Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

The site's security certificate is not trusted! I've tried

Started by pyaarawala , Dec 17 2012 09:25 AM

Please log in to reply

#1
pyaarawala

Posted 17 December 2012 - 09:25 AM

Member

Member
29 posts

Hello all! I'm new to this site. And I've tried everything but can't get Google Chrome (and Internet Explorer) to load SSL (whatever that is) websites. Gmail, Google Extensions, sometimes Facebook, Hotmail, all don't work. Most of them don't have the Proceed Anyway button, but when they do, it's useless because it takes me to some random HTML version of the site where I really can't do anything.

What I've tried:

1) Checking my Time & Date and it's all correct.
2) Exporting and importing the certificates by clicking on the padlock and going to certificate information, etc.
3) Reinstalling chrome 2x didn't solve the issue. The second time I reinstalled it I made sure I deleted all my bookmarks, cookies, and history just in case. And it still won't work and I can't login to my Google Chrome login to sync all my information.

The only way I can visit most sites now is through Firefox, which seems to work but I hate Firefox. It's much slower than Chrome and gives me numerous other problems. What am I supposed to do? This has been going on for days now and I can't stand it! Do I have to format my whole PC and reinstall Windows? I run Vista by the way.

Edited by pyaarawala, 17 December 2012 - 09:25 AM.

#2
RKinner

Posted 17 December 2012 - 12:02 PM

Malware Expert

Expert
24,625 posts

Do you have Kaspersky anti-virus? They send all of your network traffic out through one of their own programs and will cause that error. There is a procedure (poorly written) on their website which tells how to set it up so it will work. http://support.kaspersky.com/6851

If this is something which just started without an anti-virus change or upgrade then you may have an infection. Follow the instructions in the first post in our Malware forum. http://www.geekstogo...cleaning-guide/ (They don't tell you to but if you get a second Extras log it helps to also include that. Try to copy and paste into a single post. Attachments should only be used if the logs are too big.) We are pretty much up-to-date in the malware forum so you should hear back fairly quickly.

Ron

#3
pyaarawala

Posted 17 December 2012 - 05:57 PM

Member

Topic Starter
Member
29 posts

Thank you so much for the prompt and informative reply! No I don't have Kaspersky antivirus. I had Norton 360 which suddenly just stopped working for me and it said I had to reinstall it for it to work, therefore losing the rest of my subscription days. Every since then this problem began to occur. I will install Avira free antivirus once I resolve this issue. I already have Adaware and Spybot (both free versions) installed. Here's my OTL log:

OTL logfile created on: 12/18/2012 7:43:40 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\pyaarawala\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19393)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.99 Gb Total Physical Memory | 2.36 Gb Available Physical Memory | 59.13% Memory free
8.17 Gb Paging File | 6.44 Gb Available in Paging File | 78.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.09 Gb Total Space | 59.22 Gb Free Space | 20.56% Space Free | Partition Type: NTFS

Computer Name: PYAARAWALA-PC | User Name: pyaarawala | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/18 07:43:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pyaarawala\Desktop\OTL.exe
PRC - [2012/12/11 10:58:44 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe
PRC - [2012/11/29 16:27:34 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/09/26 09:33:28 | 001,807,280 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe
PRC - [2012/08/31 13:07:41 | 001,191,768 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2012/05/23 16:15:58 | 002,152,720 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/09/26 21:16:38 | 000,042,440 | ---- | M] (ICBC OEM From Mingwah Technologies Co., Ltd) -- C:\Program Files (x86)\ICBCEbankTools\MingWah\MWREGICBC.exe
PRC - [2010/11/10 18:16:42 | 031,095,432 | ---- | M] (Dmailer S.A.) -- C:\Users\pyaarawala\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
PRC - [2009/07/27 08:57:10 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\pyaarawala\AppData\Roaming\Mobile Card\ouc.exe
PRC - [2009/03/06 04:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/27 03:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/01/30 05:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/07/13 07:36:12 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/07/13 07:36:10 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/01/05 05:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe

========== Modules (No Company Name) ==========

MOD - [2012/11/29 16:27:37 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/09/26 09:33:28 | 009,813,424 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/11/11 01:15:34 | 012,690,568 | ---- | M] () -- C:\Users\pyaarawala\AppData\Roaming\SanDisk\My Vaults\dmBackup.dll
MOD - [2010/11/11 01:15:34 | 010,674,312 | ---- | M] () -- C:\Users\pyaarawala\AppData\Roaming\SanDisk\My Vaults\dmEngineAPP.dll

========== Services (SafeList) ==========

SRV:64bit: - [2008/06/12 02:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/21 10:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/11 11:11:30 | 000,015,872 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV - [2012/11/29 16:27:36 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/26 12:41:23 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/03 04:31:22 | 000,037,888 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2012/05/23 16:15:58 | 002,152,720 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/03/19 01:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/19 01:47:56 | 000,321,320 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/03/30 12:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/05 15:20:07 | 000,658,432 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/01/30 05:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008/01/30 01:09:58 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/09/13 06:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/07/13 07:36:12 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/01/05 05:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/25 12:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/02/29 21:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/25 02:50:36 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/11/03 12:06:56 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\Lbd.sys -- (Lbd)
DRV:64bit: - [2009/12/07 19:53:26 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009/10/12 15:23:22 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009/10/01 08:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/04 05:30:20 | 000,128,512 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tiehdusb.sys -- (TIEHDUSB)
DRV:64bit: - [2009/05/19 01:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/11 13:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2008/10/05 05:28:02 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2008/04/17 02:49:34 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008/02/29 14:59:32 | 001,252,352 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/01/01 17:53:08 | 007,172,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2007/09/28 12:13:32 | 000,060,416 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2007/09/07 10:26:06 | 000,392,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2007/07/13 07:35:44 | 000,381,976 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2007/06/29 06:59:44 | 000,058,128 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tcusb.sys -- (TcUsb)
DRV:64bit: - [2007/06/21 07:57:36 | 000,029,184 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\motmodem.sys -- (motmodem)
DRV:64bit: - [2007/05/24 08:47:28 | 000,020,784 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2007/04/30 21:50:24 | 003,146,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw4v64.sys -- (NETw4v64)
DRV:64bit: - [2007/04/26 17:38:44 | 000,305,976 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2007/02/16 15:18:36 | 000,088,064 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV - [2012/08/01 08:34:21 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/01/01 16:35:44 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2008/06/12 02:13:24 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=PTB&M=M-6880
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=PTB&M=M-6880
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=PTB&M=M-6880
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...ys=PTB&M=M-6880
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...nType=TB50TRie7
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=PTB&M=M-6880
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.taobao.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {61D83087-A854-464C-B9E8-B040B1F02BDB}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...nType=TB50TRie7
IE - HKCU\..\SearchScopes\{61D83087-A854-464C-B9E8-B040B1F02BDB}: "URL" = http://www.google.co...1I7GWYE_enUS294
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://thefreevpn.com/home.php"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.7.0088
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@alipay.com/npaliedit: C:\Windows\system32\aliedit\2.5.0.3\npaliedit.dll (Alipay.com co.,ltd)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@qq.com/npqscall,version=1.0.0: %commonprogramfiles%\tencent\NPQSCALL\npqscall.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohTVPlugin: C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll (Veoh Networks )
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohWebPlayer: C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll (Veoh)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\pyaarawala\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\pyaarawala\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\pyaarawala\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\pyaarawala\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\pyaarawala\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/02/14 13:26:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/17 22:18:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/17 22:06:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\FFVideoFinder [2009/07/14 00:03:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\pyaarawala\AppData\Roaming\Move Networks [2009/07/28 10:45:10 | 000,000,000 | ---D | M]

[2009/09/12 15:58:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pyaarawala\AppData\Roaming\Mozilla\Extensions
[2012/12/17 21:55:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pyaarawala\AppData\Roaming\Mozilla\Firefox\Profiles\aztmlfqm.default\extensions
[2012/12/17 21:45:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\pyaarawala\AppData\Roaming\Mozilla\Firefox\Profiles\aztmlfqm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/22 01:01:52 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\pyaarawala\AppData\Roaming\Mozilla\Firefox\Profiles\aztmlfqm.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/09/12 15:58:28 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\pyaarawala\AppData\Roaming\Mozilla\Firefox\Profiles\aztmlfqm.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2012/12/17 22:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/24 12:42:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/06/23 14:47:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/09/04 00:59:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/11/29 16:27:51 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2008/09/04 08:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npbittorrent.dll
[2007/04/17 01:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npViewpoint.dll
[2012/11/29 16:27:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/29 16:27:12 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.taobao.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.taobao.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\pyaarawala\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\pyaarawala\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\pyaarawala\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: VeohTV Plugin (Enabled) = C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
CHR - plugin: Veoh Web Player Beta (Enabled) = C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\pyaarawala\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Alipay security control (Enabled) = C:\Windows\system32\aliedit\2.5.0.3\npaliedit.dll
CHR - Extension: Google Drive = C:\Users\pyaarawala\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\pyaarawala\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\pyaarawala\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\pyaarawala\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Gmail = C:\Users\pyaarawala\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/19 05:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7725.1624\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7725.1624\swg.dll (Google Inc.)
O2 - BHO: (no name) - {B70A1A54-6DFB-4AD8-9A62-2C00A3CC5BB4} - C:\PROGRA~2\FreeVPN\fads.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.)
O4:64bit: - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [MWREGICBC.exe] C:\Program Files (x86)\ICBCEbankTools\MingWah\MWREGICBC.exe (ICBC OEM From Mingwah Technologies Co., Ltd)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKCU..\Run: [HW_OPENEYE_OUC_Mobile Card] C:\Program Files\Mobile Card\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKCU..\Run: [SanDiskSecureAccess_Manager.exe] C:\Users\pyaarawala\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe (Dmailer S.A.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Users\pyaarawala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\SogouExplorer\sogouipfilter.dll (Sogou.com)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\SogouExplorer\sogouipfilter.dll (Sogou.com)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\SogouExplorer\sogouipfilter.dll (Sogou.com)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\SogouExplorer\sogouipfilter.dll (Sogou.com)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: alipay.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: alipay.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: alisoft.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: alisoft.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: taobao.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: taobao.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 255.148 ([202.96] http in Trusted sites)
O15 - HKCU\..Trusted Domains: alipay.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: alipay.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: alisoft.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: alisoft.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: gmail.com ([www] * in Trusted sites)
O15 - HKCU\..Trusted Domains: hotmail.com ([www] * in Trusted sites)
O15 - HKCU\..Trusted Domains: icbc.com.cn ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: icbc.com.cn ([*] https in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: online.unionpay.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: taobao.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: taobao.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: unionpaysecure.com ([]https in Trusted sites)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {0EB487C8-E9AC-43A6-8C4C-083999B0622F} https://mybank.icbc....certInStall.dll (InfosecCertInstall Class)
O16 - DPF: {36C9539B-49D2-01C7-9C6D-10DACDFEA59C} https://b2c.icbc.com...k/icbcclean.cab (Axcleanctrl Class)
O16 - DPF: {3B3FE354-548D-4DA2-BEC2-52960C31F8E7} https://mybank.icbc....bc_mwusbkey.cab (Icbc_mwusbkey Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} https://b2c.icbc.com...afeControls.cab (AxSubmitControl Class)
O16 - DPF: {AE460AD7-D678-43BB-B4DF-394B2D0C4E52} https://unionpaysecu...pe/UPEditor.cab (UpSecEditor Class)
O16 - DPF: {B1FBC1AD-5644-4084-882A-0F8BA85E7506} https://mybank.icbc....CBC_NetSign.dll (InfoSecICBCNetSign Class)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {E6C2DD02-CD38-41A1-9B69-3D7E3B64AF9A} https://mybank.icbc....c/icbc_mwdv.cab (icbc_mwdvctrl Class)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{485ACF0D-030B-4597-9CB7-78D0A467A8D4}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B726837-C379-42BB-B428-9B7126D80456}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B726837-C379-42BB-B428-9B7126D80456}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8D3B4E13-B532-4414-A391-4B15CA6CF109}: DhcpNameServer = 8.8.8.8 208.67.222.222 208.67.220.220 8.8.4.4
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\SysNative\vrlogon.dll (UPEK Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\psfus: DllName - (C:\Windows\system32\psqlpwd.dll) - C:\Windows\SysNative\psqlpwd.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Users\pyaarawala\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\pyaarawala\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{018a1b8e-ee15-11df-a7bd-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{018a1b8e-ee15-11df-a7bd-00e0b8fbc716}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\Shell\1Teclast\Command - "" = G:\TeclastSetup.exe
O33 - MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\Shell\2Lock\Command - "" = G:\lock.exe
O33 - MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\Shell\3Format\Command - "" = G:\format.exe
O33 - MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\Shell\4kv\Command - "" = G:\Autoruns.exe
O33 - MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\Shell\5manual\Command - "" = Ê¹ÓÃ¹¤¾ß¼°°ïÖúÎÄ¼þ\Teclast.exe
O33 - MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\Shell\AutoRun\command - "" = G:\Autoruns.exe /oem
O33 - MountPoints2\{39759b4b-8513-11e0-8b87-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{39759b4b-8513-11e0-8b87-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{39759b58-8513-11e0-8b87-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{39759b58-8513-11e0-8b87-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{64feba95-6955-11df-be2a-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{64feba95-6955-11df-be2a-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{65abbce1-15a8-11e1-ad97-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{65abbce1-15a8-11e1-ad97-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{6d195a79-7fb6-11e0-a903-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{6d195a79-7fb6-11e0-a903-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6d195a88-7fb6-11e0-a903-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{6d195a88-7fb6-11e0-a903-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6d195aae-7fb6-11e0-a903-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{6d195aae-7fb6-11e0-a903-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6ff2aceb-e7f1-11e0-b1b6-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{6ff2aceb-e7f1-11e0-b1b6-00e0b8fbc716}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{89264b3e-cd84-11dd-9462-00e0b8fbc716}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe km9pdv4e8umjohx1pn6l7hkb07zyw9d2it7cn5csatm9pv.vbs
O33 - MountPoints2\{a4d0f661-8a4e-11df-acaa-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d0f661-8a4e-11df-acaa-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a4d0f66d-8a4e-11df-acaa-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d0f66d-8a4e-11df-acaa-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a4d0f67a-8a4e-11df-acaa-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d0f67a-8a4e-11df-acaa-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\Shell\1Teclast\Command - "" = F:\TeclastSetup.exe
O33 - MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\Shell\2Lock\Command - "" = F:\lock.exe
O33 - MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\Shell\3Format\Command - "" = F:\format.exe
O33 - MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\Shell\4kv\Command - "" = F:\Autoruns.exe
O33 - MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\Shell\5manual\Command - "" = Ê¹ÓÃ¹¤¾ß¼°°ïÖúÎÄ¼þ\Teclast.exe
O33 - MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\Autoruns.exe /oem
O33 - MountPoints2\{fd26bd0a-2efc-11de-91a2-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{fd26bd0a-2efc-11de-91a2-00e0b8fbc716}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/18 07:43:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\pyaarawala\Desktop\OTL.exe
[2012/12/17 23:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/12/17 22:06:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/12/17 21:43:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2012/12/16 13:22:18 | 000,000,000 | ---D | C] -- C:\Users\pyaarawala\AppData\Local\Macromedia
[2012/12/16 13:20:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/12/14 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\pyaarawala\AppData\Local\{25F18292-FCAE-491D-8FEA-9E5600B4B85F}
[2012/12/11 10:53:52 | 000,373,424 | ---- | C] (Softonic) -- C:\Users\pyaarawala\Desktop\SoftonicDownloader_for_google-chrome.exe
[2012/12/05 18:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/12/05 18:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/11/23 20:08:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2012/11/23 20:04:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/18 07:43:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pyaarawala\Desktop\OTL.exe
[2012/12/18 07:28:12 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/12/18 07:28:12 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2012/12/18 07:28:11 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/18 07:28:06 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/18 07:28:06 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/18 07:27:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/18 07:27:52 | 4284,932,096 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/17 23:31:18 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/12/17 23:14:30 | 000,000,902 | ---- | M] () -- C:\Users\pyaarawala\Desktop\gmail.cer
[2012/12/17 23:13:21 | 000,056,535 | ---- | M] () -- C:\Users\pyaarawala\Desktop\renal diuretics.jpg
[2012/12/17 23:03:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/17 23:02:56 | 000,002,027 | ---- | M] () -- C:\Users\pyaarawala\Desktop\Google Chrome.lnk
[2012/12/17 23:02:56 | 000,002,011 | ---- | M] () -- C:\Users\pyaarawala\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/12/17 22:13:44 | 000,000,972 | ---- | M] () -- C:\Users\pyaarawala\Desktop\fbok.cer
[2012/12/17 22:06:04 | 000,000,914 | ---- | M] () -- C:\Users\pyaarawala\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/12/17 22:06:04 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/17 19:40:55 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/12/17 19:40:55 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/12/17 19:27:55 | 000,002,446 | ---- | M] () -- C:\Users\pyaarawala\Desktop\google.p7b
[2012/12/17 19:24:07 | 000,001,298 | ---- | M] () -- C:\Users\pyaarawala\Desktop\mail.google.com.cer
[2012/12/17 13:37:47 | 004,849,588 | ---- | M] () -- C:\Users\pyaarawala\Desktop\Drowning Pool - Bodies.mp3
[2012/12/17 12:14:20 | 000,045,647 | ---- | M] () -- C:\Users\pyaarawala\Desktop\HD1560_Non_SlipL.jpg
[2012/12/16 11:19:24 | 005,781,735 | ---- | M] () -- C:\Users\pyaarawala\Desktop\goagent-goagent-v2.1.9-19-g91cd5e4.zip
[2012/12/14 19:50:39 | 000,720,994 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/14 19:50:39 | 000,616,424 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/14 19:50:39 | 000,109,290 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/14 18:02:19 | 105,603,488 | ---- | M] () -- C:\Users\pyaarawala\Desktop\avira_free_antivirus_en.exe
[2012/12/14 11:23:02 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012/12/14 11:02:01 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3947582213-1791406327-2745404233-1000Core.job
[2012/12/13 08:31:11 | 000,394,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/12 18:02:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3947582213-1791406327-2745404233-1000UA.job
[2012/12/11 10:54:09 | 000,373,424 | ---- | M] (Softonic) -- C:\Users\pyaarawala\Desktop\SoftonicDownloader_for_google-chrome.exe
[2012/12/10 18:21:37 | 000,004,910 | ---- | M] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2012/12/10 16:31:39 | 000,001,550 | ---- | M] () -- C:\Users\pyaarawala\Desktop\hotmail certificate.cer
[2012/12/10 11:59:25 | 000,000,898 | ---- | M] () -- C:\Users\pyaarawala\Desktop\google certificate.cer
[2012/11/29 00:38:22 | 000,080,546 | ---- | M] () -- C:\Users\pyaarawala\Desktop\Norms Tribute.wlmp
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/17 23:14:27 | 000,000,902 | ---- | C] () -- C:\Users\pyaarawala\Desktop\gmail.cer
[2012/12/17 23:13:20 | 000,056,535 | ---- | C] () -- C:\Users\pyaarawala\Desktop\renal diuretics.jpg
[2012/12/17 23:02:56 | 000,002,027 | ---- | C] () -- C:\Users\pyaarawala\Desktop\Google Chrome.lnk
[2012/12/17 23:02:56 | 000,002,011 | ---- | C] () -- C:\Users\pyaarawala\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/12/17 22:13:42 | 000,000,972 | ---- | C] () -- C:\Users\pyaarawala\Desktop\fbok.cer
[2012/12/17 22:06:04 | 000,000,902 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/12/17 21:43:29 | 000,000,914 | ---- | C] () -- C:\Users\pyaarawala\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/12/17 21:43:29 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/17 19:27:47 | 000,002,446 | ---- | C] () -- C:\Users\pyaarawala\Desktop\google.p7b
[2012/12/17 19:24:07 | 000,001,298 | ---- | C] () -- C:\Users\pyaarawala\Desktop\mail.google.com.cer
[2012/12/17 13:36:08 | 004,849,588 | ---- | C] () -- C:\Users\pyaarawala\Desktop\Drowning Pool - Bodies.mp3
[2012/12/17 12:14:17 | 000,045,647 | ---- | C] () -- C:\Users\pyaarawala\Desktop\HD1560_Non_SlipL.jpg
[2012/12/16 11:19:09 | 005,781,735 | ---- | C] () -- C:\Users\pyaarawala\Desktop\goagent-goagent-v2.1.9-19-g91cd5e4.zip
[2012/12/14 19:49:33 | 000,080,546 | ---- | C] () -- C:\Users\pyaarawala\Desktop\Norms Tribute.wlmp
[2012/12/14 19:13:09 | 000,016,432 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2012/12/14 17:36:20 | 105,603,488 | ---- | C] () -- C:\Users\pyaarawala\Desktop\avira_free_antivirus_en.exe
[2012/12/13 00:28:29 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/12/13 00:28:29 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/12/10 18:21:36 | 000,004,910 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2012/12/10 16:31:37 | 000,001,550 | ---- | C] () -- C:\Users\pyaarawala\Desktop\hotmail certificate.cer
[2012/12/10 11:59:21 | 000,000,898 | ---- | C] () -- C:\Users\pyaarawala\Desktop\google certificate.cer
[2012/09/26 09:28:37 | 000,137,732 | ---- | C] () -- C:\Windows\hpoins44.dat
[2012/09/26 09:28:37 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat
[2012/01/04 16:18:13 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/01/04 16:18:13 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/10/15 19:19:53 | 000,052,550 | ---- | C] () -- C:\Windows\SysWow64\uninst.exe
[2011/09/26 21:19:00 | 000,274,848 | ---- | C] () -- C:\Windows\SysWow64\SubmitControl.dll
[2011/09/26 21:19:00 | 000,251,808 | ---- | C] () -- C:\Windows\SysWow64\ClientBinding.dll
[2011/09/26 21:19:00 | 000,112,032 | ---- | C] () -- C:\Windows\SysWow64\InputControl.dll
[2011/09/26 21:19:00 | 000,112,032 | ---- | C] () -- C:\Windows\SysWow64\EditControl.dll
[2011/09/26 21:19:00 | 000,107,936 | ---- | C] () -- C:\Windows\SysWow64\ICBCQPK_HH.dll
[2011/09/26 21:19:00 | 000,091,552 | ---- | C] () -- C:\Windows\SysWow64\icbc_bhdc2vdv.dll
[2011/09/26 21:19:00 | 000,091,552 | ---- | C] () -- C:\Windows\SysWow64\icbc_bhdc1vdv.dll
[2011/09/26 21:19:00 | 000,079,264 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2011/09/26 21:19:00 | 000,071,072 | ---- | C] () -- C:\Windows\SysWow64\UploadControl.dll
[2011/09/26 21:19:00 | 000,066,976 | ---- | C] () -- C:\Windows\SysWow64\GDReadPub.dll
[2011/09/26 21:19:00 | 000,054,688 | ---- | C] () -- C:\Windows\SysWow64\icbc_gdgetdv.dll
[2011/09/26 21:18:59 | 000,103,840 | ---- | C] () -- C:\Windows\SysWow64\certInStall.dll
[2011/08/19 17:17:15 | 000,000,911 | ---- | C] () -- C:\Users\pyaarawala\AppData\Roaming\coreavc.ini
[2011/07/29 22:20:14 | 000,005,412 | ---- | C] () -- C:\Users\pyaarawala\funshion.ini
[2011/07/29 22:20:14 | 000,001,268 | ---- | C] () -- C:\Windows\SysWow64\funshion.ini
[2011/06/06 02:06:53 | 000,000,272 | ---- | C] () -- C:\Users\pyaarawala\AppData\Roaming\.backup.dm
[2011/05/29 16:40:46 | 000,000,225 | ---- | C] () -- C:\Windows\w32dasm8.ini
[2011/05/13 20:58:34 | 000,000,000 | ---- | C] () -- C:\Users\pyaarawala\AppData\Local\{C177168F-5524-4A01-B212-418F29032748}
[2011/04/29 20:38:48 | 000,000,000 | ---- | C] () -- C:\Users\pyaarawala\AppData\Local\{DA2600EE-6980-4AA6-A3E6-85919EAF4FD0}
[2011/03/21 21:24:15 | 000,006,669 | ---- | C] () -- C:\Users\pyaarawala\Untitledkhush.jpg
[2011/03/15 13:53:16 | 000,033,176 | ---- | C] () -- C:\Windows\scunin.dat
[2011/03/04 21:54:09 | 000,018,760 | ---- | C] () -- C:\Windows\SysWow64\QQVistaHelper.dll
[2011/02/03 23:56:39 | 000,072,080 | ---- | C] () -- C:\Users\pyaarawala\g2mdlhlpx.exe
[2010/03/07 08:37:59 | 000,022,196 | ---- | C] () -- C:\Users\pyaarawala\AppData\Roaming\UserTile.png
[2009/04/22 12:38:31 | 000,007,148 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2009/03/25 12:00:34 | 000,000,680 | ---- | C] () -- C:\Users\pyaarawala\AppData\Local\d3d9caps.dat
[2009/02/21 03:36:30 | 000,000,732 | ---- | C] () -- C:\Users\pyaarawala\AppData\Local\d3d9caps64.dat
[2008/10/04 13:06:48 | 000,147,456 | ---- | C] () -- C:\Users\pyaarawala\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 23:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 15:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 14:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/21 10:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2008/10/19 13:04:44 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\acccore
[2009/02/13 19:23:51 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\Anvil Studio
[2012/10/07 23:36:31 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\BitTorrent
[2009/04/22 13:53:44 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\DAEMON Tools
[2009/04/22 13:53:44 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\DAEMON Tools Lite
[2009/04/22 13:53:44 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\DAEMON Tools Pro
[2012/05/08 13:23:42 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\DVDVideoSoft
[2012/05/01 10:29:25 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\eBookPro6
[2009/05/30 18:54:09 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\Fuzzy Games
[2009/05/21 13:18:13 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\Gamelab
[2012/03/02 19:23:33 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\Home Sweet Home 2
[2009/05/30 17:18:09 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\ITTNord
[2008/11/06 22:40:10 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\iWin
[2008/11/02 00:35:57 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\iWinArcade
[2012/12/17 19:33:54 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\Mobile Card
[2012/08/03 04:14:02 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\Outlook
[2010/03/07 08:37:58 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\PeerNetworking
[2012/12/18 07:28:42 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\SanDisk
[2011/10/26 09:58:42 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\SE_logs
[2011/12/31 23:17:13 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\SogouExplorer
[2011/10/26 10:05:38 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\SogouExtension
[2011/03/04 22:19:54 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\Tencent
[2009/08/23 13:49:15 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\Trillian
[2012/01/01 21:22:09 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\Wise Disk Cleaner
[2012/01/01 21:36:45 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\Wise Registry Cleaner
[2012/11/13 16:23:22 | 000,000,000 | ---D | M] -- C:\Users\pyaarawala\AppData\Roaming\Youtube Downloader HD

========== Purity Check ==========

========== Files - Unicode (All) ==========
[2011/12/31 13:04:07 | 000,030,720 | ---- | M] ()(C:\Users\pyaarawala\Documents\2012???.doc) -- C:\Users\pyaarawala\Documents\2012课程表.doc
[2011/12/27 12:34:29 | 000,030,720 | ---- | C] ()(C:\Users\pyaarawala\Documents\2012???.doc) -- C:\Users\pyaarawala\Documents\2012课程表.doc
[2010/09/14 13:30:32 | 000,026,112 | ---- | M] ()(C:\Users\pyaarawala\Documents\??.doc) -- C:\Users\pyaarawala\Documents\哈桑.doc
[2010/09/14 13:30:31 | 000,026,112 | ---- | C] ()(C:\Users\pyaarawala\Documents\??.doc) -- C:\Users\pyaarawala\Documents\哈桑.doc
[2010/09/14 13:30:18 | 000,010,214 | ---- | M] ()(C:\Users\pyaarawala\Documents\??.docx) -- C:\Users\pyaarawala\Documents\哈桑.docx
[2010/09/14 13:30:17 | 000,010,214 | ---- | C] ()(C:\Users\pyaarawala\Documents\??.docx) -- C:\Users\pyaarawala\Documents\哈桑.docx
[2010/07/08 18:07:55 | 000,000,740 | ---- | M] ()(C:\Users\pyaarawala\Documents\?????.lnk) -- C:\Users\pyaarawala\Documents\无线上网卡.lnk
[2010/07/08 18:07:55 | 000,000,740 | ---- | C] ()(C:\Users\pyaarawala\Documents\?????.lnk) -- C:\Users\pyaarawala\Documents\无线上网卡.lnk
[2009/06/17 21:07:10 | 000,017,973 | ---- | M] ()(C:\Users\pyaarawala\Documents\??????2009-6-9.xlsx) -- C:\Users\pyaarawala\Documents\期末考试通知2009-6-9.xlsx
[2009/06/17 21:07:10 | 000,017,973 | ---- | C] ()(C:\Users\pyaarawala\Documents\??????2009-6-9.xlsx) -- C:\Users\pyaarawala\Documents\期末考试通知2009-6-9.xlsx
[2009/04/19 16:37:56 | 000,012,935 | ---- | M] ()(C:\Users\pyaarawala\Documents\Ri Bu Luo ???.docx) -- C:\Users\pyaarawala\Documents\Ri Bu Luo 日不落.docx
[2009/04/19 15:41:20 | 000,012,935 | ---- | C] ()(C:\Users\pyaarawala\Documents\Ri Bu Luo ???.docx) -- C:\Users\pyaarawala\Documents\Ri Bu Luo 日不落.docx
(C:\Users\pyaarawala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???????) -- C:\Users\pyaarawala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\搜狗高速浏览器
(C:\Users\pyaarawala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????) -- C:\Users\pyaarawala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\???????) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\搜狗高速浏览器

========== Alternate Data Streams ==========

@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D4B8378D

< End of report >

Edit: Moving to Malware forum - Z

#4
RKinner

Posted 17 December 2012 - 09:59 PM

Malware Expert

Expert
24,625 posts

Disable Spybot's TeaTimer to make sure it won't interfere with fixes. You can re-enable it when you're clean again:

* Run Spybot-S&D in Advanced Mode
* If it is not already set to do this, go to the Mode menu
select
Advanced Mode
* On the left hand side, click on Tools
* Then click on the Resident icon in the list
* Uncheck
Resident TeaTimer
and OK any prompts.
* Restart your computer

Download and Save the free Avast installer.
http://www.avast.com...ivirus-download
Download and save the norton removal tool
ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe
Uninstall Symantec (save the product license key in case you decide to reinstall it:http://us.norton.com/support/kb/web_view.jsp?wv_type=public_web&docurl=20080710133834EN&ln=en_US)

Run the Norton Removal tool.

Reboot

Install Avast. (Register when it asks you - they will try to talk you in to buying the full product but the free version is what we want.)

Click on the Avast ball. Then click on Additional Protections then on AutoSandbox then on Settings then uncheck Enable AutoSandbox. OK

Copy the text in the code box by highlighting and Ctrl + c


:OTL
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-se...q={searchTerms}
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.7.0088
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
[2012/04/24 12:42:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/06/23 14:47:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/09/04 00:59:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2008/09/04 08:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npbittorrent.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {B70A1A54-6DFB-4AD8-9A62-2C00A3CC5BB4} - C:\PROGRA~2\FreeVPN\fads.dll File not found
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [MWREGICBC.exe] C:\Program Files (x86)\ICBCEbankTools\MingWah\MWREGICBC.exe (ICBC OEM From Mingwah Technologies Co., Ltd)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O33 - MountPoints2\{018a1b8e-ee15-11df-a7bd-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{018a1b8e-ee15-11df-a7bd-00e0b8fbc716}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\Shell\1Teclast\Command - "" = G:\TeclastSetup.exe
O33 - MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\Shell\2Lock\Command - "" = G:\lock.exe
O33 - MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\Shell\3Format\Command - "" = G:\format.exe
O33 - MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\Shell\4kv\Command - "" = G:\Autoruns.exe
O33 - MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\Shell\5manual\Command - "" = Ê¹ÓÃ¹¤¾ß¼°°ïÖúÎÄ¼þ\Teclast.exe
O33 - MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\Shell\AutoRun\command - "" = G:\Autoruns.exe /oem
O33 - MountPoints2\{39759b4b-8513-11e0-8b87-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{39759b4b-8513-11e0-8b87-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{39759b58-8513-11e0-8b87-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{39759b58-8513-11e0-8b87-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{64feba95-6955-11df-be2a-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{64feba95-6955-11df-be2a-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{65abbce1-15a8-11e1-ad97-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{65abbce1-15a8-11e1-ad97-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{6d195a79-7fb6-11e0-a903-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{6d195a79-7fb6-11e0-a903-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6d195a88-7fb6-11e0-a903-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{6d195a88-7fb6-11e0-a903-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6d195aae-7fb6-11e0-a903-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{6d195aae-7fb6-11e0-a903-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6ff2aceb-e7f1-11e0-b1b6-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{6ff2aceb-e7f1-11e0-b1b6-00e0b8fbc716}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{89264b3e-cd84-11dd-9462-00e0b8fbc716}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe km9pdv4e8umjohx1pn6l7hkb07zyw9d2it7cn5csatm9pv.vbs
O33 - MountPoints2\{a4d0f661-8a4e-11df-acaa-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d0f661-8a4e-11df-acaa-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a4d0f66d-8a4e-11df-acaa-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d0f66d-8a4e-11df-acaa-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a4d0f67a-8a4e-11df-acaa-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d0f67a-8a4e-11df-acaa-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\Shell\1Teclast\Command - "" = F:\TeclastSetup.exe
O33 - MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\Shell\2Lock\Command - "" = F:\lock.exe
O33 - MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\Shell\3Format\Command - "" = F:\format.exe
O33 - MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\Shell\4kv\Command - "" = F:\Autoruns.exe
O33 - MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\Shell\5manual\Command - "" = Ê¹ÓÃ¹¤¾ß¼°°ïÖúÎÄ¼þ\Teclast.exe
O33 - MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\Shell\AutoRun\command - "" = F:\Autoruns.exe /oem
O33 - MountPoints2\{fd26bd0a-2efc-11de-91a2-00e0b8fbc716}\Shell - "" = AutoRun
O33 - MountPoints2\{fd26bd0a-2efc-11de-91a2-00e0b8fbc716}\Shell\AutoRun\command - "" = E:\SETUP.EXE
(C:\Users\pyaarawala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???????) -- C:\Users\pyaarawala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\搜狗高速浏览器
(C:\Users\pyaarawala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????) -- C:\Users\pyaarawala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\???????) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\搜狗高速浏览器
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D4B8378D

:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]

then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply.
It appears that Old Timer is now hiding the log in c:\_OTL\MovedFiles\12172012-some number.log so if you don't see it come up please look for it there.

Download aswMBR.exe to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. Right click on the Avast Ball and select Avast! Shields Control and Disable Until Computer is Restarted

Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.

* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Right click on TDSSKiller.exe and select Run As Administrator to start the program.

If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Right-click mbam-setup.exe and select Run As Administrator to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow

(This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application.

Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
Teclast.exe
km9pdv4e8umjohx1pn6l7hkb07zyw9d2it7cn5csatm9pv.vbs
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemdrive%\$Recycle.Bin|@;true;true;true /fp
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

#5
pyaarawala

Posted 18 December 2012 - 05:31 AM

Member

Topic Starter
Member
29 posts

After this point of your message: "then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply.
It appears that Old Timer is now hiding the log in c:\_OTL\MovedFiles\12172012-some number.log so if you don't see it come up please look for it there."

========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}\ not found.
Prefs.js: [email protected]:1.0.7.0088 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
Prefs.js: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.0 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35 removed from extensions.enabledItems
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\plugins\npbittorrent.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B70A1A54-6DFB-4AD8-9A62-2C00A3CC5BB4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B70A1A54-6DFB-4AD8-9A62-2C00A3CC5BB4}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
64bit-Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\eRecoveryService deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MWREGICBC.exe deleted successfully.
C:\Program Files (x86)\ICBCEbankTools\MingWah\MWREGICBC.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\internet\ deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
File oft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{018a1b8e-ee15-11df-a7bd-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{018a1b8e-ee15-11df-a7bd-00e0b8fbc716}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{018a1b8e-ee15-11df-a7bd-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{018a1b8e-ee15-11df-a7bd-00e0b8fbc716}\ not found.
File G:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\ not found.
File G:\TeclastSetup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\ not found.
File G:\lock.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\ not found.
File G:\format.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\ not found.
File G:\Autoruns.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\ not found.
File Ê¹ÓÃ¹¤¾ß¼°°ïÖúÎÄ¼þ\Teclast.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{312fbcb0-9e69-11de-9dcf-00e0b8fbc716}\ not found.
File G:\Autoruns.exe /oem not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39759b4b-8513-11e0-8b87-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39759b4b-8513-11e0-8b87-00e0b8fbc716}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39759b4b-8513-11e0-8b87-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39759b4b-8513-11e0-8b87-00e0b8fbc716}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39759b58-8513-11e0-8b87-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39759b58-8513-11e0-8b87-00e0b8fbc716}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39759b58-8513-11e0-8b87-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39759b58-8513-11e0-8b87-00e0b8fbc716}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64feba95-6955-11df-be2a-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64feba95-6955-11df-be2a-00e0b8fbc716}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64feba95-6955-11df-be2a-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64feba95-6955-11df-be2a-00e0b8fbc716}\ not found.
File F:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65abbce1-15a8-11e1-ad97-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65abbce1-15a8-11e1-ad97-00e0b8fbc716}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65abbce1-15a8-11e1-ad97-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65abbce1-15a8-11e1-ad97-00e0b8fbc716}\ not found.
File F:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d195a79-7fb6-11e0-a903-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d195a79-7fb6-11e0-a903-00e0b8fbc716}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d195a79-7fb6-11e0-a903-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d195a79-7fb6-11e0-a903-00e0b8fbc716}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d195a88-7fb6-11e0-a903-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d195a88-7fb6-11e0-a903-00e0b8fbc716}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d195a88-7fb6-11e0-a903-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d195a88-7fb6-11e0-a903-00e0b8fbc716}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d195aae-7fb6-11e0-a903-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d195aae-7fb6-11e0-a903-00e0b8fbc716}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d195aae-7fb6-11e0-a903-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d195aae-7fb6-11e0-a903-00e0b8fbc716}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6ff2aceb-e7f1-11e0-b1b6-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ff2aceb-e7f1-11e0-b1b6-00e0b8fbc716}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6ff2aceb-e7f1-11e0-b1b6-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ff2aceb-e7f1-11e0-b1b6-00e0b8fbc716}\ not found.
File G:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{89264b3e-cd84-11dd-9462-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89264b3e-cd84-11dd-9462-00e0b8fbc716}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe km9pdv4e8umjohx1pn6l7hkb07zyw9d2it7cn5csatm9pv.vbs not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4d0f661-8a4e-11df-acaa-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a4d0f661-8a4e-11df-acaa-00e0b8fbc716}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4d0f661-8a4e-11df-acaa-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a4d0f661-8a4e-11df-acaa-00e0b8fbc716}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4d0f66d-8a4e-11df-acaa-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a4d0f66d-8a4e-11df-acaa-00e0b8fbc716}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4d0f66d-8a4e-11df-acaa-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a4d0f66d-8a4e-11df-acaa-00e0b8fbc716}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4d0f67a-8a4e-11df-acaa-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a4d0f67a-8a4e-11df-acaa-00e0b8fbc716}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4d0f67a-8a4e-11df-acaa-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a4d0f67a-8a4e-11df-acaa-00e0b8fbc716}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\ not found.
File F:\TeclastSetup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\ not found.
File F:\lock.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\ not found.
File F:\format.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\ not found.
File F:\Autoruns.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\ not found.
File Ê¹ÓÃ¹¤¾ß¼°°ïÖúÎÄ¼þ\Teclast.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d462cf83-c1f9-11de-a138-00e0b8fbc716}\ not found.
File F:\Autoruns.exe /oem not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd26bd0a-2efc-11de-91a2-00e0b8fbc716}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd26bd0a-2efc-11de-91a2-00e0b8fbc716}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd26bd0a-2efc-11de-91a2-00e0b8fbc716}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd26bd0a-2efc-11de-91a2-00e0b8fbc716}\ not found.
File E:\SETUP.EXE not found.
ADS C:\ProgramData\TEMP:D4B8378D deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 56507 bytes

User: Default User

User: Public

User: pyaarawala
->Flash cache emptied: 206985 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: pyaarawala
->Java cache emptied: 37658920 bytes

Total Java Files Cleaned = 36.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 12182012_192052

#6
pyaarawala

Posted 18 December 2012 - 05:48 AM

Member

Topic Starter
Member
29 posts

While aswMBR was running I got the Blue screen of death all of a sudden, and my computer had to restart. So I'm running the scan again now and will have the log up soon. Then I'll continue with the rest of the instructions.

#7
pyaarawala

Posted 18 December 2012 - 06:10 AM

Member

Topic Starter
Member
29 posts

I got the Blue screen of death again while the scan was running. It happens about 4-5 minutes into the scan. When I reboot windows I get a Microsoft Windows notification with details saying this:

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.0.6002.2.2.0.768.3
Locale ID: 1033

Additional information about the problem:
BCCode: 19
BCP1: 0000000000000020
BCP2: FFFFFA8001383970
BCP3: FFFFFA80013840D0
BCP4: 00000000047683C0
OS Version: 6_0_6002
Service Pack: 2_0
Product: 768_1

Files that help describe the problem:
C:\Windows\Minidump\Mini121812-02.dmp
C:\Users\pyaarawala\AppData\Local\Temp\WER-72431-0.sysdata.xml
C:\Users\pyaarawala\AppData\Local\Temp\WER9137.tmp.version.txt

Read our privacy statement:
http://go.microsoft....63&clcid=0x0409

--------------------------------------------------------------------------

What should I do? Should I just proceed or what? Thanks.
Here's a link to an image of what the screen looks like:
Posted Image

#8
pyaarawala

Posted 18 December 2012 - 06:20 AM

Member

Topic Starter
Member
29 posts

I tried it a third time and this time instead of where it says: BAD_POOL_HEADER it said SYSTEM_CHECK or something like that. Will trying to do it in Safemode help?

#9
RKinner

Posted 18 December 2012 - 10:43 AM

Malware Expert

Expert
24,625 posts

When you ran aswMBR did you: uncheck trace disk IO calls? Sometimes that causes a blue screen. If you have done that then just skip to the next step.

#10
pyaarawala

Posted 18 December 2012 - 10:04 PM

Member

Topic Starter
Member
29 posts

When you ran aswMBR did you: uncheck trace disk IO calls? Sometimes that causes a blue screen. If you have done that then just skip to the next step.

Yes, I did uncheck it all 3 times I tried it. Still kept getting the blue screen.

Here's my results for the log from ComboFix:

ComboFix 12-12-17.02 - pyaarawala 12/19/2012 11:10:26.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4085.2242 [GMT 8:00]
Running from: c:\users\pyaarawala\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SogouExplorer
c:\program files (x86)\SogouExplorer\adbrule.dat
c:\program files (x86)\SogouExplorer\aliedit.exe
c:\program files (x86)\SogouExplorer\avcodec-52.dll
c:\program files (x86)\SogouExplorer\avformat-52.dll
c:\program files (x86)\SogouExplorer\avutil-50.dll
c:\program files (x86)\SogouExplorer\browser.conf
c:\program files (x86)\SogouExplorer\bseapi.dll
c:\program files (x86)\SogouExplorer\bsecore.dll
c:\program files (x86)\SogouExplorer\bseupd.dll
c:\program files (x86)\SogouExplorer\changelog.txt
c:\program files (x86)\SogouExplorer\cmdlineparser.dll
c:\program files (x86)\SogouExplorer\dialog.dll
c:\program files (x86)\SogouExplorer\dialogcore.dll
c:\program files (x86)\SogouExplorer\framework.dll
c:\program files (x86)\SogouExplorer\hardcode.bin
c:\program files (x86)\SogouExplorer\Instlist
c:\program files (x86)\SogouExplorer\license
c:\program files (x86)\SogouExplorer\metasearch.dll
c:\program files (x86)\SogouExplorer\metasearchdic
c:\program files (x86)\SogouExplorer\p2pclient.dll
c:\program files (x86)\SogouExplorer\plugins\npaliedit.dll
c:\program files (x86)\SogouExplorer\plugins\NPComBrg310.dll
c:\program files (x86)\SogouExplorer\SafeIcon\0.png
c:\program files (x86)\SogouExplorer\SafeIcon\1.png
c:\program files (x86)\SogouExplorer\SafeIcon\10.png
c:\program files (x86)\SogouExplorer\SafeIcon\11.png
c:\program files (x86)\SogouExplorer\SafeIcon\12.png
c:\program files (x86)\SogouExplorer\SafeIcon\13.png
c:\program files (x86)\SogouExplorer\SafeIcon\14.png
c:\program files (x86)\SogouExplorer\SafeIcon\15.png
c:\program files (x86)\SogouExplorer\SafeIcon\16.png
c:\program files (x86)\SogouExplorer\SafeIcon\17.png
c:\program files (x86)\SogouExplorer\SafeIcon\18.png
c:\program files (x86)\SogouExplorer\SafeIcon\19.png
c:\program files (x86)\SogouExplorer\SafeIcon\2.png
c:\program files (x86)\SogouExplorer\SafeIcon\20.png
c:\program files (x86)\SogouExplorer\SafeIcon\21.png
c:\program files (x86)\SogouExplorer\SafeIcon\22.png
c:\program files (x86)\SogouExplorer\SafeIcon\23.png
c:\program files (x86)\SogouExplorer\SafeIcon\24.png
c:\program files (x86)\SogouExplorer\SafeIcon\25.png
c:\program files (x86)\SogouExplorer\SafeIcon\26.png
c:\program files (x86)\SogouExplorer\SafeIcon\27.png
c:\program files (x86)\SogouExplorer\SafeIcon\28.png
c:\program files (x86)\SogouExplorer\SafeIcon\29.png
c:\program files (x86)\SogouExplorer\SafeIcon\3.png
c:\program files (x86)\SogouExplorer\SafeIcon\30.png
c:\program files (x86)\SogouExplorer\SafeIcon\31.png
c:\program files (x86)\SogouExplorer\SafeIcon\32.png
c:\program files (x86)\SogouExplorer\SafeIcon\33.png
c:\program files (x86)\SogouExplorer\SafeIcon\34.png
c:\program files (x86)\SogouExplorer\SafeIcon\35.png
c:\program files (x86)\SogouExplorer\SafeIcon\36.png
c:\program files (x86)\SogouExplorer\SafeIcon\37.png
c:\program files (x86)\SogouExplorer\SafeIcon\38.png
c:\program files (x86)\SogouExplorer\SafeIcon\39.png
c:\program files (x86)\SogouExplorer\SafeIcon\4.png
c:\program files (x86)\SogouExplorer\SafeIcon\40.png
c:\program files (x86)\SogouExplorer\SafeIcon\41.png
c:\program files (x86)\SogouExplorer\SafeIcon\42.png
c:\program files (x86)\SogouExplorer\SafeIcon\43.png
c:\program files (x86)\SogouExplorer\SafeIcon\44.png
c:\program files (x86)\SogouExplorer\SafeIcon\45.png
c:\program files (x86)\SogouExplorer\SafeIcon\46.png
c:\program files (x86)\SogouExplorer\SafeIcon\47.png
c:\program files (x86)\SogouExplorer\SafeIcon\48.png
c:\program files (x86)\SogouExplorer\SafeIcon\49.png
c:\program files (x86)\SogouExplorer\SafeIcon\5.png
c:\program files (x86)\SogouExplorer\SafeIcon\50.png
c:\program files (x86)\SogouExplorer\SafeIcon\51.png
c:\program files (x86)\SogouExplorer\SafeIcon\52.png
c:\program files (x86)\SogouExplorer\SafeIcon\53.png
c:\program files (x86)\SogouExplorer\SafeIcon\54.png
c:\program files (x86)\SogouExplorer\SafeIcon\55.png
c:\program files (x86)\SogouExplorer\SafeIcon\56.png
c:\program files (x86)\SogouExplorer\SafeIcon\57.png
c:\program files (x86)\SogouExplorer\SafeIcon\58.png
c:\program files (x86)\SogouExplorer\SafeIcon\59.png
c:\program files (x86)\SogouExplorer\SafeIcon\6.png
c:\program files (x86)\SogouExplorer\SafeIcon\60.png
c:\program files (x86)\SogouExplorer\SafeIcon\61.png
c:\program files (x86)\SogouExplorer\SafeIcon\62.png
c:\program files (x86)\SogouExplorer\SafeIcon\63.png
c:\program files (x86)\SogouExplorer\SafeIcon\64.png
c:\program files (x86)\SogouExplorer\SafeIcon\65.png
c:\program files (x86)\SogouExplorer\SafeIcon\66.png
c:\program files (x86)\SogouExplorer\SafeIcon\67.png
c:\program files (x86)\SogouExplorer\SafeIcon\7.png
c:\program files (x86)\SogouExplorer\SafeIcon\8.png
c:\program files (x86)\SogouExplorer\SafeIcon\9.png
c:\program files (x86)\SogouExplorer\seapi.dll
c:\program files (x86)\SogouExplorer\searchlist.xml
c:\program files (x86)\SogouExplorer\seinstallhelper.exe
c:\program files (x86)\SogouExplorer\site.url
c:\program files (x86)\SogouExplorer\snapshoter.dll
c:\program files (x86)\SogouExplorer\sodalib.dll
c:\program files (x86)\SogouExplorer\sogouexplorer.exe
c:\program files (x86)\SogouExplorer\sogouipfilter.dll
c:\program files (x86)\SogouExplorer\sogouipfilterinst.dll
c:\program files (x86)\SogouExplorer\sogounet.dll
c:\program files (x86)\SogouExplorer\sogounetopt.sys
c:\program files (x86)\SogouExplorer\StartPage\Local\add1.jpg
c:\program files (x86)\SogouExplorer\StartPage\Local\add2.jpg
c:\program files (x86)\SogouExplorer\StartPage\Local\baidu.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\baiduc.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\bdsug.js
c:\program files (x86)\SogouExplorer\StartPage\Local\checkbox.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\checkbox1.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\checkbox2.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\close.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\close.png
c:\program files (x86)\SogouExplorer\StartPage\Local\default.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\default.jpg
c:\program files (x86)\SogouExplorer\StartPage\Local\default_page.ico
c:\program files (x86)\SogouExplorer\StartPage\Local\fenge.png
c:\program files (x86)\SogouExplorer\StartPage\Local\google.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\googlec.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\guding1.png
c:\program files (x86)\SogouExplorer\StartPage\Local\guding2.png
c:\program files (x86)\SogouExplorer\StartPage\Local\help.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\ie.css
c:\program files (x86)\SogouExplorer\StartPage\Local\ie.js
c:\program files (x86)\SogouExplorer\StartPage\Local\iframe.html
c:\program files (x86)\SogouExplorer\StartPage\Local\iframe_wk.html
c:\program files (x86)\SogouExplorer\StartPage\Local\index1.html
c:\program files (x86)\SogouExplorer\StartPage\Local\index2.html
c:\program files (x86)\SogouExplorer\StartPage\Local\logo.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\none.jpg
c:\program files (x86)\SogouExplorer\StartPage\Local\q1.png
c:\program files (x86)\SogouExplorer\StartPage\Local\q2.png
c:\program files (x86)\SogouExplorer\StartPage\Local\rbg.jpg
c:\program files (x86)\SogouExplorer\StartPage\Local\rbg0.jpg
c:\program files (x86)\SogouExplorer\StartPage\Local\rbg2.jpg
c:\program files (x86)\SogouExplorer\StartPage\Local\rbg3.jpg
c:\program files (x86)\SogouExplorer\StartPage\Local\reset.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\sb.jpg
c:\program files (x86)\SogouExplorer\StartPage\Local\search_logo.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\selmenu.png
c:\program files (x86)\SogouExplorer\StartPage\Local\set.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\setcancel.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\setok.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\shadow1.jpg
c:\program files (x86)\SogouExplorer\StartPage\Local\shadow2.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\sogou.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\sogouc.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\space.gif
c:\program files (x86)\SogouExplorer\StartPage\Local\tran1.png
c:\program files (x86)\SogouExplorer\StartPage\Local\tran2.png
c:\program files (x86)\SogouExplorer\StartPage\Local\tran3.png
c:\program files (x86)\SogouExplorer\StartPage\Local\wk.css
c:\program files (x86)\SogouExplorer\StartPage\Local\wk.js
c:\program files (x86)\SogouExplorer\StartPage\Security\body_back.png
c:\program files (x86)\SogouExplorer\StartPage\Security\btn1.png
c:\program files (x86)\SogouExplorer\StartPage\Security\btn2.png
c:\program files (x86)\SogouExplorer\StartPage\Security\riskalert.html
c:\program files (x86)\SogouExplorer\StartPage\Selector\baidu_logo.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\google_logo.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\index.html
c:\program files (x86)\SogouExplorer\StartPage\Selector\pic_daohang.jpg
c:\program files (x86)\SogouExplorer\StartPage\Selector\pic_kongbai.jpg
c:\program files (x86)\SogouExplorer\StartPage\Selector\pic_sousuo.jpg
c:\program files (x86)\SogouExplorer\StartPage\Selector\pic_zuiai.jpg
c:\program files (x86)\SogouExplorer\StartPage\Selector\pic_zuiai_1.jpg
c:\program files (x86)\SogouExplorer\StartPage\Selector\pic_zuiai_2.jpg
c:\program files (x86)\SogouExplorer\StartPage\Selector\s_baidu_logo.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\s_google_logo.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\s_sogou_logo.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\sogou_logo.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_body_bg.jpg
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_btn_daohang.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_btn_daohang_hit.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_btn_kongbai.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_btn_kongbai_hit.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_btn_light.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_btn_qita.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_btn_queding.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_btn_queding_hit.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_btn_queding_hover.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_btn_sousuo.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_btn_sousuo_hit.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_btn_zidingyi.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_btn_zidingyi_hit.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_btn_zuiai.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_btn_zuiai_hit.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_checkbox_checked.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_checkbox_hover.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_checkbox_normal.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_daohang_logo_bg.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_ico_home.gif
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_stage_arrow_daohang.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_stage_arrow_kongbai.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_stage_arrow_sousuo.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_stage_arrow_zidingyi.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_stage_arrow_zuiai.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_stage_main.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_text_1.png
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_zidingyi_dizhikuang.gif
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_zidingyi_icon.gif
c:\program files (x86)\SogouExplorer\StartPage\Selector\start_zidingyi_text.gif
c:\program files (x86)\SogouExplorer\tridentcore.dll
c:\program files (x86)\SogouExplorer\Uninstall.exe
c:\program files (x86)\SogouExplorer\UserInstruct\download.swf
c:\program files (x86)\SogouExplorer\UserInstruct\passport.swf
c:\program files (x86)\SogouExplorer\UserInstruct\passport_20.swf
c:\program files (x86)\SogouExplorer\UserInstruct\swichcore.swf
c:\program files (x86)\SogouExplorer\UserInstruct\tabscroll.swf
c:\program files (x86)\SogouExplorer\UserInstruct\videoExtract.swf
c:\program files (x86)\SogouExplorer\UserInstruct\videoOnTop.swf
c:\program files (x86)\SogouExplorer\video_acc.dll
c:\program files (x86)\SogouExplorer\webkit_plugins_file.xml
c:\program files (x86)\SogouExplorer\webkitcore.dll
c:\program files (x86)\SogouExplorer\xdelta3.exe
c:\users\pyaarawala\AppData\Roaming\SogouExplorer
c:\users\pyaarawala\g2mdlhlpx.exe
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
c:\windows\w32dasm8.ini
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2012-11-19 to 2012-12-19 )))))))))))))))))))))))))))))))
.
.
2012-12-18 11:20 . 2012-12-18 11:20 -------- d-----w- C:\_OTL
2012-12-18 11:04 . 2012-10-30 22:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-12-18 11:04 . 2012-10-30 22:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-12-18 11:04 . 2012-10-30 22:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-12-18 11:04 . 2012-10-30 22:51 44272 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-12-18 11:04 . 2012-10-30 22:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-12-18 11:04 . 2012-10-30 22:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-12-18 11:04 . 2012-10-30 22:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-12-18 11:03 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2012-12-18 11:03 . 2012-10-30 22:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-12-18 11:02 . 2012-12-18 11:02 -------- d-----w- c:\programdata\AVAST Software
2012-12-18 11:02 . 2012-12-18 11:02 -------- d-----w- c:\program files\AVAST Software
2012-12-18 05:30 . 2012-12-18 05:30 -------- d-----w- c:\program files (x86)\½»ÐÐÍøÒø°²È«ÊäÈëÈí¼þ
2012-12-17 13:43 . 2012-11-29 08:27 890048 ----a-w- c:\program files (x86)\Mozilla Firefox\uninstall\helper.exe
2012-12-16 05:22 . 2012-12-16 05:22 -------- d-----w- c:\users\pyaarawala\AppData\Local\Macromedia
2012-12-14 11:13 . 2012-05-23 08:17 16432 ----a-w- c:\windows\system32\lsdelete.exe
2012-12-12 09:22 . 2012-09-28 16:34 1210368 ----a-w- c:\windows\system32\kernel32.dll
2012-12-12 09:22 . 2012-11-08 02:00 368128 ----a-w- c:\windows\system32\atmfd.dll
2012-12-12 09:22 . 2012-11-08 04:24 48128 ----a-w- c:\windows\system32\atmlib.dll
2012-12-12 09:22 . 2012-11-08 01:36 293376 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-12 09:20 . 2012-11-13 01:55 2770432 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 09:20 . 2012-11-13 01:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 09:20 . 2012-11-13 01:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-12 09:20 . 2012-11-02 10:45 477696 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 09:20 . 2012-11-02 10:45 68096 ----a-w- c:\windows\system32\dpnathlp.dll
2012-12-12 09:20 . 2012-11-02 08:59 26112 ----a-w- c:\windows\system32\dpnsvr.exe
2012-12-12 09:20 . 2012-11-02 10:18 376320 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-12 09:20 . 2012-11-02 08:26 23040 ----a-w- c:\windows\SysWow64\dpnsvr.exe
2012-12-07 11:11 . 2012-11-08 17:24 9125352 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{24537FC2-8AE3-45C8-BCBC-085693C269A3}\mpengine.dll
2012-12-05 10:17 . 2012-12-05 10:17 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-11-23 12:08 . 2012-11-25 08:01 -------- d-----w- c:\program files (x86)\Real
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-12 16:30 . 2006-11-02 12:35 67413224 ----a-w- c:\windows\system32\mrt.exe
2012-10-26 04:41 . 2012-04-10 00:39 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-26 04:41 . 2011-11-13 16:31 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-20 06:58 . 2012-10-20 06:59 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-20 06:58 . 2012-06-23 06:47 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-10-20 06:58 . 2010-06-19 04:31 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-25 16:31 . 2012-11-15 06:07 91648 ----a-w- c:\windows\system32\synceng.dll
2012-09-25 16:19 . 2012-11-15 06:07 75776 ----a-w- c:\windows\SysWow64\synceng.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-04-11 . E68D9B3A3905619732F7FE039466A623 . 20952 . . [6.0.6002.18005] .. c:\windows\system32\drivers\atapi.sys
[7] 2009-04-11 . E68D9B3A3905619732F7FE039466A623 . 20952 . . [6.0.6002.18005] .. c:\windows\system32\DriverStore\FileRepository\mshdc.inf_b6d20d6f\atapi.sys
[7] 2008-01-21 . 1898FAE8E07D97F2F6C2D5326C633FAC . 22584 . . [6.0.6001.18000] .. c:\windows\system32\DriverStore\FileRepository\mshdc.inf_1d87dda2\atapi.sys
[7] 2006-11-02 . DF96CF8885724430024B7522E5C95722 . 20072 . . [6.0.6000.16386] .. c:\windows\system32\DriverStore\FileRepository\mshdc.inf_f8cccc79\atapi.sys
.
[7] 2008-01-21 . 22D13FF3DAFEC2A80634752B1EAA2DE6 . 22016 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6001.18000_none_80766a66ed36afa5\asyncmac.sys
[7] 2008-01-21 . 22D13FF3DAFEC2A80634752B1EAA2DE6 . 22016 . . [6.0.6001.18000] .. c:\windows\system32\drivers\asyncmac.sys
.
[7] 2008-01-21 . 423696F3BA6472DD17699209B933BC26 . 42040 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_f36d095c91565db4\kbdclass.sys
[7] 2008-01-21 . 423696F3BA6472DD17699209B933BC26 . 42040 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_f55882688e782900\kbdclass.sys
[7] 2008-01-21 . AC1BA7446D5343DFD4267A6E0D4FC0AF . 42040 . . [6.0.6000.16609] .. c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_f18fcd509427b0d2\kbdclass.sys
[7] 2008-01-21 . 88EE8513158979334FEEBFD777DFF390 . 42040 . . [6.0.6000.20734] .. c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_f1f3f8e5ad6225bc\kbdclass.sys
[7] 2008-01-21 . 423696F3BA6472DD17699209B933BC26 . 42040 . . [6.0.6000.16386] .. c:\windows\system32\drivers\kbdclass.sys
[7] 2008-01-21 . 423696F3BA6472DD17699209B933BC26 . 42040 . . [6.0.6001.18000] .. c:\windows\system32\DriverStore\FileRepository\keyboard.inf_917586af\kbdclass.sys
[7] 2008-01-21 . 423696F3BA6472DD17699209B933BC26 . 42040 . . [6.0.6001.18000] .. c:\windows\system32\DriverStore\FileRepository\keyboard.inf_d1a065f2\kbdclass.sys
[7] 2008-01-21 . AC1BA7446D5343DFD4267A6E0D4FC0AF . 42040 . . [6.0.6000.16609] .. c:\windows\system32\DriverStore\FileRepository\keyboard.inf_36381f4d\kbdclass.sys
[7] 2006-11-02 . 4324BBE0D86A15107C670E16218BF9C9 . 39528 . . [6.0.6000.16386] .. c:\windows\system32\DriverStore\FileRepository\keyboard.inf_c5bba9ff\kbdclass.sys
.
[7] 2009-04-11 . 65950E07329FCEE8E6516B17C8D0ABB6 . 738264 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys
[7] 2008-01-21 . 2A2EE457AF36C5C9A6808C768BD3A12B . 739384 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[7] 2009-04-11 . 65950E07329FCEE8E6516B17C8D0ABB6 . 738264 . . [6.0.6002.18005] .. c:\windows\system32\drivers\ndis.sys
.
[7] 2009-04-11 . BAC869DFB98E499BA4D9BB1FB43270E1 . 1515496 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_047b3e4cd26ad615\ntfs.sys
[7] 2008-01-21 . FE86BA5AC3B50E2CA911E9C60C07B638 . 1540152 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_028fc540d5490ac9\ntfs.sys
[7] 2009-04-11 . BAC869DFB98E499BA4D9BB1FB43270E1 . 1515496 . . [6.0.6000.16386] .. c:\windows\system32\drivers\ntfs.sys
.
[7] 2006-11-02 . DD5D684975352B85B52E3FD5347C20CB . 6144 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_05848900d35a7bfd\null.sys
[7] 2006-11-02 . DD5D684975352B85B52E3FD5347C20CB . 6144 . . [6.0.6000.16386] .. c:\windows\system32\drivers\null.sys
.
[7] 2012-03-30 . 46D448E9117464E4D3BBF36D7E3FA48E . 1423744 . . [6.0.6002.18604] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_112731fc1be6530b\tcpip.sys
[7] 2012-03-30 . AC8D5728E6AD6A7C4819D9A67008337A . 1422720 . . [6.0.6002.22828] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_119f31fd35108d3a\tcpip.sys
[7] 2011-09-20 . 2CC45D932BD193CD4117321D469AD6B2 . 1426304 . . [6.0.6002.18519] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_1121619c1be9f088\tcpip.sys
[7] 2011-09-20 . 73BED5067ED53A9DF05FA8EAB42578D0 . 1423744 . . [6.0.6002.22719] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_11ab004d35078d79\tcpip.sys
[7] 2011-06-17 . 4DAD14118FBCF7C609F2A4CE21FBCC5F . 1427344 . . [6.0.6002.18484] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_10d0aed01c273845\tcpip.sys
[7] 2011-06-17 . 19A7321E3A5F1DDB215D2815DCC8F8E4 . 1424272 . . [6.0.6002.22662] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_116decc535366aa6\tcpip.sys
[7] 2010-06-16 . D43D5336BE9DD93E02EE124297295713 . 1414544 . . [6.0.6001.22713] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys
[7] 2010-06-16 . 0011810B5211FDACD784DE585262ECFE . 1424264 . . [6.0.6002.22425] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_119c298735134c99\tcpip.sys
[7] 2010-06-16 . 973658A2EA9C06B2976884B9046DFC6C . 1426816 . . [6.0.6002.18272] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_10d97a5c1c20ef58\tcpip.sys
[7] 2010-06-16 . 7D86275FB640011B372FD566C0EAFA8D . 1420176 . . [6.0.6001.18493] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46\tcpip.sys
[7] 2010-02-18 . 4680D08A2E8A2509CD9B751D7AF59606 . 1414032 . . [6.0.6001.22636] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys
[7] 2010-02-18 . 30C4ABC8075DEA44D7E775D434AF1753 . 1420688 . . [6.0.6001.18427] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_0f2e179c1ecd900b\tcpip.sys
[7] 2010-02-18 . B4B7B375FDD672AF79B0CBE9B9A48B47 . 1427336 . . [6.0.6002.18209] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_112c2bd61be1dd22\tcpip.sys
[7] 2010-02-18 . 4AD4600DF1F09EE7462152C061B683C8 . 1423752 . . [6.0.6002.22341] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_118286a1352721f8\tcpip.sys
[7] 2010-02-18 . 7B0B928E318CADC23C87226BE0A1097D . 1198080 . . [6.0.6000.21226] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_bc37d12363b92291\tcpip.sys
[7] 2010-02-18 . 396CF3FD8D2A4FDF55570C01894DB9DF . 1200640 . . [6.0.6000.17021] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_bba931004aa006ed\tcpip.sys
[7] 2009-12-08 . D1A6D398865E0686533E13DD2558D64B . 1411656 . . [6.0.6001.22577] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_0f81a4cb3813bb8a\tcpip.sys
[7] 2009-12-08 . 8C94F5E4F9DE14A495BAA86F643CF31D . 1418840 . . [6.0.6001.18377] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_0ef8061a1ef61e99\tcpip.sys
[7] 2009-12-08 . E52F99B1160A1A1DE83223379D2C1828 . 1425480 . . [6.0.6002.18160] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_10e247ce1c1aa392\tcpip.sys
[7] 2009-12-08 . EE84432AD7DCADE2931528C319C55097 . 1423944 . . [6.0.6002.22283] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_1159459f3545c743\tcpip.sys
[7] 2009-12-08 . 2F822AF5E70467F827F5B4010A7FD57F . 1199616 . . [6.0.6000.16973] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_bb7549d64ac6920e\tcpip.sys
[7] 2009-12-08 . BB6FB43B431CCAD6FC367648C87205C0 . 1196032 . . [6.0.6000.21175] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_bc00bf5763e297c8\tcpip.sys
[7] 2009-08-15 . D4E30E6BADFF21865C3A075457CF9C00 . 1196032 . . [6.0.6000.21108] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[7] 2009-08-14 . 3BCD46BE9988B09D3510A0EF54F0D65B . 1418840 . . [6.0.6001.18311] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[7] 2009-08-14 . 74B776CA1B328095FE23A3306B1613A3 . 1413208 . . [6.0.6001.22497] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[7] 2009-08-14 . A7BFF59C2F610F62E6C292074FF36A1E . 1425992 . . [6.0.6002.18091] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[7] 2009-08-14 . D45D67A18C9FD4CC637BC9D4585C0646 . 1424952 . . [6.0.6002.22200] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[7] 2009-08-14 . 34B30202AECCB530FDDC6C6CCFA2FB46 . 1200640 . . [6.0.6000.16908] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[7] 2009-04-11 . 99D07AD0EF2C535610F6573C29BC045E . 1426408 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_112826e21be57d78\tcpip.sys
[7] 2008-04-26 . 8E041924441FF8755E5B4F135C8C3767 . 1421368 . . [6.0.6001.18063] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_0efecf2c1ef1a5d7\tcpip.sys
[7] 2008-04-26 . F10A60005FB50698E33A1940C6EBB010 . 1421368 . . [6.0.6001.22167] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_0f8c6d1f380baafd\tcpip.sys
[7] 2008-01-21 . 7A1183FBB802F5ABAD7FA18BC67E0858 . 1421368 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys
[7] 2012-03-30 . 46D448E9117464E4D3BBF36D7E3FA48E . 1423744 . . [6.0.6002.18604] .. c:\windows\system32\drivers\tcpip.sys
.
[7] 2009-04-11 . 458919C8C42E398DC4802178D5FFEE27 . 94720 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_4847dcdb9194e539\tdx.sys
[7] 2008-01-21 . 8C39C72E0E853DE04748C0337D9B9216 . 94208 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_465c63cf947319ed\tdx.sys
[7] 2009-04-11 . 458919C8C42E398DC4802178D5FFEE27 . 94720 . . [6.0.6002.18005] .. c:\windows\system32\drivers\tdx.sys
.
[7] 2008-01-21 . A1B39DE453433B115B4EA69EE0343816 . 103424 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_d507c23d565be6a3\browser.dll
[7] 2008-01-21 . A1B39DE453433B115B4EA69EE0343816 . 103424 . . [6.0.6000.16386] .. c:\windows\system32\browser.dll
.
[7] 2012-06-01 . 0688C6F0E5B1E0ADB1E10BF6A9023063 . 11264 . . [6.0.6002.22869] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_04a16b072b950d95\lsass.exe
[7] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6002.18541] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_042567f8126e70e3\lsass.exe
[7] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6002.18541] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_04276a72126ca0b8\lsass.exe
[7] 2011-11-16 . 54BC2124F6BCF2050D7C3057C0611AD4 . 11264 . . [6.0.6002.22742] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_04b006f32b8b272b\lsass.exe
[7] 2009-09-10 . 1104B18819392FEA12FB5F9E170E66B3 . 9728 . . [6.0.6000.21125] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_00fbc3d9312b9991\lsass.exe
[7] 2009-09-10 . BBBCE2DACDCCD5EA60A50D0023AE2DE9 . 11264 . . [6.0.6002.22223] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_04c69d972b7a16dd\lsass.exe
[7] 2009-09-09 . 41FB90DF49F203672F459122EF1F13B1 . 11264 . . [6.0.6001.22518] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_02effd0d2e47247b\lsass.exe
[7] 2009-06-15 . 1E766E4C5BF9E230AD37A56BF7DB6C94 . 9728 . . [6.0.6000.21067] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[7] 2009-06-15 . 306E4503E083A498AE797FF59FA72839 . 9728 . . [6.0.6000.16870] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[7] 2009-06-15 . 80F4593E92FF960E4763380D3168E498 . 11264 . . [6.0.6001.18272] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[7] 2009-06-15 . 02474FBCB00AA5C622E92F620DB9A041 . 11264 . . [6.0.6001.22450] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[7] 2009-06-15 . 40348DCEC0712ED42231C5F90A69A690 . 11264 . . [6.0.6002.18051] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[7] 2009-06-15 . EBDAEE60E442BEA413E5D7CEDFB09463 . 11264 . . [6.0.6002.22152] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe
[7] 2009-02-13 . 1979F94B28107233315DD6220F2304DD . 11264 . . [6.0.6001.22376] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_02ad19252e799f25\lsass.exe
[7] 2009-02-13 . E231BDBD7D69857EEFFDEB3A48A53824 . 9728 . . [6.0.6000.16820] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_006d4b9418124aab\lsass.exe
[7] 2009-02-13 . 563B71CEF1D46A24C5980FA2988DB67F . 9728 . . [6.0.6000.21010] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_0101906d312801c6\lsass.exe
[7] 2008-01-21 . 1B461E9F6DB0EF829B4369F47A24BBEC . 11264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_026926461528a96c\lsass.exe
[7] 2008-01-21 . 1B461E9F6DB0EF829B4369F47A24BBEC . 11264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_02635b98152c3e5e\lsass.exe
[7] 2008-01-21 . 1B461E9F6DB0EF829B4369F47A24BBEC . 11264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_04549f52124a74b8\lsass.exe
[7] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6000.16386] .. c:\windows\system32\lsass.exe
.
[7] 2008-01-21 . 9B63B29DEFC0F3115A559D2597BF5D75 . 348160 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_6bdbb71a0a2d4469\netman.dll
[7] 2008-01-21 . 9B63B29DEFC0F3115A559D2597BF5D75 . 348160 . . [6.0.6000.16386] .. c:\windows\system32\netman.dll
.
[7] 2009-04-11 . 6D316F4859634071CC25C4FD4589AD2C . 1081856 . . [7.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_819ad97caef1480e\qmgr.dll
[7] 2008-01-21 . D896A0D43F8AB81ECB1FC6C24DECFD58 . 1082368 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_7faf6070b1cf7cc2\qmgr.dll
[7] 2009-04-11 . 6D316F4859634071CC25C4FD4589AD2C . 1081856 . . [7.0.6001.18000] .. c:\windows\system32\qmgr.dll
.
[7] 2009-04-11 . CF8B9A3A5E7DC57724A89D0C3E8CF9EF . 719872 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_c7d4f08bf35f3abe\rpcss.dll
[7] 2009-03-03 . 857E04C16007E60FCC0803239C853E78 . 717824 . . [6.0.6001.22389] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_c6259b510f93cd21\rpcss.dll
[7] 2009-03-03 . 52CDADE8289FF21F1F2215FF51A5F36C . 718336 . . [6.0.6001.18226] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_c5d9dd2ff64839ac\rpcss.dll
[7] 2009-03-03 . 007F8DE7AC0F9386C3FD2EC7DC87C37A . 724992 . . [6.0.6000.16830] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_c3e2cce1f92f2ca2\rpcss.dll
[7] 2009-03-03 . 54FF562C2710BB610B019D723B16FB2A . 724992 . . [6.0.6000.21023] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_c47a129912422fc2\rpcss.dll
[7] 2008-01-21 . FF27BE0BA7B3C48D5C99AFCB56D436C2 . 713728 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_c5e9777ff63d6f72\rpcss.dll
[7] 2009-04-11 . CF8B9A3A5E7DC57724A89D0C3E8CF9EF . 719872 . . [6.0.6000.16386] .. c:\windows\system32\rpcss.dll
.
[7] 2009-04-11 . 934E0B7D77FF78C18D9F8891221B6DE3 . 384512 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[7] 2008-01-21 . DFAC660F0F139276CC9299812DE42719 . 384512 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe
[7] 2009-04-11 . 934E0B7D77FF78C18D9F8891221B6DE3 . 384512 . . [6.0.6000.16386] .. c:\windows\system32\services.exe
.
[7] 2010-08-17 . 439017BE66398AB809D81B3AE8393883 . 273920 . . [6.0.6002.22468] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_34a17b8490538c82\spoolsv.exe
[7] 2010-08-17 . F66FF751E7EFC816D266977939EF5DC3 . 273920 . . [6.0.6002.18294] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_33f36be77751de08\spoolsv.exe
[7] 2010-08-17 . 92E6738D25C2123BE9515C0EAC0776CD . 267776 . . [6.0.6001.18511] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_3260788179ed5d57\spoolsv.exe
[7] 2010-08-17 . 7F59AA690212241B398D6DBE4071EE3C . 270848 . . [6.0.6001.22743] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_32cba802932180c9\spoolsv.exe
[7] 2009-04-11 . EADA445EAEDD1D7DF4C5EB42B3612729 . 268288 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_3455b7b177080198\spoolsv.exe
[7] 2008-01-21 . E6519A9E756D74DC51C697BA62162F51 . 267264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_326a3ea579e6364c\spoolsv.exe
[7] 2010-08-17 . F66FF751E7EFC816D266977939EF5DC3 . 273920 . . [6.0.6000.16386] .. c:\windows\system32\spoolsv.exe
.
[7] 2009-04-11 . 6D0773A3A65D28B663F334C90441D01A . 405504 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[7] 2008-01-21 . 856491FCED98093D824B9EB2892F564A . 406016 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[7] 2009-04-11 . 6D0773A3A65D28B663F334C90441D01A . 405504 . . [6.0.6001.18000] .. c:\windows\system32\winlogon.exe
.
[7] 2012-06-02 . C1C03EA437EDDA8A7D4D8786E5AE6751 . 57880 . . [7.6.7600.256] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_d5f513f25190f276\wuauclt.exe
[7] 2012-06-02 . C1C03EA437EDDA8A7D4D8786E5AE6751 . 57880 . . [7.6.7600.256] .. c:\windows\system32\wuauclt.exe
.
[7] 2010-09-02 . E5763ED4A35DE72855B731EDF2081B6E . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_97d4553ba6d9b810\comctl32.dll
[7] 2010-09-02 . 55EAEF6344C328416969AA1622100139 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_fe44c5cb0dae9066\comctl32.dll
[7] 2010-09-02 . F80C6985B787E40EB2B6B99A453A243A . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_432d25ac526cda7f\comctl32.dll
[7] 2010-09-01 . EB00FFCBB31A4CA35F80D92F14CBF04B . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_96135489a9968dcc\comctl32.dll
[7] 2010-09-01 . CA41B0BFB677D1261E68EA138CE106C2 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_fe655b750d60b18a\comctl32.dll
[7] 2010-09-01 . 16C1CC7E5B6A5B6A21C368D39DC4B03F . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_42a7622b394b8efb\comctl32.dll
[7] 2010-08-31 . 74ABE02BF1937B32C6FC169A782FCF60 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_97a639428d76b771\comctl32.dll
[7] 2010-08-31 . 46662CD685A6341AB4AED86D134D80E9 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd\comctl32.dll
[7] 2010-08-31 . 09451F87CFF73FF22D9479FB0A73861C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_41466cae55469b30\comctl32.dll
[7] 2010-08-31 . 058BE5961AC5D6ACFD1961C2471F61B5 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_95a8250890626a5a\comctl32.dll
[7] 2010-08-31 . 6D98A7638947F0C9DAB31F094A591795 . 2049024 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec\comctl32.dll
[7] 2010-08-31 . F39DFA95BC391B166B40F4E38E5F1223 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_40bf29b13c26ca69\comctl32.dll
[7] 2009-04-11 . 94B60C9A7AEE8A9F3C1028F8DC5CED41 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da\comctl32.dll
[7] 2008-01-21 . BD3133E6B73195A95C67F7B09E012DE0 . 2049024 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6\comctl32.dll
[7] 2008-01-21 . 67DA61D3B12CEB5A4C86646AB468F0BA . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_95baba849054f4b0\comctl32.dll
[7] 2008-01-21 . 23797D89BE03772F411E387A3C81DBF8 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_40ba501d3c2b20ff\comctl32.dll
[7] 2006-11-02 . C6FFCA00D8C81D66C4194378EFF34199 . 2017792 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa\comctl32.dll
[7] 2006-11-02 . E47109C2D7D95962D08C9FD061A9BAD3 . 629248 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_40339432230aebeb\comctl32.dll
[7] 2010-08-31 . 74ABE02BF1937B32C6FC169A782FCF60 . 633856 . . [5.82] .. c:\windows\system32\comctl32.dll
.
[7] 2008-01-21 . DDEE5FE5C3C3141CE02DE6B7B2BF686B . 1291264 . . [2001.12.6931.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_88cf765b9e8f4a59\comres.dll
[7] 2008-01-21 . DDEE5FE5C3C3141CE02DE6B7B2BF686B . 1291264 . . [2001.12.6930.16386] .. c:\windows\system32\comres.dll
.
[7] 2012-06-02 . CA78B312C44E4D52E842C2C8BD48E452 . 174592 . . [6.0.6002.18643] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_d3dc79145070b66b\cryptsvc.dll
[7] 2012-06-01 . 256B8B96B83AEA5213EE90782446DA38 . 177664 . . [6.0.6002.22869] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_d45679a969992348\cryptsvc.dll
[7] 2012-04-23 . 62740B9D2A137E8CED41A9E4239A7A31 . 174592 . . [6.0.6002.18618] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_d401ea4a5053e14b\cryptsvc.dll
[7] 2012-04-23 . DD9C01648A6455278A441775CA59E2FD . 177664 . . [6.0.6002.22840] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_d46316e769910757\cryptsvc.dll
[7] 2009-04-11 . 18918613E63F387CDE4D95CA7D49DCF7 . 166912 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf4504e8a6b\cryptsvc.dll
[7] 2008-01-21 . 4374F784121D8B3BB466B03F5E5EBD33 . 165376 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e8532cbf1f\cryptsvc.dll
[7] 2012-06-02 . CA78B312C44E4D52E842C2C8BD48E452 . 174592 . . [6.0.6000.16386] .. c:\windows\system32\cryptsvc.dll
.
[7] 2009-04-11 . E12F22B73F153DECE721CD45EC05B4AF . 361984 . . [2001.12.6932.18005] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_6af7b3ad073cdcab\es.dll
[7] 2008-04-19 . 1782416278B378F80862187EEBC0A51C . 361472 . . [2001.12.6930.16677] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_66e14e8d0d26f566\es.dll
[7] 2008-04-19 . 7143F5F8D7FF0712B6D2F336495554FE . 361472 . . [2001.12.6930.20818] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_67accd1026130408\es.dll
[7] 2008-04-18 . AE5538074DF0BB8EE5A3ECB9F5460965 . 361984 . . [2001.12.6931.22162] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_6956f87823678b7d\es.dll
[7] 2008-04-18 . 6B1A97BF9FEFBDC83F3C7C7D0F826C66 . 361984 . . [2001.12.6931.18057] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_68dd2d0b0a3d4e75\es.dll
[7] 2008-01-21 . D8338E6B3C23AD36096A6FDABD039283 . 354304 . . [2001.12.6931.18000] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_690c3aa10a1b115f\es.dll
[7] 2009-04-11 . E12F22B73F153DECE721CD45EC05B4AF . 361984 . . [2001.12.6932.18005] .. c:\windows\system32\es.dll
.
[7] 2009-04-11 . 62C15795629FA290656C6A7E5CD25F52 . 163840 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_ba6032a62fea3984\imm32.dll
[7] 2008-01-21 . 8D2C00D198598AAE77B1648FFBF39895 . 163840 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_b874b99a32c86e38\imm32.dll
[7] 2009-04-11 . 62C15795629FA290656C6A7E5CD25F52 . 163840 . . [6.0.6002.18005] .. c:\windows\system32\imm32.dll
.
[7] 2010-04-16 . 1795848538EA2328648E9FAB31351157 . 622080 . . [1.0626.6002.22384] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_0b36ae8b275afcf9\usp10.dll
[7] 2010-04-16 . 11EAF90B44A9E378CB6F4ECBF2471F60 . 621568 . . [1.0626.6002.18244] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_0ad851700e1ced6b\usp10.dll
[7] 2010-04-16 . 718AA06AE8741F8C7877C25F4AD97280 . 622080 . . [1.0626.6001.18461] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_08d93cec110986fd\usp10.dll
[7] 2010-04-16 . EB7E9B4E65D014EF958330C3E55735DD . 622592 . . [1.0626.6001.22672] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_09590bfb2a2e5936\usp10.dll
[7] 2009-04-11 . 6C7812812F7F343100EA655DC26C9888 . 621568 . . [1.0626.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_0b048d9e0dfb9cb0\usp10.dll
[7] 2008-01-21 . 8745227FAB62C0886B4B122CAD1D799E . 622080 . . [1.0626.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_0919149210d9d164\usp10.dll
[7] 2010-04-16 . 11EAF90B44A9E378CB6F4ECBF2471F60 . 621568 . . [1.0626.6002.18244] .. c:\windows\system32\usp10.dll
.
[7] 2012-09-28 . A02EB771DAE80667E3C877CF19E3F6EE . 1210368 . . [6.0.6002.18704] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_f1c706d10bcb97ea\kernel32.dll
[7] 2012-09-28 . 53864C438B27EAC653D35F8ACF0A17FC . 1211904 . . [6.0.6002.22942] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_f223653e250b71f1\kernel32.dll
[7] 2011-04-12 . 2299078C1E59FE69ADDF49897D6A373A . 1210880 . . [6.0.6002.18449] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_f1a0c2e10be78eec\kernel32.dll
[7] 2011-04-12 . F2338C94CDCD7AD28A14428D46A05D0B . 1211904 . . [6.0.6002.22625] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_f23c004224f88e9f\kernel32.dll
[7] 2011-04-12 . 6ADB508FEADBDEC41C194B4C03FA5201 . 1208832 . . [6.0.6001.18631] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_efbd1caf0ec055f8\kernel32.dll
[7] 2011-04-12 . 777DF7F47BEE82833E324F0EB18B7ED1 . 1213440 . . [6.0.6001.22898] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_f00cddde28084bf0\kernel32.dll
[7] 2009-04-11 . A1489655AB04BBB5290C3FC274D33E57 . 1217536 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_f1c7f9d10bcac530\kernel32.dll
[7] 2009-02-13 . 8331C9E592358DE5157169699BD836D7 . 1208832 . . [6.0.6001.18215] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_efd6b6170eac8ed6\kernel32.dll
[7] 2009-02-13 . 2EEE45C483BA534A84CACC9D8001FE0E . 1210880 . . [6.0.6001.22376] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_f02073a427f9ef9d\kernel32.dll
[7] 2009-02-13 . 1A5CE3CDE414ED758D4E1616F422C20B . 1233408 . . [6.0.6000.16820] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_ede0a61311929b23\kernel32.dll
[7] 2009-02-13 . 08E8EF6A8D18BD1D89896903DCD103D2 . 1233920 . . [6.0.6000.21010] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_ee74eaec2aa8523e\kernel32.dll
[7] 2008-01-21 . 1122C8BE4BC4F392598A9543DC1014E0 . 1213952 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_efdc80c50ea8f9e4\kernel32.dll
[7] 2012-09-28 . A02EB771DAE80667E3C877CF19E3F6EE . 1210368 . . [6.0.6001.18000] .. c:\windows\system32\kernel32.dll
.
[7] 2008-01-21 . 8BDE3074EE7BB92030448419E33635C7 . 29184 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6001.18000_none_9483cda05db182e8\linkinfo.dll
[7] 2008-01-21 . 8BDE3074EE7BB92030448419E33635C7 . 29184 . . [6.0.6001.18000] .. c:\windows\system32\linkinfo.dll
.
[7] 2012-11-08 . 1B3B77010FB77CE937E48B7ABDC7A0B7 . 32768 . . [6.0.6002.22969] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22969_none_0829faa329502fd2\lpk.dll
[7] 2011-02-16 . C95E1180E721401CE923FD4381216F45 . 32768 . . [6.0.6002.22589] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_0814533329607318\lpk.dll
[7] 2011-02-16 . EBADCE0742E19CAE2F1FE37D12AE9512 . 32768 . . [6.0.6001.22854] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_06494f9d2c264b6e\lpk.dll
[7] 2011-01-08 . 53F965A37AF97ED41A5D722F653F7A16 . 32768 . . [6.0.6002.22566] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_0826f22d2952ef31\lpk.dll
[7] 2011-01-08 . 973AC5DF18195F659F950BAD8B52FC27 . 32768 . . [6.0.6001.22830] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_065aee4d2c19ae30\lpk.dll
[7] 2010-10-28 . 712393754587ECC35EC72680D3031298 . 32768 . . [6.0.6002.22514] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_085b0135292c30ce\lpk.dll
[7] 2010-10-28 . 502D874EFB849DB686B31EA5C6C64750 . 32768 . . [6.0.6001.22787] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_062bded12c3bee1f\lpk.dll
[7] 2010-05-26 . 015628C13EA6B4CC62D9CFC276379F02 . 32768 . . [6.0.6002.22412] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_0858febb292e00f9\lpk.dll
[7] 2010-05-26 . 801AA6FFA579BA861BF002E5DB209F19 . 32768 . . [6.0.6001.22700] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_067b5c2b2c015d36\lpk.dll
[7] 2009-10-19 . 35E625ED9FE3A7F29CA7694BA02AEA7B . 32768 . . [6.0.6001.22544] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_065419d72c1e3808\lpk.dll
[7] 2009-10-19 . 96975D0384839E4FA2BE137B0F386ADA . 33280 . . [6.0.6000.21142] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_046bb0d92ef9aa84\lpk.dll
[7] 2009-10-19 . B96C6EA864956C49B8426ED10340C772 . 33280 . . [6.0.6000.16939] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_03f40dde15cd6ce8\lpk.dll
[7] 2009-10-19 . B9A0B9E32F7AB5717A9CEC1B4DC05C62 . 32768 . . [6.0.6002.22247] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_083d8c9d2941d931\lpk.dll
[7] 2009-06-15 . 4E53E703118C8092D255B4BEC2FE997B . 33280 . . [6.0.6000.21067] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_045b108d2f0563f2\lpk.dll
[7] 2009-06-15 . 25634B6ADDBAB73F6EF235D26D93C84A . 33280 . . [6.0.6000.16870] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_03bfc9ae15f5fb76\lpk.dll
[7] 2009-06-15 . 414E030D6D67F6F7F4663BCF441936CA . 32768 . . [6.0.6001.22450] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_064546dd2c29f176\lpk.dll
[7] 2009-06-15 . 1E8003BF4D8A37EA8BFA005879D47258 . 32768 . . [6.0.6002.22152] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_082db959294e7948\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_05f1b3fc12e3ce82\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_05a808e8131abf15\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_05ca7b2613009b17\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_059d3cc81322d554\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_05cd7fd012fde16a\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_05af10a0131467eb\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_059970c813249fcd\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_07dd2d08100599ce\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_07a31c441031c027\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_07c68ecc1016b580\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_0799506e1038efbd\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_07bdc340101cfe6d\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_078d821e1041ef7e\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_07dd34a010058e6a\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_07c79a7a1015bdc1\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\system32\lpk.dll
.
[7] 2008-01-21 . D23E5184266747DDCE9D0C6581D916B3 . 433664 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_0c54e1384cf6f7c7\hnetcfg.dll
[7] 2008-01-21 . D23E5184266747DDCE9D0C6581D916B3 . 433664 . . [6.0.6000.16386] .. c:\windows\system32\hnetcfg.dll
.
[7] 2012-11-09 . 9C58E91918AD09D2601715985F3A9DD9 . 9329152 . . [8.00.6001.19393] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19393_none_51ec6317f09a9684\mshtml.dll
[7] 2012-11-09 . 8D72A805B694D309641B7426E31CA672 . 9331712 . . [8.00.6001.23461] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23461_none_52946f1309a1afcd\mshtml.dll
[7] 2012-08-25 . 47D6B0A7C76307E86A248656957E853A . 9332224 . . [8.00.6001.23415] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23415_none_52ce7fd709758974\mshtml.dll
[7] 2012-08-25 . 55B5AC96640364F5A3354942A5AB89DC . 9329152 . . [8.00.6001.19328] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19328_none_523d13fdf05d51a0\mshtml.dll
[7] 2012-06-28 . 50013466E84ED7D9C59F001D44C7B489 . 9331712 . . [8.00.6001.23385] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23385_none_5282ce7d09ae4fe4\mshtml.dll
[7] 2012-06-28 . C2FA74D9F58FB3E685C9E4054B4642D2 . 9328640 . . [8.00.6001.19298] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19298_none_51f162a3f0961810\mshtml.dll
[7] 2012-05-15 . 35847FB3C697B2D8AFB644C33AFA4365 . 9331712 . . [8.00.6001.23359] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23359_none_52a73f690992616d\mshtml.dll
[7] 2012-05-15 . 69DCFBB55F1C38404A4A73B675351D31 . 9328640 . . [8.00.6001.19272] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19272_none_520100bff08b4824\mshtml.dll
[7] 2012-02-28 . 57AB356218A181794EC0F571EC0253EE . 9297408 . . [8.00.6001.23318] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23318_none_52d17ecf0972d852\mshtml.dll
[7] 2012-02-28 . FAAFB8AF62A36E2761488548D66A96BD . 9292800 . . [8.00.6001.19222] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19222_none_5237105bf062bc6f\mshtml.dll
[7] 2011-12-15 . 8CC8E0BEC91E18A01D2CFFAC0758D8E7 . 9298944 . . [8.00.6001.23286] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23286_none_5283cce109ad6c14\mshtml.dll
[7] 2011-12-15 . 8AB0B5B9233FE2DF31485107A30E35B2 . 9292288 . . [8.00.6001.19190] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19190_none_51e95e6df09d5031\mshtml.dll
[7] 2011-11-03 . 0B47AA4795394DB41B7D3E41D43EF754 . 9296896 . . [8.00.6001.23266] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23266_none_52996cb9099d3432\mshtml.dll
[7] 2011-11-03 . 3FB713AC2572582DDA87A53F9CBAABD9 . 9292288 . . [8.00.6001.19170] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19170_none_51fefe45f08d184f\mshtml.dll
[7] 2011-09-30 . 06288E2D28BED11860CFE1F2DC6906BD . 9287168 . . [8.00.6001.23250] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23250_none_529e3ae9099a8037\mshtml.dll
[7] 2011-09-30 . 6318542204255587251C2914A79B4DFF . 9284096 . . [8.00.6001.19154] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19154_none_52189f45f07945c9\mshtml.dll
[7] 2011-07-23 . 4B8CB3CD67934703B5EC5C6CD756CB1E . 9281536 . . [8.00.6001.23216] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23216_none_52cf7c550974a87d\mshtml.dll
[7] 2011-07-23 . B0FAEB94C49857B08EB7E8C64FB1A190 . 9278976 . . [8.00.6001.19120] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19120_none_52350de1f0648c9a\mshtml.dll
[7] 2011-05-28 . 72384FEAEE3C79B98979EA848547C8ED . 9273856 . . [8.00.6001.23181] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23181_none_527ec98909b1f03a\mshtml.dll
[7] 2011-05-28 . 3A87CEE544BEB10254F9D37701EC1116 . 9272320 . . [8.00.6001.19088] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19088_none_51fc2ec3f08e01d1\mshtml.dll
[7] 2011-02-22 . 6DFD3BCCF9C101847B7E68D00C92A19F . 9265664 . . [8.00.6001.23143] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_52ac09cd098fb324\mshtml.dll
[7] 2011-02-22 . D972E38E0519FF6F805B88676767CE64 . 9265664 . . [8.00.6001.19048] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_52276e73f06d920d\mshtml.dll
[7] 2010-12-18 . A9CBEECAF9C57A976A1E5C1042644881 . 9265152 . . [8.00.6001.23111] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_52ca78fd09792ca3\mshtml.dll
[7] 2010-12-18 . 9E936F64DFF6442FCD735417305DFBDA . 9264640 . . [8.00.6001.19019] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_5248de81f0545791\mshtml.dll
[7] 2010-11-02 . 08C95DAD69489E8292076EF7C7043B77 . 9263104 . . [8.00.6001.23091] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_5273f7b709ba0f04\mshtml.dll
[7] 2010-11-02 . 9D88761F3C38E8D13455D37C98AB8026 . 9259520 . . [8.00.6001.18999] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_51f286fff09503d7\mshtml.dll
[7] 2010-09-08 . 1AD1FA13194C76F7B3F33F32FB6C5E49 . 9259008 . . [8.00.6001.23067] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_529a6937099c533b\mshtml.dll
[7] 2012-11-09 . 9C58E91918AD09D2601715985F3A9DD9 . 9329152 . . [8.00.6001.18702] .. c:\windows\system32\mshtml.dll
.
[7] 2011-12-14 . 2C74308C8A20F3F3A2226DFE36914CBF . 621056 . . [7.0.6002.18551] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_2f25436a5491724b\msvcrt.dll
[7] 2011-12-14 . 4B2F10ED918CA8B29A04B8B1B34D9349 . 621056 . . [7.0.6002.22755] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_2fb2e3436dab7498\msvcrt.dll
[7] 2009-04-11 . 37B71108BFD6E276695CE24171F2889B . 621056 . . [7.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_2f5f4ab054655a2f\msvcrt.dll
[7] 2008-01-21 . 11DB261E8EE318CA41498300327CB5F2 . 621056 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_2d73d1a457438ee3\msvcrt.dll
[7] 2011-12-14 . 2C74308C8A20F3F3A2226DFE36914CBF . 621056 . . [7.0.6002.18551] .. c:\windows\system32\msvcrt.dll
.
[7] 2009-04-11 . BB08D93011B82883EC33C7707A9627BE . 304128 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_165d6b95e2cafb10\mswsock.dll
[7] 2008-01-21 . 66306D7E90650EBE667811C1AF010BAC . 304128 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_1471f289e5a92fc4\mswsock.dll
[7] 2009-04-11 . BB08D93011B82883EC33C7707A9627BE . 304128 . . [6.0.6000.16386] .. c:\windows\system32\mswsock.dll
.
[7] 2009-04-11 . A3F1B171702CA04744EE514243B45BFB . 717312 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[7] 2008-01-21 . 5D0A4891F8CD0E9E64FF57A6A34044F5 . 716800 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[7] 2009-04-11 . A3F1B171702CA04744EE514243B45BFB . 717312 . . [6.0.6001.18000] .. c:\windows\system32\netlogon.dll
.
[7] 2009-04-11 . 7823A58BF0FE3CAAA555C12B5CF91290 . 123392 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_0123b2f0b2579bf3\powrprof.dll
[7] 2008-01-21 . 6FF12A84BDBA50AFE7FCF3A524E14B71 . 121344 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_ff3839e4b535d0a7\powrprof.dll
[7] 2009-04-11 . 7823A58BF0FE3CAAA555C12B5CF91290 . 123392 . . [6.0.6001.18000] .. c:\windows\system32\powrprof.dll
.
[7] 2009-04-11 . 9922ADB6DCA8F0F5EA038BEFF339C08B . 235520 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
[7] 2008-01-21 . 35F1DD99F9903BC267C2AF16B09F9BF7 . 235520 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[7] 2009-04-11 . 9922ADB6DCA8F0F5EA038BEFF339C08B . 235520 . . [6.0.6000.16386] .. c:\windows\system32\scecli.dll
.
[7] 2006-11-02 . 2CCA759379C220D29F0066CA49E9259F . 6144 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_03545ed0148f16ae\sfc.dll
[7] 2006-11-02 . 2CCA759379C220D29F0066CA49E9259F . 6144 . . [6.0.6000.16386] .. c:\windows\system32\sfc.dll
.
[7] 2008-01-21 . CDA9F1373805AF88F6FA4F2064BBA24D . 27648 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe
[7] 2008-01-21 . CDA9F1373805AF88F6FA4F2064BBA24D . 27648 . . [6.0.6000.16386] .. c:\windows\system32\svchost.exe
.
[7] 2009-04-11 . CC2562B4D55E0B6A4758C65407F63B79 . 318976 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_4146ed6b9a71d501\tapisrv.dll
[7] 2008-01-21 . 52091001CAF20AE84CF47023EE21B4BB . 318464 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_3f5b745f9d5009b5\tapisrv.dll
[7] 2009-04-11 . CC2562B4D55E0B6A4758C65407F63B79 . 318976 . . [6.0.6000.16386] .. c:\windows\system32\tapisrv.dll
.
[7] 2009-04-11 . F3F5549E69AE8509342E67E4F972CA1C . 820224 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll
[7] 2008-01-21 . 32B87D215905F648EBE36A621978442C . 820224 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll
[7] 2009-04-11 . F3F5549E69AE8509342E67E4F972CA1C . 820224 . . [6.0.6001.18000] .. c:\windows\system32\user32.dll
.
[7] 2008-01-21 . A0AB2BB9A92293D9CE66E252719AB5FE . 28160 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
[7] 2008-01-21 . A0AB2BB9A92293D9CE66E252719AB5FE . 28160 . . [6.0.6000.16386] .. c:\windows\system32\userinit.exe
.
[7] 2012-11-09 . 13C073F14F948CC9F875147DA74F300D . 1147392 . . [8.00.6001.19393] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19393_none_409243f970442d4e\wininet.dll
[7] 2012-11-09 . F6A0DF1CEA264EEBA156AD4FD974E4BF . 1151488 . . [8.00.6001.23461] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23461_none_413a4ff4894b4697\wininet.dll
[7] 2012-08-25 . F60069B26B7FC05941DBB5FB775B4CDF . 1151488 . . [8.00.6001.23415] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23415_none_417460b8891f203e\wininet.dll
[7] 2012-08-25 . A7343332E5AEEFB6F0496405AE897B77 . 1147392 . . [8.00.6001.19328] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19328_none_40e2f4df7006e86a\wininet.dll
[7] 2012-06-28 . A14FEC86F9B5B9D0137C011850B330EF . 1151488 . . [8.00.6001.23385] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23385_none_4128af5e8957e6ae\wininet.dll
[7] 2012-06-28 . 817E86B2F0A26AF4F83856003A3A7DBB . 1147392 . . [8.00.6001.19298] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19298_none_40974385703faeda\wininet.dll
[7] 2012-05-15 . 3A816BB74DB02A372F2A08D99C268FC6 . 1151488 . . [8.00.6001.23359] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23359_none_414d204a893bf837\wininet.dll
[7] 2012-05-15 . EDDEEB0DD7E12EB062E47BA6A2E09D06 . 1147392 . . [8.00.6001.19272] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19272_none_40a6e1a17034deee\wininet.dll
[7] 2012-02-28 . C97A10A09973F12953F23ED844A9EF19 . 1151488 . . [8.00.6001.23318] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23318_none_41775fb0891c6f1c\wininet.dll
[7] 2012-02-28 . 96070413E0F9620565BB06A0C4CC976E . 1147392 . . [8.00.6001.19222] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19222_none_40dcf13d700c5339\wininet.dll
[7] 2011-12-15 . 9441181236A720AEC992C9EC7A5A8A39 . 1151488 . . [8.00.6001.23286] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23286_none_4129adc2895702de\wininet.dll
[7] 2011-12-15 . 8C5996CAE7455B38298D883FDBD50D57 . 1147392 . . [8.00.6001.19190] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19190_none_408f3f4f7046e6fb\wininet.dll
[7] 2011-11-03 . DDBAE0D36F9D34919563381B67919A81 . 1150976 . . [8.00.6001.23266] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23266_none_413f4d9a8946cafc\wininet.dll
[7] 2011-11-03 . B76E1F2B873877576BC1069C7EAA3B1F . 1147392 . . [8.00.6001.19170] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19170_none_40a4df277036af19\wininet.dll
[7] 2011-10-01 . B0E483C020C3DAA9620770DA9F2470F0 . 1149952 . . [8.00.6001.23250] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23250_none_41441bca89441701\wininet.dll
[7] 2011-09-30 . 771B517C773728A65AE8956ADF099D83 . 1147904 . . [8.00.6001.19154] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19154_none_40be80277022dc93\wininet.dll
[7] 2011-07-23 . 14CB1B7FA859896BE14126C3EB971FD3 . 1149952 . . [8.00.6001.23216] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23216_none_41755d36891e3f47\wininet.dll
[7] 2011-07-23 . 5C5F100B93FFDA632C352AAC5C774DE6 . 1147904 . . [8.00.6001.19120] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19120_none_40daeec3700e2364\wininet.dll
[7] 2011-05-28 . 964B0B8A24D4E3FAE0E365F4BEBEC471 . 1150976 . . [8.00.6001.23181] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_4124aa6a895b8704\wininet.dll
[7] 2011-05-28 . 79F3767D90BA6D04D936DC16FDCB4FB2 . 1147904 . . [8.00.6001.19088] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_40a20fa57037989b\wininet.dll
[7] 2011-02-22 . E3B43B82F025BC3B23DFDE66A4A026F2 . 1150976 . . [8.00.6001.23143] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_4151eaae893949ee\wininet.dll
[7] 2011-02-22 . 749C440784B33BC358C8D633AE64A657 . 1147904 . . [8.00.6001.19048] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_40cd4f55701728d7\wininet.dll
[7] 2010-12-18 . 6458A6B10895B0F9E63A6ACB04F2102A . 1150976 . . [8.00.6001.23111] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_417059de8922c36d\wininet.dll
[7] 2010-12-18 . B3365860010DEB30446625E333E9E1CC . 1147904 . . [8.00.6001.19019] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_40eebf636ffdee5b\wininet.dll
[7] 2010-11-02 . 63B2D6E23FC6115EA8864C7DC4DC3E00 . 1150976 . . [8.00.6001.23091] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_4119d8988963a5ce\wininet.dll
[7] 2010-11-02 . 7C39BB00E4B011575C345EE1914172E4 . 1147904 . . [8.00.6001.18999] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_409867e1703e9aa1\wininet.dll
[7] 2010-09-08 . B09ACB639AA914378B33E0585EA5C44F . 1150464 . . [8.00.6001.23067] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_41404a188945ea05\wininet.dll
[7] 2010-09-08 . 6BF6EDCB40B6928BB49FEC83C8B24AF1 . 1147904 . . [8.00.6001.18975] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_40aa06917031fd63\wininet.dll
[7] 2010-06-26 . 0B27168AD18C00B4532D11ADF08FDF16 . 1150976 . . [8.00.6001.23040] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_414ee7ea893c00c2\wininet.dll
[7] 2010-06-26 . AB4A31D99C05A4C7B0C892A10E12FB47 . 1147904 . . [8.00.6001.18943] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_40c875c1701b76e2\wininet.dll
[7] 2010-05-04 . AC03101534D7E281436D19D6AD366BD5 . 1150976 . . [8.00.6001.23019] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_41785a48891b90fe\wininet.dll
[7] 2010-05-04 . B59C26C9A03B661E572C137368E3BD71 . 1147904 . . [8.00.6001.18928] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_40e3170b7006bdb3\wininet.dll
[7] 2010-02-23 . 2F7F1BB11E62BA2E3170B6A6B847DF3D . 1150976 . . [8.00.6001.22995] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_411e019e895fd7e8\wininet.dll
[7] 2010-02-23 . A1CDFFE798DA1EBF3479F87F96482160 . 1147904 . . [8.00.6001.18904] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_40f4b5bb6ffa2075\wininet.dll
[7] 2010-01-02 . 305732FEE113625C4F410878786B043B . 1147904 . . [8.00.6001.22973] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_4131a0e289516d58\wininet.dll
[7] 2010-01-02 . EDAF8EE6D81BE3FCCC8B375431D8559C . 1147904 . . [8.00.6001.18882] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_409c33e1703cd028\wininet.dll
[7] 2009-11-21 . 3958F2ACD7C145882861B0CCF9167B8D . 1147904 . . [8.00.6001.22956] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_414a4198893e817b\wininet.dll
[7] 2009-11-21 . 8A0346910DF96622B82E3411BC6DBB72 . 1147904 . . [8.00.6001.18865] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_40b4d4977029e44b\wininet.dll
[7] 2009-08-27 . EDBD07D91010DD925EB352DA66914D98 . 1147904 . . [8.00.6001.22918] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_417781dc891c4465\wininet.dll
[7] 2009-08-27 . CE0D70556096DE3BB8319E75E03E3744 . 1147904 . . [8.00.6001.18828] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_40e315257006c08c\wininet.dll
[7] 2009-07-22 . 5EFC9526905C57907BFD1295DA41BFB8 . 1146880 . . [8.00.6001.22903] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_417d50568918a9c1\wininet.dll
[7] 2009-07-21 . DC6AB393A9C7BCC24C55DBDCEE1033BD . 1146880 . . [8.00.6001.18813] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_40e8e39f700325e8\wininet.dll
[7] 2009-05-12 . AD09F2CDAD189EB379E6B457F3809C92 . 1146368 . . [8.00.6001.22874] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22874_none_41329f4689508988\wininet.dll
[7] 2009-05-09 . 18A01A9307257637D8FB4FA86F4A689F . 1146368 . . [8.00.6001.18783] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18783_none_409d3245703bec58\wininet.dll
[7] 2009-04-24 . 6FC180D7D8B72C96766F854FCD2CAA5B . 1023488 . . [7.00.6000.16851] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_5bec44d55d319185\wininet.dll
[7] 2009-04-24 . BEF933C0CCBA89A12D24FE11E4FAF9C2 . 1025536 . . [7.00.6000.21046] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_5c858b207642c753\wininet.dll
[7] 2009-04-24 . 331453677C30BE6534FC955E252CEA3C . 1014272 . . [7.00.6001.18248] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_5de4556d5a49b7e6\wininet.dll
[7] 2009-04-24 . C1FCF4D8F9CD2A322F0C67F332A54173 . 1015296 . . [7.00.6001.22418] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_5e8e63e2734f0104\wininet.dll
[7] 2009-04-24 . 6474C9B87A44943EFBCB115352F866A0 . 1014272 . . [7.00.6002.22121] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_606303d87083c0b8\wininet.dll
[7] 2009-04-23 . 3E2312FF315A1DC8783FB327076AB671 . 1014272 . . [7.00.6002.18024] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_5fdc67eb57636cf3\wininet.dll
[7] 2009-04-11 . 1FA5623B49F69207B2E1DA94DB1C5B7D . 1014272 . . [7.00.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_5ff3080d57524e68\wininet.dll
[7] 2009-03-08 . 6BEDD690B7E6EBA0E9E193E17832372F . 1146368 . . [8.00.6001.18702] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_40f2b15b6ffbf379\wininet.dll
[7] 2009-03-03 . 34FEB009DEE9A9219B67D9AC0D90A1A7 . 1014784 . . [7.00.6001.22389] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_5e43b2d27386e0cb\wininet.dll
[7] 2009-03-03 . CC23CB07801611BF6081DED055F3C149 . 1013248 . . [7.00.6001.18226] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_5df7f4b15a3b4d56\wininet.dll
[7] 2009-03-03 . A269DC29C60D8FAF8F370D106BEAE859 . 1022976 . . [7.00.6000.16830] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_5c00e4635d22404c\wininet.dll
[7] 2009-03-03 . BC7CDFE7CC70BEE8F81C7AB54FE4A44D . 1024512 . . [7.00.6000.21023] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_5c982a1a7635436c\wininet.dll
[7] 2009-01-16 . DE2EFEAC81EE3AEF9A0A297D06DEA73C . 1014272 . . [7.00.6001.22355] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_5e60216e7372279c\wininet.dll
[7] 2009-01-15 . 4C45D9EEB15838F96D77178CD6CD4244 . 1013248 . . [7.00.6001.18203] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_5e0a93ab5a2dc96f\wininet.dll
[7] 2009-01-15 . BC8E5ED3269BF174B939B07FC167044E . 1024512 . . [7.00.6000.20996] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_5c4fa362766b1fc6\wininet.dll
[7] 2009-01-15 . A0662CC26EEDC71C8598CBD7C986B09D . 1022464 . . [7.00.6000.16809] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_5c2a56c15d01d088\wininet.dll
[7] 2008-10-16 . 8CDADEC7D01F5AE41FD9C49A7053E89B . 1013248 . . [7.00.6001.18157] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_5dd883515a52bd59\wininet.dll
[7] 2008-10-16 . 80C4706935A12EF0DC73F0D0F5A1E577 . 1014272 . . [7.00.6001.22288] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_5e42b0a27387ca4d\wininet.dll
[7] 2008-10-16 . D9E8399459565B4E8A7FF2B01CB55F8D . 1022464 . . [7.00.6000.16764] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_5be473e15d36fc54\wininet.dll
[7] 2008-10-16 . 428A8BB8016D66089CF1EFFA9970A76C . 1024512 . . [7.00.6000.20937] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_5c91833476399177\wininet.dll
[7] 2008-10-02 . 50020130D79D6829116B0F5084653271 . 1022464 . . [7.00.6000.16757] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_5bf244ab5d2c2c68\wininet.dll
[7] 2008-10-02 . FE420A633F07F015B4D6C5A90346FF5D . 1013248 . . [7.00.6001.18148] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_5de453875a49babf\wininet.dll
[7] 2008-10-02 . 0C3985837353FD84BC2E0B2FFFD75FA2 . 1014272 . . [7.00.6001.22278] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_5e4d808e737fae5c\wininet.dll
[7] 2008-10-02 . 0F2E5251DB62D7D47A553DB329DB4B4B . 1024512 . . [7.00.6000.20927] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_5c9c532076317586\wininet.dll
[7] 2008-06-27 . B006FBF83BA6CAE854996F0A1319B5AB . 1013248 . . [7.00.6001.18099] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_5daf424f5a7162a4\wininet.dll
[7] 2008-06-27 . CAE8E1894C7FDEC9A18F4B9B95036105 . 1014272 . . [7.00.6001.22212] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_5e885e5a73546eac\wininet.dll
[7] 2008-06-27 . 9D5E76B1D6941D2BB836655C1B6AE83B . 1022464 . . [7.00.6000.16711] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_5c17829f5d11249a\wininet.dll
[7] 2008-06-27 . 3488EDAF6B3459A6D29B8EFAC70DC35B . 1024512 . . [7.00.6000.20868] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_5c7211d47651017a\wininet.dll
[7] 2008-02-22 . 3CC83953BA4B51B32BD67982A1AF2AF5 . 1013760 . . [7.00.6001.18023] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_5df4f0075a3e0703\wininet.dll
[7] 2008-02-22 . E06F53F091B3567EA83308E5DDFF4094 . 1013760 . . [7.00.6001.22120] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_5e7b8bf4735e5ac8\wininet.dll
[7] 2008-02-22 . 3166E2EE2060D11A783A1B812B6F4945 . 1022976 . . [7.00.6000.20777] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_5c663fb8765a06ed\wininet.dll
[7] 2008-02-21 . 4C48ACC0299116CD22A9522D5C7CFFC4 . 1022464 . . [7.00.6000.16643] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_5bf911895d27adf4\wininet.dll
[7] 2008-01-21 . 364B631BCD934D95CCD2E373F8DD8D7C . 1011712 . . [7.00.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_5e078f015a30831c\wininet.dll
[7] 2012-11-09 . 13C073F14F948CC9F875147DA74F300D . 1147392 . . [8.00.6001.18702] .. c:\windows\system32\wininet.dll
.
[7] 2009-04-11 . BAB10B35E2D5EE0DC3DE05A177C52C50 . 264704 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_50c1c55283d54246\ws2_32.dll
[7] 2008-01-21 . 63944ECFE4878C1C4889689324CABFAB . 265216 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_4ed64c4686b376fa\ws2_32.dll
[7] 2009-04-11 . BAB10B35E2D5EE0DC3DE05A177C52C50 . 264704 . . [6.0.6000.16386] .. c:\windows\system32\ws2_32.dll
.
[7] 2008-01-21 . 9CD45523D76E4177C612B03C879E0AFF . 5120 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_60a39df1afb86c9f\ws2help.dll
[7] 2008-01-21 . 9CD45523D76E4177C612B03C879E0AFF . 5120 . . [6.0.6001.18000] .. c:\windows\system32\ws2help.dll
.
[7] 2010-06-28 . 48E49F1EFE1F20A078DD656DE81AFBA8 . 1916928 . . [6.0.6002.22433] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_0a8eee10c108556a\ole32.dll
[7] 2010-06-28 . 0CB93E3F36C4F4122E7CBBAA731F67D1 . 1915904 . . [6.0.6002.18277] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_09de10d7a8078d99\ole32.dll
[7] 2010-06-28 . C7E11F8B2F3130FB7C3866F1816C4E7D . 1923584 . . [6.0.6001.18498] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_07e2fd7baaf08c87\ole32.dll
[7] 2010-06-28 . 6F9FBFDF627A958ECDD1CB65704CB846 . 1922560 . . [6.0.6001.22720] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_08b04b36c3dc9850\ole32.dll
[7] 2009-04-11 . 19915DB5B186D91CD4B459210C41741B . 1915392 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_0a27bbeba7d09d06\ole32.dll
[7] 2008-01-21 . F36E23B80AC04538726699670050121D . 1923072 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_083c42dfaaaed1ba\ole32.dll
[7] 2010-06-28 . 0CB93E3F36C4F4122E7CBBAA731F67D1 . 1915904 . . [6.0.6000.16386] .. c:\windows\system32\ole32.dll
.
[7] 2006-11-02 . 21322B1A2AD337C579F4A65EA0D25193 . 14848 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[7] 2006-11-02 . 21322B1A2AD337C579F4A65EA0D25193 . 14848 . . [6.0.6000.16386] .. c:\windows\system32\cngaudit.dll
.
[7] 2008-01-21 . 117EA87DF785CA1B9D821F6F213DCE07 . 123904 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe
[7] 2008-01-21 . 117EA87DF785CA1B9D821F6F213DCE07 . 123904 . . [6.0.6000.16386] .. c:\windows\system32\wininit.exe
.
[7] 2006-11-02 . 7E370DF3743B39CD375C52F7995783C4 . 9728 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_f718665b4c03ea89\ctfmon.exe
[7] 2006-11-02 . 7E370DF3743B39CD375C52F7995783C4 . 9728 . . [6.0.6000.16386] .. c:\windows\system32\ctfmon.exe
.
[7] 2009-07-10 . 9235EC680D3DB17464B39C7C7DECB4DD . 301568 . . [6.0.6001.18287] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_28ff7f1fd585934f\shsvcs.dll
[7] 2009-07-10 . 3F6101365E6319171054ADD75788516C . 300032 . . [6.0.6000.21081] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_279cb3aaf1823d60\shsvcs.dll
[7] 2009-07-10 . C2409C9B7C7E422E7680AE4E1738BFC8 . 302080 . . [6.0.6001.22467] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_299ebda8ee92f85e\shsvcs.dll
[7] 2009-07-10 . F33C4D0B9EEFCDE346F8753DC4D6867F . 299520 . . [6.0.6000.16883] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_27153f51d8629d02\shsvcs.dll
[7] 2009-07-10 . 00DD742B99B278429714DEE859A73DD0 . 302080 . . [6.0.6002.22169] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_2b873024ebb78030\shsvcs.dll
[7] 2009-07-10 . 56793271ECDEDD350C5ADD305603E963 . 302080 . . [6.0.6002.18063] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_2af7919dd29f485c\shsvcs.dll
[7] 2009-04-11 . 2AD15758174DCC7993FF3C00A955DD66 . 301568 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_2b3a71b9d26cd364\shsvcs.dll
[7] 2008-01-21 . EB3114330236CF030E8EDF62881BAF67 . 301568 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_294ef8add54b0818\shsvcs.dll
[7] 2009-07-10 . 56793271ECDEDD350C5ADD305603E963 . 302080 . . [6.0.6000.16386] .. c:\windows\system32\shsvcs.dll
.
[7] 2009-04-11 . 44B9D8EC2F3EF3A0EFB00857AF70D861 . 206848 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_e7701a4938f68d83\regsvc.dll
[7] 2008-01-21 . 416C611369CBE49074B89CEE2F83ABEF . 206336 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_e584a13d3bd4c237\regsvc.dll
[7] 2009-04-11 . 44B9D8EC2F3EF3A0EFB00857AF70D861 . 206848 . . [6.0.6000.16386] .. c:\windows\system32\regsvc.dll
.
[7] 2010-11-06 . 0F838C811AD295D2A4489B9993096C63 . 855040 . . [6.0.6002.18342] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_8cdcf8454ca4d06e\schedsvc.dll
[7] 2010-11-06 . CE75D26E0A1106129F4D156851E298ED . 854528 . . [6.0.6001.18551] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_8aeab4414f8780bd\schedsvc.dll
[7] 2010-11-04 . C40E431210CAF3DB00203F5796A31FDE . 856064 . . [6.0.6002.22519] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_8d8e08c065a3caed\schedsvc.dll
[7] 2010-11-04 . 596404B1E48657168BDAA69B9CD1DB74 . 856064 . . [6.0.6001.22791] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_8b49134268c58d72\schedsvc.dll
[7] 2009-04-11 . 717C12DF4B7C93FEC97D146AC1342B25 . 843776 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_8d0b33214c81b53a\schedsvc.dll
[7] 2008-02-26 . C315E4CD537736E53D1F28A497FBE29B . 844288 . . [6.0.6000.20779] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20779_none_89806b606b87a06d\schedsvc.dll
[7] 2008-01-21 . C74C6C01353D87AAFE1193B426D667B0 . 843776 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_8b1fba154f5fe9ee\schedsvc.dll
[7] 2008-01-21 . 5AEA4C9E2B3656B2B53D3886BB6DFC35 . 844288 . . [6.0.6000.16609] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_89427e0952313d0c\schedsvc.dll
[7] 2010-11-06 . 0F838C811AD295D2A4489B9993096C63 . 855040 . . [6.0.6001.18000] .. c:\windows\system32\schedsvc.dll
.
[7] 2008-01-21 . 192C74646EC5725AEF3F80D19FF75F6A . 185856 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_dbe80e6f8995baeb\ssdpsrv.dll
[7] 2008-01-21 . 192C74646EC5725AEF3F80D19FF75F6A . 185856 . . [6.0.6000.16386] .. c:\windows\system32\ssdpsrv.dll
.
[7] 2009-04-11 . 5CDD30BC217082DAC71A9878D9BFD566 . 547328 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_eca9565809c353e4\termsrv.dll
[7] 2008-01-21 . F870A5589D6A94B426EFB13689023946 . 546816 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_eabddd4c0ca18898\termsrv.dll
[7] 2009-04-11 . 5CDD30BC217082DAC71A9878D9BFD566 . 547328 . . [6.0.6001.18000] .. c:\windows\system32\termsrv.dll
.
[7] 2012-08-29 . 1A14913D51571403CF8A3941BDC3BA67 . 4699520 . . [6.0.6002.18686] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18686_none_c9e5027e69e236b3\ntoskrnl.exe
[7] 2012-08-29 . 34C970A45CCC0D65A4A0F8D306E12844 . 4686208 . . [6.0.6002.22920] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22920_none_caa980e182d4911b\ntoskrnl.exe
[7] 2012-04-03 . B59E026F49BF06B435795F867AD46009 . 4687232 . . [6.0.6002.22831] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_ca9faf5982dbc93c\ntoskrnl.exe
[7] 2012-04-03 . 7180984A68411B9D2F2495E03561B47E . 4699520 . . [6.0.6002.18607] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_ca3c822869a07082\ntoskrnl.exe
[7] 2012-03-06 . 98581CA6B029D491F60E32A045BC4FF1 . 4699520 . . [6.0.6002.18595] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18595_none_c9d9306269eb3c26\ntoskrnl.exe
[7] 2012-03-06 . B448C24F801DC79661E30DBC8E739DB2 . 4687744 . . [6.0.6002.22811] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22811_none_cab54f3182cb915a\ntoskrnl.exe
[7] 2011-06-20 . A26DE9288D67E4EAC2D1205043AFD430 . 4699536 . . [6.0.6002.18484] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_c9e2fe1e69e409b7\ntoskrnl.exe
[7] 2011-06-20 . D14B8C4AB6C05B89D430D3911FE2833B . 4688784 . . [6.0.6002.22662] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_ca803c1382f33c18\ntoskrnl.exe
[7] 2010-10-15 . 760A67A51D409EB396D1942D5555435C . 4692368 . . [6.0.6001.18538] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_c836992e6c9193ec\ntoskrnl.exe
[7] 2010-10-15 . 4065E920FB6ED05B5F62A1FB6908C6C5 . 4699024 . . [6.0.6002.18327] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_ca26dc9e69b0b0ef\ntoskrnl.exe
[7] 2010-10-15 . 255A6D981139EFEF605A88E003D1B2A2 . 4689808 . . [6.0.6002.22505] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_cac41a9382bfe350\ntoskrnl.exe
[7] 2010-10-15 . 3A22B135BC4341025E19B9ADFB26C02A . 4678032 . . [6.0.6001.22777] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_c893f7e585d0874a\ntoskrnl.exe
[7] 2010-06-08 . 04C706018E9F0A2C835A427A8AB6EBA1 . 4688256 . . [6.0.6002.22420] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_caa9776382d49f58\ntoskrnl.exe
[7] 2010-06-08 . 825926D6AD714A529F4069D9EBBD1D3B . 4697992 . . [6.0.6002.18267] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_c9fb9b0869d1238c\ntoskrnl.exe
[7] 2010-06-08 . CCCD9EE56C92778385A3E715DC3D5ABF . 4690832 . . [6.0.6001.18488] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_c80087ac6cba227a\ntoskrnl.exe
[7] 2010-06-08 . 31F137EEB5121654A9448904D89209A2 . 4675976 . . [6.0.6001.22707] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_c8dfa7598597c3b3\ntoskrnl.exe
[7] 2010-02-18 . AF706D838B59A6C30D8B46C5C2D9D2FD . 4411272 . . [6.0.6000.21226] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_c6e29ce788828a41\ntoskrnl.exe
[7] 2010-02-18 . 8E3658ABC4A2053DBEA37C84E416DEB5 . 4424072 . . [6.0.6000.17021] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_c653fcc46f696e9d\ntoskrnl.exe
[7] 2010-02-18 . C0EC74895F90E5E788061C7F305F57D1 . 4678032 . . [6.0.6001.22636] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_c8be356585b10108\ntoskrnl.exe
[7] 2010-02-18 . 413D579C2CDEF19CD842F4DF4A90C4ED . 4690832 . . [6.0.6001.18427] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_c84066ea6c8a617d\ntoskrnl.exe
[7] 2010-02-18 . 72FD908E7D1F176C00F1EF8F3D1445B0 . 4697992 . . [6.0.6002.18209] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_ca3e7b24699eae94\ntoskrnl.exe
[7] 2010-02-18 . AE0C10C55347383C0CD6CFF3F4794FD7 . 4690304 . . [6.0.6002.22341] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_ca94d5ef82e3f36a\ntoskrnl.exe
[7] 2009-12-08 . 6DC7FC9EB17EF1CB809AED351DE91DB9 . 4678232 . . [6.0.6001.22577] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_c893f41985d08cfc\ntoskrnl.exe
[7] 2009-12-08 . 5183EBE8114DA62A532E275CFB3729CC . 4425304 . . [6.0.6000.16973] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_c620159a6f8ff9be\ntoskrnl.exe
[7] 2009-12-08 . 46B167601033C2DB4E1A727569A8CA31 . 4412504 . . [6.0.6000.21175] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_c6ab8b1b88abff78\ntoskrnl.exe
[7] 2009-12-08 . E50C900C7F479886F26FA60ADBEE5852 . 4691032 . . [6.0.6001.18377] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_c80a55686cb2f00b\ntoskrnl.exe
[7] 2009-12-08 . 9668520760E72E1B1B9EDFB7BFB6A691 . 4698184 . . [6.0.6002.18160] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_c9f4971c69d77504\ntoskrnl.exe
[7] 2009-12-08 . CBA7366E93C4DCAA62005A177EEC2FCE . 4691528 . . [6.0.6002.22283] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_ca6b94ed830298b5\ntoskrnl.exe
[7] 2009-08-05 . 5E99FFD02816FF54247294C7C9C003B9 . 4412488 . . [6.0.6000.21101] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_c6f339678876d685\ntoskrnl.exe
[7] 2009-08-05 . C53B06CB817845873A3D32C1BAD33727 . 4425288 . . [6.0.6000.16901] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_c669c47a6f590379\ntoskrnl.exe
[7] 2009-08-05 . 043EB4B7C74C189E06584411B2C9EB8F . 4691016 . . [6.0.6001.18304] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_c85303fe6c7ce06f\ntoskrnl.exe
[7] 2009-08-05 . 0170600F2A613CE3E8CC2B66A6DC7885 . 4682824 . . [6.0.6001.22489] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_c88b22db85d6de74\ntoskrnl.exe
[7] 2009-08-05 . 0DD0FCFB9609403352FF75656826E82F . 4693576 . . [6.0.6002.22191] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_ca5ec287830c84d1\ntoskrnl.exe
[7] 2009-08-04 . 8E43DA6C8040C68446AA4B5D84C8127A . 4698168 . . [6.0.6002.18082] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_c9e0f5f269e5e26d\ntoskrnl.exe
[7] 2009-04-11 . 1B60CCC70788044404EEFBBB389FC111 . 4699608 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_ca3a763069a24eea\ntoskrnl.exe
[7] 2009-03-03 . 65252FED486E5BF1E384CA65C16148C7 . 4691424 . . [6.0.6001.22389] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_c88b20f585d6e14d\ntoskrnl.exe
[7] 2009-03-03 . ED97E8551F0B1844250ED1B07393B10D . 4692448 . . [6.0.6001.18226] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_c83f62d46c8b4dd8\ntoskrnl.exe
[7] 2009-03-03 . 8B3095B00E832ABFC7047A04E681CCDE . 4427232 . . [6.0.6000.16830] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_c64852866f7240ce\ntoskrnl.exe
[7] 2009-03-03 . CC172711FF2FCE0673321A951B02C379 . 4413936 . . [6.0.6000.21023] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_c6df983d888543ee\ntoskrnl.exe
[7] 2008-09-18 . 5E31190EF331709EAB9FB66C3683540B . 4694584 . . [6.0.6001.22269] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_c8a0bee785c6ac44\ntoskrnl.exe
[7] 2008-09-18 . 247A2AAF7E5189716192EE19EC6EC6FB . 4694584 . . [6.0.6001.18145] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_c828c0cc6c9c6f3c\ntoskrnl.exe
[7] 2008-09-18 . 2A87B3D380E3800BF247D82E58F0FCBA . 4429368 . . [6.0.6000.16754] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_c636b1f06f7ee0e5\ntoskrnl.exe
[7] 2008-09-18 . EFAAC7A874B65DF3F26B5092291D4859 . 4416056 . . [6.0.6000.20921] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_c6ddbf878886ddfe\ntoskrnl.exe
[7] 2012-08-29 . 1A14913D51571403CF8A3941BDC3BA67 . 4699520 . . [6.0.6002.18686] .. c:\windows\system32\ntoskrnl.exe
.
[7] 2008-01-21 . 17BF3BF5296936B153FDDDA189B60E07 . 5120 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_442037e04fa9b5c7\ksuser.dll
[7] 2008-01-21 . 17BF3BF5296936B153FDDDA189B60E07 . 5120 . . [6.0.6001.18000] .. c:\windows\system32\ksuser.dll
.
[7] 2008-01-21 . 6B58266234B36ABCDD43C797B0D1932E . 8192 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6001.18000_none_d38a739ed46982f7\msimg32.dll
[7] 2008-01-21 . 6B58266234B36ABCDD43C797B0D1932E . 8192 . . [6.0.6001.18000] .. c:\windows\system32\msimg32.dll
.
[7] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll
[7] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll
[7] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll
[7] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll
[7] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll
[7] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] .. c:\windows\SysWOW64\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll
[7] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
[7] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
[7] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll
[7] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
[7] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
[7] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
[7] 2008-01-21 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll
[7] 2008-01-21 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll
[7] 2008-01-21 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
[7] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
[7] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
.
[7] 2012-06-02 . DD9CCF40ED80DD0D62F1B607A1EA4449 . 135168 . . [6.0.6002.22869] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[7] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6000.16386] .. c:\windows\SysWOW64\cryptsvc.dll
[7] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6002.18643] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[7] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6002.18618] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[7] 2012-04-23 . C979AEA8C4D8F875CD25507D08980006 . 135168 . . [6.0.6002.22840] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[7] 2008-01-21 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
.
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] .. c:\windows\SysWOW64\es.dll
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_754c5dff3b9d9ea6\es.dll
[7] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_720177625a73c603\es.dll
[7] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_7135f8df4187b761\es.dll
[7] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_7331d75d3e9e1070\es.dll
[7] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_73aba2ca57c84d78\es.dll
[7] 2008-01-21 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_7360e4f33e7bd35a\es.dll
.
[7] 2009-04-11 . B8FBE5F40B09F5D20E1E5CCFEF893D62 . 116224 . . [6.0.6002.18005] .. c:\windows\SysWOW64\imm32.dll
[7] 2009-04-11 . B8FBE5F40B09F5D20E1E5CCFEF893D62 . 116224 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_c4b4dcf8644afb7f\imm32.dll
[7] 2008-01-21 . CA3091655E2257B3E3EA86F79A696C56 . 116224 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_c2c963ec67293033\imm32.dll
.
[7] 2012-09-28 . D59DD2AAFF94EAB9BD6C7940C2851735 . 860160 . . [6.0.6001.18000] .. c:\windows\SysWOW64\kernel32.dll
[7] 2012-09-28 . D59DD2AAFF94EAB9BD6C7940C2851735 . 860160 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_fc1bb123402c59e5\kernel32.dll
[7] 2012-09-28 . 04876F4758D10B768D4CF792D03FC9CF . 860672 . . [6.0.6002.22942] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_fc780f90596c33ec\kernel32.dll
[7] 2011-04-12 . 7F4CAEAC24592FA9F574E1F8CD1D0604 . 859648 . . [6.0.6002.18449] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_fbf56d33404850e7\kernel32.dll
[7] 2011-04-12 . BBB3D68596C6B6E8A7ECAFDB2962E89B . 860672 . . [6.0.6002.22625] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_fc90aa945959509a\kernel32.dll
[7] 2011-04-12 . 6EBBE14BE54877C386C63FFED52D391D . 857600 . . [6.0.6001.18631] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_fa11c701432117f3\kernel32.dll
[7] 2011-04-12 . 35FC1E7929DA4828B9CC73DC84B42E6F . 860160 . . [6.0.6001.22898] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_fa6188305c690deb\kernel32.dll
[7] 2009-04-11 . A5830F679B5B38AE9700A72087178745 . 858112 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_fc1ca423402b872b\kernel32.dll
[7] 2009-02-13 . D4902D1DC60CB71197EFE4474A582841 . 855552 . . [6.0.6001.18215] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_fa2b6069430d50d1\kernel32.dll
[7] 2009-02-13 . 1B5BE39A927C36B3162ADA23B6CA001E . 858112 . . [6.0.6001.22376] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_fa751df65c5ab198\kernel32.dll
[7] 2009-02-13 . 444A00544B4EDFEDD8FCCD281EDE3ED4 . 840704 . . [6.0.6000.16820] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_f835506545f35d1e\kernel32.dll
[7] 2009-02-13 . 4118366CDDA655F8AEDB20CD03DEBAE9 . 841216 . . [6.0.6000.21010] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_f8c9953e5f091439\kernel32.dll
[7] 2008-01-21 . 799EEDF377F3B72DB30192AD9FD3C7F3 . 855552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_fa312b174309bbdf\kernel32.dll
.
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] .. c:\windows\SysWOW64\linkinfo.dll
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6001.18000_none_3865321ca55411b2\linkinfo.dll
.
[7] 2012-11-08 . 948F568DC7FBE85999E85BF861EA1E23 . 23552 . . [6.0.6002.22969] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22969_none_127ea4f55db0f1cd\lpk.dll
[7] 2011-02-16 . F9AA0406BA33BC029536E04D6066C03A . 23552 . . [6.0.6002.22589] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_1268fd855dc13513\lpk.dll
[7] 2011-02-16 . 789CD968872EFA074339E0CFB70EB6B2 . 23552 . . [6.0.6001.22854] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_109df9ef60870d69\lpk.dll
[7] 2011-01-08 . 2929BD36F338E1C844FCCB88AFC4DA03 . 23552 . . [6.0.6002.22566] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_127b9c7f5db3b12c\lpk.dll
[7] 2011-01-08 . 077B74545B155C7C16F5951C48F6C9FE . 23552 . . [6.0.6001.22830] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_10af989f607a702b\lpk.dll
[7] 2010-10-28 . EAA25894F6FA01BB1321289E822B390D . 23552 . . [6.0.6002.22514] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_12afab875d8cf2c9\lpk.dll
[7] 2010-10-28 . 72508445768DC97CC522FAE65978DBF4 . 23552 . . [6.0.6001.22787] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_10808923609cb01a\lpk.dll
[7] 2010-05-26 . EF35D31F154DAA93E435D3B18192C40B . 23552 . . [6.0.6002.22412] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_12ada90d5d8ec2f4\lpk.dll
[7] 2010-05-26 . 26E0671ADDD67570AACEC81B2A8803ED . 23552 . . [6.0.6001.22700] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_10d0067d60621f31\lpk.dll
[7] 2009-10-19 . 77F2AB938BFBAB43EC1B91D11BBA2EEE . 24064 . . [6.0.6000.16939] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_0e48b8304a2e2ee3\lpk.dll
[7] 2009-10-19 . 08992A029F43690B4340BF6B2F7BCE5B . 24064 . . [6.0.6000.21142] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_0ec05b2b635a6c7f\lpk.dll
[7] 2009-10-19 . D669A9A4C894708388ADF96BBEAD3787 . 23552 . . [6.0.6001.22544] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_10a8c429607efa03\lpk.dll
[7] 2009-10-19 . 7EC16AB95B707BE43A938E20D096240E . 23552 . . [6.0.6002.22247] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_129236ef5da29b2c\lpk.dll
[7] 2009-06-15 . 204EFDC76394A6FB0816D61810C8F529 . 24064 . . [6.0.6000.16870] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_0e1474004a56bd71\lpk.dll
[7] 2009-06-15 . C5028B831E4489F0CEEABFD133855EFF . 23552 . . [6.0.6001.22450] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_1099f12f608ab371\lpk.dll
[7] 2009-06-15 . C92953010CA9964A33210C3273EEB78C . 24064 . . [6.0.6000.21067] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_0eafbadf636625ed\lpk.dll
[7] 2009-06-15 . 459DE300727C02D420DB389B721AF44E . 23552 . . [6.0.6002.22152] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_128263ab5daf3b43\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\SysWOW64\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_1231d75a44665bc9\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_11f7c69644928222\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_121b391e4477777b\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_11edfac04499b1b8\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_12126d92447dc068\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_11e22c7044a2b179\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_1231def244665065\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_121c44cc44767fbc\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_10465e4e4744907d\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_0ffcb33a477b8110\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_101f257847615d12\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_0ff1e71a4783974f\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_10222a22475ea365\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_1003baf2477529e6\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_0fee1b1a478561c8\lpk.dll
.
[7] 2012-11-09 . D1ACA648833316D82B9A1922593CD987 . 6010880 . . [8.00.6001.23461] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23461_none_f675d38f51443e97\mshtml.dll
[7] 2012-11-09 . DE429F573EA79A5E2590CC52D9B8E282 . 6008832 . . [8.00.6001.18702] .. c:\windows\SysWOW64\mshtml.dll
[7] 2012-11-09 . DE429F573EA79A5E2590CC52D9B8E282 . 6008832 . . [8.00.6001.19393] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19393_none_f5cdc794383d254e\mshtml.dll
[7] 2012-08-25 . B84463D8A456CCF90BAB926319322E61 . 6010368 . . [8.00.6001.23415] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23415_none_f6afe4535118183e\mshtml.dll
[7] 2012-08-25 . 9D221287C2E1198BE10E4C2299B6F7FD . 6008832 . . [8.00.6001.19328] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19328_none_f61e787a37ffe06a\mshtml.dll
[7] 2012-06-28 . 0D5E31ADA4C9D24A7891E92DD33D406C . 6010368 . . [8.00.6001.23385] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23385_none_f66432f95150deae\mshtml.dll
[7] 2012-06-28 . D049E2BAB04AA57CBD7D6573C532FD9D . 6008320 . . [8.00.6001.19298] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19298_none_f5d2c7203838a6da\mshtml.dll
[7] 2012-05-15 . FACC0814B3D95D317E44070859AB5978 . 6009344 . . [8.00.6001.23359] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23359_none_f688a3e55134f037\mshtml.dll
[7] 2012-05-15 . 6224CD5ACCF78EBC082CF7A493D0A340 . 6007808 . . [8.00.6001.19272] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19272_none_f5e2653c382dd6ee\mshtml.dll
[7] 2012-02-28 . 6758A38197024E71F71FFF507A1AD2F1 . 5980672 . . [8.00.6001.23318] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23318_none_f6b2e34b5115671c\mshtml.dll
[7] 2012-02-28 . 5F25D5561F5BDA32EDE1193EC01529BF . 5978624 . . [8.00.6001.19222] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19222_none_f61874d838054b39\mshtml.dll
[7] 2011-12-15 . 0FB4CBF8B6F2407B821266F80C4EAA88 . 5980160 . . [8.00.6001.23286] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23286_none_f665315d514ffade\mshtml.dll
[7] 2011-12-15 . 62CA6A044EE909202D74C138012DD9AF . 5979136 . . [8.00.6001.19190] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19190_none_f5cac2ea383fdefb\mshtml.dll
[7] 2011-11-03 . D4D63FCD03E8B58D5F1DDE6D64E0FF1B . 5978624 . . [8.00.6001.23266] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23266_none_f67ad135513fc2fc\mshtml.dll
[7] 2011-11-03 . 73D666A49DEC07192D7D1C367A142333 . 5978112 . . [8.00.6001.19170] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19170_none_f5e062c2382fa719\mshtml.dll
[7] 2011-09-30 . 59CC0E3A960D0B8A4BBDB6FC65340EB9 . 5972992 . . [8.00.6001.23250] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23250_none_f67f9f65513d0f01\mshtml.dll
[7] 2011-09-30 . 7E6C9B54B10123EA983ECDF7FBFFEA86 . 5971456 . . [8.00.6001.19154] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19154_none_f5fa03c2381bd493\mshtml.dll
[7] 2011-07-23 . 8DF22BFA121C76BF1EE346AB9F12F360 . 5971456 . . [8.00.6001.23216] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23216_none_f6b0e0d151173747\mshtml.dll
[7] 2011-07-23 . CAB330223469AC16EDB4863DF4C9976B . 5969920 . . [8.00.6001.19120] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19120_none_f616725e38071b64\mshtml.dll
[7] 2011-05-28 . 7AF8A6DB4596E3BB3309BABA661EB523 . 5967360 . . [8.00.6001.23181] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23181_none_f6602e0551547f04\mshtml.dll
[7] 2011-05-28 . 6D1E32A3C964BAF06B7973E7B18E3212 . 5964800 . . [8.00.6001.19088] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19088_none_f5dd93403830909b\mshtml.dll
[7] 2011-02-22 . 6D30A34B029176D86EC04ECE6C0F62B1 . 5964800 . . [8.00.6001.23143] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_f68d6e49513241ee\mshtml.dll
[7] 2011-02-22 . AA411AEF2476D251078F9C9F0478C142 . 5962240 . . [8.00.6001.19048] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_f608d2f0381020d7\mshtml.dll
[7] 2010-12-18 . 0DA63A2B1D6D55E6005F4552D22E7BBE . 5962240 . . [8.00.6001.23111] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_f6abdd79511bbb6d\mshtml.dll
[7] 2010-12-18 . 42B87D22378C1EF98F3B6F410C2670AA . 5961216 . . [8.00.6001.19019] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_f62a42fe37f6e65b\mshtml.dll
[7] 2010-11-02 . 9FCC1F6457A84902EA7545B568B5AEDB . 5960704 . . [8.00.6001.23091] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_f6555c33515c9dce\mshtml.dll
[7] 2010-11-02 . 9AC463498C480E9EB3C63DC21E4F29C8 . 5959168 . . [8.00.6001.18999] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_f5d3eb7c383792a1\mshtml.dll
[7] 2010-09-08 . E993FB26BFAC2887BFE8DDAC4DC9180A . 5958656 . . [8.00.6001.23067] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_f67bcdb3513ee205\mshtml.dll
[7] 2010-09-08 . 1704FC902E1B53EF87593D60FD312A55 . 5957120 . . [8.00.6001.18975] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_f5e58a2c382af563\mshtml.dll
[7] 2010-06-26 . DF63821381A08F65174BA42745B1C79B . 5954560 . . [8.00.6001.23040] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23040_none_f68a6b855134f8c2\mshtml.dll
[7] 2010-06-26 . D6168759945CD6BC2DB4BFCD4E94B399 . 5951488 . . [8.00.6001.18943] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18943_none_f603f95c38146ee2\mshtml.dll
[7] 2010-05-04 . 62F23130C89F1EE5C0C9EEAB0685D1E5 . 5953024 . . [8.00.6001.23019] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_f6b3dde3511488fe\mshtml.dll
[7] 2010-05-04 . B1E862448C38B0F70139BC28F67332DE . 5950976 . . [8.00.6001.18928] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_f61e9aa637ffb5b3\mshtml.dll
[7] 2010-02-23 . 27DB55375D8F8045A27E016BB21B17C0 . 5946880 . . [8.00.6001.22995] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22995_none_f65985395158cfe8\mshtml.dll
.
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] .. c:\windows\SysWOW64\msvcrt.dll
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll
[7] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll
[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
[7] 2008-01-21 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll
.
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] .. c:\windows\SysWOW64\mswsock.dll
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[7] 2008-01-21 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll
.
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] .. c:\windows\SysWOW64\netlogon.dll
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[7] 2008-01-21 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
.
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] .. c:\windows\SysWOW64\powrprof.dll
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
[7] 2008-01-21 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll
.
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] .. c:\windows\SysWOW64\scecli.dll
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[7] 2008-01-21 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
.
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\sfc.dll
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
.
[7] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] .. c:\windows\SysWOW64\svchost.exe
[7] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
.
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] .. c:\windows\SysWOW64\tapisrv.dll
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll
[7] 2008-01-21 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e33cd8dbe4f2987f\tapisrv.dll
.
[7] 2009-04-11 . D29FDB5DEDBDC1BD882164DC6DC4DD53 . 648704 . . [6.0.6001.18000] .. c:\windows\SysWOW64\user32.dll
[7] 2009-04-11 . D29FDB5DEDBDC1BD882164DC6DC4DD53 . 648704 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll
[7] 2008-01-21 . 3D691030DBD3BD75DE1501BE54F0D425 . 648192 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll
.
[7] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] .. c:\windows\SysWOW64\userinit.exe
[7] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
.
[7] 2012-11-09 . E0F382C955AE33D20D463746E5B6FB50 . 920064 . . [8.00.6001.23461] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23461_none_e51bb470d0edd561\wininet.dll
[7] 2012-11-09 . C1E1FE2224CA46F112C2D65A4EA3BF25 . 916992 . . [8.00.6001.18702] .. c:\windows\SysWOW64\wininet.dll
[7] 2012-11-09 . C1E1FE2224CA46F112C2D65A4EA3BF25 . 916992 . . [8.00.6001.19393] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19393_none_e473a875b7e6bc18\wininet.dll
[7] 2012-08-25 . DDC718A719B351415455920F71EC4570 . 920064 . . [8.00.6001.23415] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23415_none_e555c534d0c1af08\wininet.dll
[7] 2012-08-25 . 69D83FEF59F46E9EBF06E805547DB534 . 916992 . . [8.00.6001.19328] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19328_none_e4c4595bb7a97734\wininet.dll
[7] 2012-06-28 . A9FF16A7FBE708D936AF46AFF1B2579B . 920064 . . [8.00.6001.23385] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23385_none_e50a13dad0fa7578\wininet.dll
[7] 2012-06-28 . 03B4167CC1B30AC22DF413788AFADE97 . 916992 . . [8.00.6001.19298] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19298_none_e478a801b7e23da4\wininet.dll
[7] 2012-05-15 . 1FDE47149D9B08C0CEBEE731FDB39E0B . 920064 . . [8.00.6001.23359] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23359_none_e52e84c6d0de8701\wininet.dll
[7] 2012-05-15 . DEAF5B0677A6B864B8F4F41C127695DB . 916992 . . [8.00.6001.19272] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19272_none_e488461db7d76db8\wininet.dll
[7] 2012-02-28 . 9503972A61EA647A72C326EEB51265C1 . 919552 . . [8.00.6001.23318] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23318_none_e558c42cd0befde6\wininet.dll
[7] 2012-02-28 . AA8B3560AED18F5290F80C82C9B75ACC . 916992 . . [8.00.6001.19222] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19222_none_e4be55b9b7aee203\wininet.dll
[7] 2011-12-15 . 2F56B044E8ED4FAA812A19A8DF2115EE . 919552 . . [8.00.6001.23286] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23286_none_e50b123ed0f991a8\wininet.dll
[7] 2011-12-15 . DA7C58952F082AECABF775C83F913C6F . 916992 . . [8.00.6001.19190] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19190_none_e470a3cbb7e975c5\wininet.dll
[7] 2011-11-03 . 406EEBC1B3FE188DE9D6B3AFB3834E84 . 919552 . . [8.00.6001.23266] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23266_none_e520b216d0e959c6\wininet.dll
[7] 2011-11-03 . 4E45F092670EEE0563AA9E1A7C8A1217 . 916992 . . [8.00.6001.19170] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19170_none_e48643a3b7d93de3\wininet.dll
[7] 2011-09-30 . DA000DE8EB63D54DCC206AA0699B9A52 . 919552 . . [8.00.6001.23250] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23250_none_e5258046d0e6a5cb\wininet.dll
[7] 2011-09-30 . 18F17E90657528C232B1944DEB4EC160 . 916480 . . [8.00.6001.19154] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19154_none_e49fe4a3b7c56b5d\wininet.dll
[7] 2011-07-23 . D2BA28C2B3CB7F2DBB5A5F92851B3F3F . 919552 . . [8.00.6001.23216] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23216_none_e556c1b2d0c0ce11\wininet.dll
[7] 2011-07-23 . 8419DAE7205374F2CAA4C9CDBD0999E6 . 916480 . . [8.00.6001.19120] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19120_none_e4bc533fb7b0b22e\wininet.dll
[7] 2011-05-28 . E1E66EB05099B9DDCA178A9A00FCFF74 . 919552 . . [8.00.6001.23181] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_e5060ee6d0fe15ce\wininet.dll
[7] 2011-05-28 . DE4685DE5130039FA63DA66C0F72F787 . 916480 . . [8.00.6001.19088] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_e4837421b7da2765\wininet.dll
[7] 2011-02-22 . B3A938D522F085171387FEF112AEECF5 . 919552 . . [8.00.6001.23143] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll
[7] 2011-02-22 . 047CDEFF94B63F0A4791372B47427B60 . 916480 . . [8.00.6001.19048] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll
[7] 2010-12-18 . 7D6AACE6BF60B5A1D572E082DEC9F0F0 . 919552 . . [8.00.6001.23111] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll
[7] 2010-12-18 . 74BCC23D622F32DA0450D164735ACAB1 . 916480 . . [8.00.6001.19019] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll
[7] 2010-11-02 . D364DEB34DB229A4C1EFB1BC68F505C4 . 919552 . . [8.00.6001.23091] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll
[7] 2010-11-02 . 5681261BF2572F8776E1344DCB090C0B . 916480 . . [8.00.6001.18999] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll
[7] 2010-09-08 . 6D4B5C39BB00A8BD98462664E73AC403 . 919552 . . [8.00.6001.23067] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll
[7] 2010-09-08 . 545264F1F3AC5BD57B159EBBDC4FDC58 . 916480 . . [8.00.6001.18975] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll
[7] 2010-06-26 . F60F99762FABCD7F4B53A4A0EBAE3505 . 919040 . . [8.00.6001.23040] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll
[7] 2010-06-26 . 78D42E00B5AB233F34116C0EF07F1BC9 . 916480 . . [8.00.6001.18943] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll
[7] 2010-05-04 . 9DF755B063C647A1CAEB17F3E2FDDE1D . 919040 . . [8.00.6001.23019] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll
[7] 2010-05-04 . F317362AEB06140E7FB1B29331FDC038 . 916480 . . [8.00.6001.18928] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll
[7] 2010-02-23 . 24427C9C96556887A2F161800F00B2DE . 919040 . . [8.00.6001.22995] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll
[7] 2010-02-23 . EC3B3E6071E3FCD4290BFD42676EE064 . 916480 . . [8.00.6001.18904] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll
[7] 2010-01-02 . 1DC5E46312CBA5C1614B3D3359DB09C5 . 916480 . . [8.00.6001.22973] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll
[7] 2010-01-02 . 91B8712BDC74295DA14A08F519B70D65 . 916480 . . [8.00.6001.18882] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll
[7] 2009-11-21 . 0B603B1B76FF6CA2D88B658A9ECC40E8 . 916480 . . [8.00.6001.22956] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll
[7] 2009-11-21 . DCB9E422810877D7C4115BACE54B084C . 916480 . . [8.00.6001.18865] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll
[7] 2009-08-27 . D0DD9439DB3C927209CFFE095AA1F097 . 916480 . . [8.00.6001.22918] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\wininet.dll
[7] 2009-08-27 . E3AB6EBE520E1898663B011D2FC0DF11 . 916480 . . [8.00.6001.18828] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\wininet.dll
[7] 2009-07-22 . E48ADF567FE3EFCC2EB88A2BE5E020CB . 915456 . . [8.00.6001.22903] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll
[7] 2009-07-21 . 6206A2BF9741B31C258ACC51972AFCAA . 915456 . . [8.00.6001.18813] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll
[7] 2009-05-12 . 4BEDA2520729640D927E09A51AB916C4 . 915456 . . [8.00.6001.22874] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22874_none_e51403c2d0f31852\wininet.dll
[7] 2009-05-09 . D78B62CC91F043CED52F23F0085E7FE2 . 915456 . . [8.00.6001.18783] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18783_none_e47e96c1b7de7b22\wininet.dll
[7] 2009-04-24 . D94BDEEF2E47EB4A46B957253C697F01 . 827392 . . [7.00.6000.16851] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\wininet.dll
[7] 2009-04-24 . 64EAF7CF461A15DB4EAEB1D50A10E88E . 827904 . . [7.00.6001.18248] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\wininet.dll
[7] 2009-04-24 . E7D90AF9B0C7FA98DF353E022EE1C63E . 828928 . . [7.00.6000.21046] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\wininet.dll
[7] 2009-04-24 . 77C60DD61D21777734B1C945540473A4 . 828416 . . [7.00.6001.22418] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\wininet.dll
[7] 2009-04-24 . 07DBFC0759F61E95901AF2B2D4E83451 . 828416 . . [7.00.6002.22121] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\wininet.dll
[7] 2009-04-23 . 24CBE22F35941FBFD6144A5C011EA999 . 828416 . . [7.00.6002.18024] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\wininet.dll
[7] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll
[7] 2009-03-03 . 6E115E2D3FAE5077A361A5BCE78FF170 . 827392 . . [7.00.6001.18226] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_01d9592da1dddc20\wininet.dll
[7] 2009-03-03 . 3ED9859939928CA568F487AB42175A33 . 827904 . . [7.00.6001.22389] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_0225174ebb296f95\wininet.dll
[7] 2009-03-03 . BA68744F8FE1BAAC35362F18774972A3 . 826368 . . [7.00.6000.16830] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_ffe248dfa4c4cf16\wininet.dll
[7] 2009-03-03 . 88B57405AC5B2BF513069086F8963635 . 828416 . . [7.00.6000.21023] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_00798e96bdd7d236\wininet.dll
[7] 2009-01-16 . 6A986C2CD30633447DAB21A4852E40D6 . 827904 . . [7.00.6001.22355] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll
[7] 2009-01-15 . FB79A2AA5E92653B9A394FE26D799BF8 . 827392 . . [7.00.6001.18203] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll
[7] 2009-01-15 . 65647F41CEC0C8EEC9DF5BC1168EC76C . 827904 . . [7.00.6000.20996] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll
[7] 2009-01-15 . FF35D495AC08549154D1D96990513CD9 . 826368 . . [7.00.6000.16809] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll
[7] 2008-10-16 . 8F89FFECF6989DD7D9ECCEC6D95D7419 . 827392 . . [7.00.6001.18157] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_01b9e7cda1f54c23\wininet.dll
[7] 2008-10-16 . F18C1B151A0B18C35BF0919A9BA0FA0F . 826368 . . [7.00.6000.16764] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_ffc5d85da4d98b1e\wininet.dll
[7] 2008-10-16 . 4944C9FFE8903A276590D4215F74B937 . 827904 . . [7.00.6001.22288] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_0224151ebb2a5917\wininet.dll
[7] 2008-10-16 . 622FE627D15DD920238A993021F0A4D1 . 827904 . . [7.00.6000.20937] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_0072e7b0bddc2041\wininet.dll
[7] 2008-10-02 . C373C19F10601C1AFE7E40907AE48694 . 827392 . . [7.00.6001.18148] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\wininet.dll
[7] 2008-10-02 . 8BF7D225505A4ADA25D9444E91811CEA . 826368 . . [7.00.6000.16757] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\wininet.dll
[7] 2008-10-02 . 6B2591CDCEFEB8451594288426677CBB . 827904 . . [7.00.6001.22278] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\wininet.dll
[7] 2008-10-02 . C85EF7DE97ABBF00B16AD11EDFEAC637 . 827904 . . [7.00.6000.20927] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\wininet.dll
[7] 2008-06-27 . 618A51B5FB9DD5810960F6044C0E9289 . 827392 . . [7.00.6001.18099] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_0190a6cba213f16e\wininet.dll
[7] 2008-06-27 . E74D932CA7B3DA8CDB7A5F11F5A03ABC . 826368 . . [7.00.6000.16711] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll
[7] 2008-06-27 . EDF59D63DDBC8BE0BB4836EFFFC04BDC . 827904 . . [7.00.6001.22212] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_0269c2d6baf6fd76\wininet.dll
[7] 2008-06-27 . AE7150C0696C656D02FDD48259F4EFF5 . 827904 . . [7.00.6000.20868] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll
[7] 2008-02-22 . 482BCCBF1FCBB3378100FF97081438C1 . 826880 . . [7.00.6001.18023] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll
[7] 2008-02-22 . 4E962B645608E6EDB7D31B75921D07FA . 826880 . . [7.00.6001.22120] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll
[7] 2008-02-22 . F7FF1E0D443788D6AE4CBCA593530099 . 827392 . . [7.00.6000.20777] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll
[7] 2008-02-21 . DAEED2799D4D19F955C3E90B22A1E91E . 826368 . . [7.00.6000.16643] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll
[7] 2008-01-21 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
.
[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ws2_32.dll
[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_f4a329cecb77d110\ws2_32.dll
.
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ws2help.dll
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_6af84843e4192e9a\ws2help.dll
.
[7] 2009-04-11 . 6B08E54A451B3F95E4109DBA7E594270 . 3079168 . . [6.0.6000.16386] .. c:\windows\explorer.exe
[7] 2009-04-11 . 6B08E54A451B3F95E4109DBA7E594270 . 3079168 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[7] 2008-10-30 . E404A65EF890140410E9F3D405841C95 . 3081216 . . [6.0.6001.22298] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[7] 2008-10-29 . BBD8E74F23D7605CB0CDB57A1B25D826 . 3080704 . . [6.0.6001.18164] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[7] 2008-10-29 . 50514057C28A74BAC2BD04B7B990D615 . 3087360 . . [6.0.6000.16771] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[7] 2008-10-28 . 72B9990E45C25AA3C75C4FB50A9D6CE0 . 3086848 . . [6.0.6000.20947] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[7] 2008-01-21 . F6D765FB6B457542D954682F50C26E4F . 3080704 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
.
[7] 2008-01-21 . 5DFBCE56E689D90AE9E2FB278F80058E . 134656 . . [6.0.6000.16386] .. c:\windows\regedit.exe
[7] 2008-01-21 . 5DFBCE56E689D90AE9E2FB278F80058E . 161792 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_504d50e8943617cd\regedit.exe
.
[7] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6002.22433] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll
[7] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6001.22720] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll
[7] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6001.18498] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll
[7] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll
[7] 2008-01-21 . 3B634E4BE373D6D987EBF906B43FAAB3 . 1315328 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75bf2516084\ole32.dll
.
[7] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] .. c:\windows\SysWOW64\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll
[7] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll
[7] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll
[7] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
[7] 2008-01-21 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll
.
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ksuser.dll
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
.
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ctfmon.exe
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
.
[7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6001.18287] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16883] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.21081] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6001.22467] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6002.22169] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] .. c:\windows\SysWOW64\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6002.18063] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[7] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[7] 2008-01-21 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
.
[7] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\msimg32.dll
[7] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6001.18000_none_776bd81b1c0c11c1\msimg32.dll
.
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] .. c:\windows\SysWOW64\cngaudit.dll
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
.
[7] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] .. c:\windows\SysWOW64\wininit.exe
[7] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
.
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\SysWOW64\ias.dll
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll
.
[7] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] .. c:\windows\SysWOW64\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll
[7] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll
[7] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll
[7] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll
.
[7] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] .. c:\windows\SysWOW64\upnphost.dll
[7] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_285b7a4b21423100\upnphost.dll
.
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] .. c:\windows\SysWOW64\dsound.dll
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll
[7] 2008-01-21 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll
.
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] .. c:\windows\SysWOW64\d3d9.dll
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
[7] 2008-01-21 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll
.
[7] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ddraw.dll
[7] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll
.
[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] .. c:\windows\SysWOW64\olepro32.dll
[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll
[7] 2008-01-21 02:48 . AE70AE6F0760793D4893C3735EEC7292 . 88576 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba9301b4467e\olepro32.dll
.
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\SysWOW64\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll
.
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] .. c:\windows\SysWOW64\version.dll
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll
[7] 2008-01-21 . 187D588F7A1A45DE48B8540401A90850 . 20480 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6001.18000_none_14fe4f2f50e5bbf4\version.dll
.
[7] 2012-11-09 . CCF48EB85EF9B67250CEBA8043B28AD0 . 638024 . . [8.00.6001.23461] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23461_none_790806d235d77775\iexplore.exe
[7] 2012-11-09 . 0BC355C49DC6D3E678D4C5C5AE467AEF . 638040 . . [8.00.6001.19393] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19393_none_785ffad71cd05e2c\iexplore.exe
[7] 2012-08-25 . 73FB5D3283671B301A59544B58EFECF8 . 638064 . . [8.00.6001.23415] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23415_none_7942179635ab511c\iexplore.exe
[7] 2012-08-25 . E5E317948D5F2B28A7D7A2E8F29F1008 . 638064 . . [8.00.6001.19328] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19328_none_78b0abbd1c931948\iexplore.exe
[7] 2012-06-28 . CE4945834BFE91AF301FA829E3E8A7AA . 638048 . . [8.00.6001.23385] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23385_none_78f6663c35e4178c\iexplore.exe
[7] 2012-06-28 . 7BC18656CCDD305665D3D7FAA283744A . 638048 . . [8.00.6001.19298] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19298_none_7864fa631ccbdfb8\iexplore.exe
[7] 2012-05-15 . 26B900640CE979A708FD3793FA8A6C50 . 638048 . . [8.00.6001.23359] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23359_none_791ad72835c82915\iexplore.exe
[7] 2012-05-15 . 9AC31470779A703021C337FD83D683EE . 638048 . . [8.00.6001.19272] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19272_none_7874987f1cc10fcc\iexplore.exe
[7] 2012-02-28 . CF4EFFB58D9D91E8D219C8E93BC59471 . 638240 . . [8.00.6001.23318] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23318_none_7945168e35a89ffa\iexplore.exe
[7] 2012-02-28 . 00A346CE3D3701EA085E87EEF746A74A . 638240 . . [8.00.6001.19222] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19222_none_78aaa81b1c988417\iexplore.exe
[7] 2011-12-15 . 54EF418BD99720658CCE24210799BD1A . 638240 . . [8.00.6001.23286] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23286_none_78f764a035e333bc\iexplore.exe
[7] 2011-12-15 . AB18B8902C06954F8DFBAC5C6DC7E1E8 . 638240 . . [8.00.6001.19190] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19190_none_785cf62d1cd317d9\iexplore.exe
[7] 2011-11-03 . 2A268DF89913A0E927091077878EDB3E . 638240 . . [8.00.6001.23266] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23266_none_790d047835d2fbda\iexplore.exe
[7] 2011-11-03 . CCDB0B2D1F2E016966B1DB1097E24842 . 638240 . . [8.00.6001.19170] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19170_none_787296051cc2dff7\iexplore.exe
[7] 2011-09-30 . 0E1695AD4C30E72D68170F01B4818A80 . 638216 . . [8.00.6001.23250] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23250_none_7911d2a835d047df\iexplore.exe
[7] 2011-09-30 . 7ACBBC85FCE4989B533220FC3B291633 . 638216 . . [8.00.6001.19154] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19154_none_788c37051caf0d71\iexplore.exe
[7] 2011-07-23 . 4D08A4234D645EFCB30605CC0BFA87F4 . 638232 . . [8.00.6001.23216] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23216_none_7943141435aa7025\iexplore.exe
[7] 2011-07-23 . 04D1DC458C723B291179F8449ACC281D . 638232 . . [8.00.6001.19120] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19120_none_78a8a5a11c9a5442\iexplore.exe
[7] 2011-05-28 . 7EE10C5413AD7ED1AF9E8FAE1B58FC3E . 638232 . . [8.00.6001.23181] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23181_none_78f2614835e7b7e2\iexplore.exe
[7] 2011-05-28 . ED65737D70FDEAC29F738E77D2496EE5 . 638232 . . [8.00.6001.19088] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19088_none_786fc6831cc3c979\iexplore.exe
[7] 2011-02-22 . 9CE5543464432CA73134F170FA2BF823 . 638232 . . [8.00.6001.23143] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23143_none_791fa18c35c57acc\iexplore.exe
[7] 2011-02-22 . C1D36A2CBE0CEC4DF593DB1288CF586E . 638232 . . [8.00.6001.19048] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19048_none_789b06331ca359b5\iexplore.exe
[7] 2010-12-18 . 7852371DA9EFBC17B645558E23780EAC . 638232 . . [8.00.6001.23111] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23111_none_793e10bc35aef44b\iexplore.exe
[7] 2010-12-18 . B988D7F127B94BD5BF8356FE81B985C4 . 638232 . . [8.00.6001.19019] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19019_none_78bc76411c8a1f39\iexplore.exe
[7] 2010-11-02 . 92A17B0A89D14815AACC62CD190B6CE3 . 638232 . . [8.00.6001.23091] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23091_none_78e78f7635efd6ac\iexplore.exe
[7] 2010-11-02 . 5AB037B17F8A87D052F5A88E0D29A3C8 . 638232 . . [8.00.6001.18999] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18999_none_78661ebf1ccacb7f\iexplore.exe
[7] 2010-09-08 . 4A719476A6393B1DCACFEB4F3AC6599C . 638232 . . [8.00.6001.23067] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23067_none_790e00f635d21ae3\iexplore.exe
[7] 2010-09-08 . D5A730DFDEAE005373E62BC2A866E3BB . 638232 . . [8.00.6001.18975] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18975_none_7877bd6f1cbe2e41\iexplore.exe
[7] 2010-06-26 . F05B3A2C6CB319DD1377AD566CF5ECE5 . 638232 . . [8.00.6001.23040] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23040_none_791c9ec835c831a0\iexplore.exe
[7] 2010-06-26 . 7420BE0E7D3D1320054F7ACA0594953D . 638232 . . [8.00.6001.18943] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18943_none_78962c9f1ca7a7c0\iexplore.exe
[7] 2010-05-04 . 48A6109E8DF0365195298CC527B7426A . 638232 . . [8.00.6001.23019] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_7946112635a7c1dc\iexplore.exe
[7] 2010-05-04 . 5C9B1062EA7A44E8F6BFDE994B68C7AA . 638232 . . [8.00.6001.18928] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_78b0cde91c92ee91\iexplore.exe
[7] 2010-02-23 . 25DB705A7DC85C208B3CF2D20F118AA7 . 638232 . . [8.00.6001.22995] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_78ebb87c35ec08c6\iexplore.exe
[7] 2010-02-23 . 9F52FBE99C749E3F32C75124F09F1B03 . 638232 . . [8.00.6001.18904] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_78c26c991c865153\iexplore.exe
[7] 2010-01-02 . 3D8DA00B028DEA9517066F1CECBFC4A2 . 638216 . . [8.00.6001.22973] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22973_none_78ff57c035dd9e36\iexplore.exe
[7] 2010-01-02 . 88BD42DAE7CFFEB256CA7145A15E4843 . 638216 . . [8.00.6001.18882] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18882_none_7869eabf1cc90106\iexplore.exe
[7] 2009-11-21 . E7F8DF50E483D165BB01F367D3519AA7 . 638232 . . [8.00.6001.22956] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22956_none_7917f87635cab259\iexplore.exe
[7] 2009-11-21 . 1B6362BB14FCEB9E76BCF9A953B04788 . 638232 . . [8.00.6001.18865] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18865_none_78828b751cb61529\iexplore.exe
[7] 2009-08-27 . 7DD482E4A2E3CBB0A72F718C342F5B75 . 638216 . . [8.00.6001.22918] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_794538ba35a87543\iexplore.exe
[7] 2009-08-27 . 2E48756F12C21F46895036AC089AAD97 . 638232 . . [8.00.6001.18828] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_78b0cc031c92f16a\iexplore.exe
[7] 2009-07-22 . 4B5AEA50CE77FBA4C2D169622DC9B489 . 638232 . . [8.00.6001.22903] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_794b073435a4da9f\iexplore.exe
[7] 2009-07-21 . C33BD196A0301F9B23D9A003D30ED8B0 . 638216 . . [8.00.6001.18813] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_78b69a7d1c8f56c6\iexplore.exe
[7] 2009-04-24 . 1F44940EF1D07D0BDAF80E55853DFBD0 . 634648 . . [7.00.6000.16851] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_93b9fbb309bdc263\iexplore.exe
[7] 2009-04-24 . F294D8EEB05C835EC44A12CE0A1DFE7A . 634632 . . [7.00.6001.18248] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_95b20c4b06d5e8c4\iexplore.exe
[7] 2009-04-24 . D5271AC4A06AD9D1E2EA0151B79B2657 . 634648 . . [7.00.6000.21046] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_945341fe22cef831\iexplore.exe
[7] 2009-04-24 . D6157423C117F24D24695866A1D0A93F . 634648 . . [7.00.6001.22418] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_965c1ac01fdb31e2\iexplore.exe
[7] 2009-04-11 . 2C5168C856455CC43C4B4E1CC1920001 . 636080 . . [7.00.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_97c0beeb03de7f46\iexplore.exe
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_78c068391c882457\iexplore.exe
.
.
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] .. c:\windows\SysWOW64\midimap.dll
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll
[7] 2008-01-21 . D7F1F6C72276A15579D5761098018891 . 17408 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\midimap.dll
.
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] .. c:\windows\SysWOW64\rasadhlp.dll
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] .. c:\windows\winsxs\wow64_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_764d448c52115294\rasadhlp.dll
.
[7] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] .. c:\windows\SysWOW64\WSHTCPIP.DLL
[7] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6001.18000_none_cbb305c23187855a\WSHTCPIP.DLL
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-23 68856]
"HW_OPENEYE_OUC_Mobile Card"="c:\program files\Mobile Card\UpdateDog\ouc.exe" [2009-07-27 110592]
"SanDiskSecureAccess_Manager.exe"="c:\users\pyaarawala\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe" [2010-11-10 31095432]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Symantec PIF AlertEng"="c:\program files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AutoLaunch"="c:\program files (x86)\Lavasoft\Ad-Aware\AutoLaunch.exe" [2012-05-23 663360]
.
c:\users\pyaarawala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-27 97680]
OneNote Table Of Contents.onetoc2 [2010-10-26 3656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\SysWOW64\userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-19 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-11-03 08:16]
.
2012-10-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 04:41]
.
2012-12-19 c:\windows\Tasks\Google Software Updater.job
- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-23 06:50]
.
2012-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-08-23 06:33]
.
2012-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-08-23 06:33]
.
2012-12-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3947582213-1791406327-2745404233-1000Core.job
- c:\users\pyaarawala\AppData\Local\Google\Update\GoogleUpdate.exe [2009-02-14 07:06]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3947582213-1791406327-2745404233-1000UA.job
- c:\users\pyaarawala\AppData\Local\Google\Update\GoogleUpdate.exe [2009-02-14 07:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-06-06 07:17 3377152 ----a-w- c:\program files\Protector Suite QL\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-06-06 07:17 3377152 ----a-w- c:\program files\Protector Suite QL\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-04-26 1021488]
"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2007-06-06 67088]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-01-01 137240]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-01-01 202264]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-01-01 165400]
"SigmatelSysTrayApp"="sttray64.exe" [2007-09-07 425984]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.taobao.com/
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=CCO&Br=GTW&Loc=ENG_US&Sys=PTB&M=M-6880
mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=CCO&Br=GTW&Loc=ENG_US&Sys=PTB&M=M-6880
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=CCO&Br=GTW&Loc=ENG_US&Sys=PTB&M=M-6880
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: 255.148\202.96
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: gmail.com\www
Trusted Zone: hotmail.com\www
Trusted Zone: icbc.com.cn
Trusted Zone: icbc.com.cn\*
Trusted Zone: online.unionpay.com
Trusted Zone: taobao.com
Trusted Zone: unionpaysecure.com
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: taobao.com
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{4B726837-C379-42BB-B428-9B7126D80456}: NameServer = 8.8.8.8
DPF: {0EB487C8-E9AC-43A6-8C4C-083999B0622F} - hxxps://mybank.icbc.com.cn/icbc/newenperbank/certInStall.dll
DPF: {36C9539B-49D2-01C7-9C6D-10DACDFEA59C} - hxxps://b2c.icbc.com.cn/icbc/newperbank/icbcclean.cab
DPF: {3B3FE354-548D-4DA2-BEC2-52960C31F8E7} - hxxps://mybank.icbc.com.cn/icbc/icbc_mwusbkey.cab
DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} - hxxps://b2c.icbc.com.cn/icbc/newperbank/AxSafeControls.cab
DPF: {AE460AD7-D678-43BB-B4DF-394B2D0C4E52} - hxxps://unionpaysecure.com/upe/UPEditor.cab
DPF: {B1FBC1AD-5644-4084-882A-0F8BA85E7506} - hxxps://mybank.icbc.com.cn/icbc/ICBC_NetSign.dll
DPF: {E6C2DD02-CD38-41A1-9B69-3D7E3B64AF9A} - hxxps://mybank.icbc.com.cn/icbc/icbc_mwdv.cab
FF - ProfilePath - c:\users\pyaarawala\AppData\Roaming\Mozilla\Firefox\Profiles\aztmlfqm.default\
FF - prefs.js: browser.startup.homepage - hxxp://thefreevpn.com/home.php
FF - ExtSQL: 2012-12-18 19:03; [email protected]; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: !HIDDEN! 2010-01-13 01:27; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2010-02-14 13:26; {3112ca9c-de6d-4884-a869-9855de68056c}; c:\programdata\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-AlipaySecControl - c:\windows\system32\aliedit\2.5.0.3\uninst.exe
AddRemove-AsUninst.exe - c:\windows\system32\AsUninst.exe
AddRemove-China UnionPay SecEditor - c:\windows\system32\uninst.exe
AddRemove-SogouExplorer - c:\program files (x86)\SogouExplorer\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_2761494~31bf3856ad364e35~amd64~~6.0.1.11]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000007
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2748349~31bf3856ad364e35~amd64~~6.0.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000007
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2753842~31bf3856ad364e35~amd64~~6.0.1.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000007
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2758857~31bf3856ad364e35~amd64~~6.0.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000007
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2761465~31bf3856ad364e35~amd64~~8.0.1.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000007
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2770660~31bf3856ad364e35~amd64~~6.0.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000007
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2779030~31bf3856ad364e35~amd64~~6.0.1.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000007
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2779562~31bf3856ad364e35~amd64~~6.0.1.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000007
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe
c:\program files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\GATEWAY\Gateway Recovery Management\eRecovery\HidChk.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Viewpoint\Common\ViewpointService.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe
c:\program files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
c:\users\pyaarawala\AppData\Roaming\Mobile Card\ouc.exe
.
**************************************************************************
.
Completion time: 2012-12-19 12:02:04 - machine was rebooted
ComboFix-quarantined-files.txt 2012-12-19 04:02
.
Pre-Run: 62,767,140,864 bytes free
Post-Run: 62,489,718,784 bytes free
.
- - End Of File - - 0CC174349F52ECF437E246BA75A18718

#11
pyaarawala

Posted 18 December 2012 - 10:19 PM

Member

Topic Starter
Member
29 posts

These are the results from TDSSKiller:

12:06:49.0344 0920 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:06:50.0592 0920 ============================================================
12:06:50.0592 0920 Current date / time: 2012/12/19 12:06:50.0592
12:06:50.0592 0920 SystemInfo:
12:06:50.0592 0920
12:06:50.0592 0920 OS Version: 6.0.6002 ServicePack: 2.0
12:06:50.0592 0920 Product type: Workstation
12:06:50.0592 0920 ComputerName: PYAARAWALA-PC
12:06:50.0592 0920 UserName: pyaarawala
12:06:50.0592 0920 Windows directory: C:\Windows
12:06:50.0592 0920 System windows directory: C:\Windows
12:06:50.0592 0920 Running under WOW64
12:06:50.0592 0920 Processor architecture: Intel x64
12:06:50.0592 0920 Number of processors: 2
12:06:50.0592 0920 Page size: 0x1000
12:06:50.0592 0920 Boot type: Normal boot
12:06:50.0592 0920 ============================================================
12:06:51.0248 0920 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:06:51.0263 0920 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:06:51.0669 0920 ============================================================
12:06:51.0669 0920 \Device\Harddisk0\DR0:
12:06:51.0669 0920 MBR partitions:
12:06:51.0669 0920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x2402E000
12:06:51.0669 0920 \Device\Harddisk2\DR2:
12:06:51.0669 0920 MBR partitions:
12:06:51.0669 0920 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705DB0
12:06:51.0669 0920 ============================================================
12:06:51.0747 0920 C: <-> \Device\Harddisk0\DR0\Partition1
12:06:51.0809 0920 G: <-> \Device\Harddisk2\DR2\Partition1
12:06:51.0809 0920 ============================================================
12:06:51.0809 0920 Initialize success
12:06:51.0809 0920 ============================================================
12:10:04.0304 4080 ============================================================
12:10:04.0304 4080 Scan started
12:10:04.0304 4080 Mode: Manual; SigCheck; TDLFS;
12:10:04.0304 4080 ============================================================
12:10:05.0225 4080 ================ Scan system memory ========================
12:10:05.0225 4080 System memory - ok
12:10:05.0225 4080 ================ Scan services =============================
12:10:05.0428 4080 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
12:10:05.0568 4080 ACPI - ok
12:10:05.0740 4080 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:10:13.0118 4080 AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - warning
12:10:13.0118 4080 AdobeFlashPlayerUpdateSvc - detected UnsignedFile.Multi.Generic (1)
12:10:13.0181 4080 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:10:18.0392 4080 adp94xx ( UnsignedFile.Multi.Generic ) - warning
12:10:18.0392 4080 adp94xx - detected UnsignedFile.Multi.Generic (1)
12:10:18.0470 4080 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:10:24.0601 4080 adpahci ( UnsignedFile.Multi.Generic ) - warning
12:10:24.0601 4080 adpahci - detected UnsignedFile.Multi.Generic (1)
12:10:24.0663 4080 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:10:34.0445 4080 adpu160m ( UnsignedFile.Multi.Generic ) - warning
12:10:34.0445 4080 adpu160m - detected UnsignedFile.Multi.Generic (1)
12:10:34.0491 4080 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:10:39.0639 4080 adpu320 ( UnsignedFile.Multi.Generic ) - warning
12:10:39.0639 4080 adpu320 - detected UnsignedFile.Multi.Generic (1)
12:10:39.0717 4080 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:10:39.0780 4080 AeLookupSvc - ok
12:10:39.0858 4080 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
12:10:39.0951 4080 AFD - ok
12:10:40.0014 4080 [ 8B0D8B5BAFD4C9D57B41426BC68B32F9 ] AgereModemAudio C:\Windows\system32\agr64svc.exe
12:10:45.0131 4080 AgereModemAudio ( UnsignedFile.Multi.Generic ) - warning
12:10:45.0131 4080 AgereModemAudio - detected UnsignedFile.Multi.Generic (1)
12:10:45.0224 4080 [ 3627A62B10284FFBF862BFD49928EDF4 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
12:10:50.0403 4080 AgereSoftModem ( UnsignedFile.Multi.Generic ) - warning
12:10:50.0403 4080 AgereSoftModem - detected UnsignedFile.Multi.Generic (1)
12:10:50.0466 4080 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:10:53.0711 4080 agp440 - ok
12:10:53.0757 4080 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:10:53.0898 4080 aic78xx ( UnsignedFile.Multi.Generic ) - warning
12:10:53.0898 4080 aic78xx - detected UnsignedFile.Multi.Generic (1)
12:10:53.0945 4080 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
12:10:56.0581 4080 ALG ( UnsignedFile.Multi.Generic ) - warning
12:10:56.0581 4080 ALG - detected UnsignedFile.Multi.Generic (1)
12:10:56.0643 4080 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
12:10:56.0737 4080 aliide - ok
12:10:56.0768 4080 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
12:10:56.0846 4080 amdide - ok
12:10:56.0877 4080 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:10:59.0420 4080 AmdK8 ( UnsignedFile.Multi.Generic ) - warning
12:10:59.0420 4080 AmdK8 - detected UnsignedFile.Multi.Generic (1)
12:10:59.0451 4080 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
12:10:59.0498 4080 Appinfo - ok
12:10:59.0592 4080 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:11:02.0150 4080 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - warning
12:11:02.0150 4080 Apple Mobile Device - detected UnsignedFile.Multi.Generic (1)
12:11:02.0244 4080 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
12:11:09.0139 4080 arc ( UnsignedFile.Multi.Generic ) - warning
12:11:09.0139 4080 arc - detected UnsignedFile.Multi.Generic (1)
12:11:09.0201 4080 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:11:14.0989 4080 arcsas ( UnsignedFile.Multi.Generic ) - warning
12:11:14.0989 4080 arcsas - detected UnsignedFile.Multi.Generic (1)
12:11:15.0114 4080 aspnet_state - ok
12:11:15.0161 4080 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
12:11:21.0479 4080 aswFsBlk ( UnsignedFile.Multi.Generic ) - warning
12:11:21.0479 4080 aswFsBlk - detected UnsignedFile.Multi.Generic (1)
12:11:21.0557 4080 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
12:11:27.0609 4080 aswMonFlt ( UnsignedFile.Multi.Generic ) - warning
12:11:27.0609 4080 aswMonFlt - detected UnsignedFile.Multi.Generic (1)
12:11:27.0672 4080 [ A4096B90F21BBD2973AFAB8EEE01CD25 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
12:11:32.0804 4080 AswRdr ( UnsignedFile.Multi.Generic ) - warning
12:11:32.0804 4080 AswRdr - detected UnsignedFile.Multi.Generic (1)
12:11:32.0882 4080 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
12:11:38.0108 4080 aswSnx ( UnsignedFile.Multi.Generic ) - warning
12:11:38.0108 4080 aswSnx - detected UnsignedFile.Multi.Generic (1)
12:11:38.0139 4080 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
12:11:52.0070 4080 aswSP ( UnsignedFile.Multi.Generic ) - warning
12:11:52.0070 4080 aswSP - detected UnsignedFile.Multi.Generic (1)
12:11:52.0117 4080 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
12:11:57.0234 4080 aswTdi ( UnsignedFile.Multi.Generic ) - warning
12:11:57.0234 4080 aswTdi - detected UnsignedFile.Multi.Generic (1)
12:11:57.0296 4080 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:11:59.0886 4080 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
12:11:59.0886 4080 AsyncMac - detected UnsignedFile.Multi.Generic (1)
12:11:59.0964 4080 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
12:11:59.0979 4080 atapi - ok
12:12:00.0042 4080 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:12:00.0120 4080 AudioEndpointBuilder - ok
12:12:00.0151 4080 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:12:00.0213 4080 AudioSrv - ok
12:12:00.0307 4080 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:12:06.0422 4080 avast! Antivirus ( UnsignedFile.Multi.Generic ) - warning
12:12:06.0422 4080 avast! Antivirus - detected UnsignedFile.Multi.Generic (1)
12:12:06.0469 4080 Beep - ok
12:12:06.0516 4080 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
12:12:06.0609 4080 BFE - ok
12:12:06.0687 4080 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\system32\qmgr.dll
12:12:06.0797 4080 BITS - ok
12:12:06.0843 4080 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:12:10.0650 4080 blbdrive ( UnsignedFile.Multi.Generic ) - warning
12:12:10.0650 4080 blbdrive - detected UnsignedFile.Multi.Generic (1)
12:12:10.0743 4080 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:12:13.0395 4080 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
12:12:13.0395 4080 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
12:12:13.0427 4080 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:12:13.0473 4080 bowser - ok
12:12:13.0505 4080 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:12:13.0567 4080 BrFiltLo - ok
12:12:13.0598 4080 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:12:13.0645 4080 BrFiltUp - ok
12:12:13.0692 4080 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
12:12:16.0281 4080 Browser ( UnsignedFile.Multi.Generic ) - warning
12:12:16.0281 4080 Browser - detected UnsignedFile.Multi.Generic (1)
12:12:16.0328 4080 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
12:12:16.0453 4080 Brserid ( UnsignedFile.Multi.Generic ) - warning
12:12:16.0453 4080 Brserid - detected UnsignedFile.Multi.Generic (1)
12:12:16.0484 4080 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:12:16.0593 4080 BrSerWdm ( UnsignedFile.Multi.Generic ) - warning
12:12:16.0593 4080 BrSerWdm - detected UnsignedFile.Multi.Generic (1)
12:12:16.0609 4080 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:12:16.0671 4080 BrUsbMdm ( UnsignedFile.Multi.Generic ) - warning
12:12:16.0671 4080 BrUsbMdm - detected UnsignedFile.Multi.Generic (1)
12:12:16.0687 4080 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
12:12:16.0765 4080 BrUsbSer ( UnsignedFile.Multi.Generic ) - warning
12:12:16.0765 4080 BrUsbSer - detected UnsignedFile.Multi.Generic (1)
12:12:16.0796 4080 [ 86F46C41F773DA5A4A1D221C9201E3B8 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
12:12:23.0099 4080 BthEnum ( UnsignedFile.Multi.Generic ) - warning
12:12:23.0099 4080 BthEnum - detected UnsignedFile.Multi.Generic (1)
12:12:23.0145 4080 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:12:23.0270 4080 BTHMODEM ( UnsignedFile.Multi.Generic ) - warning
12:12:23.0270 4080 BTHMODEM - detected UnsignedFile.Multi.Generic (1)
12:12:23.0301 4080 [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:12:25.0891 4080 BthPan ( UnsignedFile.Multi.Generic ) - warning
12:12:25.0891 4080 BthPan - detected UnsignedFile.Multi.Generic (1)
12:12:25.0953 4080 [ 422D812E231EC3A25F43A881061BE5A0 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
12:12:28.0559 4080 BTHPORT ( UnsignedFile.Multi.Generic ) - warning
12:12:28.0559 4080 BTHPORT - detected UnsignedFile.Multi.Generic (1)
12:12:28.0637 4080 [ 22E65FFD640F16968F855F5B3528D366 ] BthServ C:\Windows\System32\bthserv.dll
12:12:28.0668 4080 BthServ - ok
12:12:28.0683 4080 [ 1C24ADB844A910DAA2E2732E83A8F3D4 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
12:12:31.0289 4080 BTHUSB ( UnsignedFile.Multi.Generic ) - warning
12:12:31.0289 4080 BTHUSB - detected UnsignedFile.Multi.Generic (1)
12:12:31.0304 4080 btwaudio - ok
12:12:31.0320 4080 btwavdt - ok
12:12:31.0320 4080 btwrchid - ok
12:12:31.0335 4080 catchme - ok
12:12:31.0382 4080 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:12:34.0050 4080 cdfs ( UnsignedFile.Multi.Generic ) - warning
12:12:34.0050 4080 cdfs - detected UnsignedFile.Multi.Generic (1)
12:12:34.0128 4080 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:12:34.0190 4080 cdrom - ok
12:12:34.0237 4080 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
12:12:34.0315 4080 CertPropSvc - ok
12:12:34.0346 4080 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
12:12:37.0544 4080 circlass ( UnsignedFile.Multi.Generic ) - warning
12:12:37.0544 4080 circlass - detected UnsignedFile.Multi.Generic (1)
12:12:37.0607 4080 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
12:12:37.0700 4080 CLFS - ok
12:12:37.0763 4080 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:12:44.0096 4080 clr_optimization_v2.0.50727_32 - ok
12:12:44.0190 4080 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:12:49.0915 4080 clr_optimization_v2.0.50727_64 - ok
12:12:50.0009 4080 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:12:55.0687 4080 clr_optimization_v4.0.30319_32 ( UnsignedFile.Multi.Generic ) - warning
12:12:55.0687 4080 clr_optimization_v4.0.30319_32 - detected UnsignedFile.Multi.Generic (1)
12:12:55.0765 4080 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:13:00.0866 4080 clr_optimization_v4.0.30319_64 ( UnsignedFile.Multi.Generic ) - warning
12:13:00.0866 4080 clr_optimization_v4.0.30319_64 - detected UnsignedFile.Multi.Generic (1)
12:13:00.0929 4080 CLTNetCnService - ok
12:13:00.0944 4080 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:13:03.0534 4080 CmBatt ( UnsignedFile.Multi.Generic ) - warning
12:13:03.0534 4080 CmBatt - detected UnsignedFile.Multi.Generic (1)
12:13:03.0581 4080 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:13:03.0659 4080 cmdide - ok
12:13:03.0674 4080 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:13:06.0248 4080 Compbatt - ok
12:13:06.0248 4080 COMSysApp - ok
12:13:06.0311 4080 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:13:12.0020 4080 crcdisk ( UnsignedFile.Multi.Generic ) - warning
12:13:12.0020 4080 crcdisk - detected UnsignedFile.Multi.Generic (1)
12:13:12.0083 4080 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:13:12.0129 4080 CryptSvc - ok
12:13:12.0176 4080 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
12:13:12.0301 4080 DcomLaunch - ok
12:13:12.0348 4080 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:13:12.0379 4080 DfsC - ok
12:13:12.0519 4080 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
12:13:12.0785 4080 DFSR - ok
12:13:12.0847 4080 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:13:12.0894 4080 Dhcp - ok
12:13:12.0941 4080 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
12:13:12.0956 4080 disk - ok
12:13:13.0003 4080 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:13:13.0050 4080 Dnscache - ok
12:13:13.0112 4080 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
12:13:13.0175 4080 dot3svc - ok
12:13:13.0237 4080 [ 74C02B1717740C3B8039539E23E4B53F ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
12:13:15.0905 4080 Dot4 ( UnsignedFile.Multi.Generic ) - warning
12:13:15.0905 4080 Dot4 - detected UnsignedFile.Multi.Generic (1)
12:13:15.0983 4080 [ 08321D1860235BF42CF2854234337AEA ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:13:20.0335 4080 Dot4Print ( UnsignedFile.Multi.Generic ) - warning
12:13:20.0335 4080 Dot4Print - detected UnsignedFile.Multi.Generic (1)
12:13:20.0397 4080 [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
12:13:25.0311 4080 dot4usb ( UnsignedFile.Multi.Generic ) - warning
12:13:25.0311 4080 dot4usb - detected UnsignedFile.Multi.Generic (1)
12:13:25.0374 4080 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
12:13:27.0979 4080 DPS ( UnsignedFile.Multi.Generic ) - warning
12:13:27.0979 4080 DPS - detected UnsignedFile.Multi.Generic (1)
12:13:27.0995 4080 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:13:28.0073 4080 drmkaud - ok
12:13:28.0135 4080 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:13:28.0229 4080 DXGKrnl - ok
12:13:28.0260 4080 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
12:13:30.0865 4080 E1G60 ( UnsignedFile.Multi.Generic ) - warning
12:13:30.0865 4080 E1G60 - detected UnsignedFile.Multi.Generic (1)
12:13:30.0896 4080 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
12:13:30.0943 4080 EapHost - ok
12:13:30.0990 4080 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
12:13:31.0021 4080 Ecache - ok
12:13:31.0099 4080 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
12:13:33.0720 4080 eeCtrl ( UnsignedFile.Multi.Generic ) - warning
12:13:33.0720 4080 eeCtrl - detected UnsignedFile.Multi.Generic (1)
12:13:33.0829 4080 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:13:36.0419 4080 ehRecvr ( UnsignedFile.Multi.Generic ) - warning
12:13:36.0419 4080 ehRecvr - detected UnsignedFile.Multi.Generic (1)
12:13:36.0481 4080 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
12:13:39.0648 4080 ehSched ( UnsignedFile.Multi.Generic ) - warning
12:13:39.0648 4080 ehSched - detected UnsignedFile.Multi.Generic (1)
12:13:39.0710 4080 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
12:13:39.0741 4080 ehstart ( UnsignedFile.Multi.Generic ) - warning
12:13:39.0741 4080 ehstart - detected UnsignedFile.Multi.Generic (1)
12:13:39.0804 4080 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:13:45.0591 4080 elxstor ( UnsignedFile.Multi.Generic ) - warning
12:13:45.0591 4080 elxstor - detected UnsignedFile.Multi.Generic (1)
12:13:45.0654 4080 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:13:45.0779 4080 EMDMgmt - ok
12:13:45.0810 4080 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:13:48.0415 4080 ErrDev ( UnsignedFile.Multi.Generic ) - warning
12:13:48.0415 4080 ErrDev - detected UnsignedFile.Multi.Generic (1)
12:13:48.0509 4080 [ 4D06D9A26227AC485305133916888DF1 ] ETService C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
12:13:48.0540 4080 ETService ( UnsignedFile.Multi.Generic ) - warning
12:13:48.0540 4080 ETService - detected UnsignedFile.Multi.Generic (1)
12:13:48.0618 4080 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
12:13:48.0680 4080 EventSystem - ok
12:13:48.0727 4080 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
12:13:48.0774 4080 exfat - ok
12:13:48.0821 4080 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:13:48.0883 4080 fastfat - ok
12:13:48.0899 4080 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:13:51.0504 4080 fdc ( UnsignedFile.Multi.Generic ) - warning
12:13:51.0504 4080 fdc - detected UnsignedFile.Multi.Generic (1)
12:13:51.0566 4080 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
12:13:54.0171 4080 fdPHost ( UnsignedFile.Multi.Generic ) - warning
12:13:54.0171 4080 fdPHost - detected UnsignedFile.Multi.Generic (1)
12:13:54.0234 4080 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
12:13:54.0343 4080 FDResPub ( UnsignedFile.Multi.Generic ) - warning
12:13:54.0343 4080 FDResPub - detected UnsignedFile.Multi.Generic (1)
12:13:54.0359 4080 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:13:59.0475 4080 FileInfo ( UnsignedFile.Multi.Generic ) - warning
12:13:59.0475 4080 FileInfo - detected UnsignedFile.Multi.Generic (1)
12:13:59.0538 4080 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:14:02.0143 4080 Filetrace ( UnsignedFile.Multi.Generic ) - warning
12:14:02.0143 4080 Filetrace - detected UnsignedFile.Multi.Generic (1)
12:14:02.0237 4080 [ D778107D7C2A19D7E7A884A9F0D79581 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:14:02.0299 4080 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
12:14:02.0299 4080 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
12:14:02.0346 4080 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:14:04.0935 4080 flpydisk ( UnsignedFile.Multi.Generic ) - warning
12:14:04.0935 4080 flpydisk - detected UnsignedFile.Multi.Generic (1)
12:14:04.0998 4080 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:14:05.0045 4080 FltMgr - ok
12:14:05.0107 4080 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
12:14:05.0247 4080 FontCache - ok
12:14:05.0294 4080 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:14:10.0442 4080 FontCache3.0.0.0 - ok
12:14:10.0473 4080 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
12:14:17.0337 4080 fssfltr ( UnsignedFile.Multi.Generic ) - warning
12:14:17.0337 4080 fssfltr - detected UnsignedFile.Multi.Generic (1)
12:14:17.0493 4080 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:14:39.0255 4080 fsssvc ( UnsignedFile.Multi.Generic ) - warning
12:14:39.0255 4080 fsssvc - detected UnsignedFile.Multi.Generic (1)
12:14:39.0333 4080 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:14:39.0380 4080 Fs_Rec - ok
12:14:39.0411 4080 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:14:54.0559 4080 gagp30kx ( UnsignedFile.Multi.Generic ) - warning
12:14:54.0559 4080 gagp30kx - detected UnsignedFile.Multi.Generic (1)
12:14:54.0637 4080 [ 3EAFDD637416393722AA98E940DFD0A0 ] GameConsoleService C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
12:14:57.0960 4080 GameConsoleService ( UnsignedFile.Multi.Generic ) - warning
12:14:57.0960 4080 GameConsoleService - detected UnsignedFile.Multi.Generic (1)
12:14:58.0038 4080 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:15:03.0919 4080 GEARAspiWDM ( UnsignedFile.Multi.Generic ) - warning
12:15:03.0919 4080 GEARAspiWDM - detected UnsignedFile.Multi.Generic (1)
12:15:03.0981 4080 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
12:15:04.0059 4080 gpsvc - ok
12:15:04.0137 4080 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca23bbb329324d C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:15:06.0727 4080 gupdate1ca23bbb329324d ( UnsignedFile.Multi.Generic ) - warning
12:15:06.0727 4080 gupdate1ca23bbb329324d - detected UnsignedFile.Multi.Generic (1)
12:15:06.0789 4080 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:15:09.0363 4080 gupdatem ( UnsignedFile.Multi.Generic ) - warning
12:15:09.0363 4080 gupdatem - detected UnsignedFile.Multi.Generic (1)
12:15:09.0457 4080 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:15:14.0574 4080 gusvc ( UnsignedFile.Multi.Generic ) - warning
12:15:14.0574 4080 gusvc - detected UnsignedFile.Multi.Generic (1)
12:15:14.0652 4080 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:15:14.0792 4080 HdAudAddService ( UnsignedFile.Multi.Generic ) - warning
12:15:14.0792 4080 HdAudAddService - detected UnsignedFile.Multi.Generic (1)
12:15:14.0870 4080 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:15:15.0042 4080 HDAudBus - ok
12:15:15.0089 4080 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:15:15.0198 4080 HidBth ( UnsignedFile.Multi.Generic ) - warning
12:15:15.0198 4080 HidBth - detected UnsignedFile.Multi.Generic (1)
12:15:15.0307 4080 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
12:15:15.0416 4080 HidIr ( UnsignedFile.Multi.Generic ) - warning
12:15:15.0416 4080 HidIr - detected UnsignedFile.Multi.Generic (1)
12:15:15.0479 4080 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\System32\hidserv.dll
12:15:15.0525 4080 hidserv - ok
12:15:15.0557 4080 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:15:15.0635 4080 HidUsb - ok
12:15:15.0666 4080 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
12:15:15.0775 4080 hkmsvc ( UnsignedFile.Multi.Generic ) - warning
12:15:15.0775 4080 hkmsvc - detected UnsignedFile.Multi.Generic (1)
12:15:15.0791 4080 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:15:15.0900 4080 HpCISSs ( UnsignedFile.Multi.Generic ) - warning
12:15:15.0900 4080 HpCISSs - detected UnsignedFile.Multi.Generic (1)
12:15:15.0900 4080 HTCAND64 - ok
12:15:15.0962 4080 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:15:16.0087 4080 HTTP - ok
12:15:16.0134 4080 [ D969D0E26C5B1E813B17066A8318D5D4 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
12:15:16.0181 4080 hwdatacard ( UnsignedFile.Multi.Generic ) - warning
12:15:16.0181 4080 hwdatacard - detected UnsignedFile.Multi.Generic (1)
12:15:16.0212 4080 [ B45B3647BA32749B94FA689175EC8C26 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys
12:15:16.0227 4080 hwusbdev ( UnsignedFile.Multi.Generic ) - warning
12:15:16.0227 4080 hwusbdev - detected UnsignedFile.Multi.Generic (1)
12:15:16.0243 4080 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:15:16.0305 4080 i2omp ( UnsignedFile.Multi.Generic ) - warning
12:15:16.0305 4080 i2omp - detected UnsignedFile.Multi.Generic (1)
12:15:16.0321 4080 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:15:16.0352 4080 i8042prt - ok
12:15:16.0415 4080 [ 204A73A56751C68C6031E9D5D611EC98 ] IAANTMON C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
12:15:18.0957 4080 IAANTMON ( UnsignedFile.Multi.Generic ) - warning
12:15:18.0957 4080 IAANTMON - detected UnsignedFile.Multi.Generic (1)
12:15:19.0035 4080 [ CEB53BB804B41C52AB0782505C8E2994 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:15:27.0007 4080 iaStor ( UnsignedFile.Multi.Generic ) - warning
12:15:27.0007 4080 iaStor - detected UnsignedFile.Multi.Generic (1)
12:15:27.0054 4080 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:15:27.0179 4080 iaStorV ( UnsignedFile.Multi.Generic ) - warning
12:15:27.0179 4080 iaStorV - detected UnsignedFile.Multi.Generic (1)
12:15:27.0257 4080 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:15:27.0381 4080 idsvc - ok
12:15:27.0631 4080 [ 50F15F9AEE2E7692DFE58917E2D40498 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:15:28.0052 4080 igfx ( UnsignedFile.Multi.Generic ) - warning
12:15:28.0052 4080 igfx - detected UnsignedFile.Multi.Generic (1)
12:15:28.0068 4080 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:15:28.0146 4080 iirsp ( UnsignedFile.Multi.Generic ) - warning
12:15:28.0146 4080 iirsp - detected UnsignedFile.Multi.Generic (1)
12:15:28.0193 4080 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
12:15:28.0286 4080 IKEEXT - ok
12:15:28.0380 4080 [ 8C7FA71CB1EBCD3EDE8958D27B1BF0B4 ] int15 C:\Windows\SysWOW64\drivers\int15_64.sys
12:15:30.0923 4080 int15 ( UnsignedFile.Multi.Generic ) - warning
12:15:30.0923 4080 int15 - detected UnsignedFile.Multi.Generic (1)
12:15:30.0985 4080 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
12:15:31.0063 4080 intelide - ok
12:15:31.0079 4080 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:15:31.0157 4080 intelppm ( UnsignedFile.Multi.Generic ) - warning
12:15:31.0157 4080 intelppm - detected UnsignedFile.Multi.Generic (1)
12:15:31.0188 4080 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:15:31.0266 4080 IPBusEnum ( UnsignedFile.Multi.Generic ) - warning
12:15:31.0266 4080 IPBusEnum - detected UnsignedFile.Multi.Generic (1)
12:15:31.0313 4080 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:15:31.0359 4080 IpFilterDriver - ok
12:15:31.0406 4080 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:15:31.0484 4080 iphlpsvc - ok
12:15:31.0484 4080 IpInIp - ok
12:15:31.0515 4080 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:15:31.0593 4080 IPMIDRV ( UnsignedFile.Multi.Generic ) - warning
12:15:31.0593 4080 IPMIDRV - detected UnsignedFile.Multi.Generic (1)
12:15:31.0609 4080 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:15:31.0671 4080 IPNAT ( UnsignedFile.Multi.Generic ) - warning
12:15:31.0671 4080 IPNAT - detected UnsignedFile.Multi.Generic (1)
12:15:31.0765 4080 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:15:35.0556 4080 iPod Service ( UnsignedFile.Multi.Generic ) - warning
12:15:35.0556 4080 iPod Service - detected UnsignedFile.Multi.Generic (1)
12:15:35.0603 4080 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:15:35.0696 4080 IRENUM ( UnsignedFile.Multi.Generic ) - warning
12:15:35.0696 4080 IRENUM - detected UnsignedFile.Multi.Generic (1)
12:15:35.0712 4080 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:15:35.0790 4080 isapnp - ok
12:15:35.0837 4080 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:15:35.0868 4080 iScsiPrt - ok
12:15:35.0883 4080 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:15:36.0039 4080 iteatapi ( UnsignedFile.Multi.Generic ) - warning
12:15:36.0039 4080 iteatapi - detected UnsignedFile.Multi.Generic (1)
12:15:36.0055 4080 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:15:36.0195 4080 iteraid ( UnsignedFile.Multi.Generic ) - warning
12:15:36.0195 4080 iteraid - detected UnsignedFile.Multi.Generic (1)
12:15:36.0289 4080 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:15:36.0367 4080 kbdclass - ok
12:15:36.0383 4080 [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:15:36.0445 4080 kbdhid ( UnsignedFile.Multi.Generic ) - warning
12:15:36.0445 4080 kbdhid - detected UnsignedFile.Multi.Generic (1)
12:15:36.0476 4080 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
12:15:36.0507 4080 KeyIso - ok
12:15:36.0554 4080 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:15:36.0585 4080 KSecDD - ok
12:15:36.0617 4080 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:15:36.0648 4080 ksthunk ( UnsignedFile.Multi.Generic ) - warning
12:15:36.0648 4080 ksthunk - detected UnsignedFile.Multi.Generic (1)
12:15:36.0695 4080 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
12:15:36.0773 4080 KtmRm ( UnsignedFile.Multi.Generic ) - warning
12:15:36.0773 4080 KtmRm - detected UnsignedFile.Multi.Generic (1)
12:15:36.0851 4080 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:15:36.0866 4080 LanmanServer - ok
12:15:36.0897 4080 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:15:36.0929 4080 LanmanWorkstation - ok
12:15:37.0038 4080 [ 55AFD4A9D5ED4AD40D5215CCDF4D65F3 ] Lavasoft Ad-Aware Service C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
12:15:39.0705 4080 Lavasoft Ad-Aware Service ( UnsignedFile.Multi.Generic ) - warning
12:15:39.0705 4080 Lavasoft Ad-Aware Service - detected UnsignedFile.Multi.Generic (1)
12:15:39.0799 4080 [ 9A7FA6371F68335FD3C3D6488BC5A9F8 ] Lavasoft Kernexplorer C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
12:15:45.0665 4080 Lavasoft Kernexplorer ( UnsignedFile.Multi.Generic ) - warning
12:15:45.0665 4080 Lavasoft Kernexplorer - detected UnsignedFile.Multi.Generic (1)
12:15:45.0727 4080 [ C8B3131857931AE76798A741CC52B021 ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys
12:15:58.0425 4080 Lbd ( UnsignedFile.Multi.Generic ) - warning
12:15:58.0425 4080 Lbd - detected UnsignedFile.Multi.Generic (1)
12:15:58.0597 4080 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
12:16:01.0967 4080 LiveUpdate ( UnsignedFile.Multi.Generic ) - warning
12:16:01.0967 4080 LiveUpdate - detected UnsignedFile.Multi.Generic (1)
12:16:01.0982 4080 LiveUpdate Notice Ex - ok
12:16:02.0076 4080 [ 2D1389E05A807D956829F44BD4B60389 ] LiveUpdate Notice Service C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
12:16:04.0697 4080 LiveUpdate Notice Service ( UnsignedFile.Multi.Generic ) - warning
12:16:04.0697 4080 LiveUpdate Notice Service - detected UnsignedFile.Multi.Generic (1)
12:16:04.0743 4080 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:16:07.0333 4080 lltdio ( UnsignedFile.Multi.Generic ) - warning
12:16:07.0333 4080 lltdio - detected UnsignedFile.Multi.Generic (1)
12:16:07.0411 4080 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:16:10.0032 4080 lltdsvc ( UnsignedFile.Multi.Generic ) - warning
12:16:10.0032 4080 lltdsvc - detected UnsignedFile.Multi.Generic (1)
12:16:10.0079 4080 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:16:20.0952 4080 lmhosts ( UnsignedFile.Multi.Generic ) - warning
12:16:20.0952 4080 lmhosts - detected UnsignedFile.Multi.Generic (1)
12:16:21.0014 4080 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:16:38.0689 4080 LSI_FC ( UnsignedFile.Multi.Generic ) - warning
12:16:38.0689 4080 LSI_FC - detected UnsignedFile.Multi.Generic (1)
12:16:38.0751 4080 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:16:38.0861 4080 LSI_SAS ( UnsignedFile.Multi.Generic ) - warning
12:16:38.0861 4080 LSI_SAS - detected UnsignedFile.Multi.Generic (1)
12:16:38.0876 4080 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:16:39.0017 4080 LSI_SCSI ( UnsignedFile.Multi.Generic ) - warning
12:16:39.0017 4080 LSI_SCSI - detected UnsignedFile.Multi.Generic (1)
12:16:39.0048 4080 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
12:16:39.0126 4080 luafv ( UnsignedFile.Multi.Generic ) - warning
12:16:39.0126 4080 luafv - detected UnsignedFile.Multi.Generic (1)
12:16:39.0157 4080 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:16:39.0188 4080 Mcx2Svc ( UnsignedFile.Multi.Generic ) - warning
12:16:39.0188 4080 Mcx2Svc - detected UnsignedFile.Multi.Generic (1)
12:16:39.0204 4080 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
12:16:39.0313 4080 megasas ( UnsignedFile.Multi.Generic ) - warning
12:16:39.0313 4080 megasas - detected UnsignedFile.Multi.Generic (1)
12:16:39.0329 4080 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
12:16:39.0485 4080 MegaSR ( UnsignedFile.Multi.Generic ) - warning
12:16:39.0485 4080 MegaSR - detected UnsignedFile.Multi.Generic (1)
12:16:39.0563 4080 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:16:39.0594 4080 Microsoft Office Groove Audit Service ( UnsignedFile.Multi.Generic ) - warning
12:16:39.0594 4080 Microsoft Office Groove Audit Service - detected UnsignedFile.Multi.Generic (1)
12:16:39.0609 4080 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
12:16:39.0687 4080 MMCSS ( UnsignedFile.Multi.Generic ) - warning
12:16:39.0687 4080 MMCSS - detected UnsignedFile.Multi.Generic (1)
12:16:39.0703 4080 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
12:16:39.0734 4080 Modem ( UnsignedFile.Multi.Generic ) - warning
12:16:39.0734 4080 Modem - detected UnsignedFile.Multi.Generic (1)
12:16:39.0750 4080 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:16:39.0812 4080 monitor ( UnsignedFile.Multi.Generic ) - warning
12:16:39.0812 4080 monitor - detected UnsignedFile.Multi.Generic (1)
12:16:39.0859 4080 [ 940F4DA752E28E6C4B1090D21AEB7B80 ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
12:16:39.0890 4080 motmodem ( UnsignedFile.Multi.Generic ) - warning
12:16:39.0890 4080 motmodem - detected UnsignedFile.Multi.Generic (1)
12:16:39.0906 4080 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:16:39.0968 4080 mouclass ( UnsignedFile.Multi.Generic ) - warning
12:16:39.0968 4080 mouclass - detected UnsignedFile.Multi.Generic (1)
12:16:39.0984 4080 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:16:40.0015 4080 mouhid ( UnsignedFile.Multi.Generic ) - warning
12:16:40.0015 4080 mouhid - detected UnsignedFile.Multi.Generic (1)
12:16:40.0031 4080 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:16:40.0093 4080 MountMgr ( UnsignedFile.Multi.Generic ) - warning
12:16:40.0093 4080 MountMgr - detected UnsignedFile.Multi.Generic (1)
12:16:40.0187 4080 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:16:45.0272 4080 MozillaMaintenance ( UnsignedFile.Multi.Generic ) - warning
12:16:45.0272 4080 MozillaMaintenance - detected UnsignedFile.Multi.Generic (1)
12:16:45.0319 4080 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
12:16:45.0428 4080 mpio ( UnsignedFile.Multi.Generic ) - warning
12:16:45.0428 4080 mpio - detected UnsignedFile.Multi.Generic (1)
12:16:45.0459 4080 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:16:45.0506 4080 mpsdrv - ok
12:16:45.0553 4080 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
12:16:45.0647 4080 MpsSvc - ok
12:16:45.0662 4080 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:16:45.0818 4080 Mraid35x ( UnsignedFile.Multi.Generic ) - warning
12:16:45.0818 4080 Mraid35x - detected UnsignedFile.Multi.Generic (1)
12:16:45.0849 4080 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:16:45.0881 4080 MRxDAV - ok
12:16:45.0927 4080 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:16:45.0974 4080 mrxsmb - ok
12:16:46.0021 4080 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:16:46.0052 4080 mrxsmb10 - ok
12:16:46.0068 4080 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:16:46.0099 4080 mrxsmb20 - ok
12:16:46.0115 4080 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
12:16:46.0224 4080 msahci ( UnsignedFile.Multi.Generic ) - warning
12:16:46.0224 4080 msahci - detected UnsignedFile.Multi.Generic (1)
12:16:46.0239 4080 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:16:46.0286 4080 msdsm ( UnsignedFile.Multi.Generic ) - warning
12:16:46.0286 4080 msdsm - detected UnsignedFile.Multi.Generic (1)
12:16:46.0317 4080 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
12:16:46.0380 4080 MSDTC ( UnsignedFile.Multi.Generic ) - warning
12:16:46.0380 4080 MSDTC - detected UnsignedFile.Multi.Generic (1)
12:16:46.0395 4080 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:16:46.0442 4080 Msfs ( UnsignedFile.Multi.Generic ) - warning
12:16:46.0442 4080 Msfs - detected UnsignedFile.Multi.Generic (1)
12:16:46.0458 4080 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:16:46.0505 4080 msisadrv - ok
12:16:46.0551 4080 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:16:46.0598 4080 MSiSCSI ( UnsignedFile.Multi.Generic ) - warning
12:16:46.0598 4080 MSiSCSI - detected UnsignedFile.Multi.Generic (1)
12:16:46.0598 4080 msiserver - ok
12:16:46.0614 4080 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:16:46.0676 4080 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
12:16:46.0676 4080 MSKSSRV - detected UnsignedFile.Multi.Generic (1)
12:16:46.0707 4080 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:16:46.0801 4080 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
12:16:46.0801 4080 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
12:16:46.0817 4080 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:16:46.0910 4080 MSPQM ( UnsignedFile.Multi.Generic ) - warning
12:16:46.0910 4080 MSPQM - detected UnsignedFile.Multi.Generic (1)
12:16:46.0941 4080 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:16:46.0957 4080 MsRPC - ok
12:16:46.0973 4080 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:16:47.0035 4080 mssmbios - ok
12:16:47.0051 4080 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:16:47.0113 4080 MSTEE ( UnsignedFile.Multi.Generic ) - warning
12:16:47.0113 4080 MSTEE - detected UnsignedFile.Multi.Generic (1)
12:16:47.0129 4080 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
12:16:47.0144 4080 Mup - ok
12:16:47.0207 4080 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
12:16:47.0253 4080 napagent - ok
12:16:47.0285 4080 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:16:47.0300 4080 NativeWifiP - ok
12:16:47.0347 4080 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:16:47.0378 4080 NDIS - ok
12:16:47.0425 4080 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:16:47.0456 4080 NdisTapi - ok
12:16:47.0472 4080 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:16:47.0550 4080 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
12:16:47.0550 4080 Ndisuio - detected UnsignedFile.Multi.Generic (1)
12:16:47.0597 4080 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:16:47.0643 4080 NdisWan - ok
12:16:47.0659 4080 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:16:47.0690 4080 NDProxy - ok
12:16:47.0753 4080 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:16:47.0768 4080 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:16:47.0768 4080 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:16:47.0784 4080 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:16:47.0846 4080 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
12:16:47.0846 4080 NetBIOS - detected UnsignedFile.Multi.Generic (1)
12:16:47.0893 4080 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:16:47.0940 4080 netbt - ok
12:16:48.0002 4080 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
12:16:48.0018 4080 Netlogon - ok
12:16:48.0127 4080 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
12:16:48.0189 4080 Netman ( UnsignedFile.Multi.Generic ) - warning
12:16:48.0189 4080 Netman - detected UnsignedFile.Multi.Generic (1)
12:16:48.0221 4080 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
12:16:48.0283 4080 netprofm ( UnsignedFile.Multi.Generic ) - warning
12:16:48.0283 4080 netprofm - detected UnsignedFile.Multi.Generic (1)
12:16:48.0314 4080 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:16:48.0377 4080 NetTcpPortSharing - ok
12:16:48.0486 4080 [ 071FF34B560113790FE6E7EC0CEE67C5 ] NETw4v64 C:\Windows\system32\DRIVERS\NETw4v64.sys
12:16:48.0767 4080 NETw4v64 ( UnsignedFile.Multi.Generic ) - warning
12:16:48.0767 4080 NETw4v64 - detected UnsignedFile.Multi.Generic (1)
12:16:48.0798 4080 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:16:48.0907 4080 nfrd960 ( UnsignedFile.Multi.Generic ) - warning
12:16:48.0907 4080 nfrd960 - detected UnsignedFile.Multi.Generic (1)
12:16:48.0923 4080 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
12:16:49.0001 4080 NlaSvc ( UnsignedFile.Multi.Generic ) - warning
12:16:49.0001 4080 NlaSvc - detected UnsignedFile.Multi.Generic (1)
12:16:49.0016 4080 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:16:49.0063 4080 Npfs - ok
12:16:49.0079 4080 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
12:16:49.0141 4080 nsi ( UnsignedFile.Multi.Generic ) - warning
12:16:49.0141 4080 nsi - detected UnsignedFile.Multi.Generic (1)
12:16:49.0141 4080 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:16:49.0188 4080 nsiproxy ( UnsignedFile.Multi.Generic ) - warning
12:16:49.0188 4080 nsiproxy - detected UnsignedFile.Multi.Generic (1)
12:16:49.0266 4080 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:16:49.0359 4080 Ntfs - ok
12:16:49.0391 4080 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
12:16:49.0484 4080 Null ( UnsignedFile.Multi.Generic ) - warning
12:16:49.0484 4080 Null - detected UnsignedFile.Multi.Generic (1)
12:16:49.0500 4080 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:16:49.0562 4080 nvraid ( UnsignedFile.Multi.Generic ) - warning
12:16:49.0562 4080 nvraid - detected UnsignedFile.Multi.Generic (1)
12:16:49.0593 4080 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:16:49.0671 4080 nvstor ( UnsignedFile.Multi.Generic ) - warning
12:16:49.0671 4080 nvstor - detected UnsignedFile.Multi.Generic (1)
12:16:49.0687 4080 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:16:49.0749 4080 nv_agp - ok
12:16:49.0749 4080 NwlnkFlt - ok
12:16:49.0749 4080 NwlnkFwd - ok
12:16:49.0827 4080 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:16:49.0874 4080 odserv ( UnsignedFile.Multi.Generic ) - warning
12:16:49.0874 4080 odserv - detected UnsignedFile.Multi.Generic (1)
12:16:49.0905 4080 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:16:49.0983 4080 ohci1394 ( UnsignedFile.Multi.Generic ) - warning
12:16:49.0983 4080 ohci1394 - detected UnsignedFile.Multi.Generic (1)
12:16:50.0093 4080 [ 2AD6103F5D1CF5D26CC6A9A8B5E7AECA ] OpenVPNService C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
12:16:50.0093 4080 OpenVPNService ( UnsignedFile.Multi.Generic ) - warning
12:16:50.0093 4080 OpenVPNService - detected UnsignedFile.Multi.Generic (1)
12:16:50.0108 4080 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:16:50.0155 4080 ose ( UnsignedFile.Multi.Generic ) - warning
12:16:50.0155 4080 ose - detected UnsignedFile.Multi.Generic (1)
12:16:50.0217 4080 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:16:50.0327 4080 p2pimsvc - ok
12:16:50.0373 4080 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
12:16:50.0436 4080 p2psvc - ok
12:16:50.0498 4080 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
12:16:50.0607 4080 Parport ( UnsignedFile.Multi.Generic ) - warning
12:16:50.0607 4080 Parport - detected UnsignedFile.Multi.Generic (1)
12:16:50.0717 4080 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:16:50.0748 4080 partmgr - ok
12:16:50.0779 4080 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
12:16:50.0857 4080 PcaSvc ( UnsignedFile.Multi.Generic ) - warning
12:16:50.0857 4080 PcaSvc - detected UnsignedFile.Multi.Generic (1)
12:16:50.0904 4080 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
12:16:50.0935 4080 pci - ok
12:16:50.0951 4080 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
12:16:51.0091 4080 pciide ( UnsignedFile.Multi.Generic ) - warning
12:16:51.0091 4080 pciide - detected UnsignedFile.Multi.Generic (1)
12:16:51.0122 4080 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:16:51.0185 4080 pcmcia ( UnsignedFile.Multi.Generic ) - warning
12:16:51.0185 4080 pcmcia - detected UnsignedFile.Multi.Generic (1)
12:16:51.0263 4080 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:16:51.0372 4080 PEAUTH ( UnsignedFile.Multi.Generic ) - warning
12:16:51.0372 4080 PEAUTH - detected UnsignedFile.Multi.Generic (1)
12:16:51.0419 4080 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:16:51.0465 4080 PerfHost ( UnsignedFile.Multi.Generic ) - warning
12:16:51.0465 4080 PerfHost - detected UnsignedFile.Multi.Generic (1)
12:16:51.0528 4080 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
12:16:51.0637 4080 pla - ok
12:16:51.0684 4080 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:16:51.0715 4080 PlugPlay - ok
12:16:51.0777 4080 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:16:51.0809 4080 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:16:51.0809 4080 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:16:51.0855 4080 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:16:51.0902 4080 PNRPAutoReg - ok
12:16:51.0980 4080 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:16:52.0043 4080 PNRPsvc - ok
12:16:52.0121 4080 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:16:52.0199 4080 PolicyAgent - ok
12:16:52.0261 4080 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:16:52.0323 4080 PptpMiniport - ok
12:16:52.0355 4080 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
12:16:52.0417 4080 Processor ( UnsignedFile.Multi.Generic ) - warning
12:16:52.0417 4080 Processor - detected UnsignedFile.Multi.Generic (1)
12:16:52.0433 4080 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
12:16:52.0479 4080 ProfSvc - ok
12:16:52.0495 4080 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
12:16:52.0526 4080 ProtectedStorage - ok
12:16:52.0557 4080 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:16:52.0604 4080 PSched - ok
12:16:52.0651 4080 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:16:52.0823 4080 ql2300 ( UnsignedFile.Multi.Generic ) - warning
12:16:52.0823 4080 ql2300 - detected UnsignedFile.Multi.Generic (1)
12:16:52.0854 4080 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:16:52.0994 4080 ql40xx ( UnsignedFile.Multi.Generic ) - warning
12:16:52.0994 4080 ql40xx - detected UnsignedFile.Multi.Generic (1)
12:16:53.0025 4080 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
12:16:53.0057 4080 QWAVE ( UnsignedFile.Multi.Generic ) - warning
12:16:53.0057 4080 QWAVE - detected UnsignedFile.Multi.Generic (1)
12:16:53.0057 4080 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:16:53.0088 4080 QWAVEdrv ( UnsignedFile.Multi.Generic ) - warning
12:16:53.0088 4080 QWAVEdrv - detected UnsignedFile.Multi.Generic (1)
12:16:53.0103 4080 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:16:53.0166 4080 RasAcd ( UnsignedFile.Multi.Generic ) - warning
12:16:53.0166 4080 RasAcd - detected UnsignedFile.Multi.Generic (1)
12:16:53.0213 4080 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
12:16:53.0259 4080 RasAuto ( UnsignedFile.Multi.Generic ) - warning
12:16:53.0259 4080 RasAuto - detected UnsignedFile.Multi.Generic (1)
12:16:53.0291 4080 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:16:53.0337 4080 Rasl2tp - ok
12:16:53.0400 4080 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
12:16:53.0431 4080 RasMan - ok
12:16:53.0462 4080 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:16:53.0493 4080 RasPppoe - ok
12:16:53.0509 4080 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:16:53.0525 4080 RasSstp - ok
12:16:53.0571 4080 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:16:53.0603 4080 rdbss - ok
12:16:53.0649 4080 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:16:53.0696 4080 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
12:16:53.0696 4080 RDPCDD - detected UnsignedFile.Multi.Generic (1)
12:16:53.0712 4080 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
12:16:53.0774 4080 rdpdr ( UnsignedFile.Multi.Generic ) - warning
12:16:53.0774 4080 rdpdr - detected UnsignedFile.Multi.Generic (1)
12:16:53.0790 4080 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:16:53.0852 4080 RDPENCDD ( UnsignedFile.Multi.Generic ) - warning
12:16:53.0852 4080 RDPENCDD - detected UnsignedFile.Multi.Generic (1)
12:16:53.0899 4080 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:16:53.0930 4080 RDPWD - ok
12:16:53.0977 4080 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:16:54.0055 4080 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
12:16:54.0055 4080 RemoteAccess - detected UnsignedFile.Multi.Generic (1)
12:16:54.0102 4080 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:16:54.0149 4080 RemoteRegistry - ok
12:16:54.0164 4080 [ F228CE2F778503CECB2B27097B5B3139 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:16:54.0211 4080 RFCOMM ( UnsignedFile.Multi.Generic ) - warning
12:16:54.0211 4080 RFCOMM - detected UnsignedFile.Multi.Generic (1)
12:16:54.0242 4080 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
12:16:54.0273 4080 RimUsb ( UnsignedFile.Multi.Generic ) - warning
12:16:54.0273 4080 RimUsb - detected UnsignedFile.Multi.Generic (1)
12:16:54.0289 4080 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
12:16:54.0320 4080 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
12:16:54.0320 4080 RpcLocator - detected UnsignedFile.Multi.Generic (1)
12:16:54.0367 4080 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\System32\rpcss.dll
12:16:54.0398 4080 RpcSs - ok
12:16:54.0414 4080 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:16:54.0461 4080 rspndr ( UnsignedFile.Multi.Generic ) - warning
12:16:54.0461 4080 rspndr - detected UnsignedFile.Multi.Generic (1)
12:16:54.0492 4080 [ D88D6EE7ABC7E6FF4332E6CC7231927F ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
12:16:54.0539 4080 RTL8169 ( UnsignedFile.Multi.Generic ) - warning
12:16:54.0539 4080 RTL8169 - detected UnsignedFile.Multi.Generic (1)
12:16:54.0570 4080 [ D86160F6746A0A7BECC65B9D360D30B1 ] RTSTOR C:\Windows\system32\drivers\RTSTOR64.SYS
12:16:54.0632 4080 RTSTOR ( UnsignedFile.Multi.Generic ) - warning
12:16:54.0632 4080 RTSTOR - detected UnsignedFile.Multi.Generic (1)
12:16:54.0648 4080 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
12:16:54.0663 4080 SamSs - ok
12:16:54.0679 4080 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:16:54.0757 4080 sbp2port ( UnsignedFile.Multi.Generic ) - warning
12:16:54.0757 4080 sbp2port - detected UnsignedFile.Multi.Generic (1)
12:16:54.0835 4080 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
12:16:57.0440 4080 SBSDWSCService ( UnsignedFile.Multi.Generic ) - warning
12:16:57.0440 4080 SBSDWSCService - detected UnsignedFile.Multi.Generic (1)
12:16:57.0503 4080 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:16:57.0565 4080 SCardSvr - ok
12:16:57.0627 4080 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
12:16:57.0752 4080 Schedule - ok
12:16:57.0815 4080 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:16:57.0861 4080 SCPolicySvc - ok
12:16:57.0908 4080 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:16:57.0971 4080 SDRSVC - ok
12:16:58.0049 4080 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
12:16:58.0080 4080 SeaPort - ok
12:16:58.0111 4080 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:16:58.0220 4080 secdrv ( UnsignedFile.Multi.Generic ) - warning
12:16:58.0220 4080 secdrv - detected UnsignedFile.Multi.Generic (1)
12:16:58.0220 4080 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
12:16:58.0298 4080 seclogon ( UnsignedFile.Multi.Generic ) - warning
12:16:58.0298 4080 seclogon - detected UnsignedFile.Multi.Generic (1)
12:16:58.0329 4080 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\system32\sens.dll
12:16:58.0361 4080 SENS ( UnsignedFile.Multi.Generic ) - warning
12:16:58.0361 4080 SENS - detected UnsignedFile.Multi.Generic (1)
12:16:58.0376 4080 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:16:58.0439 4080 Serenum ( UnsignedFile.Multi.Generic ) - warning
12:16:58.0439 4080 Serenum - detected UnsignedFile.Multi.Generic (1)
12:16:58.0454 4080 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
12:16:58.0548 4080 Serial ( UnsignedFile.Multi.Generic ) - warning
12:16:58.0548 4080 Serial - detected UnsignedFile.Multi.Generic (1)
12:16:58.0563 4080 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:16:58.0610 4080 sermouse ( UnsignedFile.Multi.Generic ) - warning
12:16:58.0610 4080 sermouse - detected UnsignedFile.Multi.Generic (1)
12:16:58.0626 4080 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
12:16:58.0688 4080 SessionEnv ( UnsignedFile.Multi.Generic ) - warning
12:16:58.0688 4080 SessionEnv - detected UnsignedFile.Multi.Generic (1)
12:16:58.0704 4080 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:16:58.0751 4080 sffdisk ( UnsignedFile.Multi.Generic ) - warning
12:16:58.0751 4080 sffdisk - detected UnsignedFile.Multi.Generic (1)
12:16:58.0766 4080 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:16:58.0813 4080 sffp_mmc ( UnsignedFile.Multi.Generic ) - warning
12:16:58.0813 4080 sffp_mmc - detected UnsignedFile.Multi.Generic (1)
12:16:58.0813 4080 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:16:58.0860 4080 sffp_sd ( UnsignedFile.Multi.Generic ) - warning
12:16:58.0860 4080 sffp_sd - detected UnsignedFile.Multi.Generic (1)
12:16:58.0875 4080 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:16:58.0938 4080 sfloppy ( UnsignedFile.Multi.Generic ) - warning
12:16:58.0938 4080 sfloppy - detected UnsignedFile.Multi.Generic (1)
12:16:59.0016 4080 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:16:59.0078 4080 SharedAccess ( UnsignedFile.Multi.Generic ) - warning
12:16:59.0078 4080 SharedAccess - detected UnsignedFile.Multi.Generic (1)
12:16:59.0141 4080 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:16:59.0172 4080 ShellHWDetection - ok
12:16:59.0219 4080 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:16:59.0281 4080 SiSRaid2 ( UnsignedFile.Multi.Generic ) - warning
12:16:59.0281 4080 SiSRaid2 - detected UnsignedFile.Multi.Generic (1)
12:16:59.0297 4080 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:16:59.0343 4080 SiSRaid4 ( UnsignedFile.Multi.Generic ) - warning
12:16:59.0343 4080 SiSRaid4 - detected UnsignedFile.Multi.Generic (1)
12:16:59.0437 4080 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:17:01.0964 4080 SkypeUpdate ( UnsignedFile.Multi.Generic ) - warning
12:17:01.0964 4080 SkypeUpdate - detected UnsignedFile.Multi.Generic (1)
12:17:02.0089 4080 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
12:17:02.0307 4080 slsvc - ok
12:17:02.0354 4080 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:17:02.0417 4080 SLUINotify - ok
12:17:02.0448 4080 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:17:02.0495 4080 Smb - ok
12:17:02.0541 4080 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:17:02.0635 4080 SNMPTRAP ( UnsignedFile.Multi.Generic ) - warning
12:17:02.0635 4080 SNMPTRAP - detected UnsignedFile.Multi.Generic (1)
12:17:02.0682 4080 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
12:17:02.0713 4080 spldr - ok
12:17:02.0744 4080 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
12:17:02.0807 4080 Spooler - ok
12:17:02.0853 4080 [ 9AB59CF736981ED1F83C6AB5FAA8BA5C ] sptd C:\Windows\system32\Drivers\sptd.sys
12:17:02.0853 4080 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 9AB59CF736981ED1F83C6AB5FAA8BA5C
12:17:02.0885 4080 sptd ( LockedFile.Multi.Generic ) - warning
12:17:02.0885 4080 sptd - detected LockedFile.Multi.Generic (1)
12:17:02.0931 4080 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
12:17:02.0994 4080 srv - ok
12:17:03.0041 4080 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:17:03.0087 4080 srv2 - ok
12:17:03.0150 4080 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:17:03.0197 4080 srvnet - ok
12:17:03.0243 4080 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:17:03.0337 4080 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
12:17:03.0337 4080 SSDPSRV - detected UnsignedFile.Multi.Generic (1)
12:17:03.0353 4080 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:17:03.0368 4080 SstpSvc - ok
12:17:03.0399 4080 Steam Client Service - ok
12:17:03.0431 4080 [ 5467347266CF34C157341670E8D64E7F ] STHDA C:\Windows\system32\drivers\stwrt64.sys
12:17:03.0509 4080 STHDA ( UnsignedFile.Multi.Generic ) - warning
12:17:03.0509 4080 STHDA - detected UnsignedFile.Multi.Generic (1)
12:17:03.0571 4080 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
12:17:03.0665 4080 stisvc - ok
12:17:03.0711 4080 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:17:03.0758 4080 swenum - ok
12:17:03.0789 4080 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
12:17:03.0836 4080 swprv - ok
12:17:03.0852 4080 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:17:03.0930 4080 Symc8xx ( UnsignedFile.Multi.Generic ) - warning
12:17:03.0930 4080 Symc8xx - detected UnsignedFile.Multi.Generic (1)
12:17:03.0945 4080 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:17:04.0023 4080 Sym_hi ( UnsignedFile.Multi.Generic ) - warning
12:17:04.0023 4080 Sym_hi - detected UnsignedFile.Multi.Generic (1)
12:17:04.0023 4080 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:17:04.0101 4080 Sym_u3 ( UnsignedFile.Multi.Generic ) - warning
12:17:04.0101 4080 Sym_u3 - detected UnsignedFile.Multi.Generic (1)
12:17:04.0133 4080 [ D9B5FE44B394C587BCE3CF9FA369AC64 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:17:06.0753 4080 SynTP ( UnsignedFile.Multi.Generic ) - warning
12:17:06.0753 4080 SynTP - detected UnsignedFile.Multi.Generic (1)
12:17:06.0831 4080 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
12:17:06.0941 4080 SysMain - ok
12:17:07.0034 4080 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:17:07.0050 4080 TabletInputService - ok
12:17:07.0081 4080 [ F9BE29D5E097F03F81D3CD12B794CB66 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
12:17:12.0822 4080 tap0901 ( UnsignedFile.Multi.Generic ) - warning
12:17:12.0822 4080 tap0901 - detected UnsignedFile.Multi.Generic (1)
12:17:12.0900 4080 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:17:12.0962 4080 TapiSrv - ok
12:17:12.0993 4080 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
12:17:13.0071 4080 TBS ( UnsignedFile.Multi.Generic ) - warning
12:17:13.0071 4080 TBS - detected UnsignedFile.Multi.Generic (1)
12:17:13.0134 4080 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:17:13.0227 4080 Tcpip - ok
12:17:13.0290 4080 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:17:13.0399 4080 Tcpip6 - ok
12:17:13.0430 4080 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:17:13.0461 4080 tcpipreg - ok
12:17:13.0493 4080 [ 752313F759D8BC9A1D17DEDE5140C456 ] TcUsb C:\Windows\system32\Drivers\tcusb.sys
12:17:16.0160 4080 TcUsb ( UnsignedFile.Multi.Generic ) - warning
12:17:16.0160 4080 TcUsb - detected UnsignedFile.Multi.Generic (1)
12:17:16.0191 4080 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:17:16.0269 4080 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
12:17:16.0269 4080 TDPIPE - detected UnsignedFile.Multi.Generic (1)
12:17:16.0301 4080 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:17:16.0394 4080 TDTCP ( UnsignedFile.Multi.Generic ) - warning
12:17:16.0394 4080 TDTCP - detected UnsignedFile.Multi.Generic (1)
12:17:16.0441 4080 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:17:16.0488 4080 tdx - ok
12:17:16.0503 4080 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:17:16.0535 4080 TermDD - ok
12:17:16.0581 4080 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
12:17:16.0675 4080 TermService - ok
12:17:16.0722 4080 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
12:17:16.0753 4080 Themes - ok
12:17:16.0769 4080 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
12:17:16.0847 4080 THREADORDER ( UnsignedFile.Multi.Generic ) - warning
12:17:16.0847 4080 THREADORDER - detected UnsignedFile.Multi.Generic (1)
12:17:16.0893 4080 [ 199C2E87D9A5EC58D0BCD94E893BF629 ] TIEHDUSB C:\Windows\system32\DRIVERS\tiehdusb.sys
12:17:16.0925 4080 TIEHDUSB ( UnsignedFile.Multi.Generic ) - warning
12:17:16.0925 4080 TIEHDUSB - detected UnsignedFile.Multi.Generic (1)
12:17:16.0971 4080 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
12:17:17.0065 4080 TrkWks ( UnsignedFile.Multi.Generic ) - warning
12:17:17.0065 4080 TrkWks - detected UnsignedFile.Multi.Generic (1)
12:17:17.0127 4080 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:17:17.0174 4080 TrustedInstaller - ok
12:17:17.0205 4080 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:17:17.0299 4080 tssecsrv ( UnsignedFile.Multi.Generic ) - warning
12:17:17.0299 4080 tssecsrv - detected UnsignedFile.Multi.Generic (1)
12:17:17.0330 4080 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:17:17.0361 4080 tunmp - ok
12:17:17.0393 4080 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:17:17.0424 4080 tunnel - ok
12:17:17.0455 4080 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:17:17.0549 4080 uagp35 ( UnsignedFile.Multi.Generic ) - warning
12:17:17.0549 4080 uagp35 - detected UnsignedFile.Multi.Generic (1)
12:17:17.0595 4080 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:17:17.0642 4080 udfs - ok
12:17:17.0689 4080 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:17:17.0736 4080 UI0Detect ( UnsignedFile.Multi.Generic ) - warning
12:17:17.0736 4080 UI0Detect - detected UnsignedFile.Multi.Generic (1)
12:17:17.0751 4080 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:17:17.0798 4080 uliagpkx - ok
12:17:17.0829 4080 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:17:17.0907 4080 uliahci ( UnsignedFile.Multi.Generic ) - warning
12:17:17.0907 4080 uliahci - detected UnsignedFile.Multi.Generic (1)
12:17:17.0923 4080 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:17:18.0001 4080 UlSata ( UnsignedFile.Multi.Generic ) - warning
12:17:18.0001 4080 UlSata - detected UnsignedFile.Multi.Generic (1)
12:17:18.0032 4080 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:17:18.0141 4080 ulsata2 ( UnsignedFile.Multi.Generic ) - warning
12:17:18.0141 4080 ulsata2 - detected UnsignedFile.Multi.Generic (1)
12:17:18.0157 4080 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:17:18.0219 4080 umbus ( UnsignedFile.Multi.Generic ) - warning
12:17:18.0219 4080 umbus - detected UnsignedFile.Multi.Generic (1)
12:17:18.0251 4080 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
12:17:18.0297 4080 upnphost ( UnsignedFile.Multi.Generic ) - warning
12:17:18.0297 4080 upnphost - detected UnsignedFile.Multi.Generic (1)
12:17:18.0344 4080 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:17:21.0137 4080 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
12:17:21.0137 4080 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
12:17:21.0183 4080 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:17:21.0246 4080 usbccgp - ok
12:17:21.0261 4080 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:17:21.0371 4080 usbcir ( UnsignedFile.Multi.Generic ) - warning
12:17:21.0371 4080 usbcir - detected UnsignedFile.Multi.Generic (1)
12:17:21.0402 4080 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:17:21.0433 4080 usbehci - ok
12:17:21.0449 4080 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:17:21.0480 4080 usbhub - ok
12:17:21.0495 4080 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:17:21.0558 4080 usbohci ( UnsignedFile.Multi.Generic ) - warning
12:17:21.0558 4080 usbohci - detected UnsignedFile.Multi.Generic (1)
12:17:21.0589 4080 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:17:21.0636 4080 usbprint ( UnsignedFile.Multi.Generic ) - warning
12:17:21.0636 4080 usbprint - detected UnsignedFile.Multi.Generic (1)
12:17:21.0667 4080 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:17:21.0714 4080 usbscan - ok
12:17:21.0761 4080 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:17:21.0792 4080 USBSTOR - ok
12:17:21.0792 4080 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:17:21.0823 4080 usbuhci - ok
12:17:21.0854 4080 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:17:21.0901 4080 usbvideo ( UnsignedFile.Multi.Generic ) - warning
12:17:21.0901 4080 usbvideo - detected UnsignedFile.Multi.Generic (1)
12:17:21.0917 4080 [ 1E36BB1A3C5AAF2AA9FA9A126DF8C16C ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
12:17:21.0948 4080 usb_rndisx - ok
12:17:21.0979 4080 [ FA3CA291F80EE13A1AC210492A7DFBB9 ] UVCFTR C:\Windows\system32\Drivers\UVCFTR_S.SYS
12:17:26.0487 4080 UVCFTR ( UnsignedFile.Multi.Generic ) - warning
12:17:26.0487 4080 UVCFTR - detected UnsignedFile.Multi.Generic (1)
12:17:26.0519 4080 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
12:17:26.0597 4080 UxSms - ok
12:17:26.0643 4080 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
12:17:26.0737 4080 vds - ok
12:17:26.0768 4080 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:17:26.0846 4080 vga ( UnsignedFile.Multi.Generic ) - warning
12:17:26.0846 4080 vga - detected UnsignedFile.Multi.Generic (1)
12:17:26.0862 4080 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:17:26.0940 4080 VgaSave ( UnsignedFile.Multi.Generic ) - warning
12:17:26.0940 4080 VgaSave - detected UnsignedFile.Multi.Generic (1)
12:17:26.0955 4080 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
12:17:27.0002 4080 viaide - ok
12:17:27.0049 4080 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
12:17:27.0049 4080 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - warning
12:17:27.0049 4080 Viewpoint Manager Service - detected UnsignedFile.Multi.Generic (1)
12:17:27.0080 4080 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:17:27.0096 4080 volmgr - ok
12:17:27.0158 4080 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:17:27.0174 4080 volmgrx - ok
12:17:27.0252 4080 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:17:27.0283 4080 volsnap - ok
12:17:27.0330 4080 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:17:27.0377 4080 vsmraid ( UnsignedFile.Multi.Generic ) - warning
12:17:27.0377 4080 vsmraid - detected UnsignedFile.Multi.Generic (1)
12:17:27.0470 4080 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
12:17:27.0564 4080 VSS - ok
12:17:27.0626 4080 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
12:17:27.0689 4080 W32Time - ok
12:17:27.0720 4080 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:17:27.0829 4080 WacomPen ( UnsignedFile.Multi.Generic ) - warning
12:17:27.0829 4080 WacomPen - detected UnsignedFile.Multi.Generic (1)
12:17:27.0860 4080 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:17:27.0891 4080 Wanarp - ok
12:17:27.0907 4080 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:17:27.0923 4080 Wanarpv6 - ok
12:17:27.0954 4080 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:17:28.0001 4080 wcncsvc - ok
12:17:28.0032 4080 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:17:28.0063 4080 WcsPlugInService - ok
12:17:28.0079 4080 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
12:17:28.0141 4080 Wd ( UnsignedFile.Multi.Generic ) - warning
12:17:28.0141 4080 Wd - detected UnsignedFile.Multi.Generic (1)
12:17:28.0188 4080 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:17:28.0235 4080 Wdf01000 - ok
12:17:28.0266 4080 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:17:28.0313 4080 WdiServiceHost ( UnsignedFile.Multi.Generic ) - warning
12:17:28.0313 4080 WdiServiceHost - detected UnsignedFile.Multi.Generic (1)
12:17:28.0344 4080 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:17:28.0391 4080 WdiSystemHost ( UnsignedFile.Multi.Generic ) - warning
12:17:28.0391 4080 WdiSystemHost - detected UnsignedFile.Multi.Generic (1)
12:17:28.0422 4080 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
12:17:28.0453 4080 WebClient - ok
12:17:28.0484 4080 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:17:28.0500 4080 Wecsvc - ok
12:17:28.0515 4080 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:17:28.0578 4080 wercplsupport - ok
12:17:28.0609 4080 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
12:17:28.0656 4080 WerSvc - ok
12:17:28.0687 4080 WinDefend - ok
12:17:28.0687 4080 WinHttpAutoProxySvc - ok
12:17:28.0749 4080 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:17:28.0781 4080 Winmgmt - ok
12:17:28.0859 4080 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
12:17:29.0061 4080 WinRM - ok
12:17:29.0186 4080 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:17:29.0264 4080 Wlansvc - ok
12:17:29.0420 4080 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:17:29.0576 4080 wlidsvc ( UnsignedFile.Multi.Generic ) - warning
12:17:29.0576 4080 wlidsvc - detected UnsignedFile.Multi.Generic (1)
12:17:29.0623 4080 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:17:29.0670 4080 WmiAcpi - ok
12:17:29.0717 4080 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:17:29.0779 4080 wmiApSrv - ok
12:17:29.0810 4080 WMPNetworkSvc - ok
12:17:29.0841 4080 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:17:29.0888 4080 WPCSvc - ok
12:17:29.0935 4080 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:17:29.0997 4080 WPDBusEnum - ok
12:17:30.0044 4080 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:17:30.0075 4080 WpdUsb - ok
12:17:30.0200 4080 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:17:30.0387 4080 WPFFontCache_v0400 ( UnsignedFile.Multi.Generic ) - warning
12:17:30.0387 4080 WPFFontCache_v0400 - detected UnsignedFile.Multi.Generic (1)
12:17:30.0434 4080 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:17:30.0528 4080 ws2ifsl ( UnsignedFile.Multi.Generic ) - warning
12:17:30.0528 4080 ws2ifsl - detected UnsignedFile.Multi.Generic (1)
12:17:30.0575 4080 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\system32\wscsvc.dll
12:17:30.0621 4080 wscsvc - ok
12:17:30.0621 4080 WSearch - ok
12:17:30.0746 4080 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:17:31.0074 4080 wuauserv - ok
12:17:31.0105 4080 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:17:31.0136 4080 WudfPf - ok
12:17:31.0167 4080 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:17:31.0199 4080 WUDFRd - ok
12:17:31.0230 4080 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:17:31.0292 4080 wudfsvc - ok
12:17:31.0370 4080 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:17:33.0991 4080 YahooAUService ( UnsignedFile.Multi.Generic ) - warning
12:17:33.0991 4080 YahooAUService - detected UnsignedFile.Multi.Generic (1)
12:17:34.0038 4080 ================ Scan global ===============================
12:17:34.0100 4080 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
12:17:34.0147 4080 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
12:17:34.0178 4080 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
12:17:34.0241 4080 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
12:17:34.0256 4080 [Global] - ok
12:17:34.0256 4080 ================ Scan MBR ==================================
12:17:34.0272 4080 [ 8C9F9E03865C35F0F3829A23CDA42F5D ] \Device\Harddisk0\DR0
12:17:37.0220 4080 \Device\Harddisk0\DR0 - ok
12:17:37.0236 4080 ================ Scan VBR ==================================
12:17:37.0267 4080 [ FAC23521042CA89A6660F287E73DBDF6 ] \Device\Harddisk0\DR0\Partition1
12:17:37.0267 4080 \Device\Harddisk0\DR0\Partition1 - ok
12:17:37.0267 4080 ============================================================
12:17:37.0267 4080 Scan finished
12:17:37.0267 4080 ============================================================
12:17:37.0283 3148 Detected object count: 226
12:17:37.0283 3148 Actual detected object count: 226
12:18:42.0865 3148 AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0865 3148 AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0865 3148 adp94xx ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0865 3148 adp94xx ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0865 3148 adpahci ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0865 3148 adpahci ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0865 3148 adpu160m ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0865 3148 adpu160m ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0865 3148 adpu320 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0865 3148 adpu320 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0881 3148 AgereModemAudio ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0881 3148 AgereModemAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0881 3148 AgereSoftModem ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0881 3148 AgereSoftModem ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0881 3148 aic78xx ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0881 3148 aic78xx ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0881 3148 ALG ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0881 3148 ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0881 3148 AmdK8 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0881 3148 AmdK8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0881 3148 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0881 3148 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0896 3148 arc ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0896 3148 arc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0896 3148 arcsas ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0896 3148 arcsas ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0896 3148 aswFsBlk ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0896 3148 aswFsBlk ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0896 3148 aswMonFlt ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0896 3148 aswMonFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0896 3148 AswRdr ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0896 3148 AswRdr ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0912 3148 aswSnx ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0912 3148 aswSnx ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0912 3148 aswSP ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0912 3148 aswSP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0912 3148 aswTdi ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0912 3148 aswTdi ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0912 3148 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0912 3148 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0912 3148 avast! Antivirus ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0912 3148 avast! Antivirus ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0912 3148 blbdrive ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0912 3148 blbdrive ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0927 3148 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0927 3148 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0927 3148 Browser ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0927 3148 Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0927 3148 Brserid ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0927 3148 Brserid ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0927 3148 BrSerWdm ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0927 3148 BrSerWdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0927 3148 BrUsbMdm ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0927 3148 BrUsbMdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0927 3148 BrUsbSer ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0927 3148 BrUsbSer ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0943 3148 BthEnum ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0943 3148 BthEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0943 3148 BTHMODEM ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0943 3148 BTHMODEM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0943 3148 BthPan ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0943 3148 BthPan ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0943 3148 BTHPORT ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0943 3148 BTHPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0943 3148 BTHUSB ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0943 3148 BTHUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0943 3148 cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0943 3148 cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0959 3148 circlass ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0959 3148 circlass ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0959 3148 clr_optimization_v4.0.30319_32 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0959 3148 clr_optimization_v4.0.30319_32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0959 3148 clr_optimization_v4.0.30319_64 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0959 3148 clr_optimization_v4.0.30319_64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0959 3148 CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0959 3148 CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0959 3148 crcdisk ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0959 3148 crcdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0959 3148 Dot4 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0959 3148 Dot4 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0974 3148 Dot4Print ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0974 3148 Dot4Print ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0974 3148 dot4usb ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0974 3148 dot4usb ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0974 3148 DPS ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0974 3148 DPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0974 3148 E1G60 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0974 3148 E1G60 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0974 3148 eeCtrl ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0974 3148 eeCtrl ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0974 3148 ehRecvr ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0974 3148 ehRecvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0990 3148 ehSched ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0990 3148 ehSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0990 3148 ehstart ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0990 3148 ehstart ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0990 3148 elxstor ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0990 3148 elxstor ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0990 3148 ErrDev ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0990 3148 ErrDev ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0990 3148 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0990 3148 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0990 3148 fdc ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0990 3148 fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:42.0990 3148 fdPHost ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:42.0990 3148 fdPHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0005 3148 FDResPub ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0005 3148 FDResPub ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0005 3148 FileInfo ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0005 3148 FileInfo ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0005 3148 Filetrace ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0005 3148 Filetrace ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0005 3148 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0005 3148 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0005 3148 flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0005 3148 flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0005 3148 fssfltr ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0005 3148 fssfltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0021 3148 fsssvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0021 3148 fsssvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0021 3148 gagp30kx ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0021 3148 gagp30kx ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0021 3148 GameConsoleService ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0021 3148 GameConsoleService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0021 3148 GEARAspiWDM ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0021 3148 GEARAspiWDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0021 3148 gupdate1ca23bbb329324d ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0021 3148 gupdate1ca23bbb329324d ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0021 3148 gupdatem ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0021 3148 gupdatem ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0037 3148 gusvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0037 3148 gusvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0037 3148 HdAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0037 3148 HdAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0037 3148 HidBth ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0037 3148 HidBth ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0037 3148 HidIr ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0037 3148 HidIr ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0037 3148 hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0037 3148 hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0037 3148 HpCISSs ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0037 3148 HpCISSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0052 3148 hwdatacard ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0052 3148 hwdatacard ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0052 3148 hwusbdev ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0052 3148 hwusbdev ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0052 3148 i2omp ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0052 3148 i2omp ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0052 3148 IAANTMON ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0052 3148 IAANTMON ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0052 3148 iaStor ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0052 3148 iaStor ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0052 3148 iaStorV ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0052 3148 iaStorV ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0068 3148 igfx ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0068 3148 igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0068 3148 iirsp ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0068 3148 iirsp ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0068 3148 int15 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0068 3148 int15 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0068 3148 intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0068 3148 intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0068 3148 IPBusEnum ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0068 3148 IPBusEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0068 3148 IPMIDRV ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0068 3148 IPMIDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0068 3148 IPNAT ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0068 3148 IPNAT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0068 3148 iPod Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0083 3148 iPod Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0083 3148 IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0083 3148 IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0083 3148 iteatapi ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0083 3148 iteatapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0083 3148 iteraid ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0083 3148 iteraid ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0083 3148 kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0083 3148 kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0083 3148 ksthunk ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0083 3148 ksthunk ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0083 3148 KtmRm ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0083 3148 KtmRm ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0099 3148 Lavasoft Ad-Aware Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0099 3148 Lavasoft Ad-Aware Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0099 3148 Lavasoft Kernexplorer ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0099 3148 Lavasoft Kernexplorer ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0099 3148 Lbd ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0099 3148 Lbd ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0099 3148 LiveUpdate ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0099 3148 LiveUpdate ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0099 3148 LiveUpdate Notice Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0099 3148 LiveUpdate Notice Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0099 3148 lltdio ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0099 3148 lltdio ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0115 3148 lltdsvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0115 3148 lltdsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0115 3148 lmhosts ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0115 3148 lmhosts ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0115 3148 LSI_FC ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0115 3148 LSI_FC ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0115 3148 LSI_SAS ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0115 3148 LSI_SAS ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0115 3148 LSI_SCSI ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0115 3148 LSI_SCSI ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0115 3148 luafv ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0115 3148 luafv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0115 3148 Mcx2Svc ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0115 3148 Mcx2Svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0130 3148 megasas ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0130 3148 megasas ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0130 3148 MegaSR ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0130 3148 MegaSR ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0130 3148 Microsoft Office Groove Audit Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0130 3148 Microsoft Office Groove Audit Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0130 3148 MMCSS ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0130 3148 MMCSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0130 3148 Modem ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0130 3148 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0130 3148 monitor ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0130 3148 monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0130 3148 motmodem ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0130 3148 motmodem ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0146 3148 mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0146 3148 mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0146 3148 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0146 3148 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0146 3148 MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0146 3148 MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0146 3148 MozillaMaintenance ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0146 3148 MozillaMaintenance ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0146 3148 mpio ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0146 3148 mpio ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0146 3148 Mraid35x ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0146 3148 Mraid35x ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0161 3148 msahci ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0161 3148 msahci ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0161 3148 msdsm ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0161 3148 msdsm ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0161 3148 MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0161 3148 MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0161 3148 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0161 3148 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0161 3148 MSiSCSI ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0161 3148 MSiSCSI ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0161 3148 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0161 3148 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0177 3148 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0177 3148 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0177 3148 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0177 3148 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0177 3148 MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0177 3148 MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0177 3148 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0177 3148 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0177 3148 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0177 3148 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0177 3148 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0177 3148 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0193 3148 Netman ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0193 3148 Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0193 3148 netprofm ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0193 3148 netprofm ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0193 3148 NETw4v64 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0193 3148 NETw4v64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0193 3148 nfrd960 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0193 3148 nfrd960 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0193 3148 NlaSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0193 3148 NlaSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0193 3148 nsi ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0193 3148 nsi ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0193 3148 nsiproxy ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0193 3148 nsiproxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0208 3148 Null ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0208 3148 Null ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0208 3148 nvraid ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0208 3148 nvraid ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0208 3148 nvstor ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0208 3148 nvstor ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0208 3148 odserv ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0208 3148 odserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0208 3148 ohci1394 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0208 3148 ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0208 3148 OpenVPNService ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0208 3148 OpenVPNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0208 3148 ose ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0208 3148 ose ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0208 3148 Parport ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0208 3148 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0224 3148 PcaSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0224 3148 PcaSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0224 3148 pciide ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0224 3148 pciide ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0224 3148 pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0224 3148 pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0224 3148 PEAUTH ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0224 3148 PEAUTH ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0224 3148 PerfHost ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0224 3148 PerfHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0224 3148 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0224 3148 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0224 3148 Processor ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0224 3148 Processor ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0239 3148 ql2300 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0239 3148 ql2300 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0239 3148 ql40xx ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0239 3148 ql40xx ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0239 3148 QWAVE ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0239 3148 QWAVE ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0239 3148 QWAVEdrv ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0239 3148 QWAVEdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0239 3148 RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0239 3148 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0239 3148 RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0239 3148 RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0255 3148 RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0255 3148 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0255 3148 rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0255 3148 rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0255 3148 RDPENCDD ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0255 3148 RDPENCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0255 3148 RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0255 3148 RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0255 3148 RFCOMM ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0255 3148 RFCOMM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0255 3148 RimUsb ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0255 3148 RimUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0255 3148 RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0271 3148 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0271 3148 rspndr ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0271 3148 rspndr ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0271 3148 RTL8169 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0271 3148 RTL8169 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0271 3148 RTSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0271 3148 RTSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0271 3148 sbp2port ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0271 3148 sbp2port ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0271 3148 SBSDWSCService ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0271 3148 SBSDWSCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0271 3148 secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0286 3148 secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0286 3148 seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0286 3148 seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0286 3148 SENS ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0286 3148 SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0286 3148 Serenum ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0286 3148 Serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0286 3148 Serial ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0286 3148 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0286 3148 sermouse ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0286 3148 sermouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0286 3148 SessionEnv ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0286 3148 SessionEnv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0302 3148 sffdisk ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0302 3148 sffdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0302 3148 sffp_mmc ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0302 3148 sffp_mmc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0302 3148 sffp_sd ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0302 3148 sffp_sd ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0302 3148 sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0302 3148 sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0302 3148 SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0302 3148 SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0302 3148 SiSRaid2 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0302 3148 SiSRaid2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0317 3148 SiSRaid4 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0317 3148 SiSRaid4 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0317 3148 SkypeUpdate ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0317 3148 SkypeUpdate ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0317 3148 SNMPTRAP ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0317 3148 SNMPTRAP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0317 3148 sptd ( LockedFile.Multi.Generic ) - skipped by user
12:18:43.0317 3148 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
12:18:43.0317 3148 SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0317 3148 SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0317 3148 STHDA ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0317 3148 STHDA ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0333 3148 Symc8xx ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0333 3148 Symc8xx ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0333 3148 Sym_hi ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0333 3148 Sym_hi ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0333 3148 Sym_u3 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0333 3148 Sym_u3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0333 3148 SynTP ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0333 3148 SynTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0333 3148 tap0901 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0333 3148 tap0901 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0333 3148 TBS ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0333 3148 TBS ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0333 3148 TcUsb ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0333 3148 TcUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0349 3148 TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0349 3148 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0349 3148 TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0349 3148 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0349 3148 THREADORDER ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0349 3148 THREADORDER ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0349 3148 TIEHDUSB ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0349 3148 TIEHDUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0349 3148 TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0349 3148 TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0349 3148 tssecsrv ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0349 3148 tssecsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0364 3148 uagp35 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0364 3148 uagp35 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0364 3148 UI0Detect ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0364 3148 UI0Detect ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0364 3148 uliahci ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0364 3148 uliahci ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0364 3148 UlSata ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0364 3148 UlSata ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0364 3148 ulsata2 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0364 3148 ulsata2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0364 3148 umbus ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0364 3148 umbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0380 3148 upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0380 3148 upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0380 3148 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0380 3148 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0380 3148 usbcir ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0380 3148 usbcir ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0380 3148 usbohci ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0380 3148 usbohci ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0380 3148 usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0380 3148 usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0380 3148 usbvideo ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0380 3148 usbvideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0380 3148 UVCFTR ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0395 3148 UVCFTR ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0395 3148 vga ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0395 3148 vga ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0395 3148 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0395 3148 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0395 3148 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0395 3148 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0395 3148 vsmraid ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0395 3148 vsmraid ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0395 3148 WacomPen ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0395 3148 WacomPen ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0395 3148 Wd ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0395 3148 Wd ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0395 3148 WdiServiceHost ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0395 3148 WdiServiceHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0411 3148 WdiSystemHost ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0411 3148 WdiSystemHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0411 3148 wlidsvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0411 3148 wlidsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0411 3148 WPFFontCache_v0400 ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0411 3148 WPFFontCache_v0400 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0411 3148 ws2ifsl ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0411 3148 ws2ifsl ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:43.0411 3148 YahooAUService ( UnsignedFile.Multi.Generic ) - skipped by user
12:18:43.0411 3148 YahooAUService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:53.0489 4500 Deinitialize success

#12
pyaarawala

Posted 19 December 2012 - 02:13 AM

Member

Topic Starter
Member
29 posts

After MBAM scan:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.19.02

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.19393
pyaarawala :: PYAARAWALA-PC [administrator]

12/19/2012 12:22:00 PM
mbam-log-2012-12-19 (12-22-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 216814
Time elapsed: 8 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FDAEAB93-6DC0-4A63-81C6-95C88ED36F6A} (Adware.Sogou) -> Quarantined and deleted successfully.
HKCU\Software\SogouExplorer (Adware.Sogou) -> Quarantined and deleted successfully.
HKLM\Software\SogouExplorer (Adware.Sogou) -> Quarantined and deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SogouExplorer (Adware.Sogou) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 20
C:\Program Files (x86)\Funshion Online (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funshion Online\Funshion (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funshion Online\Funshion\control (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funshion Online\Funshion\icon (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\backup (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\Baiduflash (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\Baiduflash\subflash (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\Cacheflash (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flash (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashStamp (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\historyTorrent (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\media (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\media\火影忍者 (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\screensave (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\Seed (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\update (PUP.Funshion) -> Quarantined and deleted successfully.

Files Detected: 120
C:\Users\pyaarawala\Downloads\FunshionInstall2.4.2.47.exe (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\Downloads\ifreevpn2.221.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Windows\System32\funshion.ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\funshion.ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion.ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funshion Online\Funshion\FunShion.ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funshion Online\Funshion\FunshionGame2.ico (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funshion Online\Funshion\FunshionService.diagnose (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funshion Online\Funshion\Funshop2.ico (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funshion Online\Funshion\control\1313745408_18524595_1300078295_711.dat (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funshion Online\Funshion\control\1313745408_18524595_1300078295_711.fsp (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funshion Online\Funshion\control\1313745408_834fd3dade781a8.json (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funshion Online\Funshion\icon\MP4.ico (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funshion Online\Funshion\icon\RMVB.ico (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\history.txt (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\Cacheflash\blankFs.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\Cacheflash\donghuanew_18.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flash\980EF71B_C41B_511C_2591_1C44D72C2CEC.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\0068DC12_CD00_1563_BC27_03866ED2CD35.date1317008863.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\03A82CA4_D64C_F517_6BE6_00E15D23488B.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\03EDAB09_6BFF_FB78_1916_CFC64C6B1255.date1315673234.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\03F3525F_0615_BA6E_54E0_942C518E35D8.date1316481740.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\04C66822_7097_DF71_D71F_449B038C28F7.date1315060984.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\0C83D751_4C75_690D_44B4_960FBAC979A2.date1314724344.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\18680DB1_D7A3_8B90_AD69_CD4115C515C6.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\1906CB4D_1A26_C3C3_896E_58F40B7ECA77.date1315542428.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\19B141B3_1D23_4FB4_432F_49E9E5C8B729.date1316578758.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\228B58CE_9CC0_3B99_2647_09BC77674226.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\234C98AB_9374_BF9E_840B_4122F50CF336.date1315912254.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\264D50CD_A83B_6DDA_C333_83B47FC3251D.date1317008863.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\2896936A_BB80_7AF7_9625_BF225BD17B91.date1315060984.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\2E1CD985_1E12_05D8_57CE_272E56953827.date1316824636.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\2EB58119_FAEA_2DAC_429B_F93946B0C50B.date1314512262.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\2F6954B4_C412_87CC_7381_B78CA37F571B.date1316578758.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\2FF0D6B9_143C_4483_944B_DB5CFAA55AC6.date1316578758.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\31180903_0A7F_871E_76FD_571DCB44BEBD.date1314847937.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\3477EAEE_5851_7C24_2DB2_58B155F82BC2.date1316739141.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\3567D1A2_F901_BF5D_9D97_72243B217C9B.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\3662B6B0_59CF_7BAC_0AF6_C099393F060D.date1316315828.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\3C7B1257_3160_714C_4E00_01379716C6E7.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\4129E73B_A9F2_0E7F_A6C0_E24019D10024.date1315972688.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\49D0800D_628C_C634_1776_3AA5CE047715.date1315710220.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\4B10F36D_C182_E89C_A55B_0081946B0A35.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\4B2C4ADF_EDFF_DB90_050F_6DD44AFCF131.date1315620021.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\4F3FF4BC_1249_1FA8_B091_6F85D5F7B72D.date1314512262.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\51B568A9_4005_13BB_5B23_C1115C3DB637.date1315194747.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\5A6EBF8C_5C0F_8D70_6029_68BBB414DF95.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\5ED99BEA_6E51_14A5_0076_FFD6BE3F6EF0.date1314847937.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\62A11B7D_F55D_9E15_EE0B_CDA1C446FEA0.date1316131204.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\6611EF8A_3285_0164_8CD3_999D3008ECBD.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\6869AD51_1CA1_B4EB_DB06_14E5F37EEE75.date1316824636.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\71790E4B_EF07_3123_3F48_201169CCA76A.date1316824636.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\7701C9AD_C2AD_67E2_43F1_C163135C904F.date1314512262.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\793124E4_D641_E360_8564_CDF792985CE3.date1314847937.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\7C6BEC90_8592_B790_D2D8_B4293C15D4F8.date1314512262.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\7DE5BE99_8132_ED1A_29AB_331FD76219EC.date1316242791.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\849FDB5A_5F7E_9B08_346F_B766ABF3F6D8.date1316824636.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\89634A54_922E_5E30_8633_E89A4CE8B964.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\8BA632F3_4827_8B6B_F543_A3EB6E563A57.date1317008862.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\91778191_BF36_4A78_C28B_ED7EA446C3C6.date1316315828.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\95413133_62A4_FF6A_0E62_224E57AE11AE.date1315542427.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\97B093AB_FEB5_B409_CFE4_2B12949E5604.date1315194747.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\9958486E_2104_F6B2_569F_ACB77DD632A3.date1317008862.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\9B5184C4_AAC7_6AA1_8C02_F64522E773DF.date1317008862.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\9CE2CEC8_0C03_81A1_14FC_0C168DA6ABE7.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\A03AFC88_B67E_EDD3_9D58_F87DA2945FDF.date1314847937.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\A2AB4E81_9905_7499_5A67_35077CD2AEEB.date1314592872.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\A46E2075_467C_16D1_F293_CBBD4BC44AA6.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\A552C355_136A_6CDD_7CB5_4FEBB191DA36.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\A7848625_82DF_1C1A_3B31_37562220CC96.date1316152719.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\A9E30E5C_E87D_17FA_C1CE_F71795085FD6.date1315194747.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\AA30BD5F_504D_6E0C_A1C8_6DCC1649036F.date1317008862.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\AA50ECC6_F907_B1B2_D98F_7112AAD7FA2F.date1316394040.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\ABB36982_1F85_FC7E_0659_7BFD45BF403C.date1316242791.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\AD131BE3_9EB6_D597_5D85_D399D30172E5.date1314847937.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\B2312566_D832_A2A7_5A39_2D4B13E1BF61.date1315359542.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\B2DCE6AC_E920_1541_757E_FCD99AD6AA49.date1316824636.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\BFB3B014_4201_E0EA_936B_59F3EAB774D2.date1316578758.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\C06A52E9_222E_C57D_1593_BE2EEA6D0318.date1314847937.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\C83499FC_F128_BFB2_C102_0B3496314E58.date1315542427.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\C92B8419_4933_732E_057A_63189968CB59.date1314512262.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\C9512770_E5B0_EF2D_98A0_6791E9834AAD.date1315359542.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\C9ECA6AC_C7C2_E9C7_E2E7_D19A2F28560C.date1316058300.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\CA3C4BBB_DE69_3E97_4F56_4FFD00F19D77.date1315060984.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\D51DE5EE_3362_69A4_A90B_CAAB5CA38C99.date1317008862.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\DAD59071_CFE3_99B0_5C4C_67AB7FC8A759.date1315972688.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\DB6E42F4_C885_A461_06B6_CA7C5ED6D9A7.date1314847937.flv (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\DD24D73E_60DC_D6F1_6909_C3B09764F10A.date1315710220.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\DE1D3734_1D94_F803_A288_D498FE2F01A9.date1315710220.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\DE5EC513_01BB_A372_29D1_C6AF48DEF0DB.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\DEFE2F9B_34BC_6D2C_8CFD_EA2AB9C0DA6F.date1315972688.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\E089675A_8F6C_25C6_2106_67F182C73834.date1314847937.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\E0CE1E22_E0E0_E5A9_3E92_DB0E5FC5E9A7.date1316058300.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\E1E11714_F4BF_7642_CB06_6EFB34609194.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\E46B7C6F_905C_B8E3_B495_C524FEF1EE23.date1314847937.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\EEFB3A42_EA68_A680_C8D0_F4503BAC4E02.date1314724344.flv (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\F037B857_4C94_91CB_120D_F537CB316FCD.date1316180629.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\F19E354E_023A_1660_9AC6_EDB84AE93498.flv (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\F3B327E2_4CAB_B2A1_C85B_5F169A608FEF.date1316152719.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\F977627B_ECA4_62ED_C575_B0DCDC393AC3.date1315359542.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\FB47507B_1A4D_5F18_EA20_DB0E1B9A977B.date1314724344.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\FB80A9DC_BC19_DBEB_029C_5C54A087DB1F.date1316152719.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\FD1E34A1_2C5F_ADC2_58D1_6E8C5D22FC29.date1314592872.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\cache\flashNew\FDF93623_E0F5_EBAC_327F_FFD4B473752D.date1316315828.swf (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\ini\httpfile.ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\ini\temp_config.ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\media\Install Latest Funshion.lnk (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\media\Start Funshion.lnk (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\media\火影忍者\火影忍者国语版-第1集.rmvb.fc! (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\update\AdLinkParamFile.fax (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\update\ad_define.fai (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\update\ad_define.fai.bak (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\update\ad_material.fax (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\update\flashnew.json (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\update\flashParam.txt (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\update\flashParam.txt.bak (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\update\Pop Game.lnk (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\update\popwind.json (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\update\Shopping Sites.lnk (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\pyaarawala\funshion\update\updatexmlfile.txt (PUP.Funshion) -> Quarantined and deleted successfully.

(end)

#13
pyaarawala

Posted 19 December 2012 - 02:56 AM

Member

Topic Starter
Member
29 posts

After VEW.exe:

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 19/12/2012 4:55:07 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 19/12/2012 8:47:41 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: Beep

Log: 'System' Date/Time: 19/12/2012 8:47:31 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The int15 service failed to start due to the following error: A device attached to the system is not functioning.

Log: 'System' Date/Time: 19/12/2012 8:47:05 AM
Type: Error Category: 403
Event: 412 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service failed to launch tasks triggered by computer startup. Additional Data: Error Value: 2147942402. User Action: restart task scheduler service.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 19/12/2012 8:44:56 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

#14
pyaarawala

Posted 19 December 2012 - 02:58 AM

Member

Topic Starter
Member
29 posts

After VEW.exe but selecting Application:

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 19/12/2012 4:57:40 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 19/12/2012 8:49:01 AM
Type: Warning Category: 0
Event: 6 Source: Microsoft-Windows-CAPI2
Reached crypt32 threshold of 50 events and will suspend logging for 60 minutes.

Log: 'Application' Date/Time: 19/12/2012 8:44:52 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-3947582213-1791406327-2745404233-1000_Classes:
Process 1444 (\Device\HarddiskVolume2\Windows\System32\spoolsv.exe) has opened key \REGISTRY\USER\S-1-5-21-3947582213-1791406327-2745404233-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

#15
pyaarawala

Posted 19 December 2012 - 03:43 AM

Member

Topic Starter
Member
29 posts

Final OTL scan: Extras.txt

OTL Extras logfile created on: 12/19/2012 4:59:02 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\pyaarawala\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19393)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.99 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 51.22% Memory free
8.16 Gb Paging File | 6.16 Gb Available in Paging File | 75.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.09 Gb Total Space | 57.58 Gb Free Space | 19.99% Space Free | Partition Type: NTFS

Computer Name: PYAARAWALA-PC | User Name: pyaarawala | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWOW64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\SysWOW64\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = F4 80 04 35 E3 3C CA 01 [binary data]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03DE553B-1328-406A-8029-8D8659DBF108}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0454A344-D6E9-4EAC-BACE-14D460714271}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1C854387-1F6C-415D-A434-0425D8E74ABD}" = lport=445 | protocol=6 | dir=in | app=system |
"{2DB260F9-856F-4F82-B665-2348DF43F643}" = rport=445 | protocol=6 | dir=out | app=system |
"{2EE3992A-86B5-4354-944C-CE61B7677782}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{36D37A10-E6BC-4681-B439-2B5EF671325D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3E638216-A9F6-4C7B-930F-57820948F0A1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{49A65992-A6A6-467C-9513-FF3DE1785A6F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{54172E6A-CD6D-4320-804F-49F2E6EA24E3}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5A93AA1E-BFBB-4C98-9B71-A624B3484AED}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{7065D730-AEAC-4B77-92F1-816522AABEED}" = rport=137 | protocol=17 | dir=out | app=system |
"{74265EB8-78A2-4353-9344-543F073F5AF4}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8252842E-D65F-4CA9-8797-062A15F22FF7}" = rport=139 | protocol=6 | dir=out | app=system |
"{9B6117E5-3D3D-4FA9-B5D0-714B33A3832E}" = lport=137 | protocol=17 | dir=in | app=system |
"{9F11B37B-F215-42B6-A735-A74EC6B1229F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{A3E51760-FBBA-4449-97E1-BAD2850DE07A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B5A241D5-F4E8-4C3F-8AA2-C0C57C648142}" = rport=138 | protocol=17 | dir=out | app=system |
"{BEBA07D4-4B4C-4C23-A4D0-A7E7DE2A2589}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BF5E40D0-05B3-4FCA-8324-79A7E9248F0E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C014C332-B3D1-4D67-8776-FB927D31E1C1}" = lport=138 | protocol=17 | dir=in | app=system |
"{C6F10AEF-5E8D-4269-A494-481FB9A9AC89}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D8762290-1F7C-4074-A57F-86890289F3DB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E1A1ECAF-AFB2-45CB-9BF3-4466306B422D}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00585A8D-9A84-494E-B54E-00CCE65E5BAE}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{00A48E99-A352-4768-895E-116D26FAFA79}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{02F9FFD2-A3D4-4275-A552-C2639C3EBD1B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{03A10DA0-2B31-4C51-AD3D-FD572373B421}" = protocol=58 | dir=out | [email protected],-28546 |
"{03F260BD-EACD-48BB-9A9E-ECDDF6CEE40B}" = protocol=6 | dir=in | app=c:\program files (x86)\tencent\qq\bin\auclt.exe |
"{043CB1A9-956C-4263-A97A-23C0BB54D3E6}" = protocol=58 | dir=in | [email protected],-28545 |
"{0C17BD62-B8FE-4D3B-B899-8E55BB70DBAC}" = protocol=6 | dir=in | app=c:\program files (x86)\tencent\qq\bin\qq.exe |
"{0F63F68C-A94E-4348-8872-C1C664676056}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{16A874E2-7DD6-417D-BDD7-60A10AFC9422}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{19898D76-AA50-4A56-908C-1A5CAEAC8609}" = protocol=6 | dir=in | app=c:\users\pyaarawala\appdata\roaming\tencent\qq\stemp\setupex~0\qqsetupex.exe |
"{1F6343F2-79EC-41B5-AA9B-42212276286F}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{202E4200-FE84-4F1F-86CD-F3D525E40CAA}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{2AE42F1D-6218-4F72-86F5-2995142A13E9}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{34E4B4FB-A2BA-4430-8F8A-2A0075EA160F}" = protocol=17 | dir=in | app=c:\program files (x86)\tencent\qq\bin\qq.exe |
"{446F68AC-86A1-455F-80BF-F568FD83F9E4}" = protocol=6 | dir=in | app=c:\program files (x86)\sogouexplorer\sogouexplorer.exe |
"{4934BF77-2B29-4EF9-9AD1-52C4344313C0}" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{4F4A27C1-EB04-44E3-82E0-C350E6A6BA5B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{52923B39-15BB-4BF9-B5AD-DA7428AD1859}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{59757E3E-E76C-4A83-ADCD-10FA73A16E9E}" = protocol=6 | dir=in | app=c:\program files (x86)\tencent\qq\bin\qqimedownload.exe |
"{6437D420-0C1C-4210-AFF6-2B4D5F102276}" = protocol=17 | dir=in | app=c:\program files (x86)\tencent\qq\bin\auclt.exe |
"{68102243-B5BA-425B-93E0-54E8CB5647AC}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{7F4B4D81-426F-4F90-8448-EE2904317CB0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{807470FC-F9C5-442E-9CCC-6D134710D309}" = protocol=1 | dir=out | [email protected],-28544 |
"{82FDDDD9-6059-40BB-94E6-639CF9AC27B2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8644286B-B9FD-47B7-9FBB-FCBBE9F7A00A}" = protocol=6 | dir=in | app=c:\program files (x86)\tencent\qq\bin\setupex\qqsetupex.exe |
"{89E6EDE9-D1C3-4EB7-8755-50C7EA70A218}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{8CFF703E-9D8A-4052-9F7D-DA18D5FA5B12}" = protocol=17 | dir=in | app=c:\program files (x86)\tencent\qq\bin\setupex\qqsetupex.exe |
"{99CDB4BC-AC4A-48C5-A872-E09180A2B8CD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9C4625B7-C999-43B5-B8F3-307FE882B374}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9D0B028A-7FF9-487F-8714-0D2316900E33}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{A3906711-D35D-43E1-AE33-BCD268A68A4E}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{AAA79CF4-B2E5-49AB-A24B-4CFA1317BFF5}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{B005F72C-91E2-4E43-B57A-A92F8372D6FA}" = protocol=17 | dir=in | app=c:\program files (x86)\tencent\qq\bin\qqimedownload.exe |
"{B3313368-0AC2-4381-BAAB-FF59927BDA17}" = protocol=1 | dir=in | [email protected],-28543 |
"{BACAAD2B-68F6-421D-BF9F-5E8F4002EA29}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{BCBE4FD4-AA0F-4D43-AFA8-5E5A43CDF4D8}" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{BE68E631-1CCF-46BB-9C66-56432E36E88A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{BE9EBA4C-63DC-4AC3-A3BC-2FD38E76E313}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C4546CD5-3254-4FBD-BE30-F40B76A23B19}" = protocol=17 | dir=in | app=c:\program files (x86)\sogouexplorer\sogouexplorer.exe |
"{C75C499F-5353-45D0-8421-5B2E6880C199}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{C9170405-CC7D-4A2F-8635-C55C1F0CD4CD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DD6CCFD7-D620-4C40-AFAF-4F6FAA85C6A8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{E81E8B1D-FA02-4224-BA27-A6040B0BA9D4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EA0B7245-5EC3-45D7-A42E-B858281A012C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F9F91E04-4EC4-4E06-9CCA-A09DEA3759F0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"TCP Query User{35A37A50-191B-4949-B282-23A8B3E425C4}C:\users\pyaarawala\documents\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\users\pyaarawala\documents\counter-strike\hl.exe |
"TCP Query User{40D53FCD-498B-4293-9705-C81040AFC619}C:\program files (x86)\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"TCP Query User{5C6D5FC1-4F47-4792-955A-19DBE5DCE0CA}C:\program files\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"TCP Query User{7666BF8C-7B1E-4246-9369-986E0207E626}C:\program files (x86)\tencent\qq\bin\qq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tencent\qq\bin\qq.exe |
"TCP Query User{7FA6D7E0-8756-4C55-A887-040FDA74F97E}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"TCP Query User{886A9FA5-DB4E-4711-B413-51F8E69BC43A}C:\program files\counter strike 1.6 v36.1\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter strike 1.6 v36.1\hl.exe |
"TCP Query User{9C8FDED0-A466-4FA5-8017-1274F30A4C3C}C:\program files (x86)\steam\steamapps\pyaarawala\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\pyaarawala\counter-strike\hl.exe |
"UDP Query User{6D133216-BC74-4A87-852A-BEC17B14AFC4}C:\program files (x86)\steam\steamapps\pyaarawala\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\pyaarawala\counter-strike\hl.exe |
"UDP Query User{6FECBC8F-1BB9-46C6-9DA0-27D22F91F215}C:\program files\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"UDP Query User{9D11FAFB-AE90-47D9-912A-CFAD42A59E4E}C:\users\pyaarawala\documents\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\users\pyaarawala\documents\counter-strike\hl.exe |
"UDP Query User{C1766A75-658D-4F76-8681-E67826007EF5}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"UDP Query User{CA800D6D-D4D9-405B-AE05-2302FA42D937}C:\program files (x86)\tencent\qq\bin\qq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tencent\qq\bin\qq.exe |
"UDP Query User{DB81BD40-41CB-4FC8-922D-5A8EAD5E3CEE}C:\program files (x86)\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"UDP Query User{F559D390-70FE-4960-A883-71FA5CA460F6}C:\program files\counter strike 1.6 v36.1\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter strike 1.6 v36.1\hl.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{819CA3BC-2FF8-4811-B42F-421F7BFD3559}" = HP Deskjet F2400 All-in-One Driver 14.0 Rel. 6
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2289997-10A3-48F2-AA03-99180D761661}" = Protector Suite QL 5.6
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"7511B29C86C398B4D11A0B0E4176CAD68D1B7057" = Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1)
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"EC3E466026556D3EB760B01C4772277614354E11" = Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0)
"HDMI" = Intel® Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052B4734-CD9B-468F-B25D-D1E136B2C95A}" = Ad-Aware
"{052CFB79-9D62-42E3-8A15-DE66C2C97C3E}" = 腾讯QQ2010
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07D8511D-C9FE-4A93-933F-EAA5C8F20095}" = IDT Audio
"{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}" = Splinter Cell Pandora Tomorrow
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{34FF0741-EC67-4C05-AC2A-6D257123DF2E}" = BigFix
"{39098402-3F7A-4257-A4AE-FC1181D1B40B}" = Camera Assistant Software for Gateway
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{43D16DA8-BF42-3C62-89D3-3AD47829DC2E}" = Google Talk Plugin
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5546F4E9-B0F4-4F54-B949-2AB006C9284F}" = DJ_AIO_06_F2400_SW_Min
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93156467-FD99-4A30-9CA5-8563F4BB8DB3}" = icbc_netbank_client_controls
"{932D0FC7-6DF1-4136-A2EC-166E8DEFD6A4}" = Ad-Aware
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F07AE5AB-516C-4CEB-A0AA-AD083B9182C6}" = TI NoteFolio Creator
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"½»ÐÐÍøÒø°²È«ÊäÈëÈí¼þ" = ½»ÐÐÍøÒø°²È«ÊäÈëÈí¼þ 3.0
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIM_7" = AIM 7
"AlipaySecControl" = Alipay security control 2.5.0.3
"AsUninst.exe" = Anvil Studio
"avast" = avast! Free Antivirus
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner (remove only)
"China UnionPay SecEditor" = China UnionPay SecEditor 1.0.4.6
"Cool Edit Pro 2.1" = Cool Edit Pro 2.1
"Counter Strike 1.6 V36.1 C'zrd" = Counter Strike 1.6 V36.1 C'zrd
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 5.0.11.504
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Home Sweet Home 2 Kitchens and Baths1.02" = Home Sweet Home 2 Kitchens and Baths
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICBC_MW_UShield2" = Guide to ICBC USB-Shield program (Minghua) Uninstall
"iLivid" = iLivid
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mobile Card" = Mobile Card
"Money2007b" = Microsoft Money Essentials
"Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OJOsoft Audio Converter_is1" = OJOsoft Audio Converter
"OpenVPN" = OpenVPN 2.2.2
"PDG9_is1" = Print Designer GOLD 9.5.0.0
"Starcraft" = Starcraft
"Steam App 10" = Counter-Strike
"StepMania" = StepMania 3.9b (remove only)
"Trillian" = Trillian
"Veoh Web Player Beta" = Veoh Web Player
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.5
"WildTangent gateway Master Uninstall" = Gateway Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Wise Disk Cleaner_is1" = Wise Disk Cleaner 6.15
"Wise PC Engineer_is1" = Wise PC Engineer 6.3.8
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 6.14
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.9.5

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe" = SanDiskSecureAccess_Manager.exe
"BitTorrent" = BitTorrent
"GoToMeeting" = GoToMeeting 4.5.0.457
"Move Media Player" = Move Media Player

========== Last 20 Event Log Errors ==========

[ Media Center Events ]
Error - 4/29/2009 11:33:42 PM | Computer Name = pyaarawala-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/7/2009 11:43:20 PM | Computer Name = pyaarawala-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/23/2009 1:53:34 AM | Computer Name = pyaarawala-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 8/26/2009 5:29:14 PM | Computer Name = pyaarawala-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 2/1/2010 8:34:12 PM | Computer Name = pyaarawala-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 2/14/2010 2:52:16 PM | Computer Name = pyaarawala-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ OSession Events ]
Error - 5/16/2011 11:09:16 AM | Computer Name = pyaarawala-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.

Error - 5/25/2011 2:21:07 AM | Computer Name = pyaarawala-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 41
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/6/2011 10:28:38 PM | Computer Name = pyaarawala-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 32
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/14/2011 11:20:44 AM | Computer Name = pyaarawala-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/14/2011 11:22:02 AM | Computer Name = pyaarawala-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 21
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/14/2011 11:22:29 AM | Computer Name = pyaarawala-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/23/2011 6:33:46 AM | Computer Name = pyaarawala-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/24/2011 6:06:38 AM | Computer Name = pyaarawala-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/31/2011 5:32:52 AM | Computer Name = pyaarawala-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/31/2011 5:34:06 AM | Computer Name = pyaarawala-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 12/19/2012 4:47:05 AM | Computer Name = pyaarawala-PC | Source = Microsoft-Windows-TaskScheduler | ID = 412
Description =

Error - 12/19/2012 4:47:31 AM | Computer Name = pyaarawala-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 12/19/2012 4:47:41 AM | Computer Name = pyaarawala-PC | Source = Service Control Manager | ID = 7026
Description =

< End of report >

Edited by pyaarawala, 19 December 2012 - 03:43 AM.