\stream.sys : 68,864 : 07/14/2009 01:06 AM : 001cc10fa5e71ae1119115e126c8750d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-streamclass_31bf3856ad364e35_6.1.7601.18828_none_bc83bb464e46cc20\stream.sys : 69,888 : 04/11/2015 04:19 AM : 36e0ddd19038c92b7c7709bfa03f813f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-streamclass_31bf3856ad364e35_6.1.7601.23033_none_bcfd5ed567713c6a\stream.sys : 69,888 : 04/11/2015 04:27 AM : 0747e74e8bc611e3a3b215c04263c20e [Pos Repl]
 
 * C:\Windows\System32\drivers\tape.sys : 29,184 : 07/14/2009 01:01 AM : 6e316c01cba8b785fe495f5cc4f48c6f [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft.windows.h..pedrive-driverclass_31bf3856ad364e35_6.1.7600.16385_none_ee1ec21ed6ff8107\tape.sys : 29,184 : 07/14/2009 01:01 AM : 6e316c01cba8b785fe495f5cc4f48c6f [Pos Repl]
 
 * C:\Windows\System32\drivers\tdi.sys : 26,624 : 11/21/2010 04:24 AM : 6f020a220388eca0ab6062dc27bd16b6 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-tdi-driver_31bf3856ad364e35_6.1.7601.17514_none_c5144dfb4c96036b\tdi.sys : 26,624 : 11/21/2010 04:24 AM : 6f020a220388eca0ab6062dc27bd16b6 [Pos Repl]
 
 * C:\Windows\System32\drivers\tdpipe.sys : 15,872 : 07/14/2009 01:16 AM : 3371d21011695b16333a3934340c4e7c [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdpipe.sys : 15,872 : 07/14/2009 01:16 AM : 3371d21011695b16333a3934340c4e7c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17779_none_399662915b82edbf\tdpipe.sys : 15,872 : 07/14/2009 01:16 AM : 3371d21011695b16333a3934340c4e7c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.21924_none_3a510f6c747c8048\tdpipe.sys : 15,872 : 07/14/2009 01:16 AM : 3371d21011695b16333a3934340c4e7c [Pos Repl]
 
 * C:\Windows\System32\drivers\tdtcp.sys : 23,552 : 02/17/2012 05:57 AM : 51c5eceb1cdee2468a1748be550cfbc8 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdtcp.sys : 23,552 : 07/14/2009 01:16 AM : e4245bda3190a582d55ed09e137401a9 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17779_none_399662915b82edbf\tdtcp.sys : 23,552 : 02/17/2012 05:57 AM : 51c5eceb1cdee2468a1748be550cfbc8 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.21924_none_3a510f6c747c8048\tdtcp.sys : 23,552 : 02/17/2012 05:47 AM : 7463523827b104317de03a87c6d3ea1b [Pos Repl]
 
 * C:\Windows\System32\drivers\tdx.sys : 119,296 : 11/11/2014 02:46 AM : 70988118145f5f10ef24720b97f35f65 [NoSig]
 +-> C:\Windows\erdnt\cache64\tdx.sys : 119,296 : 11/11/2014 02:46 AM : 70988118145f5f10ef24720b97f35f65 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys : 119,296 : 11/21/2010 04:24 AM : ddad5a7ab24d8b65f8d724f5c20fd806 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.18658_none_483c7a50f2d21ee0\tdx.sys : 119,296 : 11/11/2014 02:46 AM : 70988118145f5f10ef24720b97f35f65 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.22865_none_48b848380bfa8bbd\tdx.sys : 118,272 : 11/11/2014 02:56 AM : 5fcf588bbd2358538db17dd0a0a31813 [Pos Repl]
 
 * C:\Windows\System32\drivers\udfs.sys : 328,192 : 11/21/2010 04:23 AM : ff4232a1a64012baa1fd97c7b67df593 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-udfs_31bf3856ad364e35_6.1.7601.17514_none_049f9db233833b25\udfs.sys : 328,192 : 11/21/2010 04:23 AM : ff4232a1a64012baa1fd97c7b67df593 [Pos Repl]
 
 * C:\Windows\System32\drivers\usb8023.sys : 19,968 : 02/12/2013 05:12 AM : 92b3172e8c14c1444682f510843a9988 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7600.16385_none_20e1b69f6c5c4250\usb8023.sys : 19,968 : 07/14/2009 01:09 AM : d0fe8cb5f84303e73ff0754437fad3d1 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7601.18076_none_22d3cb2d6979c81c\usb8023.sys : 19,968 : 02/12/2013 05:12 AM : 92b3172e8c14c1444682f510843a9988 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7601.22248_none_237fda36827d43e8\usb8023.sys : 19,968 : 02/12/2013 04:59 AM : a6db4451eefe7b9ef5bd0c5fe0c09125 [Pos Repl]
 
 * C:\Windows\System32\drivers\usbcamd2.sys : 32,896 : 11/21/2010 04:24 AM : 292a8e03b3fce04e39b5be9b14132030 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-usbcamd_31bf3856ad364e35_6.1.7601.17514_none_fdae66ff8eda989e\USBCAMD2.sys : 32,896 : 11/21/2010 04:24 AM : 292a8e03b3fce04e39b5be9b14132030 [Pos Repl]
 
 * C:\Windows\System32\drivers\usbccgp.sys : 99,840 : 11/27/2013 02:41 AM : dca68b0943d6fa415f0c56c92158a83a [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_amd64_neutral_269d7150439b3372\usbccgp.sys : 98,816 : 11/21/2010 04:23 AM : 481dff26b4dca8f4cbac1f7dce1d6829 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_amd64_neutral_42d7284868af1f40\usbccgp.sys : 99,840 : 11/27/2013 02:41 AM : dca68b0943d6fa415f0c56c92158a83a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usb.inf_31bf3856ad364e35_6.1.7601.17514_none_291e6c652511ddb0\usbccgp.sys : 98,816 : 11/21/2010 04:23 AM : 481dff26b4dca8f4cbac1f7dce1d6829 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usb.inf_31bf3856ad364e35_6.1.7601.18328_none_2917830d25167e50\usbccgp.sys : 99,840 : 11/27/2013 02:41 AM : dca68b0943d6fa415f0c56c92158a83a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usb.inf_31bf3856ad364e35_6.1.7601.22526_none_299f212a3e35e893\usbccgp.sys : 99,840 : 11/27/2013 02:42 AM : 91d3c92a44fc682dd791147604e79152 [Pos Repl]
 
 * C:\Windows\System32\drivers\usbd.sys : 7,808 : 11/27/2013 02:41 AM : ffa06ef43987ed0dd42ad59b260c0c78 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_d5d6e7e900318837\usbd.sys : 7,808 : 11/27/2013 02:41 AM : ffa06ef43987ed0dd42ad59b260c0c78 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbd.sys : 7,936 : 07/14/2009 01:06 AM : 63c8d74bed9f80f4dd0aa7a3101eb639 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_1be864e21a2d2b97\usbd.sys : 7,936 : 07/14/2009 01:06 AM : 63c8d74bed9f80f4dd0aa7a3101eb639 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.18328_none_1be17b8a1a31cc37\usbd.sys : 7,808 : 11/27/2013 02:41 AM : ffa06ef43987ed0dd42ad59b260c0c78 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.22526_none_1c6919a73351367a\usbd.sys : 7,808 : 11/27/2013 02:42 AM : 1a13dcabd19d093b4d3949ce33ef1fa1 [Pos Repl]
 
 * C:\Windows\System32\drivers\usbehci.sys : 53,248 : 11/27/2013 02:41 AM : 18a85013a3e0f7e1755365d287443965 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_d5d6e7e900318837\usbehci.sys : 53,248 : 11/27/2013 02:41 AM : 18a85013a3e0f7e1755365d287443965 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbehci.sys : 52,224 : 11/21/2010 04:23 AM : 74ee782b1d9c241efe425565854c661c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_1be864e21a2d2b97\usbehci.sys : 52,224 : 11/21/2010 04:23 AM : 74ee782b1d9c241efe425565854c661c [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.18328_none_1be17b8a1a31cc37\usbehci.sys : 53,248 : 11/27/2013 02:41 AM : 18a85013a3e0f7e1755365d287443965 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.22526_none_1c6919a73351367a\usbehci.sys : 53,248 : 11/27/2013 02:42 AM : f7ffdf2a1d19a76a87759126b244c816 [Pos Repl]
 
 * C:\Windows\System32\drivers\usbhub.sys : 343,040 : 11/27/2013 02:41 AM : 8d1196cfbb223621f2c67d45710f25ba [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_amd64_neutral_269d7150439b3372\usbhub.sys : 343,040 : 11/21/2010 04:23 AM : dc96bd9ccb8403251bcf25047573558e [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_amd64_neutral_42d7284868af1f40\usbhub.sys : 343,040 : 11/27/2013 02:41 AM : 8d1196cfbb223621f2c67d45710f25ba [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_d5d6e7e900318837\usbhub.sys : 343,040 : 11/27/2013 02:41 AM : 8d1196cfbb223621f2c67d45710f25ba [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbhub.sys : 343,040 : 11/21/2010 04:23 AM : dc96bd9ccb8403251bcf25047573558e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usb.inf_31bf3856ad364e35_6.1.7601.17514_none_291e6c652511ddb0\usbhub.sys : 343,040 : 11/21/2010 04:23 AM : dc96bd9ccb8403251bcf25047573558e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usb.inf_31bf3856ad364e35_6.1.7601.18328_none_2917830d25167e50\usbhub.sys : 343,040 : 11/27/2013 02:41 AM : 8d1196cfbb223621f2c67d45710f25ba [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usb.inf_31bf3856ad364e35_6.1.7601.22526_none_299f212a3e35e893\usbhub.sys : 343,040 : 11/27/2013 02:42 AM : 245fe7fc634d6a993e682e0a9eba4abb [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_1be864e21a2d2b97\usbhub.sys : 343,040 : 11/21/2010 04:23 AM : dc96bd9ccb8403251bcf25047573558e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.18328_none_1be17b8a1a31cc37\usbhub.sys : 343,040 : 11/27/2013 02:41 AM : 8d1196cfbb223621f2c67d45710f25ba [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.22526_none_1c6919a73351367a\usbhub.sys : 343,040 : 11/27/2013 02:42 AM : 245fe7fc634d6a993e682e0a9eba4abb [Pos Repl]
 
 * C:\Windows\System32\drivers\usbport.sys : 325,120 : 11/27/2013 02:41 AM : 12feb33791920678f8433701c822bcfd [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_d5d6e7e900318837\usbport.sys : 325,120 : 11/27/2013 02:41 AM : 12feb33791920678f8433701c822bcfd [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbport.sys : 325,120 : 11/21/2010 04:23 AM : b6d64ee607637301ff8c33139b4950de [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_1be864e21a2d2b97\usbport.sys : 325,120 : 11/21/2010 04:23 AM : b6d64ee607637301ff8c33139b4950de [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.18328_none_1be17b8a1a31cc37\usbport.sys : 325,120 : 11/27/2013 02:41 AM : 12feb33791920678f8433701c822bcfd [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.22526_none_1c6919a73351367a\usbport.sys : 325,120 : 11/27/2013 02:42 AM : d7322da647332ab0fa3809555bb04325 [Pos Repl]
 
 * C:\Windows\System32\drivers\USBSTOR.sys : 91,648 : 03/11/2011 05:37 AM : fed648b01349a3c8395a5169db5fb7d6 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_amd64_neutral_0725c2806a159a9d\USBSTOR.SYS : 91,648 : 11/21/2010 04:23 AM : d76510cfa0fc09023077f22c2f979d86 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_amd64_neutral_26b33263a639795d\USBSTOR.SYS : 91,648 : 03/11/2011 05:37 AM : fed648b01349a3c8395a5169db5fb7d6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7601.17514_none_a6ac5425ae72a584\USBSTOR.SYS : 91,648 : 11/21/2010 04:23 AM : d76510cfa0fc09023077f22c2f979d86 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7601.17577_none_a66e757baea0992f\USBSTOR.SYS : 91,648 : 03/11/2011 05:37 AM : fed648b01349a3c8395a5169db5fb7d6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7601.21680_none_a6e64054c7cca389\USBSTOR.SYS : 91,648 : 03/11/2011 05:21 AM : 36106ac439edfbb7b8bdbf99079c7590 [Pos Repl]
 
 * C:\Windows\System32\drivers\usbuhci.sys : 30,720 : 11/27/2013 02:41 AM : dd253afc3bc6cba412342de60c3647f3 [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_d5d6e7e900318837\usbuhci.sys : 30,720 : 11/27/2013 02:41 AM : dd253afc3bc6cba412342de60c3647f3 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbuhci.sys : 30,720 : 07/14/2009 01:06 AM : 81fb2216d3a60d1284455d511797db3d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_1be864e21a2d2b97\usbuhci.sys : 30,720 : 07/14/2009 01:06 AM : 81fb2216d3a60d1284455d511797db3d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.18328_none_1be17b8a1a31cc37\usbuhci.sys : 30,720 : 11/27/2013 02:41 AM : dd253afc3bc6cba412342de60c3647f3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.22526_none_1c6919a73351367a\usbuhci.sys : 30,720 : 11/27/2013 02:42 AM : 2e682dce4319a90e02a327f8a427544a [Pos Repl]
 
 * C:\Windows\System32\drivers\vga.sys : 29,184 : 07/14/2009 00:38 AM : 53e92a310193cb3c03bea963de7d9cfc [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-standardvga_31bf3856ad364e35_6.1.7600.16385_none_f881232cf3b0c322\vga.sys : 29,184 : 07/14/2009 00:38 AM : 53e92a310193cb3c03bea963de7d9cfc [Pos Repl]
 
 * C:\Windows\System32\drivers\videoprt.sys : 129,024 : 07/14/2009 00:38 AM : e7353d59c9842bc7299faeb7e7e09340 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-videoport_31bf3856ad364e35_6.1.7600.16385_none_180f3dba1e158073\videoprt.sys : 129,024 : 07/14/2009 00:38 AM : e7353d59c9842bc7299faeb7e7e09340 [Pos Repl]
 
 * C:\Windows\System32\drivers\wanarp.sys : 88,576 : 11/21/2010 04:24 AM : 356afd78a6ed4457169241ac3965230c [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_6c066d50910ecf5a\wanarp.sys : 88,576 : 11/21/2010 04:24 AM : 356afd78a6ed4457169241ac3965230c [Pos Repl]
 
 * C:\Windows\System32\drivers\ws2ifsl.sys : 21,504 : 07/14/2009 01:10 AM : 6bcc1d7d2fd2453957c5479a32364e52 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys : 21,504 : 07/14/2009 01:10 AM : 6bcc1d7d2fd2453957c5479a32364e52 [Pos Repl]
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 01/03/2017 11:45:54 PM
Execution time: 0 hours(s), 10 minute(s), and 27 seconds(s)
 


BC AdBot (Login to Remove)

 


#2 nevermore_32

nevermore_32
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:31 PM

Posted 05 January 2017 - 07:52 AM

Ok so in the meantime I managed to startup Windows normally, disable the sandboxing and by using RKill .Av scan has successfully finished. It sent off it's files for analysis, most of which still have not come back from Comodo. It only detected so far 1 as malicious which was Combofix.exe which I quarantined anyway. It still comes up with the same 2 malware processes to terminate in Rkill. Ran ESET Online scanner again still nothing. Managed to run Microsoft Malicious Software Removal which shows 1 threat found while scanning then at the end finds nothing. I have ran this on two separate occasions with the same result.

 

Windows Update and Defender and such are still not able to start. MBAM with rootkit search enabled, still finds nothing. Trying to start things like Windows Defender and other services gets a pop up for authorization for an unknown publisher which I do not allow.

I said in my last post that TDSSKiller was unsuccessful. I'm not really sure now but it definitely was deleted twice on restart. I do have the logs however that it saved. Below is the last of these logs.

 

Thanks! Hope someone can help me out on this one as it's beyond my experience and knowledge!!

 

23:15:38.0176 0x0ffc  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
23:16:02.0341 0x0ffc  ============================================================
23:16:02.0341 0x0ffc  Current date / time: 2017/01/04 23:16:02.0341
23:16:02.0341 0x0ffc  SystemInfo:
23:16:02.0341 0x0ffc  
23:16:02.0341 0x0ffc  OS Version: 6.1.7601 ServicePack: 1.0
23:16:02.0341 0x0ffc  Product type: Workstation
23:16:02.0341 0x0ffc  ComputerName: COLLY-PC
23:16:02.0341 0x0ffc  UserName: COLLY
23:16:02.0341 0x0ffc  Windows directory: C:\Windows
23:16:02.0341 0x0ffc  System windows directory: C:\Windows
23:16:02.0341 0x0ffc  Running under WOW64
23:16:02.0341 0x0ffc  Processor architecture: Intel x64
23:16:02.0341 0x0ffc  Number of processors: 4
23:16:02.0341 0x0ffc  Page size: 0x1000
23:16:02.0341 0x0ffc  Boot type: Normal boot
23:16:02.0341 0x0ffc  CodeIntegrityOptions = 0x00000001
23:16:02.0341 0x0ffc  ============================================================
23:16:02.0902 0x0ffc  KLMD registered as C:\Windows\system32\drivers\25325025.sys
23:16:02.0902 0x0ffc  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.18798, osProperties = 0x1
23:16:03.0339 0x0ffc  System UUID: {7C95DE6A-EFD3-CBF3-5C30-5A22BAE3162B}
23:16:04.0182 0x0ffc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:16:04.0182 0x0ffc  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:16:04.0182 0x0ffc  ============================================================
23:16:04.0182 0x0ffc  \Device\Harddisk0\DR0:
23:16:04.0182 0x0ffc  MBR partitions:
23:16:04.0182 0x0ffc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385800
23:16:04.0182 0x0ffc  \Device\Harddisk1\DR1:
23:16:04.0182 0x0ffc  MBR partitions:
23:16:04.0182 0x0ffc  ============================================================
23:16:04.0213 0x0ffc  C: <-> \Device\Harddisk0\DR0\Partition1
23:16:04.0228 0x0ffc  ============================================================
23:16:04.0228 0x0ffc  Initialize success
23:16:04.0228 0x0ffc  ============================================================
23:16:40.0935 0x113c  ============================================================
23:16:40.0935 0x113c  Scan started
23:16:40.0935 0x113c  Mode: Manual; SigCheck; TDLFS; 
23:16:40.0935 0x113c  ============================================================
23:16:40.0935 0x113c  KSN ping started
23:16:44.0586 0x113c  KSN ping finished: true
23:16:44.0944 0x113c  ================ Scan system memory ========================
23:16:44.0944 0x113c  System memory - ok
23:16:44.0944 0x113c  ================ Scan services =============================
23:16:45.0069 0x113c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:16:45.0116 0x113c  1394ohci - detected UnsignedFile.Multi.Generic ( 1 )
23:16:48.0283 0x113c  Detect skipped due to KSN trusted
23:16:48.0283 0x113c  1394ohci - ok
23:16:48.0330 0x113c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:16:48.0392 0x113c  ACPI - ok
23:16:48.0423 0x113c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:16:48.0423 0x113c  AcpiPmi - detected UnsignedFile.Multi.Generic ( 1 )
23:16:51.0621 0x113c  Detect skipped due to KSN trusted
23:16:51.0621 0x113c  AcpiPmi - ok
23:16:51.0730 0x113c  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:16:51.0746 0x113c  AdobeARMservice - ok
23:16:51.0793 0x113c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:16:51.0824 0x113c  adp94xx - ok
23:16:51.0840 0x113c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:16:51.0855 0x113c  adpahci - ok
23:16:51.0871 0x113c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:16:51.0902 0x113c  adpu320 - ok
23:16:51.0918 0x113c  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:16:51.0918 0x113c  AeLookupSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:16:55.0085 0x113c  Detect skipped due to KSN trusted
23:16:55.0085 0x113c  AeLookupSvc - ok
23:16:55.0131 0x113c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
23:16:55.0147 0x113c  AFD - detected UnsignedFile.Multi.Generic ( 1 )
23:16:58.0329 0x113c  Detect skipped due to KSN trusted
23:16:58.0329 0x113c  AFD - ok
23:16:58.0345 0x113c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
23:16:58.0361 0x113c  agp440 - ok
23:16:58.0376 0x113c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
23:16:58.0392 0x113c  ALG - detected UnsignedFile.Multi.Generic ( 1 )
23:17:01.0403 0x113c  Detect skipped due to KSN trusted
23:17:01.0403 0x113c  ALG - ok
23:17:01.0434 0x113c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:17:01.0449 0x113c  aliide - ok
23:17:01.0496 0x113c  [ E7BDC2E7D885A65031C6B93D5A80B019, B37B05CA81A200A0C303946A21901ED382468761AB8BB8F7F310700A060E813F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:17:01.0512 0x113c  AMD External Events Utility - detected UnsignedFile.Multi.Generic ( 1 )
23:17:04.0538 0x113c  Detect skipped due to KSN trusted
23:17:04.0538 0x113c  AMD External Events Utility - ok
23:17:04.0538 0x113c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
23:17:04.0554 0x113c  amdide - ok
23:17:04.0569 0x113c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:17:04.0585 0x113c  AmdK8 - detected UnsignedFile.Multi.Generic ( 1 )
23:17:07.0658 0x113c  Detect skipped due to KSN trusted
23:17:07.0658 0x113c  AmdK8 - ok
23:17:08.0033 0x113c  [ 342156AF1FED5ED3A5D3FBB3D87F48E8, 119C85492EDCA82731E23A261DE39A72783713B01B89D8FA2F47400EB03C7C57 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:17:08.0454 0x113c  amdkmdag - detected UnsignedFile.Multi.Generic ( 1 )
23:17:11.0543 0x113c  Detect skipped due to KSN trusted
23:17:11.0543 0x113c  amdkmdag - ok
23:17:11.0605 0x113c  [ 9DCA2AFEABF1D109FB2C229491C9F293, F020F4FDD29897C656287A2D01D51B4AE45AA604E4291BCE05FB7D994242EC04 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:17:11.0636 0x113c  amdkmdap - detected UnsignedFile.Multi.Generic ( 1 )
23:17:14.0663 0x113c  Detect skipped due to KSN trusted
23:17:14.0663 0x113c  amdkmdap - ok
23:17:14.0678 0x113c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
23:17:14.0678 0x113c  AmdPPM - detected UnsignedFile.Multi.Generic ( 1 )
23:17:17.0689 0x113c  Detect skipped due to KSN trusted
23:17:17.0689 0x113c  AmdPPM - ok
23:17:17.0720 0x113c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:17:17.0736 0x113c  amdsata - ok
23:17:17.0751 0x113c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:17:17.0767 0x113c  amdsbs - ok
23:17:17.0783 0x113c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:17:17.0798 0x113c  amdxata - ok
23:17:17.0845 0x113c  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
23:17:17.0861 0x113c  AppID - detected UnsignedFile.Multi.Generic ( 1 )
23:17:20.0949 0x113c  Detect skipped due to KSN trusted
23:17:20.0949 0x113c  AppID - ok
23:17:20.0965 0x113c  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:17:20.0965 0x113c  AppIDSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:17:24.0116 0x113c  Detect skipped due to KSN trusted
23:17:24.0116 0x113c  AppIDSvc - ok
23:17:24.0179 0x113c  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
23:17:24.0194 0x113c  Appinfo - detected UnsignedFile.Multi.Generic ( 1 )
23:17:27.0314 0x113c  Detect skipped due to KSN trusted
23:17:27.0314 0x113c  Appinfo - ok
23:17:27.0361 0x113c  [ 301AA64F9643BC453D90A66C4C0E7204, F9EDAD13F865B5F0A89FF59827EECB519F113EB037F2DA8367F1572629B503B1 ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys
23:17:27.0377 0x113c  AppleCharger - ok
23:17:27.0392 0x113c  [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
23:17:27.0408 0x113c  AppleChargerSrv - ok
23:17:27.0470 0x113c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
23:17:27.0486 0x113c  arc - ok
23:17:27.0501 0x113c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:17:27.0517 0x113c  arcsas - ok
23:17:27.0595 0x113c  [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:17:27.0611 0x113c  aspnet_state - ok
23:17:27.0657 0x113c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:17:27.0673 0x113c  AsyncMac - detected UnsignedFile.Multi.Generic ( 1 )
23:17:30.0809 0x113c  Detect skipped due to KSN trusted
23:17:30.0809 0x113c  AsyncMac - ok
23:17:30.0840 0x113c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:17:30.0855 0x113c  atapi - ok
23:17:30.0887 0x113c  [ C22D4905DDDF73EB0349D3B0604234A2, F86220290663FA95F3D8181D41F9D105634A62D50856BCEB174B9675F8DD7669 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
23:17:30.0902 0x113c  AtiHDAudioService - detected UnsignedFile.Multi.Generic ( 1 )
23:17:34.0116 0x113c  Detect skipped due to KSN trusted
23:17:34.0116 0x113c  AtiHDAudioService - ok
23:17:34.0178 0x113c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:17:34.0194 0x113c  AudioEndpointBuilder - detected UnsignedFile.Multi.Generic ( 1 )
23:17:37.0220 0x113c  Detect skipped due to KSN trusted
23:17:37.0220 0x113c  AudioEndpointBuilder - ok
23:17:37.0236 0x113c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:17:37.0251 0x113c  AudioSrv - detected UnsignedFile.Multi.Generic ( 1 )
23:17:37.0251 0x113c  Detect skipped due to KSN trusted
23:17:37.0251 0x113c  AudioSrv - ok
23:17:37.0298 0x113c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:17:37.0314 0x113c  AxInstSV - detected UnsignedFile.Multi.Generic ( 1 )
23:17:40.0328 0x113c  Detect skipped due to KSN trusted
23:17:40.0328 0x113c  AxInstSV - ok
23:17:40.0375 0x113c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:17:40.0391 0x113c  b06bdrv - detected UnsignedFile.Multi.Generic ( 1 )
23:17:43.0402 0x113c  Detect skipped due to KSN trusted
23:17:43.0402 0x113c  b06bdrv - ok
23:17:43.0448 0x113c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:17:43.0464 0x113c  b57nd60a - detected UnsignedFile.Multi.Generic ( 1 )
23:17:46.0553 0x113c  Detect skipped due to KSN trusted
23:17:46.0553 0x113c  b57nd60a - ok
23:17:46.0600 0x113c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:17:46.0600 0x113c  BDESVC - detected UnsignedFile.Multi.Generic ( 1 )
23:17:49.0620 0x113c  Detect skipped due to KSN trusted
23:17:49.0620 0x113c  BDESVC - ok
23:17:49.0651 0x113c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:17:49.0651 0x113c  Beep - detected UnsignedFile.Multi.Generic ( 1 )
23:17:52.0740 0x113c  Detect skipped due to KSN trusted
23:17:52.0740 0x113c  Beep - ok
23:17:52.0989 0x113c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
23:17:53.0005 0x113c  BFE - detected UnsignedFile.Multi.Generic ( 1 )
23:17:55.0735 0x113c  Detect skipped due to KSN trusted
23:17:55.0735 0x113c  BFE - ok
23:17:55.0766 0x113c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
23:17:55.0782 0x113c  BITS - detected UnsignedFile.Multi.Generic ( 1 )
23:17:58.0527 0x113c  Detect skipped due to KSN trusted
23:17:58.0527 0x113c  BITS - ok
23:17:58.0558 0x113c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:17:58.0558 0x113c  blbdrive - detected UnsignedFile.Multi.Generic ( 1 )
23:18:01.0398 0x113c  Detect skipped due to KSN trusted
23:18:01.0398 0x113c  blbdrive - ok
23:18:01.0444 0x113c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:18:01.0460 0x113c  bowser - detected UnsignedFile.Multi.Generic ( 1 )
23:18:04.0346 0x113c  Detect skipped due to KSN trusted
23:18:04.0346 0x113c  bowser - ok
23:18:04.0377 0x113c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
23:18:04.0393 0x113c  BrFiltLo - detected UnsignedFile.Multi.Generic ( 1 )
23:18:07.0279 0x113c  Detect skipped due to KSN trusted
23:18:07.0279 0x113c  BrFiltLo - ok
23:18:07.0310 0x113c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
23:18:07.0310 0x113c  BrFiltUp - detected UnsignedFile.Multi.Generic ( 1 )
23:18:10.0118 0x113c  Detect skipped due to KSN trusted
23:18:10.0118 0x113c  BrFiltUp - ok
23:18:10.0165 0x113c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
23:18:10.0165 0x113c  BridgeMP - detected UnsignedFile.Multi.Generic ( 1 )
23:18:13.0066 0x113c  Detect skipped due to KSN trusted
23:18:13.0066 0x113c  BridgeMP - ok
23:18:13.0113 0x113c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
23:18:13.0113 0x113c  Browser - detected UnsignedFile.Multi.Generic ( 1 )
23:18:16.0015 0x113c  Detect skipped due to KSN trusted
23:18:16.0015 0x113c  Browser - ok
23:18:16.0030 0x113c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:18:16.0030 0x113c  Brserid - detected UnsignedFile.Multi.Generic ( 1 )
23:18:18.0776 0x113c  Detect skipped due to KSN trusted
23:18:18.0776 0x113c  Brserid - ok
23:18:18.0823 0x113c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:18:18.0823 0x113c  BrSerWdm - detected UnsignedFile.Multi.Generic ( 1 )
23:18:21.0615 0x113c  Detect skipped due to KSN trusted
23:18:21.0615 0x113c  BrSerWdm - ok
23:18:21.0615 0x113c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:18:21.0615 0x113c  BrUsbMdm - detected UnsignedFile.Multi.Generic ( 1 )
23:18:24.0376 0x113c  Detect skipped due to KSN trusted
23:18:24.0376 0x113c  BrUsbMdm - ok
23:18:24.0408 0x113c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:18:24.0408 0x113c  BrUsbSer - detected UnsignedFile.Multi.Generic ( 1 )
23:18:27.0169 0x113c  Detect skipped due to KSN trusted
23:18:27.0169 0x113c  BrUsbSer - ok
23:18:27.0184 0x113c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:18:27.0184 0x113c  BTHMODEM - detected UnsignedFile.Multi.Generic ( 1 )
23:18:29.0992 0x113c  Detect skipped due to KSN trusted
23:18:29.0992 0x113c  BTHMODEM - ok
23:18:30.0039 0x113c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
23:18:30.0039 0x113c  bthserv - detected UnsignedFile.Multi.Generic ( 1 )
23:18:32.0769 0x113c  Detect skipped due to KSN trusted
23:18:32.0769 0x113c  bthserv - ok
23:18:32.0800 0x113c  catchme - ok
23:18:33.0003 0x113c  [ 87F44237BB6EBF6888BB926AEB0E60C3, E2FF7B5C34C263BE17C526FE9FD4F3DB8C63D82E998802C1914617DD45D9977F ] ccavsrv         C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe
23:18:33.0144 0x113c  ccavsrv - ok
23:18:33.0222 0x113c  [ 8C7A623B6A2CD129EF78F0A73C081EEA, 84DC6BFFE5063F283F2865930B766455F633081DDA3479D6C1650944AE191F90 ] ccavvirth       C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavvirth.exe
23:18:33.0284 0x113c  ccavvirth - ok
23:18:33.0331 0x113c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:18:33.0331 0x113c  cdfs - detected UnsignedFile.Multi.Generic ( 1 )
23:18:36.0154 0x113c  Detect skipped due to KSN trusted
23:18:36.0154 0x113c  cdfs - ok
23:18:36.0201 0x113c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:18:36.0201 0x113c  cdrom - detected UnsignedFile.Multi.Generic ( 1 )
23:18:38.0962 0x113c  Detect skipped due to KSN trusted
23:18:38.0962 0x113c  cdrom - ok
23:18:38.0994 0x113c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:18:39.0009 0x113c  CertPropSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:18:41.0833 0x113c  Detect skipped due to KSN trusted
23:18:41.0833 0x113c  CertPropSvc - ok
23:18:41.0848 0x113c  [ 7AD735DB1A9CC82D75E8854952EE8052, 662E6A07AF995AFF7E2D7817F121028078E0B04B394A29D6E62A8BC287C7A6D9 ] CFRMD           C:\Windows\system32\DRIVERS\CFRMD.sys
23:18:41.0864 0x113c  CFRMD - detected UnsignedFile.Multi.Generic ( 1 )
23:18:44.0750 0x113c  Detect skipped due to KSN trusted
23:18:44.0750 0x113c  CFRMD - ok
23:18:44.0797 0x113c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
23:18:44.0797 0x113c  circlass - detected UnsignedFile.Multi.Generic ( 1 )
23:18:47.0699 0x113c  Detect skipped due to KSN trusted
23:18:47.0699 0x113c  circlass - ok
23:18:47.0745 0x113c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
23:18:47.0761 0x113c  CLFS - ok
23:18:47.0808 0x113c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:18:47.0823 0x113c  clr_optimization_v2.0.50727_32 - ok
23:18:47.0839 0x113c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:18:47.0855 0x113c  clr_optimization_v2.0.50727_64 - ok
23:18:47.0917 0x113c  [ 19E11CACD01FCB8C63DED05319074420, 7A5972525CC20679A682C738475D968A89E1453BBBF070A18E6216ED7801A3C2 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:18:47.0933 0x113c  clr_optimization_v4.0.30319_32 - ok
23:18:47.0948 0x113c  [ F71413E276F4EDA3BFD1B51C1FDBAD5E, 29A1B39F8DB96612442016439D3AC968678298CB46EE95CF2D11C71881353F65 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:18:47.0948 0x113c  clr_optimization_v4.0.30319_64 - ok
23:18:48.0011 0x113c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
23:18:48.0011 0x113c  CmBatt - detected UnsignedFile.Multi.Generic ( 1 )
23:18:50.0850 0x113c  Detect skipped due to KSN trusted
23:18:50.0850 0x113c  CmBatt - ok
23:18:50.0912 0x113c  [ AD0AEA8324869385EE7CE5FE51450FEE, 88FD2691EE1268D11EE4025A9D7AE2E5DCC223F1D337752D2C0205474D681CB2 ] cmdccav         C:\Windows\system32\drivers\CmdCCAV.sys
23:18:50.0928 0x113c  cmdccav - ok
23:18:50.0959 0x113c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:18:50.0959 0x113c  cmdide - ok
23:18:51.0021 0x113c  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
23:18:51.0053 0x113c  CNG - ok
23:18:51.0084 0x113c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
23:18:51.0084 0x113c  Compbatt - ok
23:18:51.0115 0x113c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:18:51.0115 0x113c  CompositeBus - detected UnsignedFile.Multi.Generic ( 1 )
23:18:54.0001 0x113c  Detect skipped due to KSN trusted
23:18:54.0001 0x113c  CompositeBus - ok
23:18:54.0017 0x113c  COMSysApp - ok
23:18:54.0032 0x113c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:18:54.0048 0x113c  crcdisk - ok
23:18:54.0079 0x113c  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:18:54.0095 0x113c  CryptSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:18:56.0825 0x113c  Detect skipped due to KSN trusted
23:18:56.0825 0x113c  CryptSvc - ok
23:18:56.0871 0x113c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:18:56.0887 0x113c  DcomLaunch - detected UnsignedFile.Multi.Generic ( 1 )
23:18:59.0648 0x113c  Detect skipped due to KSN trusted
23:18:59.0648 0x113c  DcomLaunch - ok
23:18:59.0679 0x113c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:18:59.0679 0x113c  defragsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:19:02.0441 0x113c  Detect skipped due to KSN trusted
23:19:02.0441 0x113c  defragsvc - ok
23:19:02.0487 0x113c  [ FDC0C5ADDE1CDE6EDB0BEF78F0699AF3, A7340F79E5C4066D378A1E25230A9DED57626BD102E55D04A413FB60B912F772 ] DES2 Service    C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
23:19:02.0487 0x113c  DES2 Service - ok
23:19:02.0503 0x113c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:19:02.0503 0x113c  DfsC - detected UnsignedFile.Multi.Generic ( 1 )
23:19:05.0342 0x113c  Detect skipped due to KSN trusted
23:19:05.0342 0x113c  DfsC - ok
23:19:05.0389 0x113c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:19:05.0389 0x113c  Dhcp - detected UnsignedFile.Multi.Generic ( 1 )
23:19:08.0166 0x113c  Detect skipped due to KSN trusted
23:19:08.0166 0x113c  Dhcp - ok
23:19:08.0213 0x113c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
23:19:08.0213 0x113c  discache - detected UnsignedFile.Multi.Generic ( 1 )
23:19:11.0005 0x113c  Detect skipped due to KSN trusted
23:19:11.0005 0x113c  discache - ok
23:19:11.0052 0x113c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
23:19:11.0067 0x113c  Disk - ok
23:19:11.0099 0x113c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:19:11.0099 0x113c  Dnscache - detected UnsignedFile.Multi.Generic ( 1 )
23:19:13.0829 0x113c  Detect skipped due to KSN trusted
23:19:13.0829 0x113c  Dnscache - ok
23:19:13.0860 0x113c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:19:13.0860 0x113c  dot3svc - detected UnsignedFile.Multi.Generic ( 1 )
23:19:16.0683 0x113c  Detect skipped due to KSN trusted
23:19:16.0683 0x113c  dot3svc - ok
23:19:16.0683 0x113c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
23:19:16.0699 0x113c  DPS - detected UnsignedFile.Multi.Generic ( 1 )
23:19:19.0616 0x113c  Detect skipped due to KSN trusted
23:19:19.0616 0x113c  DPS - ok
23:19:19.0647 0x113c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:19:19.0647 0x113c  drmkaud - detected UnsignedFile.Multi.Generic ( 1 )
23:19:22.0487 0x113c  Detect skipped due to KSN trusted
23:19:22.0487 0x113c  drmkaud - ok
23:19:22.0533 0x113c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:19:22.0565 0x113c  DXGKrnl - ok
23:19:22.0627 0x113c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
23:19:22.0627 0x113c  EapHost - detected UnsignedFile.Multi.Generic ( 1 )
23:19:25.0497 0x113c  Detect skipped due to KSN trusted
23:19:25.0497 0x113c  EapHost - ok
23:19:25.0591 0x113c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:19:25.0685 0x113c  ebdrv - detected UnsignedFile.Multi.Generic ( 1 )
23:19:28.0586 0x113c  Detect skipped due to KSN trusted
23:19:28.0586 0x113c  ebdrv - ok
23:19:28.0617 0x113c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe
23:19:28.0617 0x113c  EFS - detected UnsignedFile.Multi.Generic ( 1 )
23:19:31.0347 0x113c  Detect skipped due to KSN trusted
23:19:31.0347 0x113c  EFS - ok
23:19:31.0410 0x113c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:19:31.0425 0x113c  ehRecvr - detected UnsignedFile.Multi.Generic ( 1 )
23:19:34.0171 0x113c  Detect skipped due to KSN trusted
23:19:34.0171 0x113c  ehRecvr - ok
23:19:34.0218 0x113c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
23:19:34.0218 0x113c  ehSched - detected UnsignedFile.Multi.Generic ( 1 )
23:19:36.0948 0x113c  Detect skipped due to KSN trusted
23:19:36.0948 0x113c  ehSched - ok
23:19:36.0995 0x113c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:19:37.0026 0x113c  elxstor - ok
23:19:37.0026 0x113c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:19:37.0041 0x113c  ErrDev - detected UnsignedFile.Multi.Generic ( 1 )
23:19:39.0849 0x113c  Detect skipped due to KSN trusted
23:19:39.0849 0x113c  ErrDev - ok
23:19:39.0881 0x113c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
23:19:39.0896 0x113c  EventSystem - detected UnsignedFile.Multi.Generic ( 1 )
23:19:42.0642 0x113c  Detect skipped due to KSN trusted
23:19:42.0642 0x113c  EventSystem - ok
23:19:42.0657 0x113c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:19:42.0657 0x113c  exfat - detected UnsignedFile.Multi.Generic ( 1 )
23:19:45.0403 0x113c  Detect skipped due to KSN trusted
23:19:45.0403 0x113c  exfat - ok
23:19:45.0419 0x113c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:19:45.0434 0x113c  fastfat - detected UnsignedFile.Multi.Generic ( 1 )
23:19:48.0195 0x113c  Detect skipped due to KSN trusted
23:19:48.0195 0x113c  fastfat - ok
23:19:48.0227 0x113c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
23:19:48.0242 0x113c  Fax - detected UnsignedFile.Multi.Generic ( 1 )
23:19:51.0050 0x113c  Detect skipped due to KSN trusted
23:19:51.0050 0x113c  Fax - ok
23:19:51.0066 0x113c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
23:19:51.0066 0x113c  fdc - detected UnsignedFile.Multi.Generic ( 1 )
23:19:53.0999 0x113c  Detect skipped due to KSN trusted
23:19:53.0999 0x113c  fdc - ok
23:19:53.0999 0x113c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
23:19:53.0999 0x113c  fdPHost - detected UnsignedFile.Multi.Generic ( 1 )
23:19:56.0931 0x113c  Detect skipped due to KSN trusted
23:19:56.0931 0x113c  fdPHost - ok
23:19:56.0947 0x113c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:19:56.0947 0x113c  FDResPub - detected UnsignedFile.Multi.Generic ( 1 )
23:19:59.0786 0x113c  Detect skipped due to KSN trusted
23:19:59.0786 0x113c  FDResPub - ok
23:19:59.0802 0x113c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:19:59.0817 0x113c  FileInfo - ok
23:19:59.0817 0x113c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:19:59.0817 0x113c  Filetrace - detected UnsignedFile.Multi.Generic ( 1 )
23:20:02.0719 0x113c  Detect skipped due to KSN trusted
23:20:02.0719 0x113c  Filetrace - ok
23:20:02.0750 0x113c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
23:20:02.0750 0x113c  flpydisk - detected UnsignedFile.Multi.Generic ( 1 )
23:20:09.0193 0x113c  Detect skipped due to KSN trusted
23:20:09.0193 0x113c  flpydisk - ok
23:20:09.0224 0x113c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:20:09.0224 0x113c  FltMgr - ok
23:20:09.0287 0x113c  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
23:20:09.0333 0x113c  FontCache - detected UnsignedFile.Multi.Generic ( 1 )
23:20:12.0095 0x113c  Detect skipped due to KSN trusted
23:20:12.0095 0x113c  FontCache - ok
23:20:12.0126 0x113c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:20:12.0141 0x113c  FontCache3.0.0.0 - ok
23:20:12.0204 0x113c  [ 2944A8AF3D8492CC8D5C1D2017153ABD, E1AB2E7C73295C18C31EE2FB6E2E561090BE23B46DC1438F5AEA2F0E923AE442 ] FoxitCloudUpdateService C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
23:20:12.0219 0x113c  FoxitCloudUpdateService - ok
23:20:12.0251 0x113c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:20:12.0251 0x113c  FsDepends - ok
23:20:12.0266 0x113c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:20:12.0282 0x113c  Fs_Rec - ok
23:20:12.0313 0x113c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:20:12.0329 0x113c  fvevol - ok
23:20:12.0375 0x113c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:20:12.0375 0x113c  gagp30kx - ok
23:20:12.0438 0x113c  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
23:20:12.0453 0x113c  gdrv - ok
23:20:12.0485 0x113c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
23:20:12.0500 0x113c  gpsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:20:15.0246 0x113c  Detect skipped due to KSN trusted
23:20:15.0246 0x113c  gpsvc - ok
23:20:15.0277 0x113c  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys
23:20:15.0293 0x113c  GVTDrv64 - ok
23:20:15.0293 0x113c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:20:15.0308 0x113c  hcw85cir - detected UnsignedFile.Multi.Generic ( 1 )
23:20:18.0147 0x113c  Detect skipped due to KSN trusted
23:20:18.0147 0x113c  hcw85cir - ok
23:20:18.0194 0x113c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:20:18.0194 0x113c  HdAudAddService - detected UnsignedFile.Multi.Generic ( 1 )
23:20:20.0924 0x113c  Detect skipped due to KSN trusted
23:20:20.0924 0x113c  HdAudAddService - ok
23:20:20.0971 0x113c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:20:20.0971 0x113c  HDAudBus - detected UnsignedFile.Multi.Generic ( 1 )
23:20:23.0748 0x113c  Detect skipped due to KSN trusted
23:20:23.0748 0x113c  HDAudBus - ok
23:20:23.0763 0x113c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
23:20:23.0763 0x113c  HidBatt - detected UnsignedFile.Multi.Generic ( 1 )
23:20:26.0509 0x113c  Detect skipped due to KSN trusted
23:20:26.0509 0x113c  HidBatt - ok
23:20:26.0525 0x113c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:20:26.0525 0x113c  HidBth - detected UnsignedFile.Multi.Generic ( 1 )
23:20:29.0348 0x113c  Detect skipped due to KSN trusted
23:20:29.0348 0x113c  HidBth - ok
23:20:29.0364 0x113c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:20:29.0364 0x113c  HidIr - detected UnsignedFile.Multi.Generic ( 1 )
23:20:32.0234 0x113c  Detect skipped due to KSN trusted
23:20:32.0234 0x113c  HidIr - ok
23:20:32.0250 0x113c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
23:20:32.0265 0x113c  hidserv - detected UnsignedFile.Multi.Generic ( 1 )
23:20:35.0183 0x113c  Detect skipped due to KSN trusted
23:20:35.0183 0x113c  hidserv - ok
23:20:35.0229 0x113c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:20:35.0229 0x113c  HidUsb - detected UnsignedFile.Multi.Generic ( 1 )
23:20:38.0038 0x113c  Detect skipped due to KSN trusted
23:20:38.0038 0x113c  HidUsb - ok
23:20:38.0069 0x113c  [ E7EF785213EB121023E670B4D28BC745, F1CFD528DC52F00FE738FDADFD285F4241702F41CE58A45F5A86A98AE066A19D ] hitmanpro37     C:\Windows\system32\drivers\hitmanpro37.sys
23:20:38.0084 0x113c  hitmanpro37 - ok
23:20:38.0100 0x113c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:20:38.0100 0x113c  hkmsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:20:40.0986 0x113c  Detect skipped due to KSN trusted
23:20:40.0986 0x113c  hkmsvc - ok
23:20:41.0017 0x113c  [ D3A6BCD0047EE7923C2C3960C4CDCA4D, DC947773EE362120CA1A41194A0B52C03AA608E00233B66E81A6C9AC73573EDE ] HMD             C:\Windows\system32\DRIVERS\hmd.sys
23:20:41.0033 0x113c  HMD - ok
23:20:41.0064 0x113c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:20:41.0080 0x113c  HomeGroupListener - detected UnsignedFile.Multi.Generic ( 1 )
23:20:43.0810 0x113c  Detect skipped due to KSN trusted
23:20:43.0810 0x113c  HomeGroupListener - ok
23:20:43.0841 0x113c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:20:43.0841 0x113c  HomeGroupProvider - detected UnsignedFile.Multi.Generic ( 1 )
23:20:46.0586 0x113c  Detect skipped due to KSN trusted
23:20:46.0586 0x113c  HomeGroupProvider - ok
23:20:46.0633 0x113c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:20:46.0633 0x113c  HpSAMD - ok
23:20:46.0696 0x113c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:20:46.0711 0x113c  HTTP - detected UnsignedFile.Multi.Generic ( 1 )
23:20:49.0472 0x113c  Detect skipped due to KSN trusted
23:20:49.0472 0x113c  HTTP - ok
23:20:49.0582 0x113c  [ E548929868BDFD3FC13B46D99605B764, 737C8A1210442533735F10BD80AFBB3E890D0CC9068F2406CA5C577C7C58B97C ] HuaweiHiSuiteService64.exe C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
23:20:50.0143 0x113c  HuaweiHiSuiteService64.exe - detected UnsignedFile.Multi.Generic ( 1 )
23:20:52.0951 0x113c  Detect skipped due to KSN trusted
23:20:52.0951 0x113c  HuaweiHiSuiteService64.exe - ok
23:20:52.0982 0x113c  HWHandSet - ok
23:20:52.0998 0x113c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:20:53.0014 0x113c  hwpolicy - ok
23:20:53.0029 0x113c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:20:53.0029 0x113c  i8042prt - detected UnsignedFile.Multi.Generic ( 1 )
23:20:55.0837 0x113c  Detect skipped due to KSN trusted
23:20:55.0837 0x113c  i8042prt - ok
23:20:55.0868 0x113c  [ 631FA8935163B01FC0C02966CB3ADB92, F6BDA41EB4AB0A7215A4ABC88461AF174E1439AC37D7663D43D43ABB68F70E2F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
23:20:55.0884 0x113c  iaStor - ok
23:20:55.0962 0x113c  [ 7493EA4DE41348F7D3EDBF9DB298F56A, D40BE4E8D90B5F6EF0B16F3B9E9F63273FE558492A560CB291C7DE2864794CCB ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
23:20:55.0962 0x113c  IAStorDataMgrSvc - ok
23:20:56.0009 0x113c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:20:56.0024 0x113c  iaStorV - ok
23:20:56.0056 0x113c  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:20:56.0056 0x113c  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
23:20:59.0035 0x113c  Detect skipped due to KSN trusted
23:20:59.0035 0x113c  IDriverT - ok
23:20:59.0082 0x113c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:20:59.0113 0x113c  idsvc - ok
23:20:59.0144 0x113c  IEEtwCollectorService - ok
23:20:59.0176 0x113c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:20:59.0176 0x113c  iirsp - ok
23:20:59.0222 0x113c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
23:20:59.0238 0x113c  IKEEXT - detected UnsignedFile.Multi.Generic ( 1 )
23:21:02.0046 0x113c  Detect skipped due to KSN trusted
23:21:02.0046 0x113c  IKEEXT - ok
23:21:02.0155 0x113c  [ 491DADCC74327FABC85E0AB80AF8F204, 6E2CCC161EBDE932F800C90DACD59568E10851FC74236D33ECBC654B1FBA71EA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:21:02.0233 0x113c  IntcAzAudAddService - ok
23:21:02.0264 0x113c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:21:02.0264 0x113c  intelide - ok
23:21:02.0296 0x113c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:21:02.0311 0x113c  intelppm - detected UnsignedFile.Multi.Generic ( 1 )
23:21:05.0197 0x113c  Detect skipped due to KSN trusted
23:21:05.0197 0x113c  intelppm - ok
23:21:05.0213 0x113c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:21:05.0228 0x113c  IPBusEnum - detected UnsignedFile.Multi.Generic ( 1 )
23:21:08.0052 0x113c  Detect skipped due to KSN trusted
23:21:08.0052 0x113c  IPBusEnum - ok
23:21:08.0068 0x113c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:21:08.0083 0x113c  IpFilterDriver - detected UnsignedFile.Multi.Generic ( 1 )
23:21:10.0954 0x113c  Detect skipped due to KSN trusted
23:21:10.0954 0x113c  IpFilterDriver - ok
23:21:11.0047 0x113c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:21:11.0063 0x113c  iphlpsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:21:13.0980 0x113c  Detect skipped due to KSN trusted
23:21:13.0980 0x113c  iphlpsvc - ok
23:21:13.0996 0x113c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:21:13.0996 0x113c  IPMIDRV - detected UnsignedFile.Multi.Generic ( 1 )
23:21:16.0741 0x113c  Detect skipped due to KSN trusted
23:21:16.0741 0x113c  IPMIDRV - ok
23:21:16.0772 0x113c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:21:16.0788 0x113c  IPNAT - detected UnsignedFile.Multi.Generic ( 1 )
23:21:19.0518 0x113c  Detect skipped due to KSN trusted
23:21:19.0518 0x113c  IPNAT - ok
23:21:19.0565 0x113c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:21:19.0565 0x113c  IRENUM - detected UnsignedFile.Multi.Generic ( 1 )
23:21:22.0310 0x113c  Detect skipped due to KSN trusted
23:21:22.0310 0x113c  IRENUM - ok
23:21:22.0326 0x113c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:21:22.0342 0x113c  isapnp - ok
23:21:22.0357 0x113c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:21:22.0373 0x113c  iScsiPrt - ok
23:21:22.0451 0x113c  [ F3A41EC4C6506E76E07A219B3A1DF8D2, B34FDAA453E6E089374B33533A89F76DEE1C2D14F9939AF3669B6F33FA41DD76 ] JMB36X          C:\Windows\SysWOW64\XSrvSetup.exe
23:21:22.0451 0x113c  JMB36X - ok
23:21:22.0498 0x113c  [ 1C368C1A2733DCC5B8E15420AA2B0F6D, C43A3534E33CEAEB8359D493FDB4663CB7C1E9286862B2CEE2788E9EA060DF1D ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
23:21:22.0513 0x113c  JRAID - ok
23:21:22.0544 0x113c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:21:22.0544 0x113c  kbdclass - ok
23:21:22.0591 0x113c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:21:22.0591 0x113c  kbdhid - detected UnsignedFile.Multi.Generic ( 1 )
23:21:25.0321 0x113c  Detect skipped due to KSN trusted
23:21:25.0321 0x113c  kbdhid - ok
23:21:25.0352 0x113c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
23:21:25.0368 0x113c  KeyIso - detected UnsignedFile.Multi.Generic ( 1 )
23:21:25.0368 0x113c  Detect skipped due to KSN trusted
23:21:25.0368 0x113c  KeyIso - ok
23:21:25.0384 0x113c  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:21:25.0399 0x113c  KSecDD - ok
23:21:25.0399 0x113c  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:21:25.0415 0x113c  KSecPkg - ok
23:21:25.0430 0x113c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:21:25.0430 0x113c  ksthunk - detected UnsignedFile.Multi.Generic ( 1 )
23:21:28.0176 0x113c  Detect skipped due to KSN trusted
23:21:28.0176 0x113c  ksthunk - ok
23:21:28.0207 0x113c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:21:28.0207 0x113c  KtmRm - detected UnsignedFile.Multi.Generic ( 1 )
23:21:31.0046 0x113c  Detect skipped due to KSN trusted
23:21:31.0046 0x113c  KtmRm - ok
23:21:31.0062 0x113c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
23:21:31.0078 0x113c  LanmanServer - detected UnsignedFile.Multi.Generic ( 1 )
23:21:33.0839 0x113c  Detect skipped due to KSN trusted
23:21:33.0839 0x113c  LanmanServer - ok
23:21:33.0886 0x113c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:21:33.0886 0x113c  LanmanWorkstation - detected UnsignedFile.Multi.Generic ( 1 )
23:21:36.0709 0x113c  Detect skipped due to KSN trusted
23:21:36.0709 0x113c  LanmanWorkstation - ok
23:21:36.0725 0x113c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:21:36.0725 0x113c  lltdio - detected UnsignedFile.Multi.Generic ( 1 )
23:21:39.0626 0x113c  Detect skipped due to KSN trusted
23:21:39.0626 0x113c  lltdio - ok
23:21:39.0642 0x113c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:21:39.0658 0x113c  lltdsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:21:42.0575 0x113c  Detect skipped due to KSN trusted
23:21:42.0575 0x113c  lltdsvc - ok
23:21:42.0590 0x113c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:21:42.0606 0x113c  lmhosts - detected UnsignedFile.Multi.Generic ( 1 )
23:21:45.0414 0x113c  Detect skipped due to KSN trusted
23:21:45.0414 0x113c  lmhosts - ok
23:21:45.0461 0x113c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:21:45.0461 0x113c  LSI_FC - ok
23:21:45.0492 0x113c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:21:45.0508 0x113c  LSI_SAS - ok
23:21:45.0508 0x113c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:21:45.0523 0x113c  LSI_SAS2 - ok
23:21:45.0539 0x113c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:21:45.0539 0x113c  LSI_SCSI - ok
23:21:45.0586 0x113c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
23:21:45.0586 0x113c  luafv - detected UnsignedFile.Multi.Generic ( 1 )
23:21:48.0487 0x113c  Detect skipped due to KSN trusted
23:21:48.0487 0x113c  luafv - ok
23:21:48.0659 0x113c  [ 28E521A6ABA9DE062A3719452816F495, B312A37DA052229DFB19353170CD5828582F8AC6426E857CA7C8ACA0DD91C160 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
23:21:48.0752 0x113c  MBAMService - ok
23:21:48.0799 0x113c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:21:48.0799 0x113c  Mcx2Svc - detected UnsignedFile.Multi.Generic ( 1 )
23:21:51.0701 0x113c  Detect skipped due to KSN trusted
23:21:51.0701 0x113c  Mcx2Svc - ok
23:21:51.0716 0x113c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
23:21:51.0732 0x113c  megasas - ok
23:21:51.0763 0x113c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
23:21:51.0779 0x113c  MegaSR - ok
23:21:51.0794 0x113c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
23:21:51.0794 0x113c  MMCSS - detected UnsignedFile.Multi.Generic ( 1 )
23:21:54.0556 0x113c  Detect skipped due to KSN trusted
23:21:54.0556 0x113c  MMCSS - ok
23:21:54.0587 0x113c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
23:21:54.0602 0x113c  Modem - detected UnsignedFile.Multi.Generic ( 1 )
23:21:57.0379 0x113c  Detect skipped due to KSN trusted
23:21:57.0379 0x113c  Modem - ok
23:21:57.0426 0x113c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:21:57.0426 0x113c  monitor - detected UnsignedFile.Multi.Generic ( 1 )
23:22:00.0250 0x113c  Detect skipped due to KSN trusted
23:22:00.0250 0x113c  monitor - ok
23:22:00.0281 0x113c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:22:00.0281 0x113c  mouclass - ok
23:22:00.0296 0x113c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:22:00.0296 0x113c  mouhid - detected UnsignedFile.Multi.Generic ( 1 )
23:22:03.0026 0x113c  Detect skipped due to KSN trusted
23:22:03.0026 0x113c  mouhid - ok
23:22:03.0042 0x113c  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:22:03.0058 0x113c  mountmgr - ok
23:22:03.0073 0x113c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:22:03.0073 0x113c  mpio - ok
23:22:03.0104 0x113c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:22:03.0104 0x113c  mpsdrv - detected UnsignedFile.Multi.Generic ( 1 )
23:22:05.0975 0x113c  Detect skipped due to KSN trusted
23:22:05.0975 0x113c  mpsdrv - ok
23:22:06.0022 0x113c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:22:06.0037 0x113c  MpsSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:22:08.0767 0x113c  Detect skipped due to KSN trusted
23:22:08.0767 0x113c  MpsSvc - ok
23:22:08.0798 0x113c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:22:08.0798 0x113c  MRxDAV - detected UnsignedFile.Multi.Generic ( 1 )
23:22:11.0622 0x113c  Detect skipped due to KSN trusted
23:22:11.0622 0x113c  MRxDAV - ok
23:22:11.0653 0x113c  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:22:11.0669 0x113c  mrxsmb - detected UnsignedFile.Multi.Generic ( 1 )
23:22:14.0570 0x113c  Detect skipped due to KSN trusted
23:22:14.0570 0x113c  mrxsmb - ok
23:22:14.0586 0x113c  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:22:14.0602 0x113c  mrxsmb10 - detected UnsignedFile.Multi.Generic ( 1 )
23:22:17.0503 0x113c  Detect skipped due to KSN trusted
23:22:17.0503 0x113c  mrxsmb10 - ok
23:22:17.0503 0x113c  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:22:17.0519 0x113c  mrxsmb20 - detected UnsignedFile.Multi.Generic ( 1 )
23:22:20.0327 0x113c  Detect skipped due to KSN trusted
23:22:20.0327 0x113c  mrxsmb20 - ok
23:22:20.0342 0x113c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:22:20.0358 0x113c  msahci - ok
23:22:20.0374 0x113c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:22:20.0389 0x113c  msdsm - ok
23:22:20.0389 0x113c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
23:22:20.0405 0x113c  MSDTC - detected UnsignedFile.Multi.Generic ( 1 )
23:22:23.0291 0x113c  Detect skipped due to KSN trusted
23:22:23.0291 0x113c  MSDTC - ok
23:22:23.0306 0x113c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:22:23.0306 0x113c  Msfs - detected UnsignedFile.Multi.Generic ( 1 )
23:22:26.0083 0x113c  Detect skipped due to KSN trusted
23:22:26.0083 0x113c  Msfs - ok
23:22:26.0114 0x113c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:22:26.0114 0x113c  mshidkmdf - detected UnsignedFile.Multi.Generic ( 1 )
23:22:28.0844 0x113c  Detect skipped due to KSN trusted
23:22:28.0844 0x113c  mshidkmdf - ok
23:22:28.0876 0x113c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:22:28.0876 0x113c  msisadrv - ok
23:22:28.0907 0x113c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:22:28.0907 0x113c  MSiSCSI - detected UnsignedFile.Multi.Generic ( 1 )
23:22:31.0653 0x113c  Detect skipped due to KSN trusted
23:22:31.0653 0x113c  MSiSCSI - ok
23:22:31.0653 0x113c  msiserver - ok
23:22:31.0684 0x113c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:22:31.0684 0x113c  MSKSSRV - detected UnsignedFile.Multi.Generic ( 1 )
23:22:34.0492 0x113c  Detect skipped due to KSN trusted
23:22:34.0492 0x113c  MSKSSRV - ok
23:22:34.0507 0x113c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:22:34.0507 0x113c  MSPCLOCK - detected UnsignedFile.Multi.Generic ( 1 )
23:22:37.0253 0x113c  Detect skipped due to KSN trusted
23:22:37.0253 0x113c  MSPCLOCK - ok
23:22:37.0253 0x113c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:22:37.0269 0x113c  MSPQM - detected UnsignedFile.Multi.Generic ( 1 )
23:22:40.0077 0x113c  Detect skipped due to KSN trusted
23:22:40.0077 0x113c  MSPQM - ok
23:22:40.0108 0x113c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:22:40.0123 0x113c  MsRPC - ok
23:22:40.0123 0x113c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:22:40.0139 0x113c  mssmbios - ok
23:22:40.0139 0x113c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:22:40.0139 0x113c  MSTEE - detected UnsignedFile.Multi.Generic ( 1 )
23:22:42.0885 0x113c  Detect skipped due to KSN trusted
23:22:42.0885 0x113c  MSTEE - ok
23:22:42.0900 0x113c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
23:22:42.0900 0x113c  MTConfig - detected UnsignedFile.Multi.Generic ( 1 )
23:22:45.0630 0x113c  Detect skipped due to KSN trusted
23:22:45.0630 0x113c  MTConfig - ok
23:22:45.0661 0x113c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
23:22:45.0661 0x113c  Mup - ok
23:22:45.0693 0x113c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
23:22:45.0708 0x113c  napagent - detected UnsignedFile.Multi.Generic ( 1 )
23:22:48.0594 0x113c  Detect skipped due to KSN trusted
23:22:48.0594 0x113c  napagent - ok
23:22:48.0641 0x113c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:22:48.0657 0x113c  NativeWifiP - detected UnsignedFile.Multi.Generic ( 1 )
23:22:51.0558 0x113c  Detect skipped due to KSN trusted
23:22:51.0558 0x113c  NativeWifiP - ok
23:22:51.0605 0x113c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:22:51.0636 0x113c  NDIS - ok
23:22:51.0652 0x113c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:22:51.0652 0x113c  NdisCap - detected UnsignedFile.Multi.Generic ( 1 )
23:22:54.0538 0x113c  Detect skipped due to KSN trusted
23:22:54.0538 0x113c  NdisCap - ok
23:22:54.0553 0x113c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:22:54.0553 0x113c  NdisTapi - detected UnsignedFile.Multi.Generic ( 1 )
23:22:57.0455 0x113c  Detect skipped due to KSN trusted
23:22:57.0455 0x113c  NdisTapi - ok
23:22:57.0471 0x113c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:22:57.0471 0x113c  Ndisuio - detected UnsignedFile.Multi.Generic ( 1 )
23:23:00.0232 0x113c  Detect skipped due to KSN trusted
23:23:00.0232 0x113c  Ndisuio - ok
23:23:00.0263 0x113c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:23:00.0279 0x113c  NdisWan - detected UnsignedFile.Multi.Generic ( 1 )
23:23:03.0040 0x113c  Detect skipped due to KSN trusted
23:23:03.0040 0x113c  NdisWan - ok
23:23:03.0055 0x113c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:23:03.0055 0x113c  NDProxy - detected UnsignedFile.Multi.Generic ( 1 )
23:23:05.0801 0x113c  Detect skipped due to KSN trusted
23:23:05.0801 0x113c  NDProxy - ok
23:23:05.0832 0x113c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:23:05.0832 0x113c  NetBIOS - detected UnsignedFile.Multi.Generic ( 1 )
23:23:08.0640 0x113c  Detect skipped due to KSN trusted
23:23:08.0640 0x113c  NetBIOS - ok
23:23:08.0656 0x113c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:23:08.0656 0x113c  NetBT - detected UnsignedFile.Multi.Generic ( 1 )
23:23:11.0417 0x113c  Detect skipped due to KSN trusted
23:23:11.0417 0x113c  NetBT - ok
23:23:11.0433 0x113c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
23:23:11.0433 0x113c  Netlogon - detected UnsignedFile.Multi.Generic ( 1 )
23:23:11.0433 0x113c  Detect skipped due to KSN trusted
23:23:11.0433 0x113c  Netlogon - ok
23:23:11.0464 0x113c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
23:23:11.0479 0x113c  Netman - detected UnsignedFile.Multi.Generic ( 1 )
23:23:14.0287 0x113c  Detect skipped due to KSN trusted
23:23:14.0287 0x113c  Netman - ok
23:23:14.0350 0x113c  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:23:14.0365 0x113c  NetMsmqActivator - ok
23:23:14.0381 0x113c  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:23:14.0381 0x113c  NetPipeActivator - ok
23:23:14.0412 0x113c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
23:23:14.0428 0x113c  netprofm - detected UnsignedFile.Multi.Generic ( 1 )
23:23:17.0158 0x113c  Detect skipped due to KSN trusted
23:23:17.0158 0x113c  netprofm - ok
23:23:17.0189 0x113c  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:23:17.0189 0x113c  NetTcpActivator - ok
23:23:17.0205 0x113c  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:23:17.0205 0x113c  NetTcpPortSharing - ok
23:23:17.0267 0x113c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:23:17.0267 0x113c  nfrd960 - ok
23:23:17.0314 0x113c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:23:17.0314 0x113c  NlaSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:23:20.0059 0x113c  Detect skipped due to KSN trusted
23:23:20.0059 0x113c  NlaSvc - ok
23:23:20.0059 0x113c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:23:20.0075 0x113c  Npfs - detected UnsignedFile.Multi.Generic ( 1 )
23:23:22.0961 0x113c  Detect skipped due to KSN trusted
23:23:22.0961 0x113c  Npfs - ok
23:23:22.0977 0x113c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
23:23:22.0977 0x113c  nsi - detected UnsignedFile.Multi.Generic ( 1 )
23:23:25.0878 0x113c  Detect skipped due to KSN trusted
23:23:25.0878 0x113c  nsi - ok
23:23:25.0894 0x113c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:23:25.0894 0x113c  nsiproxy - detected UnsignedFile.Multi.Generic ( 1 )
23:23:28.0702 0x113c  Detect skipped due to KSN trusted
23:23:28.0702 0x113c  nsiproxy - ok
23:23:28.0749 0x113c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:23:28.0780 0x113c  Ntfs - ok
23:23:28.0795 0x113c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
23:23:28.0811 0x113c  Null - detected UnsignedFile.Multi.Generic ( 1 )
23:23:31.0697 0x113c  Detect skipped due to KSN trusted
23:23:31.0697 0x113c  Null - ok
23:23:31.0713 0x113c  [ F5BC2345E8C89D4E90FAFD23A2239935, A6646BFB2A112C4C2556CEC6A3163B7943E08F42CB41C8A700C72CD797F7F1F1 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
23:23:31.0713 0x113c  nusb3hub - detected UnsignedFile.Multi.Generic ( 1 )
23:23:34.0474 0x113c  Detect skipped due to KSN trusted
23:23:34.0474 0x113c  nusb3hub - ok
23:23:34.0489 0x113c  [ 5D42578241BC2A9B4A64837077436D5F, D3D9F81DFE98834634331D9C95596AF27323371737860CAB45ABFAE4BA78E966 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
23:23:34.0489 0x113c  nusb3xhc - detected UnsignedFile.Multi.Generic ( 1 )
23:23:37.0235 0x113c  Detect skipped due to KSN trusted
23:23:37.0235 0x113c  nusb3xhc - ok
23:23:37.0282 0x113c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:23:37.0282 0x113c  nvraid - ok
23:23:37.0313 0x113c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:23:37.0329 0x113c  nvstor - ok
23:23:37.0329 0x113c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:23:37.0344 0x113c  nv_agp - ok
23:23:37.0360 0x113c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:23:37.0360 0x113c  ohci1394 - detected UnsignedFile.Multi.Generic ( 1 )
23:23:40.0090 0x113c  Detect skipped due to KSN trusted
23:23:40.0090 0x113c  ohci1394 - ok
23:23:40.0168 0x113c  [ AD630F092CE4D999E48E29D2FFBE9E46, F0F8397B67CDBF7B1A80A4B58B32470AF07E15D81EF7E2744693AA8C0818540A ] OpenVPNService  C:\Program Files (x86)\PureVPN\bin\openvpnserv.exe
23:23:40.0168 0x113c  OpenVPNService - ok
23:23:40.0199 0x113c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:23:40.0215 0x113c  p2pimsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:23:43.0054 0x113c  Detect skipped due to KSN trusted
23:23:43.0054 0x113c  p2pimsvc - ok
23:23:43.0085 0x113c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
23:23:43.0101 0x113c  p2psvc - detected UnsignedFile.Multi.Generic ( 1 )
23:23:45.0846 0x113c  Detect skipped due to KSN trusted
23:23:45.0846 0x113c  p2psvc - ok
23:23:45.0877 0x113c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:23:45.0877 0x113c  Parport - detected UnsignedFile.Multi.Generic ( 1 )
23:23:48.0654 0x113c  Detect skipped due to KSN trusted
23:23:48.0654 0x113c  Parport - ok
23:23:48.0685 0x113c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:23:48.0701 0x113c  partmgr - ok
23:23:48.0732 0x113c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:23:48.0732 0x113c  PcaSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:23:51.0462 0x113c  Detect skipped due to KSN trusted
23:23:51.0462 0x113c  PcaSvc - ok
23:23:51.0493 0x113c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
23:23:51.0493 0x113c  pci - ok
23:23:51.0540 0x113c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:23:51.0540 0x113c  pciide - ok
23:23:51.0556 0x113c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:23:51.0571 0x113c  pcmcia - ok
23:23:51.0587 0x113c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:23:51.0587 0x113c  pcw - ok
23:23:51.0618 0x113c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:23:51.0634 0x113c  PEAUTH - detected UnsignedFile.Multi.Generic ( 1 )
23:23:54.0457 0x113c  Detect skipped due to KSN trusted
23:23:54.0457 0x113c  PEAUTH - ok
23:23:54.0473 0x113c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:23:54.0473 0x113c  PerfHost - detected UnsignedFile.Multi.Generic ( 1 )
23:23:57.0390 0x113c  Detect skipped due to KSN trusted
23:23:57.0390 0x113c  PerfHost - ok
23:23:57.0453 0x113c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
23:23:57.0499 0x113c  pla - detected UnsignedFile.Multi.Generic ( 1 )
23:24:00.0323 0x113c  Detect skipped due to KSN trusted
23:24:00.0323 0x113c  pla - ok
23:24:00.0370 0x113c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:24:00.0385 0x113c  PlugPlay - detected UnsignedFile.Multi.Generic ( 1 )
23:24:03.0303 0x113c  Detect skipped due to KSN trusted
23:24:03.0303 0x113c  PlugPlay - ok
23:24:03.0318 0x113c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:24:03.0318 0x113c  PNRPAutoReg - detected UnsignedFile.Multi.Generic ( 1 )
23:24:06.0267 0x113c  Detect skipped due to KSN trusted
23:24:06.0267 0x113c  PNRPAutoReg - ok
23:24:06.0282 0x113c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:24:06.0298 0x113c  PNRPsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:24:06.0298 0x113c  Detect skipped due to KSN trusted
23:24:06.0298 0x113c  PNRPsvc - ok
23:24:06.0313 0x113c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:24:06.0329 0x113c  PolicyAgent - detected UnsignedFile.Multi.Generic ( 1 )
23:24:09.0079 0x113c  Detect skipped due to KSN trusted
23:24:09.0079 0x113c  PolicyAgent - ok
23:24:09.0126 0x113c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
23:24:09.0142 0x113c  Power - detected UnsignedFile.Multi.Generic ( 1 )
23:24:11.0903 0x113c  Detect skipped due to KSN trusted
23:24:11.0903 0x113c  Power - ok
23:24:11.0934 0x113c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:24:11.0934 0x113c  PptpMiniport - detected UnsignedFile.Multi.Generic ( 1 )
23:24:14.0680 0x113c  Detect skipped due to KSN trusted
23:24:14.0680 0x113c  PptpMiniport - ok
23:24:14.0695 0x113c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
23:24:14.0711 0x113c  Processor - detected UnsignedFile.Multi.Generic ( 1 )
23:24:17.0457 0x113c  Detect skipped due to KSN trusted
23:24:17.0457 0x113c  Processor - ok
23:24:17.0488 0x113c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:24:17.0488 0x113c  ProfSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:24:20.0296 0x113c  Detect skipped due to KSN trusted
23:24:20.0296 0x113c  ProfSvc - ok
23:24:20.0296 0x113c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
23:24:20.0311 0x113c  ProtectedStorage - detected UnsignedFile.Multi.Generic ( 1 )
23:24:20.0311 0x113c  Detect skipped due to KSN trusted
23:24:20.0311 0x113c  ProtectedStorage - ok
23:24:20.0343 0x113c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:24:20.0343 0x113c  Psched - detected UnsignedFile.Multi.Generic ( 1 )
23:24:23.0088 0x113c  Detect skipped due to KSN trusted
23:24:23.0088 0x113c  Psched - ok
23:24:23.0151 0x113c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:24:23.0197 0x113c  ql2300 - ok
23:24:23.0229 0x113c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:24:23.0229 0x113c  ql40xx - ok
23:24:23.0260 0x113c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
23:24:23.0260 0x113c  QWAVE - detected UnsignedFile.Multi.Generic ( 1 )
23:24:26.0099 0x113c  Detect skipped due to KSN trusted
23:24:26.0099 0x113c  QWAVE - ok
23:24:26.0115 0x113c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:24:26.0130 0x113c  QWAVEdrv - detected UnsignedFile.Multi.Generic ( 1 )
23:24:28.0860 0x113c  Detect skipped due to KSN trusted
23:24:28.0860 0x113c  QWAVEdrv - ok
23:24:28.0876 0x113c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:24:28.0876 0x113c  RasAcd - detected UnsignedFile.Multi.Generic ( 1 )
23:24:31.0700 0x113c  Detect skipped due to KSN trusted
23:24:31.0700 0x113c  RasAcd - ok
23:24:31.0746 0x113c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:24:31.0746 0x113c  RasAgileVpn - detected UnsignedFile.Multi.Generic ( 1 )
23:24:34.0648 0x113c  Detect skipped due to KSN trusted
23:24:34.0648 0x113c  RasAgileVpn - ok
23:24:34.0664 0x113c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
23:24:34.0664 0x113c  RasAuto - detected UnsignedFile.Multi.Generic ( 1 )
23:24:37.0565 0x113c  Detect skipped due to KSN trusted
23:24:37.0565 0x113c  RasAuto - ok
23:24:37.0581 0x113c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:24:37.0581 0x113c  Rasl2tp - detected UnsignedFile.Multi.Generic ( 1 )
23:24:40.0451 0x113c  Detect skipped due to KSN trusted
23:24:40.0451 0x113c  Rasl2tp - ok
23:24:40.0482 0x113c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
23:24:40.0482 0x113c  RasMan - detected UnsignedFile.Multi.Generic ( 1 )
23:24:43.0400 0x113c  Detect skipped due to KSN trusted
23:24:43.0400 0x113c  RasMan - ok
23:24:43.0415 0x113c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:24:43.0415 0x113c  RasPppoe - detected UnsignedFile.Multi.Generic ( 1 )
23:24:46.0348 0x113c  Detect skipped due to KSN trusted
23:24:46.0348 0x113c  RasPppoe - ok
23:24:46.0379 0x113c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:24:46.0379 0x113c  RasSstp - detected UnsignedFile.Multi.Generic ( 1 )
23:24:52.0806 0x113c  Detect skipped due to KSN trusted
23:24:52.0806 0x113c  RasSstp - ok
23:24:52.0838 0x113c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:24:52.0838 0x113c  rdbss - detected UnsignedFile.Multi.Generic ( 1 )
23:24:55.0614 0x113c  Detect skipped due to KSN trusted
23:24:55.0614 0x113c  rdbss - ok
23:24:55.0630 0x113c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
23:24:55.0630 0x113c  rdpbus - detected UnsignedFile.Multi.Generic ( 1 )
23:24:58.0391 0x113c  Detect skipped due to KSN trusted
23:24:58.0391 0x113c  rdpbus - ok
23:24:58.0422 0x113c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:24:58.0438 0x113c  RDPCDD - detected UnsignedFile.Multi.Generic ( 1 )
23:25:01.0246 0x113c  Detect skipped due to KSN trusted
23:25:01.0246 0x113c  RDPCDD - ok
23:25:01.0277 0x113c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:25:01.0277 0x113c  RDPENCDD - detected UnsignedFile.Multi.Generic ( 1 )
23:25:04.0007 0x113c  Detect skipped due to KSN trusted
23:25:04.0007 0x113c  RDPENCDD - ok
23:25:04.0023 0x113c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:25:04.0038 0x113c  RDPREFMP - detected UnsignedFile.Multi.Generic ( 1 )
23:25:06.0878 0x113c  Detect skipped due to KSN trusted
23:25:06.0878 0x113c  RDPREFMP - ok
23:25:06.0940 0x113c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:25:06.0940 0x113c  RdpVideoMiniport - detected UnsignedFile.Multi.Generic ( 1 )
23:25:09.0670 0x113c  Detect skipped due to KSN trusted
23:25:09.0670 0x113c  RdpVideoMiniport - ok
23:25:09.0717 0x113c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:25:09.0717 0x113c  RDPWD - detected UnsignedFile.Multi.Generic ( 1 )
23:25:12.0494 0x113c  Detect skipped due to KSN trusted
23:25:12.0494 0x113c  RDPWD - ok
23:25:12.0509 0x113c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:25:12.0525 0x113c  rdyboost - ok
23:25:12.0556 0x113c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:25:12.0572 0x113c  RemoteAccess - detected UnsignedFile.Multi.Generic ( 1 )
23:25:15.0411 0x113c  Detect skipped due to KSN trusted
23:25:15.0411 0x113c  RemoteAccess - ok
23:25:15.0442 0x113c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:25:15.0442 0x113c  RemoteRegistry - detected UnsignedFile.Multi.Generic ( 1 )
23:25:18.0344 0x113c  Detect skipped due to KSN trusted
23:25:18.0344 0x113c  RemoteRegistry - ok
23:25:18.0359 0x113c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:25:18.0359 0x113c  RpcEptMapper - detected UnsignedFile.Multi.Generic ( 1 )
23:25:21.0198 0x113c  Detect skipped due to KSN trusted
23:25:21.0198 0x113c  RpcEptMapper - ok
23:25:21.0283 0x113c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
23:25:21.0299 0x113c  RpcLocator - detected UnsignedFile.Multi.Generic ( 1 )
23:25:24.0239 0x113c  Detect skipped due to KSN trusted
23:25:24.0239 0x113c  RpcLocator - ok
23:25:24.0270 0x113c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
23:25:24.0286 0x113c  RpcSs - detected UnsignedFile.Multi.Generic ( 1 )
23:25:24.0286 0x113c  Detect skipped due to KSN trusted
23:25:24.0286 0x113c  RpcSs - ok
23:25:24.0302 0x113c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:25:24.0317 0x113c  rspndr - detected UnsignedFile.Multi.Generic ( 1 )
23:25:27.0206 0x113c  Detect skipped due to KSN trusted
23:25:27.0206 0x113c  rspndr - ok
23:25:27.0253 0x113c  [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A, 9F6CFBE7E64A63E0AFEF546C4B8D889657B2055CE80279EA1B63EB5650E730F8 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:25:27.0269 0x113c  RTL8167 - ok
23:25:27.0284 0x113c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe
23:25:27.0284 0x113c  SamSs - detected UnsignedFile.Multi.Generic ( 1 )
23:25:27.0284 0x113c  Detect skipped due to KSN trusted
23:25:27.0284 0x113c  SamSs - ok
23:25:27.0300 0x113c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:25:27.0300 0x113c  sbp2port - ok
23:25:27.0316 0x113c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:25:27.0331 0x113c  SCardSvr - detected UnsignedFile.Multi.Generic ( 1 )
23:25:30.0077 0x113c  Detect skipped due to KSN trusted
23:25:30.0077 0x113c  SCardSvr - ok
23:25:30.0092 0x113c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:25:30.0092 0x113c  scfilter - detected UnsignedFile.Multi.Generic ( 1 )
23:25:32.0840 0x113c  Detect skipped due to KSN trusted
23:25:32.0840 0x113c  scfilter - ok
23:25:32.0887 0x113c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
23:25:32.0918 0x113c  Schedule - detected UnsignedFile.Multi.Generic ( 1 )
23:25:35.0644 0x113c  Detect skipped due to KSN trusted
23:25:35.0644 0x113c  Schedule - ok
23:25:35.0675 0x113c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:25:35.0675 0x113c  SCPolicySvc - detected UnsignedFile.Multi.Generic ( 1 )
23:25:35.0675 0x113c  Detect skipped due to KSN trusted
23:25:35.0675 0x113c  SCPolicySvc - ok
23:25:35.0691 0x113c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:25:35.0691 0x113c  SDRSVC - detected UnsignedFile.Multi.Generic ( 1 )
23:25:38.0528 0x113c  Detect skipped due to KSN trusted
23:25:38.0528 0x113c  SDRSVC - ok
23:25:38.0699 0x113c  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
23:25:38.0730 0x113c  SDScannerService - ok
23:25:38.0886 0x113c  [ 94653C9CFDC15B30EEECD94BA7219654, 59F54AC9BC79C1BFBEA84992181C58AF434A3DDDF473C9BE942D3462875A8375 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
23:25:38.0996 0x113c  SDUpdateService - ok
23:25:39.0074 0x113c  [ A7C46DA2D7C25DAA810E1DE4B14D1478, 4A995EFBBB7B192CC25B24286D4864160692F4D16EA13E7138D17272B495ED6B ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
23:25:39.0089 0x113c  SDWSCService - ok
23:25:39.0136 0x113c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:25:39.0136 0x113c  secdrv - detected UnsignedFile.Multi.Generic ( 1 )
23:25:41.0887 0x113c  Detect skipped due to KSN trusted
23:25:41.0887 0x113c  secdrv - ok
23:25:41.0918 0x113c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
23:25:41.0918 0x113c  seclogon - detected UnsignedFile.Multi.Generic ( 1 )
23:25:44.0715 0x113c  Detect skipped due to KSN trusted
23:25:44.0715 0x113c  seclogon - ok
23:25:44.0730 0x113c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
23:25:44.0746 0x113c  SENS - detected UnsignedFile.Multi.Generic ( 1 )
23:25:47.0491 0x113c  Detect skipped due to KSN trusted
23:25:47.0491 0x113c  SENS - ok
23:25:47.0523 0x113c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:25:47.0523 0x113c  SensrSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:25:50.0362 0x113c  Detect skipped due to KSN trusted
23:25:50.0362 0x113c  SensrSvc - ok
23:25:50.0378 0x113c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:25:50.0378 0x113c  Serenum - detected UnsignedFile.Multi.Generic ( 1 )
23:25:53.0280 0x113c  Detect skipped due to KSN trusted
23:25:53.0280 0x113c  Serenum - ok
23:25:53.0296 0x113c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:25:53.0296 0x113c  Serial - detected UnsignedFile.Multi.Generic ( 1 )
23:25:56.0212 0x113c  Detect skipped due to KSN trusted
23:25:56.0212 0x113c  Serial - ok
23:25:56.0228 0x113c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:25:56.0228 0x113c  sermouse - detected UnsignedFile.Multi.Generic ( 1 )
23:25:59.0037 0x113c  Detect skipped due to KSN trusted
23:25:59.0037 0x113c  sermouse - ok
23:25:59.0053 0x113c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
23:25:59.0068 0x113c  SessionEnv - detected UnsignedFile.Multi.Generic ( 1 )
23:26:01.0954 0x113c  Detect skipped due to KSN trusted
23:26:01.0954 0x113c  SessionEnv - ok
23:26:01.0970 0x113c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:26:01.0970 0x113c  sffdisk - detected UnsignedFile.Multi.Generic ( 1 )
23:26:04.0866 0x113c  Detect skipped due to KSN trusted
23:26:04.0866 0x113c  sffdisk - ok
23:26:04.0866 0x113c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:26:04.0866 0x113c  sffp_mmc - detected UnsignedFile.Multi.Generic ( 1 )
23:26:07.0591 0x113c  Detect skipped due to KSN trusted
23:26:07.0591 0x113c  sffp_mmc - ok
23:26:07.0604 0x113c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:26:07.0604 0x113c  sffp_sd - detected UnsignedFile.Multi.Generic ( 1 )
23:26:10.0310 0x113c  Detect skipped due to KSN trusted
23:26:10.0310 0x113c  sffp_sd - ok
23:26:10.0325 0x113c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:26:10.0328 0x113c  sfloppy - detected UnsignedFile.Multi.Generic ( 1 )
23:26:13.0048 0x113c  Detect skipped due to KSN trusted
23:26:13.0048 0x113c  sfloppy - ok
23:26:13.0098 0x113c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:26:13.0110 0x113c  SharedAccess - detected UnsignedFile.Multi.Generic ( 1 )
23:26:15.0822 0x113c  Detect skipped due to KSN trusted
23:26:15.0822 0x113c  SharedAccess - ok
23:26:15.0854 0x113c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:26:15.0869 0x113c  ShellHWDetection - detected UnsignedFile.Multi.Generic ( 1 )
23:26:18.0638 0x113c  Detect skipped due to KSN trusted
23:26:18.0638 0x113c  ShellHWDetection - ok
23:26:18.0685 0x113c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:26:18.0701 0x113c  SiSRaid2 - ok
23:26:18.0701 0x113c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:26:18.0716 0x113c  SiSRaid4 - ok
23:26:18.0748 0x113c  [ 101556F6216E97F1258D87C38203695F, 49506CC2BB4630EB016CE806B3FFEDA183D17D16FFD04FC5A7850E5660C0C1E2 ] Smart TimeLock  C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
23:26:18.0763 0x113c  Smart TimeLock - detected UnsignedFile.Multi.Generic ( 1 )
23:26:21.0503 0x113c  Detect skipped due to KSN trusted
23:26:21.0503 0x113c  Smart TimeLock - ok
23:26:21.0535 0x113c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:26:21.0535 0x113c  Smb - detected UnsignedFile.Multi.Generic ( 1 )
23:26:24.0357 0x113c  Detect skipped due to KSN trusted
23:26:24.0357 0x113c  Smb - ok
23:26:24.0388 0x113c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:26:24.0388 0x113c  SNMPTRAP - detected UnsignedFile.Multi.Generic ( 1 )
23:26:27.0120 0x113c  Detect skipped due to KSN trusted
23:26:27.0120 0x113c  SNMPTRAP - ok
23:26:27.0136 0x113c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:26:27.0136 0x113c  spldr - ok
23:26:27.0167 0x113c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
23:26:27.0183 0x113c  Spooler - detected UnsignedFile.Multi.Generic ( 1 )
23:26:30.0006 0x113c  Detect skipped due to KSN trusted
23:26:30.0006 0x113c  Spooler - ok
23:26:30.0100 0x113c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
23:26:30.0178 0x113c  sppsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:26:33.0064 0x113c  Detect skipped due to KSN trusted
23:26:33.0064 0x113c  sppsvc - ok
23:26:33.0080 0x113c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:26:33.0080 0x113c  sppuinotify - detected UnsignedFile.Multi.Generic ( 1 )
23:26:35.0950 0x113c  Detect skipped due to KSN trusted
23:26:35.0950 0x113c  sppuinotify - ok
23:26:35.0981 0x113c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:26:35.0997 0x113c  srv - detected UnsignedFile.Multi.Generic ( 1 )
23:26:38.0877 0x113c  Detect skipped due to KSN trusted
23:26:38.0877 0x113c  srv - ok
23:26:38.0892 0x113c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:26:38.0908 0x113c  srv2 - detected UnsignedFile.Multi.Generic ( 1 )
23:26:41.0841 0x113c  Detect skipped due to KSN trusted
23:26:41.0841 0x113c  srv2 - ok
23:26:41.0856 0x113c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:26:41.0856 0x113c  srvnet - detected UnsignedFile.Multi.Generic ( 1 )
23:26:44.0596 0x113c  Detect skipped due to KSN trusted
23:26:44.0596 0x113c  srvnet - ok
23:26:44.0627 0x113c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:26:44.0643 0x113c  SSDPSRV - detected UnsignedFile.Multi.Generic ( 1 )
23:26:47.0389 0x113c  Detect skipped due to KSN trusted
23:26:47.0389 0x113c  SSDPSRV - ok
23:26:47.0404 0x113c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:26:47.0404 0x113c  SstpSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:26:50.0119 0x113c  Detect skipped due to KSN trusted
23:26:50.0119 0x113c  SstpSvc - ok
23:26:50.0228 0x113c  [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:26:50.0275 0x113c  Steam Client Service - ok
23:26:50.0306 0x113c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:26:50.0306 0x113c  stexstor - ok
23:26:50.0384 0x113c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
23:26:50.0384 0x113c  stisvc - detected UnsignedFile.Multi.Generic ( 1 )
23:26:53.0135 0x113c  Detect skipped due to KSN trusted
23:26:53.0135 0x113c  stisvc - ok
23:26:53.0135 0x113c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:26:53.0151 0x113c  swenum - ok
23:26:53.0182 0x113c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
23:26:53.0198 0x113c  swprv - detected UnsignedFile.Multi.Generic ( 1 )
23:26:55.0953 0x113c  Detect skipped due to KSN trusted
23:26:55.0953 0x113c  swprv - ok
23:26:56.0016 0x113c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
23:26:56.0047 0x113c  SysMain - detected UnsignedFile.Multi.Generic ( 1 )
23:26:58.0887 0x113c  Detect skipped due to KSN trusted
23:26:58.0887 0x113c  SysMain - ok
23:26:58.0903 0x113c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:26:58.0918 0x113c  TabletInputService - detected UnsignedFile.Multi.Generic ( 1 )
23:27:01.0664 0x113c  Detect skipped due to KSN trusted
23:27:01.0664 0x113c  TabletInputService - ok
23:27:01.0695 0x113c  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
23:27:01.0711 0x113c  tap0901 - ok
23:27:01.0711 0x113c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:27:01.0726 0x113c  TapiSrv - detected UnsignedFile.Multi.Generic ( 1 )
23:27:04.0550 0x113c  Detect skipped due to KSN trusted
23:27:04.0550 0x113c  TapiSrv - ok
23:27:04.0550 0x113c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
23:27:04.0565 0x113c  TBS - detected UnsignedFile.Multi.Generic ( 1 )
23:27:07.0447 0x113c  Detect skipped due to KSN trusted
23:27:07.0447 0x113c  TBS - ok
23:27:07.0525 0x113c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:27:07.0556 0x113c  Tcpip - ok
23:27:07.0650 0x113c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:27:07.0697 0x113c  TCPIP6 - ok
23:27:07.0744 0x113c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:27:07.0744 0x113c  tcpipreg - detected UnsignedFile.Multi.Generic ( 1 )
23:27:10.0529 0x113c  Detect skipped due to KSN trusted
23:27:10.0529 0x113c  tcpipreg - ok
23:27:10.0544 0x113c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:27:10.0544 0x113c  TDPIPE - detected UnsignedFile.Multi.Generic ( 1 )
23:27:13.0430 0x113c  Detect skipped due to KSN trusted
23:27:13.0430 0x113c  TDPIPE - ok
23:27:13.0477 0x113c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:27:13.0493 0x113c  TDTCP - detected UnsignedFile.Multi.Generic ( 1 )
23:27:16.0200 0x113c  Detect skipped due to KSN trusted
23:27:16.0200 0x113c  TDTCP - ok
23:27:16.0216 0x113c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:27:16.0216 0x113c  tdx - detected UnsignedFile.Multi.Generic ( 1 )
23:27:18.0968 0x113c  Detect skipped due to KSN trusted
23:27:18.0968 0x113c  tdx - ok
23:27:18.0988 0x113c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:27:18.0997 0x113c  TermDD - ok
23:27:19.0034 0x113c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
23:27:19.0051 0x113c  TermService - detected UnsignedFile.Multi.Generic ( 1 )
23:27:21.0770 0x113c  Detect skipped due to KSN trusted
23:27:21.0770 0x113c  TermService - ok
23:27:21.0795 0x113c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
23:27:21.0800 0x113c  Themes - detected UnsignedFile.Multi.Generic ( 1 )
23:27:24.0521 0x113c  Detect skipped due to KSN trusted
23:27:24.0521 0x113c  Themes - ok
23:27:24.0537 0x113c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
23:27:24.0552 0x113c  THREADORDER - detected UnsignedFile.Multi.Generic ( 1 )
23:27:24.0552 0x113c  Detect skipped due to KSN trusted
23:27:24.0552 0x113c  THREADORDER - ok
23:27:24.0616 0x113c  [ AE9F8EDAD88923BB1D5130760DA8323F, D1697DF5BFEB78CCDE962F6E655664888126D4D8892FBACE09296351C7AA6E29 ] TPLINKUDSMBus   C:\Windows\system32\drivers\TplinkUDSMBus.sys
23:27:24.0626 0x113c  TPLINKUDSMBus - ok
23:27:24.0681 0x113c  [ A000916C85E1C0A29643AD8824191304, 14DB77ECBC9F1F2B5CD4EB5C2A277D634F513A996433D116653095423F6365BB ] TplinkUDSTcpBus C:\Windows\system32\drivers\TplinkUDSTcpBus.sys
23:27:24.0693 0x113c  TplinkUDSTcpBus - ok
23:27:24.0707 0x113c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
23:27:24.0713 0x113c  TrkWks - detected UnsignedFile.Multi.Generic ( 1 )
23:27:27.0425 0x113c  Detect skipped due to KSN trusted
23:27:27.0425 0x113c  TrkWks - ok
23:27:27.0488 0x113c  [ 0D5A09B08568760AE85A801FCBC0F83D, 347ACBA74FDCBEAC671521739F8A34EC0E378CAF716C31F55616F9F843E4D0D3 ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
23:27:27.0488 0x113c  TrueSight - ok
23:27:27.0519 0x113c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:27:27.0534 0x113c  TrustedInstaller - detected UnsignedFile.Multi.Generic ( 1 )
23:27:30.0295 0x113c  Detect skipped due to KSN trusted
23:27:30.0295 0x113c  TrustedInstaller - ok
23:27:30.0310 0x113c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:27:30.0310 0x113c  tssecsrv - detected UnsignedFile.Multi.Generic ( 1 )
23:27:33.0088 0x113c  Detect skipped due to KSN trusted
23:27:33.0088 0x113c  tssecsrv - ok
23:27:33.0119 0x113c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:27:33.0119 0x113c  TsUsbFlt - detected UnsignedFile.Multi.Generic ( 1 )
23:27:36.0022 0x113c  Detect skipped due to KSN trusted
23:27:36.0022 0x113c  TsUsbFlt - ok
23:27:36.0053 0x113c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
23:27:36.0053 0x113c  TsUsbGD - detected UnsignedFile.Multi.Generic ( 1 )
23:27:38.0930 0x113c  Detect skipped due to KSN trusted
23:27:38.0930 0x113c  TsUsbGD - ok
23:27:38.0977 0x113c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:27:38.0977 0x113c  tunnel - detected UnsignedFile.Multi.Generic ( 1 )
23:27:41.0780 0x113c  Detect skipped due to KSN trusted
23:27:41.0780 0x113c  tunnel - ok
23:27:41.0796 0x113c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:27:41.0796 0x113c  uagp35 - ok
23:27:41.0811 0x113c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:27:41.0827 0x113c  udfs - detected UnsignedFile.Multi.Generic ( 1 )
23:27:44.0704 0x113c  Detect skipped due to KSN trusted
23:27:44.0704 0x113c  udfs - ok
23:27:44.0735 0x113c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:27:44.0735 0x113c  UI0Detect - detected UnsignedFile.Multi.Generic ( 1 )
23:27:47.0628 0x113c  Detect skipped due to KSN trusted
23:27:47.0628 0x113c  UI0Detect - ok
23:27:47.0659 0x113c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:27:47.0659 0x113c  uliagpkx - ok
23:27:47.0674 0x113c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:27:47.0674 0x113c  umbus - detected UnsignedFile.Multi.Generic ( 1 )
23:27:50.0424 0x113c  Detect skipped due to KSN trusted
23:27:50.0424 0x113c  umbus - ok
23:27:50.0456 0x113c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
23:27:50.0456 0x113c  UmPass - detected UnsignedFile.Multi.Generic ( 1 )
23:27:53.0201 0x113c  Detect skipped due to KSN trusted
23:27:53.0201 0x113c  UmPass - ok
23:27:53.0217 0x113c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
23:27:53.0232 0x113c  upnphost - detected UnsignedFile.Multi.Generic ( 1 )
23:27:56.0027 0x113c  Detect skipped due to KSN trusted
23:27:56.0027 0x113c  upnphost - ok
23:27:56.0089 0x113c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:27:56.0089 0x113c  usbccgp - detected UnsignedFile.Multi.Generic ( 1 )
23:27:58.0837 0x113c  Detect skipped due to KSN trusted
23:27:58.0837 0x113c  usbccgp - ok
23:27:58.0852 0x113c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:27:58.0852 0x113c  usbcir - detected UnsignedFile.Multi.Generic ( 1 )
23:28:01.0676 0x113c  Detect skipped due to KSN trusted
23:28:01.0676 0x113c  usbcir - ok
23:28:01.0692 0x113c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:28:01.0692 0x113c  usbehci - detected UnsignedFile.Multi.Generic ( 1 )
23:28:04.0430 0x113c  Detect skipped due to KSN trusted
23:28:04.0430 0x113c  usbehci - ok
23:28:04.0477 0x113c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:28:04.0492 0x113c  usbhub - detected UnsignedFile.Multi.Generic ( 1 )
23:28:07.0209 0x113c  Detect skipped due to KSN trusted
23:28:07.0209 0x113c  usbhub - ok
23:28:07.0240 0x113c  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:28:07.0240 0x113c  usbohci - detected UnsignedFile.Multi.Generic ( 1 )
23:28:10.0079 0x113c  Detect skipped due to KSN trusted
23:28:10.0079 0x113c  usbohci - ok
23:28:10.0110 0x113c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:28:10.0110 0x113c  usbprint - detected UnsignedFile.Multi.Generic ( 1 )
23:28:13.0028 0x113c  Detect skipped due to KSN trusted
23:28:13.0028 0x113c  usbprint - ok
23:28:13.0043 0x113c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
23:28:13.0043 0x113c  usbscan - detected UnsignedFile.Multi.Generic ( 1 )
23:28:15.0921 0x113c  Detect skipped due to KSN trusted
23:28:15.0921 0x113c  usbscan - ok
23:28:15.0968 0x113c  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\USBSER.sys
23:28:15.0984 0x113c  usbser - detected UnsignedFile.Multi.Generic ( 1 )
23:28:18.0765 0x113c  Detect skipped due to KSN trusted
23:28:18.0765 0x113c  usbser - ok
23:28:18.0780 0x113c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:28:18.0780 0x113c  USBSTOR - detected UnsignedFile.Multi.Generic ( 1 )
23:28:21.0682 0x113c  Detect skipped due to KSN trusted
23:28:21.0682 0x113c  USBSTOR - ok
23:28:21.0697 0x113c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:28:21.0697 0x113c  usbuhci - detected UnsignedFile.Multi.Generic ( 1 )
23:28:24.0614 0x113c  Detect skipped due to KSN trusted
23:28:24.0614 0x113c  usbuhci - ok
23:28:24.0630 0x113c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
23:28:24.0646 0x113c  UxSms - detected UnsignedFile.Multi.Generic ( 1 )
23:28:27.0378 0x113c  Detect skipped due to KSN trusted
23:28:27.0378 0x113c  UxSms - ok
23:28:27.0391 0x113c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
23:28:27.0395 0x113c  VaultSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:28:27.0395 0x113c  Detect skipped due to KSN trusted
23:28:27.0395 0x113c  VaultSvc - ok
23:28:27.0418 0x113c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:28:27.0427 0x113c  vdrvroot - ok
23:28:27.0447 0x113c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
23:28:27.0463 0x113c  vds - detected UnsignedFile.Multi.Generic ( 1 )
23:28:30.0189 0x113c  Detect skipped due to KSN trusted
23:28:30.0189 0x113c  vds - ok
23:28:30.0224 0x113c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:28:30.0228 0x113c  vga - detected UnsignedFile.Multi.Generic ( 1 )
23:28:32.0938 0x113c  Detect skipped due to KSN trusted
23:28:32.0938 0x113c  vga - ok
23:28:32.0938 0x113c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:28:32.0953 0x113c  VgaSave - detected UnsignedFile.Multi.Generic ( 1 )
23:28:35.0726 0x113c  Detect skipped due to KSN trusted
23:28:35.0726 0x113c  VgaSave - ok
23:28:35.0739 0x113c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:28:35.0755 0x113c  vhdmp - ok
23:28:35.0802 0x113c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:28:35.0802 0x113c  viaide - ok
23:28:35.0817 0x113c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:28:35.0835 0x113c  volmgr - ok
23:28:35.0840 0x113c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:28:35.0856 0x113c  volmgrx - ok
23:28:35.0871 0x113c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:28:35.0887 0x113c  volsnap - ok
23:28:35.0902 0x113c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:28:35.0918 0x113c  vsmraid - ok
23:28:35.0980 0x113c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
23:28:36.0012 0x113c  VSS - detected UnsignedFile.Multi.Generic ( 1 )
23:28:38.0746 0x113c  Detect skipped due to KSN trusted
23:28:38.0746 0x113c  VSS - ok
23:28:38.0762 0x113c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
23:28:38.0762 0x113c  vwifibus - detected UnsignedFile.Multi.Generic ( 1 )
23:28:41.0586 0x113c  Detect skipped due to KSN trusted
23:28:41.0586 0x113c  vwifibus - ok
23:28:41.0633 0x113c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
23:28:41.0649 0x113c  W32Time - detected UnsignedFile.Multi.Generic ( 1 )
23:28:44.0362 0x113c  Detect skipped due to KSN trusted
23:28:44.0363 0x113c  W32Time - ok
23:28:44.0380 0x113c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:28:44.0380 0x113c  WacomPen - detected UnsignedFile.Multi.Generic ( 1 )
23:28:47.0225 0x113c  Detect skipped due to KSN trusted
23:28:47.0226 0x113c  WacomPen - ok
23:28:47.0249 0x113c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:28:47.0253 0x113c  WANARP - detected UnsignedFile.Multi.Generic ( 1 )
23:28:50.0137 0x113c  Detect skipped due to KSN trusted
23:28:50.0137 0x113c  WANARP - ok
23:28:50.0137 0x113c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:28:50.0137 0x113c  Wanarpv6 - detected UnsignedFile.Multi.Generic ( 1 )
23:28:50.0137 0x113c  Detect skipped due to KSN trusted
23:28:50.0137 0x113c  Wanarpv6 - ok
23:28:50.0231 0x113c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
23:28:50.0278 0x113c  WatAdminSvc - ok
23:28:50.0340 0x113c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
23:28:50.0387 0x113c  wbengine - detected UnsignedFile.Multi.Generic ( 1 )
23:28:53.0290 0x113c  Detect skipped due to KSN trusted
23:28:53.0290 0x113c  wbengine - ok
23:28:53.0321 0x113c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:28:53.0321 0x113c  WbioSrvc - detected UnsignedFile.Multi.Generic ( 1 )
23:28:56.0177 0x113c  Detect skipped due to KSN trusted
23:28:56.0177 0x113c  WbioSrvc - ok
23:28:56.0208 0x113c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:28:56.0224 0x113c  wcncsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:28:59.0148 0x113c  Detect skipped due to KSN trusted
23:28:59.0148 0x113c  wcncsvc - ok
23:28:59.0163 0x113c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:28:59.0179 0x113c  WcsPlugInService - detected UnsignedFile.Multi.Generic ( 1 )
23:29:01.0956 0x113c  Detect skipped due to KSN trusted
23:29:01.0956 0x113c  WcsPlugInService - ok
23:29:01.0971 0x113c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
23:29:01.0987 0x113c  Wd - ok
23:29:02.0018 0x113c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:29:02.0049 0x113c  Wdf01000 - ok
23:29:02.0065 0x113c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:29:02.0065 0x113c  WdiServiceHost - detected UnsignedFile.Multi.Generic ( 1 )
23:29:04.0842 0x113c  Detect skipped due to KSN trusted
23:29:04.0842 0x113c  WdiServiceHost - ok
23:29:04.0842 0x113c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:29:04.0842 0x113c  WdiSystemHost - detected UnsignedFile.Multi.Generic ( 1 )
23:29:04.0842 0x113c  Detect skipped due to KSN trusted
23:29:04.0842 0x113c  WdiSystemHost - ok
23:29:04.0873 0x113c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
23:29:04.0873 0x113c  WebClient - detected UnsignedFile.Multi.Generic ( 1 )
23:29:07.0619 0x113c  Detect skipped due to KSN trusted
23:29:07.0619 0x113c  WebClient - ok
23:29:07.0665 0x113c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:29:07.0681 0x113c  Wecsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:29:10.0473 0x113c  Detect skipped due to KSN trusted
23:29:10.0473 0x113c  Wecsvc - ok
23:29:10.0489 0x113c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:29:10.0505 0x113c  wercplsupport - detected UnsignedFile.Multi.Generic ( 1 )
23:29:13.0258 0x113c  Detect skipped due to KSN trusted
23:29:13.0258 0x113c  wercplsupport - ok
23:29:13.0289 0x113c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:29:13.0289 0x113c  WerSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:29:16.0128 0x113c  Detect skipped due to KSN trusted
23:29:16.0128 0x113c  WerSvc - ok
23:29:16.0144 0x113c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:29:16.0144 0x113c  WfpLwf - detected UnsignedFile.Multi.Generic ( 1 )
23:29:18.0920 0x113c  Detect skipped due to KSN trusted
23:29:18.0920 0x113c  WfpLwf - ok
23:29:18.0936 0x113c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:29:18.0952 0x113c  WIMMount - ok
23:29:18.0967 0x113c  WinDefend - ok
23:29:18.0983 0x113c  WinHttpAutoProxySvc - ok
23:29:19.0030 0x113c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:29:19.0038 0x113c  Winmgmt - detected UnsignedFile.Multi.Generic ( 1 )
23:29:21.0747 0x113c  Detect skipped due to KSN trusted
23:29:21.0747 0x113c  Winmgmt - ok
23:29:21.0840 0x113c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
23:29:21.0903 0x113c  WinRM - detected UnsignedFile.Multi.Generic ( 1 )
23:29:24.0789 0x113c  Detect skipped due to KSN trusted
23:29:24.0789 0x113c  WinRM - ok
23:29:24.0851 0x113c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:29:24.0851 0x113c  WinUsb - detected UnsignedFile.Multi.Generic ( 1 )
23:29:27.0755 0x113c  Detect skipped due to KSN trusted
23:29:27.0755 0x113c  WinUsb - ok
23:29:27.0801 0x113c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:29:27.0817 0x113c  Wlansvc - detected UnsignedFile.Multi.Generic ( 1 )
23:29:30.0643 0x113c  Detect skipped due to KSN trusted
23:29:30.0643 0x113c  Wlansvc - ok
23:29:30.0658 0x113c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:29:30.0658 0x113c  WmiAcpi - detected UnsignedFile.Multi.Generic ( 1 )
23:29:33.0567 0x113c  Detect skipped due to KSN trusted
23:29:33.0567 0x113c  WmiAcpi - ok
23:29:33.0598 0x113c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:29:33.0614 0x113c  wmiApSrv - detected UnsignedFile.Multi.Generic ( 1 )
23:29:36.0531 0x113c  Detect skipped due to KSN trusted
23:29:36.0531 0x113c  wmiApSrv - ok
23:29:36.0562 0x113c  WMPNetworkSvc - ok
23:29:36.0593 0x113c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:29:36.0593 0x113c  WPCSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:29:39.0339 0x113c  Detect skipped due to KSN trusted
23:29:39.0339 0x113c  WPCSvc - ok
23:29:39.0354 0x113c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:29:39.0354 0x113c  WPDBusEnum - detected UnsignedFile.Multi.Generic ( 1 )
23:29:42.0063 0x113c  Detect skipped due to KSN trusted
23:29:42.0063 0x113c  WPDBusEnum - ok
23:29:42.0095 0x113c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:29:42.0095 0x113c  ws2ifsl - detected UnsignedFile.Multi.Generic ( 1 )
23:29:44.0777 0x113c  Detect skipped due to KSN trusted
23:29:44.0777 0x113c  ws2ifsl - ok
23:29:44.0808 0x113c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
23:29:44.0808 0x113c  wscsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:29:47.0544 0x113c  Detect skipped due to KSN trusted
23:29:47.0544 0x113c  wscsvc - ok
23:29:47.0547 0x113c  WSearch - ok
23:29:47.0630 0x113c  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:29:47.0676 0x113c  wuauserv - detected UnsignedFile.Multi.Generic ( 1 )
23:29:50.0478 0x113c  Detect skipped due to KSN trusted
23:29:50.0478 0x113c  wuauserv - ok
23:29:50.0509 0x113c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:29:50.0509 0x113c  WudfPf - detected UnsignedFile.Multi.Generic ( 1 )
23:29:53.0209 0x113c  Detect skipped due to KSN trusted
23:29:53.0209 0x113c  WudfPf - ok
23:29:53.0271 0x113c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:29:53.0271 0x113c  WUDFRd - detected UnsignedFile.Multi.Generic ( 1 )
23:29:56.0079 0x113c  Detect skipped due to KSN trusted
23:29:56.0079 0x113c  WUDFRd - ok
23:29:56.0095 0x113c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:29:56.0095 0x113c  wudfsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:29:58.0823 0x113c  Detect skipped due to KSN trusted
23:29:58.0823 0x113c  wudfsvc - ok
23:29:58.0823 0x113c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:29:58.0839 0x113c  WwanSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:30:01.0566 0x113c  Detect skipped due to KSN trusted
23:30:01.0566 0x113c  WwanSvc - ok
23:30:01.0597 0x113c  ================ Scan global ===============================
23:30:01.0613 0x113c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
23:30:01.0644 0x113c  [ A171AC55EE4B4EE35C18EF0977017A72, E0E3E3B1C3708C30C7292CA09E41CA6C49EB850699126C6D2C0383A72C0097A6 ] C:\Windows\system32\winsrv.dll
23:30:01.0644 0x113c  [ A171AC55EE4B4EE35C18EF0977017A72, E0E3E3B1C3708C30C7292CA09E41CA6C49EB850699126C6D2C0383A72C0097A6 ] C:\Windows\system32\winsrv.dll
23:30:01.0659 0x113c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:30:01.0691 0x113c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
23:30:01.0691 0x113c  [ Global ] - ok
23:30:01.0691 0x113c  ================ Scan MBR ==================================
23:30:01.0691 0x113c  [ EA923EB0EC0060F1451E9AD7B5762CFE ] \Device\Harddisk0\DR0
23:30:01.0784 0x113c  \Device\Harddisk0\DR0 - ok
23:30:01.0784 0x113c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
23:30:01.0847 0x113c  \Device\Harddisk1\DR1 - ok
23:30:01.0847 0x113c  ================ Scan VBR ==================================
23:30:01.0847 0x113c  [ 709856C1330065663B3B635E215CCA9F ] \Device\Harddisk0\DR0\Partition1
23:30:01.0847 0x113c  \Device\Harddisk0\DR0\Partition1 - ok
23:30:01.0847 0x113c  ================ Scan generic autorun ======================
23:30:01.0971 0x113c  [ 666FEA598D1776C7F8EDD7746F0F7F59, 54E330BCDBAB646B555DACC15F9CFB0AD6A05BF4E273F73C5133259EEE976C21 ] C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe
23:30:02.0049 0x113c  Malwarebytes TrayApp - ok
23:30:02.0065 0x113c  [ 9E279D1BC39F5C6C530F0A0DB1D2DC98, A8CBB368E306DD72671B63A25C595E0F360768CBBB5C42C01899343BB7B79023 ] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
23:30:02.0081 0x113c  EasyTuneVI - detected UnsignedFile.Multi.Generic ( 1 )
23:30:04.0889 0x113c  Detect skipped due to KSN trusted
23:30:04.0889 0x113c  EasyTuneVI - ok
23:30:04.0889 0x113c  Waiting for KSN requests completion. In queue: 1
23:30:05.0903 0x113c  Waiting for KSN requests completion. In queue: 1
23:30:06.0903 0x113c  Waiting for KSN requests completion. In queue: 1
23:30:07.0917 0x113c  AV detected via SS2: COMODO Cloud Antivirus, C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe ( 1.8.12542.403 ), 0x61000 ( enabled : updated )
23:30:07.0917 0x113c  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.134 ), 0x60000 ( disabled : updated )
23:30:07.0917 0x113c  Win FW state via NFP2: enabled ( trusted )
23:30:10.0769 0x113c  ============================================================
23:30:10.0769 0x113c  Scan finished
23:30:10.0769 0x113c  ============================================================
23:30:10.0769 0x13b8  Detected object count: 0
23:30:10.0769 0x13b8  Actual detected object count: 0
23:30:25.0482 0x0bb8  Deinitialize success
 

 



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:31 AM

Posted 05 January 2017 - 03:38 PM

Hello, I feel we should get a deeper look. Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,106 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:31 AM

Posted 05 January 2017 - 06:16 PM

MRL topic at https://www.bleepingcomputer.com/forums/t/636622/trojan-rootkit-or-some-win32-infection .

 

This topic in AII is now closed to avoid confusion.

 

Louis






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users