DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_20
Run by supernatural at 16:06:17 on 2012-10-21
Microsoft Windows 7 Starter 6.1.7601.1.1252.1.1033.18.1013.55 [GMT -7:00]
.
AV: Charter Security Suite 9.01 *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Charter Security Suite 9.01 *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Charter Security Suite 9.01 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files\Charter Security Suite\Anti-Virus\fsgk32st.exe
C:\Program Files\Charter Security Suite\Common\FSMA32.EXE
C:\Program Files\Charter Security Suite\Anti-Virus\FSGK32.EXE
C:\Program Files\Acer\Registration\GregHSRW.exe
C:\Program Files\Charter Security Suite\Common\FSHDLL32.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Charter Security Suite\ORSP Client\fsorsp.exe
C:\Program Files\Charter Security Suite\FWES\Program\fsdfwd.exe
C:\Program Files\Charter Security Suite\Anti-Virus\fssm32.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\PLFSetI.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Charter Security Suite\Common\FSM32.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Charter Security Suite\Anti-Virus\fsav32.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\taskhost.exe
C:\Windows\explorer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Users\supernatural\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\supernatural\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\supernatural\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\supernatural\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=ao532h&r=27b50810r705l0444ww85w6582r986
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=ao532h&r=27b50810r705l0444ww85w6582r986
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=ao532h&r=27b50810r705l0444ww85w6582r986
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Browsing Protection Class: {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - c:\program files\charter security suite\nrs\iescript\baselitmus.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Browsing Protection Toolbar: {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - c:\program files\charter security suite\nrs\iescript\baselitmus.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "c:\users\supernatural\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [lime pro] "c:\program files\lime pro\LimePro.exe" -h
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [Acer ePower Management] c:\program files\acer\acer epower management\ePowerTray.exe
mRun: [EgisTecLiveUpdate] "c:\program files\egistec egis software update\EgisUpdate.exe"
mRun: [mwlDaemon] c:\program files\egistec\mywinlocker 3\x86\mwlDaemon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [NortonOnlineBackupReminder] "c:\program files\symantec\norton online backup\activation\NobuActivation.exe" UNATTENDED
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [PLFSetI] c:\windows\PLFSetI.exe
mRun: [Acer Assist Launcher] c:\program files\acer\acer assist\launcher.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [F-Secure Manager] "c:\program files\charter security suite\common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "c:\program files\charter security suite\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\users\supern~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\acervc~1.lnk - c:\program files\acer\acer vcm\AcerVCM.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: c:\program files\charter security suite\fsps\program\FSLSP.DLL
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{CA4A6D69-CA4A-4C42-A398-656976B2D87D} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{CA4A6D69-CA4A-4C42-A398-656976B2D87D}\0484F6D65683136434 : DHCPNameServer = 68.190.192.35 71.9.127.107 24.205.224.36
TCP: Interfaces\{CA4A6D69-CA4A-4C42-A398-656976B2D87D}\3435553524D2143434543535 : DHCPNameServer = 139.182.2.1 139.182.2.6
TCP: Interfaces\{CA4A6D69-CA4A-4C42-A398-656976B2D87D}\3435553524D27457563747 : DHCPNameServer = 139.182.2.1 139.182.2.6
TCP: Interfaces\{CA4A6D69-CA4A-4C42-A398-656976B2D87D}\75164737F6E6 : DHCPNameServer = 68.190.192.35 71.9.127.107 68.116.46.115
TCP: Interfaces\{CA4A6D69-CA4A-4C42-A398-656976B2D87D}\E4544574541425 : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\supernatural\appdata\roaming\mozilla\firefox\profiles\wjkb1sf8.default\
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\supernatural\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\users\supernatural\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - ExtSQL: 2012-10-07 21:42;
litmus-ff@f-secure.com; c:\program files\charter security suite\nrs\
litmus-ff@f-secure.com
.
============= SERVICES / DRIVERS ===============
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2012-9-26 44240]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\charter security suite\hips\drivers\fshs.sys [2012-9-26 68064]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2012-9-26 36792]
R1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2012-9-26 73160]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\charter security suite\anti-virus\minifilter\fsvista.sys [2012-9-26 12384]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\drivers\mwlPSDFilter.sys [2009-6-2 18992]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\drivers\mwlPSDNserv.sys [2009-6-2 16432]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\drivers\mwlPSDVDisk.sys [2009-6-2 60976]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\charter security suite\anti-virus\minifilter\fsgk.sys [2012-9-26 144592]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2010-2-10 54784]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [2010-2-10 82384]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2011-5-20 34376]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\charter security suite\anti-virus\win2k\fsfilter.sys [2012-9-26 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\charter security suite\anti-virus\win2k\fsrec.sys [2012-9-26 25184]
.
=============== Created Last 30 ================
.
2012-10-21 21:37:1722856----a-w-c:\windows\system32\drivers\mbam.sys
2012-10-21 21:37:16--------d-----w-c:\program files\Malwarebytes' Anti-Malware
2012-10-19 23:32:486918632------w-c:\programdata\microsoft\windows defender\definition updates\{8edaf1e9-ab9b-4d55-a0aa-ae6999224099}\mpengine.dll
2012-10-14 17:58:26--------d-----w-c:\users\supernatural\appdata\roaming\F-Secure
2012-10-13 10:16:30--------d-----w-C:\Bone Thugs
2012-10-13 09:56:06--------d-----w-c:\program files\Media Player Utilities 4.36
2012-10-10 06:05:55172544----a-w-c:\windows\system32\wintrust.dll
2012-10-10 06:05:352048----a-w-c:\windows\system32\tzres.dll
2012-10-10 06:03:341159680----a-w-c:\windows\system32\crypt32.dll
2012-10-10 06:03:32140288----a-w-c:\windows\system32\cryptsvc.dll
2012-10-10 06:03:31103936----a-w-c:\windows\system32\cryptnet.dll
2012-10-10 06:02:321211760----a-w-c:\windows\system32\drivers\ntfs.sys
2012-10-10 06:02:25542208----a-w-c:\windows\system32\kerberos.dll
2012-10-10 06:02:043914096----a-w-c:\windows\system32\ntoskrnl.exe
2012-10-10 06:02:013968880----a-w-c:\windows\system32\ntkrnlpa.exe
2012-09-26 23:35:49--------d-----w-c:\users\supernatural\appdata\local\Macromedia
2012-09-26 22:23:33712048----a-w-c:\windows\system32\drivers\ndis.sys
2012-09-26 22:23:3333280----a-w-c:\windows\system32\drivers\RNDISMP.sys
2012-09-26 22:22:17492032----a-w-c:\windows\system32\win32spl.dll
2012-09-26 22:22:15317440----a-w-c:\windows\system32\spoolsv.exe
2012-09-26 22:21:55245760----a-w-c:\windows\system32\OxpsConverter.exe
2012-09-26 22:21:32400896----a-w-c:\windows\system32\srcore.dll
2012-09-26 22:21:261292144----a-w-c:\windows\system32\drivers\tcpip.sys
2012-09-26 22:21:25240496----a-w-c:\windows\system32\drivers\netio.sys
2012-09-26 22:21:25187760----a-w-c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-26 22:21:032345984----a-w-c:\windows\system32\win32k.sys
2012-09-26 22:14:34164352----a-w-c:\windows\system32\profsvc.dll
2012-09-26 22:07:53769024----a-w-c:\windows\system32\localspl.dll
2012-09-26 22:07:272342400----a-w-c:\windows\system32\msi.dll
2012-09-26 22:07:09490496----a-w-c:\windows\system32\d3d10level9.dll
2012-09-26 22:06:58102912----a-w-c:\windows\system32\browser.dll
2012-09-26 22:06:5741984----a-w-c:\windows\system32\browcli.dll
2012-09-26 22:06:45129536----a-w-c:\windows\system32\rdpcorekmts.dll
2012-09-26 22:06:4458880----a-w-c:\windows\system32\rdpwsx.dll
2012-09-26 22:06:438192----a-w-c:\windows\system32\rdrmemptylst.exe
2012-09-26 21:51:5344240----a-w-c:\windows\system32\drivers\fsbts.sys
2012-09-26 21:48:0036792----a-w-c:\windows\system32\drivers\fses.sys
2012-09-26 21:47:5473160----a-w-c:\windows\system32\drivers\fsdfw.sys
2012-09-26 21:43:49--------d-----w-c:\program files\Charter Security Suite
2012-09-26 21:38:11--------d-----w-c:\programdata\fssg
2012-09-26 21:35:22--------d-----w-c:\programdata\f-secure
2012-09-26 21:19:152422272----a-w-c:\windows\system32\wucltux.dll
2012-09-26 21:16:1388576----a-w-c:\windows\system32\wudriver.dll
2012-09-26 21:13:2133792----a-w-c:\windows\system32\wuapp.exe
2012-09-26 21:13:21171904----a-w-c:\windows\system32\wuwebv.dll
.
==================== Find3M ====================
.
2012-10-09 10:12:0073656----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 10:12:00696760----a-w-c:\windows\system32\FlashPlayerApp.exe
2012-08-24 06:59:171800704----a-w-c:\windows\system32\jscript9.dll
2012-08-24 06:51:271129472----a-w-c:\windows\system32\wininet.dll
2012-08-24 06:51:021427968----a-w-c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26142848----a-w-c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12420864----a-w-c:\windows\system32\vbscript.dll
2012-08-24 06:43:582382848----a-w-c:\windows\system32\mshtml.tlb
2012-08-20 17:40:31169984----a-w-c:\windows\system32\winsrv.dll
2012-08-20 17:40:01293376----a-w-c:\windows\system32\KernelBase.dll
2012-08-20 17:37:58271360----a-w-c:\windows\system32\conhost.exe
2012-08-20 15:33:286144---ha-w-c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:284608---ha-w-c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:283584---ha-w-c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:283072---ha-w-c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 16:10:22.54 ===============