# Solved: latest java update 7.0.21



## jetsguy (Feb 27, 2011)

Hi guys,Java desided they were going to update to a newer version anyway,it's not working lol,it's saying java runtime inviroment 7.0.21/java spdll is corrupt. I'm open to suggestions.Btw, I've contacted java followed their instructions (uninstall reinstall) still not working.Thanks 4 the help.


----------



## flavallee (May 12, 2002)

I've updated Java to version 7 Update 21 in several computers(XP, Vista, 7) without any problems. :up:

---------------------------------------------------------


----------



## jetsguy (Feb 27, 2011)

Thx 4 the reply flavallee,but this response is not helping my problem.As I said it was an automatic update then an error message saying "Java JRE 1.7.0.21/Java SPdll is corrupt"


----------



## Mark1956 (May 7, 2011)

I just tried it and got the same error.

My system is still on Version 7 Update 17, what happened to Update 18,19 & 20? My system is set to automatically update Java, so something strange is going on .

Not sure if it is connected but I ran SecurityCheck on an OP's system a couple of days ago and it showed he had Version 7 Update 21, but his installed programs list showed he had Version 7 Update 17 .

When I ran the test on the Java site to find what version I had it ended up showing "Web page not available", so looks like it's in a mess on the Java site.


----------



## jetsguy (Feb 27, 2011)

Thanks for your reply Mark1956,I really appreciate it. Thought it was a virus or something so I ran a complete check and everything is ok.What is up with Java anyway and why skip those other updates 18,19 20?


----------



## flavallee (May 12, 2002)

I don't enable and use the Java built-in automatic update feature. 

When a new update is released, I download and save it, then close all open browser windows, then install it.

The new version overwrites and replaces the old version.

----------------------------------------------------------

I didn't read anything from Oracle as to why versions 18, 19, and 20 were bypassed.

----------------------------------------------------------


----------



## Mark1956 (May 7, 2011)

Java has had its bad patches, after announcing that new updates would overwrite the old version (not sure what the version was when that change occured) it worked for a while and then further updates didn't overwrite the old one, all of a sudden it started to work again. They then had an Update that left a vulnerability and they had to quickly rush out another update, now they have skipped three versions and the story goes on.

Earlier today if I went to this site http://www.java.com/en/ using IE and I got a page unavailable, but now it is working.

Meanwhile I went to this link http://java.com/en/download/index.jsp using Google and the download worked and installed ok, so give that one a try. With all those versions skipped and the site being unavailable for a while I'd guess they have had some serious problems.


----------



## jetsguy (Feb 27, 2011)

Greetings, here is the latest, typed java version in command prompt(as administrator) heres what came up "java (version 1.7.0.21) is not recognized as an internal or external command,operable program or batch file" is there a way to fix this ? any advice is always appreciated thanks


----------



## flavallee (May 12, 2002)

This is the Java 7 download link that I normally use.

----------------------------------------------------------


----------



## Mark1956 (May 7, 2011)

Jetsguy, the command to get the version displayed is *Java -version* but even without the dash it has showed that you already have Update 21 installed. That should be problem solved,yes?


----------



## Mark1956 (May 7, 2011)

Flavellee, I always use the Java site http://java.com/en/download/index.jsp as it rules out human error when directing an OP to install an update as it is fully automatic, they can't choose the wrong version as is the case on the Oracle site where there are lots of different ones to choose from.

I am sure you have seen many OP's logs showing that a 64bit version of Java is installed which is only ever needed for IE 64bit which most folks don't even know exists. A lot of OP's would select the 64bit version of Java as they assume they have to have that for 64bit Windows which, as I am sure you know, is not the case. On the Java site the selection is made for them so there is no chance of them getting the wrong one.


----------



## flavallee (May 12, 2002)

I see your point, Mark.

I should clarify that it's the site that *I* normally use, but not the site that I refer others to here.

----------------------------------------------------------


----------



## Mark1956 (May 7, 2011)

:up:


----------



## jetsguy (Feb 27, 2011)

To both Mark1956 and Flavallee, thanks for the heads up. Now, when I type java version(with or without the hyphen) it says java not recognized as I stated.In other words no version is recognized as being installed. BTW I've also did a system restore to no avail.


----------



## captainron276 (Sep 11, 2010)

To help us help you,please use the TSG System Info tool to let Tech's know the specs of your computer: http://static.techguy.org/download/SysInfo.exe Copy and paste the results here in your thread. *You can use the TSG Info to fill in your computer information in your user profile as well.*

Also, if its a brand name system like an Acer,Dell or HP, please post the exact model of the system.


----------



## jetsguy (Feb 27, 2011)

My pc is Dell,Inspiron56Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 3036 Mb
Graphics Card: Intel(R) G45/G43 Express Chipset, 1294 Mb
Hard Drives: C: Total - 466780 MB, Free - 412531 MB;
Motherboard: Dell Inc., 018D1Y
Antivirus: PC Cleaners, Updated: Yes, On-Demand Scanner: Disabled0


----------



## Mark1956 (May 7, 2011)

I just removed Version 7 Update 21 and tried a few tests, I got the same error again, I then deleted the folder that the error relates to and it installed without a hitch.

Open Windows Explorer and navigate to this folder:
C:\Windows\Users\NAME\Appdata\LocalLow look for and delete the Sun folder. If there is also an Oracle folder, delete that also.
Then run the installer again.

NOTE: You must substitute NAME in the instructions above with your user name.


----------



## captainron276 (Sep 11, 2010)

Be careful using your PC Cleaner. Please check this out from another one of our trusted Advisers/Tech's. Mark and Frank can recommend a good alternative for you 



> Quote from Phantom010
> 
> You should avoid Registry Cleaners, Boosters, Optimizers, TuneUp Utilities... This type of software will do a lot more harm than good, and should only be used by advanced users who really know their way around the registry. Never to be used blindly on "Auto" mode. Most members coming here with WEIRD symptoms had their computer messed up by malware and/or registry cleaners. These utilities do not only remove what "they think" are orphan entries in the registry but legitimate files still in use will be deleted in the process, crippling some programs and Windows applications beyond repair. In a word, it's a scam.
> 
> ...


----------



## Mark1956 (May 7, 2011)

Yup, PC Cleaners is certainly not the best software to have protecting your PC. I would recommend uninstalling it and using this excellent free Anti Virus from Microsoft: Microsoft Security Essentials


----------



## jetsguy (Feb 27, 2011)

I've got Avast antivirus installed.(what pc cleaner?)Got a virus from microsoft security essentials so I wouldn"t use it.If you know something better than Avast I'm all ears.What does this have to do with my original question on Java update?


----------



## flavallee (May 12, 2002)

> Tech Support Guy System Info Utility version 1.0.0.2
> OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
> Processor: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz, Intel64 Family 6 Model 23 Stepping 10
> Processor Count: 2
> ...


I've seen a number of TSGSIU logs submitted that show "PC Cleaners" as the antivirus program when something else is actually installed, so I don't know if this is a glitch in the app.

----------------------------------------------------------


----------



## jetsguy (Feb 27, 2011)

Greetings, I'm open to suggestions Flavallee,how can I know which is needed and which isn't or better yet what may or may not be malware,adware,a possible virus, trojan,etc? Thanks for the tip/help.


----------



## flavallee (May 12, 2002)

What are the names of any other security-related apps, besides Avast, that you currently have installed in your computer?

---------------------------------------------------------


----------



## jetsguy (Feb 27, 2011)

Besides Avast,the only other program I have is malwarebytes.


----------



## flavallee (May 12, 2002)

*Malwarebytes Anti-Malware*
*SUPERAntiSpyware*
*AdwCleaner*
are what I have in my arsenal to combat malware, spyware, rogues, hijackers, adware trackers, and other threats.
They're all free, and they all work well for me. :up:

----------------------------------------------------------


----------



## Mark1956 (May 7, 2011)

I have other people I am helping who are experiencing similar problems with Java so I would wait a few days for them to sort things out, the Java download page is presently unavailable.

Microsoft Security Essentials is an excellent and highly recommendable program, as with all AV's what one will miss another will find so don't consider it to be a bad program just because it let one infection in, the same could just as easily happen with Avast, nothing is 100%.

I would suggest running this scan below and posting the logs so we can see what is on your system and advise you accordingly. There may be one or two other things that we can give advice on.

Please go Here and follow the instructions to run DDS, then *Copy and Paste* both the logs into your next reply. You need not run HJT or GMER.


----------



## jetsguy (Feb 27, 2011)

As requested logs were sent,if there are items that are not needed on pc please feel free to advise. Thanks


----------



## captainron276 (Sep 11, 2010)

> Please go Here and follow the instructions to run DDS, then Copy and Paste both the logs into your next reply. You need not run HJT or GMER.


Don't see the logs that you were to copy and paste?


----------



## Mark1956 (May 7, 2011)

Jetsguy, you just emailed me the logs I requested, please copy them into your next reply as they need to be in the thread, not in my email.


----------



## jetsguy (Feb 27, 2011)

My apologies: 
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 4/25/2011 7:36:42 PM
System Uptime: 4/22/2013 8:00:01 AM (3 hours ago)
.
Motherboard: Dell Inc. | | 018D1Y
Processor: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz | CPU 1 | 3203/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 456 GiB total, 403.545 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SASDIFSV
Device ID: ROOT\LEGACY_SASDIFSV\0000
Manufacturer: 
Name: SASDIFSV
PNP Device ID: ROOT\LEGACY_SASDIFSV\0000
Service: SASDIFSV
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SASKUTIL
Device ID: ROOT\LEGACY_SASKUTIL\0000
Manufacturer: 
Name: SASKUTIL
PNP Device ID: ROOT\LEGACY_SASKUTIL\0000
Service: SASKUTIL
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SBRE
Device ID: ROOT\LEGACY_SBRE\0000
Manufacturer: 
Name: SBRE
PNP Device ID: ROOT\LEGACY_SBRE\0000
Service: SBRE
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: X5XSEx_Pr135
Device ID: ROOT\LEGACY_X5XSEX_PR135\0000
Manufacturer: 
Name: X5XSEx_Pr135
PNP Device ID: ROOT\LEGACY_X5XSEX_PR135\0000
Service: X5XSEx_Pr135
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: vsdatant
Device ID: ROOT\LEGACY_VSDATANT\0000
Manufacturer: 
Name: vsdatant
PNP Device ID: ROOT\LEGACY_VSDATANT\0000
Service: Vsdatant
.
==== System Restore Points ===================
.
RP927: 4/17/2013 4:07:32 PM - Before Little Registry Cleaner Registry Fix
RP928: 4/18/2013 11:52:40 AM - Removed Adblock IE 2.2
RP929: 4/20/2013 8:18:00 AM - Installed Java 7 Update 21
RP930: 4/20/2013 8:20:05 AM - Installed Java 7 Update 21 (64-bit)
RP931: 4/20/2013 9:24:38 AM - Removed Java 7 Update 21
RP932: 4/20/2013 9:25:47 AM - Removed Java 7 Update 21 (64-bit)
RP933: 4/20/2013 10:14:16 AM - Installed Java 7 Update 21
RP934: 4/20/2013 10:25:58 AM - Restore Operation
RP935: 4/20/2013 11:27:44 AM - Removed Adblock IE 2.2
RP936: 4/20/2013 2:17:34 PM - Removed Adblock IE 2.2
RP937: 4/20/2013 2:29:26 PM - Installed Java 7 Update 21
RP938: 4/20/2013 2:36:55 PM - Installed Java 7 Update 21 (64-bit)
RP939: 4/21/2013 5:27:05 AM - Garmin Express
RP940: 4/21/2013 5:28:04 AM - Garmin Express
RP941: 4/21/2013 7:39:46 AM - Removed Java 7 Update 21
RP942: 4/21/2013 7:40:47 AM - Installed Java 7 Update 21
RP943: 4/21/2013 1:33:42 PM - Restore Operation
RP944: 4/21/2013 3:04:26 PM - Installed Java 7 Update 21
RP945: 4/21/2013 3:29:01 PM - Removed Adblock IE 2.2
RP946: 4/21/2013 3:35:54 PM - Installed Java(TM) 6 Update 26
RP947: 4/21/2013 5:13:10 PM - Removed Java 7 Update 21
RP948: 4/21/2013 5:13:44 PM - Installed Java 7 Update 21
RP949: 4/21/2013 7:00:09 PM - Windows Backup
RP950: 4/22/2013 6:12:58 AM - Removed Java 7 Update 17 (64-bit)
RP951: 4/22/2013 6:15:39 AM - Removed Java(TM) 6 Update 26
RP952: 4/22/2013 6:18:59 AM - Installed Java 7 Update 21 (64-bit)
RP953: 4/22/2013 7:39:16 AM - Restore Operation
RP954: 4/22/2013 8:28:18 AM - RegRun Virus Scan
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 12.0
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Software Update
ATI Catalyst Install Manager
avast! Free Antivirus
Big Fish Games: Game Manager
Bing Bar
CCleaner
CDDRV_Installer
Cortona3D Viewer
D3DX10
Dell Dock
Dell Edoc Viewer
Dell Getting Started Guide
Dell Product Registration
Dell Support Center
Elevated Installer
EPSON NX410 Series Printer Uninstall
EPSON Scan
Fences
Garmin Express
Garmin Express Tray
Garmin Update Service
Gmail
Gold Miner Vegas
GoToAssist 8.0.0.514
Governor of Poker 2
Hauppauge TV Tuner Diagnostics (1.2.7076)
HCW85 Driver Installer
IHA_MessageCenter
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Intel(R) Rapid Storage Technology
Internet Explorer (Enable DEP)
Internet TV for Windows Media Center
IrfanView (remove only)
Java 3D 1.5.2
Java 7 Update 17 (64-bit)
Java 7 Update 21
Java Auto Updater
Java(TM) 6 Update 26
JavaFX 2.1.1
Junk Mail filter update
KhalInstallWrapper
Kingsoft Office 2012 (8.1.0.3036)
Little Registry Cleaner
Logon Screen
Malwarebytes Anti-Malware version 1.70.0.1100
MDL Chime/Chime Pro for Internet Explorer
MFC RunTime files x64
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Corporation
Microsoft LifeCam
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Movie Maker
Mozilla Firefox 20.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
Nitro Reader 3
Paint.NET v3.5.10
Photo Common
Photo Gallery
PlayReady PC Runtime amd64
Pogo Games
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
Realtek Ethernet Controller Driver
Redist
Season Match 2
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
swMSM
System Requirements Lab
System Requirements Lab for Intel
Unlocker 1.9.1-x64
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Visual Studio 2010 x64 Redistributables
Volume2 1.1.3
VS10Runtimex64
Vz In Home Agent
Windows 7 Codec Pack 4.0.1
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Xilisoft YouTube Video Converter
Yahoo! Messenger
ZoneAlarm LTD Toolbar
ZoneAlarm Security
.
==== Event Viewer Messages From Past Week ========
.
4/22/2013 8:00:44 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL SBRE tljkva Vsdatant
4/22/2013 8:00:39 AM, Error: Service Control Manager [7000] - The X5XSEx_Pr135 service failed to start due to the following error: The system cannot find the file specified.
4/22/2013 8:00:18 AM, Error: Service Control Manager [7001] - The TrueVector Internet Monitor service depends on the Vsdatant service which failed to start because of the following error: A device attached to the system is not functioning.
4/21/2013 3:10:05 PM, Error: Service Control Manager [7009] - A timeout was reached (60000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
4/21/2013 3:10:05 PM, Error: Service Control Manager [7000] - The Garmin Core Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/21/2013 1:39:58 PM, Error: Service Control Manager [7009] - A timeout was reached (60000 milliseconds) while waiting for the Windows Search service to connect.
4/21/2013 1:39:58 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/21/2013 1:39:28 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/21/2013 1:39:28 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
4/20/2013 5:34:38 AM, Error: Service Control Manager [7034] - The IHA_MessageCenter service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ======================


----------



## Mark1956 (May 7, 2011)

And the other log please.


----------



## Mark1956 (May 7, 2011)

I have just heard from someone else I was helping with the Java problem that it appears to have been fixed. I would suggest you uninstall all the versions you have before re-installing Update 21. You do not need the 64bit version unless you are using the 64bit version of IE, the bit rate of Java is not related to the bit rate of your version of Windows only the Browser being used.

There are a few things in your list of installed programs that should be removed , please post the DDS.txt log when ready.


----------



## jetsguy (Feb 27, 2011)

Greetings,thought I did them both.DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.21.2
Run by verna at 11:09:15 on 2013-04-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3037.1867 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
C:\Users\verna\Pogo Games\PGMTrusted.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Volume2\Volume2.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://bing.com/
uWindow Title = Internet Explorer, enhanced for Bing and MSN
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - 
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Volume2] C:\Program Files (x86)\Volume2\Volume2.exe
dRunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
dRunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoFolderOptions = dword:0
uPolicies-Explorer: HideSCAVolume = dword:0
uPolicies-Explorer: TaskbarNoNotification = dword:1
uPolicies-Explorer: NoWindowsUpdate = dword:0
uPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoFolderOptions = dword:0
mPolicies-Explorer: NoCustomizeThisFolder = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: dontdisplaylastusername = dword:1
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoVirtMemPage = dword:0
mPolicies-Windows\System: UseOEMBackground = dword:1
IE: Download with Xilisoft YouTube Video Converter - C:\Program Files (x86)\Xilisoft\YouTube Video Converter\upod_link.HTM
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {3CD12856-7A7B-4e4c-B53E-92DFDD44AFDE} - https://gmail.google.com
Trusted Zone: %20rsibanking.com
DPF: {15B782AF-55D8-11D1-B477-006097098764} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{ACF60AC7-71EF-4923-B2A9-61C087DED5F4} : DHCPNameServer = 192.168.1.1
Handler: cdl - <Clsid value has no data>
Handler: file - <Clsid value has no data>
Handler: ftp - <Clsid value has no data>
Handler: http - <Clsid value has no data>
Handler: https - <Clsid value has no data>
Handler: javascript - <Clsid value has no data>
Handler: local - <Clsid value has no data>
Handler: mailto - <Clsid value has no data>
Handler: mk - <Clsid value has no data>
Handler: res - <Clsid value has no data>
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\System32\wpdshserviceobj.dll
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
x64-Handler: cdl - <Clsid value has no data>
x64-Handler: file - <Clsid value has no data>
x64-Handler: ftp - <Clsid value has no data>
x64-Handler: http - <Clsid value has no data>
x64-Handler: https - <Clsid value has no data>
x64-Handler: javascript - <Clsid value has no data>
x64-Handler: local - <Clsid value has no data>
x64-Handler: mailto - <Clsid value has no data>
x64-Handler: mk - <Clsid value has no data>
x64-Handler: res - <Clsid value has no data>
x64-Notify: igfxcui - igfxdev.dll
x64-STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
x64-STS: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\fc9046ij.default\
FF - plugin: C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-03-17 13:02; [email protected]; C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-04-13 08:26; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\fc9046ij.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-2 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-2 178624]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-1-26 17720]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-4-10 21136]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-1-3 1025808]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-1-3 377920]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-1-3 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-1-3 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-4-21 45248]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-3-27 185176]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-12-16 13336]
R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-8-3 352248]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-3-5 230416]
R2 PGMTrusted;PGMTrusted;C:\Users\verna\Pogo Games\PGMTrusted.exe [2012-10-31 519920]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-8-9 38608]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2010-3-15 145408]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-12-13 36720]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 349800]
S2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-2-12 57856]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
S3 pppop;PPPoP WAN Adapter;C:\Windows\System32\drivers\pppop64.sys [2011-3-21 42528]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2012-12-25 15712]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-24 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-26 1255736]
.
=============== File Associations ===============
.
FileExt: .bat: Applications\notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.wsf: <filetype is not registered>
.
=============== Created Last 30 ================
.
2013-04-22 12:29:23 40208 ----a-w- C:\Windows\System32\Partizan.exe
2013-04-22 12:25:19 -------- d-----w- C:\ProgramData\RegRun
2013-04-22 12:25:12 2 --shatr- C:\Windows\winstart.bat
2013-04-22 12:25:03 -------- d-----w- C:\Program Files (x86)\UnHackMe
2013-04-21 21:14:06 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-19 16:32:38 -------- d-----w- C:\Program Files (x86)\Super Solitaire
2013-04-19 13:59:22 -------- d-----w- C:\Program Files (x86)\SlimCleaner
2013-04-18 10:33:53 -------- d-----w- C:\ProgramData\TreeCardGames
2013-04-18 10:32:52 -------- d-----w- C:\Users\verna\AppData\Roaming\TreeCardGames
2013-04-18 10:32:42 -------- d-----w- C:\Program Files (x86)\123 Free Solitaire
2013-04-13 19:24:32 -------- d-----w- C:\Users\verna\AppData\Local\MGTEK
2013-04-13 19:23:11 -------- d-----w- C:\ProgramData\MGTEK
2013-04-12 16:31:59 -------- d-----w- C:\Users\verna\AppData\Roaming\Open Download Manager
2013-04-10 14:05:54 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-10 09:50:10 21136 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2013-04-10 09:35:19 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-04-10 09:35:17 1655656 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 09:35:15 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-04-10 09:35:12 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-04-10 09:35:10 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-04-10 09:35:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-04-10 09:35:09 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-04-10 09:35:09 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-04-10 09:35:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-04-09 14:45:27 -------- d-----w- C:\Program Files\Common Files\Little Registry Cleaner
2013-04-09 14:31:42 -------- d-----w- C:\Users\verna\AppData\Local\Little_Apps
2013-04-09 14:30:59 -------- d-----w- C:\Program Files (x86)\Little Registry Cleaner
2013-04-08 17:39:54 487424 ----a-w- C:\Windows\SysWow64\msvcp70.dll
2013-04-08 17:39:53 1077344 ----a-w- C:\Windows\SysWow64\mscomctl.ocx
2013-04-05 09:41:45 -------- d-----w- C:\Users\verna\AppData\Roaming\ChemTable Software
2013-04-05 09:41:40 -------- d-----w- C:\Users\verna\AppData\Local\ChemTable Software
2013-04-05 09:41:38 -------- d-----w- C:\Users\verna\AppData\Local\AnVir
2013-04-04 20:07:03 -------- d-----w- C:\ProgramData\TaskManager
2013-03-31 12:27:24 -------- d-----w- C:\ProgramData\RealNetworks
.
==================== Find3M ====================
.
2013-04-21 21:14:00 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-04-21 21:14:00 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-04-12 10:09:12 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-12 10:09:12 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-03-16 11:57:29 260 ----a-w- C:\Windows\SysWow64\cmdVBS.vbs
2013-03-16 11:57:29 256 ----a-w- C:\Windows\SysWow64\MSIevent.bat
2013-03-13 09:40:13 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-03-13 09:40:12 963488 ----a-w- C:\Windows\System32\deployJava1.dll
2013-03-13 09:40:12 1085344 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-03-12 22:34:18 16486616 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-03-07 15:09:25 102248 ----a-w- C:\Users\verna\GoToAssistDownloadHelper.exe
2013-03-06 22:33:21 70992 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-03-06 22:33:21 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-03-06 22:33:21 178624 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-03-06 22:33:21 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-03-06 22:33:20 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-03-06 22:32:51 41664 ----a-w- C:\Windows\avastSS.scr
2013-03-05 21:57:14 29712 ----a-w- C:\Windows\System32\nitrolocalmon2.dll
2013-03-05 20:57:16 17936 ----a-w- C:\Windows\System32\nitrolocalui2.dll
2013-02-21 10:30:16 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-21 10:29:39 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-21 10:29:37 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-02-21 10:29:37 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-02-21 10:15:07 2240512 ----a-w- C:\Windows\System32\wininet.dll
2013-02-21 10:14:09 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-21 10:14:05 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-02-21 10:14:05 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-02-19 12:01:03 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-02-19 11:42:14 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-19 11:10:53 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-02-19 10:51:18 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-01-25 15:54:35 74703 ----a-w- C:\Windows\SysWow64\mfc45.dll
.
============= FINISH: 11:09:42.28 ===============


----------



## Mark1956 (May 7, 2011)

Ok, lets start by removing programs that are not required. Go to Programs and features and uninstall all of these:

Java 3D 1.5.2
Java 7 Update 17 (64-bit)
Java 7 Update 21
Java Auto Updater
Java(TM) 6 Update 26
JavaFX 2.1.1
Little Registry Cleaner
ZoneAlarm LTD Toolbar
ZoneAlarm Security

As I said earlier the Update 21 Java download is now fixed AFAIK so please remove all of the Java entries in the list of programs, then go to Java and download and install Version 7 Update 21. Your program list shows that Update 21 was installed but as there were clearly some issues with it I would recommend removing it and getting a fresh copy. Go here for the download: Java Download

Java 3D and JavaFX are only required if you are creating Java programs, if that is the case then please keep them.

Little Registry Cleaner is not required, your registry does not and should not be cleaned unless you have expert knowledge, these types of cleaners can and do harm the OS. The same applies to the Registry Cleaner in CCLeaner which you should never use, the other clean up tools it has are quite safe. There is some evidence of two more cleaners, SlimCleaner and RegRun, can you confirm if you have these and uninstall the programs if present.

Zone Alarm and the ZA toolbar are not required, ZA Security may cause conflicts even though it does not appear to be running. Please run this tool after you have uninstalled it: ZoneAlarm removal tool

There is an indication that you had Adaware Anti Virus and SuperAntiSpyware, please confirm if you have uninstalled these programs as the remnants will need to be removed.

There is one suspicious file on your system I would like you to check: winstart.bat

Go to one of the following online services that analyzes suspicious files:

*Jotti's virusscan*
*VirusTotal*
*VirSCAN*

In the "*File to Scan*" (Upload or Submit) box, click the "*browse*" button and locate the following file:

C:\Windows\*winstart.bat* _<- this file_

Click "*Open*", then click the "*Submit*" button. If you get a message saying "_File has already been analyzed_", click *Reanalyze* or *Scan again*.
-- Post back with the results of the file analysis in your next reply.


----------



## jetsguy (Feb 27, 2011)

× *Cookies are disabled!* This site requires cookies to be enabled to work properly 

https://www.virustotal.com/en/
Community
Statistics
Documentation
FAQ
About

 Join our community 
 Sign in 

 

SHA256:7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6SHA1:ba8ab5a0280b953aa97435ff8946cbcbb2755a27MD5:81051bcc2cf1bedf378224b0a93e2877File size:2 bytes ( 2 bytes ) File name:winstart.batFile type:TextTags:text nsrl signed Detection ratio: 0 / 46 Analysis date: 2013-04-23 13:50:26 UTC ( 9 minutes ago ) 








10

22

More details


 Analysis 
 File detail 
 Relationships 
 Additional information 
 Comments 
 Votes 
 Antivirus Result Update Agnitum 20130423 AhnLab-V3 20130423 AntiVir 20130423 Antiy-AVL 20130423 Avast 20130423 AVG 20130423 BitDefender 20130423 ByteHero 20130418 CAT-QuickHeal 20130423 ClamAV 20130423 Commtouch 20130423 Comodo 20130423 DrWeb 20130423 Emsisoft 20130423 eSafe 20130423 ESET-NOD32 20130423 F-Prot 20130423 F-Secure 20130423 Fortinet 20130423 GData 20130423 Ikarus 20130423 Jiangmin 20130423 K7AntiVirus 20130423 K7GW 20130422 Kaspersky 20130423 Kingsoft 20130422 Malwarebytes 20130423 McAfee 20130423 McAfee-GW-Edition 20130423 Microsoft 20130423 MicroWorld-eScan 20130423 NANO-Antivirus 20130423 Norman 20130423  nProtect 20130423 Panda 20130423 PCTools 20130423 Sophos 20130423 SUPERAntiSpyware 20130423 Symantec 20130423 TheHacker 20130422 TotalDefense 20130423 TrendMicro 20130423 TrendMicro-HouseCall 20130423 VBA32 20130422 VIPRE 20130423 ViRobot 20130423









An error occurred









An error occurred 
* PE resource-wise parents*

This file was seen as a resource in the following Portable Executables. 
 0784d998bdd05d48e942919fef0be5b80647318121d31f8ee8b10b65df417e02  
 08e38abf02b32857b44abde9395cc7a0eec7007983b27aa952227ccd60257939  
 110234a4c25cdc32bc4ce9a45411492f426f22a2c42e85f37ccb2cb274b29885  
 12b394b94974822e8439d8c322c9a2c91c6ba4650e5f6ebd734da1a4c347c011  
 144eeb232805c8e3f86bbfd2d9d9622dea64067766a8c077bca03574fd9d861d  
 14d9e3d084c39b31cb6d13fd5ab976d549ad61780d38b787a256f54d408a7672  
 1538563af21c52ac1a9f85521c737ff5031c32d8ddb473c478fc1581d6680385  
 15cc042f2b8a3b1d631b6ab980639d6963a2a48dec8cf0454451338523f177c2  
 1a6402786d542edff04ac3ee6925932a38cee8a8eecbdb9912b22da410c9d632  
 1f4d3e80ac3a0bca18cc94ca8b02446153fe1b0ff532788c0387ae45d585f599  
 2631182647c56c258b7a3f02151d013b384294c4be20934646d5177878b057dc  
 2bf3a1a65950a5892e2cd269df567d396456357a19fc9d1486af803259d02864  
 2db2d51cf10f6b42ab9db3f4188cfd2efd96a4905aa31ad9a117b34d1546b321  
 35966bb761e80d34f1be2829941d430154f73950393d5bfe1f4d3b53957b442a  
 375c6bfebbac1b9530d49e545d6598e844f417cc9a9f8d875f27feb9ed7c42c7  
 3a1a486304f58a3f35d292052c9ed4466f3751d8d8cb9cc866fd85aea7114868  
 401d0dc192ecc511988eb90233376a432a4cb5b471539c0b599d3ca7c8b78d4f  
 407582eaadaded1615c28304d97ee2e82ab62bb474736571e415886bca2b231d  
 42aea5aad9f6419a6b33e7b0a624b3ce276ff67f3f72a0a9a5e6a48200aa3633  
 443a76926f02b9f942529ed946b52cb29c2c6c9a7f4141e95f5a717c89a4effe  
 4b18c9f4faf167b0a2fece17691fca7971d59c7aa7e0da753cae6db81d4a9204  
 4e737a9d1deccd91abe3dae50f0e7bae949135e6744a498afd109293b7fc8b27  
 57a28402304e3efbd5fee075c4ffeeb6ea9582ace5cdbe073b8d2764c3d28071  
 5d98de574bae11765e57879a5bb63abc6a541caa1e7de4048e5709597973a620  
 6179876806415d89c776c9487d1365c4b2410b76fa60a8bc845d7ef654dd879f  
 63ce22494d5ccb2bbfba1ce9c95228cc880f59b0dcded6df24e587f28e5c71af  
 65c77c09ad78481d2b6b71d1f80fa4594f2a34f5e46f121efb082d33d251d425  
 7b7510d61a4d014eb50f28b09aaef46cc0b780e7cd7b2622ff41ef74e1ef2ddd  
 7d2305a344993d4563899f4f2de0c4d152d4e5558aa63b5c01f823191bd4df56  
 7f4a10ad931ac78a7563cb38a8d15db1175a0a9d90b797b51f40acdee514f857  
 89324de44e4ba5766a42da16a2595e9cade6227ae26533f54301c728d0901523  
 8a3daf3f17efa7f8362da14412cd161a1e7c7d497eaff21886fab63313c0c759  
 8a567179e1198eb1bdf2dd21dcd90e1b60c21276f9948a61175c81a2b7b14cc0  
 8aaa7f2c6102ecda977f7551a3e6da538868de621da613d1f7ec915fbb314111  
 8cd2bac9b954a705fa8c0c52be5e13a692df5be1512315ef34167aad438ffb89  
 8e0aa45952e93fdf0bb1e9f817f86ba3583e184a91a63d755243d931fb0669ad  
 96b1d62499ece6d471ed1ea332485abd96beac300d833be797e17567761bc123  
 992920fdc034fd90af6bab10d8149aee781be460bb739f9f027df8d9d5e013ba  
 a47cea1af60b297f895e0f538bf1092eff1dfb7f77e15305b345f78fef2955ee  
 ac7abd55836f10710755062c542bc13985a2c898fc30cee4d3056491b3d37746  
 b10889e875de7619158cb97feb622f79d53b522d1abde679558a993f807e5ef1  
 b27d9dde511a112a92e72f0a700930baf99e932253d7caab165d4e4325aede17  
 bac67a3939e59c6ad72e09539d303bb81cedeefa67dd0086358e4b9a6ab26855  
 bb49f990192b04a54cd6f302302804260ee24868f46337b866b9f3515f420d05  
 c509decd229403ea452733c7e71559cbf2309e261b28d2ad7f499bedb84275ca  
 c78b8abc7e57c01b3768d2674516359246f6bd872950514aa54c52335e7d8d9e  
 ca72bb6d13663f483ee4298e987ec1ebd057eacf2f4fbde8c2c29dacebf0cec9  
 d1c53db4d3629c0da468182b2b2a1191e02e445aa830beff7d892d72d18184bf  
 ddc7d578317396a018b941d74518d189cbf861a131932a8e25891067443d49d6  
 dfecf3d43cd202dc3778f085c3ab96c01186043de9079a926197e6ea5d787f54  
 f658106f24484d0e727230b0accfd0c51e27ecc2159cf02b6d7f713c24c2fb03  
* Compressed bundles*

This file was also submitted to VirusTotal in the following compressed file bundles. 
 108859b5a3fbd952a1638738cb4965b89a969f81a5da56849e163aca72f574e1  
 238e620a55b1c4aa7ced8afb610d4a3278d36c27d483d5acc6edd01a57def692  
 2f3104f9d57398c15fdc7b7e48d1ea616e7b882ed96d57c6a0e78ba1d12d63a4  
 37a5761d42ed7eb32e54257f43ca5da4630f186e6fca53b708638d095a766879  
 4dcf1217715f878cd9b50b2fd44ec3a1a6b62ec19529448172e5bb433eee4411  
 67ab1d8b55c255ff265e1f252954b1381bd46d8ace20ed781770185f94b5f97d  
 71ac0c71aea6dea1deb469ee9a746d04488c0a1ae5f8e3acdd91605659218b49  
 72939e14be6630b1aa36d76d1acc5d45e5a846a30971d677a23766d6eee3cc6e  
 77897db30eb8c78622dceff518c29323a2602e080957e8b7499bb3347e8277bc  
 97eb08961b9e115d688406518854d28a2b4025a853a11f234def99e9b5d69899  
 9d189d684f0c0aca95043df24f8e0f2179e207f1633633150593e1f52b7e2537  
 b35c0e2ae7484cd14abfede1551f75d4ca3274c9af882c1f778484b558f5ef7d  
 db12f8802ba71afada7d32e5d92c24ff666bb98f0b25f9777139b9033af56a82  
 dbd9d7ebd4d70700fd0c3ec584569c3e375cbd16a43be5ad52578a26ec04ecd2  
 e4a8d09ea0d7e3e545f05653bdc3abe2d05d040109bd3f2cc2a1500da655d9f5  
 f23567bd9531b88d77f62c2f5c2d85df2cbd3b7a2a409389090184ff0fd081b8  
 f640f879c3b598ebbe759da8281227b815e570f77ead87e8c859686fca5deae9 









An error occurred 
*ssdeep*

3:y:y *TrID*

file seems to be plain text/ASCII (0.0%)
*ExifTool*

FileAccessDate...........: 2013:04:23 14:50:41+01:00FileCreateDate...........: 2013:04:23 14:50:41+01:00*First seen by VirusTotal*

2007-11-14 21:37:42 UTC ( 5 years, 5 months ago ) *Last seen by VirusTotal*

2013-04-23 13:50:26 UTC ( 9 minutes ago ) *File names (max. 25)*


 output.1750372.txt
 CCcam.cfg
 AUTOEXEC.NT
 desktop.ini
 winstart.bat
 1378773
 output.1313452.txt
 info.exe
 disk3.id
 1750372
 3733325971.html
 output.1630593.txt
 smona_7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6.bin
 autorun.inf-113031
 1636450
 acaddoc2.lsp
 ku2mq
 1-0-36_attach.2.unknown_name
 ATT00001..txt
 autoexec.bat
 GL560.DLL
 Screenshot.doc
 output.1666538.txt
 3Ed3K83M15G45Ef5Fdd43bb31efc213b81ca8.jpg
 netstat.txt
*National Software Reference Library (NIST)*

This file was found in the NSRL dataset, in the following products: 

Norton Utilities (Symantec)
Commerce Server Developer Edition (Microsoft)
eMbedded Visual Tools (Microsoft)
MapPoint 2001 (Microsoft)
Internet Security and Acceleration Server - Enterprise Edition (Microsoft)
Commerce Server - Developer Edition (Microsoft)
SmartTag (Microsoft)
Liquid Motion (Microsoft)
Visio (Microsoft)
Visio Enterprise Edition (Microsoft)
Riven (Red Orb)
Master of ORION II Battle at Antares (MICROPROSE)
Moto Racer (Electronic Arts Ltd)
SmartSuite (Lotus Development Corporation)
Windows (Microsoft)
Photo Suite (MGI)
Windows NT Workstation (Microsoft)
Windows XP Home Edition Release Candidate 1 (Microsoft)
Windows XP Professional Release Candidte 1 (Microsoft)
Windows XP Professional Checked Build Release Candidate 1 (Microsoft)
 The file was found with the following names: 

DISK1.ID, DISK2.ID
WRUI3270.RC, WSLI3270.RC, chat.adm
empty.tmp
cdtag.1, tagfile.1
SOURCES
DISK1.ID, DISK2.ID, DISK3.ID, DISK4.ID
DISK1.ID
hold1.txt, hold2.txt, hold3.txt, hold4.txt, hold5.txt, hold6.txt, hold7.txt, hold8.txt, hold9.txt, sboff.mws, sbpx1.mws, sbpx2.mws
softbar.in!
JScript.js, Stdafx.h, Templates.inf
chat.adm
DISK1, DISK10, DISK11, DISK12, DISK13, DISK14, DISK15, DISK16, DISK17, DISK18, DISK19, DISK2, DISK20, DISK21, DISK22, DISK3, DISK4, DISK5, DISK6, DISK7, DISK8, DISK9, SWITCH.INF, switch.in!
COPYRIGHT.TXT
NPRN_DDK_FILE_267
WIN51IP.SP1, empty.tmp, sboff.mws, sbpx1.mws, sbpx2.mws, softbar.in!
sboff.mws, sbpx1.mws, sbpx2.mws, softbar.in!
Stdafx.h, jscript.js, stdafx.h, templates.inf
NPRN_DDK_FILE_267, chat.adm, softbar.in!
COPYRIGHT.TXT, WRUI3270.RC, WSLI3270.RC, chat.adm
empty.tmp, sboff.mws, sbpx1.mws, sbpx2.mws

*No comments.* No VirusTotal Community member has commented on this item yet, be the first one to do so! 







Arquivo mal formado.

Origem → http://www.dramasinn.com/favicon.ico

Offset, segmento 0 → 0D 0A 
Posted 4 months, 2 weeks ago by Drexter








#goodware 
Posted 9 months ago by neverlight









#Goodware #P2Pdownload #DriveByDownload #Malware #IMpropagating #SpamAttachmentOrLink #NetworkWorm 
Posted 11 months, 1 week ago by c0d3rk








#malware #spamattachmentorlink 
Posted 1 year, 4 months ago by Leandromartinez








Also seen as #tcefni.dat
Malware trace located at %localappdata% folder. Trojan Banker related.
#malware 
Posted 1 year, 9 months ago by MariaCristina









 More comments  
*Leave your comment...*

? Rich Text AreaToolbarBold (Ctrl+B)Italic (Ctrl+I)Underline (Ctrl+U)Undo (Ctrl+Z)Redo (Ctrl+Y)StylesStyles▼Remove Formatting
https://www.virustotal.com/en/file/...645237f5ca74b08f8da61a6/analysis/1366725026/# 
Post comment  
*You have not signed in.* Only registered users can leave comments, sign in and have a voice! 
 Sign in   Join the community 

*No votes*. No one has voted on this item yet, be the first one to do so!









 More votes 

 Blog |  Twitter |  [email protected]  |  Google groups |  ToS |  Privacy policy 
× *Recover your password*

Enter the email address associated to your VirusTotal Community account and we'll send you a message so you can setup a new password. 
Email:








 Recover password   Cancel 

× *Join VirusTotal Community*

Interact with other VirusTotal users and have an active voice when fighting today's Internet threats.  Find out more about VirusTotal Community.  
First name

Last name

Username *

Email *

Password *

Confirm password *

* Required field 







 Cancel   Sign up 

× *Sign in*

Username or email

Password

 Forgot your password? 








 Cancel   Sign in


----------



## jetsguy (Feb 27, 2011)

Greetings,ok what went wrong here, sent the results of the virus scan as asked, now its saying cookies need to be enabled and an error has occurred ?


----------



## Mark1956 (May 7, 2011)

This was the important part: 'Detection ratio: 0 / 46' which shows the file is not malicious.

How did the rest of my instructions go, I need a response in respect of Adaware and SuperAntiSpyware.


----------



## jetsguy (Feb 27, 2011)

I cannot give you an answer to the results of Adaware and Superantispyware because these files do not exist (checked everywhere registry,command prompt etc.) no files.Here is a heads up that sort of makes me feel a little better,I occasionaly play Pogo games and it seems a lot of people are having the same or similar problems with this update of Javas


----------



## Mark1956 (May 7, 2011)

I'll deal with the Adaware and SuperAntiSpyware remnants later when I have more time, what I actually asked was, had you uninstalled them. Meanwhile, have you carried out the rest of my instructions and tried the Java update again.

There were problems with the new Java update, but as I said, as far as I know, the problems have been fixed. Please try the update again if you have not already done so.


----------



## jetsguy (Feb 27, 2011)

Yes I tried Java update several tmes with no luck.According to the people on Pogo the PROBLEMS have not as of yet been fixed.This is very frustrating.Java needs to get their act together.Make sure their updates work before telling people to update.


----------



## Mark1956 (May 7, 2011)

I've just checked the download link I gave for Java using IE, Firefox and Google and it worked on all of them. The program still showed the 'corrupt.dll' warning but if you just click on OK the installation continues and should soon ask you to reboot to complete the installation. Give it another go.

You still have not responded to this:



> There is some evidence of two more cleaners, SlimCleaner and RegRun, can you confirm if you have these and uninstall the programs if present.
> 
> Meanwhile, have you carried out the rest of my instructions


I will assume you have completed all the uninstalls and have posted instructions below to remove the remnants of Adaware. The other item found in the error logs that shows the Service manager cannot load the drivers for SuperAntiSpyware can be left as we would need to run other scans to find the reg key that is calling them to load, but I have included the known reg key for its location. I have included the removal of the winstart.bat file even though the Virus scan came up clean, research indicated that the file could pose some risk so best get rid of it.

Please download *OTM by OldTimer*. Save it to your desktop.

Double click *OTM.exe* to start the tool.


*Copy* the text in the code box below to the clipboard by highlighting *ALL* of them and *pressing CTRL + C* (or, after highlighting, right-click and choose *Copy*):


```
:Processes
explorer.exe
:Services
:Files
C:\Windows\winstart.bat
:Reg
[-HKEY_LOCAL_MACHINE\Software\SUPERAntiSpyware.com]
[-HKCU\Software\AppDataLow\Software\adawarebp]
[-HKCU\Software\adawarebp]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"adawarebp"=-
"adawarebp_XP"=-
:Commands
[createrestorepoint]
[emptyflash]
[emptytemp]
[resethosts]
[reboot]
```

 Return to OTM, right click in the *"Paste Instructions for Items to be Moved"* window (under the yellow bar) and choose *Paste*.
Click the red *Moveit!* button.
All your desktop icons will disappear as the scan begins. It should complete within a few minutes.
Once complete you may see a box appear asking you to Restart the system to complete the file removal, accept it and it will reboot.
Even if that box does not appear the system should reboot as the command is included in the script.
When the system has come back to the desktop a Notepad document will open, please copy and paste that into your next post.

-- Note: The logs are saved here: C:\_OTM\MovedFiles


----------



## jetsguy (Feb 27, 2011)

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
========== FILES ==========
C:\Windows\winstart.bat moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\Software\SUPERAntiSpyware.com\ not found.
Registry key HKEY_CURRENT_USER\Software\AppDataLow\Software\adawarebp\ not found.
Registry key HKEY_CURRENT_USER\Software\adawarebp\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\adawarebp not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\adawarebp_XP not found.
========== COMMANDS ==========
Restore point Set: OTM Restore Point

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: Public

User: TEMP

User: verna
->Flash cache emptied: 594 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: TEMP

User: verna
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2944813 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 5025960 bytes
->Apple Safari cache emptied: 4459520 bytes
->Flash cache emptied: 291 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 11203208 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 49667569 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 79586 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 70.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTM by OldTimer - Version 3.1.21.0 log created on 04242013_141901
Files moved on Reboot...
File C:\Users\verna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O0JLD0JP\1096653-latest-java-update-7-0-a-3[1].htm not found!
File C:\Users\verna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KH4F0CUU\5174[1].htm not found!
File C:\Users\verna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\7A7E08C8-3FF5-45F2-873D-A84D669DC82F.dat not found!
C:\Users\verna\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...


----------



## Rainsberger (Apr 21, 2010)

I had the same error when downloading Java update 7/21 i used Google to find out about the error
and was directed back to Java who were aware of the error people were having.

I was told to download the offline version of Java update 7/21 and install which i done and was
successfully installed and no further errors.


----------



## Mark1956 (May 7, 2011)

Jetsguy, you have still not answered two questions I repeated in post 41.

Have you tried to install Java again?


----------



## jetsguy (Feb 27, 2011)

I have ununstalled reinstalled numerous times to no avail.(I have used Google)


----------



## Mark1956 (May 7, 2011)

Why won't you answer the questions I keep repeating.


----------



## jetsguy (Feb 27, 2011)

OK you got me what questions? everything you asked me to do I did and posted I've uninstalled and reinstalled java with no success.Can you or anyone else help me figure this out or not?


----------



## Mark1956 (May 7, 2011)

That has answered one part, but this remains unanswered:


> There is some evidence of two more cleaners, SlimCleaner and RegRun, can you confirm if you have these and uninstall the programs if present.


In respect of the uninstalls, if you don't answer when I ask for confirmation then I have no idea if you have done as asked. Please respond to my query about SlimCleaner and RegRun.

And with Java, your logs did show that Java 7 Update 21 was installed, but I suggested you remove it and re-install again just in case thee was a problem with the original update. From what I had seen in other threads and on my own system it appeared that the problem with the Java update had been fixed.

What exactly is going wrong with the update on your system?


----------



## jetsguy (Feb 27, 2011)

OK slim cleaner and regrun have been removed.As far as update 7.21 yes it was installed yes it was uninstalled.A few hrs ago I reinstalled it, its showing that it is installed but not being recognized.Also in command it is saying that Java is not recognized as an internal or external command,operable program or batch file.(I think I may have already mentioned this)


----------



## Mark1956 (May 7, 2011)

Go here: http://www.java.com/en/download/installed.jsp and click on the button to verify that you have Java installed and the version.

Have you rebooted since you installed it?

What browser are you using?


----------



## jetsguy (Feb 27, 2011)

When I click on to verify Java version it's showing nothing just a blank area where the version should be.And yes I have rebooted.I use Firefox and sometimes IE.


----------



## Mark1956 (May 7, 2011)

Ok, lets try a complete clean out of the Java components.


Click on this link JavaRa, on the web page click on the *Download* button for *Stable Version* Version 2.1 and save it to your desktop.
Extract the zip file, double click on the *JavaRa* folder that will appear on the desktop then double click on the JavaRa application icon. 
You should see this box below open up.




Click on *Update Java Definitions* then click on *Download* and wait for confirmation that it has completed then click the *Back* button.
The click on *Remove Java Runtime*, click on the arrow head next to the empty box then click on *Java Runtime Environment 7* and click on the *Run Uninstaller* button. You should now see this:




Select *Yes* and let it run. When complete click on the *Next* button then click on *Perform Removal Routine*. When complete click on *Next*.
You should see *step 3 - download new version*, click on the *Download* button and let it complete.
After a short pause a *Welcome to Java* window will appear, click the *Install* button.
If you hit any difficulty installing the new version, close JavaRa and reboot the system, then go here Java Download and click on the big red button *Free Java Download* and follow the prompts.

If an error pops up *java runtime inviroment 7.0.21/java spdll is corrupt* open Windows Explorer and navigate to this folder
C:\Windows\Users\NAME\Appdata\LocalLow look for and delete the Sun folder. If there is also an Oracle folder, delete that also.
Then run the installer again.


----------



## jetsguy (Feb 27, 2011)

Did all of the above as requested.Deleted uninstalled reinstalled rebooted still the same.The only thing that is different is when I go to check Java version there is a blue dotted circle that keeps going around and around with nothing coming up otherwise its still the same.


----------



## Mark1956 (May 7, 2011)

This is becoming quite baffling. The rotating blue circle is normal as it searches for your Java installation.

Please run this scan just to see if it will recognize the Java software.

Download Security Check by screen317 from Here or Here.
Save it to your Desktop.
Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please Copy & Paste the contents of that document into your next reply.


----------



## jetsguy (Feb 27, 2011)

@echo off
cd %~dp0
title Security Check
color F
set cleanver=0.99.63
echo.
echo.
echo.`````````````````````````Security Check by screen317`````````````````````````
echo.
echo.
echo.
echo.
echo.
echo.This will check your system and display the security programs on your computer.
echo.
echo.`````````If you don't want this done for any reason, please quit now.````````
echo.
echo.
echo.
pause
cls
echo.
echo.
echo.
rep
If "%OS%"=="Windows_NT" (
goto NT
) else (
echo. UNSUPPORTED OPERATING SYSTEM! Aborting now! && echo. UNSUPPORTED OPERATING SYSTEM! ABORTED!>checkup.txt
)
goto preend
:NT
if exist checkup.txt del /q /f *.txt
echo. Results of screen317's Security Check version %cleanver% >prelimcheckup.txt
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo. ``Collecting information``
"%cd%\Other\cmdinfo.exe">check.txt
@find /i "OS type" check.txt>OS1check.txt
@find /i "Build number" check.txt>x64SPcheck.txt
@FOR /F "eol=- tokens=3-6* delims= " %%d in (OS1check.txt) do @echo. %%d %%e %%f %%g %%h>OS1check2.txt
@find /i "vista" OS1check2.txt>nul && set OS1=Windows Vista
@find /i "XP" OS1check2.txt>nul && set OS1=Windows XP
@find /i "2000" OS1check2.txt>nul && set OS1=Windows 2000
@find /i "7" OS1check2.txt>nul && set OS1=Windows 7
if not exist "%systemdrive%\Program Files (x86)" goto x64totalskip
if "%OS1%"=="Windows 7" goto x64vistaskip
@find /i "Build number" check.txt>x64SPcheck.txt
@find /i "6001" x64SPcheck.txt>nul &&set OS2=Service Pack 1
@find /i "6002" x64SPcheck.txt>nul &&set OS2=Service Pack 2
goto UACcheck
:x64vistaskip
@find /i "7601" x64SPcheck.txt>nul &&set OS2=Service Pack 1
goto UACcheck
:x64totalskip
@find /i "Service Pack" check.txt>OS2check.txt
@find /i "1" OS2check.txt>nul && set OS2=Service Pack 1
@find /i "2" OS2check.txt>nul && set OS2=Service Pack 2
@find /i "3" OS2check.txt>nul && set OS2=Service Pack 3
@find /i "4" OS2check.txt>nul && set OS2=Service Pack 4
:UACcheck
"%cd%\Other\swreg.exe" query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System">UAC.txt
@find /i "EnableLUA" "UAC.txt">"UAC2.txt"
@find /I "1 " "UAC2.txt">nul && set UAC=(UAC is enabled)
@find /I "0 " "UAC2.txt">nul && set UAC=*(UAC is disabled!)*
:uacskip
set x64check=x86
if "%programfiles(x86)%"=="%systemdrive%\Program Files (x86)" set x64check=x64
echo. %OS1% %OS2% %x64check% ¬% >>prelimcheckup.txt
@find /i "windows" prelimcheckup.txt>nul || echo. Error getting OS version
@find /i "Windows 2000" prelimcheckup.txt>nul && @find /i "2000 Service Pack 4" prelimcheckup.txt>nul || echo. *Out of date service pack!!*>>prelimcheckup.txt
@find /i "Windows Vista" prelimcheckup.txt>nul && @find /i "Vista Service Pack 2" prelimcheckup.txt>nul || echo. *Out of date service pack!!*>>prelimcheckup.txt
@find /i "Windows XP" prelimcheckup.txt>nul && @find /i "XP Service Pack 3" prelimcheckup.txt>nul || echo. *Out of date service pack!!*>>prelimcheckup.txt
@find /i "Windows 7" prelimcheckup.txt>nul && @find /i "7 Service Pack 1" prelimcheckup.txt>nul || echo. *Out of date service pack!!*>>prelimcheckup.txt
:IE version
"%cd%\other\SWreg.exe" query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Version Vector">IEversion.txt
Find /I "IE" "IEVersion.txt">IEVersion2.txt
@FOR /F "eol=- tokens=1-3* delims= " %%a in (IEVersion2.txt) do echo.%%c>IEVersion3.txt
if "%OS1%"=="Windows XP" goto oldIE
if "%OS1%"=="Windows 2000" goto oldIE
@FOR /F "eol=- tokens=1 delims=." %%# in (IEVersion3.txt) do (
if "%%#" LSS "9" (
echo. Internet Explorer %%# *Out of date!*>>prelimcheckup.txt
) else (
echo. Internet Explorer 9 >>prelimcheckup.txt
)
)
goto IESkip
ldIE
@FOR /F "eol=- tokens=1 delims=." %%# in (IEVersion3.txt) do (
if "%%#" LSS "8" (
echo. Internet Explorer %%# *Out of date!*>>prelimcheckup.txt
) else (
echo. Internet Explorer 8 >>prelimcheckup.txt
)
)
:IESkip
cls
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo. Collecting Information Done
reparing
cls
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo. ``Preparing``
objlist.exe "programlist"
if exist install.txt goto processlist1
objlist.exe "programlist"
if exist install.txt goto processlist1
objlist.exe "programlist"
if exist install.txt goto processlist1
if ERRORLEVEL 1 echo. *Error creating install.txt after 3 tries! Trying alternate method...*>>prelimcheckup.txt
uninstalllist.exe
rocesslist1
objlist.exe "processlist"
if exist process.txt goto preantivirus
objlist.exe "processlist"
if exist process.txt goto preantivirus
objlist.exe "processlist"
if exist process.txt goto preantivirus
if ERRORLEVEL 1 echo. *Error creating process.txt after after 3 tries! Trying Alternate method...*>>prelimproccheck.txt
runprocesses.exe
if exist process.txt (
goto preantivirus 
) else (
echo. *Error creating Process List-- tell your Helper*>>prelimcheckup.txt
)
reantivirus
cls
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo. ``Preparing Done!``
:antivirus
echo.
echo.*``````````````Antivirus/Firewall Check:``````````````*>>prelimcheckup.txt
if not exist "C:\windows\system32\sc.exe" goto skipwscsvccheck && echo. *sc.exe missing!*>>prelimcheckup.txt
sc query "wscsvc">wscsvc1.txt
@find /I "RUNNING" wscsvc1.txt>nul || echo. *Windows Security Center service is not running! This report may not be accurate!*>>prelimcheckup.txt
:skipwscsvccheck
if not exist "%windir%\system32\netsh.exe" goto skipfirewallcheck && echo. *netsh.exe missing!*>>prelimcheckup.txt
if "%OS1%"=="Windows XP" (
netsh firewall show state>fw1.txt
"%cd%\Other\nircmdc.exe" wait 1000
@find /I "Operational" fw1.txt>fw2.txt
@find /I "Enable" fw2.txt >nul && echo. Windows Firewall Enabled! >>prelimcheckup.txt
@find /I "Disable" fw2.txt >nul && echo. Windows Firewall Disabled! >>prelimcheckup.txt
) else (
netsh advfirewall show allprofiles > Vista7FirewallCheck1.txt
"%cd%\Other\nircmdc.exe" wait 1000
@find /I "State" Vista7FirewallCheck1.txt>Vista7FirewallCheck2.txt
@find /I "ON" Vista7FirewallCheck2.txt >nul && echo. Windows Firewall Enabled! >>prelimcheckup.txt
@find /I "OFF" Vista7FirewallCheck2.txt >nul && echo. Windows Firewall Disabled! >>prelimcheckup.txt
)
:skipfirewallcheck
if exist "%windir%\system32\wbem\wmic.exe" goto scenter
FIND /I "V3 VirusBlock" install.txt>>prelimviruscheck.txt
FIND /V /I "V3 VirusBlock" install.txt>install2.txt
FIND /I "avast! 4 Small Business Server Edition" install2.txt>>prelimviruscheck.txt
FIND /V /I "avast! 4 Small Business Server Edition" install2.txt>install3.txt
FIND /I "avast! Antivirus" install3.txt>>prelimviruscheck.txt
FIND /V /I "avast! Antivirus" install3.txt>install4.txt
FIND /I "avast! 4 SBS Edition" install4.txt>>prelimviruscheck.txt
FIND /V /I "avast! 4 SBS Edition" install4.txt>install5.txt
FIND /I "AVG Internet Security" install5.txt>>prelimviruscheck.txt
FIND /V /I "AVG Internet Security" install5.txt>install6.txt
FIND /I "AVG Anti-Virus" install6.txt>>prelimviruscheck.txt
FIND /V /I "AVG Anti-Virus" install6.txt>install7.txt
FIND /I "avast!" install7.txt>>prelimviruscheck.txt
FIND /V /I "avast!" install7.txt>install8.txt
FIND /I "AVG" install8.txt>>prelimviruscheck.txt
FIND /V /I "AVG" install8.txt>install9.txt
FIND /I "Avira AntiVir Personal - Free Antivirus" install9.txt>>prelimviruscheck.txt
FIND /V /I "Avira AntiVir Personal - Free Antivirus" install9.txt>install10.txt
FIND /I "Avira AntiVir Premium" install10.txt>>prelimviruscheck.txt
FIND /V /I "Avira AntiVir Premium" install10.txt>install11.txt
FIND /I "Avira AntiVir Professional" install11.txt>>prelimviruscheck.txt
FIND /V /I "Avira AntiVir Professional" install11.txt>install12.txt
FIND /I "Avira" install12.txt>>prelimviruscheck.txt
FIND /V /I "Avira" install12.txt>install13.txt
FIND /I "Rising Antivirus" install13.txt>>prelimviruscheck.txt
FIND /V /I "Rising Antivirus" install13.txt>install14.txt
FIND /I "BullGuard" install14.txt>>prelimviruscheck.txt
FIND /V /I "BullGuard" install14.txt>install15.txt
FIND /I "eTrust Antivirus" install15.txt>>prelimviruscheck.txt
FIND /V /I "eTrust Antivirus" install15.txt>install16.txt
FIND /I "Quick Heal" install16.txt>>prelimviruscheck.txt
FIND /V /I "Quick Heal" install16.txt>install17.txt
FIND /I "ClamWin" install17.txt>>prelimviruscheck.txt
FIND /V /I "ClamWin" install17.txt>install18.txt
FIND /I "EarthLink Protection" install18.txt>>prelimviruscheck.txt
FIND /V /I "EarthLink Protection" install18.txt>install19.txt
FIND /I "Aluria Security" install19.txt>>prelimviruscheck.txt
FIND /V /I "Aluria Security" install19.txt>install20.txt
FIND /I "Digital Security Blink Professional" install20.txt>>prelimviruscheck.txt
FIND /V /I "Digital Security Blink Professional" install20.txt>install21.txt
FIND /I "NOD32 Antivirus" install21.txt>>prelimviruscheck.txt
FIND /V /I "NOD32 Antivirus" install21.txt>install22.txt
FIND /I "ESET" install22.txt>>prelimviruscheck.txt
FIND /V /I "ESET" install22.txt>install23.txt
FIND /I "F-Prot Antivirus" install23.txt>>prelimviruscheck.txt
FIND /V /I "F-Prot Antivirus" install23.txt>install24.txt
FIND /I "F-Secure Anti-Virus" install24.txt>>prelimviruscheck.txt
FIND /V /I "F-Secure Anti-Virus" install24.txt>install25.txt
FIND /I "F-Secure Internet Security" install25.txt>>prelimviruscheck.txt
FIND /V /I "F-Secure Internet Security" install25.txt>install26.txt
FIND /I "ViRobot Expert" install26.txt>>prelimviruscheck.txt
FIND /V /I "ViRobot Expert" install26.txt>install27.txt
FIND /I "Kaspersky Anti-Virus" install27.txt>>prelimviruscheck.txt
FIND /V /I "Kaspersky Anti-Virus" install27.txt>install28.txt
FIND /I "Kaspersky Internet Security" "install28.txt" >>prelimviruscheck.txt
FIND /V /I "Kaspersky Internet Security" "install28.txt" >install29.txt
FIND /I "McAfee VirusScan" "install29.txt" >>prelimviruscheck.txt
FIND /V /I "McAfee VirusScan" "install29.txt" >install30.txt
FIND /I "McAfee Total Protection" "install30.txt" >>prelimviruscheck.txt
FIND /V /I "McAfee Total Protection" "install30.txt" >install31.txt
FIND /I "McAfee Internet Security" "install31.txt" >>prelimviruscheck.txt
FIND /V /I "McAfee Internet Security" "install31.txt" >install32.txt
FIND /I "OneCare" "install32.txt" >>prelimviruscheck.txt
FIND /V /I "OneCare" "install32.txt" >install33.txt
FIND /I "Norman" "install33.txt" >>prelimviruscheck.txt
FIND /V /I "Norman" "install33.txt" >install34.txt
FIND /I "Panda for Desktops" "install34.txt" >>prelimviruscheck.txt
FIND /V /I "Panda for Desktops" "install34.txt" >install35.txt
FIND /I "OneCare" "install35.txt" >>prelimviruscheck.txt
FIND /V /I "OneCare" "install35.txt" >install36.txt
FIND /I "Panda Antivirus" "install36.txt" >>prelimviruscheck.txt
FIND /V /I "Panda Antivirus" "install36.txt" >install37.txt
FIND /I "Panda Internet Security" "install37.txt" >>prelimviruscheck.txt
FIND /V /I "Panda Internet Security" "install37.txt" >install38.txt
FIND /I "Panda Global Protection" "install38.txt" >>prelimviruscheck.txt
FIND /V /I "Panda Global Protection" "install38.txt" >install39.txt
FIND /I "Panda Platinum" "install39.txt" >>prelimviruscheck.txt
FIND /V /I "Panda Platinum" "install39.txt" >install40.txt
FIND /I "Panda Titanium" "install40.txt" >>prelimviruscheck.txt
FIND /V /I "Panda Titanium" "install40.txt" >install41.txt
FIND /I "BitDefender" "install41.txt" >>prelimviruscheck.txt
FIND /V /I "BitDefender" "install41.txt" >install42.txt
FIND /I "Sophos Anti-Virus" "install42.txt" >>prelimviruscheck.txt
FIND /V /I "Sophos Anti-Virus" "install42.txt" >install43.txt
FIND /I "Norton AntiVirus" "install43.txt" >>prelimviruscheck.txt
FIND /V /I "Norton AntiVirus" "install43.txt" >install44.txt
FIND /I "Symantec EndPoint Protection" "install44.txt" >>prelimviruscheck.txt
FIND /V /I "Symantec EndPoint Protection" "install44.txt" >install45.txt
FIND /I "Symantec Antivirus" "install45.txt" >>prelimviruscheck.txt
FIND /V /I "Symantec Antivirus" "install45.txt" >install46.txt
FIND /I "Norton Internet Security" "install46.txt" >>prelimviruscheck.txt
FIND /V /I "Norton Internet Security" "install46.txt" >install47.txt
FIND /I "Norton System Works" "install47.txt" >>prelimviruscheck.txt
FIND /V /I "Norton System Works" "install47.txt" >install48.txt
FIND /I "PC-Cillin Internet Security" "install48.txt" >>prelimviruscheck.txt
FIND /V /I "PC-Cillin Internet Security" "install48.txt" >install49.txt
FIND /I "Trend Micro Internet Security" "install49.txt" >>prelimviruscheck.txt
FIND /V /I "Trend Micro Internet Security" "install49.txt" >install50.txt
FIND /I "Online Armor 3.5" "install50.txt" >>prelimviruscheck.txt
FIND /V /I "Online Armor 3.5" "install50.txt" >install51.txt
FIND /I "Kerio Personal Firewall 2.1.5" "install51.txt" >>prelimviruscheck.txt
FIND /V /I "Kerio Personal Firewall 2.1.5" "install51.txt" >install52.txt
FIND /I "NETGEAR ProSafe Firewall Router" "install52.txt" >>prelimviruscheck.txt
FIND /V /I "NETGEAR ProSafe Firewall Router" "install52.txt" >install53.txt
FIND /I "Trend Micro Officescan Client" "install53.txt" >>prelimviruscheck.txt
FIND /V /I "Trend Micro Officescan Client" "install53.txt" >install54.txt
FIND /I "Authentium AntiVirus" "install54.txt" >>prelimviruscheck.txt
FIND /V /I "Authentium AntiVirus" "install54.txt" >install55.txt
FIND /I "Sunbelt Personal Firewall" "install55.txt" >>prelimviruscheck.txt
FIND /V /I "Sunbelt Personal Firewall" "install55.txt" >install57.txt
FIND /I "Privatefirewall 6.1" "install57.txt" >>prelimviruscheck.txt
FIND /V /I "Privatefirewall 6.1" "install57.txt" >install58.txt
FIND /I "COMODO Internet" "install58.txt" >>prelimviruscheck.txt
FIND /V /I "COMODO Internet" "install58.txt" >install59.txt
FIND /I "Norton Personal Firewall" "install59.txt" >>prelimviruscheck.txt
FIND /V /I "Norton Personal Firewall" "install59.txt" >install60.txt
FIND /I "Aluria Firewall" "install60.txt" >>prelimviruscheck.txt
FIND /V /I "Aluria Firewall" "install60.txt" >install61.txt
FIND /V /I "EzTrends" "install61.txt" >install62.txt
FIND /I "Norton 360" "install62.txt">nul && echo. Norton 360>>prelimviruscheck.txt
FIND /V /I "Norton 360" "install62.txt" >install63.txt
FIND /I "TrustPort Antivirus" "install63.txt" >>prelimviruscheck.txt
FIND /V /I "TrustPort Antivirus" "install63.txt" >install64.txt
FIND /V /I "malw" "install64.txt" >install65.txt
FIND /V /I "virustotal" "install65.txt" >install66.txt
FIND /V /I "Comodo Memory Firewall" "install66.txt" >install67.txt
FIND /I "DriveSentry" "install67.txt" >>prelimviruscheck.txt
FIND /V /I "TrendProtect" "install67.txt" >install68.txt
FIND /V /I "SiteAdvisor" "install68.txt" >install69.txt
FIND /V /I "RegScanner" "install69.txt" >install70.txt
FIND /I "Outpost Firewall 2009" "install70.txt" >>prelimviruscheck.txt
FIND /V /I "Outpost Firewall 2009" "install70.txt" >install71.txt
echo.>hklmrun.txt
@"%cd%\other\SWreg.exe" query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run">>hklmrun.txt
@FIND /I "iolo AntiVirus" "hklmrun.txt">nul && echo. iolo Antivirus>>prelimviruscheck.txt
@FIND /I "iolo Personal Firewall" "hklmrun.txt">nul && echo. iolo Personal Firewall>>prelimviruscheck.txt
@FOR /F "eol=- tokens=1-5* delims= " %%a in (prelimviruscheck.txt) do @echo. %%a %%b %%c %%d %%e %%f>>prelimcheckup.txt
FIND /I "virus" "install71.txt" >>prelimviruscheck2.txt
FIND /V /I "virus" "install71.txt" >install72.txt
FIND /I "firewall" "install72.txt" >>prelimviruscheck2.txt
FIND /V /I "firewall" "install72.txt" >install73.txt
FIND /I "squared" "install73.txt" >>prelimviruscheck2.txt
FIND /I "DefenseWall" "install73.txt" >>prelimviruscheck2.txt
FIND /I "etrust" "install73.txt" >>prelimviruscheck2.txt
FIND /I "armor" "install73.txt" >>prelimviruscheck2.txt
FIND /I "McAfee" "install73.txt" >>prelimviruscheck2.txt
FIND /I "ZoneAlarm" "install73.txt" >>prelimviruscheck2.txt
FIND /I "bullguard" "install73.txt" >>prelimviruscheck2.txt
FIND /I "trend" "install73.txt" >>prelimviruscheck2.txt
FIND /I "prevx" "install73.txt" >>prelimviruscheck2.txt
FIND /I "outpost" "install73.txt" >>prelimviruscheck2.txt
FIND /I "AT^&T Internet Security" "install73.txt" >>prelimviruscheck2.txt
FIND /I "iolo" "install73.txt" >>prelimviruscheck2.txt
FIND /I "Microsoft Security Essentials" "install73.txt" >>prelimviruscheck2.txt
@FOR /F "eol=- tokens=1-5* delims= " %%4 in (prelimviruscheck2.txt) do @echo. %%4 %%5 %%6 %%7 %%8 %%9>>prelimcheckup.txt
goto autoupdate
:scenter
find /i "Windows XP" "prelimcheckup.txt">nul && goto XPWMI
@wmic /namespace:\\root\SecurityCenter2 PATH AntivirusProduct GET displayname >AVDisplayName.txt
type AVDisplayName.txt | findstr /v displayName >>prelimcheckup.txt
@wmic /namespace:\\root\securitycenter2 PATH antivirusproduct GET productstate >AVstate.txt
find /i "397312" AVstate.txt>nul && set updatestatus=Antivirus up to date!
find /i "393216" AVstate.txt>nul && set scanstatus=(On Access scanning *disabled*!)
find /i "266240" AVstate.txt>nul && set updatestatus=Antivirus up to date!
find /i "270336" AVstate.txt>nul && set updatestatus=*Antivirus out of date!*
find /i "266256" AVstate.txt>nul && set updatestatus=*Antivirus out of date!*
find /i "262144" AVstate.txt>nul && set updatestatus=Antivirus up to date! 
find /i "262144" AVstate.txt>nul && set scanstatus=(On Access scanning *disabled*!)
find /i "262160" AVstate.txt>nul && set updatestatus=*Antivirus out of date!*
find /i "262160" AVstate.txt>nul && set scanstatus=(On Access scanning *disabled*!)
find /i "266240" AVstate.txt>nul && set updatestatus=Antivirus up to date! 
goto wmifinish
:XPWMI
@wmic /namespace:\\root\SecurityCenter PATH AntivirusProduct GET displayname >AVDisplayName.txt
"%cd%\Other\nircmdc.exe" wait 500
type AVDisplayName.txt | findstr /v displayName >>prelimcheckup.txt
@wmic /namespace:\\root\SecurityCenter PATH AntivirusProduct GET productUptoDate >AVupdatestatus.txt
"%cd%\Other\nircmdc.exe" wait 500
@wmic /namespace:\\root\securitycenter PATH antivirusproduct GET onaccessscanningenabled>AVscanstatus.txt
"%cd%\Other\nircmdc.exe" wait 500
if not exist AVupdatestatus.txt echo. *WMIC error!*>>prelimcheckup.txt && goto preantispy 
if not exist AVscanstatus.txt echo. *WMIC error!*>>prelimcheckup.txt && goto preantispy
@Find /I "true" AVupdatestatus.txt>nul && set updatestatus=Antivirus up to date!
@Find /I "false" AVupdatestatus.txt>nul && set updatestatus=*Antivirus out of date!*
@find /i "false" AVscanstatus.txt>nul && set scanstatus=(On Access scanning *disabled*!)
:wmifinish
if "%updatestatus% %scanstatus%"==" " (
echo. WMI entry may not exist for antivirus; attempting automatic update.>>prelimcheckup.txt
) && (
goto autoupdate
)
echo. %updatestatus% %scanstatus%>>prelimcheckup.txt
@find /i "date" prelimcheckup.txt>nul || @echo. Error obtaining update status for antivirus! >>prelimcheckup.txt
goto preantispy
:autoupdate
cls
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo. Attempting to update antivirus.
cls
if exist "%programfiles%\Avira\AntiVir Desktop\update.exe" (
"%programfiles%\Avira\AntiVir Desktop\update.exe"
) && (
echo. Avira successfully updated!>>prelimcheckup.txt
"%cd%\Other\nircmdc.exe" wait 500
)
if exist "%programfiles%\AVAST Software\Avast\ashUpd.exe" (
"%programfiles%\AVAST Software\Avast\ashUpd.exe"
) && (
echo. avast! successfully updated!>>prelimcheckup.txt
"%cd%\Other\nircmdc.exe" wait 500
)
if exist "%programfiles%\Microsoft Security Essentials\MpCmdRun.exe" (
"%programfiles%\Microsoft Security Essentials\MpCmdRun.exe" /SignatureUpdate
) && (
echo. Microsoft Security Essentials successfully updated!>>prelimcheckup.txt
"%cd%\Other\nircmdc.exe" wait 500
)
if exist "%programfiles%\AVG\AVG2012\avgmfapx.exe" (
"%programfiles%\AVG\AVG2012\avgmfapx.exe" /update
) && (
echo. AVG2012 successfully updated!>>prelimcheckup.txt
"%cd%\Other\nircmdc.exe" wait 500
)
echo.
reantispy
cls
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo. ``Antivirus/Firewall Check Done!``
:antispy
echo.*`````````Anti-malware/Other Utilities Check:`````````*>>prelimcheckup.txt
FIND /I "spy" "install.txt" >prelimspycheck.txt
FIND /I "Destroy 1.3" "prelimspycheck.txt">nul && echo. *Out of date Spybot installed!*>>prelimcheckup.txt
FIND /I "Destroy 1.4" "prelimspycheck.txt">nul && echo. *Out of date Spybot installed!*>>prelimcheckup.txt
FIND /I "Destroy 1.5" "prelimspycheck.txt">nul && echo. *Out of date Spybot installed!*>>prelimcheckup.txt
FIND /I "Windows Defender" "install.txt" >>prelimspycheck.txt
FIND /I "ad-aware" "install.txt" >nul && echo. Ad-Aware>>prelimcheckup.txt
FIND /I "WinPatrol" "install.txt" >nul && echo. WinPatrol>>prelimcheckup.txt
FIND /I "WinPatrol 2011" "install.txt" >nul && echo. WinPatrol 2011 *(Outdated! Latest version is WinPatrol 2012)*>>prelimcheckup.txt
FIND /I "WinPatrol 2009" "install.txt">nul && echo. WinPatrol 2009 *(Outdated! Latest version is WinPatrol 2012)*>>prelimcheckup.txt
FIND /I "WinPatrol 2008" "install.txt">nul && echo. WinPatrol 2008 *(Outdated! Latest version is WinPatrol 2012)*>>prelimcheckup.txt
FIND /I "WinPatrol 2007" "install.txt" >nul && echo. WinPatrol 2007 *(Outdated! Latest version is WinPatrol 2012)*>>prelimcheckup.txt
FIND /I "trendprotect" "install.txt" >>prelimspycheck.txt
FIND /I "ThreatFire" "install.txt" >>prelimspycheck.txt
FIND /I "Mamutu" "install.txt" >>prelimspycheck.txt
FIND /I "web of trust" "install.txt" >>prelimspycheck.txt
FIND /I "Finjan" "install.txt" >>prelimspycheck.txt
FIND /I "siteadvisor" "install.txt" >>prelimspycheck.txt
@FIND /I "RegProt" "hklmrun.txt">nul && echo. DiamondCS RegProt>>prelimspycheck.txt
FIND /I "Norton Ghost" "install.txt" >>prelimspycheck.txt
if exist "%systemdrive%\IE-SPYAD" @echo. IE SpyAd >>prelimspycheck.txt
FIND /I "Secunia" "install.txt" >>prelimspycheck.txt
@COPY /Y "%SystemRoot%\system32\drivers\etc\HOSTS" "hostcopy.txt" >nul
FIND /I "MVPS" "hostcopy.txt" >>nul && echo. MVPS Hosts File >>prelimcheckup.txt
FIND /I "BOClean" "install.txt" >>prelimspycheck.txt
FIND /I "hosts" "install.txt" >>prelimspycheck.txt
FIND /I "virustotal" "install.txt" >>prelimspycheck.txt
FIND /I "Key Scrambler" "install.txt" >>prelimspycheck.txt
FIND /I "WindowsCare" "install.txt" >>prelimspycheck.txt
if exist "%windir%\gmer.exe" @echo. Gmer >>prelimspycheck.txt
FIND /I "RegSupreme" "install.txt" >>prelimspycheck.txt
FIND /I "Trojan Remover" "install.txt" >>prelimspycheck.txt
FIND /I "Free Internet Window Washer" "install.txt" >>prelimspycheck.txt
if exist "%userprofile%\Desktop\cwshredder.exe" @echo. CWShredder >>prelimspycheck.txt
FIND /I "rootkit" "install.txt" >>prelimspycheck.txt
FIND /I "Zemana" "install.txt" >>prelimspycheck.txt
FIND /I "Malwarebytes Anti-Malware" "install.txt" >>prelimspycheck.txt
FIND /I "HijackThis 1.99.1" "install.txt" >>prelimspycheck.txt && echo. *Out of date HijackThis installed!*>>prelimcheckup.txt
FIND /I "HijackThis 2.0.2" "install.txt" >>prelimspycheck.txt && echo. *Out of date HijackThis installed!*>>prelimcheckup.txt
FIND /I "HijackThis 2.0.3" "install.txt" >>prelimspycheck.txt && echo. *Out of date HijackThis installed!*>>prelimcheckup.txt
FIND /I "HijackThis 2.0.4" "install.txt" >>prelimspycheck.txt && echo. *Out of date HijackThis installed!*>>prelimcheckup.txt
FIND /I "HijackThis 2.0.5" "install.txt" >>prelimspycheck.txt
FIND /I "runscanner" "install.txt" >>prelimspycheck.txt
FIND /I "tuneup" "install.txt" >>prelimspycheck.txt
FIND /I "Comodo Memory Firewall" "install.txt" >>prelimspycheck.txt
FIND /I "cleaner" "install.txt" >>prelimspycheck.txt
FIND /I "RegScanner" "install.txt" >>prelimspycheck.txt
FIND /I "DriveSentry" "install.txt" >>prelimspycheck.txt
FIND /V "SpywareBlaster" "prelimspycheck.txt" >prelimspycheck2.txt
FIND /I "SpywareBlaster 4.1" "prelimspycheck2.txt">nul && echo SpywareBlaster 4.1 *Out of Date!*>>prelimspycheck.txt
FIND /I "SpywareBlaster 4.2" "prelimspycheck2.txt">nul && echo SpywareBlaster 4.2 *Out of Date!*>>prelimspycheck.txt
FIND /I "SpywareBlaster 4.3" "prelimspycheck2.txt">nul && echo SpywareBlaster 4.3 *Out of Date!*>>prelimspycheck.txt
FIND /I "SpywareBlaster 4.4" "prelimspycheck2.txt">nul && echo SpywareBlaster 4.4 *Out of Date!*>>prelimspycheck.txt
FIND /I "SpywareBlaster 4.5" "prelimspycheck2.txt">nul && echo SpywareBlaster 4.5 *Out of Date!*>>prelimspycheck.txt
FIND /I "SpywareBlaster 4.6" "prelimspycheck2.txt" >>prelimspycheck2.txt
:java
@FIND /I "Java" "install.txt" >>prelimspycheck.txt || goto javanext
@FIND /I "Java 7 Update 21" "prelimspycheck.txt" >nul || echo. *Java version out of Date!*>>prelimspycheck.txt
:javanext
@FOR /F "eol=- tokens=1-4* delims= " %%j in (prelimspycheck.txt) do @echo. %%j %%k %%l %%m %%n>>prelimcheckup.txt
@FIND /I "Adobe Flash" install.txt>flashcheck.txt
@FIND /I "Adobe Flash Player 6" "install.txt" >nul && echo. Adobe Flash Player 6 *Flash Player out of Date!*>>prelimcheckup.txt
@FIND /I "Adobe Flash Player 7" "install.txt" >nul && echo. Adobe Flash Player 7 *Flash Player out of Date!*>>prelimcheckup.txt
@FIND /I "Adobe Flash Player 8" "install.txt" >nul && echo. Adobe Flash Player 8 *Flash Player out of Date!*>>prelimcheckup.txt
@FIND /I "Adobe Flash Player 9" "install.txt" >nul && echo. Adobe Flash Player 9 *Flash Player out of Date!*>>prelimcheckup.txt
@FIND /I "Adobe Flash Player 10" "install.txt" >nul && echo. Adobe Flash Player 10 *Flash Player out of Date!*>>prelimcheckup.txt
:flashnext
if exist "%windir%\sysnative\cmd.exe" (
"%windir%\sysnative\cmd.exe" /c flashx64.bat
) else (
cmd.exe /c flashx64.bat
)

:readernext
FIND /I "Adobe Reader" install.txt>nul || goto adobenext
FIND /I "Adobe Reader" install.txt>rc2.txt
FIND /V /I "Spelling" rc2.txt>rc3.txt
FIND /I "XI" rc3.txt>nul || set readercheck=*Adobe Reader out of Date!*
FIND /I "Adobe Reader 5" "install.txt" >nul && echo. Adobe Reader 5 %readercheck%>>prelimcheckup.txt
FIND /I "Adobe Reader 6" "install.txt" >nul && echo. Adobe Reader 6 %readercheck%>>prelimcheckup.txt
FIND /I "Adobe Reader 7" "install.txt" >nul && echo. Adobe Reader 7 %readercheck%>>prelimcheckup.txt
FIND /I "Adobe Reader 8" "install.txt" >nul && echo. Adobe Reader 8 %readercheck%>>prelimcheckup.txt
FIND /I "Adobe Reader 9" "install.txt" >nul && echo. Adobe Reader 9 %readercheck%>>prelimcheckup.txt
FIND /I "Adobe Reader XI" "rc2.txt">nul && echo. Adobe Reader XI>>prelimcheckup.txt && goto adobenext
for /f "tokens=1-3 delims=( eol=-" %%a in (rc3.txt) do echo.%%b>rc4.txt
for /f "tokens=1 delims=) eol=-" %%a in (rc4.txt) do echo.%%a>rc5.txt
for /f "tokens=1-4 delims=. eol=-" %%a in (rc5.txt) do (
if "%%a" lss "11" echo. Adobe Reader %%a.%%b.%%c^ *Adobe Reader out of Date!*>>prelimcheckup.txt && goto adobenext
echo. Adobe Reader XI (%%a.%%b.%%c^)>>prelimcheckup.txt
)
:adobenext
@find /i "Firefox" "install.txt">ff2.txt
@for /f "tokens=1-3 eol=W delims= " %%a in (ff2.txt) do echo.%%c>ff3.txt
@for /f "tokens=1-3 delims=. eol=-" %%a in (ff3.txt) do if "%%c"=="" goto FFskip2
@for /f "tokens=1-3 delims=. eol=-" %%a in (ff3.txt) do (
if "%%a" lss "20" echo. Mozilla Firefox %%a.%%b.%%c^ *Firefox out of Date!*>>prelimcheckup.txt && goto ffnext
echo. Mozilla Firefox (%%a.%%b.%%c^)>>prelimcheckup.txt
)
)
goto ffnext
:FFskip2
@for /f "tokens=1-3 delims=. eol=-" %%a in (ff3.txt) do (
if /i %%a lss 13 echo. Mozilla Firefox %%a.%%b^ *Firefox out of Date!*>>prelimcheckup.txt && goto ffnext
echo. Mozilla Firefox (%%a.%%b^)>>prelimcheckup.txt
)
:ffnext
find /i "Thunderbird" "install.txt">tb2.txt
for /f "tokens=1-5 eol=- delims= " %%a in (tb2.txt) do echo.%%c>tb3.txt
for /f "tokens=1-3 delims=. eol=-" %%a in (tb3.txt) do (
if /i "%%a" lss "17" echo. Mozilla Thunderbird %%a.%%b.%%c^ *Thunderbird out of Date!*>>prelimcheckup.txt && goto tbnext
echo. Mozilla Thunderbird (%%a.%%b.%%c^)>>prelimcheckup.txt
)
:tbnext
if exist "%userprofile%\appdata\local\google\chrome\application" dir /b "%userprofile%\appdata\local\google\chrome\application">chrome.txt
if exist "%programfiles%\Google\Chrome\Application" dir /b "%programfiles%\Google\Chrome\Application">chrome.txt
if exist "%systemdrive%\program files (x86)\Google\Chrome\Application" dir /b "%systemdrive%\program files (x86)\Google\Chrome\Application">chrome.txt
if not exist chrome.txt goto chromenext
find /i /v "wow" chrome.txt>chrome2.txt
find /i /v "master" chrome2.txt>chrome3.txt
find /i /v "dictionaries" chrome3.txt>chrome4.txt
find /i /v "chrome" chrome4.txt>chrome5.txt
find /i /v "first" chrome5.txt>chrome6.txt
find /i /v "debug" chrome6.txt>chrome7.txt
for /f "tokens=1-5* eol=- delims=." %%a in (chrome7.txt) do (
if /i %%a lss 19 (
set "chromestatus=*[/color]Out of date!*[/color]"
)
echo. Google Chrome %%a.%%b.%%c.%%d %chromestatus%>>prelimcheckup.txt
)
:chromenext
cls
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo. ``Anti-malware/Other utilities Check Done!``
rocesscheck
echo.
echo.*````````Process Check: objlist.exe by Laurent````````* >>prelimcheckup.txt
Find /I "ccSvcHst.exe" "process.txt" >nul && echo. Norton ccSvcHst.exe>>prelimcheckup.txt
Find /V /I "ccSvcHst.exe" "process.txt">process2.txt
if exist "%windir%\sysnative\cmd.exe" (
"%windir%\sysnative\cmd.exe" /c MSEx64.bat
) else (
cmd.exe /c MSEx64.bat
)
FIND /I "msseces.exe" "process2.txt" >nul && echo. Microsoft Security Essentials msseces.exe>>prelimcheckup.txt
Find /I "MsMpEng.exe" "process2.txt" >nul && echo. Windows Defender MSMpEng.exe>>prelimcheckup.txt
Find /I "MSASCui.exe" "process2.txt">nul && echo. Windows Defender MSASCui.exe>>prelimcheckup.txt
Find /I "AAWService.exe" "process2.txt">nul && echo. Ad-Aware AAWService.exe>>prelimcheckup.txt
Find /I "AAWTray.exe" "process2.txt">nul && echo. Ad-Aware AAWTray.exe>>prelimcheckup.txt
Find /I "Ad-Aware" "install.txt">nul || goto adawareskip
Find /I "AAWService.exe" "prelimcheckup.txt">nul || echo. *Ad-Aware AAWService.exe is disabled!*>>prelimcheckup.txt
Find /I "AAWTray.exe" "prelimcheckup.txt">nul || echo. *Ad-Aware AAWTray.exe is disabled!*>>prelimcheckup.txt
:adawareskip
Find /I "winpatrol.exe" "process2.txt">nul && echo. WinPatrol winpatrol.exe>>prelimcheckup.txt
Find /I "WinPatrol" "install.txt">nul || goto winpatrolskip
Find /I "winpatrol.exe" "prelimcheckup.txt">nul || echo. *WinPatrol winpatrol.exe is disabled!*>>prelimcheckup.txt
:winpatrolskip
FIND /I "egui.exe" "process2.txt">nul && echo. ESET NOD32 Antivirus egui.exe >>prelimcheckup.txt
FIND /V /I "egui.exe" "process2.txt">process4.txt
FIND /I "ekrn.exe" "process4.txt">nul && echo. ESET NOD32 Antivirus ekrn.exe >>prelimcheckup.txt
FIND /V /I "ekrn.exe" "process4.txt">process5.txt
FIND /I "MBAMservice" "process5.txt" >nul && echo. Malwarebytes Anti-Malware mbamservice.exe >>prelimcheckup.txt
FIND /V /I "MBAMservice" "process5.txt">process6.txt
FIND /I "MBAMgui" "process6.txt" >nul && echo. Malwarebytes Anti-Malware mbamgui.exe >>prelimcheckup.txt
FIND /V /I "MBAMgui" "process6.txt">process7.txt
FIND /I "mbam.exe" "process7.txt" >nul && echo. Malwarebytes Anti-Malware mbam.exe >>prelimcheckup.txt
FIND /V /I "mbam.exe" "process7.txt">process8.txt
FIND /I "Spybot" "process8.txt" >>prelimproccheck.txt && @FIND /I "teatimer" "prelimproccheck.txt">nul || echo. *Spybot Teatimer.exe is disabled!*>>prelimcheckup.txt
Find /I "Spybot" "install.txt">nul || goto spybotskip
"%cd%\other\SWreg.exe" query "HKLM\software\microsoft\windows\currentversion\explorer\browser helper objects">BHO.txt
find /I "53707962-6F74-2D53-2644-206D7942484F" BHO.txt>nul && echo Spybot SDHelper Enabled>>prelimproccheck.txt
find /I "53707962-6F74-2D53-2644-206D7942484F" BHO.txt>nul || echo *Spybot SDHelper is disabled!*>>prelimproccheck.txt
:spybotskip
FIND /I "avgwdsvc.exe" "process8.txt">nul && echo. AVG avgwdsvc.exe>>prelimcheckup.txt
FIND /V /I "avgwdsvc.exe" "process8.txt">process9.txt
FIND /I "avgtray.exe" "process9.txt">nul && echo. AVG avgtray.exe>>prelimcheckup.txt
FIND /V /I "avgtray.exe" "process9.txt">process10.txt
FIND /I "avgrsx.exe" "process10.txt">nul && echo. AVG avgrsx.exe>>prelimcheckup.txt
FIND /V /I "avgrsx.exe" "process10.txt">process11.txt
FIND /I "avgnsx.exe" "process11.txt">nul && echo. AVG avgnsx.exe>>prelimcheckup.txt
FIND /V /I "avgnsx.exe" "process11.txt">process12.txt
FIND /I "avgemc.exe" "process12.txt">nul && echo. AVG avgemc.exe>>prelimcheckup.txt
FIND /V /I "avgemc.exe" "process12.txt">process13.txt
FIND /I "avgcsrvx.exe" "process13.txt">nul && echo. AVG avgemc.exe>>prelimcheckup.txt
FIND /V /I "avgcsrvx.exe" "process13.txt">process14.txt
FIND /I "avgnt.exe" "process14.txt">nul && echo. Avira Antivir avgnt.exe>>prelimcheckup.txt
FIND /V /I "avgnt.exe" "process14.txt">process15.txt
FIND /I "avguard.exe" "process15.txt">nul && echo. Avira Antivir avguard.exe>>prelimcheckup.txt
FIND /V /I "avguard.exe" "process15.txt">process16.txt
FIND /I "persfw.exe" "process16.txt">nul && echo. Kerio Personal Firewall persfw.exe *End of life!* >>prelimcheckup.txt
FIND /V /I "persfw.exe" "process16.txt">process17.txt
FIND /I "OAcat.exe" "process17.txt">nul && echo. Tall Emu Online Armor OAcat.exe>>prelimcheckup.txt
FIND /V /I "OAcat.exe" "process17.txt">process18.txt
FIND /I "oasrv.exe" "process18.txt">nul && echo. Tall Emu Online Armor oasrv.exe>>prelimcheckup.txt
FIND /V /I "oasrv.exe" "process18.txt">process19.txt
FIND /I "oaui.exe" "process19.txt">nul && echo. Tall Emu Online Armor oaui.exe>>prelimcheckup.txt
FIND /V /I "oaui.exe" "process19.txt">process20.txt
FIND /I "OAhlp.exe" "process20.txt">nul && echo. Tall Emu Online Armor OAhlp.exe>>prelimcheckup.txt
FIND /V /I "OAhlp.exe" "process20.txt">process21.txt
FIND /I "pccntmon.exe" "process21.txt">nul && echo. Trend Micro OfficeScan Client pccntmon.exe>>prelimcheckup.txt
FIND /V /I "pccntmon.exe" "process21.txt">process22.txt
FIND /I "aswUpdSv.exe" "process22.txt">nul && echo. Alwil Software Avast4 aswUpdSv.exe>>prelimcheckup.txt
FIND /V /I "aswUpdSv.exe" "process22.txt">process23.txt
FIND /I "ashServ.exe" "process23.txt">nul && echo. Alwil Software Avast4 ashServ.exe>>prelimcheckup.txt
FIND /V /I "ashServ.exe" "process23.txt">process24.txt
FIND /I "ashDisp.exe" "process24.txt">nul && echo. Alwil Software Avast4 ashDisp.exe>>prelimcheckup.txt
FIND /V /I "ashDisp.exe" "process24.txt">process25.txt
FIND /I "ashMaiSv.exe" "process25.txt">nul && echo. Alwil Software Avast4 ashMaiSv.exe>>prelimcheckup.txt
FIND /V /I "ashMaiSv.exe" "process25.txt">process26.txt
FIND /I "ashWebSv.exe" "process26.txt">nul && echo. Alwil Software Avast4 ashWebSv.exe>>prelimcheckup.txt
FIND /V /I "ashWebSv.exe" "process26.txt">process27.txt
FIND /I "TFTray.exe" "process27.txt">nul && echo. ThreatFire TFTray.exe>>prelimcheckup.txt
FIND /V /I "TFTray.exe" "process27.txt">process28.txt
FIND /I "TFService.exe" "process28.txt">nul && echo. ThreatFire TFService.exe>>prelimcheckup.txt
FIND /V /I "TFService.exe" "process28.txt">process29.txt
FIND /I "SbPFLnch.exe" "process29.txt">nul && echo. Sunbelt Software Personal Firewall SbPFLnch.exe *End of life!* >>prelimcheckup.txt
FIND /V /I "SbPFLnch.exe" "process29.txt">process30.txt
FIND /I "SbPFSvc.exe" "process30.txt">nul && echo. Sunbelt Software Personal Firewall SbPFSvc.exe *End of life!* >>prelimcheckup.txt
FIND /V /I "SbPFSvc.exe" "process30.txt">process31.txt
FIND /I "SbPFCl.exe" "process31.txt">nul && echo. Sunbelt Software Personal Firewall SbPFCl.exe *End of life!* >>prelimcheckup.txt
FIND /V /I "SbPFCl.exe" "process31.txt">process32.txt
FIND /I "cmdagent.exe" "process32.txt">nul && echo. Comodo Firewall cmdagent.exe>>prelimcheckup.txt
FIND /V /I "cmdagent.exe" "process32.txt">process33.txt
FIND /I "cfp.exe" "process33.txt">nul && echo. Comodo Firewall cfp.exe>>prelimcheckup.txt
FIND /V /I "cfp.exe" "process33.txt">process34.txt
FIND /I "PF6.exe" "process34.txt">nul && echo. Privatefirewall 6.1 PF6.exe>>prelimcheckup.txt
FIND /V /I "PF6.exe" "process34.txt">process35.txt
FIND /I "pfsvc.exe" "process35.txt">nul && echo. Privatefirewall 6.1 pfsvc.exe >>prelimcheckup.txt
FIND /V /I "pfsvc.exe" "process35.txt">process36.txt
FIND /I "virus" "process36.txt" >prelimproccheck.txt
FIND /V /I "virus" "process36.txt" >process37.txt
FIND /I "ESET" "process37.txt" >>prelimproccheck.txt
FIND /V /I "ESET" "process37.txt" >process38.txt
FIND /I "mal" "process38.txt" >>prelimproccheck.txt
FIND /V /I "mal" "process38.txt" >process39.txt
FIND /I "firewall" "process39.txt" >>prelimproccheck.txt
FIND /V /I "firewall" "process39.txt" >process40.txt
FIND /I "defend" "process40.txt" >>prelimproccheck.txt
FIND /I "online" "process40.txt" >>prelimproccheck.txt
FIND /I "avast" "process40.txt" >>prelimproccheck.txt
FIND /I "Kaspersky" "process40.txt" >>prelimproccheck.txt
FIND /I "patrol" "process40.txt" >>prelimproccheck.txt
FIND /I "threat" "process40.txt" >>prelimproccheck.txt
FIND /I "ZoneAlarm" "process40.txt" >>prelimproccheck.txt
FIND /I "etrust" "process40.txt" >>prelimproccheck.txt
FIND /I "trend" "process40.txt" >>prelimproccheck.txt
FIND /I "iolo" "process40.txt" >>prelimproccheck.txt
@FOR /F "eol=- tokens=3-5* delims=\" %%w in (prelimproccheck.txt) do @echo. %%w %%x %%y %%z>>prelimcheckup.txt
FIND /V /I "horse" "prelimcheckup.txt" >"notcheckup.txt"
FIND /V /I "oblivion" "notcheckup.txt" >"notcheckup2.txt"
FIND /V /I "Uniblue" "notcheckup2.txt" >"notcheckup3.txt"
FIND /V /I "Fujitsu" "notcheckup3.txt" >"notcheckup4.txt"
FIND /V /I "CreativeSetup" "notcheckup4.txt" >"notcheckup5.txt"
FIND /V /I "Booster" "notcheckup5.txt" >"notcheckup6.txt"
FIND /V /I "scannercopy" "notcheckup6.txt" >"notcheckup7.txt"
FIND /V /I "Ghostscript" "notcheckup7.txt" >"notcheckup8.txt"
FIND /V /I "Microsoft Office" "notcheckup8.txt" >"notcheckup9.txt"
FIND /V /I "clock" "notcheckup9.txt" >"notcheckup10.txt"
FIND /V /I "gigalarm" "notcheckup10.txt" >"notcheckup11.txt"
FIND /V /I "Recorder" "notcheckup11.txt" >"notcheckup12.txt"
FIND /V /I "dell" "notcheckup12.txt" >"notcheckup13.txt"
FIND /V /I "GameSpy" "notcheckup13.txt" >"notcheckup14.txt"
FIND /V /I "Photo" "notcheckup14.txt" >"notcheckup15.txt"
FIND /V /I "UltraISO" "notcheckup15.txt" >"notcheckup16.txt"
FIND /V /I "Acer" "notcheckup16.txt" >"notcheckup17.txt"
FIND /V /I "TRENDnet" "notcheckup17.txt" >"notcheckup18.txt"
FIND /V /I "Nero" "notcheckup18.txt" >"notcheckup19.txt"
FIND /V /I "LinkScanner" "notcheckup19.txt" >"notcheckup20.txt"
FIND /V /I "iesetup" "notcheckup20.txt" >"notcheckup21.txt"
FIND /V /I "Course" "notcheckup21.txt" >"notcheckup22.txt"
FIND /V /I "Picture" "notcheckup22.txt" >"notcheckup23.txt"
FIND /V /I "CS4" "notcheckup23.txt" >"notcheckup24.txt"
FIND /V /I "OneCare Safety Scanner" "notcheckup24.txt" >"notcheckup25.txt"
FIND /V /I "Java Auto Updater" "notcheckup25.txt" >"notcheckup26.txt"
FIND /V /I "Mansion" "notcheckup26.txt" >"notcheckup27.txt"
FIND /V /I "Sitemap" "notcheckup27.txt" >"notcheckup28.txt"
FIND /V /I "VisualElementsManifest" "notcheckup28.txt" >"notcheckup29.txt"
@FOR /F "eol=- tokens=* delims=" %%t in (notcheckup29.txt) do @echo %%t >>prelimcheckup2.txt
cls
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo. ``Process Check Done!``
cls
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo. ``Performing System Health Check``
echo.*`````````````````System Health check`````````````````* >>prelimcheckup2.txt
:FRAGMENTATIONCHECK
if exist "%systemdrive%\program files (x86)" goto x64defrag
find /I "Windows 7" prelimcheckup2.txt>nul && goto defrag7x86
find /I "Windows Vista" prelimcheckup2.txt>nul && goto defragVistax86
:defragXPx86
@Defrag.exe %systemdrive% /a >defragcheck.txt
find /I "Total" defragcheck.txt>defragcheck2.txt
@For /f "eol=- tokens=1-8* delims= " %%a in (defragcheck2.txt) do echo.%%h>defragcheck3.txt && set fragmentation=%%h
@For /f "eol=- tokens=1-2 delims=%%" %%a in (defragcheck3.txt) do echo.%%a>defragcheck4.txt
@For /f "eol=- tokens=*"if %%a in (defragcheck4.txt) do if %%a gtr 10 set fragstatus=*Defragment your hard drive soon^! (Do NOT defrag if SSD^!)*
echo. Total Fragmentation on Drive %systemdrive%: %fragmentation% %fragstatus%>>prelimcheckup2.txt
)
goto checkupopen
:defragVistax86
@Defrag.exe %systemdrive% /a >defragcheck.txt
find /I "Percent file fragmentation" defragcheck.txt>defragcheck2.txt
@For /f "eol=- tokens=1-8* delims= " %%a in (defragcheck2.txt) do echo.%%e>defragcheck3.txt && set fragmentation=%%e
@For /f "eol=- tokens=1-2* delims=%%" %%a in (defragcheck3.txt) do echo.%%a>defragcheck4.txt
@For /f "eol=- tokens=*" %%a in (defragcheck4.txt) do if %%a gtr 10 set fragstatus=*Defragment your hard drive soon^! (Do NOT defrag if SSD^!)*
echo. Total Fragmentation on Drive %systemdrive% %fragmentation% ^%% %fragstatus%>>prelimcheckup2.txt
)
goto checkupopen
:defrag7x86
@Defrag.exe %systemdrive% /a >defragcheck.txt
find /I "Total fragmented space" defragcheck.txt>defragcheck2.txt
@For /f "eol=- tokens=1-8* delims= " %%a in (defragcheck2.txt) do echo.%%e>defragcheck3.txt && set fragmentation=%%e
@For /f "eol=- tokens=1-2* delims=%%" %%a in (defragcheck3.txt) do echo.%%a>defragcheck4.txt
@For /f "eol=- tokens=*" %%a in (defragcheck4.txt) do if %%a gtr 10 set fragstatus=*Defragment your hard drive soon^! (Do NOT defrag if SSD^!)*
echo. Total Fragmentation on Drive %systemdrive% %fragmentation% %fragstatus%>>prelimcheckup2.txt
)
goto checkupopen
:x64defrag
find /I "Windows 7" prelimcheckup2.txt>nul && goto defrag7x64
:defragVistax64
"%windir%\sysnative\Defrag.exe" %systemdrive% /a >defragcheck.txt
find /I "Percent file fragmentation" defragcheck.txt>defragcheck2.txt
@For /f "eol=- tokens=1-8* delims= " %%a in (defragcheck2.txt) do echo.%%e>defragcheck3.txt && set fragmentation=%%e
@For /f "eol=- tokens=1-2* delims=%%" %%a in (defragcheck3.txt) do echo.%%a>defragcheck4.txt
@For /f "eol=- tokens=*" %%a in (defragcheck4.txt) do if %%a gtr 10 set fragstatus=*Defragment your hard drive soon^! (Do NOT defrag if SSD^!)*
echo. Total Fragmentation on Drive %systemdrive% %fragmentation% ^%% %fragstatus%>>prelimcheckup2.txt
)
goto checkupopen
:defrag7x64
"%windir%\sysnative\Defrag.exe" %systemdrive% /a >defragcheck.txt
find /I "Total" defragcheck.txt>defragcheck2.txt
@For /f "eol=- tokens=1-8* delims= " %%a in (defragcheck2.txt) do echo.%%e>defragcheck3.txt && set fragmentation=%%e
@For /f "eol=- tokens=1-2* delims=%%" %%a in (defragcheck3.txt) do echo.%%a>defragcheck4.txt
@For /f "eol=- tokens=*" %%a in (defragcheck4.txt) do if %%a gtr 10 set fragstatus=*Defragment your hard drive soon^! (Do NOT defrag if SSD^!)*
echo. Total Fragmentation on Drive %systemdrive% %fragmentation% %fragstatus%>>prelimcheckup2.txt
)

:checkupopen
@echo.
cls
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo. Results have been copied to checkup.txt, which should open... now!
echo.*````````````````````End of Log``````````````````````* >>prelimcheckup2.txt
"%cd%\Other\sed.exe" "$!N;/^\(.*\)\n\1$/!P;D" prelimcheckup2.txt>prelimcheckup3.txt
"%cd%\Other\sed.exe" -n "G; s/\n/&&/; /^\([ -~]*\n\).*\n\1/d; s/\n//; h; P" prelimcheckup3.txt>checkup.txt
reend
if exist "%programfiles%\Notepad++\notepad++.exe" (
"%programfiles%\Notepad++\notepad++.exe" checkup.txt
) else (
NOTEPAD checkup.txt
)
:finalcleanup
@if exist "install.txt" del "*.txt"
:end


----------



## Mark1956 (May 7, 2011)

I am not sure what you have done with SecurityCheck but what you have posted looks like the code that makes it run. The scan result is normally only about 15 lines of text.

Please try and run it again. If you get the same result there is no need to post it, just tell me what happened.


----------



## jetsguy (Feb 27, 2011)

Reran securitycheck same result.


----------



## Mark1956 (May 7, 2011)

This is very strange, I have included a screen shot which shows the screen that should appear when you run the program and the icon that should be on your desktop, is this what you see?


----------



## jetsguy (Feb 27, 2011)

This is not what comes up when I click for it to install.What came up both times is what you see above.


----------



## Mark1956 (May 7, 2011)

So when you right click on the icon and select *Run as Administrator* what application does it open with, does it show *Notepad* at the top of the window or something else?


----------



## jetsguy (Feb 27, 2011)

That's exactly what it says when I click it comes up says run as administrator it opens at the top it says securitycheckbat notepad


----------



## Mark1956 (May 7, 2011)

Your file association for .bat files are set to open with Notepad. Please run a scan with this software which will reset the file association automatically, please post the log produced. When done, reboot and try Security Check again.

Please download RKill 
There are three buttons to choose from with different names on, select the first one and save it to your desktop.


Double-click on the *Rkill* desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and *Run As Administrator*.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
A log pops up at the end of the run. This log file is located at *C:\rkill.log*. Please post this in your next reply.
If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
If the tool does not run from any of the links provided, please let me know.


----------



## jetsguy (Feb 27, 2011)

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 04/30/2013 12:14:49 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Possibly Patched Files.
* C:\Windows\system32\lsass.exe
* C:\Windows\System32\spoolsv.exe
* C:\Windows\system32\conhost.exe
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\.exe\shell found and deleted!

Performing miscellaneous checks:
* Windows Defender Disabled
[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
Checking Windows Service Integrity: 
* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual
* FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]
Searching for Missing Digital Signatures: 
* C:\Windows\System32\browser.dll [NoSig]
+-> C:\Windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.16385_none_d4de1860b7af7c14\browser.dll : 136,192 : 07/13/2009 09:40 PM : 94fbc06f294d58d02361918418f996e3 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.17056_none_d4ff6bf4b79663c4\browser.dll : 136,704 : 07/04/2012 06:01 PM : 6b054c67aaa87843504e8e3c09102009 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.21256_none_d5890aa5d0b400b5\browser.dll : 136,704 : 07/04/2012 06:17 PM : 00a7a2067e9822e4626de846574ada80 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17514_none_d70f2c28b49dffae\browser.dll : 136,192 : 11/20/2010 06:25 AM : 8ef0d5c41ec907751b8429162b1239ed [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17887_none_d6c68344b4d406bf\browser.dll : 136,704 : 07/04/2012 06:13 PM : 05f5a0d14a2ee1d8255c2aa0e9e8e694 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.22044_none_d7783703cdd41e02\browser.dll : 136,704 : 07/04/2012 06:06 PM : 156768abae1daf29ba0b0c05c21fef09 [Pos Repl]
* C:\Windows\System32\conhost.exe [NoSig]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.16385_none_d050b8f81bcacc5a\conhost.exe : 338,432 : 07/13/2009 09:39 PM : f64e8258351e501aa065ac499530367c [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.16816_none_d09d72341b9113dd\conhost.exe : 338,944 : 05/14/2011 09:32 AM : 4e61a3edd4f8b6b8278c54e15a5eef34 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.16823_none_d08fa16a1b9be3c9\conhost.exe : 338,944 : 06/02/2011 09:35 AM : dd2ce830345301d6817b9c4646e90d15 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.16850_none_d06c30c81bb6eb97\conhost.exe : 338,432 : 07/16/2011 09:17 AM : f0d1646162fb07476cccf62edb034b8b [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.17107_none_d0a91e581b883ed3\conhost.exe : 338,432 : 08/18/2012 09:34 AM : 22ff251ae6a780960b02a6deadfea7fb [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.17135_none_d086ae001ba25ff8\conhost.exe : 338,432 : 10/04/2012 09:19 AM : a19acd209bc143f8a9cfbcefa3c564f5 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.17179_none_d05f6f781bbf3518\conhost.exe : 338,432 : 11/29/2012 10:33 PM : c6fef8c40d6f9a3766fdbe31cb3f6640 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.17206_none_d0a81ff41b8922a3\conhost.exe : 338,432 : 01/03/2013 10:19 PM : 7eb88f63d424832b774e24458dce2049 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.20978_none_d0e8300b34dd8dfb\conhost.exe : 338,944 : 06/03/2011 10:50 AM : 410d122273d8b4b6282d2b555ef064f7 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.20995_none_d0cf8f5534f079d8\conhost.exe : 338,432 : 06/24/2011 10:19 AM : fef07d3376cc5ee6198cc45537d35d5f [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.21306_none_d131bcbf34a6c26d\conhost.exe : 338,432 : 08/20/2012 02:59 PM : a3a90ff008b65074e98ef9db2bc7ab33 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.21335_none_d1104cb134bffce9\conhost.exe : 338,432 : 10/04/2012 02:19 AM : 92c2c613e1f5923ce592d095b6d03b3e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.21386_none_d0db3d5f34e7a1f5\conhost.exe : 338,432 : 11/29/2012 10:29 PM : c2cb0c2503732c0c7254f20bf1ed1e1d [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.21416_none_d126eeb934aedb85\conhost.exe : 338,432 : 01/04/2013 10:03 AM : 7924ffce41f37b8f3560bcd2b1319cc5 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17514_none_d281ccc018b94ff4\conhost.exe : 337,920 : 11/20/2010 10:24 AM : bd51024fb014064bc9fe8c715c18392f [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17617_none_d284cf8418b69920\conhost.exe : 338,432 : 05/14/2011 10:16 AM : 28b04ed2c7f75723b1b4fc490f8a20d4 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17625_none_d277ff0418c08263\conhost.exe : 338,944 : 06/03/2011 10:53 AM : 0781b335c421a785520037365897f1bf [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17641_none_d25e5e0418d454e9\conhost.exe : 338,432 : 06/24/2011 10:25 AM : 448bf22538f1dfcb3412ae2b1cf123a9 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17932_none_d26a33ec18cb49c4\conhost.exe : 338,432 : 08/20/2012 02:46 PM : 402b44b31c7183fcf2c4e1083af317fa [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17965_none_d24cc50618e0e99c\conhost.exe : 338,432 : 10/04/2012 02:21 AM : 3326166011c9bc13d6a8efd856e9921c [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.18015_none_d282acc418b89129\conhost.exe : 338,432 : 11/29/2012 10:23 PM : 1bcdb508143b517f21bbdac10f5777bf [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.21728_none_d3049cad31db6e32\conhost.exe : 338,432 : 05/14/2011 10:09 AM : 5b738b95803cf1fd00cd8c5477dfbeae [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.21738_none_d2f9ccc131e38a23\conhost.exe : 338,944 : 06/03/2011 10:52 AM : 13a1c354d7db71a4cd7da8eb4c760dae [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.21756_none_d2e22c5531f58f57\conhost.exe : 338,432 : 06/24/2011 10:18 AM : e86156efe7acd220dc5e705f1f735e05 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.22091_none_d2b1c721321aadf8\conhost.exe : 338,432 : 08/20/2012 02:20 PM : da688fe245286a540e394e315f19dae4 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.22125_none_d30179a331de4ce4\conhost.exe : 338,432 : 10/04/2012 02:18 AM : d1f53bedd4c2288af00142f74928ee0e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.22177_none_d2cd6a9b32050b47\conhost.exe : 338,432 : 11/30/2012 02:49 AM : b19b30e594ee374c69f71dad26198400 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.22209_none_d31b1c8931ca7785\conhost.exe : 338,432 : 01/03/2013 10:17 PM : a31ed9834a85e049585f95413a30c755 [Pos Repl]
* C:\Windows\System32\cryptsvc.dll [NoSig]
+-> C:\Windows\SysWOW64\cryptsvc.dll : 140,288 : 06/02/2012 00:36 AM : 96c0e38905cfd788313be8e11dae3f2f [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll : 175,104 : 07/13/2009 09:40 PM : 8c57411b66282c01533cb776f98ad384 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll : 182,272 : 04/24/2012 09:59 AM : f02786b66375292e58c8777082d4396d [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll : 182,272 : 06/02/2012 09:25 AM : baf19b633933a9fb4883d27d66c39e9a [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll : 183,808 : 04/24/2012 09:36 AM : ce8bf1423aee47da5275fbc8ad3bd642 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll : 183,808 : 06/02/2012 09:32 AM : 456107d69d4ee850a559434f19efee65 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll : 177,152 : 11/20/2010 09:25 AM : 15597883fbe9b056f276ada3ad87d9af [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll : 184,320 : 04/24/2012 09:37 AM : 4f5414602e2544a4554d95517948b705 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll : 184,320 : 06/02/2012 09:41 AM : 9c01375be382e834cc26d1b7eaf2c4fe [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll : 186,880 : 04/24/2012 09:22 AM : b7337e9c9e5936355bb700aa33e0936e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll : 186,880 : 06/04/2012 09:52 AM : 7e7d2dacf65d750d466f36bd3d09ae20 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll : 135,680 : 07/13/2009 09:15 PM : 9c231178ce4fb385f4b54b0a9080b8a4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll : 139,264 : 04/24/2012 09:47 AM : 520a108a2657f4bca7fced9ca7d885de [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll : 139,264 : 06/02/2012 09:45 AM : f2fde6c8dbaad44cc58d1e07e4af4eed [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll : 141,312 : 04/24/2012 09:33 AM : f522279b4717e2bff269c771fac2b78e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll : 141,312 : 06/02/2012 09:41 AM : ea8c26ecf1656d9647ef044f115ec6da [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll : 136,192 : 11/20/2010 09:18 AM : a585bebf7d054bd9618eda0922d5484a [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll : 140,288 : 04/24/2012 09:36 AM : 06e771aa596b8761107ab57e99f128d7 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll : 140,288 : 06/02/2012 09:36 AM : 96c0e38905cfd788313be8e11dae3f2f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll : 142,336 : 04/24/2012 09:28 AM : 21993009e0ccb9b4fa195f14d3408626 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll : 142,336 : 06/02/2012 09:52 AM : 063dd65889d21035311463337bd268e7 [Pos Repl]
* C:\Windows\System32\drivers\afd.sys [NoSig]
+-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_33dd3439781e25f7\afd.sys : 500,224 : 07/13/2009 07:21 PM : b9384e03479d2506bc924c16a3db87bc [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_3430bc3977dfec2d\afd.sys : 499,712 : 04/24/2011 10:44 PM : 6ef20ddf3172e97d69f596fb90602f29 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16937_none_34154fcd77f3bbda\afd.sys : 499,200 : 12/27/2011 10:59 PM : db9d6c6b2cd95a9ca414d045b627422e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_3483491e9126fe55\afd.sys : 499,712 : 04/24/2011 10:44 PM : fbff8b7c9d116229e9208a0d1caeb49b [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.21115_none_34b263fe91032456\afd.sys : 499,200 : 12/27/2011 11:01 PM : cca39961e76b491ddf44b1e90fc8971d [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys : 499,712 : 11/20/2010 11:23 AM : d31dc7a16dea4a9baf179f3d6fbdb38c [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys : 499,200 : 04/24/2011 10:34 PM : d5b031c308a409a0a576bff4cf083d30 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys : 498,688 : 12/27/2011 10:59 PM : 1c7857b62de5994a75b054a9fd4c3825 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys : 499,200 : 04/24/2011 11:09 PM : f4ad06143eac303f55d0e86c40802976 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys : 498,176 : 12/27/2011 11:01 PM : 36a14fd1a23f57046361733b792ca8db [Pos Repl]
* C:\Windows\System32\drivers\rdpwd.sys [NoSig]
+-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_a76a79eeeeb38f01\rdpwd.sys : 204,800 : 07/13/2009 08:16 PM : 8a3e6bea1c53ea6177fe2b6eba2c80d7 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16963_none_a77e2496eea5135b\rdpwd.sys : 204,800 : 02/14/2012 11:47 PM : 074ac702d8b8b660b0e1371555995386 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.17011_none_a7b20bc0ee7e883a\rdpwd.sys : 204,800 : 04/27/2012 11:50 PM : 447de7e3dea39d422c1504f245b668b1 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.21151_none_a81068dc07bc97c8\rdpwd.sys : 205,824 : 02/16/2012 11:50 PM : 747e7011b3f92a947f0509820508ceaf [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.21202_none_a8477aa807932291\rdpwd.sys : 205,824 : 04/28/2012 11:03 AM : 4ab6a3b0c3d94b0d3dbc1c2c847a02ef [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_a99b8db6eba2129b\rdpwd.sys : 210,944 : 11/20/2010 11:04 AM : 15b66c206b5cb095bab980553f38ed23 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17779_none_a95fb36cebce3342\rdpwd.sys : 210,944 : 02/16/2012 11:58 PM : 6d76e6433574b058adcb0c50df834492 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17830_none_a981f268ebb5dc96\rdpwd.sys : 210,944 : 04/27/2012 11:55 PM : e61608aa35e98999af9aaeeea6114b0a [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.21924_none_aa1a604804c7c5cb\rdpwd.sys : 210,944 : 02/16/2012 11:48 PM : 0b93aa14e7dcd85cc82bc7d7d1ca9b24 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.21982_none_a9d7802c04fa3ac3\rdpwd.sys : 210,944 : 04/27/2012 11:51 PM : 1fe9863c6c5cc71e8e7e70f9efbd30e1 [Pos Repl]
* C:\Windows\System32\drivers\rndismp.sys [NoSig]
+-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-miniport_31bf3856ad364e35_6.1.7600.16385_none_3d23a154a5966360\RNDISMP.sys : 41,472 : 07/13/2009 08:09 PM : fc6d5c50d846b795335deb3fce8b33f3 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-miniport_31bf3856ad364e35_6.1.7601.17887_none_3f0c0c38a2baee0b\RNDISMP.sys : 41,472 : 07/04/2012 04:26 PM : 0e01641d96889bdeb22de12d30575b08 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-miniport_31bf3856ad364e35_6.1.7601.22044_none_3fbdbff7bbbb054e\RNDISMP.sys : 41,472 : 07/04/2012 04:16 PM : fdd71f94cd5580e4c1d16f96ef6c2856 [Pos Repl]
* C:\Windows\System32\drivers\tdtcp.sys [NoSig]
+-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdtcp.sys : 23,552 : 07/13/2009 08:16 PM : e4245bda3190a582d55ed09e137401a9 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16963_none_37b4d3bb5e59cdd8\tdtcp.sys : 23,552 : 02/14/2012 11:46 PM : 7518f7bcfd4b308abc9192bacaf6c970 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.21151_none_3847180077715245\tdtcp.sys : 23,552 : 02/16/2012 11:49 PM : 16cb6a471a7fb48964aadb1356d80671 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17779_none_399662915b82edbf\tdtcp.sys : 23,552 : 02/16/2012 11:57 PM : 51c5eceb1cdee2468a1748be550cfbc8 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.21924_none_3a510f6c747c8048\tdtcp.sys : 23,552 : 02/16/2012 11:47 PM : 7463523827b104317de03a87c6d3ea1b [Pos Repl]
* C:\Windows\System32\drivers\usb8023.sys [NoSig]
+-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7600.16385_none_20e1b69f6c5c4250\usb8023.sys : 19,968 : 07/13/2009 08:09 PM : d0fe8cb5f84303e73ff0754437fad3d1 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7600.17233_none_2115acf96c35a067\usb8023.sys : 19,968 : 02/12/2013 08:02 AM : ef45dce7b2bed36c566eac743eae66a4 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7600.21444_none_21957c08855a72a0\usb8023.sys : 19,968 : 02/11/2013 10:59 PM : 5f3725ef4ba21a5ce560697aa508482c [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7601.18076_none_22d3cb2d6979c81c\usb8023.sys : 19,968 : 02/11/2013 11:12 PM : 92b3172e8c14c1444682f510843a9988 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7601.22248_none_237fda36827d43e8\usb8023.sys : 19,968 : 02/11/2013 10:59 PM : a6db4451eefe7b9ef5bd0c5fe0c09125 [Pos Repl]
* C:\Windows\System32\kernel32.dll [NoSig]
+-> C:\Windows\SysWOW64\kernel32.dll : 1,114,112 : 11/29/2012 11:53 PM : ac0b6f41882fc6ed186962d770ebf1d2 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_efb2d6e86ffc8f55\kernel32.dll : 1,162,240 : 07/13/2009 09:41 PM : 5b4b379ad10deda4eda01b8c6961b193 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16816_none_efff90246fc2d6d8\kernel32.dll : 1,162,240 : 05/14/2011 09:36 AM : 98da1b7572dad6ba10296e0df0950b37 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16850_none_efce4eb86fe8ae92\kernel32.dll : 1,162,240 : 07/16/2011 09:21 AM : ddbd24dc04da5fd0edf45cf72b7c01e2 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17107_none_f00b3c486fba01ce\kernel32.dll : 1,162,240 : 08/18/2012 09:37 AM : 8e7f88a62e1aa28f15c0d6784e4c78b6 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17135_none_efe8cbf06fd422f3\kernel32.dll : 1,161,216 : 10/04/2012 01:32 PM : 1ddcacab8da5399e5521051923016b18 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_efc18d686ff0f813\kernel32.dll : 1,161,216 : 11/30/2012 01:43 AM : e3bc37881d92eb59ee0ba3b854a54d1e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17206_none_f00a3de46fbae59e\kernel32.dll : 1,161,216 : 01/04/2013 01:30 AM : 43db3433f141f01e53d1c5aa0f434098 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.20978_none_f04a4dfb890f50f6\kernel32.dll : 1,162,240 : 06/03/2011 01:54 AM : 8225958bac83eafcdb6bab6ee5edf6e6 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21010_none_f083035588e611da\kernel32.dll : 1,162,240 : 07/16/2011 01:21 AM : 06835b46d9676bedd80af25acf6845fd [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21306_none_f093daaf88d88568\kernel32.dll : 1,163,776 : 08/20/2012 03:02 PM : 1bda5db0c493b390c2dfd09139140de1 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21335_none_f0726aa188f1bfe4\kernel32.dll : 1,162,752 : 10/04/2012 01:29 PM : 6eed0d77c20137948979ea47360a890b [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_f03d5b4f891964f0\kernel32.dll : 1,162,752 : 11/30/2012 01:38 AM : b6b1ab98ba656ba1d8e0ca03f59ded51 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21416_none_f0890ca988e09e80\kernel32.dll : 1,162,752 : 01/04/2013 01:14 AM : 9dd828efbd17246275e8a74d58e836ac [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll : 1,161,216 : 11/20/2010 01:26 AM : 7a6326d96d53048fdec542df23d875a0 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_f1e6ed746ce85c1b\kernel32.dll : 1,162,752 : 05/14/2011 01:20 AM : 0e1b2e16235aa7f89f064ee75dfc905e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_f1b5ac086d0e33d5\kernel32.dll : 1,162,752 : 07/16/2011 01:37 AM : b9b42a302325537d7b9dc52d47f33a73 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_f1cc51dc6cfd0cbf\kernel32.dll : 1,162,240 : 08/20/2012 02:48 PM : eaf41cfba5281834cbc383c710ac7965 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_f1aee2f66d12ac97\kernel32.dll : 1,161,216 : 10/04/2012 01:41 PM : 1dc3504ca4c57900f1557e9a3f01d272 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_f1e4cab46cea5424\kernel32.dll : 1,161,216 : 11/30/2012 01:41 AM : 65c113214f7b05820f6d8a65b1485196 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_f266ba9d860d312d\kernel32.dll : 1,163,264 : 05/14/2011 01:11 AM : 6743e8705a96fcbf71279b5ae2ccfdbc [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_f22aa945863b24d8\kernel32.dll : 1,163,264 : 07/16/2011 01:28 AM : 27ac02d8ee4c02e7648c41cb880151da [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_f213e511864c70f3\kernel32.dll : 1,163,264 : 08/20/2012 02:24 PM : 624b34180c79d67c470c155db81ffb8e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_f263979386100fdf\kernel32.dll : 1,162,240 : 10/04/2012 01:37 PM : f3c594d0da3acfa6c7b781a490ab4282 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_f22f888b8636ce42\kernel32.dll : 1,163,264 : 11/30/2012 01:52 AM : b3bea6420d482356e53b7c728e05c637 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_f27d3a7985fc3a80\kernel32.dll : 1,162,240 : 01/04/2013 01:36 AM : b844114b247d8ef1e5e4e93a282d2e6f [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_fa07813aa45d5150\kernel32.dll : 836,608 : 07/13/2009 09:11 PM : 606ecb76a424cc535407e7a24e2a34bc [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16816_none_fa543a76a42398d3\kernel32.dll : 837,120 : 05/14/2011 09:32 AM : 40eacee0b6432cbe2459a11b298e9d88 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16850_none_fa22f90aa449708d\kernel32.dll : 1,048,576 : 07/16/2011 09:30 AM : 4ea99f1644627b1ebad99d0b93cdee1c [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17107_none_fa5fe69aa41ac3c9\kernel32.dll : 1,114,112 : 08/18/2012 09:17 AM : 33616dacc75c9e105dae944120db4274 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17135_none_fa3d7642a434e4ee\kernel32.dll : 1,114,112 : 10/04/2012 09:54 AM : a6778fc49011313995a4d718f624cc74 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_fa1637baa451ba0e\kernel32.dll : 1,114,112 : 11/30/2012 09:06 AM : c95793f4be3471aeed92f5bf367be69e [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17206_none_fa5ee836a41ba799\kernel32.dll : 1,114,112 : 01/03/2013 11:51 PM : 385be92e3106491bbb542f8f1c06c606 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.20978_none_fa9ef84dbd7012f1\kernel32.dll : 1,114,112 : 06/03/2011 11:58 AM : 6eb2aee15c20681e323e9a3e334fe6cf [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21010_none_fad7ada7bd46d3d5\kernel32.dll : 1,114,112 : 07/16/2011 11:21 AM : 2113248db2d1af9ca790b09f3e6c6e85 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21306_none_fae88501bd394763\kernel32.dll : 1,114,112 : 08/20/2012 01:51 PM : 85660067ecd49b6e302347efcc2f72a5 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21335_none_fac714f3bd5281df\kernel32.dll : 1,114,112 : 10/04/2012 01:56 AM : de7a37cb1f48526a78a2d42786411578 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_fa9205a1bd7a26eb\kernel32.dll : 1,114,112 : 11/29/2012 11:51 PM : e747adb6223dbbe1bb138f08a09adad6 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21416_none_faddb6fbbd41607b\kernel32.dll : 1,114,112 : 01/03/2013 11:51 PM : f9f6cd9ef1f6c896a56b5259b81027d9 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_fc389502a14bd4ea\kernel32.dll : 837,632 : 11/20/2010 11:08 AM : e80758cf485db142fca1ee03a34ead05 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_fc3b97c6a1491e16\kernel32.dll : 837,632 : 05/14/2011 11:22 AM : 166116134c58dc36400de59acd64fb39 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_fc0a565aa16ef5d0\kernel32.dll : 1,114,112 : 07/16/2011 11:24 AM : 99c3f8e9cc59d95666eb8d8a8b4c2beb [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_fc20fc2ea15dceba\kernel32.dll : 1,114,112 : 08/20/2012 01:37 PM : 9b98d47916ead4f69ef51b56b0c2323c [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_fc038d48a1736e92\kernel32.dll : 1,114,112 : 10/04/2012 01:47 AM : d4f3176082566cefa633b4945802d4c4 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_fc397506a14b161f\kernel32.dll : 1,114,112 : 11/29/2012 11:53 PM : ac0b6f41882fc6ed186962d770ebf1d2 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_fcbb64efba6df328\kernel32.dll : 837,632 : 05/14/2011 11:33 AM : cc5cbc069944e7ea70d8674478a70a37 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_fc7f5397ba9be6d3\kernel32.dll : 1,114,112 : 07/16/2011 11:49 AM : d3cb12854171df61d117d7c2bf22c675 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_fc688f63baad32ee\kernel32.dll : 1,114,112 : 08/20/2012 01:31 PM : 305681b4b695d4a888b941965ffc2c17 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_fcb841e5ba70d1da\kernel32.dll : 1,114,112 : 10/04/2012 01:36 AM : 5fa395364ee727e4bee6b1406c207f98 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_fc8432ddba97903d\kernel32.dll : 1,114,112 : 11/29/2012 11:57 PM : 9cc2571e3646b9a24296ad7adcc71682 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_fcd1e4cbba5cfc7b\kernel32.dll : 1,114,112 : 01/03/2013 11:52 PM : 7e55988f5cb3ba67e2732370e8d71bbb [Pos Repl]
* C:\Windows\System32\lsass.exe [NoSig]
+-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe : 31,232 : 07/13/2009 09:39 PM : 0793f40b9b8a1bdd266296409dbd91ea [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe : 31,232 : 07/13/2009 09:39 PM : 0793f40b9b8a1bdd266296409dbd91ea [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe : 31,232 : 11/17/2011 09:05 AM : 156f6159457d0aa7e59b62681b56eb90 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe : 31,232 : 11/17/2011 09:05 AM : 156f6159457d0aa7e59b62681b56eb90 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe : 31,232 : 07/13/2009 09:39 PM : 0793f40b9b8a1bdd266296409dbd91ea [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe : 31,232 : 11/17/2011 09:42 AM : d21bd47e528cd62e79311fb5df0150e6 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe : 31,232 : 06/02/2012 09:30 AM : bf63ce11a25f3509129888710d5111fc [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe : 31,232 : 07/13/2009 09:39 PM : 0793f40b9b8a1bdd266296409dbd91ea [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe : 31,232 : 11/17/2011 09:33 AM : c118a82cd78818c29ab228366ebf81c3 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe : 31,232 : 11/17/2011 09:33 AM : c118a82cd78818c29ab228366ebf81c3 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe : 31,232 : 11/17/2011 09:33 AM : c118a82cd78818c29ab228366ebf81c3 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe : 31,232 : 11/17/2011 09:20 AM : 0a10b74fbb437ff9a23f1d5de4446a83 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe : 31,232 : 06/04/2012 09:51 AM : 79c908caa6f43021eb05f4c733a927d1 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe : 31,232 : 08/24/2012 01:43 PM : 77119f1f9b492b260030c34f9be327fa [Pos Repl]
* C:\Windows\System32\mshtml.dll [NoSig]
+-> C:\Windows\SysWOW64\mshtml.dll : 14,323,200 : 02/21/2013 11:29 AM : d017bf8d92938eeb9b3a1d1c53fda152 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16521_none_911cac30929d18df\mshtml.dll : 19,221,504 : 03/02/2013 01:06 AM : 7539e5b4a9763c22ce5cace3e9a6246f [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16540_none_911ec38c929b31ec\mshtml.dll : 19,230,208 : 02/21/2013 01:14 AM : 394ecd933cd66badf97ea85a183b9e1e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20644_none_7a45f1e4ac4b1416\mshtml.dll : 19,475,968 : 02/24/2013 06:21 PM : 073c9bedbc37fb3e3c2432bdf87869c0 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16385_none_89f24b7ab2dc7a40\mshtml.dll : 9,271,296 : 07/13/2009 09:41 PM : 12c3f25ea578daa752024e1918d59313 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16466_none_8a08ed82b2cb58dc\mshtml.dll : 9,273,344 : 12/16/2010 09:22 AM : e5ded66efc742ade04819551af3652b1 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16490_none_89e27c02b2e914a5\mshtml.dll : 9,276,928 : 12/16/2010 09:22 AM : f172328c926ff41aa3cc81eb37f7e0ae [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16535_none_8a285ee2b2b3e8d9\mshtml.dll : 9,283,072 : 12/16/2010 09:22 AM : 282f2feb95a6b3985cb30ba236594e7e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16625_none_8a3330b4b2abca0f\mshtml.dll : 9,298,432 : 12/16/2010 09:22 AM : 74da18bb61fe98fc002866f032329265 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16766_none_8a08f334b2cb5051\mshtml.dll : 9,311,744 : 02/24/2011 09:25 AM : f8f007bc2705cd11b2087635a5d0d3fd [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20579_none_8a8abb3fcbee609c\mshtml.dll : 9,273,856 : 12/16/2010 09:22 AM : aadeedb38f70638fd2b7a86edd837d19 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20600_none_8acd69ffcbbdb61d\mshtml.dll : 9,280,512 : 12/16/2010 09:22 AM : 4c8fc7269f660374f398f75b240ef446 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20651_none_8a985aadcbe55b29\mshtml.dll : 9,289,216 : 12/16/2010 09:22 AM : e0a6a14d57662ea1b8fb379bcb679561 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20745_none_8aa72da7cbd9a1bb\mshtml.dll : 9,295,360 : 12/16/2010 09:22 AM : e16d240876bad97b05dcad346ac734f6 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20908_none_8ad57201cbb6784a\mshtml.dll : 9,309,696 : 02/24/2011 09:24 AM : 2b300279e66420f30e68e7b613b5a03d [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_8c235f42afcafdda\mshtml.dll : 8,988,160 : 11/20/2010 09:27 AM : 1c8b787baa52dead1a6fec1502d652f0 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17573_none_8be17f70affc8c29\mshtml.dll : 8,995,328 : 03/07/2011 09:29 AM : b2716dec935fd5c8eea66c1c0f7f5504 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21676_none_8c6e1d19c91777f8\mshtml.dll : 8,995,328 : 03/07/2011 09:16 AM : 929f6341d1743d018d15b574b18b0d97 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16437_none_87dc82adf4cff1c2\mshtml.dll : 17,781,760 : 11/10/2011 07:32 PM : 02b4e6ccca443568764281391635f5a4 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16440_none_87cab0bbf4de5c52\mshtml.dll : 17,786,368 : 11/03/2011 10:38 PM : e7bd23bec69cf23436eede9b18de186d [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16441_none_87cbb105f4dd75a9\mshtml.dll : 17,790,464 : 12/14/2011 10:43 AM : e61288581ad9e647abefb1489b250b5c [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16443_none_87cdb199f4dba857\mshtml.dll : 17,790,976 : 02/28/2012 10:34 AM : d785a16a6f03f76cb862f28c9f8c9672 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16446_none_87d0b277f4d8f45c\mshtml.dll : 17,807,360 : 05/17/2012 10:47 PM : de469470d93deb4a1a81ede72b848198 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16447_none_87d1b2c1f4d80db3\mshtml.dll : 17,807,360 : 06/02/2012 10:49 AM : 89c4b3bf66d3c2f3d83f9dedf1b218d6 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16448_none_87d2b30bf4d7270a\mshtml.dll : 17,809,920 : 06/29/2012 10:55 AM : 8415f4792d7bc07be328df56fe32045a [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16450_none_87bfe0cff4e67843\mshtml.dll : 17,810,944 : 08/24/2012 10:15 AM : f244da6dd2c365abafd076222c22c2be [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16455_none_87c4e241f4e1f6f6\mshtml.dll : 17,811,968 : 10/08/2012 10:19 AM : 6d4f838e72eeeb3d6fb16a5a45632560 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16457_none_87c6e2d5f4e029a4\mshtml.dll : 17,811,968 : 11/14/2012 10:06 AM : cff3c4abdcc5356b0674743bdf0fb674 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16464_none_87b9120bf4eaf990\mshtml.dll : 17,812,992 : 01/08/2013 08:48 PM : 14deb733acb08a71cc0783ed02ff1f8d [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20544_none_88584eaf0df86178\mshtml.dll : 17,786,368 : 11/03/2011 11:06 PM : 5770c4ba825c42d6efd9486029747108 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20546_none_885a4f430df69426\mshtml.dll : 17,790,464 : 12/14/2011 11:57 AM : 153963f44a26a7840acdf52c2cd1b9dc [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20548_none_885c4fd70df4c6d4\mshtml.dll : 17,790,976 : 02/27/2012 10:54 PM : 97bb8c752a400556a4ff2e1aafa0a138 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20551_none_884a7de50e033164\mshtml.dll : 17,807,360 : 05/17/2012 09:35 PM : be1e4779329040ed334651cd877c416d [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20553_none_884c7e790e016412\mshtml.dll : 17,807,360 : 06/02/2012 09:45 AM : 0c26f50d6c347ce294c84347e6faeaa8 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20554_none_884d7ec30e007d69\mshtml.dll : 17,809,920 : 06/28/2012 10:39 PM : c4de0e2b31f60acb15e6b4154e26298a [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20557_none_88507fa10dfdc96e\mshtml.dll : 17,810,944 : 08/24/2012 10:40 AM : 522a528c296a9aef3f0c289ff7093315 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20562_none_8840ae430e0a66ac\mshtml.dll : 17,812,992 : 10/08/2012 10:58 AM : 1fb8062d4c3a4c7b8eca7bbd1e743000 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20565_none_8843af210e07b2b1\mshtml.dll : 17,811,968 : 11/13/2012 11:57 PM : 5024cacd183e4c0fccde6db8a38eec7b [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20573_none_8836dea10e119bf4\mshtml.dll : 17,814,528 : 01/08/2013 07:46 PM : b6c5bc6d4e1d79cb8df107112a9f37cb [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16521_none_9b715682c6fddada\mshtml.dll : 14,317,568 : 03/02/2013 07:06 AM : e3fa8aeaa2f40ec1bb00fefb2c4f3ad9 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16540_none_9b736ddec6fbf3e7\mshtml.dll : 14,323,200 : 02/21/2013 07:29 AM : d017bf8d92938eeb9b3a1d1c53fda152 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20644_none_849a9c36e0abd611\mshtml.dll : 14,353,408 : 02/24/2013 06:25 PM : 6f1e3eefcb97c97a0eb88be6f35d92f0 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16385_none_9446f5cce73d3c3b\mshtml.dll : 5,957,632 : 07/13/2009 09:15 PM : 43592d31aff84dd957199248898d9430 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16466_none_945d97d4e72c1ad7\mshtml.dll : 5,958,656 : 12/16/2010 09:22 AM : f8f43d14ba21cf92d16b3a16a958778b [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16490_none_94372654e749d6a0\mshtml.dll : 5,961,728 : 12/16/2010 09:22 AM : 6ee36579e69e37d2ab2926a40b16dbb3 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16535_none_947d0934e714aad4\mshtml.dll : 5,964,800 : 12/16/2010 09:22 AM : 49e3588afd08be40a9775bf3fb9d43f1 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16625_none_9487db06e70c8c0a\mshtml.dll : 5,971,456 : 12/16/2010 09:22 AM : bdfd710842c8a25dd27254d91de60ac6 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16766_none_945d9d86e72c124c\mshtml.dll : 5,981,696 : 02/24/2011 09:30 AM : c75417dd80fe9d56a906dd9da791ed6f [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20579_none_94df6592004f2297\mshtml.dll : 5,959,168 : 12/16/2010 09:22 AM : 31f80311f487aba186a10e551b212573 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20600_none_95221452001e7818\mshtml.dll : 5,962,240 : 12/16/2010 09:22 AM : 96990605689b601287d4a83dd2b05f0b [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20651_none_94ed050000461d24\mshtml.dll : 5,966,336 : 12/16/2010 09:22 AM : da9d73d95d2b74742d4936739b1d9669 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20745_none_94fbd7fa003a63b6\mshtml.dll : 5,972,992 : 12/16/2010 09:22 AM : 25c1646adc24c371b594544c3d530967 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20908_none_952a1c5400173a45\mshtml.dll : 5,982,720 : 02/24/2011 09:44 AM : f861a76f208bd31031a91412aa77bd4f [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_96780994e42bbfd5\mshtml.dll : 5,977,600 : 11/20/2010 09:19 AM : c50799f0d47dfb9774f721521b6c41d5 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17573_none_963629c2e45d4e24\mshtml.dll : 5,981,696 : 03/07/2011 09:31 AM : 3d2f69861d7b24a3c5b0473583fe3d9d [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21676_none_96c2c76bfd7839f3\mshtml.dll : 5,981,696 : 03/07/2011 09:20 AM : 5e87c06b924495f6fa381391fde0c9d4 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16437_none_92312d002930b3bd\mshtml.dll : 12,275,200 : 11/10/2011 07:32 PM : 04e0cd31a63dfc0d73725a3d1768fb5a [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16440_none_921f5b0e293f1e4d\mshtml.dll : 12,279,808 : 11/03/2011 07:02 PM : 66c0aee61d1c5c35bf1b4642a153b114 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16441_none_92205b58293e37a4\mshtml.dll : 12,282,368 : 12/13/2011 10:30 PM : 497c9c3db953a60ec4f43a097e15f75e [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16443_none_92225bec293c6a52\mshtml.dll : 12,281,856 : 02/27/2012 08:52 PM : f82bf2cb075b49e9fab5ff213c45c020 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16446_none_92255cca2939b657\mshtml.dll : 12,314,624 : 05/17/2012 07:11 PM : 9fb58f71104107d44540af1195f7a14d [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16447_none_92265d142938cfae\mshtml.dll : 12,314,624 : 06/02/2012 07:07 AM : 6820a9e91aff7cb3a510360d8ccd9bdd [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16448_none_92275d5e2937e905\mshtml.dll : 12,317,184 : 06/28/2012 08:52 PM : 5e8e869e1342308752a37a2c90cca79d [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16450_none_92148b2229473a3e\mshtml.dll : 12,319,744 : 08/24/2012 08:27 AM : bb197f54a8f69eea8356b7f70e6d3a20 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16455_none_92198c942942b8f1\mshtml.dll : 12,320,768 : 10/08/2012 08:28 AM : 8d1bb1e5a033e8817ef94a9047630165 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16457_none_921b8d282940eb9f\mshtml.dll : 12,320,256 : 11/13/2012 09:48 PM : 07f649cd36f266bbe33b814fa678aa43 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16464_none_920dbc5e294bbb8b\mshtml.dll : 12,321,280 : 01/08/2013 05:23 PM : c97434c851c4821bd92d2831fdf1ecbe [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20544_none_92acf90142592373\mshtml.dll : 12,279,808 : 11/03/2011 07:35 PM : a21b983e40578d0e6cfa9864ac4e1219 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20546_none_92aef99542575621\mshtml.dll : 12,282,368 : 12/13/2011 09:41 PM : a29cfd4b9f6f2bbe06c8d64b6d07f1d4 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20548_none_92b0fa29425588cf\mshtml.dll : 12,281,856 : 02/27/2012 08:21 PM : b9e083b14b1994f1255983f2df31c7df [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20551_none_929f28374263f35f\mshtml.dll : 12,314,624 : 05/17/2012 06:53 PM : 761d9111f5a2619cb5060661d36fbfff [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20553_none_92a128cb4262260d\mshtml.dll : 12,314,624 : 06/02/2012 06:48 AM : 1abf770552ea9d4fe90f654468faf4ce [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20554_none_92a2291542613f64\mshtml.dll : 12,317,184 : 06/28/2012 07:11 PM : aec51857aec2f5ce4520366240afc671 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20557_none_92a529f3425e8b69\mshtml.dll : 12,319,744 : 08/24/2012 07:43 AM : 975d1ea99a0fe8104b72440995b3c20b [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20562_none_92955895426b28a7\mshtml.dll : 12,321,280 : 10/08/2012 07:12 AM : f7b251da2fa89933771289793dcaa08b [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20565_none_92985973426874ac\mshtml.dll : 12,321,280 : 11/13/2012 09:14 PM : 8021ef27048f9ece5286ea8c8eed23b8 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20573_none_928b88f342725def\mshtml.dll : 12,322,304 : 01/08/2013 04:17 PM : b6ad225b3bcc07332fbb2c2824315534 [Pos Repl]
* C:\Windows\System32\msvcrt.dll [NoSig]
+-> C:\Windows\SysWOW64\msvcrt.dll : 690,688 : 12/16/2011 11:52 AM : 9dc80a8aaaaac397bdab3c67165a824e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_2d4a27c7b8972454\msvcrt.dll : 634,880 : 07/13/2009 09:41 PM : 7319bb10fa1f86e49e3dcf4136f6c957 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16930_none_2d7b4155b87308d6\msvcrt.dll : 634,368 : 12/16/2011 09:42 AM : 579f6afc6a6561951fa2202efc3fe485 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.21108_none_2e2d2856d17152c7\msvcrt.dll : 634,880 : 12/16/2011 09:38 AM : 7d8b505e35ab89d3c3e9ae54a2c95dd2 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_2f5acf97b59df60f\msvcrt.dll : 634,880 : 12/16/2011 09:46 AM : c391fc68282a000cdf953f8b6b55d2ef [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_2fc7fdc6ced04f08\msvcrt.dll : 634,880 : 12/16/2011 09:39 AM : f9a4c695c86cc32048fe2c987a0bd387 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_d12b8c440039b31e\msvcrt.dll : 690,688 : 07/13/2009 09:15 PM : e46d48a7fe961401f1cbf85531cdf05d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16930_none_d15ca5d2001597a0\msvcrt.dll : 690,688 : 12/16/2011 09:59 AM : f8a61b2e713309b4616d107919bdab6e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.21108_none_d20e8cd31913e191\msvcrt.dll : 690,688 : 12/16/2011 09:49 AM : 10142c1975202a767c0edb3bc066fd88 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_d33c3413fd4084d9\msvcrt.dll : 690,688 : 12/16/2011 09:52 AM : 9dc80a8aaaaac397bdab3c67165a824e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_d3a962431672ddd2\msvcrt.dll : 690,688 : 12/16/2011 09:58 AM : 2f740c4b458331357e825e94afb0953a [Pos Repl]
* C:\Windows\System32\schannel.dll [NoSig]
+-> C:\Windows\SysWOW64\schannel.dll : 247,808 : 08/24/2012 11:57 AM : af78f66116814fdd6677cebd73035cdd [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16385_none_7e0b3cb56ef3dd68\schannel.dll : 348,672 : 07/13/2009 09:41 PM : 5a148b1574be77742d337ec81c23fc7a [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16612_none_7e53f0fd6ebdc541\schannel.dll : 340,992 : 12/16/2010 09:22 AM : 7cc59a28bcf0f791cc5f173093e06db1 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16661_none_7e1ce1176ee7379f\schannel.dll : 340,992 : 08/21/2010 09:36 AM : 426a455cacd1261d05d158ca8ad8ef2e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16915_none_7e56f78d6ebb08bb\schannel.dll : 340,992 : 11/17/2011 09:10 AM : 65238bdc2ec498ef5bc52ccf0ac2736b [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.17035_none_7e412fd76ecb73df\schannel.dll : 340,992 : 06/02/2012 09:27 AM : 90b780886bd813882cb382ff3e90e092 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.20735_none_7ecaeece87e8e8f2\schannel.dll : 339,456 : 12/16/2010 09:22 AM : 595a4a6058b95b52da0badde57eb211f [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.20785_none_7e94df32881174a7\schannel.dll : 339,456 : 08/20/2010 09:44 AM : fe91c090df05b9b2c623b244bb97e76b [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.21092_none_7e86ea56881c7223\schannel.dll : 339,456 : 11/17/2011 09:49 AM : 4abe93525123ba830a3d33ea0d5d93ad [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.21225_none_7ed59e7487e0f4df\schannel.dll : 338,944 : 06/02/2012 09:37 AM : 107519f9849d947ee1ba5085f7bc2763 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17514_none_803c507d6be26102\schannel.dll : 340,992 : 11/20/2010 09:27 AM : a199de544bf5c61c134b22c7592226fc [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17725_none_803284a76be99098\schannel.dll : 340,992 : 11/17/2011 09:35 AM : fbd1d2169aceee3073861f8ca3a28c49 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17856_none_801317136c00fae9\schannel.dll : 340,992 : 06/02/2012 09:45 AM : 1573c45e65de32b1bc3572634f8f1e8e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17940_none_8017e7296bfe4415\schannel.dll : 340,992 : 08/24/2012 02:05 PM : b7d42cb36c08fa017e73ff2433cd7287 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.21861_none_808ce09a852b3aca\schannel.dll : 340,992 : 11/17/2011 02:26 AM : ed848d806f639ce611b3bedc6c958140 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22010_none_80c1c9f48503c627\schannel.dll : 340,992 : 06/04/2012 02:54 AM : f6184411925d84c41a87fb9821554da8 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22099_none_80744d2e853c89be\schannel.dll : 340,992 : 08/24/2012 01:47 PM : ecedbcd983f193ea8178836094f80c54 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16385_none_885fe707a3549f63\schannel.dll : 220,160 : 07/13/2009 09:16 PM : 0a53fd4ebbd92002ccc362a9b8087885 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16612_none_88a89b4fa31e873c\schannel.dll : 224,256 : 12/16/2010 09:22 AM : 61a9b3194f8497b864b1c98a72736d07 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16661_none_88718b69a347f99a\schannel.dll : 224,256 : 08/21/2010 09:36 AM : 21cf5c7d8d727dcc337a1d251b6135f4 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16915_none_88aba1dfa31bcab6\schannel.dll : 224,768 : 11/17/2011 09:39 AM : 83041697ae93aa4b783ae8746904edd2 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.17035_none_8895da29a32c35da\schannel.dll : 225,280 : 06/02/2012 09:48 AM : 76c48f0cd8a526858ab9a4886586942a [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.20735_none_891f9920bc49aaed\schannel.dll : 224,256 : 12/16/2010 09:22 AM : da2974595719d65c27b5198b971ef121 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.20785_none_88e98984bc7236a2\schannel.dll : 224,256 : 08/20/2010 09:30 AM : bf33806d317af52b6860a82d9fdc7e00 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.21092_none_88db94a8bc7d341e\schannel.dll : 224,768 : 11/17/2011 09:15 AM : cb6b6b1f8d283de4540445c5313cb445 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.21225_none_892a48c6bc41b6da\schannel.dll : 225,280 : 06/02/2012 09:45 AM : 1f7939c11281755a7b0a6ac47929f701 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17514_none_8a90facfa04322fd\schannel.dll : 224,256 : 11/20/2010 09:21 AM : 135f7ac9be35ab1df727faf2e60e92f8 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17725_none_8a872ef9a04a5293\schannel.dll : 224,768 : 11/17/2011 09:34 AM : 1affb765af1fdcc0c185c38e9ddddaee [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17856_none_8a67c165a061bce4\schannel.dll : 225,280 : 06/02/2012 09:40 AM : 3d3cbd1847f980fb03343a63671e7886 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17940_none_8a6c917ba05f0610\schannel.dll : 247,808 : 08/24/2012 09:57 AM : af78f66116814fdd6677cebd73035cdd [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.21861_none_8ae18aecb98bfcc5\schannel.dll : 224,768 : 11/17/2011 09:29 AM : 3dbcbd8adb406c43a2127544d7ba974e [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22010_none_8b167446b9648822\schannel.dll : 225,280 : 06/02/2012 09:55 AM : c5b2dc72f2453cef2e150a81f696703d [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22099_none_8ac8f780b99d4bb9\schannel.dll : 247,808 : 08/24/2012 09:58 AM : abf890af1b55146f7dfe7a937f503b0a [Pos Repl]
* C:\Windows\System32\smss.exe [NoSig]
+-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe : 112,640 : 07/13/2009 09:39 PM : 1911a3356fa3f77ccc825ccbac038c2a [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe : 112,640 : 03/18/2013 11:19 PM : fa64733bd65f52712f0545f56fdb4be6 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe : 112,640 : 03/18/2013 11:20 PM : 7180204786a9ded8723b2d8cf3cdd388 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe : 112,640 : 03/18/2013 11:06 PM : f0371de302ffff8f086661611be60848 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe : 112,640 : 03/18/2013 10:57 PM : 498e2a20e145199709cd100cdba8603d [Pos Repl]
* C:\Windows\System32\spoolsv.exe [NoSig]
+-> C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe : 558,080 : 07/13/2009 09:39 PM : 89e8550c5862999fcf482ea562b0e98e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_3252392adb2d25f4\spoolsv.exe : 558,592 : 12/16/2010 09:22 AM : f8e1fa03cb70d54a9892ac88b91d1e7b [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16962_none_32533f26db2c36c0\spoolsv.exe : 559,104 : 02/11/2012 09:29 AM : 567977dc43cc13c4c35ed7084c0b84d5 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_32ca3745f45762fc\spoolsv.exe : 559,104 : 12/16/2010 09:22 AM : 8547491be7086ee317163365d83a37d2 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.21149_none_32f955f1f433834b\spoolsv.exe : 559,104 : 02/11/2012 09:26 AM : 807b5b0e287027f72ac37b0cda9512da [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe : 559,104 : 11/20/2010 09:25 AM : b96c17b5dc1424d56eea3a99e97428cd [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe : 559,104 : 02/11/2012 09:36 AM : 85daa09a98c9286d4ea2ba8d0e644377 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe : 559,616 : 02/11/2012 09:20 AM : b9d7a4858cf32a6a15d2763f1de47e0e [Pos Repl]
* C:\Windows\System32\taskhost.exe [NoSig]
+-> C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7600.16385_none_84339a007406dfa0\taskhost.exe : 69,120 : 07/13/2009 09:39 PM : 3eefb971d61ef9638fd21f14c703ca11 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_8664adc870f5633a\taskhost.exe : 69,120 : 11/20/2010 09:25 AM : 517110bd83835338c037269e603db55d [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.18010_none_86608c5a70f925bc\taskhost.exe : 68,608 : 11/22/2012 10:13 PM : 639774c9acd063f028f6084abf5593ad [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.22172_none_86ab4a318a459fda\taskhost.exe : 69,120 : 11/23/2012 10:50 AM : c671f1b7d4242a5ec7af2d548f072671 [Pos Repl]
* C:\Windows\System32\usp10.dll [NoSig]
+-> C:\Windows\SysWOW64\usp10.dll : 626,688 : 11/21/2012 11:45 PM : b7230010d97787af3d25e4c82f2b06b9 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.16385_none_08ef6ab5722d66d5\usp10.dll : 801,280 : 07/13/2009 09:41 PM : 5f2bdca5fa0f20a6f452cf0ee2a2b18c [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.17174_none_08f91fc3722650e0\usp10.dll : 801,280 : 11/22/2012 09:32 AM : bd5153969c41f697e23b9a43ef9228ce [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.21379_none_0987bfe68b3f6c84\usp10.dll : 800,768 : 11/22/2012 09:57 AM : 77ad7076f8cf3cab923f7fae6dc9bda8 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_0b207e7d6f1bea6f\usp10.dll : 800,256 : 11/20/2010 09:27 AM : 2f8b1e3ee3545d3b5a8d56fa1ae07b65 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18009_none_0b302f956f0f750f\usp10.dll : 800,768 : 11/22/2012 09:44 AM : dbf99fd9caf75ca66d042bd8d050ff71 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22171_none_0b661a9c886d0db8\usp10.dll : 801,280 : 11/22/2012 09:59 AM : e4accc7927a1478df636534864e03666 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.16385_none_acd0cf31b9cff59f\usp10.dll : 627,200 : 07/13/2009 09:16 PM : 0ba19f3198c40ac4e8cc66ee02eda6c6 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.17174_none_acda843fb9c8dfaa\usp10.dll : 627,712 : 11/22/2012 09:33 AM : 011b7a81e28c748d7631cf3d72323dd2 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.21379_none_ad692462d2e1fb4e\usp10.dll : 626,688 : 11/22/2012 09:04 AM : 36cd8d6ebce6468bbeeb8bf175980f53 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_af01e2f9b6be7939\usp10.dll : 626,176 : 11/20/2010 09:21 AM : 804aaafebb3ad5f49334dd906bcb1de5 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18009_none_af119411b6b203d9\usp10.dll : 626,688 : 11/21/2012 11:45 PM : b7230010d97787af3d25e4c82f2b06b9 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22171_none_af477f18d00f9c82\usp10.dll : 626,688 : 11/22/2012 11:36 AM : ca68408922b02e8d955a2967c7cbf8ce [Pos Repl]
* C:\Windows\System32\wbem\wmiprvse.exe [NoSig]
+-> C:\Windows\SysWOW64\wbem\WmiPrvSE.exe : 328,704 : 08/21/2012 11:58 AM : 1951c6f1e53079f6b29ecff77eaf9403 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.1.7600.16385_none_6c57b032a516106e\WmiPrvSE.exe : 368,640 : 07/13/2009 09:39 PM : 64d757051b5b273e55c93e4503ea4f3e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.1.7601.17514_none_6e88c3faa2049408\WmiPrvSE.exe : 372,736 : 11/20/2010 09:25 AM : 619a67c9f617b7e69315bb28ecd5e1df [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_7.1.7601.16398_none_5fa6d5042d286dcc\WmiPrvSE.exe : 432,128 : 08/21/2012 09:20 AM : 241cbd0f099f3d68892d19879e53722d [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.1.7600.16385_none_76ac5a84d976d269\WmiPrvSE.exe : 254,976 : 07/13/2009 09:14 PM : 203c3380a744ca5b9b1a9caeb57f7d57 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.1.7601.17514_none_78dd6e4cd6655603\WmiPrvSE.exe : 257,536 : 11/20/2010 09:17 AM : 4fb491ac8d46aaf22ba8bc5c73dabef7 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_7.1.7601.16398_none_69fb7f5661892fc7\WmiPrvSE.exe : 328,704 : 08/21/2012 09:58 AM : 1951c6f1e53079f6b29ecff77eaf9403 [Pos Repl]
* C:\Windows\System32\wininet.dll [NoSig]
+-> C:\Windows\SysWOW64\wininet.dll : 1,766,912 : 02/21/2013 11:30 AM : cfe0cee587f9cea4c29deec6d85fc91c [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16521_none_7fc28d121246afa9\wininet.dll : 2,240,512 : 03/02/2013 09:06 AM : 69f1d418b4c4ec23033d598e4cbc6b73 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16540_none_7fc4a46e1244c8b6\wininet.dll : 2,240,512 : 02/21/2013 09:15 AM : 753c0848ae7872a3f59663078a517293 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20644_none_68ebd2c62bf4aae0\wininet.dll : 2,247,168 : 02/24/2013 06:21 PM : 32d39c8ba5940da0eb6e7993f3190f92 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_78982c5c3286110a\wininet.dll : 1,193,472 : 07/13/2009 09:41 PM : b1037f0131c9a010d611f6914e03cd92 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16490_none_78885ce43292ab6f\wininet.dll : 1,192,960 : 12/16/2010 09:22 AM : 9c0e12fb8bd14397ec9cca99ec0ed5a3 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16535_none_78ce3fc4325d7fa3\wininet.dll : 1,192,960 : 12/16/2010 09:22 AM : 096698014315b32c84a7afd4ea61fb6f [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16625_none_78d91196325560d9\wininet.dll : 1,192,960 : 12/16/2010 09:22 AM : 3deb428acd3d4decd1619c24e4628dd2 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16723_none_78d712e832572b52\wininet.dll : 1,197,056 : 12/21/2010 09:16 AM : e71db117dbda6b33646f37936c17d226 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16766_none_78aed4163274e71b\wininet.dll : 1,197,056 : 02/24/2011 09:29 AM : 4daeeee0248f5d85751b05d9c6da28cc [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20600_none_79734ae14b674ce7\wininet.dll : 1,192,960 : 12/16/2010 09:22 AM : 46c47a10db10e3055ade41c4eb4ff7ca [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20651_none_793e3b8f4b8ef1f3\wininet.dll : 1,196,032 : 12/16/2010 09:22 AM : dd9ca58e7db6e64bad127c7ad6fe1d08 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20745_none_794d0e894b833885\wininet.dll : 1,196,544 : 12/16/2010 09:22 AM : dbc6ec40ddedf875c0576cf2c0caf9c3 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20862_none_79346fb94b962189\wininet.dll : 1,198,080 : 12/21/2010 09:09 AM : 1d3466e7e9d63f8b2b84a8ad5e833c29 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20908_none_797b52e34b600f14\wininet.dll : 1,198,592 : 02/24/2011 09:27 AM : 5a33324b358d9b7e39424505ee242377 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_7ac940242f7494a4\wininet.dll : 1,188,864 : 11/20/2010 09:27 AM : f6c5302e1f4813d552f41a0ac82455e5 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17573_none_7a8760522fa622f3\wininet.dll : 1,188,864 : 03/07/2011 09:31 AM : ab026a724960570803e90dc370893bd0 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21676_none_7b13fdfb48c10ec2\wininet.dll : 1,189,376 : 03/07/2011 09:20 AM : 93679dc9407bfc602d7e6bfc027455e0 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16437_none_7682638f7479888c\wininet.dll : 1,389,056 : 11/10/2011 07:32 PM : 271e8fb1354aa205a214f280a6766e30 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16440_none_7670919d7487f31c\wininet.dll : 1,390,080 : 11/03/2011 09:44 PM : 69151e566295e5a977fe71ffafd3b3f8 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16441_none_767191e774870c73\wininet.dll : 1,390,080 : 12/14/2011 09:04 AM : b1ac85b6adc005cf3f9eb4e28dfdcce6 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16443_none_7673927b74853f21\wininet.dll : 1,390,080 : 02/28/2012 09:49 AM : 228443ff3a1fb0b974d278f7c6403fad [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16446_none_7676935974828b26\wininet.dll : 1,392,128 : 05/17/2012 09:59 PM : 870ecfebd41c7b8f9c6777748368d51f [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16447_none_767793a37481a47d\wininet.dll : 1,392,128 : 06/02/2012 09:05 AM : 5a45fa344f4ad99d903f4b20e43b89ec [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16448_none_767893ed7480bdd4\wininet.dll : 1,392,128 : 06/28/2012 11:49 PM : 8ea68fd3780dddd5072f8cb830b3cb3d [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16450_none_7665c1b174900f0d\wininet.dll : 1,392,128 : 08/24/2012 11:21 AM : 3d165c53e40236a68b7102d1a622d4e0 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16455_none_766ac323748b8dc0\wininet.dll : 1,392,128 : 10/08/2012 11:23 AM : a19db004d954bbc9c4ec125711e1d1c2 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16457_none_766cc3b77489c06e\wininet.dll : 1,392,128 : 11/14/2012 11:04 AM : 5121db613e10a46a3c5085b479026aa7 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16464_none_765ef2ed7494905a\wininet.dll : 1,392,128 : 01/08/2013 08:12 PM : 435e9c764e1ef70058580996452be6a2 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20544_none_76fe2f908da1f842\wininet.dll : 1,390,080 : 11/03/2011 10:19 PM : 244d45f786e33c169a93f70ba63babf8 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20546_none_770030248da02af0\wininet.dll : 1,390,080 : 12/14/2011 10:10 AM : c2fa4dbd6bb91d1afd7d155120654ab9 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20548_none_770230b88d9e5d9e\wininet.dll : 1,390,080 : 02/27/2012 10:09 PM : b70cdc073f70e6d082a62ab5880d6b07 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20551_none_76f05ec68dacc82e\wininet.dll : 1,392,128 : 05/17/2012 08:47 PM : bdc16d105bf011d4b1c3f09cf7a64314 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20553_none_76f25f5a8daafadc\wininet.dll : 1,392,128 : 06/02/2012 08:09 AM : 571e809181ebf0a04fefaa9bc9961f5b [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20554_none_76f35fa48daa1433\wininet.dll : 1,392,128 : 06/28/2012 09:51 PM : 8ba7eda2656ed7fbc93bdd5cb02b8d4e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20557_none_76f660828da76038\wininet.dll : 1,392,128 : 08/24/2012 09:53 AM : 456d4e9006df149c250d40b813290471 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20562_none_76e68f248db3fd76\wininet.dll : 1,392,128 : 10/08/2012 09:11 AM : 789ead6f3ce42f3322818988400986e9 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20565_none_76e990028db1497b\wininet.dll : 1,392,128 : 11/13/2012 11:01 PM : 5caf48f12e8cbd96d520f4efd5b97f76 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20573_none_76dcbf828dbb32be\wininet.dll : 1,392,128 : 01/08/2013 06:55 PM : 43a6a68f1f41b13ca4d580d40dfa57ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16521_none_23a3f18e59e93e73\wininet.dll : 1,766,912 : 03/02/2013 06:06 AM : ba15504fa59a8dc304f1cbaeba6252a1 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16540_none_23a608ea59e75780\wininet.dll : 1,766,912 : 02/21/2013 06:30 AM : cfe0cee587f9cea4c29deec6d85fc91c [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20644_none_0ccd3742739739aa\wininet.dll : 1,775,616 : 02/24/2013 06:26 PM : b9a72493b83c77e78fe6213f4b01db5d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_1c7990d87a289fd4\wininet.dll : 977,920 : 07/13/2009 09:16 PM : 0d874f3bc751cc2198af2e6783fb8b35 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16490_none_1c69c1607a353a39\wininet.dll : 977,920 : 12/16/2010 09:22 AM : f1c359ce656bd76f90e0e6c4bc04a4be [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16535_none_1cafa4407a000e6d\wininet.dll : 977,920 : 12/16/2010 09:22 AM : 99a6f1253a886c4a9c1f8e1822b10a80 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16625_none_1cba761279f7efa3\wininet.dll : 978,432 : 12/16/2010 09:22 AM : 250267ce6217c1ab4517f22fb7ea13e8 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16723_none_1cb8776479f9ba1c\wininet.dll : 981,504 : 12/21/2010 09:38 AM : 78b9ada2bc8946af7b17678e0d07a773 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16766_none_1c9038927a1775e5\wininet.dll : 981,504 : 02/24/2011 09:32 AM : 214605c48ae416bc067c39d227cfcc57 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20600_none_1d54af5d9309dbb1\wininet.dll : 977,920 : 12/16/2010 09:22 AM : 23587164011ec849e58e229abc49e239 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20651_none_1d1fa00b933180bd\wininet.dll : 980,480 : 12/16/2010 09:22 AM : 0962cb2a9e6b4363c74249a4a5ccdbbf [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20745_none_1d2e73059325c74f\wininet.dll : 980,480 : 12/16/2010 09:22 AM : 91a9ccad9829a89c840899932b9ec2df [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20862_none_1d15d4359338b053\wininet.dll : 981,504 : 12/21/2010 09:29 AM : 1b3dd46bc6396143a205eaaf05f38039 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20908_none_1d5cb75f93029dde\wininet.dll : 982,016 : 02/24/2011 09:46 AM : da2950bad7306006eba77dd93cc42690 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll : 980,992 : 11/20/2010 09:21 AM : 44214c94911c7cfb1d52cb64d5e8368d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17573_none_1e68c4ce7748b1bd\wininet.dll : 981,504 : 03/07/2011 09:33 AM : a5b19b240901cab0c8e7767d2873613e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21676_none_1ef5627790639d8c\wininet.dll : 981,504 : 03/07/2011 09:22 AM : edeb2904636b657782f824d8ff97d0b8 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16437_none_1a63c80bbc1c1756\wininet.dll : 1,126,912 : 11/10/2011 07:32 PM : d3788d91530cfa005bd516189a4c676e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16440_none_1a51f619bc2a81e6\wininet.dll : 1,127,424 : 11/03/2011 06:39 PM : 02f98b5c0e397ad06124d84428cf8f1a [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16441_none_1a52f663bc299b3d\wininet.dll : 1,127,424 : 12/13/2011 09:57 PM : 1d94fa7c81d2ffe494af094619ba706f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16443_none_1a54f6f7bc27cdeb\wininet.dll : 1,127,424 : 02/27/2012 08:11 PM : 44465367256d1c72b58f5abaa19e7016 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16446_none_1a57f7d5bc2519f0\wininet.dll : 1,129,472 : 05/17/2012 06:35 PM : 1c191a4f0960f21b5d58c8a65baf5427 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16447_none_1a58f81fbc243347\wininet.dll : 1,129,472 : 06/02/2012 06:25 AM : 8e87270c4704cf2951e1e7820d6c8a2b [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16448_none_1a59f869bc234c9e\wininet.dll : 1,129,472 : 06/28/2012 08:09 PM : 75a97a2c060e72ab49e071e08c7dd2ba [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16450_none_1a47262dbc329dd7\wininet.dll : 1,129,472 : 08/24/2012 08:51 AM : 5553611e2f9ea6f613079177f1233068 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16455_none_1a4c279fbc2e1c8a\wininet.dll : 1,129,472 : 10/08/2012 08:48 AM : 9cb0d2a9a77d91d9614355ee9ff00519 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16457_none_1a4e2833bc2c4f38\wininet.dll : 1,129,472 : 11/13/2012 08:57 PM : 7fa3a810f383588d46220967de8b64ff [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16464_none_1a405769bc371f24\wininet.dll : 1,129,472 : 01/08/2013 05:03 PM : b49b56b64f57699a1a663d2cf7d0a56f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20544_none_1adf940cd544870c\wininet.dll : 1,127,424 : 11/03/2011 07:07 PM : 32569df2f9bef05dd7d56e30590edfd9 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20546_none_1ae194a0d542b9ba\wininet.dll : 1,127,424 : 12/13/2011 09:28 PM : 022a78194e2c7106f5af9f2bc6ac8774 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20548_none_1ae39534d540ec68\wininet.dll : 1,127,424 : 02/27/2012 07:58 PM : 11a34dca08eb2a586246f2d6c2a81d58 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20551_none_1ad1c342d54f56f8\wininet.dll : 1,129,472 : 05/17/2012 06:19 PM : 43bac67996d8765a5f1b3a4ea6231e21 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20553_none_1ad3c3d6d54d89a6\wininet.dll : 1,129,472 : 06/02/2012 06:16 AM : e430161a632f9a8fe512de0ca5685559 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20554_none_1ad4c420d54ca2fd\wininet.dll : 1,129,472 : 06/28/2012 06:54 PM : 54c30a4066a28f9a017e095e283b2762 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20557_none_1ad7c4fed549ef02\wininet.dll : 1,129,472 : 08/24/2012 06:12 AM : 2895e29efcfc0b1bcf8aee1a0c67913c [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20562_none_1ac7f3a0d5568c40\wininet.dll : 1,129,472 : 10/08/2012 06:37 AM : 6e3ac8a54a1881806ba2b58539483788 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20565_none_1acaf47ed553d845\wininet.dll : 1,129,472 : 11/13/2012 08:33 PM : 0635d714351f842d43ea184e75c4a3ff [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20573_none_1abe23fed55dc188\wininet.dll : 1,129,472 : 01/08/2013 03:41 PM : 16c45e6881449c6330567e51c13920fa [Pos Repl]
Checking HOSTS File: 
* HOSTS file entries found: 
ÿþ1 2 7 . 0 . 0 . 1 l o c a l h o s t

: : 1 l o c a l h o s t

Program finished at: 04/30/2013 12:18:09 PM
Execution time: 0 hours(s), 3 minute(s), and 20 seconds(s)


----------



## Mark1956 (May 7, 2011)

Your system does not look to good from that scan, it may or may not have fixed the problem with running SecurityCheck, but as you have not made any post about running it again (as requested) I'm none the wiser.

The scan shows three important system files that appear to have been patched and a good number of other system files that have lost their Signatures which all in all suggests the System files have been tampered with, it is infected or something is causing corruption.

Are you aware of anything that may have caused this to happen, a previous severe Malware infection perhaps?

I would suggest running this scan now to check for Rootkits.

Please follow the instructions exactly as written, deviating from the instructions and trying to fix anything before I have seen the logs may make your PC unbootable. If TDSSKiller does not offer the Cure option *DO NOT select delete* as you may remove files needed for the system to operate.

Please download Kaspersky's *TDSSKiller* and *save it to your Desktop. <-Important!*
_-- The tool is frequently updated...if you used TDSSKiller before, delete that version and download the most current one before using again._

_Be sure to print out and follow all of these instructions unless you can view them on another PC while running the program. _.


Extract (unzip) the file to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the Desktop.
Alternatively, you can download TDSSKiller.exe and use that instead.
Double-click on *TDSSKiller.exe* to run the tool for known TDSS variants.
_*Vista*/*Windows 7* users right-click and select Run As Administrator_.
If an update is available, TDSSKiller will prompt you to update and download the most current version. Click *Load Update*. Close TDSSKiller and start again.


When the program opens, click the *Change parameters.*










Under "Additional options", check the boxes next to *Verify file digital signatures* and *Detect TDLFS file system*, then click *OK*.










Click the *Start Scan* button.










Do not use the computer during the scan
If the scan completes with nothing found, click *Close* to exit.
If '*Suspicious objects*' are detected, the default action will be *Skip*. Leave the default set to Skip and click on *Continue*.
If *Malicious objects* are detected, they will show in the Scan results - *Select action for found objects:* and offer three options.










Ensure *Cure* is selected...then click *Continue* -> *Reboot computer* *for cure completion.*










*Important! ->* If *Cure* *is not available*, please choose *Skip* instead. *Do not choose Delete unless instructed.* If you choose *Delete* you may *remove critical system files* and make your PC *unstable* or possibly *unbootable*.

A log file named *TDSSKiller_version_date_time_log.txt* will be created and saved to the root directory (usually Local Disk C: ).
Copy and paste the contents of that file in your next reply.

_-- If TDSSKiller does not run, try renaming it. To do this, right-click on *TDSSKiller.exe*, select *Rename* and give it a random name with the *.com* file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it to something else *before* beginning the download and saving to the computer or to perform the scan in "safe mode"._


----------



## jetsguy (Feb 27, 2011)

09:33:47.0584 3228 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:33:47.0937 3228 ============================================================
09:33:47.0937 3228 Current date / time: 2013/05/01 09:33:47.0937
09:33:47.0937 3228 SystemInfo:
09:33:47.0937 3228 
09:33:47.0937 3228 OS Version: 6.1.7601 ServicePack: 1.0
09:33:47.0937 3228 Product type: Workstation
09:33:47.0937 3228 ComputerName: VERNA-PC
09:33:47.0938 3228 UserName: verna
09:33:47.0938 3228 Windows directory: C:\Windows
09:33:47.0938 3228 System windows directory: C:\Windows
09:33:47.0938 3228 Running under WOW64
09:33:47.0938 3228 Processor architecture: Intel x64
09:33:47.0938 3228 Number of processors: 2
09:33:47.0938 3228 Page size: 0x1000
09:33:47.0938 3228 Boot type: Normal boot
09:33:47.0938 3228 ============================================================
09:33:48.0250 3228 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:33:48.0270 3228 ============================================================
09:33:48.0270 3228 \Device\Harddisk0\DR0:
09:33:48.0270 3228 MBR partitions:
09:33:48.0270 3228 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x13C3000
09:33:48.0270 3228 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13D7000, BlocksNum 0x38FAE800
09:33:48.0270 3228 ============================================================
09:33:48.0301 3228 C: <-> \Device\Harddisk0\DR0\Partition2
09:33:48.0301 3228 ============================================================
09:33:48.0301 3228 Initialize success
09:33:48.0301 3228 ============================================================
09:34:13.0981 5024 ============================================================
09:34:13.0981 5024 Scan started
09:34:13.0981 5024 Mode: Manual; SigCheck; TDLFS; 
09:34:13.0981 5024 ============================================================
09:34:14.0141 5024 ================ Scan system memory ========================
09:34:14.0141 5024 System memory - ok
09:34:14.0142 5024 ================ Scan services =============================
09:34:14.0254 5024 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:34:14.0384 5024 1394ohci - ok
09:34:14.0413 5024 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:34:14.0434 5024 ACPI - ok
09:34:14.0459 5024 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:34:14.0493 5024 AcpiPmi - ok
09:34:14.0587 5024 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:34:14.0606 5024 AdobeFlashPlayerUpdateSvc - ok
09:34:14.0635 5024 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:34:14.0656 5024 adp94xx - ok
09:34:14.0670 5024 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:34:14.0688 5024 adpahci - ok
09:34:14.0706 5024 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:34:14.0723 5024 adpu320 - ok
09:34:14.0755 5024 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:34:14.0814 5024 AeLookupSvc - ok
09:34:14.0848 5024 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:34:14.0865 5024 AFD ( UnsignedFile.Multi.Generic ) - warning
09:34:14.0866 5024 AFD - detected UnsignedFile.Multi.Generic (1)
09:34:14.0878 5024 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:34:14.0895 5024 agp440 - ok
09:34:14.0908 5024 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:34:14.0938 5024 ALG - ok
09:34:14.0963 5024 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:34:14.0975 5024 aliide - ok
09:34:14.0980 5024 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:34:14.0999 5024 amdide - ok
09:34:15.0009 5024 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:34:15.0042 5024 AmdK8 - ok
09:34:15.0062 5024 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:34:15.0099 5024 AmdPPM - ok
09:34:15.0123 5024 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:34:15.0138 5024 amdsata - ok
09:34:15.0155 5024 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:34:15.0171 5024 amdsbs - ok
09:34:15.0183 5024 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:34:15.0199 5024 amdxata - ok
09:34:15.0266 5024 [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
09:34:15.0277 5024 AOL ACS - ok
09:34:15.0298 5024 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:34:15.0348 5024 AppID - ok
09:34:15.0387 5024 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:34:15.0448 5024 AppIDSvc - ok
09:34:15.0481 5024 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:34:15.0535 5024 Appinfo - ok
09:34:15.0561 5024 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:34:15.0574 5024 arc - ok
09:34:15.0588 5024 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:34:15.0604 5024 arcsas - ok
09:34:15.0691 5024 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:34:15.0703 5024 aspnet_state - ok
09:34:15.0748 5024 [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
09:34:15.0768 5024 aswFsBlk - ok
09:34:15.0812 5024 [ 6B91E6D483AADB3FC4E13E2355200611 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
09:34:15.0825 5024 aswKbd - ok
09:34:15.0855 5024 [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
09:34:15.0869 5024 aswMonFlt - ok
09:34:15.0877 5024 [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
09:34:15.0891 5024 aswRdr - ok
09:34:15.0918 5024 [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
09:34:15.0935 5024 aswRvrt - ok
09:34:15.0964 5024 [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
09:34:15.0998 5024 aswSnx - ok
09:34:16.0015 5024 [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP C:\Windows\system32\drivers\aswSP.sys
09:34:16.0036 5024 aswSP - ok
09:34:16.0044 5024 [ D62C10D1829C65115111C160EA956260 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
09:34:16.0057 5024 aswTdi - ok
09:34:16.0086 5024 [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
09:34:16.0103 5024 aswVmm - ok
09:34:16.0119 5024 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:34:16.0174 5024 AsyncMac - ok
09:34:16.0202 5024 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:34:16.0213 5024 atapi - ok
09:34:16.0247 5024 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:34:16.0320 5024 AudioEndpointBuilder - ok
09:34:16.0339 5024 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:34:16.0377 5024 AudioSrv - ok
09:34:16.0452 5024 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:34:16.0479 5024 avast! Antivirus - ok
09:34:16.0508 5024 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:34:16.0553 5024 AxInstSV - ok
09:34:16.0602 5024 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:34:16.0638 5024 b06bdrv - ok
09:34:16.0670 5024 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:34:16.0702 5024 b57nd60a - ok
09:34:16.0759 5024 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
09:34:16.0775 5024 BBSvc - ok
09:34:16.0801 5024 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
09:34:16.0816 5024 BBUpdate - ok
09:34:16.0845 5024 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:34:16.0862 5024 BDESVC - ok
09:34:16.0896 5024 [ 66116E0A4DA8407FF7F2AAACE52B8B54 ] bdfsfltr C:\Windows\system32\DRIVERS\bdfsfltr.sys
09:34:16.0913 5024 bdfsfltr - ok
09:34:16.0935 5024 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:34:16.0984 5024 Beep - ok
09:34:17.0034 5024 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:34:17.0076 5024 BFE - ok
09:34:17.0112 5024 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:34:17.0184 5024 BITS - ok
09:34:17.0211 5024 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:34:17.0242 5024 blbdrive - ok
09:34:17.0273 5024 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:34:17.0303 5024 bowser - ok
09:34:17.0324 5024 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:34:17.0361 5024 BrFiltLo - ok
09:34:17.0387 5024 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:34:17.0407 5024 BrFiltUp - ok
09:34:17.0445 5024 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:34:17.0451 5024 Browser ( UnsignedFile.Multi.Generic ) - warning
09:34:17.0451 5024 Browser - detected UnsignedFile.Multi.Generic (1)
09:34:17.0476 5024 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:34:17.0513 5024 Brserid - ok
09:34:17.0535 5024 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:34:17.0570 5024 BrSerWdm - ok
09:34:17.0576 5024 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:34:17.0608 5024 BrUsbMdm - ok
09:34:17.0629 5024 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:34:17.0644 5024 BrUsbSer - ok
09:34:17.0652 5024 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:34:17.0674 5024 BTHMODEM - ok
09:34:17.0696 5024 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:34:17.0727 5024 bthserv - ok
09:34:17.0737 5024 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:34:17.0771 5024 cdfs - ok
09:34:17.0804 5024 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
09:34:17.0823 5024 cdrom - ok
09:34:17.0848 5024 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:34:17.0923 5024 CertPropSvc - ok
09:34:17.0947 5024 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:34:17.0963 5024 circlass - ok
09:34:17.0979 5024 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:34:17.0997 5024 CLFS - ok
09:34:18.0041 5024 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:34:18.0056 5024 clr_optimization_v2.0.50727_32 - ok
09:34:18.0069 5024 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:34:18.0083 5024 clr_optimization_v2.0.50727_64 - ok
09:34:18.0144 5024 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:34:18.0158 5024 clr_optimization_v4.0.30319_32 - ok
09:34:18.0185 5024 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:34:18.0215 5024 clr_optimization_v4.0.30319_64 - ok
09:34:18.0229 5024 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:34:18.0260 5024 CmBatt - ok
09:34:18.0293 5024 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:34:18.0305 5024 cmdide - ok
09:34:18.0333 5024 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
09:34:18.0359 5024 CNG - ok
09:34:18.0376 5024 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:34:18.0392 5024 Compbatt - ok
09:34:18.0422 5024 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:34:18.0459 5024 CompositeBus - ok
09:34:18.0463 5024 COMSysApp - ok
09:34:18.0493 5024 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:34:18.0505 5024 crcdisk - ok
09:34:18.0553 5024 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:34:18.0585 5024 CryptSvc ( UnsignedFile.Multi.Generic ) - warning
09:34:18.0585 5024 CryptSvc - detected UnsignedFile.Multi.Generic (1)
09:34:18.0625 5024 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:34:18.0683 5024 DcomLaunch - ok
09:34:18.0717 5024 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:34:18.0769 5024 defragsvc - ok
09:34:18.0800 5024 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:34:18.0857 5024 DfsC - ok
09:34:18.0887 5024 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:34:18.0938 5024 Dhcp - ok
09:34:18.0960 5024 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:34:19.0015 5024 discache - ok
09:34:19.0036 5024 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:34:19.0051 5024 Disk - ok
09:34:19.0077 5024 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:34:19.0120 5024 Dnscache - ok
09:34:19.0172 5024 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
09:34:19.0180 5024 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
09:34:19.0180 5024 DockLoginService - detected UnsignedFile.Multi.Generic (1)
09:34:19.0220 5024 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:34:19.0275 5024 dot3svc - ok
09:34:19.0321 5024 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:34:19.0370 5024 DPS - ok
09:34:19.0402 5024 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:34:19.0431 5024 drmkaud - ok
09:34:19.0467 5024 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:34:19.0499 5024 DXGKrnl - ok
09:34:19.0524 5024 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:34:19.0573 5024 EapHost - ok
09:34:19.0662 5024 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:34:19.0763 5024 ebdrv - ok
09:34:19.0798 5024 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:34:19.0832 5024 EFS ( UnsignedFile.Multi.Generic ) - warning
09:34:19.0832 5024 EFS - detected UnsignedFile.Multi.Generic (1)
09:34:19.0900 5024 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:34:19.0941 5024 ehRecvr - ok
09:34:19.0971 5024 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:34:20.0011 5024 ehSched - ok
09:34:20.0050 5024 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:34:20.0071 5024 elxstor - ok
09:34:20.0093 5024 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:34:20.0127 5024 ErrDev - ok
09:34:20.0135 5024 esgiguard - ok
09:34:20.0184 5024 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:34:20.0223 5024 EventSystem - ok
09:34:20.0231 5024 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:34:20.0270 5024 exfat - ok
09:34:20.0287 5024 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:34:20.0324 5024 fastfat - ok
09:34:20.0356 5024 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:34:20.0401 5024 Fax - ok
09:34:20.0420 5024 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:34:20.0452 5024 fdc - ok
09:34:20.0479 5024 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:34:20.0528 5024 fdPHost - ok
09:34:20.0547 5024 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:34:20.0600 5024 FDResPub - ok
09:34:20.0623 5024 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:34:20.0635 5024 FileInfo - ok
09:34:20.0657 5024 FileMonitor - ok
09:34:20.0672 5024 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:34:20.0708 5024 Filetrace - ok
09:34:20.0730 5024 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:34:20.0745 5024 flpydisk - ok
09:34:20.0788 5024 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:34:20.0804 5024 FltMgr - ok
09:34:20.0850 5024 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
09:34:20.0873 5024 FontCache ( UnsignedFile.Multi.Generic ) - warning
09:34:20.0873 5024 FontCache - detected UnsignedFile.Multi.Generic (1)
09:34:20.0923 5024 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:34:20.0933 5024 FontCache3.0.0.0 - ok
09:34:20.0943 5024 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:34:20.0959 5024 FsDepends - ok
09:34:20.0991 5024 [ B16B626996C74B564005BA855C5DEE90 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
09:34:21.0005 5024 fssfltr - ok
09:34:21.0060 5024 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
09:34:21.0107 5024 fsssvc - ok
09:34:21.0130 5024 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:34:21.0142 5024 Fs_Rec - ok
09:34:21.0181 5024 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:34:21.0200 5024 fvevol - ok
09:34:21.0210 5024 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:34:21.0228 5024 gagp30kx - ok
09:34:21.0321 5024 [ 2973B4EB7BE10A0D491B2037DCAAE88F ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
09:34:21.0333 5024 Garmin Core Update Service - ok
09:34:21.0361 5024 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
09:34:21.0371 5024 GoToAssist - ok
09:34:21.0402 5024 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:34:21.0473 5024 gpsvc - ok
09:34:21.0513 5024 [ B9893A68032A6D9ADDB5B98287C630F7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
09:34:21.0526 5024 grmnusb - ok
09:34:21.0545 5024 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:34:21.0586 5024 hcw85cir - ok
09:34:21.0620 5024 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:34:21.0660 5024 HdAudAddService - ok
09:34:21.0693 5024 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:34:21.0729 5024 HDAudBus - ok
09:34:21.0754 5024 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:34:21.0768 5024 HidBatt - ok
09:34:21.0780 5024 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:34:21.0806 5024 HidBth - ok
09:34:21.0820 5024 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:34:21.0837 5024 HidIr - ok
09:34:21.0864 5024 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:34:21.0919 5024 hidserv - ok
09:34:21.0943 5024 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:34:21.0962 5024 HidUsb - ok
09:34:21.0988 5024 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:34:22.0042 5024 hkmsvc - ok
09:34:22.0084 5024 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:34:22.0117 5024 HomeGroupListener - ok
09:34:22.0155 5024 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:34:22.0191 5024 HomeGroupProvider - ok
09:34:22.0213 5024 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:34:22.0226 5024 HpSAMD - ok
09:34:22.0265 5024 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:34:22.0333 5024 HTTP - ok
09:34:22.0373 5024 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:34:22.0384 5024 hwpolicy - ok
09:34:22.0415 5024 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:34:22.0430 5024 i8042prt - ok
09:34:22.0465 5024 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:34:22.0483 5024 iaStor - ok
09:34:22.0541 5024 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:34:22.0550 5024 IAStorDataMgrSvc - ok
09:34:22.0573 5024 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:34:22.0591 5024 iaStorV - ok
09:34:22.0629 5024 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:34:22.0656 5024 idsvc - ok
09:34:22.0836 5024 [ F59AC361DFE9BFD9BE81E20B04EADAA2 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:34:23.0069 5024 igfx - ok
09:34:23.0155 5024 [ 23E1BCADABE423C35C19BBDFF10CCE6D ] IHA_MessageCenter C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
09:34:23.0179 5024 IHA_MessageCenter - ok
09:34:23.0195 5024 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:34:23.0211 5024 iirsp - ok
09:34:23.0245 5024 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:34:23.0287 5024 IKEEXT - ok
09:34:23.0296 5024 IntcAzAudAddService - ok
09:34:23.0318 5024 [ B014CE58F0A8048D3924BA8D5CCBC5F1 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
09:34:23.0347 5024 IntcHdmiAddService - ok
09:34:23.0374 5024 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:34:23.0387 5024 intelide - ok
09:34:23.0402 5024 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:34:23.0434 5024 intelppm - ok
09:34:23.0470 5024 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:34:23.0528 5024 IPBusEnum - ok
09:34:23.0562 5024 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:34:23.0613 5024 IpFilterDriver - ok
09:34:23.0646 5024 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:34:23.0660 5024 iphlpsvc ( UnsignedFile.Multi.Generic ) - warning
09:34:23.0660 5024 iphlpsvc - detected UnsignedFile.Multi.Generic (1)
09:34:23.0690 5024 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:34:23.0706 5024 IPMIDRV - ok
09:34:23.0724 5024 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:34:23.0778 5024 IPNAT - ok
09:34:23.0802 5024 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:34:23.0844 5024 IRENUM - ok
09:34:23.0872 5024 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:34:23.0885 5024 isapnp - ok
09:34:23.0919 5024 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:34:23.0937 5024 iScsiPrt - ok
09:34:23.0959 5024 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:34:23.0973 5024 kbdclass - ok
09:34:24.0005 5024 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:34:24.0020 5024 kbdhid - ok
09:34:24.0031 5024 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:34:24.0042 5024 KeyIso ( UnsignedFile.Multi.Generic ) - warning
09:34:24.0042 5024 KeyIso - detected UnsignedFile.Multi.Generic (1)
09:34:24.0067 5024 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:34:24.0082 5024 KSecDD - ok
09:34:24.0114 5024 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:34:24.0127 5024 KSecPkg - ok
09:34:24.0149 5024 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:34:24.0202 5024 ksthunk - ok
09:34:24.0242 5024 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:34:24.0297 5024 KtmRm - ok
09:34:24.0337 5024 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:34:24.0393 5024 LanmanServer - ok
09:34:24.0427 5024 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:34:24.0487 5024 LanmanWorkstation - ok
09:34:24.0520 5024 [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
09:34:24.0532 5024 LHidFilt - ok
09:34:24.0555 5024 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:34:24.0603 5024 lltdio - ok
09:34:24.0644 5024 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:34:24.0684 5024 lltdsvc - ok
09:34:24.0693 5024 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:34:24.0730 5024 lmhosts - ok
09:34:24.0754 5024 [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
09:34:24.0765 5024 LMouFilt - ok
09:34:24.0794 5024 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:34:24.0815 5024 LSI_FC - ok
09:34:24.0827 5024 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:34:24.0842 5024 LSI_SAS - ok
09:34:24.0860 5024 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:34:24.0875 5024 LSI_SAS2 - ok
09:34:24.0884 5024 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:34:24.0897 5024 LSI_SCSI - ok
09:34:24.0911 5024 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:34:24.0964 5024 luafv - ok
09:34:24.0999 5024 [ 9D9714E78EAC9E5368208649489C920E ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
09:34:25.0013 5024 LUsbFilt - ok
09:34:25.0042 5024 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:34:25.0076 5024 Mcx2Svc - ok
09:34:25.0099 5024 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:34:25.0115 5024 megasas - ok
09:34:25.0129 5024 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:34:25.0149 5024 MegaSR - ok
09:34:25.0172 5024 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:34:25.0226 5024 MMCSS - ok
09:34:25.0265 5024 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:34:25.0305 5024 Modem - ok
09:34:25.0344 5024 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:34:25.0383 5024 monitor - ok
09:34:25.0408 5024 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:34:25.0421 5024 mouclass - ok
09:34:25.0432 5024 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:34:25.0471 5024 mouhid - ok
09:34:25.0508 5024 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:34:25.0521 5024 mountmgr - ok
09:34:25.0564 5024 [ 1C9B83F6A2D1F414F0ACD28D75605607 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:34:25.0582 5024 MozillaMaintenance - ok
09:34:25.0597 5024 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:34:25.0615 5024 mpio - ok
09:34:25.0633 5024 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:34:25.0671 5024 mpsdrv - ok
09:34:25.0713 5024 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:34:25.0758 5024 MpsSvc - ok
09:34:25.0788 5024 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:34:25.0809 5024 MRxDAV - ok
09:34:25.0841 5024 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:34:25.0873 5024 mrxsmb - ok
09:34:25.0915 5024 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:34:25.0950 5024 mrxsmb10 - ok
09:34:25.0978 5024 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:34:25.0991 5024 mrxsmb20 - ok
09:34:26.0006 5024 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:34:26.0020 5024 msahci - ok
09:34:26.0043 5024 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
09:34:26.0056 5024 MSCamSvc - ok
09:34:26.0101 5024 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:34:26.0118 5024 msdsm - ok
09:34:26.0136 5024 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:34:26.0157 5024 MSDTC - ok
09:34:26.0194 5024 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:34:26.0230 5024 Msfs - ok
09:34:26.0245 5024 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:34:26.0285 5024 mshidkmdf - ok
09:34:26.0296 5024 [ BB590070D606AE6F008341FC9A7B2AD7 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
09:34:26.0313 5024 MSHUSBVideo - ok
09:34:26.0338 5024 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:34:26.0351 5024 msisadrv - ok
09:34:26.0377 5024 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:34:26.0429 5024 MSiSCSI - ok
09:34:26.0435 5024 msiserver - ok
09:34:26.0468 5024 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:34:26.0505 5024 MSKSSRV - ok
09:34:26.0527 5024 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:34:26.0563 5024 MSPCLOCK - ok
09:34:26.0582 5024 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:34:26.0629 5024 MSPQM - ok
09:34:26.0661 5024 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:34:26.0678 5024 MsRPC - ok
09:34:26.0690 5024 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:34:26.0702 5024 mssmbios - ok
09:34:26.0712 5024 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:34:26.0777 5024 MSTEE - ok
09:34:26.0809 5024 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:34:26.0831 5024 MTConfig - ok
09:34:26.0849 5024 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:34:26.0864 5024 Mup - ok
09:34:26.0902 5024 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:34:26.0958 5024 napagent - ok
09:34:26.0988 5024 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:34:27.0028 5024 NativeWifiP - ok
09:34:27.0067 5024 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:34:27.0099 5024 NDIS - ok
09:34:27.0110 5024 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:34:27.0147 5024 NdisCap - ok
09:34:27.0163 5024 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:34:27.0195 5024 NdisTapi - ok
09:34:27.0227 5024 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:34:27.0259 5024 Ndisuio - ok
09:34:27.0291 5024 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:34:27.0345 5024 NdisWan - ok
09:34:27.0382 5024 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:34:27.0431 5024 NDProxy - ok
09:34:27.0456 5024 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:34:27.0506 5024 NetBIOS - ok
09:34:27.0556 5024 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:34:27.0609 5024 NetBT - ok
09:34:27.0639 5024 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:34:27.0651 5024 Netlogon ( UnsignedFile.Multi.Generic ) - warning
09:34:27.0651 5024 Netlogon - detected UnsignedFile.Multi.Generic (1)
09:34:27.0679 5024 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:34:27.0737 5024 Netman - ok
09:34:27.0784 5024 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:34:27.0797 5024 NetMsmqActivator - ok
09:34:27.0802 5024 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:34:27.0820 5024 NetPipeActivator - ok
09:34:27.0837 5024 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:34:27.0902 5024 netprofm - ok
09:34:27.0909 5024 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:34:27.0924 5024 NetTcpActivator - ok
09:34:27.0929 5024 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:34:27.0940 5024 NetTcpPortSharing - ok
09:34:27.0971 5024 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:34:27.0989 5024 nfrd960 - ok
09:34:28.0057 5024 [ 764F18B210B161C8E0C4347C924A268A ] NitroReaderDriverReadSpool3 C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
09:34:28.0070 5024 NitroReaderDriverReadSpool3 - ok
09:34:28.0105 5024 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:34:28.0135 5024 NlaSvc ( UnsignedFile.Multi.Generic ) - warning
09:34:28.0135 5024 NlaSvc - detected UnsignedFile.Multi.Generic (1)
09:34:28.0165 5024 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:34:28.0197 5024 Npfs - ok
09:34:28.0206 5024 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:34:28.0265 5024 nsi - ok
09:34:28.0292 5024 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:34:28.0347 5024 nsiproxy - ok
09:34:28.0417 5024 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:34:28.0470 5024 Ntfs - ok
09:34:28.0504 5024 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:34:28.0539 5024 Null - ok
09:34:28.0569 5024 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:34:28.0585 5024 nvraid - ok
09:34:28.0597 5024 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:34:28.0615 5024 nvstor - ok
09:34:28.0632 5024 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:34:28.0649 5024 nv_agp - ok
09:34:28.0679 5024 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:34:28.0696 5024 ohci1394 - ok
09:34:28.0715 5024 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:34:28.0755 5024 p2pimsvc - ok
09:34:28.0786 5024 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:34:28.0808 5024 p2psvc - ok
09:34:28.0833 5024 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:34:28.0852 5024 Parport - ok
09:34:28.0870 5024 Partizan - ok
09:34:28.0904 5024 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:34:28.0918 5024 partmgr - ok
09:34:28.0937 5024 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:34:28.0976 5024 PcaSvc - ok
09:34:29.0009 5024 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:34:29.0028 5024 pci - ok
09:34:29.0040 5024 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:34:29.0057 5024 pciide - ok
09:34:29.0078 5024 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:34:29.0097 5024 pcmcia - ok
09:34:29.0114 5024 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:34:29.0128 5024 pcw - ok
09:34:29.0146 5024 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:34:29.0206 5024 PEAUTH - ok
09:34:29.0274 5024 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:34:29.0312 5024 PerfHost - ok
09:34:29.0413 5024 [ 02E5757EE1A406601AF370023EBDA20B ] PGMTrusted C:\Users\verna\Pogo Games\PGMTrusted.exe
09:34:29.0431 5024 PGMTrusted - ok
09:34:29.0481 5024 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:34:29.0543 5024 pla - ok
09:34:29.0578 5024 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:34:29.0624 5024 PlugPlay - ok
09:34:29.0654 5024 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:34:29.0689 5024 PNRPAutoReg - ok
09:34:29.0715 5024 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:34:29.0734 5024 PNRPsvc - ok
09:34:29.0752 5024 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:34:29.0793 5024 PolicyAgent - ok
09:34:29.0813 5024 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:34:29.0874 5024 Power - ok
09:34:29.0913 5024 [ B0E7D5D2CFAA6ED5F20EB8B84A35E593 ] pppop C:\Windows\system32\DRIVERS\pppop64.sys
09:34:29.0926 5024 pppop - ok
09:34:29.0952 5024 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:34:30.0005 5024 PptpMiniport - ok
09:34:30.0035 5024 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:34:30.0063 5024 Processor - ok
09:34:30.0100 5024 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:34:30.0116 5024 ProfSvc ( UnsignedFile.Multi.Generic ) - warning
09:34:30.0116 5024 ProfSvc - detected UnsignedFile.Multi.Generic (1)
09:34:30.0141 5024 Prot6Flt - ok
09:34:30.0156 5024 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:34:30.0165 5024 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
09:34:30.0165 5024 ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
09:34:30.0199 5024 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:34:30.0256 5024 Psched - ok
09:34:30.0311 5024 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:34:30.0358 5024 ql2300 - ok
09:34:30.0374 5024 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:34:30.0393 5024 ql40xx - ok
09:34:30.0408 5024 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:34:30.0452 5024 QWAVE - ok
09:34:30.0476 5024 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:34:30.0497 5024 QWAVEdrv - ok
09:34:30.0506 5024 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:34:30.0558 5024 RasAcd - ok
09:34:30.0591 5024 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:34:30.0625 5024 RasAgileVpn - ok
09:34:30.0638 5024 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:34:30.0699 5024 RasAuto - ok
09:34:30.0729 5024 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:34:30.0762 5024 Rasl2tp - ok
09:34:30.0789 5024 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:34:30.0826 5024 RasMan - ok
09:34:30.0839 5024 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:34:30.0881 5024 RasPppoe - ok
09:34:30.0902 5024 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:34:30.0955 5024 RasSstp - ok
09:34:30.0996 5024 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:34:31.0033 5024 rdbss - ok
09:34:31.0044 5024 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:34:31.0084 5024 rdpbus - ok
09:34:31.0109 5024 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:34:31.0163 5024 RDPCDD - ok
09:34:31.0189 5024 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:34:31.0256 5024 RDPENCDD - ok
09:34:31.0281 5024 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:34:31.0314 5024 RDPREFMP - ok
09:34:31.0374 5024 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:34:31.0396 5024 RdpVideoMiniport ( UnsignedFile.Multi.Generic ) - warning
09:34:31.0396 5024 RdpVideoMiniport - detected UnsignedFile.Multi.Generic (1)
09:34:31.0448 5024 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:34:31.0456 5024 RDPWD ( UnsignedFile.Multi.Generic ) - warning
09:34:31.0456 5024 RDPWD - detected UnsignedFile.Multi.Generic (1)
09:34:31.0488 5024 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:34:31.0504 5024 rdyboost - ok
09:34:31.0563 5024 [ 1B89CF5B5C12F5DA383DFFFD4F3D6667 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
09:34:31.0577 5024 RealNetworks Downloader Resolver Service - ok
09:34:31.0581 5024 RegFilter - ok
09:34:31.0606 5024 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:34:31.0663 5024 RemoteAccess - ok
09:34:31.0706 5024 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:34:31.0759 5024 RemoteRegistry - ok
09:34:31.0789 5024 [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
09:34:31.0840 5024 RMCAST - ok
09:34:31.0868 5024 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:34:31.0905 5024 RpcEptMapper - ok
09:34:31.0929 5024 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:34:31.0969 5024 RpcLocator - ok
09:34:32.0007 5024 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:34:32.0046 5024 RpcSs - ok
09:34:32.0064 5024 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:34:32.0124 5024 rspndr - ok
09:34:32.0160 5024 [ 47032C855DDCB5AD7236286689EDE288 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:34:32.0179 5024 RTL8167 - ok
09:34:32.0189 5024 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:34:32.0195 5024 SamSs ( UnsignedFile.Multi.Generic ) - warning
09:34:32.0195 5024 SamSs - detected UnsignedFile.Multi.Generic (1)
09:34:32.0209 5024 SASDIFSV - ok
09:34:32.0217 5024 SASKUTIL - ok
09:34:32.0247 5024 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:34:32.0259 5024 sbp2port - ok
09:34:32.0286 5024 SBRE - ok
09:34:32.0300 5024 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:34:32.0341 5024 SCardSvr - ok
09:34:32.0368 5024 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:34:32.0419 5024 scfilter - ok
09:34:32.0470 5024 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:34:32.0538 5024 Schedule - ok
09:34:32.0581 5024 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:34:32.0618 5024 SCPolicySvc - ok
09:34:32.0648 5024 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:34:32.0684 5024 SDRSVC - ok
09:34:32.0725 5024 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:34:32.0756 5024 secdrv - ok
09:34:32.0784 5024 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:34:32.0817 5024 seclogon - ok
09:34:32.0828 5024 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:34:32.0886 5024 SENS - ok
09:34:32.0907 5024 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:34:32.0922 5024 SensrSvc - ok
09:34:32.0932 5024 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum  C:\Windows\system32\DRIVERS\serenum.sys
09:34:32.0967 5024 Serenum - ok
09:34:32.0998 5024 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:34:33.0045 5024 Serial - ok
09:34:33.0080 5024 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:34:33.0116 5024 sermouse - ok
09:34:33.0154 5024 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:34:33.0203 5024 SessionEnv - ok
09:34:33.0240 5024 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:34:33.0276 5024 sffdisk - ok
09:34:33.0298 5024 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:34:33.0316 5024 sffp_mmc - ok
09:34:33.0325 5024 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:34:33.0360 5024 sffp_sd - ok
09:34:33.0383 5024 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:34:33.0397 5024 sfloppy - ok
09:34:33.0429 5024 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:34:33.0473 5024 SharedAccess - ok
09:34:33.0513 5024 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:34:33.0575 5024 ShellHWDetection - ok
09:34:33.0586 5024 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:34:33.0607 5024 SiSRaid2 - ok
09:34:33.0621 5024 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:34:33.0635 5024 SiSRaid4 - ok
09:34:33.0681 5024 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
09:34:33.0690 5024 SmartDefragDriver - ok
09:34:33.0704 5024 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:34:33.0762 5024 Smb - ok
09:34:33.0803 5024 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:34:33.0841 5024 SNMPTRAP - ok
09:34:33.0861 5024 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:34:33.0875 5024 spldr - ok
09:34:33.0903 5024 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:34:33.0919 5024 Spooler ( UnsignedFile.Multi.Generic ) - warning
09:34:33.0919 5024 Spooler - detected UnsignedFile.Multi.Generic (1)
09:34:33.0993 5024 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:34:34.0093 5024 sppsvc - ok
09:34:34.0111 5024 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:34:34.0167 5024 sppuinotify - ok
09:34:34.0214 5024 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:34:34.0249 5024 srv - ok
09:34:34.0277 5024 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:34:34.0295 5024 srv2 - ok
09:34:34.0309 5024 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:34:34.0326 5024 srvnet - ok
09:34:34.0351 5024 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:34:34.0405 5024 SSDPSRV - ok
09:34:34.0434 5024 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:34:34.0473 5024 SstpSvc - ok
09:34:34.0497 5024 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:34:34.0510 5024 stexstor - ok
09:34:34.0546 5024 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:34:34.0574 5024 stisvc - ok
09:34:34.0622 5024 [ 6F715D00024CB60C2B60278425AD6EC2 ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
09:34:34.0634 5024 SWDUMon - ok
09:34:34.0669 5024 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:34:34.0683 5024 swenum - ok
09:34:34.0697 5024 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:34:34.0762 5024 swprv - ok
09:34:34.0826 5024 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:34:34.0901 5024 SysMain - ok
09:34:34.0943 5024 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:34:34.0964 5024 TabletInputService - ok
09:34:35.0003 5024 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:34:35.0061 5024 TapiSrv - ok
09:34:35.0095 5024 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:34:35.0139 5024 TBS - ok
09:34:35.0197 5024 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:34:35.0256 5024 Tcpip - ok
09:34:35.0285 5024 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:34:35.0319 5024 TCPIP6 - ok
09:34:35.0350 5024 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:34:35.0373 5024 tcpipreg ( UnsignedFile.Multi.Generic ) - warning
09:34:35.0373 5024 tcpipreg - detected UnsignedFile.Multi.Generic (1)
09:34:35.0404 5024 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:34:35.0462 5024 TDPIPE - ok
09:34:35.0498 5024 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:34:35.0524 5024 TDTCP ( UnsignedFile.Multi.Generic ) - warning
09:34:35.0524 5024 TDTCP - detected UnsignedFile.Multi.Generic (1)
09:34:35.0561 5024 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:34:35.0596 5024 tdx - ok
09:34:35.0629 5024 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:34:35.0647 5024 TermDD - ok
09:34:35.0672 5024 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:34:35.0712 5024 TermService - ok
09:34:35.0725 5024 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:34:35.0760 5024 Themes - ok
09:34:35.0797 5024 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:34:35.0833 5024 THREADORDER - ok
09:34:35.0846 5024 tljkva - ok
09:34:35.0865 5024 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:34:35.0934 5024 TrkWks - ok
09:34:35.0985 5024 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:34:36.0020 5024 TrustedInstaller - ok
09:34:36.0044 5024 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:34:36.0093 5024 tssecsrv - ok
09:34:36.0129 5024 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:34:36.0141 5024 TsUsbFlt ( UnsignedFile.Multi.Generic ) - warning
09:34:36.0141 5024 TsUsbFlt - detected UnsignedFile.Multi.Generic (1)
09:34:36.0169 5024 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:34:36.0205 5024 tunnel - ok
09:34:36.0221 5024 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:34:36.0235 5024 uagp35 - ok
09:34:36.0273 5024 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:34:36.0327 5024 udfs - ok
09:34:36.0369 5024 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:34:36.0387 5024 UI0Detect - ok
09:34:36.0405 5024 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:34:36.0419 5024 uliagpkx - ok
09:34:36.0448 5024 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:34:36.0479 5024 umbus - ok
09:34:36.0499 5024 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:34:36.0541 5024 UmPass - ok
09:34:36.0577 5024 [ 9DC07E73A4ABB9ACF692113B36A5009F ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
09:34:36.0586 5024 UnlockerDriver5 - ok
09:34:36.0604 5024 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:34:36.0660 5024 upnphost - ok
09:34:36.0688 5024 UrlFilter - ok
09:34:36.0703 5024 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:34:36.0744 5024 usbaudio - ok
09:34:36.0770 5024 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:34:36.0787 5024 usbccgp - ok
09:34:36.0822 5024 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:34:36.0840 5024 usbcir - ok
09:34:36.0855 5024 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:34:36.0871 5024 usbehci - ok
09:34:36.0899 5024 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:34:36.0919 5024 usbhub - ok
09:34:36.0931 5024 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:34:36.0952 5024 usbohci - ok
09:34:36.0967 5024 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:34:37.0002 5024 usbprint - ok
09:34:37.0039 5024 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:34:37.0080 5024 usbscan - ok
09:34:37.0103 5024 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:34:37.0120 5024 USBSTOR - ok
09:34:37.0136 5024 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:34:37.0177 5024 usbuhci - ok
09:34:37.0205 5024 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:34:37.0225 5024 usbvideo - ok
09:34:37.0250 5024 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:34:37.0299 5024 UxSms - ok
09:34:37.0331 5024 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:34:37.0341 5024 VaultSvc ( UnsignedFile.Multi.Generic ) - warning
09:34:37.0341 5024 VaultSvc - detected UnsignedFile.Multi.Generic (1)
09:34:37.0348 5024 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:34:37.0362 5024 vdrvroot - ok
09:34:37.0412 5024 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:34:37.0471 5024 vds - ok
09:34:37.0499 5024 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:34:37.0518 5024 vga - ok
09:34:37.0535 5024 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:34:37.0587 5024 VgaSave - ok
09:34:37.0619 5024 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:34:37.0637 5024 vhdmp - ok
09:34:37.0657 5024 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:34:37.0671 5024 viaide - ok
09:34:37.0690 5024 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:34:37.0706 5024 volmgr - ok
09:34:37.0738 5024 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:34:37.0756 5024 volmgrx - ok
09:34:37.0775 5024 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:34:37.0791 5024 volsnap - ok
09:34:37.0805 5024 Vsdatant - ok
09:34:37.0826 5024 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:34:37.0843 5024 vsmraid - ok
09:34:37.0890 5024 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:34:37.0971 5024 VSS - ok
09:34:37.0994 5024 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:34:38.0031 5024 vwifibus - ok
09:34:38.0067 5024 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:34:38.0130 5024 W32Time - ok
09:34:38.0170 5024 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:34:38.0201 5024 WacomPen - ok
09:34:38.0229 5024 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:34:38.0286 5024 WANARP - ok
09:34:38.0290 5024 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:34:38.0325 5024 Wanarpv6 - ok
09:34:38.0353 5024 [ ECEB715BECE47E101DDEC06B11126066 ] wanatw C:\Windows\system32\DRIVERS\wanatw64.sys
09:34:38.0381 5024 wanatw - ok
09:34:38.0426 5024 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:34:38.0462 5024 WatAdminSvc - ok
09:34:38.0512 5024 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:34:38.0562 5024 wbengine - ok
09:34:38.0580 5024 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:34:38.0604 5024 WbioSrvc - ok
09:34:38.0643 5024 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:34:38.0684 5024 wcncsvc - ok
09:34:38.0715 5024 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:34:38.0731 5024 WcsPlugInService - ok
09:34:38.0754 5024 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:34:38.0767 5024 Wd - ok
09:34:38.0805 5024 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:34:38.0833 5024 Wdf01000 - ok
09:34:38.0852 5024 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:34:38.0889 5024 WdiServiceHost - ok
09:34:38.0893 5024 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:34:38.0919 5024 WdiSystemHost - ok
09:34:38.0957 5024 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:34:39.0002 5024 WebClient - ok
09:34:39.0042 5024 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:34:39.0053 5024 Wecsvc ( UnsignedFile.Multi.Generic ) - warning
09:34:39.0053 5024 Wecsvc - detected UnsignedFile.Multi.Generic (1)
09:34:39.0065 5024 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:34:39.0126 5024 wercplsupport - ok
09:34:39.0153 5024 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:34:39.0190 5024 WerSvc - ok
09:34:39.0202 5024 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:34:39.0240 5024 WfpLwf - ok
09:34:39.0273 5024 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
09:34:39.0289 5024 WimFltr - ok
09:34:39.0302 5024 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:34:39.0319 5024 WIMMount - ok
09:34:39.0340 5024 WinDefend - ok
09:34:39.0380 5024 WinHttpAutoProxySvc - ok
09:34:39.0426 5024 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:34:39.0453 5024 Winmgmt ( UnsignedFile.Multi.Generic ) - warning
09:34:39.0453 5024 Winmgmt - detected UnsignedFile.Multi.Generic (1)
09:34:39.0521 5024 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll
09:34:39.0615 5024 WinRM ( UnsignedFile.Multi.Generic ) - warning
09:34:39.0615 5024 WinRM - detected UnsignedFile.Multi.Generic (1)
09:34:39.0655 5024 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:34:39.0710 5024 Wlansvc - ok
09:34:39.0825 5024 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:34:39.0891 5024 wlidsvc - ok
09:34:39.0923 5024 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:34:39.0938 5024 WmiAcpi - ok
09:34:39.0978 5024 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:34:40.0006 5024 wmiApSrv ( UnsignedFile.Multi.Generic ) - warning
09:34:40.0007 5024 wmiApSrv - detected UnsignedFile.Multi.Generic (1)
09:34:40.0044 5024 WMPNetworkSvc - ok
09:34:40.0056 5024 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:34:40.0074 5024 WPCSvc - ok
09:34:40.0108 5024 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:34:40.0127 5024 WPDBusEnum - ok
09:34:40.0150 5024 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:34:40.0199 5024 ws2ifsl - ok
09:34:40.0222 5024 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:34:40.0275 5024 wscsvc - ok
09:34:40.0283 5024 WSearch - ok
09:34:40.0364 5024 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:34:40.0445 5024 wuauserv - ok
09:34:40.0482 5024 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:34:40.0508 5024 WudfPf ( UnsignedFile.Multi.Generic ) - warning
09:34:40.0508 5024 WudfPf - detected UnsignedFile.Multi.Generic (1)
09:34:40.0530 5024 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:34:40.0538 5024 WUDFRd ( UnsignedFile.Multi.Generic ) - warning
09:34:40.0539 5024 WUDFRd - detected UnsignedFile.Multi.Generic (1)
09:34:40.0570 5024 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:34:40.0596 5024 wudfsvc ( UnsignedFile.Multi.Generic ) - warning
09:34:40.0596 5024 wudfsvc - detected UnsignedFile.Multi.Generic (1)
09:34:40.0623 5024 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:34:40.0668 5024 WwanSvc - ok
09:34:40.0673 5024 X5XSEx_Pr135 - ok
09:34:40.0685 5024 ================ Scan global ===============================
09:34:40.0729 5024 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:34:40.0764 5024 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
09:34:40.0774 5024 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
09:34:40.0801 5024 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:34:40.0822 5024 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:34:40.0831 5024 [Global] - ok
09:34:40.0831 5024 ================ Scan MBR ==================================
09:34:40.0840 5024 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
09:34:41.0090 5024 \Device\Harddisk0\DR0 - ok
09:34:41.0090 5024 ================ Scan VBR ==================================
09:34:41.0097 5024 [ 039F40FE13B2B3EF820F97C1DEFF8F1F ] \Device\Harddisk0\DR0\Partition1
09:34:41.0099 5024 \Device\Harddisk0\DR0\Partition1 - ok
09:34:41.0127 5024 [ 72B7F13754AFC9529069C612181B2FC4 ] \Device\Harddisk0\DR0\Partition2
09:34:41.0128 5024 \Device\Harddisk0\DR0\Partition2 - ok
09:34:41.0131 5024 ============================================================
09:34:41.0131 5024 Scan finished
09:34:41.0131 5024 ============================================================
09:34:41.0143 4952 Detected object count: 27
09:34:41.0143 4952 Actual detected object count: 27
09:36:55.0942 4952 AFD ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0942 4952 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0944 4952 Browser ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0944 4952 Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0945 4952 CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0946 4952 CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0948 4952 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0948 4952 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0954 4952 EFS ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0954 4952 EFS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0957 4952 FontCache ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0958 4952 FontCache ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0958 4952 iphlpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0958 4952 iphlpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0967 4952 KeyIso ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0967 4952 KeyIso ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0970 4952 Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0970 4952 Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0973 4952 NlaSvc ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0973 4952 NlaSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0976 4952 ProfSvc ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0976 4952 ProfSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0979 4952 ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0979 4952 ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0982 4952 RdpVideoMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0982 4952 RdpVideoMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0984 4952 RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0984 4952 RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0988 4952 SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0988 4952 SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0990 4952 Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0991 4952 Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0993 4952 tcpipreg ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0993 4952 tcpipreg ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0996 4952 TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0996 4952 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:55.0998 4952 TsUsbFlt ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:55.0998 4952 TsUsbFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:56.0001 4952 VaultSvc ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:56.0001 4952 VaultSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:56.0003 4952 Wecsvc ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:56.0004 4952 Wecsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:56.0006 4952 Winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:56.0006 4952 Winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:56.0009 4952 WinRM ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:56.0009 4952 WinRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:56.0012 4952 wmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:56.0012 4952 wmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:56.0016 4952 WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:56.0016 4952 WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:56.0018 4952 WUDFRd ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:56.0019 4952 WUDFRd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:36:56.0021 4952 wudfsvc ( UnsignedFile.Multi.Generic ) - skipped by user
09:36:56.0021 4952 wudfsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:37:22.0317 4520 Deinitialize success


----------



## Mark1956 (May 7, 2011)

Before we go any further, please answer the question asked and tell me if SecurityCheck will now run.


----------



## jetsguy (Feb 27, 2011)

SecurityCheck still won't run.It's doing the same as before.


----------



## Mark1956 (May 7, 2011)

I have to assume at the moment that the problem with SecurityCheck is due to some corruption in your system, I've never know it to fail to run correctly.

You have still failed to answer the question asked.



> Are you aware of anything that may have caused this to happen, a previous severe Malware infection perhaps?


I am out for the rest of the evening so won't be back until tomorrow, please answer that question and then proceed with this scan below.

*STEP 1*
*NOTE:* If you have already used Combofix please delete the icon from your desktop.


Please download DeFogger and save it to your desktop.
Once downloaded, double-click on the *DeFogger* icon to start the tool.
The application window will appear.
You should now click on the *Disable* button to disable your CD Emulation drivers.
When it prompts you whether or not you want to continue, please click on the *Yes* button to continue.
When the program has completed you will see a *Finished!* message. Click on the *OK* button to exit the program.
If CD Emulation programs are present and have been disabled, *DeFogger* will now ask you to reboot the machine. Please allow it to do so by clicking on the *OK* button.

*STEP 2*
Please download *ComboFix*







from one of the locations below and *save it to your Desktop. <-Important!!!*


Download Mirror #1
Download Mirror #2

Be sure to print out and follow these instructions: *A guide and tutorial on using ComboFix*

*Vista*/*Windows 7* users can skip the Recovery Console instructions and use the Windows DVD to boot into the Vista Recovery Environment or Windows 7 System Recovery Options if something goes awry. If you do not have a Windows 7 DVD then please create a Windows 7 Repair Disc. *XP* users need to install the Recovery Console first.


Temporarily *disable* your *anti-virus*, script blocking and any *anti-malware* real-time protection _*before*_ performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause _"unpredictable results"_. Click this link to see a list of such programs and how to disable them.
If ComboFix detects an older version of itself, you will be asked to update the program.
ComboFix will begin by showing a Disclaimer. Read it and click *I Agree* if you want to continue.
Follow the prompts and click on *Yes* to continue scanning for malware.
If using Windows 7 or Vista and you receive a UAC prompt asking if you want to continue running the program, you should press the *Continue* button.
When finished, please copy and paste the contents of C:\*ComboFix.txt* (_which will open after reboot_) in your next reply.
Be sure to *re-enable* your anti-virus and other security programs.

_-- Do not touch your mouse/keyboard until the ComboFix scan has completed, as this may cause the process to stall or the computer to lock.
-- ComboFix will temporarily disable your desktop, and if interrupted may leave it disabled. If this occurs, please reboot to restore it.
-- ComboFix disables autorun of all CD, floppy and USB devices to assist with malware removal and increase security._

If you no longer have access to your Internet connection after running ComboFix, please reboot to restore it. If that does not restore the connection, then follow the instructions for Manually restoring the Internet connection provided in the "_How to Guide_" you printed out earlier. Those instructions only apply to XP, for Vista and Windows 7 go here: Internet connection repair

*NOTE:* if you see a message like this when you attempt to open anything after the reboot *"Illegal Operation attempted on a registry key that has been marked for deletion"* please reboot the system again and the warning should not return.



> *Do NOT use ComboFix* unless you have been instructed to do so by a Malware Removal Expert. It is a powerful tool intended by its creator to be used under the guidance and supervision of an expert, *NOT for general public or personal use*. *Using this tool incorrectly could lead to serious problems with your operating system such as preventing it from ever starting again.* This site, sUBs and myself *will not* be responsible for any damage caused to your machine by misusing or running ComboFix on your own. Please read *ComboFix's Disclaimer*.


----------



## jetsguy (Feb 27, 2011)

In answer to your question no I do not know what may have caused this.I will not use Combofix as it messed up a pc I had so bad I could not return it to its original state.If there is an alternate program I'll give it a try.


----------



## Mark1956 (May 7, 2011)

The only situation I have known of where Combofix made a PC unusable is where it removed a patch that was used to validate a pirated copy of Windows, under normal circumstances and in hundreds of threads where I have used it, it has never done any harm.

If you don't wish to take the advice I am giving then your best course of action would be to re-install Windows.

I will leave this open to any other helpers to post advice, but in my opinion the best way to go is to run Combofix as I am sure it will help.


----------



## jetsguy (Feb 27, 2011)

Results of Combofix:

ComboFix 13-05-01.03 - verna 05/02/2013 5:54.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3037.1944 [GMT -4:00]
Running from: c:\users\verna\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1321789218.bdinstall.bin
c:\programdata\1322517364.bdinstall.bin
c:\programdata\1357127106.bdinstall.bin
c:\programdata\1357127156.bdinstall.bin
c:\programdata\1357127229.bdinstall.bin
c:\programdata\1357127252.2872.bin
c:\programdata\1357127252.2920.bin
c:\programdata\1357127252.2948.bin
c:\programdata\1357141203.bdinstall.bin
c:\programdata\1357141296.bdinstall.bin
c:\programdata\ntuser.dat
c:\programdata\PCDr\6032\AddOnDownloaded\07287f2e-4f82-4848-8132-7055ef322318.dll
c:\programdata\PCDr\6032\AddOnDownloaded\2d5007b2-cc36-4b97-a231-d0c427a69035.dll
c:\programdata\PCDr\6032\AddOnDownloaded\330761e0-2594-472d-8455-796592cf88dc.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3d9332d1-0b48-40cc-9189-068cf64600b6.dll
c:\users\verna\GoToAssistDownloadHelper.exe
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-04-02 to 2013-05-02 )))))))))))))))))))))))))))))))
.
.
2013-05-02 10:08 . 2013-05-02 10:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-27 10:55 . 2013-04-27 10:55 -------- d-----w- c:\program files (x86)\123 Free Solitaire
2013-04-25 16:42 . 2013-04-25 16:42 -------- d-----w- c:\program files (x86)\Java
2013-04-25 16:41 . 2013-04-25 16:41 196528 ----a-w- c:\windows\system32\javaws.exe
2013-04-25 16:41 . 2013-04-25 16:41 172976 ----a-w- c:\windows\system32\javaw.exe
2013-04-25 16:41 . 2013-04-25 16:41 172976 ----a-w- c:\windows\system32\java.exe
2013-04-25 16:41 . 2013-04-25 16:41 -------- d-----w- c:\program files\Java
2013-04-24 18:19 . 2013-04-24 18:19 -------- d-----w- C:\_OTM
2013-04-24 10:00 . 2013-04-24 10:00 -------- d-----w- c:\program files (x86)\Trend Micro
2013-04-24 09:17 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-23 15:22 . 2013-04-23 15:22 -------- d-----w- C:\MATS
2013-04-22 12:29 . 2013-04-22 12:29 40208 ----a-w- c:\windows\system32\Partizan.exe
2013-04-22 12:25 . 2013-04-22 12:32 -------- d-----w- c:\programdata\RegRun
2013-04-19 16:32 . 2013-04-27 09:33 -------- d-----w- c:\program files (x86)\Super Solitaire
2013-04-18 10:33 . 2013-04-18 10:33 -------- d-----w- c:\programdata\TreeCardGames
2013-04-18 10:32 . 2013-04-18 10:32 -------- d-----w- c:\users\verna\AppData\Roaming\TreeCardGames
2013-04-13 19:24 . 2013-04-13 19:24 -------- d-----w- c:\users\verna\AppData\Local\MGTEK
2013-04-13 19:23 . 2013-04-13 19:23 -------- d-----w- c:\programdata\MGTEK
2013-04-12 16:31 . 2013-04-12 16:33 -------- d-----w- c:\users\verna\AppData\Roaming\Open Download Manager
2013-04-10 14:05 . 2013-04-10 14:05 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-04-10 09:56 . 2013-02-21 10:14 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-04-10 09:56 . 2013-02-21 10:14 19230208 ----a-w- c:\windows\system32\mshtml.dll
2013-04-10 09:50 . 2012-10-30 22:51 21136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-04-10 09:35 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 09:35 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 09:35 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 09:35 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 09:35 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 09:35 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 09:35 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-10 09:35 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-09 14:45 . 2013-04-09 14:46 -------- d-----w- c:\program files\Common Files\Little Registry Cleaner
2013-04-09 14:31 . 2013-04-09 14:31 -------- d-----w- c:\users\verna\AppData\Local\Little_Apps
2013-04-08 17:39 . 2002-01-05 09:40 487424 ----a-w- c:\windows\SysWow64\msvcp70.dll
2013-04-08 17:39 . 2004-03-09 03:00 1081616 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2013-04-05 09:41 . 2013-04-08 17:12 -------- d-----w- c:\users\verna\AppData\Roaming\ChemTable Software
2013-04-05 09:41 . 2013-04-08 17:12 -------- d-----w- c:\users\verna\AppData\Local\ChemTable Software
2013-04-05 09:41 . 2013-04-05 10:59 -------- d-----w- c:\users\verna\AppData\Local\AnVir
2013-04-04 20:07 . 2013-04-04 20:07 -------- d-----w- c:\programdata\TaskManager
2013-04-04 19:35 . 2013-04-27 16:56 -------- d-----w- c:\users\verna\AppData\Roaming\Nitro PDF
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-23 15:37 . 2012-05-02 19:28 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-04-23 15:37 . 2010-12-16 05:33 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-23 15:00 . 2012-05-02 19:20 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-23 15:00 . 2010-12-16 05:34 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-12 10:09 . 2012-03-31 10:24 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-12 10:09 . 2011-09-08 22:55 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-10 09:58 . 2011-04-29 11:08 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-16 11:57 . 2012-03-09 17:53 260 ----a-w- c:\windows\SysWow64\cmdVBS.vbs
2013-03-16 11:57 . 2012-03-09 17:53 256 ----a-w- c:\windows\SysWow64\MSIevent.bat
2013-03-12 22:34 . 2013-03-12 21:34 16486616 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-03-06 22:33 . 2013-03-02 14:46 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 22:33 . 2013-03-02 14:46 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 22:33 . 2013-01-03 16:16 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 22:33 . 2013-01-03 16:16 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 22:33 . 2013-01-03 16:16 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 22:33 . 2013-01-03 16:16 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 22:33 . 2013-01-03 16:16 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 22:33 . 2013-01-03 16:16 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 22:32 . 2013-01-03 16:16 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 22:32 . 2013-01-03 16:16 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-05 21:57 . 2013-03-07 14:32 29712 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2013-03-05 20:57 . 2013-03-07 14:32 17936 ----a-w- c:\windows\system32\nitrolocalui2.dll
2013-03-02 12:06 . 2013-03-02 12:06 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-03-02 12:06 . 2013-03-02 12:06 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-03-02 12:06 . 2013-03-02 12:06 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-03-02 12:06 . 2013-03-02 12:06 81408 ----a-w- c:\windows\system32\icardie.dll
2013-03-02 12:06 . 2013-03-02 12:06 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-03-02 12:06 . 2013-03-02 12:06 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-03-02 12:06 . 2013-03-02 12:06 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-03-02 12:06 . 2013-03-02 12:06 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-03-02 12:06 . 2013-03-02 12:06 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-03-02 12:06 . 2013-03-02 12:06 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-03-02 12:06 . 2013-03-02 12:06 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-03-02 12:06 . 2013-03-02 12:06 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-03-02 12:06 . 2013-03-02 12:06 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-03-02 12:06 . 2013-03-02 12:06 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-03-02 12:06 . 2013-03-02 12:06 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-03-02 12:06 . 2013-03-02 12:06 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-03-02 12:06 . 2013-03-02 12:06 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-03-02 12:06 . 2013-03-02 12:06 441856 ----a-w- c:\windows\system32\html.iec
2013-03-02 12:06 . 2013-03-02 12:06 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-03-02 12:06 . 2013-03-02 12:06 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-03-02 12:06 . 2013-03-02 12:06 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-03-02 12:06 . 2013-03-02 12:06 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-02 12:06 . 2013-03-02 12:06 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-03-02 12:06 . 2013-03-02 12:06 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-03-02 12:06 . 2013-03-02 12:06 235008 ----a-w- c:\windows\system32\url.dll
2013-03-02 12:06 . 2013-03-02 12:06 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-03-02 12:06 . 2013-03-02 12:06 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-03-02 12:06 . 2013-03-02 12:06 216064 ----a-w- c:\windows\system32\msls31.dll
2013-03-02 12:06 . 2013-03-02 12:06 197120 ----a-w- c:\windows\system32\msrating.dll
2013-03-02 12:06 . 2013-03-02 12:06 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-03-02 12:06 . 2013-03-02 12:06 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-03-02 12:06 . 2013-03-02 12:06 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-03-02 12:06 . 2013-03-02 12:06 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-03-02 12:06 . 2013-03-02 12:06 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-02 12:06 . 2013-03-02 12:06 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-03-02 12:06 . 2013-03-02 12:06 149504 ----a-w- c:\windows\system32\occache.dll
2013-03-02 12:06 . 2013-03-02 12:06 144896 ----a-w- c:\windows\system32\wextract.exe
2013-03-02 12:06 . 2013-03-02 12:06 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-03-02 12:06 . 2013-03-02 12:06 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-03-02 12:06 . 2013-03-02 12:06 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-03-02 12:06 . 2013-03-02 12:06 13824 ----a-w- c:\windows\system32\mshta.exe
2013-03-02 12:06 . 2013-03-02 12:06 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-03-02 12:06 . 2013-03-02 12:06 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-03-02 12:06 . 2013-03-02 12:06 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-03-02 12:06 . 2013-03-02 12:06 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-03-02 12:06 . 2013-03-02 12:06 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-03-02 12:06 . 2013-03-02 12:06 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-03-02 12:06 . 2013-03-02 12:06 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-02 12:06 . 2013-03-02 12:06 102912 ----a-w- c:\windows\system32\inseng.dll
2013-02-17 06:40 . 2012-11-17 12:18 28672 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-02-12 05:45 . 2013-03-13 09:39 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 09:39 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 09:39 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 09:39 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 09:39 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 09:39 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-13 10:09 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2012-07-04 . 00A7A2067E9822E4626DE846574ADA80 . 136704 . . [6.1.7600.21256] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.21256_none_d5890aa5d0b400b5\browser.dll
[-] 2012-07-04 . 05F5A0D14A2EE1D8255C2AA0E9E8E694 . 136704 . . [6.1.7601.17887] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17887_none_d6c68344b4d406bf\browser.dll
[-] 2012-07-04 . 156768ABAE1DAF29BA0B0C05C21FEF09 . 136704 . . [6.1.7601.22044] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.22044_none_d7783703cdd41e02\browser.dll
[-] 2012-07-04 . 6B054C67AAA87843504E8E3C09102009 . 136704 . . [6.1.7600.17056] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.17056_none_d4ff6bf4b79663c4\browser.dll
[7] 2010-11-20 . 8EF0D5C41EC907751B8429162B1239ED . 136192 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17514_none_d70f2c28b49dffae\browser.dll
[7] 2009-07-14 . 94FBC06F294D58D02361918418F996E3 . 136192 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.16385_none_d4de1860b7af7c14\browser.dll
[-] 2012-07-04 . 05F5A0D14A2EE1D8255C2AA0E9E8E694 . 136704 . . [6.1.7600.16385] .. c:\windows\system32\browser.dll
.
[-] 2012-08-24 . 77119F1F9B492B260030C34F9BE327FA . 31232 . . [6.1.7601.22099] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[-] 2012-06-04 . 79C908CAA6F43021EB05F4C733A927D1 . 31232 . . [6.1.7601.22010] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[-] 2012-06-02 . BF63CE11A25F3509129888710D5111FC . 31232 . . [6.1.7600.21225] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[-] 2011-11-17 . 156F6159457D0AA7E59B62681B56EB90 . 31232 . . [6.1.7600.16915] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[-] 2011-11-17 . 156F6159457D0AA7E59B62681B56EB90 . 31232 . . [6.1.7600.16915] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[-] 2011-11-17 . D21BD47E528CD62E79311FB5DF0150E6 . 31232 . . [6.1.7600.21092] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe
[-] 2011-11-17 . C118A82CD78818C29AB228366EBF81C3 . 31232 . . [6.1.7601.17725] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[-] 2011-11-17 . C118A82CD78818C29AB228366EBF81C3 . 31232 . . [6.1.7601.17725] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[-] 2011-11-17 . C118A82CD78818C29AB228366EBF81C3 . 31232 . . [6.1.7601.17725] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[-] 2011-11-17 . 0A10B74FBB437FF9A23F1D5DE4446A83 . 31232 . . [6.1.7601.21861] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[7] 2009-07-14 . 0793F40B9B8A1BDD266296409DBD91EA . 31232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[7] 2009-07-14 . 0793F40B9B8A1BDD266296409DBD91EA . 31232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[7] 2009-07-14 . 0793F40B9B8A1BDD266296409DBD91EA . 31232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[7] 2009-07-14 . 0793F40B9B8A1BDD266296409DBD91EA . 31232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[-] 2011-11-17 . C118A82CD78818C29AB228366EBF81C3 . 31232 . . [6.1.7601.17725] .. c:\windows\system32\lsass.exe
.
[-] 2012-02-11 . 85DAA09A98C9286D4EA2BA8D0E644377 . 559104 . . [6.1.7601.17777] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe
[-] 2012-02-11 . 567977DC43CC13C4C35ED7084C0B84D5 . 559104 . . [6.1.7600.16962] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16962_none_32533f26db2c36c0\spoolsv.exe
[-] 2012-02-11 . 807B5B0E287027F72AC37B0CDA9512DA . 559104 . . [6.1.7600.21149] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.21149_none_32f955f1f433834b\spoolsv.exe
[-] 2012-02-11 . B9D7A4858CF32A6A15D2763F1DE47E0E . 559616 . . [6.1.7601.21921] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe
[7] 2010-12-16 . F8E1FA03CB70D54A9892AC88B91D1E7B . 558592 . . [6.1.7600.16661] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_3252392adb2d25f4\spoolsv.exe
[7] 2010-12-16 . 8547491BE7086EE317163365D83A37D2 . 559104 . . [6.1.7600.20785] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_32ca3745f45762fc\spoolsv.exe
[7] 2010-11-20 . B96C17B5DC1424D56EEA3A99E97428CD . 559104 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe
[7] 2009-07-14 . 89E8550C5862999FCF482EA562B0E98E . 558080 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe
[-] 2012-02-11 . 85DAA09A98C9286D4EA2BA8D0E644377 . 559104 . . [6.1.7600.16385] .. c:\windows\system32\spoolsv.exe
.
[-] 2012-06-04 . 7E7D2DACF65D750D466F36BD3D09AE20 . 186880 . . [6.1.7601.22010] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[-] 2012-06-02 . 9C01375BE382E834CC26D1B7EAF2C4FE . 184320 . . [6.1.7601.17856] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[-] 2012-06-02 . 456107D69D4EE850A559434F19EFEE65 . 183808 . . [6.1.7600.21225] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[-] 2012-06-02 . BAF19B633933A9FB4883D27D66C39E9A . 182272 . . [6.1.7600.17035] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[-] 2012-04-24 . F02786B66375292E58C8777082D4396D . 182272 . . [6.1.7600.17008] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[-] 2012-04-24 . 4F5414602E2544A4554D95517948B705 . 184320 . . [6.1.7601.17827] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[-] 2012-04-24 . CE8BF1423AEE47DA5275FBC8AD3BD642 . 183808 . . [6.1.7600.21199] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[-] 2012-04-24 . B7337E9C9E5936355BB700AA33E0936E . 186880 . . [6.1.7601.21979] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[7] 2010-11-20 . 15597883FBE9B056F276ADA3AD87D9AF . 177152 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[7] 2009-07-14 . 8C57411B66282C01533CB776F98AD384 . 175104 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[-] 2012-06-02 . 9C01375BE382E834CC26D1B7EAF2C4FE . 184320 . . [6.1.7600.16385] .. c:\windows\system32\cryptsvc.dll
.
[-] 2012-11-22 . BD5153969C41F697E23B9A43EF9228CE . 801280 . . [1.0626.7600.17174] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.17174_none_08f91fc3722650e0\usp10.dll
[-] 2012-11-22 . E4ACCC7927A1478DF636534864E03666 . 801280 . . [1.0626.7601.22171] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22171_none_0b661a9c886d0db8\usp10.dll
[-] 2012-11-22 . 77AD7076F8CF3CAB923F7FAE6DC9BDA8 . 800768 . . [1.0626.7600.21379] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.21379_none_0987bfe68b3f6c84\usp10.dll
[-] 2012-11-22 . DBF99FD9CAF75CA66D042BD8D050FF71 . 800768 . . [1.0626.7601.18009] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18009_none_0b302f956f0f750f\usp10.dll
[7] 2010-11-20 . 2F8B1E3EE3545D3B5A8D56FA1AE07B65 . 800256 . . [1.0626.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_0b207e7d6f1bea6f\usp10.dll
[7] 2009-07-14 . 5F2BDCA5FA0F20A6F452CF0EE2A2B18C . 801280 . . [1.0626.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.16385_none_08ef6ab5722d66d5\usp10.dll
[-] 2012-11-22 . DBF99FD9CAF75CA66D042BD8D050FF71 . 800768 . . [1.0626.7601.18009] .. c:\windows\system32\usp10.dll
.
[-] 2013-01-04 . 9DD828EFBD17246275E8A74D58E836AC . 1162752 . . [6.1.7600.21416] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21416_none_f0890ca988e09e80\kernel32.dll
[-] 2013-01-04 . B844114B247D8EF1E5E4E93A282D2E6F . 1162240 . . [6.1.7601.22209] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_f27d3a7985fc3a80\kernel32.dll
[-] 2013-01-04 . 43DB3433F141F01E53D1C5AA0F434098 . 1161216 . . [6.1.7600.17206] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17206_none_f00a3de46fbae59e\kernel32.dll
[-] 2012-11-30 . B3BEA6420D482356E53B7C728E05C637 . 1163264 . . [6.1.7601.22177] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_f22f888b8636ce42\kernel32.dll
[-] 2012-11-30 . E3BC37881D92EB59EE0BA3B854A54D1E . 1161216 . . [6.1.7600.17179] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_efc18d686ff0f813\kernel32.dll
[-] 2012-11-30 . 65C113214F7B05820F6D8A65B1485196 . 1161216 . . [6.1.7601.18015] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_f1e4cab46cea5424\kernel32.dll
[-] 2012-11-30 . B6B1AB98BA656BA1D8E0CA03F59DED51 . 1162752 . . [6.1.7600.21386] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_f03d5b4f891964f0\kernel32.dll
[-] 2012-10-04 . 1DC3504CA4C57900F1557E9A3F01D272 . 1161216 . . [6.1.7601.17965] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_f1aee2f66d12ac97\kernel32.dll
[-] 2012-10-04 . F3C594D0DA3ACFA6C7B781A490AB4282 . 1162240 . . [6.1.7601.22125] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_f263979386100fdf\kernel32.dll
[-] 2012-10-04 . 1DDCACAB8DA5399E5521051923016B18 . 1161216 . . [6.1.7600.17135] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17135_none_efe8cbf06fd422f3\kernel32.dll
[-] 2012-10-04 . 6EED0D77C20137948979EA47360A890B . 1162752 . . [6.1.7600.21335] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21335_none_f0726aa188f1bfe4\kernel32.dll
[-] 2012-08-20 . 1BDA5DB0C493B390C2DFD09139140DE1 . 1163776 . . [6.1.7600.21306] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21306_none_f093daaf88d88568\kernel32.dll
[-] 2012-08-20 . EAF41CFBA5281834CBC383C710AC7965 . 1162240 . . [6.1.7601.17932] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_f1cc51dc6cfd0cbf\kernel32.dll
[-] 2012-08-20 . 624B34180C79D67C470C155DB81FFB8E . 1163264 . . [6.1.7601.22091] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_f213e511864c70f3\kernel32.dll
[-] 2012-08-18 . 8E7F88A62E1AA28F15C0D6784E4C78B6 . 1162240 . . [6.1.7600.17107] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17107_none_f00b3c486fba01ce\kernel32.dll
[7] 2011-07-16 . B9B42A302325537D7B9DC52D47F33A73 . 1162752 . . [6.1.7601.17651] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_f1b5ac086d0e33d5\kernel32.dll
[7] 2011-07-16 . 27AC02D8EE4C02E7648C41CB880151DA . 1163264 . . [6.1.7601.21772] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_f22aa945863b24d8\kernel32.dll
[7] 2011-07-16 . DDBD24DC04DA5FD0EDF45CF72B7C01E2 . 1162240 . . [6.1.7600.16850] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16850_none_efce4eb86fe8ae92\kernel32.dll
[7] 2011-07-16 . 06835B46D9676BEDD80AF25ACF6845FD . 1162240 . . [6.1.7600.21010] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21010_none_f083035588e611da\kernel32.dll
[7] 2011-06-03 . 8225958BAC83EAFCDB6BAB6EE5EDF6E6 . 1162240 . . [6.1.7600.20978] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.20978_none_f04a4dfb890f50f6\kernel32.dll
[7] 2011-05-14 . 98DA1B7572DAD6BA10296E0DF0950B37 . 1162240 . . [6.1.7600.16816] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16816_none_efff90246fc2d6d8\kernel32.dll
[7] 2011-05-14 . 0E1B2E16235AA7F89F064EE75DFC905E . 1162752 . . [6.1.7601.17617] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_f1e6ed746ce85c1b\kernel32.dll
[7] 2011-05-14 . 6743E8705A96FCBF71279B5AE2CCFDBC . 1163264 . . [6.1.7601.21728] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_f266ba9d860d312d\kernel32.dll
[7] 2010-11-20 . 7A6326D96D53048FDEC542DF23D875A0 . 1161216 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll
[7] 2009-07-14 . 5B4B379AD10DEDA4EDA01B8C6961B193 . 1162240 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_efb2d6e86ffc8f55\kernel32.dll
[-] 2012-11-30 . 65C113214F7B05820F6D8A65B1485196 . 1161216 . . [6.1.7601.18015] .. c:\windows\system32\kernel32.dll
.
[-] 2013-03-02 . 7539E5B4A9763C22CE5CACE3E9A6246F . 19221504 . . [10.00.9200.16521] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16521_none_911cac30929d18df\mshtml.dll
[-] 2013-02-24 . 073C9BEDBC37FB3E3C2432BDF87869C0 . 19475968 . . [10.00.9200.20644] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20644_none_7a45f1e4ac4b1416\mshtml.dll
[-] 2013-02-21 . 394ECD933CD66BADF97EA85A183B9E1E . 19230208 . . [10.00.9200.16540] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16540_none_911ec38c929b31ec\mshtml.dll
[-] 2013-01-09 . 14DEB733ACB08A71CC0783ED02FF1F8D . 17812992 . . [9.00.8112.16464] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16464_none_87b9120bf4eaf990\mshtml.dll
[-] 2013-01-09 . B6C5BC6D4E1D79CB8DF107112A9F37CB . 17814528 . . [9.00.8112.20573] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20573_none_8836dea10e119bf4\mshtml.dll
[-] 2012-11-14 . CFF3C4ABDCC5356B0674743BDF0FB674 . 17811968 . . [9.00.8112.16457] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16457_none_87c6e2d5f4e029a4\mshtml.dll
[-] 2012-11-14 . 5024CACD183E4C0FCCDE6DB8A38EEC7B . 17811968 . . [9.00.8112.20565] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20565_none_8843af210e07b2b1\mshtml.dll
[-] 2012-10-08 . 6D4F838E72EEEB3D6FB16A5A45632560 . 17811968 . . [9.00.8112.16455] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16455_none_87c4e241f4e1f6f6\mshtml.dll
[-] 2012-10-08 . 1FB8062D4C3A4C7B8ECA7BBD1E743000 . 17812992 . . [9.00.8112.20562] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20562_none_8840ae430e0a66ac\mshtml.dll
[-] 2012-08-24 . F244DA6DD2C365ABAFD076222C22C2BE . 17810944 . . [9.00.8112.16450] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16450_none_87bfe0cff4e67843\mshtml.dll
[-] 2012-08-24 . 522A528C296A9AEF3F0C289FF7093315 . 17810944 . . [9.00.8112.20557] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20557_none_88507fa10dfdc96e\mshtml.dll
[-] 2012-06-29 . 8415F4792D7BC07BE328DF56FE32045A . 17809920 . . [9.00.8112.16448] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16448_none_87d2b30bf4d7270a\mshtml.dll
[-] 2012-06-29 . C4DE0E2B31F60ACB15E6B4154E26298A . 17809920 . . [9.00.8112.20554] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20554_none_884d7ec30e007d69\mshtml.dll
[-] 2012-06-02 . 89C4B3BF66D3C2F3D83F9DEDF1B218D6 . 17807360 . . [9.00.8112.16447] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16447_none_87d1b2c1f4d80db3\mshtml.dll
[-] 2012-06-02 . 0C26F50D6C347CE294C84347E6FAEAA8 . 17807360 . . [9.00.8112.20553] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20553_none_884c7e790e016412\mshtml.dll
[-] 2012-05-18 . DE469470D93DEB4A1A81EDE72B848198 . 17807360 . . [9.00.8112.16446] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16446_none_87d0b277f4d8f45c\mshtml.dll
[-] 2012-05-18 . BE1E4779329040ED334651CD877C416D . 17807360 . . [9.00.8112.20551] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20551_none_884a7de50e033164\mshtml.dll
[-] 2012-02-28 . D785A16A6F03F76CB862F28C9F8C9672 . 17790976 . . [9.00.8112.16443] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16443_none_87cdb199f4dba857\mshtml.dll
[-] 2012-02-28 . 97BB8C752A400556A4FF2E1AAFA0A138 . 17790976 . . [9.00.8112.20548] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20548_none_885c4fd70df4c6d4\mshtml.dll
[-] 2011-12-14 . E61288581AD9E647ABEFB1489B250B5C . 17790464 . . [9.00.8112.16441] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16441_none_87cbb105f4dd75a9\mshtml.dll
[-] 2011-12-14 . 153963F44A26A7840ACDF52C2CD1B9DC . 17790464 . . [9.00.8112.20546] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20546_none_885a4f430df69426\mshtml.dll
[-] 2011-11-11 . 02B4E6CCCA443568764281391635F5A4 . 17781760 . . [9.00.8112.16437] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16437_none_87dc82adf4cff1c2\mshtml.dll
[-] 2011-11-04 . 5770C4BA825C42D6EFD9486029747108 . 17786368 . . [9.00.8112.20544] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20544_none_88584eaf0df86178\mshtml.dll
[-] 2011-11-04 . E7BD23BEC69CF23436EEDE9B18DE186D . 17786368 . . [9.00.8112.16440] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16440_none_87cab0bbf4de5c52\mshtml.dll
[7] 2011-03-07 . B2716DEC935FD5C8EEA66C1C0F7F5504 . 8995328 . . [8.00.7601.17573] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17573_none_8be17f70affc8c29\mshtml.dll
[7] 2011-03-07 . 929F6341D1743D018D15B574B18B0D97 . 8995328 . . [8.00.7601.21676] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21676_none_8c6e1d19c91777f8\mshtml.dll
[7] 2011-02-24 . F8F007BC2705CD11B2087635A5D0D3FD . 9311744 . . [8.00.7600.16766] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16766_none_8a08f334b2cb5051\mshtml.dll
[7] 2011-02-24 . 2B300279E66420F30E68E7B613B5A03D . 9309696 . . [8.00.7600.20908] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20908_none_8ad57201cbb6784a\mshtml.dll
[7] 2010-12-16 . F172328C926FF41AA3CC81EB37F7E0AE . 9276928 . . [8.00.7600.16490] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16490_none_89e27c02b2e914a5\mshtml.dll
[7] 2010-12-16 . 4C8FC7269F660374F398F75B240EF446 . 9280512 . . [8.00.7600.20600] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20600_none_8acd69ffcbbdb61d\mshtml.dll
[7] 2010-12-16 . E5DED66EFC742ADE04819551AF3652B1 . 9273344 . . [8.00.7600.16466] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16466_none_8a08ed82b2cb58dc\mshtml.dll
[7] 2010-12-16 . AADEEDB38F70638FD2B7A86EDD837D19 . 9273856 . . [8.00.7600.20579] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20579_none_8a8abb3fcbee609c\mshtml.dll
[7] 2010-12-16 . 74DA18BB61FE98FC002866F032329265 . 9298432 . . [8.00.7600.16625] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16625_none_8a3330b4b2abca0f\mshtml.dll
[7] 2010-12-16 . E16D240876BAD97B05DCAD346AC734F6 . 9295360 . . [8.00.7600.20745] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20745_none_8aa72da7cbd9a1bb\mshtml.dll
[7] 2010-12-16 . 282F2FEB95A6B3985CB30BA236594E7E . 9283072 . . [8.00.7600.16535] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16535_none_8a285ee2b2b3e8d9\mshtml.dll
[-] 2013-02-21 . 394ECD933CD66BADF97EA85A183B9E1E . 19230208 . . [10.00.9200.16521] .. c:\windows\system32\mshtml.dll
.
[-] 2011-12-16 . C391FC68282A000CDF953F8B6B55D2EF . 634880 . . [7.0.7601.17744] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_2f5acf97b59df60f\msvcrt.dll
[-] 2011-12-16 . 579F6AFC6A6561951FA2202EFC3FE485 . 634368 . . [7.0.7600.16930] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16930_none_2d7b4155b87308d6\msvcrt.dll
[-] 2011-12-16 . F9A4C695C86CC32048FE2C987A0BD387 . 634880 . . [7.0.7601.21878] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_2fc7fdc6ced04f08\msvcrt.dll
[-] 2011-12-16 . 7D8B505E35AB89D3C3E9AE54A2C95DD2 . 634880 . . [7.0.7600.21108] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.21108_none_2e2d2856d17152c7\msvcrt.dll
[7] 2009-07-14 . 7319BB10FA1F86E49E3DCF4136F6C957 . 634880 . . [7.0.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_2d4a27c7b8972454\msvcrt.dll
[-] 2011-12-16 . C391FC68282A000CDF953F8B6B55D2EF . 634880 . . [7.0.7601.17744] .. c:\windows\system32\msvcrt.dll
.
[-] 2013-03-02 . 69F1D418B4C4EC23033D598E4CBC6B73 . 2240512 . . [10.00.9200.16521] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16521_none_7fc28d121246afa9\wininet.dll
[-] 2013-02-24 . 32D39C8BA5940DA0EB6E7993F3190F92 . 2247168 . . [10.00.9200.20644] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20644_none_68ebd2c62bf4aae0\wininet.dll
[-] 2013-02-21 . 753C0848AE7872A3F59663078A517293 . 2240512 . . [10.00.9200.16540] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16540_none_7fc4a46e1244c8b6\wininet.dll
[-] 2013-01-09 . 435E9C764E1EF70058580996452BE6A2 . 1392128 . . [9.00.8112.16464] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16464_none_765ef2ed7494905a\wininet.dll
[-] 2013-01-08 . 43A6A68F1F41B13CA4D580D40DFA57EE . 1392128 . . [9.00.8112.20573] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20573_none_76dcbf828dbb32be\wininet.dll
[-] 2012-11-14 . 5121DB613E10A46A3C5085B479026AA7 . 1392128 . . [9.00.8112.16457] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16457_none_766cc3b77489c06e\wininet.dll
[-] 2012-11-14 . 5CAF48F12E8CBD96D520F4EFD5B97F76 . 1392128 . . [9.00.8112.20565] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20565_none_76e990028db1497b\wininet.dll
[-] 2012-10-08 . A19DB004D954BBC9C4EC125711E1D1C2 . 1392128 . . [9.00.8112.16455] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16455_none_766ac323748b8dc0\wininet.dll
[-] 2012-10-08 . 789EAD6F3CE42F3322818988400986E9 . 1392128 . . [9.00.8112.20562] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20562_none_76e68f248db3fd76\wininet.dll
[-] 2012-08-24 . 3D165C53E40236A68B7102D1A622D4E0 . 1392128 . . [9.00.8112.16450] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16450_none_7665c1b174900f0d\wininet.dll
[-] 2012-08-24 . 456D4E9006DF149C250D40B813290471 . 1392128 . . [9.00.8112.20557] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20557_none_76f660828da76038\wininet.dll
[-] 2012-06-29 . 8EA68FD3780DDDD5072F8CB830B3CB3D . 1392128 . . [9.00.8112.16448] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16448_none_767893ed7480bdd4\wininet.dll
[-] 2012-06-29 . 8BA7EDA2656ED7FBC93BDD5CB02B8D4E . 1392128 . . [9.00.8112.20554] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20554_none_76f35fa48daa1433\wininet.dll
[-] 2012-06-02 . 5A45FA344F4AD99D903F4B20E43B89EC . 1392128 . . [9.00.8112.16447] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16447_none_767793a37481a47d\wininet.dll
[-] 2012-06-02 . 571E809181EBF0A04FEFAA9BC9961F5B . 1392128 . . [9.00.8112.20553] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20553_none_76f25f5a8daafadc\wininet.dll
[-] 2012-05-18 . 870ECFEBD41C7B8F9C6777748368D51F . 1392128 . . [9.00.8112.16446] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16446_none_7676935974828b26\wininet.dll
[-] 2012-05-18 . BDC16D105BF011D4B1C3F09CF7A64314 . 1392128 . . [9.00.8112.20551] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20551_none_76f05ec68dacc82e\wininet.dll
[-] 2012-02-28 . 228443FF3A1FB0B974D278F7C6403FAD . 1390080 . . [9.00.8112.16443] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16443_none_7673927b74853f21\wininet.dll
[-] 2012-02-28 . B70CDC073F70E6D082A62AB5880D6B07 . 1390080 . . [9.00.8112.20548] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20548_none_770230b88d9e5d9e\wininet.dll
[-] 2011-12-14 . B1AC85B6ADC005CF3F9EB4E28DFDCCE6 . 1390080 . . [9.00.8112.16441] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16441_none_767191e774870c73\wininet.dll
[-] 2011-12-14 . C2FA4DBD6BB91D1AFD7D155120654AB9 . 1390080 . . [9.00.8112.20546] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20546_none_770030248da02af0\wininet.dll
[-] 2011-11-11 . 271E8FB1354AA205A214F280A6766E30 . 1389056 . . [9.00.8112.16437] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16437_none_7682638f7479888c\wininet.dll
[-] 2011-11-04 . 244D45F786E33C169A93F70BA63BABF8 . 1390080 . . [9.00.8112.20544] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20544_none_76fe2f908da1f842\wininet.dll
[-] 2011-11-04 . 69151E566295E5A977FE71FFAFD3B3F8 . 1390080 . . [9.00.8112.16440] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16440_none_7670919d7487f31c\wininet.dll
[7] 2011-03-07 . AB026A724960570803E90DC370893BD0 . 1188864 . . [8.00.7601.17573] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17573_none_7a8760522fa622f3\wininet.dll
[7] 2011-03-07 . 93679DC9407BFC602D7E6BFC027455E0 . 1189376 . . [8.00.7601.21676] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21676_none_7b13fdfb48c10ec2\wininet.dll
[7] 2011-02-24 . 4DAEEEE0248F5D85751B05D9C6DA28CC . 1197056 . . [8.00.7600.16766] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16766_none_78aed4163274e71b\wininet.dll
[7] 2011-02-24 . 5A33324B358D9B7E39424505EE242377 . 1198592 . . [8.00.7600.20908] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20908_none_797b52e34b600f14\wininet.dll
[7] 2010-12-21 . E71DB117DBDA6B33646F37936C17D226 . 1197056 . . [8.00.7600.16723] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16723_none_78d712e832572b52\wininet.dll
[7] 2010-12-21 . 1D3466E7E9D63F8B2B84A8AD5E833C29 . 1198080 . . [8.00.7600.20862] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20862_none_79346fb94b962189\wininet.dll
[7] 2010-12-16 . 9C0E12FB8BD14397EC9CCA99EC0ED5A3 . 1192960 . . [8.00.7600.16490] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16490_none_78885ce43292ab6f\wininet.dll
[7] 2010-12-16 . 46C47A10DB10E3055ADE41C4EB4FF7CA . 1192960 . . [8.00.7600.20600] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20600_none_79734ae14b674ce7\wininet.dll
[7] 2010-12-16 . 3DEB428ACD3D4DECD1619C24E4628DD2 . 1192960 . . [8.00.7600.16625] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16625_none_78d91196325560d9\wininet.dll
[7] 2010-12-16 . DBC6EC40DDEDF875C0576CF2C0CAF9C3 . 1196544 . . [8.00.7600.20745] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20745_none_794d0e894b833885\wininet.dll
[7] 2010-12-16 . 096698014315B32C84A7AFD4EA61FB6F . 1192960 . . [8.00.7600.16535] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16535_none_78ce3fc4325d7fa3\wininet.dll
[7] 2010-12-16 . DD9CA58E7DB6E64BAD127C7AD6FE1D08 . 1196032 . . [8.00.7600.20651] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20651_none_793e3b8f4b8ef1f3\wininet.dll
[7] 2010-11-20 . F6C5302E1F4813D552F41A0AC82455E5 . 1188864 . . [8.00.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_7ac940242f7494a4\wininet.dll
[7] 2009-07-14 . B1037F0131C9A010D611F6914E03CD92 . 1193472 . . [8.00.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_78982c5c3286110a\wininet.dll
[-] 2013-02-21 . 753C0848AE7872A3F59663078A517293 . 2240512 . . [10.00.9200.16521] .. c:\windows\system32\wininet.dll
.
[-] 2012-06-02 . 063DD65889D21035311463337BD268E7 . 142336 . . [6.1.7601.22010] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[-] 2012-06-02 . F2FDE6C8DBAAD44CC58D1E07E4AF4EED . 139264 . . [6.1.7600.17035] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[-] 2012-06-02 . EA8C26ECF1656D9647EF044F115EC6DA . 141312 . . [6.1.7600.21225] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[-] 2012-06-02 . 96C0E38905CFD788313BE8E11DAE3F2F . 140288 . . [6.1.7600.16385] .. c:\windows\SysWOW64\cryptsvc.dll
[-] 2012-06-02 . 96C0E38905CFD788313BE8E11DAE3F2F . 140288 . . [6.1.7601.17856] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[-] 2012-04-24 . 520A108A2657F4BCA7FCED9CA7D885DE . 139264 . . [6.1.7600.17008] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[-] 2012-04-24 . 06E771AA596B8761107AB57E99F128D7 . 140288 . . [6.1.7601.17827] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[-] 2012-04-24 . F522279B4717E2BFF269C771FAC2B78E . 141312 . . [6.1.7600.21199] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll
[-] 2012-04-24 . 21993009E0CCB9B4FA195F14D3408626 . 142336 . . [6.1.7601.21979] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[7] 2010-11-20 . A585BEBF7D054BD9618EDA0922D5484A . 136192 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[7] 2009-07-14 . 9C231178CE4FB385F4B54B0A9080B8A4 . 135680 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
.
[-] 2013-01-04 . 7E55988F5CB3BA67E2732370E8D71BBB . 1114112 . . [6.1.7601.22209] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_fcd1e4cbba5cfc7b\kernel32.dll
[-] 2013-01-04 . 385BE92E3106491BBB542F8F1C06C606 . 1114112 . . [6.1.7600.17206] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17206_none_fa5ee836a41ba799\kernel32.dll
[-] 2013-01-04 . F9F6CD9EF1F6C896A56B5259B81027D9 . 1114112 . . [6.1.7600.21416] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21416_none_faddb6fbbd41607b\kernel32.dll
[-] 2012-11-30 . C95793F4BE3471AEED92F5BF367BE69E . 1114112 . . [6.1.7600.17179] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_fa1637baa451ba0e\kernel32.dll
[-] 2012-11-30 . 9CC2571E3646B9A24296AD7ADCC71682 . 1114112 . . [6.1.7601.22177] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_fc8432ddba97903d\kernel32.dll
[-] 2012-11-30 . AC0B6F41882FC6ED186962D770EBF1D2 . 1114112 . . [6.1.7601.18015] .. c:\windows\SysWOW64\kernel32.dll
[-] 2012-11-30 . AC0B6F41882FC6ED186962D770EBF1D2 . 1114112 . . [6.1.7601.18015] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_fc397506a14b161f\kernel32.dll
[-] 2012-11-30 . E747ADB6223DBBE1BB138F08A09ADAD6 . 1114112 . . [6.1.7600.21386] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_fa9205a1bd7a26eb\kernel32.dll
[-] 2012-10-04 . DE7A37CB1F48526A78A2D42786411578 . 1114112 . . [6.1.7600.21335] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21335_none_fac714f3bd5281df\kernel32.dll
[-] 2012-10-04 . A6778FC49011313995A4D718F624CC74 . 1114112 . . [6.1.7600.17135] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17135_none_fa3d7642a434e4ee\kernel32.dll
[-] 2012-10-04 . D4F3176082566CEFA633B4945802D4C4 . 1114112 . . [6.1.7601.17965] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_fc038d48a1736e92\kernel32.dll
[-] 2012-10-04 . 5FA395364EE727E4BEE6B1406C207F98 . 1114112 . . [6.1.7601.22125] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_fcb841e5ba70d1da\kernel32.dll
[-] 2012-08-20 . 85660067ECD49B6E302347EFCC2F72A5 . 1114112 . . [6.1.7600.21306] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21306_none_fae88501bd394763\kernel32.dll
[-] 2012-08-20 . 9B98D47916EAD4F69EF51B56B0C2323C . 1114112 . . [6.1.7601.17932] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_fc20fc2ea15dceba\kernel32.dll
[-] 2012-08-20 . 305681B4B695D4A888B941965FFC2C17 . 1114112 . . [6.1.7601.22091] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_fc688f63baad32ee\kernel32.dll
[-] 2012-08-18 . 33616DACC75C9E105DAE944120DB4274 . 1114112 . . [6.1.7600.17107] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17107_none_fa5fe69aa41ac3c9\kernel32.dll
[7] 2011-07-16 . D3CB12854171DF61D117D7C2BF22C675 . 1114112 . . [6.1.7601.21772] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_fc7f5397ba9be6d3\kernel32.dll
[7] 2011-07-16 . 4EA99F1644627B1EBAD99D0B93CDEE1C . 1048576 . . [6.1.7600.16850] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16850_none_fa22f90aa449708d\kernel32.dll
[7] 2011-07-16 . 99C3F8E9CC59D95666EB8D8A8B4C2BEB . 1114112 . . [6.1.7601.17651] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_fc0a565aa16ef5d0\kernel32.dll
[7] 2011-07-16 . 2113248DB2D1AF9CA790B09F3E6C6E85 . 1114112 . . [6.1.7600.21010] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21010_none_fad7ada7bd46d3d5\kernel32.dll
[7] 2011-06-03 . 6EB2AEE15C20681E323E9A3E334FE6CF . 1114112 . . [6.1.7600.20978] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.20978_none_fa9ef84dbd7012f1\kernel32.dll
[7] 2011-05-14 . CC5CBC069944E7EA70D8674478A70A37 . 837632 . . [6.1.7601.21728] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_fcbb64efba6df328\kernel32.dll
[7] 2011-05-14 . 40EACEE0B6432CBE2459A11B298E9D88 . 837120 . . [6.1.7600.16816] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16816_none_fa543a76a42398d3\kernel32.dll
[7] 2011-05-14 . 166116134C58DC36400DE59ACD64FB39 . 837632 . . [6.1.7601.17617] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_fc3b97c6a1491e16\kernel32.dll
[7] 2010-11-20 . E80758CF485DB142FCA1EE03A34EAD05 . 837632 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_fc389502a14bd4ea\kernel32.dll
[7] 2009-07-14 . 606ECB76A424CC535407E7A24E2A34BC . 836608 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_fa07813aa45d5150\kernel32.dll
.
[-] 2013-03-02 . E3FA8AEAA2F40EC1BB00FEFB2C4F3AD9 . 14317568 . . [10.00.9200.16521] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16521_none_9b715682c6fddada\mshtml.dll
[-] 2013-02-24 . 6F1E3EEFCB97C97A0EB88BE6F35D92F0 . 14353408 . . [10.00.9200.20644] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20644_none_849a9c36e0abd611\mshtml.dll
[-] 2013-02-21 . D017BF8D92938EEB9B3A1D1C53FDA152 . 14323200 . . [10.00.9200.16521] .. c:\windows\SysWOW64\mshtml.dll
[-] 2013-02-21 . D017BF8D92938EEB9B3A1D1C53FDA152 . 14323200 . . [10.00.9200.16540] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16540_none_9b736ddec6fbf3e7\mshtml.dll
[-] 2013-01-08 . C97434C851C4821BD92D2831FDF1ECBE . 12321280 . . [9.00.8112.16464] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16464_none_920dbc5e294bbb8b\mshtml.dll
[-] 2013-01-08 . B6AD225B3BCC07332FBB2C2824315534 . 12322304 . . [9.00.8112.20573] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20573_none_928b88f342725def\mshtml.dll
[-] 2012-11-14 . 07F649CD36F266BBE33B814FA678AA43 . 12320256 . . [9.00.8112.16457] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16457_none_921b8d282940eb9f\mshtml.dll
[-] 2012-11-14 . 8021EF27048F9ECE5286EA8C8EED23B8 . 12321280 . . [9.00.8112.20565] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20565_none_92985973426874ac\mshtml.dll
[-] 2012-10-08 . 8D1BB1E5A033E8817EF94A9047630165 . 12320768 . . [9.00.8112.16455] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16455_none_92198c942942b8f1\mshtml.dll
[-] 2012-10-08 . F7B251DA2FA89933771289793DCAA08B . 12321280 . . [9.00.8112.20562] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20562_none_92955895426b28a7\mshtml.dll
[-] 2012-08-24 . 975D1EA99A0FE8104B72440995B3C20B . 12319744 . . [9.00.8112.20557] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20557_none_92a529f3425e8b69\mshtml.dll
[-] 2012-08-24 . BB197F54A8F69EEA8356B7F70E6D3A20 . 12319744 . . [9.00.8112.16450] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16450_none_92148b2229473a3e\mshtml.dll
[-] 2012-06-29 . 5E8E869E1342308752A37A2C90CCA79D . 12317184 . . [9.00.8112.16448] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16448_none_92275d5e2937e905\mshtml.dll
[-] 2012-06-28 . AEC51857AEC2F5CE4520366240AFC671 . 12317184 . . [9.00.8112.20554] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20554_none_92a2291542613f64\mshtml.dll
[-] 2012-06-02 . 6820A9E91AFF7CB3A510360D8CCD9BDD . 12314624 . . [9.00.8112.16447] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16447_none_92265d142938cfae\mshtml.dll
[-] 2012-06-02 . 1ABF770552EA9D4FE90F654468FAF4CE . 12314624 . . [9.00.8112.20553] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20553_none_92a128cb4262260d\mshtml.dll
[-] 2012-05-17 . 9FB58F71104107D44540AF1195F7A14D . 12314624 . . [9.00.8112.16446] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16446_none_92255cca2939b657\mshtml.dll
[-] 2012-05-17 . 761D9111F5A2619CB5060661D36FBFFF . 12314624 . . [9.00.8112.20551] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20551_none_929f28374263f35f\mshtml.dll
[-] 2012-02-28 . F82BF2CB075B49E9FAB5FF213C45C020 . 12281856 . . [9.00.8112.16443] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16443_none_92225bec293c6a52\mshtml.dll
[-] 2012-02-28 . B9E083B14B1994F1255983F2DF31C7DF . 12281856 . . [9.00.8112.20548] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20548_none_92b0fa29425588cf\mshtml.dll
[-] 2011-12-14 . 497C9C3DB953A60EC4F43A097E15F75E . 12282368 . . [9.00.8112.16441] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16441_none_92205b58293e37a4\mshtml.dll
[-] 2011-12-14 . A29CFD4B9F6F2BBE06C8D64B6D07F1D4 . 12282368 . . [9.00.8112.20546] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20546_none_92aef99542575621\mshtml.dll
[-] 2011-11-11 . 04E0CD31A63DFC0D73725A3D1768FB5A . 12275200 . . [9.00.8112.16437] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16437_none_92312d002930b3bd\mshtml.dll
[-] 2011-11-03 . A21B983E40578D0E6CFA9864AC4E1219 . 12279808 . . [9.00.8112.20544] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20544_none_92acf90142592373\mshtml.dll
[-] 2011-11-03 . 66C0AEE61D1C5C35BF1B4642A153B114 . 12279808 . . [9.00.8112.16440] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16440_none_921f5b0e293f1e4d\mshtml.dll
[7] 2011-03-07 . 3D2F69861D7B24A3C5B0473583FE3D9D . 5981696 . . [8.00.7601.17573] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17573_none_963629c2e45d4e24\mshtml.dll
[7] 2011-03-07 . 5E87C06B924495F6FA381391FDE0C9D4 . 5981696 . . [8.00.7601.21676] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21676_none_96c2c76bfd7839f3\mshtml.dll
[7] 2011-02-24 . F861A76F208BD31031A91412AA77BD4F . 5982720 . . [8.00.7600.20908] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20908_none_952a1c5400173a45\mshtml.dll
[7] 2011-02-24 . C75417DD80FE9D56A906DD9DA791ED6F . 5981696 . . [8.00.7600.16766] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16766_none_945d9d86e72c124c\mshtml.dll
[7] 2010-12-16 . 6EE36579E69E37D2AB2926A40B16DBB3 . 5961728 . . [8.00.7600.16490] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16490_none_94372654e749d6a0\mshtml.dll
[7] 2010-12-16 . 96990605689B601287D4A83DD2B05F0B . 5962240 . . [8.00.7600.20600] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20600_none_95221452001e7818\mshtml.dll
[7] 2010-12-16 . F8F43D14BA21CF92D16B3A16A958778B . 5958656 . . [8.00.7600.16466] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16466_none_945d97d4e72c1ad7\mshtml.dll
[7] 2010-12-16 . 31F80311F487ABA186A10E551B212573 . 5959168 . . [8.00.7600.20579] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20579_none_94df6592004f2297\mshtml.dll
[7] 2010-12-16 . BDFD710842C8A25DD27254D91DE60AC6 . 5971456 . . [8.00.7600.16625] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16625_none_9487db06e70c8c0a\mshtml.dll
.
[-] 2011-12-16 . 2F740C4B458331357E825E94AFB0953A . 690688 . . [7.0.7601.21878] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_d3a962431672ddd2\msvcrt.dll
[-] 2011-12-16 . F8A61B2E713309B4616D107919BDAB6E . 690688 . . [7.0.7600.16930] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16930_none_d15ca5d2001597a0\msvcrt.dll
[-] 2011-12-16 . 9DC80A8AAAAAC397BDAB3C67165A824E . 690688 . . [7.0.7601.17744] .. c:\windows\SysWOW64\msvcrt.dll
[-] 2011-12-16 . 9DC80A8AAAAAC397BDAB3C67165A824E . 690688 . . [7.0.7601.17744] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_d33c3413fd4084d9\msvcrt.dll
[-] 2011-12-16 . 10142C1975202A767C0EDB3BC066FD88 . 690688 . . [7.0.7600.21108] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.21108_none_d20e8cd31913e191\msvcrt.dll
[7] 2009-07-14 . E46D48A7FE961401F1CBF85531CDF05D . 690688 . . [7.0.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_d12b8c440039b31e\msvcrt.dll
.
[-] 2013-03-02 . BA15504FA59A8DC304F1CBAEBA6252A1 . 1766912 . . [10.00.9200.16521] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16521_none_23a3f18e59e93e73\wininet.dll
[-] 2013-02-24 . B9A72493B83C77E78FE6213F4B01DB5D . 1775616 . . [10.00.9200.20644] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20644_none_0ccd3742739739aa\wininet.dll
[-] 2013-02-21 . CFE0CEE587F9CEA4C29DEEC6D85FC91C . 1766912 . . [10.00.9200.16521] .. c:\windows\SysWOW64\wininet.dll
[-] 2013-02-21 . CFE0CEE587F9CEA4C29DEEC6D85FC91C . 1766912 . . [10.00.9200.16540] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16540_none_23a608ea59e75780\wininet.dll
[-] 2013-01-08 . B49B56B64F57699A1A663D2CF7D0A56F . 1129472 . . [9.00.8112.16464] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16464_none_1a405769bc371f24\wininet.dll
[-] 2013-01-08 . 16C45E6881449C6330567E51C13920FA . 1129472 . . [9.00.8112.20573] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20573_none_1abe23fed55dc188\wininet.dll
[-] 2012-11-14 . 7FA3A810F383588D46220967DE8B64FF . 1129472 . . [9.00.8112.16457] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16457_none_1a4e2833bc2c4f38\wininet.dll
[-] 2012-11-14 . 0635D714351F842D43EA184E75C4A3FF . 1129472 . . [9.00.8112.20565] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20565_none_1acaf47ed553d845\wininet.dll
[-] 2012-10-08 . 9CB0D2A9A77D91D9614355EE9FF00519 . 1129472 . . [9.00.8112.16455] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16455_none_1a4c279fbc2e1c8a\wininet.dll
[-] 2012-10-08 . 6E3AC8A54A1881806BA2B58539483788 . 1129472 . . [9.00.8112.20562] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20562_none_1ac7f3a0d5568c40\wininet.dll
[-] 2012-08-24 . 2895E29EFCFC0B1BCF8AEE1A0C67913C . 1129472 . . [9.00.8112.20557] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20557_none_1ad7c4fed549ef02\wininet.dll
[-] 2012-08-24 . 5553611E2F9EA6F613079177F1233068 . 1129472 . . [9.00.8112.16450] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16450_none_1a47262dbc329dd7\wininet.dll
[-] 2012-06-29 . 75A97A2C060E72AB49E071E08C7DD2BA . 1129472 . . [9.00.8112.16448] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16448_none_1a59f869bc234c9e\wininet.dll
[-] 2012-06-28 . 54C30A4066A28F9A017E095E283B2762 . 1129472 . . [9.00.8112.20554] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20554_none_1ad4c420d54ca2fd\wininet.dll
[-] 2012-06-02 . 8E87270C4704CF2951E1E7820D6C8A2B . 1129472 . . [9.00.8112.16447] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16447_none_1a58f81fbc243347\wininet.dll
[-] 2012-06-02 . E430161A632F9A8FE512DE0CA5685559 . 1129472 . . [9.00.8112.20553] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20553_none_1ad3c3d6d54d89a6\wininet.dll
[-] 2012-05-17 . 1C191A4F0960F21B5D58C8A65BAF5427 . 1129472 . . [9.00.8112.16446] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16446_none_1a57f7d5bc2519f0\wininet.dll
[-] 2012-05-17 . 43BAC67996D8765A5F1B3A4EA6231E21 . 1129472 . . [9.00.8112.20551] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20551_none_1ad1c342d54f56f8\wininet.dll
[-] 2012-02-28 . 44465367256D1C72B58F5ABAA19E7016 . 1127424 . . [9.00.8112.16443] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16443_none_1a54f6f7bc27cdeb\wininet.dll
[-] 2012-02-28 . 11A34DCA08EB2A586246F2D6C2A81D58 . 1127424 . . [9.00.8112.20548] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20548_none_1ae39534d540ec68\wininet.dll
[-] 2011-12-14 . 1D94FA7C81D2FFE494AF094619BA706F . 1127424 . . [9.00.8112.16441] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16441_none_1a52f663bc299b3d\wininet.dll
[-] 2011-12-14 . 022A78194E2C7106F5AF9F2BC6AC8774 . 1127424 . . [9.00.8112.20546] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20546_none_1ae194a0d542b9ba\wininet.dll
[-] 2011-11-11 . D3788D91530CFA005BD516189A4C676E . 1126912 . . [9.00.8112.16437] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16437_none_1a63c80bbc1c1756\wininet.dll
[-] 2011-11-03 . 32569DF2F9BEF05DD7D56E30590EDFD9 . 1127424 . . [9.00.8112.20544] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20544_none_1adf940cd544870c\wininet.dll
[-] 2011-11-03 . 02F98B5C0E397AD06124D84428CF8F1A . 1127424 . . [9.00.8112.16440] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16440_none_1a51f619bc2a81e6\wininet.dll
[7] 2011-03-07 . A5B19B240901CAB0C8E7767D2873613E . 981504 . . [8.00.7601.17573] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17573_none_1e68c4ce7748b1bd\wininet.dll
[7] 2011-03-07 . EDEB2904636B657782F824D8FF97D0B8 . 981504 . . [8.00.7601.21676] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21676_none_1ef5627790639d8c\wininet.dll
[7] 2011-02-24 . DA2950BAD7306006EBA77DD93CC42690 . 982016 . . [8.00.7600.20908] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20908_none_1d5cb75f93029dde\wininet.dll
[7] 2011-02-24 . 214605C48AE416BC067C39D227CFCC57 . 981504 . . [8.00.7600.16766] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16766_none_1c9038927a1775e5\wininet.dll
[7] 2010-12-21 . 78B9ADA2BC8946AF7B17678E0D07A773 . 981504 . . [8.00.7600.16723] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16723_none_1cb8776479f9ba1c\wininet.dll
[7] 2010-12-21 . 1B3DD46BC6396143A205EAAF05F38039 . 981504 . . [8.00.7600.20862] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20862_none_1d15d4359338b053\wininet.dll
[7] 2010-12-16 . F1C359CE656BD76F90E0E6C4BC04A4BE . 977920 . . [8.00.7600.16490] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16490_none_1c69c1607a353a39\wininet.dll
[7] 2010-12-16 . 23587164011EC849E58E229ABC49E239 . 977920 . . [8.00.7600.20600] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20600_none_1d54af5d9309dbb1\wininet.dll
[7] 2010-12-16 . 250267CE6217C1AB4517F22FB7EA13E8 . 978432 . . [8.00.7600.16625] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16625_none_1cba761279f7efa3\wininet.dll
[7] 2010-12-16 . 91A9CCAD9829A89C840899932B9EC2DF . 980480 . . [8.00.7600.20745] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20745_none_1d2e73059325c74f\wininet.dll
[7] 2010-12-16 . 99A6F1253A886C4A9C1F8E1822B10A80 . 977920 . . [8.00.7600.16535] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16535_none_1cafa4407a000e6d\wininet.dll
[7] 2010-12-16 . 0962CB2A9E6B4363C74249A4A5CCDBBF . 980480 . . [8.00.7600.20651] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20651_none_1d1fa00b933180bd\wininet.dll
[7] 2010-11-20 . 44214C94911C7CFB1D52CB64D5E8368D . 980992 . . [8.00.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll
[7] 2009-07-14 . 0D874F3BC751CC2198AF2E6783FB8B35 . 977920 . . [8.00.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_1c7990d87a289fd4\wininet.dll
.
[-] 2012-11-22 . 011B7A81E28C748D7631CF3D72323DD2 . 627712 . . [1.0626.7600.17174] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.17174_none_acda843fb9c8dfaa\usp10.dll
[-] 2012-11-22 . CA68408922B02E8D955A2967C7CBF8CE . 626688 . . [1.0626.7601.22171] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22171_none_af477f18d00f9c82\usp10.dll
[-] 2012-11-22 . 36CD8D6EBCE6468BBEEB8BF175980F53 . 626688 . . [1.0626.7600.21379] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.21379_none_ad692462d2e1fb4e\usp10.dll
[-] 2012-11-22 . B7230010D97787AF3D25E4C82F2B06B9 . 626688 . . [1.0626.7601.18009] .. c:\windows\SysWOW64\usp10.dll
[-] 2012-11-22 . B7230010D97787AF3D25E4C82F2B06B9 . 626688 . . [1.0626.7601.18009] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18009_none_af119411b6b203d9\usp10.dll
[7] 2010-11-20 . 804AAAFEBB3AD5F49334DD906BCB1DE5 . 626176 . . [1.0626.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_af01e2f9b6be7939\usp10.dll
[7] 2009-07-14 . 0BA19F3198C40AC4E8CC66EE02EDA6C6 . 627200 . . [1.0626.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.16385_none_acd0cf31b9cff59f\usp10.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-23 12:02 222808 ----a-w- c:\users\verna\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-23 12:02 222808 ----a-w- c:\users\verna\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-23 12:02 222808 ----a-w- c:\users\verna\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"Volume2"="c:\program files (x86)\Volume2\Volume2.exe" [2012-10-05 4669440]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"adawarebp"="reg.exe delete HKCU\Software\AppDataLow\Software\adawarebp" [X]
"adawarebp_XP"="reg.exe delete HKCU\Software\adawarebp" [X]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCustomizeThisFolder"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"New Value #1"= 0000000000000000
"HideSCAVolume"= 0 (0x0)
"TaskbarNoNotification"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 tljkva;tljkva; [x]
R1 SASDIFSV;SASDIFSV; [x]
R1 SASKUTIL;SASKUTIL; [x]
R1 SBRE;SBRE; [x]
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 PGMTrusted;PGMTrusted;c:\users\verna\Pogo Games\PGMTrusted.exe [2012-10-31 519920]
R2 X5XSEx_Pr135;X5XSEx_Pr135; [x]
R3 esgiguard;esgiguard; [x]
R3 FileMonitor;FileMonitor; [x]
R3 pppop;PPPoP WAN Adapter;c:\windows\system32\DRIVERS\pppop64.sys [2011-03-21 42528]
R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RegFilter;RegFilter; [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2012-12-25 15712]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 UrlFilter;UrlFilter; [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-26 1255736]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-03-27 185688]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 IHA_MessageCenter;IHA_MessageCenter;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-08-03 352248]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-03-05 230416]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-08-09 38608]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 145408]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-12-13 36720]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-10-27 349800]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-08 10:09]
.
2013-05-02 c:\windows\Tasks\WpsUpdateTask_verna.job
- c:\program files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2011-11-03 16:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-23 12:02 261704 ----a-w- c:\users\verna\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-23 12:02 261704 ----a-w- c:\users\verna\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-23 12:02 261704 ----a-w- c:\users\verna\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
ustart page = hxxp://bing.com/
IE: Download with Xilisoft YouTube Video Converter - c:\program files (x86)\Xilisoft\YouTube Video Converter\upod_link.HTM
IE: {{3CD12856-7A7B-4e4c-B53E-92DFDD44AFDE} - https://gmail.google.com
Trusted Zone: %20rsibanking.com
Trusted Zone: bing.com\www
Trusted Zone: yahoo.com\%22'
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\fc9046ij.default\
FF - ExtSQL: 2013-03-17 13:02; [email protected]; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-04-25 12:42; {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-BsScanner
SafeBoot-IMFservice
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{10134636-E7AF-4AC5-A1DC-C7C44BB97D81}"=hex:51,66,7a,6c,4c,1d,38,12,58,45,00,
14,9d,a9,ab,0f,de,ca,84,84,4e,e7,39,95
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FBF2401B-7447-4727-BE5D-C19B2075CA84}"=hex:51,66,7a,6c,4c,1d,38,12,75,43,e1,
ff,75,3a,49,02,c1,4b,82,db,25,2b,8e,90
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:35,9c,e7,a2,73,99,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a5,73,1b,06,95,63,f9,4c,9c,6c,96,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a5,73,1b,06,95,63,f9,4c,9c,6c,96,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-05-02 06:14:57
ComboFix-quarantined-files.txt 2013-05-02 10:14
.
Pre-Run: 434,030,911,488 bytes free
Post-Run: 433,856,958,464 bytes free
.
- - End Of File - - E5689C638A11CB2588FA6C952F277730


----------



## Mark1956 (May 7, 2011)

Ok, the Combofix scan did remove a couple of bad entries and has further confirmed a long list of bad System Files, but it didn't repair any. It will take me a long time to create a script to fix all of them so first we should try the System File Checker which should replace the bad files that are in use, if not the best thing to follow that with will be a Repair Install, do you have a retail copy of Windows 7? _<---Please answer this_

There are also some more remnants of SAS and Adaware identified which we will need to remove later.


Click on *Start* and type *cmd* in the search box. Right click on *cmd* in the popup menu and select *Run as Administrator*.
Another box will open, at the Command Prompt, type *sfc /scannow* and press Enter. (Note the gap between the c and the /)
Let the check run to completion. *DO NOT* reboot the PC or close the *cmd* window.
Copy & Paste the following command at the Command Prompt and press Enter:

* findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt*


This will place a file on your desktop called *sfcdetails.txt* which contains the results of the scan.
Copy and Paste the contents of the file into your next post.


----------



## jetsguy (Feb 27, 2011)

Greetings: I do not see the results of my last post,sfc /scannow results.Should I repost?


----------



## Mark1956 (May 7, 2011)

Yes, and answer the question in my last post.


----------



## jetsguy (Feb 27, 2011)

I do not have a copy of win7. As for the sfc scan results it's saying that it is too long I need to shorten it.


----------



## Mark1956 (May 7, 2011)

Ok, zip up the log and send it as an attachment.


----------



## jetsguy (Feb 27, 2011)

Ok zipped it up tried to send as attachment,says it failed to send.


----------



## Mark1956 (May 7, 2011)

You must be doing something wrong.


Below the *Message Box* click on *Go Advanced*. 
Then scroll down until you see a button, *Manage Attachments*. Click on that and a new window opens.
Click on the *Browse* button, find the zip file you made earlier and doubleclick on it.
Now click on the *Upload* button. When done, click on the *Close this window* button at the top of the page.
 Enter your message-text in the message box, then click on *Submit Message/Reply.*


----------



## jetsguy (Feb 27, 2011)

Did as you advised still saying upload of file failed.


----------



## Mark1956 (May 7, 2011)

This is unusual with an SFC scan log as they normally fit into a post and the limit on an attached zip file is 500KB, is it bigger than that?

Try posting it in sections, but be very careful you don't miss anything in the log.


----------



## jetsguy (Feb 27, 2011)

Greetings,ok no matter what I do it keeps saying upload failed.Should I just send it to you personally,or is there another way to do this?(I use 7zip for extracting,compressing etc.)


----------



## Mark1956 (May 7, 2011)

I don't give out my email address for security reasons so we will have to find another way.

You have again missed a question, I asked if the zip file was bigger than 500KB, using 7zip the limit is only 400KB, so it needs to be split into zip files no bigger than 400KB.

Could you try copying and pasting the last 40 lines of the log into your next reply. The end of the log will show all the repairs done and any that have failed.


----------



## jetsguy (Feb 27, 2011)

Its saying 3,216KB


----------



## Mark1956 (May 7, 2011)

That is huge, but I suspected it might be with all the damaged files it may or may not have repaired.

Can you try and post (using copy and paste) as much of the bottom of the log as you can.

Alternatively, run it again and see if the log comes out much smaller. If it has successfully repaired the bad files a second run should produce a much smaller log.


----------



## jetsguy (Feb 27, 2011)

Hope this helps

2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Microsoft-Windows-IE-Spelling-Parent-Package-European-Portuguese~31bf3856ad364e35~~~10.2.9200.16437, ApplicableState: 112, CurrentState:0
2013-05-06 05:28:13, Info CBS Session: 30296636_136054317 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Microsoft-Windows-IE-Spelling-Parent-Package-Czech~31bf3856ad364e35~~~10.2.9200.16437, ApplicableState: 112, CurrentState:0
2013-05-06 05:28:13, Info CBS Session: 30296636_136104320 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2552343~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_136184324 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2532531~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 80, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_136534344 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2817183~31bf3856ad364e35~amd64~~10.2.1.0, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_136604348 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2653956~31bf3856ad364e35~amd64~~6.1.1.5, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_136664352 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Microsoft-Windows-IE-Spelling-Parent-Package-Danish~31bf3856ad364e35~~~10.2.9200.16437, ApplicableState: 112, CurrentState:0
2013-05-06 05:28:13, Info CBS Session: 30296636_136724355 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB982018~31bf3856ad364e35~amd64~~6.1.3.2, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_137684410 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2705219~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_137774415 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2506928~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_137864420 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2799926~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_137914423 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2732500~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_137964426 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info  CBS Read out cached package applicability for package: Package_for_KB2656411~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_138024429 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2491683~31bf3856ad364e35~amd64~~6.1.1.1, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_138064432 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_138154437 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2729094~31bf3856ad364e35~amd64~~6.1.2.0, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_138244442 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2712808~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_138314446 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2511455~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_138384450 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2619339~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_138444454 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2660649~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_138554460 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2698365~31bf3856ad364e35~amd64~~6.1.1.2, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_138784473 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Microsoft-Windows-IE-Spelling-Parent-Package-German~31bf3856ad364e35~~~10.2.9200.16437, ApplicableState: 112, CurrentState:0
2013-05-06 05:28:13, Info CBS Session: 30296636_138844476 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2736422~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_138914480 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2644615~31bf3856ad364e35~amd64~~6.1.1.0, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_138974484 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2647753~31bf3856ad364e35~amd64~~6.1.4.0, ApplicableState: 112, CurrentState:112
2013-05-06 05:28:13, Info CBS Session: 30296636_139044488 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Microsoft-Windows-IE-Spelling-Parent-Package-Arabic~31bf3856ad364e35~~~10.2.9200.16437, ApplicableState: 112, CurrentState:0
2013-05-06 05:28:13, Info CBS Session: 30296636_139074490 initialized by client WindowsUpdateAgent.
2013-05-06 05:28:13, Info CBS Read out cached package applicability for package: Package_for_KB2584146~31bf3856ad364e35~amd64~~6.1.1.3, ApplicableState: 112, CurrentState:112
2013-05-06 05:38:13, Info CBS Reboot mark refs incremented to: 1
2013-05-06 05:38:13, Info CBS Scavenge: Starts
2013-05-06 05:38:13, Info CSI [email protected]/5/6:09:38:13.813 CSI Transaction @0x393030 initialized for deployment engine {d16d444c-56d8-11d5-882d-0080c847b195} with flags 00000002 and client id [10]"TI6.0_0:0/"
2013-05-06 05:38:13, Info CBS Scavenge: Begin CSI Store
2013-05-06 05:38:14, Info CSI 0000000a Performing 1 operations; 1 are not lock/unlock and follow:
Scavenge (8): flags: 00000017
2013-05-06 05:38:14, Info CSI 0000000b Store coherency cookie matches last scavenge cookie, skipping scavenge.
2013-05-06 05:38:14, Info CSI 0000000c ICSITransaction::Commit calling IStorePendingTransaction::Apply - coldpatching=FALSE applyflags=7
2013-05-06 05:38:14, Info CSI 0000000d Creating NT transaction (seq 2), objectname [6]"(null)"
2013-05-06 05:38:14, Info CSI 0000000e Created NT transaction (seq 2) result 0x00000000, handle @0x220
2013-05-06 05:38:14, Info CSI [email protected]/5/6:09:38:14.453 CSI perf trace:
CSIPERF:TXCOMMIT;69770
2013-05-06 05:38:14, Info CBS Scavenge: Completed, disposition: 0X1
2013-05-06 05:38:14, Info CSI [email protected]/5/6:09:38:14.454 CSI Transaction @0x393030 destroyed
2013-05-06 05:38:14, Info CBS Reboot mark refs: 0
2013-05-06 05:38:14, Info CBS Idle processing thread terminated normally
2013-05-06 05:38:14, Info CBS Ending the TrustedInstaller main loop.
2013-05-06 05:38:14, Info CBS Starting TrustedInstaller finalization.
2013-05-06 05:38:14, Info CBS Ending TrustedInstaller finalization.


----------



## Mark1956 (May 7, 2011)

That is not an SFC log. Please follow the instructions again that I put in post 72 and post the log it saves to the desktop after running the script.


----------



## jetsguy (Feb 27, 2011)

Name neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:38, Info CSI 0000035f [SR] Cannot repair me
mber file [l:20{10}]"Tulips.jpg" of Microsoft-Windows-PhotoSamples, Version = 6.
1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionSco
pe = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName
neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:38, Info CSI 00000360 [SR] Cannot repair me
mber file [l:34{17}]"Chrysanthemum.jpg" of Microsoft-Windows-PhotoSamples, Versi
on = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, Ver
sionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, T
ypeName neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:38, Info CSI 00000361 [SR] Cannot repair me
mber file [l:28{14}]"Hydrangeas.jpg" of Microsoft-Windows-PhotoSamples, Version
= 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, Versio
nScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, Type
Name neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:38, Info CSI 00000362 [SR] Cannot repair me
mber file [l:24{12}]"Penguins.jpg" of Microsoft-Windows-PhotoSamples, Version =
6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionS
cope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeNa
me neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:38, Info CSI 00000363 [SR] Cannot repair me
mber file [l:22{11}]"desktop.ini" of Microsoft-Windows-VideoSamples, Version = 6
.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionSc
ope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeNam
e neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:38, Info CSI 00000364 [SR] Cannot repair me
mber file [l:24{12}]"Wildlife.wmv" of Microsoft-Windows-VideoSamples, Version =
6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionS
cope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeNa
me neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:38, Info CSI 00000365 [SR] Cannot repair me
mber file [l:58{29}]"Clip_1080_5sec_VC1_15mbps.wmv" of Microsoft-Windows-WinSATM
ediaSamples, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Cu
lture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35
}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missi
ng
2013-05-06 12:04:38, Info CSI 00000366 [SR] Cannot repair me
mber file [l:56{28}]"Clip_480_5sec_6mbps_h264.mp4" of Microsoft-Windows-WinSATMe
diaSamples, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Cul
ture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}
, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missin
g
2013-05-06 12:04:38, Info CSI 00000367 [SR] Cannot repair me
mber file [l:20{10}]"winsat.wmv" of Microsoft-Windows-WinSATMediaSamples, Versio
n = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, Vers
ionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, Ty
peName neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:38, Info CSI 00000368 [SR] Cannot repair me
mber file [l:68{34}]"Clip_1080_5sec_MPEG2_HD_15mbps.mpg" of Microsoft-Windows-Wi
nSATMediaSamples, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9
), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad3
64e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is
missing
2013-05-06 12:04:38, Info CSI 00000369 [SR] Cannot repair me
mber file [l:60{30}]"Clip_1080_5sec_10mbps_h264.mp4" of Microsoft-Windows-WinSAT
MediaSamples, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), C
ulture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e3
5}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is miss
ing
2013-05-06 12:04:38, Info CSI 0000036a [SR] Cannot repair me
mber file [l:32{16}]"winsatencode.wmv" of Microsoft-Windows-WinSATMediaSamples,
Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral
, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutr
al, TypeName neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:38, Info CSI 0000036b [SR] Cannot repair me
mber file [l:56{28}]"Clip_480i_5sec_6mbps_new.mpg" of Microsoft-Windows-WinSATMe
diaSamples, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Cul
ture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}
, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missin
g
2013-05-06 12:04:38, Info CSI 0000036c [SR] Cannot repair me
mber file [l:56{28}]"Clip_480p_5sec_6mbps_new.mpg" of Microsoft-Windows-WinSATMe
diaSamples, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Cul
ture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}
, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missin
g
2013-05-06 12:04:38, Info CSI 0000036d [SR] Cannot repair me
mber file [l:58{29}]"Clip_1080_5sec_VC1_15mbps.wmv" of Microsoft-Windows-WinSATM
ediaSamples, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Cu
lture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35
}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missi
ng
2013-05-06 12:04:38, Info CSI 0000036e [SR] This component w
as referenced by [l:194{97}]"Microsoft-Windows-SampleContent-Music-Package~31bf3
856ad364e35~amd64~~6.1.7601.17514.MusicSamples"
2013-05-06 12:04:38, Info CSI 0000036f [SR] Cannot repair me
mber file [l:56{28}]"Clip_480_5sec_6mbps_h264.mp4" of Microsoft-Windows-WinSATMe
diaSamples, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Cul
ture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}
, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missin
g
2013-05-06 12:04:38, Info CSI 00000370 [SR] This component w
as referenced by [l:194{97}]"Microsoft-Windows-SampleContent-Music-Package~31bf3
856ad364e35~amd64~~6.1.7601.17514.MusicSamples"
2013-05-06 12:04:38, Info CSI 00000371 [SR] Cannot repair me
mber file [l:20{10}]"winsat.wmv" of Microsoft-Windows-WinSATMediaSamples, Versio
n = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, Vers
ionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, Ty
peName neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:38, Info CSI 00000372 [SR] This component w
as referenced by [l:194{97}]"Microsoft-Windows-SampleContent-Music-Package~31bf3
856ad364e35~amd64~~6.1.7601.17514.MusicSamples"
2013-05-06 12:04:38, Info CSI 00000373 [SR] Cannot repair me
mber file [l:68{34}]"Clip_1080_5sec_MPEG2_HD_15mbps.mpg" of Microsoft-Windows-Wi
nSATMediaSamples, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9
), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad3
64e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is
missing
2013-05-06 12:04:38, Info CSI 00000374 [SR] This component w
as referenced by [l:194{97}]"Microsoft-Windows-SampleContent-Music-Package~31bf3
856ad364e35~amd64~~6.1.7601.17514.MusicSamples"
2013-05-06 12:04:38, Info CSI 00000375 [SR] Cannot repair me
mber file [l:60{30}]"Clip_1080_5sec_10mbps_h264.mp4" of Microsoft-Windows-WinSAT
MediaSamples, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), C
ulture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e3
5}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is miss
ing
2013-05-06 12:04:38, Info CSI 00000376 [SR] This component w
as referenced by [l:194{97}]"Microsoft-Windows-SampleContent-Music-Package~31bf3
856ad364e35~amd64~~6.1.7601.17514.MusicSamples"
2013-05-06 12:04:38, Info CSI 00000377 [SR] Cannot repair me
mber file [l:32{16}]"winsatencode.wmv" of Microsoft-Windows-WinSATMediaSamples,
Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral
, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutr
al, TypeName neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:38, Info CSI 00000378 [SR] This component w
as referenced by [l:194{97}]"Microsoft-Windows-SampleContent-Music-Package~31bf3
856ad364e35~amd64~~6.1.7601.17514.MusicSamples"
2013-05-06 12:04:38, Info CSI 00000379 [SR] Cannot repair me
mber file [l:56{28}]"Clip_480i_5sec_6mbps_new.mpg" of Microsoft-Windows-WinSATMe
diaSamples, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Cul
ture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}
, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missin
g
2013-05-06 12:04:38, Info CSI 0000037a [SR] This component w
as referenced by [l:194{97}]"Microsoft-Windows-SampleContent-Music-Package~31bf3
856ad364e35~amd64~~6.1.7601.17514.MusicSamples"
2013-05-06 12:04:38, Info CSI 0000037b [SR] Cannot repair me
mber file [l:56{28}]"Clip_480p_5sec_6mbps_new.mpg" of Microsoft-Windows-WinSATMe
diaSamples, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Cul
ture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}
, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missin
g
2013-05-06 12:04:38, Info CSI 0000037c [SR] This component w
as referenced by [l:194{97}]"Microsoft-Windows-SampleContent-Music-Package~31bf3
856ad364e35~amd64~~6.1.7601.17514.MusicSamples"
2013-05-06 12:04:39, Info CSI 0000037d [SR] Cannot repair me
mber file [l:22{11}]"Kalimba.mp3" of Microsoft-Windows-MusicSamples, Version = 6
.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionSc
ope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeNam
e neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 0000037e [SR] This component w
as referenced by [l:194{97}]"Microsoft-Windows-SampleContent-Music-Package~31bf3
856ad364e35~amd64~~6.1.7601.17514.MusicSamples"
2013-05-06 12:04:39, Info CSI 0000037f [SR] Cannot repair me
mber file [l:22{11}]"desktop.ini" of Microsoft-Windows-MusicSamples, Version = 6
.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionSc
ope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeNam
e neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 00000380 [SR] This component w
as referenced by [l:194{97}]"Microsoft-Windows-SampleContent-Music-Package~31bf3
856ad364e35~amd64~~6.1.7601.17514.MusicSamples"
2013-05-06 12:04:39, Info CSI 00000381 [SR] Cannot repair me
mber file [l:58{29}]"Maid with the Flaxen Hair.mp3" of Microsoft-Windows-MusicSa
mples, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture
neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Typ
e neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 00000382 [SR] This component w
as referenced by [l:194{97}]"Microsoft-Windows-SampleContent-Music-Package~31bf3
856ad364e35~amd64~~6.1.7601.17514.MusicSamples"
2013-05-06 12:04:39, Info CSI 00000383 [SR] Cannot repair me
mber file [l:28{14}]"Sleep Away.mp3" of Microsoft-Windows-MusicSamples, Version
= 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, Versio
nScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, Type
Name neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 00000384 [SR] This component w
as referenced by [l:194{97}]"Microsoft-Windows-SampleContent-Music-Package~31bf3
856ad364e35~amd64~~6.1.7601.17514.MusicSamples"
2013-05-06 12:04:39, Info CSI 00000385 [SR] Cannot repair me
mber file [l:22{11}]"desktop.ini" of Microsoft-Windows-ehome-samplemedia, Versio
n = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, Vers
ionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, Ty
peName neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 00000386 [SR] This component w
as referenced by [l:176{88}]"Microsoft-Windows-MediaCenter-Package~31bf3856ad364
e35~amd64~~6.1.7601.17514.MediaCenter"
2013-05-06 12:04:39, Info CSI 00000387 [SR] Cannot repair me
mber file [l:58{29}]"win7_scenic-demoshort_raw.wtv" of Microsoft-Windows-ehome-s
amplemedia, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Cul
ture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}
, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missin
g
2013-05-06 12:04:39, Info CSI 00000388 [SR] This component w
as referenced by [l:176{88}]"Microsoft-Windows-MediaCenter-Package~31bf3856ad364
e35~amd64~~6.1.7601.17514.MediaCenter"
2013-05-06 12:04:39, Info CSI 00000389 [SR] Cannot repair me
mber file [l:18{9}]"Koala.jpg" of Microsoft-Windows-PhotoSamples, Version = 6.1.
7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope
= 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName n
eutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 0000038a [SR] This component w
as referenced by [l:242{121}]"Microsoft-Windows-Client-Features-Package~31bf3856
ad364e35~amd64~~6.1.7601.17514.Microsoft-Windows-Client-Features-Update"
2013-05-06 12:04:39, Info CSI 0000038b [SR] Cannot repair me
mber file [l:26{13}]"Jellyfish.jpg" of Microsoft-Windows-PhotoSamples, Version =
6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, Version
Scope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeN
ame neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 0000038c [SR] This component w
as referenced by [l:242{121}]"Microsoft-Windows-Client-Features-Package~31bf3856
ad364e35~amd64~~6.1.7601.17514.Microsoft-Windows-Client-Features-Update"
2013-05-06 12:04:39, Info CSI 0000038d [SR] Cannot repair me
mber file [l:26{13}]"SampleRes.dll" of Microsoft-Windows-PhotoSamples, Version =
6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, Version
Scope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeN
ame neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 0000038e [SR] This component w
as referenced by [l:242{121}]"Microsoft-Windows-Client-Features-Package~31bf3856
ad364e35~amd64~~6.1.7601.17514.Microsoft-Windows-Client-Features-Update"
2013-05-06 12:04:39, Info CSI 0000038f [SR] Cannot repair me
mber file [l:22{11}]"desktop.ini" of Microsoft-Windows-PhotoSamples, Version = 6
.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionSc
ope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeNam
e neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 00000390 [SR] This component w
as referenced by [l:242{121}]"Microsoft-Windows-Client-Features-Package~31bf3856
ad364e35~amd64~~6.1.7601.17514.Microsoft-Windows-Client-Features-Update"
2013-05-06 12:04:39, Info CSI 00000391 [SR] Cannot repair me
mber file [l:20{10}]"Desert.jpg" of Microsoft-Windows-PhotoSamples, Version = 6.
1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionSco
pe = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName
neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 00000392 [SR] This component w
as referenced by [l:242{121}]"Microsoft-Windows-Client-Features-Package~31bf3856
ad364e35~amd64~~6.1.7601.17514.Microsoft-Windows-Client-Features-Update"
2013-05-06 12:04:39, Info CSI 00000393 [SR] Cannot repair me
mber file [l:28{14}]"Lighthouse.jpg" of Microsoft-Windows-PhotoSamples, Version
= 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, Versio
nScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, Type
Name neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 00000394 [SR] This component w
as referenced by [l:242{121}]"Microsoft-Windows-Client-Features-Package~31bf3856
ad364e35~amd64~~6.1.7601.17514.Microsoft-Windows-Client-Features-Update"
2013-05-06 12:04:39, Info CSI 00000395 [SR] Cannot repair me
mber file [l:20{10}]"Tulips.jpg" of Microsoft-Windows-PhotoSamples, Version = 6.
1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionSco
pe = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName
neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 00000396 [SR] This component w
as referenced by [l:242{121}]"Microsoft-Windows-Client-Features-Package~31bf3856
ad364e35~amd64~~6.1.7601.17514.Microsoft-Windows-Client-Features-Update"
2013-05-06 12:04:39, Info CSI 00000397 [SR] Cannot repair me
mber file [l:34{17}]"Chrysanthemum.jpg" of Microsoft-Windows-PhotoSamples, Versi
on = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, Ver
sionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, T
ypeName neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 00000398 [SR] This component w
as referenced by [l:242{121}]"Microsoft-Windows-Client-Features-Package~31bf3856
ad364e35~amd64~~6.1.7601.17514.Microsoft-Windows-Client-Features-Update"
2013-05-06 12:04:39, Info CSI 00000399 [SR] Cannot repair me
mber file [l:28{14}]"Hydrangeas.jpg" of Microsoft-Windows-PhotoSamples, Version
= 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, Versio
nScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, Type
Name neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 0000039a [SR] This component w
as referenced by [l:242{121}]"Microsoft-Windows-Client-Features-Package~31bf3856
ad364e35~amd64~~6.1.7601.17514.Microsoft-Windows-Client-Features-Update"
2013-05-06 12:04:39, Info CSI 0000039b [SR] Cannot repair me
mber file [l:24{12}]"Penguins.jpg" of Microsoft-Windows-PhotoSamples, Version =
6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionS
cope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeNa
me neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 0000039c [SR] This component w
as referenced by [l:242{121}]"Microsoft-Windows-Client-Features-Package~31bf3856
ad364e35~amd64~~6.1.7601.17514.Microsoft-Windows-Client-Features-Update"
2013-05-06 12:04:39, Info CSI 0000039d [SR] Cannot repair me
mber file [l:22{11}]"desktop.ini" of Microsoft-Windows-VideoSamples, Version = 6
.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionSc
ope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeNam
e neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 0000039e [SR] This component w
as referenced by [l:194{97}]"Microsoft-Windows-SampleContent-Music-Package~31bf3
856ad364e35~amd64~~6.1.7601.17514.MusicSamples"
2013-05-06 12:04:39, Info CSI 0000039f [SR] Cannot repair me
mber file [l:24{12}]"Wildlife.wmv" of Microsoft-Windows-VideoSamples, Version =
6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionS
cope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeNa
me neutral, PublicKey neutral in the store, file is missing
2013-05-06 12:04:39, Info CSI 000003a0 [SR] This component w
as referenced by [l:194{97}]"Microsoft-Windows-SampleContent-Music-Package~31bf3
856ad364e35~amd64~~6.1.7601.17514.MusicSamples"
2013-05-06 12:04:39, Info CSI 000003a2 [SR] Repair complete
2013-05-06 12:04:39, Info CSI 000003a3 [SR] Committing trans
action
2013-05-06 12:04:39, Info CSI 000003a7 [SR] Verify and Repai
r Transaction completed. All files and registry keys listed in this transaction
have been successfully repaired
C:\Windows\system32>


----------



## Mark1956 (May 7, 2011)

Even though that log has lost its formatting it is clear to see there are many files just in that section which have no replacements available that the File Checker is able to find.

I believe the next step is to do a Repair Install so you need to make a copy of Windows 7. This guide will show you how to do that and run the Repair Install. This should correct the missing and corrupted files, but I am still a little concerned not knowing what has caused the problem as it may repeat itself.

We should run some hardware tests when this is complete. Before you start the Repair Install I would highly recommend that you back up any important data just in case something goes wrong and you end up having to run a clean install.

Please go here: Windows 7 ISO downloads and download the version of Windows 7 that matches what you have on your PC.

If you have downloaded the ISO on a Windows 7 PC right click the ISO file, select *Open With*, then select* Windows Disc Image Burning Tool* then follow the prompts.

For PC's using other versions of Windows you must burn the ISO image to a DVD using an ISO image burner, copying the ISO to a DVD will not work, if you do not have an ISO burner download this free software and follow the instructions below to burn the disc.ImgBurn

Install the program and start the application. Select the top left hand option to burn image file to disk and then on the next window click on the small yellow folder icon and browse to the ISO file you wish to burn. Then click on the two grey discs with the arrow in between (bottom left) and leave it to complete the operation.

Once done, please go here Windows 7 Repair Install and follow the instructions.


----------



## jetsguy (Feb 27, 2011)

Greetings, once the above tasks are completed, what will the results be and what do I need to post?


----------



## Mark1956 (May 7, 2011)

The result will hopefully be a fully functional system, even though you did not appear to be having any performance issues such problems as not being able to install Java should be resolved. The Repair Install basically reinstalls windows, but retains all your software and data, so it will replace any defective system files which we have seen in some of the recent scans.

When it is complete run the System File Checker and post the log, also see if Java will install.


----------



## jetsguy (Feb 27, 2011)

Greetings,did as suggested for repair install,rebooted says install failed,tried Java again, control panal,programs says its installed but when I check for version on pc its saying upgrade to latest version even though it says its installed.should I still do a System File Checker?


----------



## Mark1956 (May 7, 2011)

As the Repair Install has failed to run correctly I think you only remaining option is to do a clean install. This will put you right back to a clean system and everything should function correctly unless there is a hardware fault.


----------



## jetsguy (Feb 27, 2011)

Rather than clean install (don't have disc of win 7) would upgrading to another version of win 7(I have home premium)or to win 8 solve the problem as far as Java?


----------



## Mark1956 (May 7, 2011)

I gave you a link in post 88 to download a copy of Windows 7. If you want to upgrade to Windows 8 or change to another version of Windows 7 you will have to buy a new licence.

As I said, unless there is a hardware fault then re-installing your existing version of Windows 7 should fix the issue.


----------



## jetsguy (Feb 27, 2011)

Greetings,thanks for all your help.


----------



## Mark1956 (May 7, 2011)

You're welcome. Let us know how the system runs after the re-install.


----------



## jetsguy (Feb 27, 2011)

Greetings,just a heads up from my last post,still having problems with this version of Java so I completely unistalled it (version 7 update21) and installed version 6 with all the updates everything is working fine now.Should have done this from the beginning.IMO Java needs to make sure everything is stable before they release something and to all you developeres out there someone needs to come up with something instead of Java.Again I thank you for your help in this matter.This is a great site and you people are great.Thanks


----------



## Mark1956 (May 7, 2011)

Have you actually reinstalled Windows 7?

Using old versions of Java is a security risk and not recommended.

The latest version of Java has caused a problem on some systems, we have seen a few cases on this site, but in general the vast majority of systems are having no problems installing it. There is no reason that I am aware of as to why it should not install on a newly installed system.


----------



## jetsguy (Feb 27, 2011)

Greetings, yes I actually reinstalled win7.When I installed Java 7 the control panel is showing that it is installed but, when I go to do something(play a game etc.) it's saying a new version off Java is available.It's not recognizing that Java is already installed.


----------



## Mark1956 (May 7, 2011)

Have you checked that the Java plugin is enabled in your browser?


----------



## jetsguy (Feb 27, 2011)

Greetings,Both IE and FF plugins are enabled.


----------



## Mark1956 (May 7, 2011)

Please run this:

Download Security Check by screen317 from Here or Here.
Save it to your Desktop.
Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please Copy & Paste the contents of that document into your next reply.


----------



## w4wr (May 19, 2013)

I hope this is the right forum. Go gentle on me - I am a first time poster. I am running Java on an XP platform. I received notice that update was available (update 21). I am currently running update 13. Each time I try to update, I get "JRE1.7.0_13-C.MSI is on a network resource that is unavailable." This happens during download, or during the add/remove software from the control panel. Clicking on the Java icon in the control panel says I have a missing in the registry."The system connot find the registry key specified: HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment\1.7.0_15" . I've tried all the fixes everyone has mentioned without success. What am I missing please?


----------



## captainron276 (Sep 11, 2010)

W4Wr,

It is next to impossible to help someone who jumps in on someone else's thread. Please start your own thread.

Thank you,
Capt


----------

