Author Topic: [Inactive] MS Defender will not start or reload  (Read 4265 times)

Offline Kevin1961

  • Bronze Member
  • Posts: 17
[Inactive] MS Defender will not start or reload
« on: December 11, 2014, 01:42:03 PM »
Hello, after a windows update ran yesterday during a shutdown and restart I checked Defender and could not get it to start. When I tried reinstalling MSE  from the Microsoft website it gave me a "cannot complete the installation" message with the error code:0x8004FF91. The Microsoft.com website is telling me I don't have a good copy of Windows when I try to update with them. I'm guessing I have a Trojan installer on my machine along with who knows what else. I would really appreciate any help you can provide. I removed Kaspersky anti-virus software recently. Thank you.


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496
Run by DSI-PC at 12:08:34 on 2014-12-11
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4000.2629 [GMT -7:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\mblctr.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://blank/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} - hxxp://pcmls.com/5.12.05.35765/Control/IRCSharc.cab
TCP: NameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{36EA318A-D886-4E60-B31E-487DD0866279} : DHCPNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{36EA318A-D886-4E60-B31E-487DD0866279}\2627567737475627 : DHCPNameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{36EA318A-D886-4E60-B31E-487DD0866279}\34164786F6573756 : DHCPNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{36EA318A-D886-4E60-B31E-487DD0866279}\7556374796E60225563747F6E60284569676864737 : DHCPNameServer = 8.8.8.8 8.8.4.4 4.2.2.5
TCP: Interfaces\{4D338EA8-B0BE-46DC-8C46-B4848266F204} : DHCPNameServer = 75.75.76.76 75.75.75.75
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SynAsusAcpi] C:\Program Files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2012-3-15 379520]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-9-29 92800]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-3-15 2656280]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-6-2 128488]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-6-2 401896]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-10-17 317440]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2012-3-15 311400]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-3-15 471144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-7-24 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-10 114688]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-11-25 19456]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-11-25 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-11-25 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-6-6 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-12-10 20:45:37   --------   d-----w-   C:\Windows\System32\appraiser
2014-12-10 18:49:21   --------   d-----w-   C:\Users\DSI-PC\AppData\Local\{8E45E94E-E232-40B2-97BE-FB1FC59BA12D}
2014-12-10 18:48:39   --------   d-----w-   C:\Users\DSI-PC\AppData\Local\{62A05C8E-AC08-466D-B4CB-A23749798BA2}
2014-12-10 15:24:55   187904   ----a-w-   C:\Windows\System32\cryptsvc.dll
2014-12-10 15:23:46   165888   ----a-w-   C:\Windows\System32\charmap.exe
2014-12-09 14:54:11   11632448   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{31FEE687-C24C-4A01-BE3B-5108D7CE8DF3}\mpengine.dll
2014-12-04 16:19:12   --------   d-----w-   C:\Users\DSI-PC\AppData\Local\{69B215E9-2B99-4DBE-B613-7693109D92B6}
2014-12-04 16:18:33   --------   d-----w-   C:\Users\DSI-PC\AppData\Local\{349D7E1B-8A5C-4673-B194-B592C694FC69}
2014-12-01 17:19:40   --------   d-----w-   C:\1412
2014-11-28 15:39:36   5703168   ----a-w-   C:\Windows\SysWow64\mstscax.dll
2014-11-28 15:39:35   6584320   ----a-w-   C:\Windows\System32\mstscax.dll
2014-11-26 16:47:36   3179520   ----a-w-   C:\Windows\System32\rdpcorets.dll
2014-11-26 16:47:36   16384   ----a-w-   C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-11-26 06:45:14   --------   d-----w-   C:\Users\DSI-PC\AppData\Local\{96BA904D-5410-4C20-B6AC-319A8FE762D0}
2014-11-25 20:59:38   18638520   ----a-w-   C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2014-11-25 18:32:07   --------   d-----w-   C:\Users\DSI-PC\AppData\Local\{E9FD5A81-E2E8-4B3E-9CCD-DC00B2DF21FA}
2014-11-25 18:31:31   --------   d-----w-   C:\Users\DSI-PC\AppData\Local\{35B20AAE-6F47-48FB-9335-024655031B55}
2014-11-25 16:09:18   30208   ----a-w-   C:\Windows\System32\drivers\TsUsbGD.sys
2014-11-25 16:09:18   19456   ----a-w-   C:\Windows\System32\drivers\rdpvideominiport.sys
2014-11-25 16:09:16   243200   ----a-w-   C:\Windows\System32\rdpudd.dll
2014-11-25 16:09:16   228864   ----a-w-   C:\Windows\System32\rdpendp_winip.dll
2014-11-25 16:09:16   192000   ----a-w-   C:\Windows\SysWow64\rdpendp_winip.dll
2014-11-25 16:07:57   385024   ----a-w-   C:\Windows\System32\CNMLMAT.DLL
2014-11-20 15:23:09   --------   d-----w-   C:\Users\DSI-PC\AppData\Local\{7FFDB304-6FB7-4757-AC98-669FCC86FDED}
2014-11-19 15:01:28   --------   d-----w-   C:\Users\DSI-PC\AppData\Local\{81CE7229-27FD-4733-B71E-3623B8262359}
2014-11-19 15:00:36   --------   d-----w-   C:\Users\DSI-PC\AppData\Local\{72A68695-EDF3-4B6F-AF23-C20710C8A407}
2014-11-19 13:14:38   728064   ----a-w-   C:\Windows\System32\kerberos.dll
2014-11-19 13:14:38   550912   ----a-w-   C:\Windows\SysWow64\kerberos.dll
2014-11-19 13:14:38   241152   ----a-w-   C:\Windows\System32\pku2u.dll
2014-11-19 13:14:38   186880   ----a-w-   C:\Windows\SysWow64\pku2u.dll
2014-11-19 11:31:16   1217192   ----a-w-   C:\Windows\SysWow64\FM20.DLL
2014-11-12 18:10:12   --------   d-sh--w-   C:\Users\DSI-PC\AppData\Local\EmieBrowserModeList
2014-11-12 16:35:29   96768   ----a-w-   C:\Windows\SysWow64\sspicli.dll
2014-11-12 16:35:29   683520   ----a-w-   C:\Windows\System32\termsrv.dll
2014-11-12 16:35:29   681984   ----a-w-   C:\Windows\SysWow64\adtschema.dll
2014-11-12 16:35:29   681984   ----a-w-   C:\Windows\System32\adtschema.dll
2014-11-12 16:35:29   22016   ----a-w-   C:\Windows\SysWow64\secur32.dll
2014-11-12 16:35:29   155064   ----a-w-   C:\Windows\System32\drivers\ksecpkg.sys
2014-11-12 16:35:29   146432   ----a-w-   C:\Windows\SysWow64\msaudite.dll
2014-11-12 16:35:29   146432   ----a-w-   C:\Windows\System32\msaudite.dll
2014-11-12 16:35:29   1460736   ----a-w-   C:\Windows\System32\lsasrv.dll
.
==================== Find3M  ====================
.
2014-12-11 17:49:50   45056   ----a-w-   C:\Windows\SysWow64\acovcnt.exe
2014-12-09 23:18:06   71344   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-09 23:18:06   701104   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-04 02:50:55   413184   ----a-w-   C:\Windows\System32\generaltel.dll
2014-12-04 02:50:45   741376   ----a-w-   C:\Windows\System32\invagent.dll
2014-12-04 02:50:40   396800   ----a-w-   C:\Windows\System32\devinv.dll
2014-12-04 02:50:38   830976   ----a-w-   C:\Windows\System32\appraiser.dll
2014-12-04 02:50:37   227328   ----a-w-   C:\Windows\System32\aepdu.dll
2014-12-04 02:50:37   192000   ----a-w-   C:\Windows\System32\aepic.dll
2014-12-04 02:44:48   1083392   ----a-w-   C:\Windows\System32\aeinv.dll
2014-12-01 23:28:44   1232040   ----a-w-   C:\Windows\System32\aitstatic.exe
2014-11-22 03:06:23   2724864   ----a-w-   C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11   4096   ----a-w-   C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39   66560   ----a-w-   C:\Windows\System32\iesetup.dll
2014-11-22 02:50:10   580096   ----a-w-   C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54   48640   ----a-w-   C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20   88064   ----a-w-   C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:43   144384   ----a-w-   C:\Windows\System32\ieUnatt.exe
2014-11-22 02:35:29   114688   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51   814080   ----a-w-   C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07   6039552   ----a-w-   C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31   968704   ----a-w-   C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44   2724864   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16   77824   ----a-w-   C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43   501248   ----a-w-   C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17   62464   ----a-w-   C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32   47616   ----a-w-   C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02   64000   ----a-w-   C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:55:16   115712   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2014-11-22 01:54:30   620032   ----a-w-   C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10   1359360   ----a-w-   C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58   2125312   ----a-w-   C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04   60416   ----a-w-   C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26   4299264   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21   2358272   ----a-w-   C:\Windows\System32\wininet.dll
2014-11-22 01:22:49   2052096   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57   1155072   ----a-w-   C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20   1888256   ----a-w-   C:\Windows\SysWow64\wininet.dll
2014-11-11 03:09:06   1424384   ----a-w-   C:\Windows\System32\WindowsCodecs.dll
2014-11-11 02:44:45   1230336   ----a-w-   C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 01:46:26   119296   ----a-w-   C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08   2048   ----a-w-   C:\Windows\System32\tzres.dll
2014-11-08 02:45:09   2048   ----a-w-   C:\Windows\SysWow64\tzres.dll
2014-11-04 21:30:58   275080   ------w-   C:\Windows\System32\MpSigStub.exe
2014-10-30 02:04:21   1480192   ----a-w-   C:\Windows\System32\crypt32.dll
2014-10-30 01:46:24   1174528   ----a-w-   C:\Windows\SysWow64\crypt32.dll
2014-10-30 01:45:43   155136   ----a-w-   C:\Windows\SysWow64\charmap.exe
2014-10-25 01:57:59   77824   ----a-w-   C:\Windows\System32\packager.dll
2014-10-25 01:32:37   67584   ----a-w-   C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23   861696   ----a-w-   C:\Windows\System32\oleaut32.dll
2014-10-18 02:05:21   4121600   ----a-w-   C:\Windows\System32\mf.dll
2014-10-18 01:33:18   571904   ----a-w-   C:\Windows\SysWow64\oleaut32.dll
2014-10-18 01:33:13   3209728   ----a-w-   C:\Windows\SysWow64\mf.dll
2014-10-14 02:13:00   3241984   ----a-w-   C:\Windows\System32\msi.dll
2014-10-14 01:50:41   2363904   ----a-w-   C:\Windows\SysWow64\msi.dll
2014-10-10 00:57:42   3198976   ----a-w-   C:\Windows\System32\win32k.sys
2014-10-03 02:12:23   310272   ----a-w-   C:\Windows\System32\WsmWmiPl.dll
2014-10-03 02:12:23   2020352   ----a-w-   C:\Windows\System32\WsmSvc.dll
2014-10-03 02:12:22   346624   ----a-w-   C:\Windows\System32\WSManMigrationPlugin.dll
2014-10-03 02:12:22   181248   ----a-w-   C:\Windows\System32\WsmAuto.dll
2014-10-03 02:12:00   500224   ----a-w-   C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54   284672   ----a-w-   C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51   680960   ----a-w-   C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51   440832   ----a-w-   C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51   296448   ----a-w-   C:\Windows\System32\AudioSes.dll
2014-10-03 02:11:49   266240   ----a-w-   C:\Windows\System32\WSManHTTPConfig.exe
2014-10-03 01:45:03   248832   ----a-w-   C:\Windows\SysWow64\WSManMigrationPlugin.dll
2014-10-03 01:45:03   214016   ----a-w-   C:\Windows\SysWow64\WsmWmiPl.dll
2014-10-03 01:45:03   145920   ----a-w-   C:\Windows\SysWow64\WsmAuto.dll
2014-10-03 01:45:03   1177088   ----a-w-   C:\Windows\SysWow64\WsmSvc.dll
2014-10-03 01:44:42   442880   ----a-w-   C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26   374784   ----a-w-   C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26   195584   ----a-w-   C:\Windows\SysWow64\AudioSes.dll
2014-10-03 01:44:25   198656   ----a-w-   C:\Windows\SysWow64\WSManHTTPConfig.exe
2014-09-25 02:08:38   371712   ----a-w-   C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50   519680   ----a-w-   C:\Windows\SysWow64\qdvd.dll
2014-09-19 09:42:52   210944   ----a-w-   C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51   86528   ----a-w-   C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49   342016   ----a-w-   C:\Windows\System32\schannel.dll
2014-09-19 09:42:47   314880   ----a-w-   C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47   309760   ----a-w-   C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:41   22016   ----a-w-   C:\Windows\System32\credssp.dll
2014-09-19 09:23:55   172032   ----a-w-   C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52   65536   ----a-w-   C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49   248832   ----a-w-   C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46   221184   ----a-w-   C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45   259584   ----a-w-   C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:36   17408   ----a-w-   C:\Windows\SysWow64\credssp.dll
.
============= FINISH: 12:08:43.43 ===============
« Last Edit: December 11, 2014, 02:27:27 PM by Hoov »



Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27056
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] MS Defender will not start or reload
« Reply #1 on: December 11, 2014, 02:28:53 PM »
Hello, welcome to SpywareHammer.

I go by Hoov, and I will be helping you with your problem. I must ask you to do a few things for me.

First, tell me everything that you have done, if anything, to try and fix this problem.Also tell me any other problems you are having, no matter how small or long you have been dealing with them.

Second, please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.

Third, follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go.

Fourth, Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try.

Fifth, if we start this fix, I need you to stick with me until the end. Just because your computer is running better does not mean it is fixed.

Before we start trying to fix your computer, you need to make sure your data is backed up. Also let me know of any software you have running that encrypts your harddrive.

One last thing, I need you to tell me if this computer belongs to a school or to a company or orginization of some kind. If it does, please let me know. Also tell me if there is an IT department responsible for this computer.

Now onto trying to fix your computer.

Can you also copy and paste the attach.txt file just like you did the DDS.txt file?

Have you been having any other problems with this computer?

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline Kevin1961

  • Bronze Member
  • Posts: 17
Re: [In Progress] MS Defender will not start or reload
« Reply #2 on: December 11, 2014, 03:17:06 PM »
Thanks Hoov,
I have been having a problem with the wireless adapter dropping the internet connection. I recently received some emails from what I thought were friends but when I opened them I could see they weren't from who I thought they were. I've had my credit card number stolen several times in the past few years. I don't use this computer for purchases now because I don't trust it. I've had problems in the past with some business software I use that I think has some vulnerabilities that are being exploited. Kaspersky found a Trojan installer in an external drive several years ago. I still use that drive and it scans clear. I have an older computer that is not connected to the internet that I sometimes need to copy a file from. I scan the files and they pass but I recognize that the older computer is probably compromised. I use this computer to surf for news, commentary and information. I access a variety of different websites for my business.  The computer is primarily used to generate business documents. I've backed up the critical data. Back in the old days I knew a thing or two about computers but my knowledge is out of date. I still resort to the dos prompt when I need to do certain things. I'm looking forward to learning something.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 6/5/2012 4:46:44 PM
System Uptime: 12/11/2014 10:49:16 AM (2 hours ago)
.
Motherboard: ASUSTeK Computer Inc. |  | K84L
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz | CPU 1 | 1587/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 122 GiB total, 62.672 GiB free.
D: is FIXED (NTFS) - 151 GiB total, 151.375 GiB free.
E: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP245: 11/28/2014 9:19:38 AM - Windows Update
RP246: 12/2/2014 10:01:39 AM - Windows Update
RP247: 12/9/2014 7:53:24 AM - Windows Update
RP248: 12/10/2014 8:23:46 AM - Windows Update
RP249: 12/10/2014 1:40:35 PM - Windows Update
.
==== Installed Programs ======================
.
??????? Windows Live Mesh ActiveX ??(????)
??????? Windows Live Mesh ActiveX ???
Adobe Flash Player 15 ActiveX
Adobe Reader XI (11.0.09)
Ask Toolbar
Asmedia ASM104x USB 3.0 Host Controller Driver
ASUS AI Recovery
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS Power4Gear Hybrid
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ASUS WebStorage
ASUS_Screensaver
AsusVibe2.0
Atheros Driver Installation Program
ATK Package
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon MG5300 series MP Drivers
Canon MG5300 series On-screen Manual
Canon MG5300 series User Registration
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
ClickFORMS
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Control ActiveX de Windows Live Mesh para conexiones remotas
Controlo ActiveX do Windows Live Mesh para Ligações Remotas
CutePDF Editor Toolbar Updater
CutePDF Writer 3.0
CyberLink LabelPrint
CyberLink Media Suite
CyberLink Power2Go
D3DX10
Definition Update for Microsoft Office 2010 (KB2910899) 32-Bit Edition
Fast Boot
Galeria de Fotografias do Windows Live
Galerie de photos Windows Live
Galería fotográfica de Windows Live
Google Earth Plug-in
Google Update Helper
InstantOn for NB
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Junk Mail filter update
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nuance PDF Reader
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Reader Driver
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Excel 2010 (KB2910902) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553154) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2899519) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Sonic Focus
swMSM
Synaptics Pointing Device Driver
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889818) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2597088) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
Windows Live
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinFlash
Wireless Console 3
.
==== Event Viewer Messages From Past Week ========
.
12/9/2014 8:39:22 AM, Error: NetBT [4321]  - The name "WORKGROUP      :1d" could not be registered on the interface with IP address 10.0.0.35. The computer with the IP address 10.0.0.74 did not allow the name to be claimed by this computer.
12/11/2014 10:51:54 AM, Error: Service Control Manager [7023]  - The Windows Defender service terminated with the following error:  %%-2147023113
12/10/2014 4:10:43 PM, Error: Service Control Manager [7030]  - The Windows Defender service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
.
==== End Of File ===========================

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27056
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] MS Defender will not start or reload
« Reply #3 on: December 11, 2014, 04:21:30 PM »
Lets start with a basic scan. Malwarebytes' Anti-Malware is a good tool, and you may want to hang on to it when we are done. Depending on what that finds, we may dig deeper.

 
MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click to execute the installation. Accept the terms, and allow MBAM to install to the default location in your Program Files.
  • Please update the database by clicking on the Update Now button as shown below.


  • Following the update, click on the large green Scan Now button to begin the Threat Scan.

Note: Optionally, you could have simply clicked Fix Now if it is displayed. That will automatically download updates and run a Threat Scan.
If Malware or Potentially Unwanted Programs are found you will receive a Prompt so that you can decide what you want to do. I suggest "Quarantine". Click the button: Apply All Actions.
  • A window with an option to view the detailed log will appear. Click on View Detailed Log.

    • After viewing the results, please click on the Copy to Clipboard button > OK.

  • Return to our forum. Paste your log into your next reply.
  • Note: If you lose the Clipboard copy and need to retrieve the log again it can be found by opening Malwarebytes and clicking on History> Application Logs with the date of the scan. Simply double-click on that in order to see the options for Copying to Clipboard or to Export to a .txt file (Notepad). etc.. The .txt file can be saved and posted when you are ready.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline Kevin1961

  • Bronze Member
  • Posts: 17
Re: [In Progress] MS Defender will not start or reload
« Reply #4 on: December 11, 2014, 05:21:09 PM »
Okay, I ran the Malwarebytes program and it did not find any malicious software. I have used this program before and my free trial expired. The window that pops up when I click on the application logs hides the export button and is stubbornly refusing to scroll. I checked the quarantine folder and there are some files...most of them are registry keys. I've attached two jpg files with screen captures of the quarantine screen and scan results.



Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27056
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] MS Defender will not start or reload
« Reply #5 on: December 11, 2014, 06:54:58 PM »
Do you ever get a popup in the lower right corner telling you that your trial has expired? If you do click the End Trial button. When you do that, it will revert to the free version.

* Anyone other than the originator of this thread, you would be best advised to not run combofix without guidance from someone trained in its use. It is a very powerful tool that can cause damage to your computer if used wrong.

Run comboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Also make sure you close all your browsers just before the instructions tell you to start the scanner.

Please include the C:\ComboFix.txt in your next reply for further review.

Note:
Do not mouseclick combofix''s window while it''s running. That may cause it to stall

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline Kevin1961

  • Bronze Member
  • Posts: 17
Re: [In Progress] MS Defender will not start or reload
« Reply #6 on: December 12, 2014, 09:53:02 AM »
I ran the combofix tool and received several error messages. The first was that windows requires a digitally signed driver (MAC Bridge Driver). The second error message was "error saving file" windows\erndnt\HIV-backup\components !"
The scan was done in about 10 minutes. The report printout is too long for a single post so I'll split it into two. Thanks

ComboFix 14-12-10.03 - DSI-PC 12/12/2014   8:23.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4000.2522 [GMT -7:00]
Running from: c:\users\DSI-PC\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\DSI-PC\Documents\~WRL0004.tmp
c:\users\DSI-PC\g2mdlhlpx.exe
c:\windows\msvcr71.dll
D:\install.exe
.
.
(((((((((((((((((((((((((   Files Created from 2014-11-12 to 2014-12-12  )))))))))))))))))))))))))))))))
.
.
2014-12-12 15:28 . 2014-12-12 15:28   --------   d-----w-   c:\users\Default\AppData\Local\temp
2014-12-11 22:32 . 2014-12-11 22:32   129752   ----a-w-   c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-11 22:31 . 2014-12-11 22:31   --------   d-----w-   c:\program files (x86)\Malwarebytes Anti-Malware
2014-12-11 22:31 . 2014-11-21 13:14   63704   ----a-w-   c:\windows\system32\drivers\mwac.sys
2014-12-11 22:31 . 2014-11-21 13:14   93400   ----a-w-   c:\windows\system32\drivers\mbamchameleon.sys
2014-12-11 22:31 . 2014-11-21 13:14   25816   ----a-w-   c:\windows\system32\drivers\mbam.sys
2014-12-10 20:45 . 2014-12-10 20:45   --------   d-----w-   c:\windows\system32\appraiser
2014-12-10 15:24 . 2014-10-30 02:04   1480192   ----a-w-   c:\windows\system32\crypt32.dll
2014-12-10 15:23 . 2014-10-30 02:03   165888   ----a-w-   c:\windows\system32\charmap.exe
2014-12-09 14:54 . 2014-11-02 04:20   11632448   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{31FEE687-C24C-4A01-BE3B-5108D7CE8DF3}\mpengine.dll
2014-12-01 17:19 . 2014-12-11 23:18   --------   d-----w-   C:\1412
2014-11-28 15:39 . 2014-09-05 01:52   5703168   ----a-w-   c:\windows\SysWow64\mstscax.dll
2014-11-28 15:39 . 2014-09-05 02:11   6584320   ----a-w-   c:\windows\system32\mstscax.dll
2014-11-26 16:47 . 2014-08-29 02:07   3179520   ----a-w-   c:\windows\system32\rdpcorets.dll
2014-11-26 16:47 . 2014-05-08 09:32   16384   ----a-w-   c:\windows\system32\RdpGroupPolicyExtension.dll
2014-11-25 20:59 . 2014-11-25 20:59   18638520   ----a-w-   c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2014-11-25 16:09 . 2012-08-23 14:10   19456   ----a-w-   c:\windows\system32\drivers\rdpvideominiport.sys
2014-11-25 16:09 . 2012-08-23 14:08   30208   ----a-w-   c:\windows\system32\drivers\TsUsbGD.sys
2014-11-25 16:09 . 2012-08-23 14:13   243200   ----a-w-   c:\windows\system32\rdpudd.dll
2014-11-25 16:09 . 2012-08-23 11:12   192000   ----a-w-   c:\windows\SysWow64\rdpendp_winip.dll
2014-11-25 16:09 . 2012-08-23 10:51   228864   ----a-w-   c:\windows\system32\rdpendp_winip.dll
2014-11-25 16:07 . 2012-03-14 12:00   385024   ----a-w-   c:\windows\system32\CNMLMAT.DLL
2014-11-19 13:14 . 2014-11-11 03:08   241152   ----a-w-   c:\windows\system32\pku2u.dll
2014-11-19 13:14 . 2014-11-11 03:08   728064   ----a-w-   c:\windows\system32\kerberos.dll
2014-11-19 13:14 . 2014-11-11 02:44   186880   ----a-w-   c:\windows\SysWow64\pku2u.dll
2014-11-19 13:14 . 2014-11-11 02:44   550912   ----a-w-   c:\windows\SysWow64\kerberos.dll
2014-11-19 11:31 . 2014-11-19 11:31   1217192   ----a-w-   c:\windows\SysWow64\FM20.DLL
2014-11-12 18:19 . 2014-11-12 18:19   --------   d-----w-   c:\program files (x86)\Common Files\Adobe
2014-11-12 18:10 . 2014-11-12 18:10   --------   d-sh--w-   c:\users\DSI-PC\AppData\Local\EmieBrowserModeList
2014-11-12 16:35 . 2014-10-14 02:16   155064   ----a-w-   c:\windows\system32\drivers\ksecpkg.sys
2014-11-12 16:35 . 2014-10-14 02:13   683520   ----a-w-   c:\windows\system32\termsrv.dll
2014-11-12 16:35 . 2014-10-14 02:12   1460736   ----a-w-   c:\windows\system32\lsasrv.dll
2014-11-12 16:35 . 2014-10-14 02:09   146432   ----a-w-   c:\windows\system32\msaudite.dll
2014-11-12 16:35 . 2014-10-14 02:07   681984   ----a-w-   c:\windows\system32\adtschema.dll
2014-11-12 16:35 . 2014-10-14 01:50   22016   ----a-w-   c:\windows\SysWow64\secur32.dll
2014-11-12 16:35 . 2014-10-14 01:49   96768   ----a-w-   c:\windows\SysWow64\sspicli.dll
2014-11-12 16:35 . 2014-10-14 01:47   146432   ----a-w-   c:\windows\SysWow64\msaudite.dll
2014-11-12 16:35 . 2014-10-14 01:46   681984   ----a-w-   c:\windows\SysWow64\adtschema.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-11 17:49 . 2012-03-15 18:24   45056   ----a-w-   c:\windows\SysWow64\acovcnt.exe
2014-12-09 23:18 . 2012-06-17 19:56   71344   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-09 23:18 . 2012-06-17 19:56   701104   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-27 23:40 . 2012-06-06 10:40   112710672   ----a-w-   c:\windows\system32\MRT.exe
2014-11-04 21:30 . 2012-06-05 22:56   275080   ------w-   c:\windows\system32\MpSigStub.exe
2014-09-25 02:08 . 2014-10-01 14:14   371712   ----a-w-   c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 14:14   519680   ----a-w-   c:\windows\SysWow64\qdvd.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-07-14 . 769765CE2CC62867468CEA93969B2242 . 23040 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_804cc08a4e8a4516\asyncmac.sys
[-] 2009-07-14 . 769765CE2CC62867468CEA93969B2242 . 23040 . . [6.1.7600.16385] .. c:\windows\system32\drivers\asyncmac.sys
.
[-] 2009-07-13 . 9899284589F75FA8724FF3D16AED75C1 . 6144 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_055adf2434ae116e\null.sys
[-] 2009-07-13 . 9899284589F75FA8724FF3D16AED75C1 . 6144 . . [6.1.7600.16385] .. c:\windows\system32\drivers\null.sys
.
[-] 2014-11-11 . 5FCF588BBD2358538DB17DD0A0A31813 . 118272 . . [6.1.7601.22865] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.22865_none_48b848380bfa8bbd\tdx.sys
[-] 2014-11-11 . 70988118145F5F10EF24720B97F35F65 . 119296 . . [6.1.7601.18658] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.18658_none_483c7a50f2d21ee0\tdx.sys
[-] 2010-11-20 . DDAD5A7AB24D8B65F8D724F5C20FD806 . 119296 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys
[-] 2014-11-11 . 70988118145F5F10EF24720B97F35F65 . 119296 . . [6.1.7601.18658] .. c:\windows\system32\drivers\tdx.sys
.
[-] 2012-07-04 . 05F5A0D14A2EE1D8255C2AA0E9E8E694 . 136704 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17887_none_d6c68344b4d406bf\browser.dll
[-] 2012-07-04 . 156768ABAE1DAF29BA0B0C05C21FEF09 . 136704 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.22044_none_d7783703cdd41e02\browser.dll
[-] 2010-11-20 . 8EF0D5C41EC907751B8429162B1239ED . 136192 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17514_none_d70f2c28b49dffae\browser.dll
[-] 2012-07-04 . 05F5A0D14A2EE1D8255C2AA0E9E8E694 . 136704 . . [6.1.7600.16385] .. c:\windows\system32\browser.dll
.
[-] 2014-09-19 . B84317193B6A29F5F5DCF538C34FDCED . 31232 . . [6.1.7601.22814] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22814_none_04fa1a008c887630\lsass.exe
[-] 2014-09-19 . 341655B216721D89CADE9DEA2F33872F . 31232 . . [6.1.7601.18606] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18606_none_047d4bcf7360effc\lsass.exe
[-] 2014-05-30 . F23812F9F7B130854E4BC0389F7C688C . 31232 . . [6.1.7601.18489] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_0429c981739f213b\lsass.exe
[-] 2014-05-30 . 04F6C08B30C599D301CE8530A6F6A703 . 31232 . . [6.1.7601.22705] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_0505e8508c7f766f\lsass.exe
[-] 2014-04-12 . 6598EBC4D209318EBD81F76833ECBEDB . 31232 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[-] 2014-04-12 . 6598EBC4D209318EBD81F76833ECBEDB . 31232 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[-] 2014-04-12 . 6598EBC4D209318EBD81F76833ECBEDB . 31232 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22736_none_04e678d68c96e399\lsass.exe
[-] 2014-04-12 . 6598EBC4D209318EBD81F76833ECBEDB . 31232 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_0507eaca8c7da644\lsass.exe
[-] 2014-04-12 . 6598EBC4D209318EBD81F76833ECBEDB . 31232 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22843_none_04d8a9f28ca1b0ac\lsass.exe
[-] 2014-04-12 . 204F3F58212B3E422C90BD9691A2DF28 . 31232 . . [6.1.7601.18443] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[-] 2014-04-12 . 204F3F58212B3E422C90BD9691A2DF28 . 31232 . . [6.1.7601.18443] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[-] 2014-04-12 . 204F3F58212B3E422C90BD9691A2DF28 . 31232 . . [6.1.7601.18443] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_0467aa1173712ab7\lsass.exe
[-] 2014-04-12 . 204F3F58212B3E422C90BD9691A2DF28 . 31232 . . [6.1.7601.18443] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18637_none_045ddc5573785d26\lsass.exe
[-] 2012-08-24 . 77119F1F9B492B260030C34F9BE327FA . 31232 . . [6.1.7601.22099] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[-] 2011-11-17 . C118A82CD78818C29AB228366EBF81C3 . 31232 . . [6.1.7601.17725] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[-] 2011-11-17 . C118A82CD78818C29AB228366EBF81C3 . 31232 . . [6.1.7601.17725] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[-] 2011-11-17 . 0A10B74FBB437FF9A23F1D5DE4446A83 . 31232 . . [6.1.7601.21861] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[-] 2009-07-14 . 0793F40B9B8A1BDD266296409DBD91EA . 31232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[-] 2014-04-12 . 204F3F58212B3E422C90BD9691A2DF28 . 31232 . . [6.1.7601.18443] .. c:\windows\system32\lsass.exe
.
[-] 2009-07-14 . 847D3AE376C0817161A14A82C8922A9E . 360448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll
[-] 2009-07-14 . 847D3AE376C0817161A14A82C8922A9E . 360448 . . [6.1.7600.16385] .. c:\windows\system32\netman.dll
.
[-] 2010-11-20 . 1EA7969E3271CBC59E1730697DC74682 . 849920 . . [7.5.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll
[-] 2010-11-20 . 1EA7969E3271CBC59E1730697DC74682 . 849920 . . [7.5.7600.16385] .. c:\windows\system32\qmgr.dll
.
[-] 2010-11-20 . 5C627D1B1138676C0A7AB2C2C190D123 . 512000 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
[-] 2010-11-20 . 5C627D1B1138676C0A7AB2C2C190D123 . 512000 . . [6.1.7601.17514] .. c:\windows\system32\rpcss.dll
.
[-] 2009-07-14 . 24ACB7E5BE595468E3B9AA488B9B4FCB . 328704 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[-] 2009-07-14 . 24ACB7E5BE595468E3B9AA488B9B4FCB . 328704 . . [6.1.7600.16385] .. c:\windows\system32\services.exe
.
[-] 2012-02-11 . 85DAA09A98C9286D4EA2BA8D0E644377 . 559104 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe
[-] 2012-02-11 . B9D7A4858CF32A6A15D2763F1DE47E0E . 559616 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe
[-] 2010-11-20 . B96C17B5DC1424D56EEA3A99E97428CD . 559104 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe
[-] 2012-02-11 . 85DAA09A98C9286D4EA2BA8D0E644377 . 559104 . . [6.1.7600.16385] .. c:\windows\system32\spoolsv.exe
.
[-] 2014-07-17 . 8CEBD9D0A0A879CDE9F36F4383B7CAEA . 455168 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[-] 2014-07-16 . 98AA0BFEE089C7E5DADB94190D93456C . 455680 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[-] 2014-03-04 . 6CE2AE073BD21C542FC2C707CAE944CC . 455680 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[-] 2014-03-04 . 88AB9B72B4BF3963A0DE0820B4B0B06C . 455168 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[-] 2010-11-20 . 1151B1BAA6F350B1DB6598E0FEA7C457 . 390656 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[-] 2014-07-17 . 8CEBD9D0A0A879CDE9F36F4383B7CAEA . 455168 . . [6.1.7601.17514] .. c:\windows\system32\winlogon.exe
.
[-] 2013-07-04 . 9028D1621C43DF8DFBD1C76860412A11 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18201_none_97c9d703ee91c7f1\comctl32.dll
[-] 2013-07-04 . 9028D1621C43DF8DFBD1C76860412A11 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
[-] 2013-07-04 . 4F3C5CE9EF990E1C62B7E7EBA0EBA1C2 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.22376_none_980cc5cd07e3aa05\comctl32.dll
[-] 2013-07-04 . 4F3C5CE9EF990E1C62B7E7EBA0EBA1C2 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.22376_none_a6ba9bf96e3dcd13\comctl32.dll
[-] 2010-11-20 . 14DFDEAF4E589ED3F1FF187A86B9408C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_97c2246fee970dbb\comctl32.dll
[-] 2010-11-20 . 14DFDEAF4E589ED3F1FF187A86B9408C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
[-] 2010-11-20 . 7FA8FDC2C2A27817FD0F624E78D3B50C . 2030080 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
[-] 2013-07-04 . 9028D1621C43DF8DFBD1C76860412A11 . 633856 . . [5.82] .. c:\windows\system32\comctl32.dll
.
[-] 2009-07-14 . 1A47D52E303B7543E4E6026595B95422 . 1297408 . . [2001.12.8530.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_88a5cc7effe2dfca\comres.dll
[-] 2009-07-14 . 1A47D52E303B7543E4E6026595B95422 . 1297408 . . [2001.12.8530.16385] .. c:\windows\system32\comres.dll
.
[-] 2014-07-07 . 19D511CC455C19DE1ADF60E6C39C85B6 . 187904 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18526_none_d41cb8b3b175406a\cryptsvc.dll
[-] 2014-07-07 . 63A15BA9875364C4147B226CB70468B3 . 190976 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22856_none_d485e986caab2e55\cryptsvc.dll
[-] 2013-10-05 . 509D31797A4B8A3D6ED78A330B19A919 . 186880 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[-] 2013-07-09 . 434CCE8E7150CD1324C5FAA088D1D061 . 186880 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[-] 2013-07-09 . 6B400F211BEE880A37A1ED0368776BF4 . 184320 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[-] 2013-05-13 . D8129C49798CBBFB2E4351D4B7B8EF9C . 184320 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[-] 2013-05-11 . 8122252F0A4ACFA92FA0C1D50D18493B . 186880 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[-] 2013-05-10 . 7FDC4626B01106A8EF328C88C7C0DEE3 . 184320 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[-] 2013-05-10 . CA13C4F92BEE66DB48E58AB3223DDF6E . 186880 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[-] 2012-06-04 . 7E7D2DACF65D750D466F36BD3D09AE20 . 186880 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[-] 2012-06-02 . 9C01375BE382E834CC26D1B7EAF2C4FE . 184320 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[-] 2010-11-20 . 15597883FBE9B056F276ADA3AD87D9AF . 177152 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[-] 2014-07-07 . 19D511CC455C19DE1ADF60E6C39C85B6 . 187904 . . [6.1.7600.16385] .. c:\windows\system32\cryptsvc.dll
.
[-] 2009-07-14 . 4166F82BE4D24938977DD1746BE9B8A0 . 402944 . . [2001.12.8530.16385] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll
[-] 2009-07-14 . 4166F82BE4D24938977DD1746BE9B8A0 . 402944 . . [2001.12.8530.16385] .. c:\windows\system32\es.dll
.
[-] 2009-07-14 . AA2C08CE85653B1A0D2E4AB407FA176C . 167424 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_b84b0fbd941c03a9\imm32.dll
[-] 2009-07-14 . AA2C08CE85653B1A0D2E4AB407FA176C . 167424 . . [6.1.7600.16385] .. c:\windows\system32\imm32.dll
.
[-] 2014-04-25 . 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 . 801280 . . [1.0626.7601.18454] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18454_none_0af5261f6f3c76ad\usp10.dll
[-] 2014-04-25 . BB2B03C6B6778A9B2866A049CC600D55 . 801792 . . [1.0626.7601.22666] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22666_none_0b75f5788860623d\usp10.dll
[-] 2010-11-20 . 2F8B1E3EE3545D3B5A8D56FA1AE07B65 . 800256 . . [1.0626.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_0b207e7d6f1bea6f\usp10.dll
[-] 2014-04-25 . 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 . 801280 . . [1.0626.7601.18454] .. c:\windows\system32\usp10.dll
.
[-] 2014-04-12 . 77BBBF70BCE286CD19E1E68F248363FA . 1164800 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_f24130b9862a22c7\kernel32.dll
[-] 2014-03-04 . 52E77DC8E31C89FBB1E968699C8121C5 . 1164800 . . [6.1.7601.22616] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22616_none_f26f71478606ff08\kernel32.dll
[-] 2014-03-04 . D2A513EE880D71BDE7F0257F38B9D019 . 1163264 . . [6.1.7601.18409] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_f1f3a3606cde922b\kernel32.dll
[-] 2013-08-29 . 786D234A90FCAC72633AE6FC52653A49 . 1162240 . . [6.1.7601.22436] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22436_none_f259cda386173c9c\kernel32.dll
[-] 2013-08-02 . C525D51A79B01342344F02E38866CF60 . 1162240 . . [6.1.7601.22411] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22411_none_f26a6c09860b8607\kernel32.dll
[-] 2013-08-02 . D8973E71F1B35CD3F3DEA7C12D49D0F0 . 1161216 . . [6.1.7601.18229] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18229_none_f1ddffbc6ceecfbf\kernel32.dll
[-] 2012-11-30 . B3BEA6420D482356E53B7C728E05C637 . 1163264 . . [6.1.7601.22177] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_f22f888b8636ce42\kernel32.dll
[-] 2012-11-30 . 65C113214F7B05820F6D8A65B1485196 . 1161216 . . [6.1.7601.18015] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_f1e4cab46cea5424\kernel32.dll
[-] 2010-11-20 . 7A6326D96D53048FDEC542DF23D875A0 . 1161216 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll
[-] 2014-03-04 . D2A513EE880D71BDE7F0257F38B9D019 . 1163264 . . [6.1.7601.18015] .. c:\windows\system32\kernel32.dll
.
[-] 2009-07-14 . A0A65D306A5490D2EB8E7DE66898ECFD . 29696 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_945a23c3bf051859\linkinfo.dll
[-] 2009-07-14 . A0A65D306A5490D2EB8E7DE66898ECFD . 29696 . . [6.1.7600.16385] .. c:\windows\system32\linkinfo.dll
.
[-] 2013-06-06 . 796B47A4B82EF1C39F13435B88834C48 . 41472 . . [6.1.7601.18177] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18177_none_07bb20dd7154003d\lpk.dll
[-] 2013-06-06 . 22FC61B8E1EBA296FF416C3678E26DD3 . 41472 . . [6.1.7601.22350] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_08535d608a67b3eb\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_07f91de77125e78d\lpk.dll
[-] 2013-06-06 . 796B47A4B82EF1C39F13435B88834C48 . 41472 . . [6.1.7601.18177] .. c:\windows\system32\lpk.dll
.
[-] 2009-07-14 . 3B367397320C26DBA890B260F80D1B1B . 424448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.1.7600.16385_none_0c2b375bae4a8d38\hnetcfg.dll
[-] 2009-07-14 . 3B367397320C26DBA890B260F80D1B1B . 424448 . . [6.1.7600.16385] .. c:\windows\system32\hnetcfg.dll
.
[-] 2014-11-22 . D478A4CF07FB8ADF72FB16B88E8030B8 . 25059840 . . [11.00.9600.17496] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17501_none_f58df6883740dfc5\mshtml.dll
[-] 2014-11-06 . BBD6A636AAA65D874F3863280CD8373D . 25110016 . . [11.00.9600.17496] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17420_none_f59addd03736dce1\mshtml.dll
[-] 2014-09-19 . 7415B29AFE2E4494A57358B8C7E78600 . 23631360 . . [11.00.9600.17496] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17358_none_f5a7f85a372cd9fd\mshtml.dll
[-] 2014-08-18 . 920BD93A0B64657A20CA66C2EBB167EA . 23591424 . . [11.00.9600.17496] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17280_none_f5b67f6437213d09\mshtml.dll
[-] 2014-07-25 . ECA387DCD57F683C52171C766CF400F0 . 23645696 . . [11.00.9600.17496] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17239_none_f5b0b0ea3726a4ff\mshtml.dll
[-] 2014-06-19 . FEC19C351EF1B2C998A85D1BFD765675 . 23464448 . . [11.00.9600.17207] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17207_none_f5addd9c372925b8\mshtml.dll
[-] 2014-05-30 . 56803B20D168C1B740D12CE0BE4588F5 . 23414784 . . [11.00.9600.17126] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17126_none_f5bac4e4371f22d4\mshtml.dll
[-] 2014-05-06 . 797E2E5C309AFF76990D5B7AF457EACA . 23544320 . . [11.00.9600.17107] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17107_none_f5b8ad88372109c7\mshtml.dll
[-] 2014-04-29 . A98DA2EC1E56CF52C682D072F77D9874 . 23547904 . . [11.00.9600.17105] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17105_none_f5b8db183720d685\mshtml.dll
[-] 2014-03-31 . C3E3EFD320D0000BE6F9CDB00CD6086F . 23134208 . . [11.00.9600.16659] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16659_none_f5876fe837454a4a\mshtml.dll
[-] 2014-03-06 . 37D0FB9E5E8EDA40B66FC3FB3D660261 . 23549440 . . [11.00.9600.17041] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17041_none_f5c8074c3714b96c\mshtml.dll
[-] 2014-03-01 . 4E0709D9BB951AD1C22E4FF519B90839 . 23133696 . . [11.00.9600.16521] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16521_none_f58ff536373f154c\mshtml.dll
[-] 2014-02-06 . D016F5092E4FFC41147E8555A71D2DDE . 23170048 . . [11.00.9600.16518] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16518_none_f58e55743740af5c\mshtml.dll
[-] 2013-11-26 . 16B0A65F52531B769B891DC251ECC6C0 . 23183360 . . [11.00.9600.16476] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16476_none_f59f54ac3732f833\mshtml.dll
[-] 2013-11-13 . D233E1A32CE6AF918C9DE1BC44AFEB2A . 23212032 . . [11.00.9600.16428] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16428_none_f59a25aa3737acc2\mshtml.dll
[-] 2014-11-22 . D478A4CF07FB8ADF72FB16B88E8030B8 . 25059840 . . [11.00.9600.17496] .. c:\windows\system32\mshtml.dll
.
[-] 2011-12-16 . C391FC68282A000CDF953F8B6B55D2EF . 634880 . . [7.0.7601.17744] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_2f5acf97b59df60f\msvcrt.dll
[-] 2011-12-16 . F9A4C695C86CC32048FE2C987A0BD387 . 634880 . . [7.0.7601.21878] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_2fc7fdc6ced04f08\msvcrt.dll
[-] 2009-07-14 . 7319BB10FA1F86E49E3DCF4136F6C957 . 634880 . . [7.0.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_2d4a27c7b8972454\msvcrt.dll
[-] 2011-12-16 . C391FC68282A000CDF953F8B6B55D2EF . 634880 . . [7.0.7601.17744] .. c:\windows\system32\msvcrt.dll
.
[-] 2013-09-08 . 9A9F9F1A77D6A80EE28B57664F00013E . 327168 . . [6.1.7601.18254] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_164e004b440bdabf\mswsock.dll
[-] 2013-09-07 . BDDB1FD258B92DEE00F222D3304B5D9C . 327168 . . [6.1.7601.22444] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_16e26ee85d215bbf\mswsock.dll
[-] 2010-11-20 . 1D5185A4C7E6695431AE4B55C3D7D333 . 326144 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
[-] 2013-09-08 . 9A9F9F1A77D6A80EE28B57664F00013E . 327168 . . [6.1.7600.16385] .. c:\windows\system32\mswsock.dll
.
[-] 2010-11-20 . AA339DD8BB128EF66660DFBBB59043D3 . 695808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[-] 2010-11-20 . AA339DD8BB128EF66660DFBBB59043D3 . 695808 . . [6.1.7600.16385] .. c:\windows\system32\netlogon.dll
.
[-] 2009-07-14 . 716175021BDA290504CE434273F666BC . 167424 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_ff0e900816896618\powrprof.dll
[-] 2009-07-14 . 716175021BDA290504CE434273F666BC . 167424 . . [6.1.7600.16385] .. c:\windows\system32\powrprof.dll
.
[-] 2010-11-20 . ED78427259134C63ED69804D2132B86C . 232960 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
[-] 2010-11-20 . ED78427259134C63ED69804D2132B86C . 232960 . . [6.1.7600.16385] .. c:\windows\system32\scecli.dll

Offline Kevin1961

  • Bronze Member
  • Posts: 17
Re: [In Progress] MS Defender will not start or reload
« Reply #7 on: December 12, 2014, 09:54:01 AM »
Continuation of combofix report.

.
[-] 2009-07-14 . C6DCD1D11ED6827F05C00773C3E7053C . 3072 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_032ab4f375e2ac1f\sfc.dll
[-] 2009-07-14 . C6DCD1D11ED6827F05C00773C3E7053C . 3072 . . [6.1.7600.16385] .. c:\windows\system32\sfc.dll
.
[-] 2009-07-14 . C78655BC80301D76ED4FEF1C1EA40A7D . 27136 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[-] 2009-07-14 . C78655BC80301D76ED4FEF1C1EA40A7D . 27136 . . [6.1.7600.16385] .. c:\windows\system32\svchost.exe
.
[-] 2010-11-20 . 40F0849F65D13EE87B9A9AE3C1DD6823 . 316928 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7601.17514_none_4162de4afb9222c0\tapisrv.dll
[-] 2010-11-20 . 40F0849F65D13EE87B9A9AE3C1DD6823 . 316928 . . [6.1.7600.16385] .. c:\windows\system32\tapisrv.dll
.
[-] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2010-11-20 . BAFE84E637BF7388C96EF48D4D3FDD53 . 30720 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
[-] 2010-11-20 . BAFE84E637BF7388C96EF48D4D3FDD53 . 30720 . . [6.1.7600.16385] .. c:\windows\system32\userinit.exe
.
[-] 2014-11-22 . 4AF089160FE082E5EA5C4AA72782DCA2 . 2358272 . . [11.00.9600.17496] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17501_none_e433d769b6ea768f\wininet.dll
[-] 2014-11-06 . 6FC2819A4F80AAB2DADEDFC1EFEE3C3F . 2365440 . . [11.00.9600.17420] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17420_none_e440beb1b6e073ab\wininet.dll
[-] 2014-09-19 . 9D98D4F390F0B14A782F3B931E613A1A . 2309632 . . [11.00.9600.17344] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17358_none_e44dd93bb6d670c7\wininet.dll
[-] 2014-08-18 . 39EBB9708453036A74C30C9A294023FF . 2310656 . . [11.00.9600.17280] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17280_none_e45c6045b6cad3d3\wininet.dll
[-] 2014-07-25 . 8E71A5CB5312B8392D4DA4CA37BB5868 . 2266624 . . [11.00.9600.17239] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17239_none_e45691cbb6d03bc9\wininet.dll
[-] 2014-06-18 . 2EE102DF0EDD8A1EDD3D1E9B99A91BEC . 2266112 . . [11.00.9600.17207] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17207_none_e453be7db6d2bc82\wininet.dll
[-] 2014-05-30 . 40BFD9D6EC8E174145F012246CA73CCD . 2266112 . . [11.00.9600.17126] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17126_none_e460a5c5b6c8b99e\wininet.dll
[-] 2014-03-06 . F220BA78AB542C70211D73AE4729B2CD . 2260480 . . [11.00.9600.17041] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17041_none_e46de82db6be5036\wininet.dll
[-] 2014-03-01 . DF79CE9B950C62677D232154E93A81C7 . 2334208 . . [11.00.9600.16521] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16521_none_e435d617b6e8ac16\wininet.dll
[-] 2014-02-06 . 263B6E451526A90FF8B1CEC759F22956 . 2334208 . . [11.00.9600.16518] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16518_none_e4343655b6ea4626\wininet.dll
[-] 2013-11-26 . 9B6678DB9C6A232C5A84D2FDFFF8B0E1 . 2334208 . . [11.00.9600.16476] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16476_none_e445358db6dc8efd\wininet.dll
[-] 2013-11-13 . E6CB36B85BE59095337427E853A5B65A . 2332160 . . [11.00.9600.16428] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16428_none_e440068bb6e1438c\wininet.dll
[-] 2010-11-20 . F6C5302E1F4813D552F41A0AC82455E5 . 1188864 . . [8.00.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_7ac940242f7494a4\wininet.dll
[-] 2014-11-22 . 4AF089160FE082E5EA5C4AA72782DCA2 . 2358272 . . [11.00.9600.16428] .. c:\windows\system32\wininet.dll
.
[-] 2010-11-20 . 4BBFA57F594F7E8A8EDC8F377184C3F0 . 297984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[-] 2010-11-20 . 4BBFA57F594F7E8A8EDC8F377184C3F0 . 297984 . . [6.1.7600.16385] .. c:\windows\system32\ws2_32.dll
.
[-] 2009-07-14 . 8396C6C26AADDFE4590CCEF0F419B6B7 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\ws2help.dll
[-] 2009-07-14 . 8396C6C26AADDFE4590CCEF0F419B6B7 . 4608 . . [6.1.7600.16385] .. c:\windows\system32\ws2help.dll
.
[-] 2010-11-20 . 6C60B5ACA7442EFB794082CDACFC001C . 2086912 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_0a43accb08f0eac5\ole32.dll
[-] 2010-11-20 . 6C60B5ACA7442EFB794082CDACFC001C . 2086912 . . [6.1.7600.16385] .. c:\windows\system32\ole32.dll
.
[-] 2009-07-14 . 86FE1B1F8FD42CD0DB641AB1CDB13093 . 18944 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
[-] 2009-07-14 . 86FE1B1F8FD42CD0DB641AB1CDB13093 . 18944 . . [6.1.7600.16385] .. c:\windows\system32\cngaudit.dll
.
[-] 2009-07-14 . 94355C28C1970635A31B3FE52EB7CEBA . 129024 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[-] 2009-07-14 . 94355C28C1970635A31B3FE52EB7CEBA . 129024 . . [6.1.7600.16385] .. c:\windows\system32\wininit.exe
.
[-] 2009-07-14 . 42B6A94DD747DF2B5F628A2752E62A98 . 9728 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe
[-] 2009-07-14 . 42B6A94DD747DF2B5F628A2752E62A98 . 9728 . . [6.1.7600.16385] .. c:\windows\system32\ctfmon.exe
.
[-] 2010-11-20 . AAF932B4011D14052955D4B212A4DA8D . 370688 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7601.17514_none_2b566299338d2123\shsvcs.dll
[-] 2010-11-20 . AAF932B4011D14052955D4B212A4DA8D . 370688 . . [6.1.7600.16385] .. c:\windows\system32\shsvcs.dll
.
[-] 2009-07-14 . E4D94F24081440B5FC5AA556C7C62702 . 159232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.1.7600.16385_none_e55af7609d2857a8\regsvc.dll
[-] 2009-07-14 . E4D94F24081440B5FC5AA556C7C62702 . 159232 . . [6.1.7600.16385] .. c:\windows\system32\regsvc.dll
.
[-] 2010-11-20 . 262F6592C3299C005FD6BEC90FC4463A . 1110016 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7601.17514_none_8d272400ada202f9\schedsvc.dll
[-] 2010-11-20 . 262F6592C3299C005FD6BEC90FC4463A . 1110016 . . [6.1.7600.16385] .. c:\windows\system32\schedsvc.dll
.
[-] 2009-07-14 . 51B52FBD583CDE8AA9BA62B8B4298F33 . 193024 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.1.7600.16385_none_dbbe6492eae9505c\ssdpsrv.dll
[-] 2009-07-14 . 51B52FBD583CDE8AA9BA62B8B4298F33 . 193024 . . [6.1.7600.16385] .. c:\windows\system32\ssdpsrv.dll
.
[-] 2014-10-14 . 6A5B600AD0041E9AF564DE73B716F3D2 . 686592 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.22843_none_ed2d60f8841a8fd8\termsrv.dll
[-] 2014-10-14 . 008CD4EBFABCF78D0F19B3778492648C . 683520 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.18637_none_ecb2935b6af13c52\termsrv.dll
[-] 2014-07-17 . 4FC4C50985E5B840F4D72E57286887B8 . 681984 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.18540_none_eca0bf836affa9bb\termsrv.dll
[-] 2014-07-16 . F4D7114060C034134A440846F411BB7F . 686080 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.22750_none_ed1f8e488425629d\termsrv.dll
[-] 2010-11-20 . 2E648163254233755035B46DD7B89123 . 680960 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll
[-] 2014-10-14 . 008CD4EBFABCF78D0F19B3778492648C . 683520 . . [6.1.7601.17514] .. c:\windows\system32\termsrv.dll
.
[-] 2009-07-14 . 8560FFFC8EB3A806DCD4F82252CFC8C6 . 5120 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7601.17514_none_4627a1cbadebced2\ksuser.dll
[-] 2009-07-14 . 8560FFFC8EB3A806DCD4F82252CFC8C6 . 5120 . . [6.1.7600.16385] .. c:\windows\system32\ksuser.dll
.
[-] 2009-07-14 . E424B3EF666B184CEE0B6871AAA8C9F6 . 8192 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi-painting_31bf3856ad364e35_6.1.7600.16385_none_d360c9c235bd1868\msimg32.dll
[-] 2009-07-14 . E424B3EF666B184CEE0B6871AAA8C9F6 . 8192 . . [6.1.7600.16385] .. c:\windows\system32\msimg32.dll
.
[-] 2013-07-04 . 700BD5A6AA5381D1D8ADC4045149DBF6 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.22376_none_3bee2a494f8638cf\comctl32.dll
[-] 2013-07-04 . 700BD5A6AA5381D1D8ADC4045149DBF6 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.22376_none_ee67d2d082b9f619\comctl32.dll
[-] 2013-07-04 . 75F5E1FE8D55CF8E577E0EC5F2290D3F . 530432 . . [5.82] .. c:\windows\SysWOW64\comctl32.dll
[-] 2013-07-04 . 75F5E1FE8D55CF8E577E0EC5F2290D3F . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18201_none_3bab3b80363456bb\comctl32.dll
[-] 2013-07-04 . 75F5E1FE8D55CF8E577E0EC5F2290D3F . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
[-] 2010-11-20 . BDAC1AA64495D0F7E1FF810EBBF1F018 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_3ba388ec36399c85\comctl32.dll
[-] 2010-11-20 . BDAC1AA64495D0F7E1FF810EBBF1F018 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
[-] 2010-11-20 . 352B3DC62A0D259A82A052238425C872 . 1680896 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
.
[-] 2014-10-30 . 3031B5DC2A58A7BCE6651EA9B7DD6390 . 145920 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22856_none_78674e03124dbd1f\cryptsvc.dll
[-] 2014-07-07 . 623E143F2DF17C0106A9988F5D7DC878 . 143872 . . [6.1.7600.16385] .. c:\windows\SysWOW64\cryptsvc.dll
[-] 2014-07-07 . 623E143F2DF17C0106A9988F5D7DC878 . 143872 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18526_none_77fe1d2ff917cf34\cryptsvc.dll
[-] 2013-10-05 . F2D9242C3BBD1C36467FCAE1AE01733F . 142848 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
[-] 2013-07-09 . 6DB499DEFCC827317C5371164A7CDB27 . 142848 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[-] 2013-07-09 . 7CA1BECEA5DE2643ADDAD32670E7A4C9 . 140288 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[-] 2013-05-13 . 3897DFF247D9ED0006190349DE264E14 . 140288 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[-] 2013-05-11 . AC04D05309BB2C418D0D80B9FB014642 . 142848 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[-] 2013-05-10 . E122AA1C9A3CC46FF9DDDE46E5EB0C58 . 142848 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[-] 2013-05-10 . 33ADF6E0853AB39EA1723BE82842C1D3 . 140288 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[-] 2012-06-02 . 063DD65889D21035311463337BD268E7 . 142336 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[-] 2012-06-02 . 96C0E38905CFD788313BE8E11DAE3F2F . 140288 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[-] 2010-11-20 . A585BEBF7D054BD9618EDA0922D5484A . 136192 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
.
[-] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] .. c:\windows\SysWOW64\es.dll
[-] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll
.
[-] 2010-11-20 . A6F09E5669D9A19035F6D942CAA15882 . 119808 . . [6.1.7601.17514] .. c:\windows\SysWOW64\imm32.dll
[-] 2010-11-20 . A6F09E5669D9A19035F6D942CAA15882 . 119808 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7601.17514_none_c4d0cdd7c56b493e\imm32.dll
.
[-] 2014-04-12 . C8C41EBEE097FEB29FB816854D3AD1E7 . 1114112 . . [6.1.7601.22653] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_fc95db0bba8ae4c2\kernel32.dll
[-] 2014-03-04 . 866696FBE24914047462E34812169954 . 1114112 . . [6.1.7601.22616] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22616_none_fcc41b99ba67c103\kernel32.dll
[-] 2014-03-04 . 76161B9D78A275F8F28DD67436013110 . 1114112 . . [6.1.7601.18015] .. c:\windows\SysWOW64\kernel32.dll
[-] 2014-03-04 . 76161B9D78A275F8F28DD67436013110 . 1114112 . . [6.1.7601.18015] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_fc484db2a13f5426\kernel32.dll
[-] 2013-08-29 . EE751CBD5D0C332FDF3DF7187B612416 . 1114112 . . [6.1.7601.22436] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22436_none_fcae77f5ba77fe97\kernel32.dll
[-] 2013-08-02 . 61579F821AB5FF7FA2966D64D1070BA8 . 1114112 . . [6.1.7601.22411] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22411_none_fcbf165bba6c4802\kernel32.dll
[-] 2013-08-02 . 365A5034093AD9E04F433046C4CDF6AB . 1114112 . . [6.1.7601.18229] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18229_none_fc32aa0ea14f91ba\kernel32.dll
[-] 2012-11-30 . 9CC2571E3646B9A24296AD7ADCC71682 . 1114112 . . [6.1.7601.22177] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_fc8432ddba97903d\kernel32.dll
[-] 2012-11-30 . AC0B6F41882FC6ED186962D770EBF1D2 . 1114112 . . [6.1.7601.18015] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_fc397506a14b161f\kernel32.dll
[-] 2010-11-20 . E80758CF485DB142FCA1EE03A34EAD05 . 837632 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_fc389502a14bd4ea\kernel32.dll
.
[-] 2009-07-14 . 5987EA8A82C53359BCD2C29D6588583E . 22016 . . [6.1.7600.16385] .. c:\windows\SysWOW64\linkinfo.dll
[-] 2009-07-14 . 5987EA8A82C53359BCD2C29D6588583E . 22016 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_9eaece15f365da54\linkinfo.dll
.
[-] 2013-06-06 . 84CA3579EEB69D8E1EE67E4F721BF71C . 25600 . . [6.1.7601.22350] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_12a807b2bec875e6\lpk.dll
[-] 2013-06-06 . CC23295DA8F7B5C53F93804D2F5D30EB . 25600 . . [6.1.7601.18177] .. c:\windows\SysWOW64\lpk.dll
[-] 2013-06-06 . CC23295DA8F7B5C53F93804D2F5D30EB . 25600 . . [6.1.7601.18177] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18177_none_120fcb2fa5b4c238\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_124dc839a586a988\lpk.dll
.
[-] 2014-11-22 . 220505B0B3E96C857DD01729AF0CD369 . 19749376 . . [11.00.9600.17496] .. c:\windows\SysWOW64\mshtml.dll
[-] 2014-11-22 . 220505B0B3E96C857DD01729AF0CD369 . 19749376 . . [11.00.9600.17496] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17501_none_ffe2a0da6ba1a1c0\mshtml.dll
[-] 2014-11-06 . 93074C4FA92A8399404D032F6AF72C1B . 19781632 . . [11.00.9600.17496] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17420_none_ffef88226b979edc\mshtml.dll
[-] 2014-09-19 . F91E55DA404B834648A3B0A2477C10DB . 17484800 . . [11.00.9600.17496] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17358_none_fffca2ac6b8d9bf8\mshtml.dll
[-] 2014-08-18 . 7BF1CE9240CB9DD27C3E30733176EB8E . 17455104 . . [11.00.9600.17496] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17280_none_000b29b66b81ff04\mshtml.dll
[-] 2014-07-25 . 8453DDF167CE2986AA4AB04BC6824925 . 17524224 . . [11.00.9600.17496] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17239_none_00055b3c6b8766fa\mshtml.dll
[-] 2014-06-19 . DFA59840BB1220AFD261FDAE83543959 . 17276416 . . [11.00.9600.17207] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17207_none_000287ee6b89e7b3\mshtml.dll
[-] 2014-05-30 . D5ECBB3BFDC73A59440D9CA79AB3A342 . 17271296 . . [11.00.9600.17126] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17126_none_000f6f366b7fe4cf\mshtml.dll
[-] 2014-05-06 . EB5347F6149D3FF25F4D609A21A3BD67 . 17382912 . . [11.00.9600.17107] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17107_none_000d57da6b81cbc2\mshtml.dll
[-] 2014-04-29 . 5869FBC754578A59C8C8635B99DB79DE . 17384448 . . [11.00.9600.17105] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17105_none_000d856a6b819880\mshtml.dll
[-] 2014-03-30 . CCF19C82F6145E4A467F7CB9AF82026C . 17073152 . . [11.00.9600.16659] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16659_none_ffdc1a3a6ba60c45\mshtml.dll
[-] 2014-03-06 . EA85144F35EDE6EE25C484D4242FF2C8 . 17387008 . . [11.00.9600.17041] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17041_none_001cb19e6b757b67\mshtml.dll
[-] 2014-03-01 . 70462E0A4E293FC80620AB945D8A59BB . 17074688 . . [11.00.9600.16521] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16521_none_ffe49f886b9fd747\mshtml.dll
[-] 2014-02-06 . C863E5A2417DF0F2A31ED32C3B2CB23F . 17103872 . . [11.00.9600.16518] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16518_none_ffe2ffc66ba17157\mshtml.dll
[-] 2013-11-26 . BFAFE990C4A191E83843362B5AC64A9B . 17112576 . . [11.00.9600.16476] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16476_none_fff3fefe6b93ba2e\mshtml.dll
[-] 2013-11-13 . F9F114B2A6F876C92D317A755494F233 . 17142784 . . [11.00.9600.16428] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16428_none_ffeecffc6b986ebd\mshtml.dll
.
[-] 2011-12-16 . 2F740C4B458331357E825E94AFB0953A . 690688 . . [7.0.7601.21878] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_d3a962431672ddd2\msvcrt.dll
[-] 2011-12-16 . 9DC80A8AAAAAC397BDAB3C67165A824E . 690688 . . [7.0.7601.17744] .. c:\windows\SysWOW64\msvcrt.dll
[-] 2011-12-16 . 9DC80A8AAAAAC397BDAB3C67165A824E . 690688 . . [7.0.7601.17744] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_d33c3413fd4084d9\msvcrt.dll
[-] 2009-07-14 . E46D48A7FE961401F1CBF85531CDF05D . 690688 . . [7.0.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_d12b8c440039b31e\msvcrt.dll
.
[-] 2013-09-08 . E94C583CDE2348950155F2AF2876F34D . 231424 . . [6.1.7600.16385] .. c:\windows\SysWOW64\mswsock.dll
[-] 2013-09-08 . E94C583CDE2348950155F2AF2876F34D . 231424 . . [6.1.7601.18254] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_ba2f64c78bae6989\mswsock.dll
[-] 2013-09-07 . 6547D445C4B69DC0083B619AC642DF04 . 231424 . . [6.1.7601.22444] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_bac3d364a4c3ea89\mswsock.dll
[-] 2010-11-20 . 8999B8631C7FD9F7F9EC3CAFD953BA24 . 232448 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll
.
[-] 2010-11-20 . C1809B9907ADEDAF16F50C894100883B . 563712 . . [6.1.7600.16385] .. c:\windows\SysWOW64\netlogon.dll
[-] 2010-11-20 . C1809B9907ADEDAF16F50C894100883B . 563712 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
.
[-] 2009-07-14 . 08DFDBD2FD4EA951DC46B1C7661ED35A . 145408 . . [6.1.7600.16385] .. c:\windows\SysWOW64\powrprof.dll
[-] 2009-07-14 . 08DFDBD2FD4EA951DC46B1C7661ED35A . 145408 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_a2eff4845e2bf4e2\powrprof.dll
.
[-] 2010-11-20 . 8124944EC89D6A1815E4E53F5B96AAF4 . 175616 . . [6.1.7600.16385] .. c:\windows\SysWOW64\scecli.dll
[-] 2010-11-20 . 8124944EC89D6A1815E4E53F5B96AAF4 . 175616 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
.
[-] 2009-07-14 . 40CAEEE0EAF1B8569F7C8DF6420F2CB9 . 2560 . . [6.1.7600.16385] .. c:\windows\SysWOW64\sfc.dll
[-] 2009-07-14 . 40CAEEE0EAF1B8569F7C8DF6420F2CB9 . 2560 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_a70c196fbd853ae9\sfc.dll
.
[-] 2009-07-14 . 54A47F6B5E09A77E61649109C6A08866 . 20992 . . [6.1.7600.16385] .. c:\windows\SysWOW64\svchost.exe
[-] 2009-07-14 . 54A47F6B5E09A77E61649109C6A08866 . 20992 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
.
[-] 2010-11-20 . 613BF4820361543956909043A265C6AC . 242176 . . [6.1.7600.16385] .. c:\windows\SysWOW64\tapisrv.dll
[-] 2010-11-20 . 613BF4820361543956909043A265C6AC . 242176 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7601.17514_none_e54442c74334b18a\tapisrv.dll
.
[-] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[-] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
[-] 2010-11-20 . 61AC3EFDFACFDD3F0F11DD4FD4044223 . 26624 . . [6.1.7600.16385] .. c:\windows\SysWOW64\userinit.exe
[-] 2010-11-20 . 61AC3EFDFACFDD3F0F11DD4FD4044223 . 26624 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
[-] 2014-11-22 . 5E4E0E43E0A5BF9F089696DFA7A3D677 . 1888256 . . [11.00.9600.16428] .. c:\windows\SysWOW64\wininet.dll
[-] 2014-11-22 . 5E4E0E43E0A5BF9F089696DFA7A3D677 . 1888256 . . [11.00.9600.17496] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17501_none_88153be5fe8d0559\wininet.dll
[-] 2014-11-06 . 6DD7D61A8EF3DFEC4FAEFEB395E77424 . 1892864 . . [11.00.9600.17420] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17420_none_8822232dfe830275\wininet.dll
[-] 2014-09-18 . 7AE80F921027CF88CB9D0433088A3E55 . 1810944 . . [11.00.9600.17344] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17358_none_882f3db7fe78ff91\wininet.dll
[-] 2014-08-18 . D58988722C72D265B51A54103DFC2C6F . 1812992 . . [11.00.9600.17280] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17280_none_883dc4c1fe6d629d\wininet.dll
[-] 2014-07-25 . B945BAA81B4805AD6BDDF4D026DCFB47 . 1792512 . . [11.00.9600.17239] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17239_none_8837f647fe72ca93\wininet.dll
[-] 2014-06-18 . CCC198257901BEEA2FBF8EB1E7678356 . 1791488 . . [11.00.9600.17207] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17207_none_883522f9fe754b4c\wininet.dll
[-] 2014-05-30 . 771CDBC3D62437D6DB070820BB1EDCCF . 1790976 . . [11.00.9600.17126] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17126_none_88420a41fe6b4868\wininet.dll
[-] 2014-03-06 . E4E829EE073E046B0EB19B5FECB19B8C . 1789440 . . [11.00.9600.17041] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17041_none_884f4ca9fe60df00\wininet.dll
[-] 2014-03-01 . AAFEAB4FC9D70253F8C7E353E879E8A2 . 1820160 . . [11.00.9600.16521] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16521_none_88173a93fe8b3ae0\wininet.dll
[-] 2014-02-06 . 9C89246184979A070B0C6CCF61C68136 . 1820160 . . [11.00.9600.16518] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16518_none_88159ad1fe8cd4f0\wininet.dll
[-] 2013-11-26 . 927FA6456AD6D7630F6854828D2FD16B . 1820160 . . [11.00.9600.16476] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16476_none_88269a09fe7f1dc7\wininet.dll
[-] 2013-11-13 . B5EB5BD3066959611E1F7A80FD6CC172 . 1818112 . . [11.00.9600.16428] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16428_none_88216b07fe83d256\wininet.dll
[-] 2010-11-20 . 44214C94911C7CFB1D52CB64D5E8368D . 980992 . . [8.00.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll
.
[-] 2010-11-20 . 7FF15A4F092CD4A96055BA69F903E3E9 . 206848 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ws2_32.dll
[-] 2010-11-20 . 7FF15A4F092CD4A96055BA69F903E3E9 . 206848 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
.
[-] 2009-07-14 . 808AABDF9337312195CAFF76D1804786 . 4608 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ws2help.dll
[-] 2009-07-14 . 808AABDF9337312195CAFF76D1804786 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\ws2help.dll
.
[-] 2011-11-03 . 332FEAB1435662FC6C672E25BEB37BE3 . 2871808 . . [6.1.7600.16385] .. c:\windows\explorer.exe
[-] 2011-11-03 . 332FEAB1435662FC6C672E25BEB37BE3 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[-] 2011-11-03 . 3B69712041F3D63605529BD66DC00C48 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[-] 2010-11-20 . AC4C51EB24AA95B77F705AB159189E24 . 2872320 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
.
[-] 2009-07-14 . 2E2C937846A0B8789E5E91739284D17A . 427008 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[-] 2009-07-14 . 2E2C937846A0B8789E5E91739284D17A . 398336 . . [6.1.7600.16385] .. c:\windows\regedit.exe
.
[-] 2010-11-20 . 928CF7268086631F54C3D8E17238C6DD . 1414144 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ole32.dll
[-] 2010-11-20 . 928CF7268086631F54C3D8E17238C6DD . 1414144 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_ae2511475093798f\ole32.dll
.
[-] 2014-04-25 . A5F833506BF6A1B5D693E1499DEE2444 . 626688 . . [1.0626.7601.18454] .. c:\windows\SysWOW64\usp10.dll
[-] 2014-04-25 . A5F833506BF6A1B5D693E1499DEE2444 . 626688 . . [1.0626.7601.18454] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18454_none_aed68a9bb6df0577\usp10.dll
[-] 2014-04-25 . 5A7B3405C2AAE5369F6CB42FE248FBB0 . 626688 . . [1.0626.7601.22666] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22666_none_af5759f4d002f107\usp10.dll
[-] 2010-11-20 . 804AAAFEBB3AD5F49334DD906BCB1DE5 . 626176 . . [1.0626.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_af01e2f9b6be7939\usp10.dll
.
[-] 2009-07-14 . 9C67F6BBDA3881CFD02095160CF91576 . 4608 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ksuser.dll
[-] 2009-07-14 . 9C67F6BBDA3881CFD02095160CF91576 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7601.17514_none_ea090647f58e5d9c\ksuser.dll
.
[-] 2009-07-14 . 4A3CDCEF8ED41B221F3DBEF5792FB52D . 8704 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ctfmon.exe
[-] 2009-07-14 . 4A3CDCEF8ED41B221F3DBEF5792FB52D . 8704 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe
.
[-] 2010-11-20 . 414DA952A35BF5D50192E28263B40577 . 328192 . . [6.1.7600.16385] .. c:\windows\SysWOW64\shsvcs.dll
[-] 2010-11-20 . 414DA952A35BF5D50192E28263B40577 . 328192 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7601.17514_none_35ab0ceb67ede31e\shsvcs.dll
.
[-] 2009-07-14 . 18AB2E5A40064ED5F7791AC5946A90F3 . 4608 . . [6.1.7600.16385] .. c:\windows\SysWOW64\msimg32.dll
[-] 2009-07-14 . 18AB2E5A40064ED5F7791AC5946A90F3 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.1.7600.16385_none_77422e3e7d5fa732\msimg32.dll
.
[-] 2009-07-14 . 50BA656134F78AF64E4DD3C8B6FEFD7E . 12288 . . [6.1.7600.16385] .. c:\windows\SysWOW64\cngaudit.dll
[-] 2009-07-14 . 50BA656134F78AF64E4DD3C8B6FEFD7E . 12288 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
.
[-] 2009-07-14 . B5C5DCAD3899512020D135600129D665 . 96256 . . [6.1.7600.16385] .. c:\windows\SysWOW64\wininit.exe
[-] 2009-07-14 . B5C5DCAD3899512020D135600129D665 . 96256 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
.
[-] 2009-07-14 . A1E91B5B5273573FC132B683E550B5E6 . 19456 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ias.dll
[-] 2009-07-14 . A1E91B5B5273573FC132B683E550B5E6 . 19456 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.1.7601.17514_none_fb08448fa0c85c23\ias.dll
.
[-] 2010-11-20 12:19 . AB9EB3745B03AE67AB241A82338DEA7B . 954288 . . [4.1.6140] .. c:\windows\SysWOW64\mfc40u.dll
[-] 2010-11-20 12:19 . AB9EB3745B03AE67AB241A82338DEA7B . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7601.17514_none_f51a7bf0b3d25294\mfc40u.dll
.
[-] 2009-07-14 . 833FBB672460EFCE8011D262175FAD33 . 266752 . . [6.1.7600.16385] .. c:\windows\SysWOW64\upnphost.dll
[-] 2009-07-14 . 833FBB672460EFCE8011D262175FAD33 . 266752 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.1.7600.16385_none_2831d06e8295c671\upnphost.dll
.
[-] 2009-07-14 . 0E85C11F8850D524B02181C6E02BA9AE . 453632 . . [6.1.7600.16385] .. c:\windows\SysWOW64\dsound.dll
[-] 2009-07-14 . 0E85C11F8850D524B02181C6E02BA9AE . 453632 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.1.7600.16385_none_5872147ba3367471\dsound.dll
.
[-] 2010-11-20 . 6EF5F3F18413C367195F06E503AB86A6 . 1828352 . . [6.1.7601.17514] .. c:\windows\SysWOW64\d3d9.dll
[-] 2010-11-20 . 6EF5F3F18413C367195F06E503AB86A6 . 1828352 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_c454d690bf084f04\d3d9.dll
.
[-] 2009-07-14 . 198552AEFECA69D646867EC8D792DE95 . 531968 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ddraw.dll
[-] 2009-07-14 . 198552AEFECA69D646867EC8D792DE95 . 531968 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.1.7600.16385_none_04dbf9102154d42e\ddraw.dll
.
[-] 2010-11-20 12:20 . 703FFD301AB900B047337C5D40FD6F96 . 90112 . . [6.1.7601.17514] .. c:\windows\SysWOW64\olepro32.dll
[-] 2010-11-20 12:20 . 703FFD301AB900B047337C5D40FD6F96 . 90112 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.1.7601.17514_none_3c1b247e5ff65f89\olepro32.dll
.
[-] 2009-07-14 . EDD2AD141DEBD425D74A52A4D7BE6AC4 . 39424 . . [6.1.7600.16385] .. c:\windows\SysWOW64\perfctrs.dll
[-] 2009-07-14 . EDD2AD141DEBD425D74A52A4D7BE6AC4 . 39424 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.1.7600.16385_none_97bcd9bcab2b9b3a\perfctrs.dll
.
[-] 2009-07-14 . 702254574E7E52052DE39408457B7149 . 21504 . . [6.1.7600.16385] .. c:\windows\SysWOW64\version.dll
[-] 2009-07-14 . 702254574E7E52052DE39408457B7149 . 21504 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.1.7600.16385_none_14d4a552b2395165\version.dll
.
[-] 2009-07-14 . 5A12C364AD1D4FCC0AD0E56DBBC34462 . 16896 . . [6.1.7600.16385] .. c:\windows\SysWOW64\midimap.dll
[-] 2009-07-14 . 5A12C364AD1D4FCC0AD0E56DBBC34462 . 16896 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.1.7600.16385_none_8cd41e2771e37717\midimap.dll
.
[-] 2009-07-14 . ED6EE83D61EBC683C2CD8E899EA6FEBE . 11776 . . [6.1.7600.16385] .. c:\windows\SysWOW64\rasadhlp.dll
[-] 2009-07-14 . ED6EE83D61EBC683C2CD8E899EA6FEBE . 11776 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_76239aafb364e805\rasadhlp.dll
.
[-] 2009-07-14 . EE5C8E27C37B79CB54A2FCEEED2DC262 . 9216 . . [6.1.7600.16385] .. c:\windows\SysWOW64\WSHTCPIP.DLL
[-] 2009-07-14 . EE5C8E27C37B79CB54A2FCEEED2DC262 . 9216 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.1.7600.16385_none_cb895be592db1acb\WSHTCPIP.DLL
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-11-03 3331312]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-07-21 5716608]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-09-13 2317312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-11-3 549040]
FancyStart daemon.lnk - c:\windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe -d [2012-3-15 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe

S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe

S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe

S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys

S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys

S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys

S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys

.
.
Contents of the 'Scheduled Tasks' folder
.
2014-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-17 23:18]
.
2014-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-04 03:13]
.
2014-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-04 03:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09   227840   ----a-w-   c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09   227840   ----a-w-   c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-15 2779024]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-30 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-30 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-30 442328]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://blank/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} - hxxp://pcmls.com/5.12.05.35765/Control/IRCSharc.cab
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-12-12  08:34:33
ComboFix-quarantined-files.txt  2014-12-12 15:34
.
Pre-Run: 66,855,473,152 bytes free
Post-Run: 67,849,912,320 bytes free
.
- - End Of File - - 6404ECAAFFD52E461EEDFC11C54CEF3F

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27056
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] MS Defender will not start or reload
« Reply #8 on: December 12, 2014, 03:54:13 PM »
While I am going thru that log, I would like you to run a system file check. That will take care of the driver issue.

Click on the start button then all programs, then accessories and then right click on Command Prompt and select run as admin. Then type in sfc /scannow and hit enter. Then once that is done type in findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >cbs.txt and hit enter. Once that is done (should take seconds) type in cbs.txt and hit enter. Copy the text and paste it up here.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline Kevin1961

  • Bronze Member
  • Posts: 17
Re: [In Progress] MS Defender will not start or reload
« Reply #9 on: December 12, 2014, 04:26:14 PM »
2014-12-10 18:23:59, Info                  CSI    00000009 [SR] Verifying 1 components
2014-12-10 18:23:59, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2014-12-10 18:23:59, Info                  CSI    0000000c [SR] Verify complete
2014-12-10 18:23:59, Info                  CSI    0000000d [SR] Verifying 1 components
2014-12-10 18:23:59, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2014-12-10 18:23:59, Info                  CSI    00000010 [SR] Verify complete
2014-12-10 18:23:59, Info                  CSI    00000011 [SR] Verifying 1 components
2014-12-10 18:23:59, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2014-12-10 18:23:59, Info                  CSI    00000014 [SR] Verify complete
2014-12-10 18:23:59, Info                  CSI    00000015 [SR] Verifying 1 components
2014-12-10 18:23:59, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2014-12-10 18:23:59, Info                  CSI    00000018 [SR] Verify complete
2014-12-10 18:24:00, Info                  CSI    00000019 [SR] Verifying 1 components
2014-12-10 18:24:00, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:00, Info                  CSI    0000001c [SR] Verify complete
2014-12-10 18:24:00, Info                  CSI    0000001d [SR] Verifying 1 components
2014-12-10 18:24:00, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:00, Info                  CSI    00000020 [SR] Verify complete
2014-12-10 18:24:00, Info                  CSI    00000021 [SR] Verifying 1 components
2014-12-10 18:24:00, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:00, Info                  CSI    00000024 [SR] Verify complete
2014-12-10 18:24:00, Info                  CSI    00000025 [SR] Verifying 1 components
2014-12-10 18:24:00, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:00, Info                  CSI    00000028 [SR] Verify complete
2014-12-10 18:24:00, Info                  CSI    00000029 [SR] Verifying 1 components
2014-12-10 18:24:00, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:00, Info                  CSI    0000002c [SR] Verify complete
2014-12-10 18:24:00, Info                  CSI    0000002d [SR] Verifying 1 components
2014-12-10 18:24:00, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:00, Info                  CSI    00000030 [SR] Verify complete
2014-12-10 18:24:00, Error                 CSI    00000031 (F) [SR] Component not found: Microsoft-Windows-Security-SPP-Client, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral[gle=0x80004005]
2014-12-10 18:24:03, Error                 CSI    00000033 (F) [SR] Component not found: Microsoft-Windows-Security-SPP-Client, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral[gle=0x80004005]
2014-12-10 18:24:03, Info                  CSI    00000035 [SR] Verifying 1 components
2014-12-10 18:24:03, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:03, Info                  CSI    00000038 [SR] Verify complete
2014-12-10 18:24:03, Info                  CSI    00000039 [SR] Verifying 1 components
2014-12-10 18:24:03, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:03, Info                  CSI    0000003c [SR] Verify complete
2014-12-10 18:24:03, Info                  CSI    0000003d [SR] Verifying 1 components
2014-12-10 18:24:03, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:03, Info                  CSI    00000040 [SR] Verify complete
2014-12-10 18:24:03, Info                  CSI    00000041 [SR] Verifying 1 components
2014-12-10 18:24:03, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:03, Info                  CSI    00000044 [SR] Verify complete
2014-12-10 18:24:03, Info                  CSI    00000045 [SR] Verifying 1 components
2014-12-10 18:24:03, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:03, Info                  CSI    00000048 [SR] Verify complete
2014-12-10 18:24:03, Info                  CSI    00000049 [SR] Verifying 1 components
2014-12-10 18:24:03, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:03, Info                  CSI    0000004c [SR] Verify complete
2014-12-10 18:24:03, Error                 CSI    0000004d (F) [SR] Component not found: Microsoft-Windows-Security-SPP-UX, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral[gle=0x80004005]
2014-12-10 18:24:03, Info                  CSI    0000004f [SR] Verifying 1 components
2014-12-10 18:24:03, Info                  CSI    00000050 [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:03, Info                  CSI    00000052 [SR] Verify complete
2014-12-10 18:24:03, Info                  CSI    00000053 [SR] Verifying 1 components
2014-12-10 18:24:03, Info                  CSI    00000054 [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:03, Info                  CSI    00000056 [SR] Verify complete
2014-12-10 18:24:03, Info                  CSI    00000057 [SR] Verifying 1 components
2014-12-10 18:24:03, Info                  CSI    00000058 [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:03, Info                  CSI    0000005a [SR] Verify complete
2014-12-10 18:24:03, Info                  CSI    0000005b [SR] Verifying 1 components
2014-12-10 18:24:03, Info                  CSI    0000005c [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:04, Info                  CSI    0000005e [SR] Verify complete
2014-12-10 18:24:04, Info                  CSI    0000005f [SR] Verifying 1 components
2014-12-10 18:24:04, Info                  CSI    00000060 [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:04, Info                  CSI    00000062 [SR] Verify complete
2014-12-10 18:24:04, Info                  CSI    00000063 [SR] Verifying 1 components
2014-12-10 18:24:04, Info                  CSI    00000064 [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:04, Info                  CSI    00000066 [SR] Verify complete
2014-12-10 18:24:04, Info                  CSI    00000067 [SR] Verifying 1 components
2014-12-10 18:24:04, Info                  CSI    00000068 [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:04, Info                  CSI    0000006a [SR] Verify complete
2014-12-10 18:24:04, Error                 CSI    0000006b (F) [SR] Component not found: Microsoft-Windows-Security-SPP-UX, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral[gle=0x80004005]
2014-12-10 18:24:04, Error                 CSI    0000006d (F) [SR] Component not found: Microsoft-Windows-Security-SPP-UX, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral[gle=0x80004005]
2014-12-10 18:24:04, Info                  CSI    0000006f [SR] Verifying 1 components
2014-12-10 18:24:04, Info                  CSI    00000070 [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:04, Info                  CSI    00000072 [SR] Verify complete
2014-12-10 18:24:04, Info                  CSI    00000073 [SR] Verifying 1 components
2014-12-10 18:24:04, Info                  CSI    00000074 [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:04, Info                  CSI    00000076 [SR] Verify complete
2014-12-10 18:24:04, Info                  CSI    00000077 [SR] Verifying 1 components
2014-12-10 18:24:04, Info                  CSI    00000078 [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:04, Info                  CSI    0000007a [SR] Verify complete
2014-12-10 18:24:04, Info                  CSI    0000007b [SR] Verifying 1 components
2014-12-10 18:24:04, Info                  CSI    0000007c [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:04, Info                  CSI    0000007e [SR] Verify complete
2014-12-10 18:24:04, Info                  CSI    0000007f [SR] Verifying 1 components
2014-12-10 18:24:04, Info                  CSI    00000080 [SR] Beginning Verify and Repair transaction
2014-12-10 18:24:05, Info                  CSI    00000082 [SR] Verify complete
2014-12-11 08:28:15, Info                  CSI    00000009 [SR] Verifying 1 components
2014-12-11 08:28:15, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:15, Info                  CSI    0000000c [SR] Verify complete
2014-12-11 08:28:15, Info                  CSI    0000000d [SR] Verifying 1 components
2014-12-11 08:28:15, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:15, Info                  CSI    00000010 [SR] Verify complete
2014-12-11 08:28:15, Info                  CSI    00000011 [SR] Verifying 1 components
2014-12-11 08:28:15, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:15, Info                  CSI    00000014 [SR] Verify complete
2014-12-11 08:28:15, Info                  CSI    00000015 [SR] Verifying 1 components
2014-12-11 08:28:15, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:15, Info                  CSI    00000018 [SR] Verify complete
2014-12-11 08:28:15, Info                  CSI    00000019 [SR] Verifying 1 components
2014-12-11 08:28:15, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:15, Info                  CSI    0000001c [SR] Verify complete
2014-12-11 08:28:15, Info                  CSI    0000001d [SR] Verifying 1 components
2014-12-11 08:28:15, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:15, Info                  CSI    00000020 [SR] Verify complete
2014-12-11 08:28:16, Info                  CSI    00000021 [SR] Verifying 1 components
2014-12-11 08:28:16, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:16, Info                  CSI    00000024 [SR] Verify complete
2014-12-11 08:28:16, Info                  CSI    00000025 [SR] Verifying 1 components
2014-12-11 08:28:16, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:16, Info                  CSI    00000028 [SR] Verify complete
2014-12-11 08:28:16, Info                  CSI    00000029 [SR] Verifying 1 components
2014-12-11 08:28:16, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:16, Info                  CSI    0000002c [SR] Verify complete
2014-12-11 08:28:16, Info                  CSI    0000002d [SR] Verifying 1 components
2014-12-11 08:28:16, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:16, Info                  CSI    00000030 [SR] Verify complete
2014-12-11 08:28:16, Error                 CSI    00000031 (F) [SR] Component not found: Microsoft-Windows-Security-SPP-Client, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral[gle=0x80004005]
2014-12-11 08:28:19, Error                 CSI    00000033 (F) [SR] Component not found: Microsoft-Windows-Security-SPP-Client, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral[gle=0x80004005]
2014-12-11 08:28:19, Info                  CSI    00000035 [SR] Verifying 1 components
2014-12-11 08:28:19, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:19, Info                  CSI    00000038 [SR] Verify complete
2014-12-11 08:28:19, Info                  CSI    00000039 [SR] Verifying 1 components
2014-12-11 08:28:19, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:19, Info                  CSI    0000003c [SR] Verify complete
2014-12-11 08:28:19, Info                  CSI    0000003d [SR] Verifying 1 components
2014-12-11 08:28:19, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:19, Info                  CSI    00000040 [SR] Verify complete
2014-12-11 08:28:19, Info                  CSI    00000041 [SR] Verifying 1 components
2014-12-11 08:28:19, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:19, Info                  CSI    00000044 [SR] Verify complete
2014-12-11 08:28:19, Info                  CSI    00000045 [SR] Verifying 1 components
2014-12-11 08:28:19, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:19, Info                  CSI    00000048 [SR] Verify complete
2014-12-11 08:28:19, Info                  CSI    00000049 [SR] Verifying 1 components
2014-12-11 08:28:19, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:19, Info                  CSI    0000004c [SR] Verify complete
2014-12-11 08:28:19, Error                 CSI    0000004d (F) [SR] Component not found: Microsoft-Windows-Security-SPP-UX, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral[gle=0x80004005]
2014-12-11 08:28:19, Info                  CSI    0000004f [SR] Verifying 1 components
2014-12-11 08:28:19, Info                  CSI    00000050 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:19, Info                  CSI    00000052 [SR] Verify complete
2014-12-11 08:28:19, Info                  CSI    00000053 [SR] Verifying 1 components
2014-12-11 08:28:19, Info                  CSI    00000054 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:19, Info                  CSI    00000056 [SR] Verify complete
2014-12-11 08:28:19, Info                  CSI    00000057 [SR] Verifying 1 components
2014-12-11 08:28:19, Info                  CSI    00000058 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:19, Info                  CSI    0000005a [SR] Verify complete
2014-12-11 08:28:19, Info                  CSI    0000005b [SR] Verifying 1 components
2014-12-11 08:28:19, Info                  CSI    0000005c [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:19, Info                  CSI    0000005e [SR] Verify complete
2014-12-11 08:28:19, Info                  CSI    0000005f [SR] Verifying 1 components
2014-12-11 08:28:19, Info                  CSI    00000060 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:20, Info                  CSI    00000062 [SR] Verify complete
2014-12-11 08:28:20, Info                  CSI    00000063 [SR] Verifying 1 components
2014-12-11 08:28:20, Info                  CSI    00000064 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:20, Info                  CSI    00000066 [SR] Verify complete
2014-12-11 08:28:20, Info                  CSI    00000067 [SR] Verifying 1 components
2014-12-11 08:28:20, Info                  CSI    00000068 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:20, Info                  CSI    0000006a [SR] Verify complete
2014-12-11 08:28:20, Error                 CSI    0000006b (F) [SR] Component not found: Microsoft-Windows-Security-SPP-UX, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral[gle=0x80004005]
2014-12-11 08:28:20, Error                 CSI    0000006d (F) [SR] Component not found: Microsoft-Windows-Security-SPP-UX, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral[gle=0x80004005]
2014-12-11 08:28:20, Info                  CSI    0000006f [SR] Verifying 1 components
2014-12-11 08:28:20, Info                  CSI    00000070 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:20, Info                  CSI    00000072 [SR] Verify complete
2014-12-11 08:28:20, Info                  CSI    00000073 [SR] Verifying 1 components
2014-12-11 08:28:20, Info                  CSI    00000074 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:20, Info                  CSI    00000076 [SR] Verify complete
2014-12-11 08:28:20, Info                  CSI    00000077 [SR] Verifying 1 components
2014-12-11 08:28:20, Info                  CSI    00000078 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:20, Info                  CSI    0000007a [SR] Verify complete
2014-12-11 08:28:20, Info                  CSI    0000007b [SR] Verifying 1 components
2014-12-11 08:28:20, Info                  CSI    0000007c [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:20, Info                  CSI    0000007e [SR] Verify complete
2014-12-11 08:28:20, Info                  CSI    0000007f [SR] Verifying 1 components
2014-12-11 08:28:20, Info                  CSI    00000080 [SR] Beginning Verify and Repair transaction
2014-12-11 08:28:20, Info                  CSI    00000082 [SR] Verify complete
2014-12-12 15:07:56, Info                  CSI    00000009 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:07:56, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2014-12-12 15:07:58, Info                  CSI    0000000c [SR] Verify complete
2014-12-12 15:07:58, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:07:58, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:00, Info                  CSI    00000010 [SR] Verify complete
2014-12-12 15:08:00, Info                  CSI    00000011 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:00, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:01, Info                  CSI    00000014 [SR] Verify complete
2014-12-12 15:08:02, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:02, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:03, Info                  CSI    00000018 [SR] Verify complete
2014-12-12 15:08:03, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:03, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:05, Info                  CSI    0000001c [SR] Verify complete
2014-12-12 15:08:05, Info                  CSI    0000001d [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:05, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:06, Info                  CSI    00000020 [SR] Verify complete
2014-12-12 15:08:06, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:06, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:08, Info                  CSI    00000024 [SR] Verify complete
2014-12-12 15:08:08, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:08, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:10, Info                  CSI    00000028 [SR] Verify complete
2014-12-12 15:08:10, Info                  CSI    00000029 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:10, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:11, Info                  CSI    0000002c [SR] Verify complete
2014-12-12 15:08:11, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:11, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:13, Info                  CSI    00000030 [SR] Verify complete
2014-12-12 15:08:13, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:13, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:15, Info                  CSI    00000034 [SR] Verify complete
2014-12-12 15:08:16, Info                  CSI    00000035 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:16, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:18, Info                  CSI    00000038 [SR] Verify complete
2014-12-12 15:08:18, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:18, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:20, Info                  CSI    0000003c [SR] Verify complete
2014-12-12 15:08:20, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:20, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:23, Info                  CSI    00000040 [SR] Verify complete
2014-12-12 15:08:23, Info                  CSI    00000041 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:23, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:25, Info                  CSI    00000044 [SR] Verify complete
2014-12-12 15:08:25, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:25, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:27, Info                  CSI    00000048 [SR] Verify complete
2014-12-12 15:08:27, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:27, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:29, Info                  CSI    0000004c [SR] Verify complete
2014-12-12 15:08:29, Info                  CSI    0000004d [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:29, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:33, Info                  CSI    00000050 [SR] Verify complete
2014-12-12 15:08:33, Info                  CSI    00000051 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:33, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:36, Info                  CSI    00000054 [SR] Verify complete
2014-12-12 15:08:36, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:36, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:39, Info                  CSI    00000058 [SR] Verify complete
2014-12-12 15:08:39, Info                  CSI    00000059 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:39, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:43, Info                  CSI    0000005c [SR] Verify complete
2014-12-12 15:08:43, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:43, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:50, Info                  CSI    00000061 [SR] Verify complete
2014-12-12 15:08:50, Info                  CSI    00000062 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:50, Info                  CSI    00000063 [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:54, Info                  CSI    00000068 [SR] Verify complete
2014-12-12 15:08:54, Info                  CSI    00000069 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:54, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2014-12-12 15:08:59, Info                  CSI    0000006d [SR] Verify complete
2014-12-12 15:08:59, Info                  CSI    0000006e [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:08:59, Info                  CSI    0000006f [SR] Beginning Verify and Repair transaction
2014-12-12 15:09:03, Info                  CSI    00000071 [SR] Verify complete
2014-12-12 15:09:03, Info                  CSI    00000072 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:09:03, Info                  CSI    00000073 [SR] Beginning Verify and Repair transaction
2014-12-12 15:09:09, Info                  CSI    00000095 [SR] Verify complete
2014-12-12 15:09:09, Info                  CSI    00000096 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:09:09, Info                  CSI    00000097 [SR] Beginning Verify and Repair transaction
2014-12-12 15:09:14, Info                  CSI    0000009c [SR] Verify complete
2014-12-12 15:09:14, Info                  CSI    0000009d [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:09:14, Info                  CSI    0000009e [SR] Beginning Verify and Repair transaction
2014-12-12 15:09:19, Info                  CSI    000000a0 [SR] Verify complete
2014-12-12 15:09:20, Info                  CSI    000000a1 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:09:20, Info                  CSI    000000a2 [SR] Beginning Verify and Repair transaction
2014-12-12 15:09:24, Info                  CSI    000000a4 [SR] Verify complete
2014-12-12 15:09:25, Info                  CSI    000000a5 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:09:25, Info                  CSI    000000a6 [SR] Beginning Verify and Repair transaction
2014-12-12 15:09:29, Info                  CSI    000000a8 [SR] Verify complete
2014-12-12 15:09:29, Info                  CSI    000000a9 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:09:29, Info                  CSI    000000aa [SR] Beginning Verify and Repair transaction
2014-12-12 15:09:34, Info                  CSI    000000ac [SR] Verify complete
2014-12-12 15:09:34, Info                  CSI    000000ad [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:09:34, Info                  CSI    000000ae [SR] Beginning Verify and Repair transaction
2014-12-12 15:09:41, Info                  CSI    000000b0 [SR] Verify complete
2014-12-12 15:09:41, Info                  CSI    000000b1 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:09:41, Info                  CSI    000000b2 [SR] Beginning Verify and Repair transaction
2014-12-12 15:09:49, Info                  CSI    000000d5 [SR] Verify complete
2014-12-12 15:09:49, Info                  CSI    000000d6 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:09:49, Info                  CSI    000000d7 [SR] Beginning Verify and Repair transaction
2014-12-12 15:09:57, Info                  CSI    000000d9 [SR] Verify complete
2014-12-12 15:09:57, Info                  CSI    000000da [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:09:57, Info                  CSI    000000db [SR] Beginning Verify and Repair transaction
2014-12-12 15:10:08, Info                  CSI    000000dd [SR] Verify complete
2014-12-12 15:10:08, Info                  CSI    000000de [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:10:08, Info                  CSI    000000df [SR] Beginning Verify and Repair transaction
2014-12-12 15:10:11, Info                  CSI    000000e3 [SR] Verify complete
2014-12-12 15:10:12, Info                  CSI    000000e4 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:10:12, Info                  CSI    000000e5 [SR] Beginning Verify and Repair transaction
2014-12-12 15:10:14, Info                  CSI    000000e7 [SR] Verify complete
2014-12-12 15:10:14, Info                  CSI    000000e8 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:10:14, Info                  CSI    000000e9 [SR] Beginning Verify and Repair transaction
2014-12-12 15:10:16, Info                  CSI    000000eb [SR] Verify complete
2014-12-12 15:10:16, Info                  CSI    000000ec [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:10:16, Info                  CSI    000000ed [SR] Beginning Verify and Repair transaction
2014-12-12 15:10:23, Info                  CSI    000000fe [SR] Verify complete
2014-12-12 15:10:23, Info                  CSI    000000ff [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:10:23, Info                  CSI    00000100 [SR] Beginning Verify and Repair transaction
2014-12-12 15:10:28, Info                  CSI    00000104 [SR] Verify complete
2014-12-12 15:10:28, Info                  CSI    00000105 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:10:28, Info                  CSI    00000106 [SR] Beginning Verify and Repair transaction
2014-12-12 15:10:30, Info                  CSI    00000108 [SR] Verify complete
2014-12-12 15:10:30, Info                  CSI    00000109 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:10:30, Info                  CSI    0000010a [SR] Beginning Verify and Repair transaction
2014-12-12 15:10:31, Info                  CSI    0000010c [SR] Cannot repair member file [l:22{11}]"PINTLGB.IMD" of Microsoft-Windows-IME-Simplified-Chinese-Core, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-12-12 15:10:33, Info                  CSI    0000010e [SR] Cannot repair member file [l:22{11}]"PINTLGB.IMD" of Microsoft-Windows-IME-Simplified-Chinese-Core, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-12-12 15:10:33, Info                  CSI    0000010f [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-12-12 15:10:34, Info                  CSI    00000112 [SR] Could not reproject corrupted file [ml:520{260},l:62{31}]"\??\C:\Windows\IME\IMESC5\DICTS"\[l:22{11}]"PINTLGB.IMD"; source file in store is also corrupted
2014-12-12 15:10:34, Info                  CSI    00000114 [SR] Verify complete
2014-12-12 15:10:34, Info                  CSI    00000115 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:10:34, Info                  CSI    00000116 [SR] Beginning Verify and Repair transaction
2014-12-12 15:10:39, Info                  CSI    00000118 [SR] Verify complete
2014-12-12 15:10:39, Info                  CSI    00000119 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:10:39, Info                  CSI    0000011a [SR] Beginning Verify and Repair transaction
2014-12-12 15:10:46, Info                  CSI    0000011d [SR] Verify complete
2014-12-12 15:10:46, Info                  CSI    0000011e [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:10:46, Info                  CSI    0000011f [SR] Beginning Verify and Repair transaction
2014-12-12 15:10:52, Info                  CSI    00000122 [SR] Verify complete
2014-12-12 15:10:52, Info                  CSI    00000123 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:10:52, Info                  CSI    00000124 [SR] Beginning Verify and Repair transaction
2014-12-12 15:10:54, Info                  CSI    00000126 [SR] Verify complete
2014-12-12 15:10:54, Info                  CSI    00000127 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:10:54, Info                  CSI    00000128 [SR] Beginning Verify and Repair transaction
2014-12-12 15:10:57, Info                  CSI    0000012a [SR] Verify complete
2014-12-12 15:10:57, Info                  CSI    0000012b [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:10:57, Info                  CSI    0000012c [SR] Beginning Verify and Repair transaction
2014-12-12 15:11:03, Info                  CSI    0000012e [SR] Verify complete
2014-12-12 15:11:03, Info                  CSI    0000012f [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:11:03, Info                  CSI    00000130 [SR] Beginning Verify and Repair transaction
2014-12-12 15:11:06, Info                  CSI    00000132 [SR] Verify complete
2014-12-12 15:11:07, Info                  CSI    00000133 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:11:07, Info                  CSI    00000134 [SR] Beginning Verify and Repair transaction
2014-12-12 15:11:15, Info                  CSI    00000138 [SR] Verify complete
2014-12-12 15:11:16, Info                  CSI    00000139 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:11:16, Info                  CSI    0000013a [SR] Beginning Verify and Repair transaction
2014-12-12 15:11:22, Info                  CSI    00000150 [SR] Verify complete
2014-12-12 15:11:22, Info                  CSI    00000151 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:11:22, Info                  CSI    00000152 [SR] Beginning Verify and Repair transaction
2014-12-12 15:11:27, Info                  CSI    00000154 [SR] Verify complete
2014-12-12 15:11:28, Info                  CSI    00000155 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:11:28, Info                  CSI    00000156 [SR] Beginning Verify and Repair transaction
2014-12-12 15:11:43, Info                  CSI    00000158 [SR] Verify complete
2014-12-12 15:11:43, Info                  CSI    00000159 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:11:43, Info                  CSI    0000015a [SR] Beginning Verify and Repair transaction
2014-12-12 15:11:55, Info                  CSI    0000015d [SR] Verify complete
2014-12-12 15:11:55, Info                  CSI    0000015e [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:11:55, Info                  CSI    0000015f [SR] Beginning Verify and Repair transaction
2014-12-12 15:12:01, Info                  CSI    00000161 [SR] Verify complete
2014-12-12 15:12:01, Info                  CSI    00000162 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:12:01, Info                  CSI    00000163 [SR] Beginning Verify and Repair transaction
2014-12-12 15:12:07, Info                  CSI    00000165 [SR] Verify complete
2014-12-12 15:12:07, Info                  CSI    00000166 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:12:07, Info                  CSI    00000167 [SR] Beginning Verify and Repair transaction
2014-12-12 15:12:12, Info                  CSI    00000169 [SR] Verify complete
2014-12-12 15:12:12, Info                  CSI    0000016a [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:12:12, Info                  CSI    0000016b [SR] Beginning Verify and Repair transaction
2014-12-12 15:12:17, Info                  CSI    0000016f [SR] Verify complete
2014-12-12 15:12:17, Info                  CSI    00000170 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:12:17, Info                  CSI    00000171 [SR] Beginning Verify and Repair transaction
2014-12-12 15:12:23, Info                  CSI    00000173 [SR] Verify complete
2014-12-12 15:12:23, Info                  CSI    00000174 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:12:23, Info                  CSI    00000175 [SR] Beginning Verify and Repair transaction
2014-12-12 15:12:37, Info                  CSI    00000177 [SR] Verify complete
2014-12-12 15:12:37, Info                  CSI    00000178 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:12:37, Info                  CSI    00000179 [SR] Beginning Verify and Repair transaction
2014-12-12 15:12:44, Info                  CSI    0000017c [SR] Verify complete
2014-12-12 15:12:44, Info                  CSI    0000017d [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:12:44, Info                  CSI    0000017e [SR] Beginning Verify and Repair transaction
2014-12-12 15:12:50, Info                  CSI    00000181 [SR] Verify complete
2014-12-12 15:12:50, Info                  CSI    00000182 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:12:50, Info                  CSI    00000183 [SR] Beginning Verify and Repair transaction
2014-12-12 15:12:56, Info                  CSI    00000185 [SR] Verify complete
2014-12-12 15:12:57, Info                  CSI    00000186 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:12:57, Info                  CSI    00000187 [SR] Beginning Verify and Repair transaction
2014-12-12 15:13:06, Info                  CSI    0000018a [SR] Verify complete
2014-12-12 15:13:06, Info                  CSI    0000018b [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:13:06, Info                  CSI    0000018c [SR] Beginning Verify and Repair transaction
2014-12-12 15:13:11, Info                  CSI    0000018e [SR] Verify complete
2014-12-12 15:13:11, Info                  CSI    0000018f [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:13:11, Info                  CSI    00000190 [SR] Beginning Verify and Repair transaction
2014-12-12 15:13:17, Info                  CSI    00000192 [SR] Verify complete
2014-12-12 15:13:17, Info                  CSI    00000193 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:13:17, Info                  CSI    00000194 [SR] Beginning Verify and Repair transaction
2014-12-12 15:13:22, Info                  CSI    00000197 [SR] Verify complete
2014-12-12 15:13:22, Info                  CSI    00000198 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:13:22, Info                  CSI    00000199 [SR] Beginning Verify and Repair transaction
2014-12-12 15:13:29, Info                  CSI    0000019b [SR] Verify complete
2014-12-12 15:13:30, Info                  CSI    0000019c [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:13:30, Info                  CSI    0000019d [SR] Beginning Verify and Repair transaction
2014-12-12 15:13:32, Info                  CSI    0000019f [SR] Verify complete
2014-12-12 15:13:33, Info                  CSI    000001a0 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:13:33, Info                  CSI    000001a1 [SR] Beginning Verify and Repair transaction
2014-12-12 15:13:39, Info                  CSI    000001a4 [SR] Verify complete
2014-12-12 15:13:39, Info                  CSI    000001a5 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:13:39, Info                  CSI    000001a6 [SR] Beginning Verify and Repair transaction
2014-12-12 15:13:45, Info                  CSI    000001a8 [SR] Verify complete
2014-12-12 15:13:45, Info                  CSI    000001a9 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:13:45, Info                  CSI    000001aa [SR] Beginning Verify and Repair transaction
2014-12-12 15:13:51, Info                  CSI    000001ae [SR] Verify complete
2014-12-12 15:13:51, Info                  CSI    000001af [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:13:51, Info                  CSI    000001b0 [SR] Beginning Verify and Repair transaction
2014-12-12 15:13:58, Info                  CSI    000001b2 [SR] Verify complete
2014-12-12 15:13:58, Info                  CSI    000001b3 [SR] Verifying 100 (0x0000000000000064) components
2014-12-12 15:13

Offline Kevin1961

  • Bronze Member
  • Posts: 17
Re: [In Progress] MS Defender will not start or reload
« Reply #10 on: December 12, 2014, 04:36:31 PM »
I have a automatic update notice "Update for Windows 7 for x64-based Systems (KB3024777)
should I shut down the computer and let it update or keep it on or in sleep mode?

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27056
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] MS Defender will not start or reload
« Reply #11 on: December 12, 2014, 07:02:20 PM »
Will windows defender or Microsoft Security Essentials start?

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline Kevin1961

  • Bronze Member
  • Posts: 17
Re: [In Progress] MS Defender will not start or reload
« Reply #12 on: December 13, 2014, 04:43:10 AM »
Defender will not start. I get a message that the computer is not running genuine windows. The Firewall appears to be on. When I try to download a fresh copy of MSE from the Microsoft website the download does not execute.

Offline Kevin1961

  • Bronze Member
  • Posts: 17
Re: [In Progress] MS Defender will not start or reload
« Reply #13 on: December 13, 2014, 09:40:50 AM »
I woke up the computer from sleep mode and it installed the update automatically. Not what I wanted. Defender is now showing as active and states the computer is running normally. I downloaded MSE from the Microsoft website and ran a defender quick scan. No problems were detected. A window stating the computer wasn't running genuine windows also popped up. That must be part of the malware. If you think it would be easier to format the boot disk and start over please let me know. Thanks Hoov.

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27056
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] MS Defender will not start or reload
« Reply #14 on: December 13, 2014, 10:20:53 AM »
Don't do that, I was actually expecting that to happen. Is there also an error code in the error window?

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!