Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus need help please


  • Please log in to reply
3 replies to this topic

#1 marc197779

marc197779

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 25 May 2010 - 04:06 PM

I have had a virus for some time now and after a fresh install it looks like its still there. Just did a scan with Radix and it is showing many hidden and locked files in my registry. Please help me get rid of this once and for all.

BC AdBot (Login to Remove)

 


#2 marc197779

marc197779
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 25 May 2010 - 08:03 PM

OK here is the Radix log any suggestions?

Running on: Microsoft Windows NT 6.0 Build 6001 Service Pack 1
Number of Processors: 1, Active Processor Mask: 00000001
Processor: Intel Level 6 Revision 1601
Allocation granularity: 00010000, Page granularity: 00001000
Application space: 00010000-7FFEFFFF
Kernel Membase: 80000000
[X] Filter common false alarms.
0:23:30 - Performing check: "Hidden files":
This check can take some time depending on your harddisk size. You can interrupt it with the ESC key.
Warning: Helper driver failed to load: This service cannot be started in Safe Mode
0:26:10 - Performing check: "Alternate Data Streams":
This check can take some time depending on your harddisk size. You can interrupt it with the ESC key.
[-] Error scanning file C:\pagefile.sys: 0x05::0x06: The process cannot access the file because it is being used by another process.

[*] C:\ProgramData\CyberLink\PowerDVD\CLDShowX.ini:Update.CL:$DATA
[-] Error scanning file C:\System Volume Information\{026d74ca-651e-11df-a5bd-0025111acfbc}{3808876b-c176-4e48-b7ae-04046e6cc752}: 0x05::0x06: Access is denied.

[-] Error scanning file C:\System Volume Information\{026d74d1-651e-11df-a5bd-0025111acfbc}{3808876b-c176-4e48-b7ae-04046e6cc752}: 0x05::0x06: Access is denied.

[-] Error scanning file C:\System Volume Information\{026d7563-651e-11df-a5bd-0025111acfbc}{3808876b-c176-4e48-b7ae-04046e6cc752}: 0x05::0x06: Access is denied.

[-] Error scanning file C:\System Volume Information\{026d7569-651e-11df-a5bd-0025111acfbc}{3808876b-c176-4e48-b7ae-04046e6cc752}: 0x05::0x06: Access is denied.

[-] Error scanning file C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}: 0x05::0x06: Access is denied.

[-] Error scanning file C:\System Volume Information\{abc189c3-67c2-11df-8c63-0025111acfbc}{3808876b-c176-4e48-b7ae-04046e6cc752}: 0x05::0x06: Access is denied.

[-] Error scanning file C:\System Volume Information\{da9c336d-6449-11df-b870-0025111acfbc}{3808876b-c176-4e48-b7ae-04046e6cc752}: 0x05::0x06: Access is denied.

[-] Error scanning file C:\System Volume Information\{da9c3374-6449-11df-b870-0025111acfbc}{3808876b-c176-4e48-b7ae-04046e6cc752}: 0x05::0x06: Access is denied.

[-] Error scanning file C:\System Volume Information\{da9c337a-6449-11df-b870-0025111acfbc}{3808876b-c176-4e48-b7ae-04046e6cc752}: 0x05::0x06: Access is denied.

[-] Error scanning file C:\System Volume Information\{ff5ea0a7-6767-11df-bedb-0025111acfbc}{3808876b-c176-4e48-b7ae-04046e6cc752}: 0x05::0x06: Access is denied.

[-] Error scanning file C:\System Volume Information\{ff5ea0b1-6767-11df-bedb-0025111acfbc}{3808876b-c176-4e48-b7ae-04046e6cc752}: 0x05::0x06: Access is denied.

[-] Error scanning file C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl: 0x05::0x06: Access is denied.

[-] Error scanning file C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl: 0x05::0x06: Access is denied.

[-] Error scanning file C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl: 0x05::0x06: Access is denied.

[-] Error scanning file C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl: 0x05::0x06: Access is denied.

[*] C:\Windows\System32\OEM\Logo\Thumbs.db:encryptable:$DATA

2 streams found.
0:27:55 - Performing check: "Hidden Registry entries":
--------------------[HKEY_LOCAL_MACHINE\BCD00000000 ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_LOCAL_MACHINE\COMPONENTS ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_LOCAL_MACHINE\HARDWARE ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_LOCAL_MACHINE\SAM ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_LOCAL_MACHINE\SAM\SAM: Access is denied.

DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_LOCAL_MACHINE\SECURITY ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_LOCAL_MACHINE\SECURITY: Access is denied.

DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_LOCAL_MACHINE\SOFTWARE ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_LOCAL_MACHINE\SYSTEM ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{54505F9E-EE66-4F1D-A63B-B853A1759385}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{674CDDB0-FA08-4CEE-BF3E-D975DD19672D}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{67F2A318-C8F7-4087-9F88-C4B434D41719}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{7E0006EA-81A8-4780-B0C8-474E2DBF4D63}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10250245&REV_1000#4&6054F9B&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10250245&REV_1000#4&6054F9B&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10250245&REV_1000#4&6054F9B&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtSpdifTopo\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10250245&REV_1000#4&6054F9B&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10250245&REV_1000#4&6054F9B&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\Audit\AuditPolicy: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\Audit\PerUserAuditing\System: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\FixedButton\2&daba3ff&2\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_22\_0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0000\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0100\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0103\0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0200\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0303\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0800\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0A03\0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0B00\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0C01\1\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0C02\0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0C02\10\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0C02\11\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0C02\2e\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0C04\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0C0C\aa\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\pnp0c14\0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\pnp0c14\NVIF\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0F03\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI_HAL\PNP0C08\0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI_HAL\PNP0C18\0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\4&39079390&0&UID256\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\SNY0770\4&39079390&0&UID256\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10250245&REV_1000\4&6054f9b&0&0001\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_056A&SUBSYS_02451025&REV_A1\3&267a616a&0&21\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_056C&SUBSYS_02451025&REV_A1\3&267a616a&0&40\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_056D&SUBSYS_02451025&REV_A1\3&267a616a&0&50\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_056E&SUBSYS_02451025&REV_A1\3&267a616a&0&58\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_056F&SUBSYS_02451025&REV_A1\3&267a616a&0&60\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_056F&SUBSYS_02451025&REV_A1\3&267a616a&0&68\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07C5&SUBSYS_02451025&REV_A2\3&267a616a&0&00\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07C8&SUBSYS_02451025&REV_A1\3&267a616a&0&1C\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07CB&SUBSYS_02451025&REV_A2\3&267a616a&0&01\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07CD&SUBSYS_02451025&REV_A1\3&267a616a&0&08\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07CE&SUBSYS_02451025&REV_A1\3&267a616a&0&09\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07CF&SUBSYS_02451025&REV_A1\3&267a616a&0&0A\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07D0&SUBSYS_02451025&REV_A1\3&267a616a&0&0B\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07D1&SUBSYS_02451025&REV_A1\3&267a616a&0&0C\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07D2&SUBSYS_02451025&REV_A1\3&267a616a&0&0D\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07D3&SUBSYS_02451025&REV_A1\3&267a616a&0&0E\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07D6&SUBSYS_02451025&REV_A1\3&267a616a&0&10\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07D7&SUBSYS_02451025&REV_A2\3&267a616a&0&18\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07D8&SUBSYS_02451025&REV_A1\3&267a616a&0&19\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07D9&SUBSYS_02451025&REV_A1\3&267a616a&0&1A\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07E5&SUBSYS_02451025&REV_A2\3&267a616a&0&80\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07F4&SUBSYS_02451025&REV_A2\3&267a616a&0&70\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07FC&SUBSYS_02451025&REV_A1\3&267a616a&0&48\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_07FE&SUBSYS_02451025&REV_A1\3&267a616a&0&20\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10EC&DEV_8136&SUBSYS_02451025&REV_01\4&3871f935&0&0068\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_11C1&DEV_0620&SUBSYS_062011C1&REV_00\4&f0fc387&0&3050\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&28a7e3b1&0&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&28a7e3b1&0&1\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\*ISATAP\0001\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\*TUNMP\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\ACPI_HAL\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\ISCSIPRT\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\MS_L2TPMINIPORT\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\MS_NDISWANBH\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\MS_NDISWANIP\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\MS_NDISWANIPV6\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\MS_PPPOEMINIPORT\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\MS_PPTPMINIPORT\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\MS_SSTPMINIPORT\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\RDP_KBD\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\RDP_MOU\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\SYSTEM\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\SYSTEM\0002\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\UMBUS\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\volmgr\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_ATAPI&Prod_DVD_A__DH16A6S\4&a9a743b&0&020200\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_Hitachi&Prod_HDT721016SLA\4&a9a743b&0&000000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\Volume\1&19f7e59c&0&_??_USBSTOR#Disk&Ven_Generic&Prod_Compact_Flash&Rev_0.00#00000000000006&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\Volume\1&19f7e59c&0&_??_USBSTOR#Disk&Ven_Generic&Prod_microSD&Rev_0.00#00000000000006&2#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\Volume\1&19f7e59c&0&_??_USBSTOR#Disk&Ven_Generic&Prod_MS#MS-PRO&Rev_0.00#00000000000006&3#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\Volume\1&19f7e59c&0&_??_USBSTOR#Disk&Ven_Generic&Prod_SD#MMC&Rev_0.00#00000000000006&1#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\Volume\1&19f7e59c&0&_??_USBSTOR#Disk&Ven_Generic&Prod_SM#xD-Picture&Rev_0.00#00000000000006&4#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\Volume\1&19f7e59c&0&Signature2C9263B6Offset100000Length340000000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\Volume\1&19f7e59c&0&Signature2C9263B6Offset340100000Length22031D6000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot1\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot10\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot2\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot3\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot4\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot5\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot6\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot7\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot8\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot9\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SW\{96e080c7-143c-11d1-b40f-00a0c9223196}\{3C0D501A-140B-11D1-B40F-00A0C9223196}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SW\{97ebaacc-95bd-11d0-a3ea-00a0c9223196}\{53172480-4791-11D0-A5D6-28DB04C10000}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SW\{cfd669f1-9bc2-11d0-8299-0000f822fe8a}\{0A4252A0-7E70-11D0-A5D6-28DB04C10000}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SW\{cfd669f1-9bc2-11d0-8299-0000f822fe8a}\{CF1DDA2C-9743-11D0-A3EE-00A0C9223196}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SW\{ddf4358e-bb2c-11d0-a42f-00a0c9223196}\{97EBAACB-95BD-11D0-A3EA-00A0C9223196}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SW\{eeab7790-c514-11d1-b42b-00805fc1270e}\asyncmac\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SW\{eec12db6-ad9c-4168-8658-b03daef417fe}\{ABD61E00-9350-47e2-A632-4438B90C6641}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\UMB\UMB\1&841921d&0&PrinterBusEnumerator\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\UMB\UMB\1&841921d&0&WpdBusEnumRoot\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\USB\ROOT_HUB\4&3686a7c&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\USB\ROOT_HUB20\4&2b292b17&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\USB\VID_1307&PID_0330\00000000000006\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\USBSTOR\Disk&Ven_Generic&Prod_Compact_Flash&Rev_0.00\00000000000006&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\USBSTOR\Disk&Ven_Generic&Prod_microSD&Rev_0.00\00000000000006&2\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\USBSTOR\Disk&Ven_Generic&Prod_MS/MS-PRO&Rev_0.00\00000000000006&3\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\USBSTOR\Disk&Ven_Generic&Prod_SD/MMC&Rev_0.00\00000000000006&1\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\USBSTOR\Disk&Ven_Generic&Prod_SM/xD-Picture&Rev_0.00\00000000000006&4\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_COMPACT_FLASH&REV_0.00#00000000000006&0#\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_MICROSD&REV_0.00#00000000000006&2#\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_MS#MS-PRO&REV_0.00#00000000000006&3#\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_SD#MMC&REV_0.00#00000000000006&1#\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_SM#XD-PICTURE&REV_0.00#00000000000006&4#\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{54505F9E-EE66-4F1D-A63B-B853A1759385}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{674CDDB0-FA08-4CEE-BF3E-D975DD19672D}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{67F2A318-C8F7-4087-9F88-C4B434D41719}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{7E0006EA-81A8-4780-B0C8-474E2DBF4D63}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10250245&REV_1000#4&6054F9B&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10250245&REV_1000#4&6054F9B&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10250245&REV_1000#4&6054F9B&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtSpdifTopo\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10250245&REV_1000#4&6054F9B&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10250245&REV_1000#4&6054F9B&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Lsa\Audit\AuditPolicy: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Lsa\Audit\PerUserAuditing\System: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_22\_0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0000\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0100\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0103\0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0200\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0303\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0800\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0A03\0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0B00\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0C01\1\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0C02\0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0C02\10\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0C02\11\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0C02\2e\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0C04\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0C0C\aa\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\pnp0c14\0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\pnp0c14\NVIF\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0F03\4&eabe7e6&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI_HAL\PNP0C08\0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI_HAL\PNP0C18\0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\DISPLAY\Default_Monitor\4&39079390&0&UID256\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\DISPLAY\SNY0770\4&39079390&0&UID256\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10250245&REV_1000\4&6054f9b&0&0001\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_056A&SUBSYS_02451025&REV_A1\3&267a616a&0&21\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_056C&SUBSYS_02451025&REV_A1\3&267a616a&0&40\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_056D&SUBSYS_02451025&REV_A1\3&267a616a&0&50\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_056E&SUBSYS_02451025&REV_A1\3&267a616a&0&58\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_056F&SUBSYS_02451025&REV_A1\3&267a616a&0&60\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_056F&SUBSYS_02451025&REV_A1\3&267a616a&0&68\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07C5&SUBSYS_02451025&REV_A2\3&267a616a&0&00\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07C8&SUBSYS_02451025&REV_A1\3&267a616a&0&1C\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07CB&SUBSYS_02451025&REV_A2\3&267a616a&0&01\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07CD&SUBSYS_02451025&REV_A1\3&267a616a&0&08\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07CE&SUBSYS_02451025&REV_A1\3&267a616a&0&09\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07CF&SUBSYS_02451025&REV_A1\3&267a616a&0&0A\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07D0&SUBSYS_02451025&REV_A1\3&267a616a&0&0B\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07D1&SUBSYS_02451025&REV_A1\3&267a616a&0&0C\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07D2&SUBSYS_02451025&REV_A1\3&267a616a&0&0D\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07D3&SUBSYS_02451025&REV_A1\3&267a616a&0&0E\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07D6&SUBSYS_02451025&REV_A1\3&267a616a&0&10\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07D7&SUBSYS_02451025&REV_A2\3&267a616a&0&18\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07D8&SUBSYS_02451025&REV_A1\3&267a616a&0&19\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07D9&SUBSYS_02451025&REV_A1\3&267a616a&0&1A\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07E5&SUBSYS_02451025&REV_A2\3&267a616a&0&80\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07F4&SUBSYS_02451025&REV_A2\3&267a616a&0&70\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07FC&SUBSYS_02451025&REV_A1\3&267a616a&0&48\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10DE&DEV_07FE&SUBSYS_02451025&REV_A1\3&267a616a&0&20\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_10EC&DEV_8136&SUBSYS_02451025&REV_01\4&3871f935&0&0068\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_11C1&DEV_0620&SUBSYS_062011C1&REV_00\4&f0fc387&0&3050\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCIIDE\IDEChannel\4&28a7e3b1&0&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCIIDE\IDEChannel\4&28a7e3b1&0&1\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\*ISATAP\0001\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\*TUNMP\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\ACPI_HAL\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\ISCSIPRT\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\MS_L2TPMINIPORT\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\MS_NDISWANBH\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\MS_NDISWANIP\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\MS_NDISWANIPV6\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\MS_PPPOEMINIPORT\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\MS_PPTPMINIPORT\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\MS_SSTPMINIPORT\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\RDP_KBD\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\RDP_MOU\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\SYSTEM\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\SYSTEM\0002\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\UMBUS\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\volmgr\0000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\SCSI\CdRom&Ven_ATAPI&Prod_DVD_A__DH16A6S\4&a9a743b&0&020200\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\SCSI\Disk&Ven_Hitachi&Prod_HDT721016SLA\4&a9a743b&0&000000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\Volume\1&19f7e59c&0&_??_USBSTOR#Disk&Ven_Generic&Prod_Compact_Flash&Rev_0.00#00000000000006&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\Volume\1&19f7e59c&0&_??_USBSTOR#Disk&Ven_Generic&Prod_microSD&Rev_0.00#00000000000006&2#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\Volume\1&19f7e59c&0&_??_USBSTOR#Disk&Ven_Generic&Prod_MS#MS-PRO&Rev_0.00#00000000000006&3#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\Volume\1&19f7e59c&0&_??_USBSTOR#Disk&Ven_Generic&Prod_SD#MMC&Rev_0.00#00000000000006&1#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\Volume\1&19f7e59c&0&_??_USBSTOR#Disk&Ven_Generic&Prod_SM#xD-Picture&Rev_0.00#00000000000006&4#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\Volume\1&19f7e59c&0&Signature2C9263B6Offset100000Length340000000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\Volume\1&19f7e59c&0&Signature2C9263B6Offset340100000Length22031D6000\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot1\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot2\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot3\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot4\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot5\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot6\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot7\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot8\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot9\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\SW\{96e080c7-143c-11d1-b40f-00a0c9223196}\{3C0D501A-140B-11D1-B40F-00A0C9223196}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\SW\{97ebaacc-95bd-11d0-a3ea-00a0c9223196}\{53172480-4791-11D0-A5D6-28DB04C10000}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\SW\{cfd669f1-9bc2-11d0-8299-0000f822fe8a}\{0A4252A0-7E70-11D0-A5D6-28DB04C10000}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\SW\{cfd669f1-9bc2-11d0-8299-0000f822fe8a}\{CF1DDA2C-9743-11D0-A3EE-00A0C9223196}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\SW\{ddf4358e-bb2c-11d0-a42f-00a0c9223196}\{97EBAACB-95BD-11D0-A3EA-00A0C9223196}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\SW\{eeab7790-c514-11d1-b42b-00805fc1270e}\asyncmac\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\SW\{eec12db6-ad9c-4168-8658-b03daef417fe}\{ABD61E00-9350-47e2-A632-4438B90C6641}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\UMB\UMB\1&841921d&0&PrinterBusEnumerator\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\UMB\UMB\1&841921d&0&WpdBusEnumRoot\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\USB\ROOT_HUB\4&3686a7c&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\USB\ROOT_HUB20\4&2b292b17&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\USB\VID_1307&PID_0330\00000000000006\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\USBSTOR\Disk&Ven_Generic&Prod_Compact_Flash&Rev_0.00\00000000000006&0\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\USBSTOR\Disk&Ven_Generic&Prod_microSD&Rev_0.00\00000000000006&2\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\USBSTOR\Disk&Ven_Generic&Prod_MS/MS-PRO&Rev_0.00\00000000000006&3\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\USBSTOR\Disk&Ven_Generic&Prod_SD/MMC&Rev_0.00\00000000000006&1\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\USBSTOR\Disk&Ven_Generic&Prod_SM/xD-Picture&Rev_0.00\00000000000006&4\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_COMPACT_FLASH&REV_0.00#00000000000006&0#\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_MICROSD&REV_0.00#00000000000006&2#\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_MS#MS-PRO&REV_0.00#00000000000006&3#\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_SD#MMC&REV_0.00#00000000000006&1#\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_SM#XD-PICTURE&REV_0.00#00000000000006&4#\Properties: Access is denied.

DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_USERS\.DEFAULT ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_USERS\.DEFAULT\Software\Microsoft\SystemCertificates\Root\ProtectedRoots: Access is denied.

DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_USERS\S-1-5-19 ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_USERS\S-1-5-19\Software\Microsoft\SystemCertificates\Root\ProtectedRoots: Access is denied.

DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_USERS\S-1-5-20 ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_USERS\S-1-5-20\Software\Microsoft\SystemCertificates\Root\ProtectedRoots: Access is denied.

DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_USERS\S-1-5-21-3200456962-1041060321-4182759109-1000]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_USERS\S-1-5-21-3200456962-1041060321-4182759109-1000\Software\Microsoft\Protected Storage System Provider\S-1-5-21-3200456962-1041060321-4182759109-1000: Access is denied.

DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_USERS\S-1-5-21-3200456962-1041060321-4182759109-1000_Classes]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_USERS\S-1-5-18 ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_USERS\S-1-5-18\Software\Microsoft\SystemCertificates\Root\ProtectedRoots: Access is denied.

DONE.
-------------------------------------------------------------------------------

0:33:46 - Performing check: "Hidden processes":
(01) PID: 0 [00000000] (Idle)
(01) PID: 4 [00000000] (System)
(01) PID: 340 [00000000] (smss.exe)
(129) PID: 400 [00000000] (csrss.exe)
(129) PID: 436 [00000000] (csrss.exe)
(01) PID: 444 [00000000] (wininit.exe)
(01) PID: 472 [00000000] (winlogon.exe)
(129) PID: 520 [00000000] (services.exe)
(01) PID: 532 [00000000] (lsass.exe)
(129) PID: 540 [00000000] (lsm.exe)
(01) PID: 696 [00000000] (svchost.exe)
(129) PID: 756 [00000000] (svchost.exe)
(129) PID: 792 [00000000] (svchost.exe)
(129) PID: 876 [00000000] (svchost.exe)
(129) PID: 900 [00000000] (svchost.exe)
(129) PID: 980 [00000000] (svchost.exe)
(129) PID: 1000 [00000000] (svchost.exe)
(129) PID: 1084 [00000000] (svchost.exe)
(129) PID: 1180 [00000000] (svchost.exe)
(129) PID: 1428 [00000000] (explorer.exe)
(01) PID: 1460 [00000000] (WerFault.exe)
(129) PID: 1636 [00000000] (svchost.exe)
(01) PID: 1836 [00000000] (radixgui.exe)
(129) PID: 1944 [00000000] (WmiPrvSE.exe)
(01) PID: 2036 [00000000] (firefox.exe)
0:33:46 - Performing check: "Hidden services":
# Service Startup File
0 .NET CLR Data Disabled
1 .NET CLR Networking Disabled
2 .NET Data Provider for Oracle Disabled
3 .NET Data Provider for SqlServer Disabled
4 .NETFramework Disabled
5 ACPI Boot Microsoft ACPI Driver
6 adp94xx Disabled
7 adpahci Disabled
8 adpu160m Disabled
9 adpu320 Disabled
10 adsi Disabled
11 AeLookupSvc Auto @%SystemRoot%\system32\aelupsvc.dll,-1
12 AFD System Ancilliary Function Driver for Winsock
13 AgereModemAudio Auto Agere Modem Call Progress Audio
14 AgereSoftModem Demand Agere Systems Soft Modem
15 agp440 Demand Intel AGP Bus Filter
16 aic78xx Disabled
17 ALG Demand @%SystemRoot%\system32\Alg.exe,-112
18 aliide Disabled
19 amdagp Demand AMD AGP Bus Filter Driver
20 amdide Disabled
21 AmdK7 Disabled AMD K7 Processor Driver
22 AmdK8 Disabled AMD K8 Processor Driver
23 Appinfo Demand @%systemroot%\system32\appinfo.dll,-100
24 arc Disabled
25 arcsas Disabled
26 AsyncMac Demand @%systemroot%\system32\rascfg.dll,-32000
27 atapi Boot IDE Channel
28 AudioEndpointBuilder Auto @%SystemRoot%\system32\audiosrv.dll,-204
29 Audiosrv Auto @%SystemRoot%\system32\audiosrv.dll,-200
30 BattC Disabled
31 Beep System Beep
32 BFE Auto @%SystemRoot%\system32\bfe.dll,-1001
33 BHDrvx86 System Symantec Heuristics Driver
34 BITS Auto @%SystemRoot%\system32\qmgr.dll,-1000
35 blbdrive Disabled
36 bowser Demand Bowser
37 BrFiltLo Demand Brother USB Mass-Storage Lower Filter Driver
38 BrFiltUp Demand Brother USB Mass-Storage Upper Filter Driver
39 Browser Auto @%systemroot%\system32\browser.dll,-100
40 Brserid Disabled Brother MFC Serial Port Interface Driver (WDM)
41 BrSerWdm Disabled Brother WDM Serial driver
42 BrUsbMdm Disabled Brother MFC USB Fax Only Modem
43 BrUsbSer Demand Brother MFC USB Serial WDM Driver
44 BTHMODEM Disabled Bluetooth Serial Communications Driver
45 ccHP System Symantec Hash Provider
46 cdfs Disabled CD/DVD File System Reader
47 cdrom System CD-ROM Driver
48 CertPropSvc Demand @%SystemRoot%\System32\certprop.dll,-11
49 circlass Disabled Consumer IR Devices
50 CLFS Boot Common Log (CLFS)
51 clr_optimization_v2.0.50727_32 Demand Microsoft .NET Framework NGEN v2.0.50727_X86
52 cmdide Disabled
53 Compbatt Disabled Microsoft Composite Battery Driver
54 COMSysApp Demand @comres.dll,-947
55 crcdisk Boot Crcdisk Filter Driver
56 Crusoe Disabled Transmeta Crusoe Processor Driver
57 crypt32 Disabled
58 CryptSvc Auto @%SystemRoot%\system32\cryptsvc.dll,-1001
59 DCLocator Disabled
60 DcomLaunch Auto @oleres.dll,-5012
61 DfsC System @%systemroot%\system32\drivers\dfsc.sys,-101
62 DFSR Demand @dfsrres.dll,-101
63 Dhcp Auto @%SystemRoot%\system32\dhcpcsvc.dll,-100
64 disk Boot Disk Driver
65 Dnscache Auto @%SystemRoot%\System32\dnsapi.dll,-101
66 dot3svc Demand @%systemroot%\system32\dot3svc.dll,-1102
67 DPS Auto @%systemroot%\system32\dps.dll,-500
68 drmkaud Demand Microsoft Kernel DRM Audio Descrambler
69 DXGKrnl Demand LDDM Graphics Subsystem
70 E1G60 Demand Intel® PRO/1000 NDIS 6 Adapter Driver
71 EapHost Demand @%systemroot%\system32\eapsvc.dll,-1
72 Ecache Boot ReadyBoost Caching Driver
73 eeCtrl System Symantec Eraser Control driver
74 elxstor Disabled
75 EmdCache Disabled
76 EMDMgmt Auto @%SystemRoot%\system32\emdmgmt.dll,-1000
77 EraserUtilRebootDrv Demand EraserUtilRebootDrv
78 ErrDev Disabled Microsoft Hardware Error Device Driver
79 ESENT Disabled
80 ETService Auto Empowering Technology Service
81 Eventlog Auto @%SystemRoot%\system32\wevtsvc.dll,-200
82 EventSystem Auto @comres.dll,-2450
83 exfat Demand exFAT File System Driver
84 fastfat Demand FAT12/16/32 File System Driver
85 fdc Disabled Floppy Disk Controller Driver
86 fdPHost Demand @%systemroot%\system32\fdPHost.dll,-100
87 FDResPub Demand @%systemroot%\system32\fdrespub.dll,-100
88 FileInfo Boot File Information FS MiniFilter
89 Filetrace Demand FileTrace
90 flpydisk Disabled Floppy Disk Driver
91 FltMgr Boot FltMgr
92 FontCache3.0.0.0 Demand @%SystemRoot%\system32\PresentationHost.exe,-3309
93 Fs_Rec System
94 gagp30kx Demand Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms
95 GameConsoleService Demand GameConsoleService
96 gpsvc Auto @gpapi.dll,-112
97 gupdate Auto Google Update Service (gupdate)
98 gusvc Demand Google Software Updater
99 HdAudAddService Demand Microsoft 1.1 UAA Function Driver for High Definition Audio Service
100 HDAudBus Demand Microsoft UAA Bus Driver for High Definition Audio
101 HidBth Disabled Microsoft Bluetooth HID Miniport
102 HidIr Disabled Microsoft Infrared HID Driver
103 hidserv Demand @%SystemRoot%\System32\hidserv.dll,-101
104 HidUsb Disabled Microsoft HID Class Driver
105 hkmsvc Demand @%SystemRoot%\system32\kmsvc.dll,-6
106 HpCISSs Disabled
107 HTTP Demand HTTP
108 i2omp Disabled
109 i8042prt System i8042 Keyboard and PS/2 Mouse Port Driver
110 iaStorV Disabled Intel RAID Controller Vista
111 idsvc Demand @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193
112 IDSVix86 System IDSVix86
113 iirsp Disabled
114 IKEEXT Auto @%SystemRoot%\system32\ikeext.dll,-501
115 inetaccs Disabled
116 int15 Auto int15
117 IntcAzAudAddService Demand Service for Realtek HD Audio (WDM)
118 intelide Disabled
119 intelppm Demand Intel Processor Driver
120 IPBusEnum Demand @%systemroot%\system32\IPBusEnum.dll,-102
121 IpFilterDriver Demand @%systemroot%\system32\rascfg.dll,-32013
122 iphlpsvc Auto @%SystemRoot%\system32\iphlpsvc.dll,-200
123 IpInIp Demand IP in IP Tunnel Driver
124 IPMIDRV Disabled
125 IPNAT Demand IP Network Address Translator
126 IRENUM Demand IR Bus Enumerator
127 isapnp Disabled PnP ISA/EISA Bus Driver
128 iScsiPrt Demand iScsiPort Driver
129 iteatapi Disabled ITEATAPI_Service_Install
130 iteraid Disabled ITERAID_Service_Install
131 kbdclass System Keyboard Class Driver
132 kbdhid Disabled Keyboard HID Driver
133 KeyIso Demand @keyiso.dll,-100
134 KSecDD Boot
135 KtmRm Auto @comres.dll,-2946
136 LanmanServer Auto @%systemroot%\system32\srvsvc.dll,-100
137 LanmanWorkstation Auto @%systemroot%\system32\wkssvc.dll,-100
138 ldap Disabled
139 lltdio Auto Link-Layer Topology Discovery Mapper I/O Driver
140 lltdsvc Demand @%SystemRoot%\system32\lltdres.dll,-1
141 lmhosts Auto @%SystemRoot%\system32\lmhsvc.dll,-101
142 Lsa Disabled
143 LSI_FC Disabled
144 LSI_SAS Disabled
145 LSI_SCSI Disabled
146 luafv Auto UAC File Virtualization
147 megasas Disabled
148 MegaSR Disabled
149 MMCSS Auto @%systemroot%\system32\mmcss.dll,-100
150 Modem Demand
151 monitor Demand Microsoft Monitor Class Function Driver Service
152 mouclass System Mouse Class Driver
153 mouhid Disabled Mouse HID Driver
154 MountMgr Boot Mount Point Manager
155 mpio Disabled Microsoft Multi-Path Bus Driver
156 mpsdrv Demand @%SystemRoot%\system32\FirewallAPI.dll,-23092
157 MpsSvc Auto @%SystemRoot%\system32\FirewallAPI.dll,-23090
158 Mraid35x Disabled
159 MRxDAV Demand WebDav Client Redirector Driver
160 mrxsmb Demand SMB MiniRedirector Wrapper and Engine
161 mrxsmb10 Demand SMB 1.x MiniRedirector
162 mrxsmb20 Demand SMB 2.0 MiniRedirector
163 msahci Disabled
164 msdsm Disabled Microsoft Multi-Path Device Specific Module
165 MSDTC Demand @comres.dll,-2797
166 MSDTC Bridge 3.0.0.0 Disabled
167 Msfs System
168 msisadrv Boot ISA/EISA Class Driver
169 MSiSCSI Demand @%SystemRoot%\system32\iscsidsc.dll,-5000
170 msiserver Demand @%SystemRoot%\system32\msimsg.dll,-27
171 MSKSSRV Demand Microsoft Streaming Service Proxy
172 MSPCLOCK Demand Microsoft Streaming Clock Proxy
173 MSPQM Demand Microsoft Streaming Quality Manager Proxy
174 MsRPC Demand
175 MSSCNTRS Disabled
176 mssmbios Demand Microsoft System Management BIOS Driver
177 MSTEE Demand Microsoft Streaming Tee/Sink-to-Sink Converter
178 Mup Boot Mup
179 napagent Demand @%SystemRoot%\system32\qagentrt.dll,-6
180 NativeWifiP Demand NativeWiFi Filter
181 NAVENG Demand NAVENG
182 NAVEX15 Demand NAVEX15
183 NDIS Boot NDIS System Driver
184 NdisTapi Demand @%systemroot%\system32\rascfg.dll,-32001
185 Ndisuio Demand NDIS Usermode I/O Protocol
186 NdisWan Demand @%systemroot%\system32\rascfg.dll,-32002
187 NDProxy Demand NDIS Proxyd
188 NetBIOS System NetBIOS Interface
189 netbt System NETBT
190 Netlogon Demand @%SystemRoot%\System32\netlogon.dll,-102
191 Netman Demand @%SystemRoot%\system32\netman.dll,-109
192 netprofm Auto @%SystemRoot%\system32\netprof.dll,-246
193 NetTcpPortSharing Disabled @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201
194 nfrd960 Disabled
195 NlaSvc Auto @%SystemRoot%\System32\nlasvc.dll,-1
196 Norton Internet Security Auto Norton Internet Security
197 Npfs System
198 nsi Auto @%SystemRoot%\system32\nsisvc.dll,-200
199 nsiproxy System NSI proxy service
200 NTDS Disabled
201 Ntfs Demand
202 ntrigdigi Disabled N-trig HID Tablet Driver
203 Null System
204 nvlddmkm Demand
205 nvraid Disabled NVIDIA nForce RAID Driver
206 nvstor Disabled
207 nvstor32 Boot
208 nvsvc Auto NVIDIA Display Driver Service
209 nv_agp Demand NVIDIA nForce AGP Bus Filter
210 NwlnkFlt Demand IPX Traffic Filter Driver
211 NwlnkFwd Demand IPX Traffic Forwarder Driver
212 odserv Demand Microsoft Office Diagnostics Service
213 ohci1394 Disabled NEC FireWarden OHCI Compliant IEEE 1394 Host Controller
214 ose Demand Office Source Engine
215 p2pimsvc Demand @%SystemRoot%\system32\p2psvc.dll,-8004
216 p2psvc Demand @%SystemRoot%\system32\p2psvc.dll,-8006
217 Parport Disabled Parallel port driver
218 partmgr Boot Partition Manager
219 Parvdm Auto
220 PcaSvc Auto @%SystemRoot%\system32\pcasvc.dll,-1
221 pci Boot PCI Bus Driver
222 pciide Boot
223 pcmcia Disabled
224 PEAUTH Auto PEAUTH
225 PerfDisk Disabled
226 PerfNet Disabled
227 PerfOS Disabled
228 PerfProc Disabled
229 pla Demand @%systemroot%\system32\pla.dll,-500
230 PlugPlay Auto @%SystemRoot%\system32\umpnpmgr.dll,-100
231 PNRPAutoReg Demand @%SystemRoot%\system32\p2psvc.dll,-8002
232 PNRPsvc Demand @%SystemRoot%\system32\p2psvc.dll,-8000
233 PolicyAgent Auto @%SystemRoot%\System32\polstore.dll,-5010
234 PortProxy Disabled
235 PptpMiniport Demand @%systemroot%\system32\rascfg.dll,-32006
236 Processor Disabled Processor Driver
237 ProfSvc Auto @%systemroot%\system32\profsvc.dll,-300
238 ProtectedStorage Demand @%systemroot%\system32\psbase.dll,-300
239 PSched System @%SystemRoot%\System32\drivers\pacer.sys,-101
240 ql2300 Disabled QLogic Fibre Channel Miniport Driver
241 ql40xx Disabled QLogic iSCSI Miniport Driver
242 QWAVE Demand @%SystemRoot%\system32\qwave.dll,-1
243 QWAVEdrv Demand @%SystemRoot%\system32\drivers\qwavedrv.sys,-1
244 RasAcd System Remote Access Auto Connection Driver
245 RasAuto Demand @%Systemroot%\system32\rasauto.dll,-200
246 Rasl2tp Demand @%systemroot%\system32\rascfg.dll,-32005
247 RasMan Demand @%Systemroot%\system32\rasmans.dll,-200
248 RasPppoe Demand @%systemroot%\system32\rascfg.dll,-32007
249 RasSstp Demand @%systemroot%\system32\sstpsvc.dll,-202
250 rdbss System Redirected Buffering Sub Sysytem
251 RDPCDD System RDPCDD
252 RDPDD Disabled
253 rdpdr Disabled Terminal Server Device Redirector Driver
254 RDPENCDD System RDP Encoder Mirror Driver
255 RDPNP Disabled @%systemroot%\system32\drprov.dll,-100
256 RDPWD Demand RDP Winstation Driver
257 RemoteAccess Disabled @%Systemroot%\system32\mprdim.dll,-200
258 RemoteRegistry Demand @regsvc.dll,-1
259 RichVideo Auto Cyberlink RichVideo Service(CRVS)
260 RpcLocator Demand @%systemroot%\system32\Locator.exe,-2
261 RpcSs Auto @oleres.dll,-5010
262 rspndr Auto Link-Layer Topology Discovery Responder
263 RTL8169 Demand Realtek 8169 NT Driver
264 SamSs Auto @%SystemRoot%\system32\samsrv.dll,-1
265 sbp2port Disabled SBP-2 Transport/Protocol Bus Driver
266 SCardSvr Demand @%SystemRoot%\System32\SCardSvr.dll,-1
267 Schedule Auto @%SystemRoot%\system32\schedsvc.dll,-100
268 SCPolicySvc Demand @%SystemRoot%\System32\certprop.dll,-13
269 SDRSVC Demand @%SystemRoot%\system32\sdrsvc.dll,-107
270 SDTHelper Demand Helper driver for SDT-Tool --[HIDDEN]--
271 secdrv Auto Security Driver
272 seclogon Auto @%SystemRoot%\system32\seclogon.dll,-7001
273 SENS Auto @%SystemRoot%\system32\Sens.dll,-200
274 Serenum Demand Serenum Filter Driver
275 Serial Disabled Serial Port Driver
276 sermouse Disabled Serial Mouse Driver
277 ServiceModelEndpoint 3.0.0.0 Disabled
278 ServiceModelOperation 3.0.0.0 Disabled
279 ServiceModelService 3.0.0.0 Disabled
280 SessionEnv Demand @%SystemRoot%\System32\SessEnv.dll,-1026
281 sffdisk Disabled SFF Storage Class Driver
282 sffp_mmc Demand SFF Storage Protocol Driver for MMC
283 sffp_sd Demand SFF Storage Protocol Driver for SDBus
284 sfloppy Disabled High-Capacity Floppy Disk Drive
285 SharedAccess Disabled @%SystemRoot%\system32\ipnathlp.dll,-106
286 ShellHWDetection Auto @%SystemRoot%\System32\shsvcs.dll,-12288
287 sisagp Demand SIS AGP Bus Filter
288 SiSRaid2 Disabled
289 SiSRaid4 Disabled
290 slsvc Auto @%SystemRoot%\system32\SLsvc.exe,-101
291 SLUINotify Demand @%SystemRoot%\system32\SLUINotify.dll,-103
292 Smb System @%SystemRoot%\system32\tcpipcfg.dll,-50005
293 SMSvcHost 3.0.0.0 Disabled
294 SNMPTRAP Demand @%SystemRoot%\system32\snmptrap.exe,-3
295 spldr Boot Security Processor Loader Driver
296 Spooler Auto @%systemroot%\system32\spoolsv.exe,-1
297 SRTSP Demand Symantec Real Time Storage Protection
298 SRTSPX System Symantec Real Time Storage Protection (PEL)
299 srv Demand
300 srv2 Demand srv2
301 srvnet Demand
302 SSDPSRV Demand @%systemroot%\system32\ssdpsrv.dll,-100
303 SstpSvc Demand @%SystemRoot%\system32\sstpsvc.dll,-200
304 stisvc Auto @%SystemRoot%\system32\wiaservc.dll,-9
305 swenum Demand Software Bus Driver
306 swprv Demand @%SystemRoot%\System32\swprv.dll,-103
307 Symc8xx Disabled
308 SYMDNS Demand
309 SymEFA Boot Symantec Extended File Attributes
310 SymEvent Demand
311 SYMFW Demand Symantec Network Filter Driver
312 SymIM System Symantec Network Security Intermediate Filter Driver
313 SYMNDISV Demand Symantec Network Filter Driver
314 SYMREDRV Demand
315 SYMTDI System Symantec Network Dispatch Driver
316 Sym_hi Disabled
317 Sym_u3 Disabled
318 SysMain Auto @%SystemRoot%\system32\sysmain.dll,-1000
319 TabletInputService Auto @%SystemRoot%\system32\TabSvc.dll,-100
320 TapiSrv Demand @%SystemRoot%\system32\tapisrv.dll,-10100
321 TBS Auto @%SystemRoot%\system32\tbssvc.dll,-100
322 Tcpip Boot @%SystemRoot%\system32\tcpipcfg.dll,-50003
323 Tcpip6 Demand Microsoft IPv6 Protocol Driver
324 tcpipreg Auto TCP/IP Registry Compatibility
325 TDPIPE Demand TDPIPE
326 TDTCP Demand TDTCP
327 tdx System @%SystemRoot%\system32\tcpipcfg.dll,-50004
328 TermDD System Terminal Device Driver
329 TermService Auto @%SystemRoot%\System32\termsrv.dll,-268
330 Themes Auto @%SystemRoot%\System32\shsvcs.dll,-8192
331 THREADORDER Demand @%systemroot%\system32\mmcss.dll,-102
332 TrkWks Auto @%SystemRoot%\system32\trkwks.dll,-1
333 TrustedInstaller Demand @%SystemRoot%\servicing\TrustedInstaller.exe,-100
334 TSDDD Disabled
335 tssecsrv Demand Terminal Services Security Filter Driver
336 tunmp Demand Microsoft Tun Miniport Adapter Driver
337 tunnel Demand Microsoft IPv6 Tunnel Miniport Adapter Driver
338 uagp35 Demand Microsoft AGPv3.5 Filter
339 udfs Disabled udfs
340 UGatherer Disabled
341 UGTHRSVC Disabled
342 UI0Detect Demand @%SystemRoot%\system32\ui0detect.exe,-101
343 uliagpkx Demand Uli AGP Bus Filter
344 uliahci Disabled
345 UlSata Disabled
346 ulsata2 Disabled
347 umbus Demand UMBus Enumerator Driver
348 upnphost Demand @%systemroot%\system32\upnphost.dll,-213
349 usb Disabled
350 usbccgp Disabled Microsoft USB Generic Parent Driver
351 usbcir Disabled eHome Infrared Receiver (USBCIR)
352 usbehci Demand Microsoft USB 2.0 Enhanced Host Controller Miniport Driver
353 usbhub Demand USB2 Enabled Hub
354 usbohci Demand Microsoft USB Open Host Controller Miniport Driver
355 usbprint Disabled Microsoft USB PRINTER Class
356 USBSTOR Demand USB Mass Storage Driver
357 usbuhci Disabled Microsoft USB Universal Host Controller Miniport Driver
358 UxSms Auto @%SystemRoot%\system32\dwm.exe,-2000
359 vds Demand @%SystemRoot%\system32\vds.exe,-100
360 vga Demand
361 VgaSave System
362 viaagp Demand VIA AGP Bus Filter
363 ViaC7 Disabled VIA C7 Processor Driver
364 viaide Disabled
365 volmgr Boot Volume Manager Driver
366 volmgrx Boot Dynamic Volume Manager
367 volsnap Boot Storage volumes
368 vsmraid Disabled
369 VSS Demand @%systemroot%\system32\vssvc.exe,-102
370 W32Time Auto @%SystemRoot%\system32\w32time.dll,-200
371 W3SVC Disabled
372 WacomPen Disabled Wacom Serial Pen HID Driver
373 Wanarp Demand Remote Access IP ARP Driver
374 Wanarpv6 System Remote Access IPv6 ARP Driver
375 wcncsvc Demand @%SystemRoot%\system32\wcncsvc.dll,-3
376 WcsPlugInService Demand @%SystemRoot%\system32\WcsPlugInService.dll,-200
377 Wd Boot Microsoft Watchdog Timer Driver
378 Wdf01000 Boot Kernel Mode Driver Frameworks service
379 WdiServiceHost Demand @%systemroot%\system32\wdi.dll,-502
380 WdiSystemHost Demand @%systemroot%\system32\wdi.dll,-500
381 WebClient Auto @%systemroot%\system32\webclnt.dll,-100
382 Wecsvc Demand @%SystemRoot%\system32\wecsvc.dll,-200
383 wercplsupport Demand @%SystemRoot%\System32\wercplsupport.dll,-101
384 WerSvc Auto @%SystemRoot%\System32\wersvc.dll,-100
385 WinDefend Auto @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103
386 Windows Workflow Foundation 3.0.0.0 Disabled
387 WinHttpAutoProxySvc Demand @%SystemRoot%\system32\winhttp.dll,-100
388 Winmgmt Auto @%Systemroot%\system32\wbem\wmisvc.dll,-205
389 WinRM Demand @%Systemroot%\system32\wsmsvc.dll,-101
390 Winsock Demand
391 WinSock2 Disabled
392 Wlansvc Demand @%SystemRoot%\System32\wlansvc.dll,-257
393 WmiAcpi Demand Microsoft Windows Management Interface for ACPI
394 WmiApRpl Disabled
395 wmiApSrv Demand @%Systemroot%\system32\wbem\wmiapsrv.exe,-110
396 WMPNetworkSvc Demand @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101
397 WPCSvc Demand @%SystemRoot%\system32\wpcsvc.dll,-100
398 WPDBusEnum Auto @%SystemRoot%\system32\wpdbusenum.dll,-100
399 ws2ifsl Disabled Winsock IFS driver
400 wscsvc Auto @%SystemRoot%\System32\wscsvc.dll,-200
401 WSearch Auto @%systemroot%\system32\SearchIndexer.exe,-103
402 WSearchIdxPi Disabled
403 wuauserv Auto @%systemroot%\system32\wuaueng.dll,-105
404 WUDFRd Demand
405 wudfsvc Auto @%SystemRoot%\system32\wudfsvc.dll,-1000
406 xmlprov Disabled
407 {F330372A-AB64-4AC7-A3B8-BDE2D0273FE5} Disabled
1 hidden services found!
0:33:50 - Performing check: "Selftest":
Doing a short selftest...
-> Checking IAT

PID 1836 - C:\Users\MarceMARc\Desktop\radixgui.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
[+] Patching code of EtwDeliverDataBlock at 773FF37E (4 bytes)
773FF37E: Relocating 77F94400 -> 774B4400
773FF37E: Patching 9C4B4400 -> 774B4400
[+] Wrote patch to process memory.
kernel32.dll (77230000 - 7730B000)
[+] Patching code of AddAtomW at 7724BF3B (4 bytes)
7724BF3B: Relocating 77E01190 -> 77231190
7724BF3B: Patching 59231190 -> 77231190
[+] Wrote patch to process memory.
USER32.dll (76550000 - 765ED000)
[+] Patching code of CancelShutdown at 7659ACA1 (4 bytes)
7659ACA1: Relocating 77D51088 -> 76551088
7659ACA1: Patching 59551088 -> 76551088
[+] Wrote patch to process memory.
GDI32.dll (77520000 - 7756B000)
[+] Patching code of GdiGetCharDimensions at 7752BCF8 (4 bytes)
7752BCF8: Relocating 77BB6010 -> 77566010
7752BCF8: Patching 59566010 -> 77566010
[+] Wrote patch to process memory.
ADVAPI32.dll (76290000 - 76356000)
[+] Patching code of AuditEnumeratePerUserPolicy at 762F8F8E (4 bytes)
762F8F8E: Relocating 77C8143C -> 7629143C
762F8F8E: Patching 5929143C -> 7629143C
[+] Wrote patch to process memory.
RPCRT4.dll (761C0000 - 76282000)
[+] Patching code of NdrEncapsulatedUnionFree at 762644FA (4 bytes)
762644FA: Relocating 77C64564 -> 76264564
762644FA: Patching 59264564 -> 76264564
[+] Wrote patch to process memory.
comdlg32.dll (76140000 - 761B3000)
[+] Patching code of DllGetClassObject at 76151CA2 (4 bytes)
76151CA2: Relocating 6EF403B4 -> 761903B4
76151CA2: Patching 591903B4 -> 761903B4
[+] Wrote patch to process memory.
msvcrt.dll (763B0000 - 7645A000)
[+] Patching code of _lock at 763BA38A (4 bytes)
763BA38A: Relocating 6FC61168 -> 763B1168
763BA38A: Patching 593B1168 -> 763B1168
[+] Wrote patch to process memory.
SHLWAPI.dll (77390000 - 773E8000)
[+] Patching code of SHCreateShellPalette at 7739A012 (4 bytes)
7739A012: Relocating 6DA812A0 -> 773912A0
7739A012: Patching 593912A0 -> 773912A0
[+] Wrote patch to process memory.
COMCTL32.dll (715F0000 - 71675000)
[+] Patching code of CreateMappedBitmap at 715FBC58 (4 bytes)
715FBC58: Relocating 70801218 -> 715F1218
715FBC58: Patching 595F1218 -> 715F1218
[+] Wrote patch to process memory.
SHELL32.dll (765F0000 - 77100000)
[+] Patching code of DllGetClassObject at 766742F2 (4 bytes)
766742F2: Relocating 08164324 -> 76674324
766742F2: Patching 59674324 -> 76674324
[+] Wrote patch to process memory.
ole32.dll (75D30000 - 75E74000)
[+] Patching code of CoAddRefServerProcess at 75D3282E (4 bytes)
75D3282E: Relocating 71FDE6C8 -> 75E5E6C8
75D3282E: Patching 59E5E6C8 -> 75E5E6C8
[+] Wrote patch to process memory.
VERSION.dll (755A0000 - 755A8000)
IMM32.DLL (76460000 - 7647E000)
[+] Patching code of ImmFreeLayout at 7646A527 (4 bytes)
7646A527: Relocating 4AD410AC -> 764610AC
7646A527: Patching 594610AC -> 764610AC
[+] Wrote patch to process memory.
MSCTF.dll (75C60000 - 75D28000)
[+] Patching code of TF_AttachThreadInput at 75C9D37F (4 bytes)
75C9D37F: Relocating 70731320 -> 75C61320
75C9D37F: Patching 59C61320 -> 75C61320
[+] Wrote patch to process memory.
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
comctl32.dll (74960000 - 74AFE000)
[+] Patching code of MakeDragList at 74A2C59C (4 bytes)
74A2C59C: Relocating 73BAE2FC -> 74AAE2FC
74A2C59C: Patching 59AAE2FC -> 74AAE2FC
[+] Wrote patch to process memory.
wintrust.dll (74DB0000 - 74DDD000)
[+] Patching code of WTHelperCertIsSelfSigned at 74DC38A0 (4 bytes)
74DC38A0: Relocating 6CB220E0 -> 74DC20E0
74DC38A0: Patching 59DC20E0 -> 74DC20E0
[+] Wrote patch to process memory.
CRYPT32.dll (754A0000 - 75591000)
[+] Patching code of CryptFindLocalizedName at 7550203D (4 bytes)
7550203D: Relocating 734A61B8 -> 755461B8
7550203D: Patching 595461B8 -> 755461B8
[+] Wrote patch to process memory.
MSASN1.dll (756D0000 - 756E2000)
USERENV.dll (75B10000 - 75B2E000)
Secur32.dll (75AF0000 - 75B04000)
[+] Patching code of LsaConnectUntrusted at 75AF6F94 (4 bytes)
75AF6F94: Relocating 6C1810C4 -> 75AF10C4
75AF6F94: Patching 59AF10C4 -> 75AF10C4
[+] Wrote patch to process memory.
imagehlp.dll (76520000 - 76549000)
sfc.dll (72CA0000 - 72CA5000)
sfc_os.dll (715E0000 - 715ED000)
SETUPAPI.dll (75E80000 - 7600A000)
[+] Patching code of SetupDiClassNameFromGuidExW at 75EC2133 (4 bytes)
75EC2133: Relocating 739BD65C -> 75F6D65C
75EC2133: Patching 59F6D65C -> 75F6D65C
[+] Wrote patch to process memory.
OLEAUT32.dll (77570000 - 775FD000)
[+] Patching code of VarFormatCurrency at 775BE38A (4 bytes)
775BE38A: Relocating 6F1311B4 -> 775711B4
775BE38A: Patching 595711B4 -> 775711B4
[+] Wrote patch to process memory.
Selftest complete.

0:33:51 - Performing check: "MBR":
Partition Table:
+----+-----+------Start------+--------End------+----------+----------+----+
| Nr | Act | Head Sect Track | Head Sect Track | Offset | Length | OS |
+----+-----+-----------------+-----------------+----------+----------+----+
| 1 | N | 032 33 0000 | 254 63 0255 | 00000800 | 01A00000 | 27 |
| 2 | Y | 254 63 0255 | 254 63 0255 | 01A00800 | 11018EB0 | 07 |
| 3 | N | 000 00 0000 | 000 00 0000 | 00000000 | 00000000 | 00 |
| 4 | N | 000 00 0000 | 000 00 0000 | 00000000 | 00000000 | 00 |
+----+-----+-----------------+-----------------+----------+----------+----+
MBR seems to be OK.
0:33:51 - Performing check: "Object Routines":
Could not open physical memory device!
Make sure you are running as Administrator.
0:33:51 - Performing check: "IRP hooks":
Could not open physical memory device!
Make sure you are running as Administrator.
0:33:51 - Performing check: "Patched modules":
Could not open physical memory device!
Make sure you are running as Administrator.
0:33:51 - Performing check: "SDT hooks":
Could not open physical memory device!
Make sure you are running as Administrator.
0:33:51 - Performing check: "IDT hooks":
Could not open physical memory device!
Make sure you are running as Administrator.
0:33:51 - Performing check: "SYSENTER hook":
Could not open physical memory device!
Make sure you are running as Administrator.
0:33:51 - Performing check: "IAT hooks":

PID 340 - C:\Windows\System32\smss.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)

PID 400 - C:\Windows\system32\csrss.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
CSRSRV.dll (75BB0000 - 75BBF000)
basesrv.dll (75B90000 - 75BA3000)
winsrv.dll (75B30000 - 75B90000)
USER32.dll (76550000 - 765ED000)
KERNEL32.dll (77230000 - 7730B000)
GDI32.dll (77520000 - 7756B000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
msvcrt.dll (763B0000 - 7645A000)
sxs.dll (75A00000 - 75A5F000)

PID 436 - C:\Windows\system32\csrss.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
CSRSRV.dll (75BB0000 - 75BBF000)
basesrv.dll (75B90000 - 75BA3000)
winsrv.dll (75B30000 - 75B90000)
USER32.dll (76550000 - 765ED000)
KERNEL32.dll (77230000 - 7730B000)
GDI32.dll (77520000 - 7756B000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
msvcrt.dll (763B0000 - 7645A000)
sxs.dll (75A00000 - 75A5F000)

PID 444 - C:\Windows\system32\wininit.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
msvcrt.dll (763B0000 - 7645A000)
USERENV.dll (75B10000 - 75B2E000)
Secur32.dll (75AF0000 - 75B04000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
mswsock.dll (75330000 - 7536B000)
wshtcpip.dll (75420000 - 75425000)
wship6.dll (75410000 - 75415000)
CRYPT32.dll (754A0000 - 75591000)
MSASN1.dll (756D0000 - 756E2000)
credssp.dll (755C0000 - 755C7000)
schannel.dll (75160000 - 751A4000)
NETAPI32.dll (75820000 - 75895000)
PSAPI.DLL (75BC0000 - 75BC7000)

PID 472 - C:\Windows\system32\winlogon.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
msvcrt.dll (763B0000 - 7645A000)
Secur32.dll (75AF0000 - 75B04000)
WINSTA.dll (75AC0000 - 75AE5000)
PSAPI.DLL (75BC0000 - 75BC7000)
USERENV.dll (75B10000 - 75B2E000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
NTMARTA.DLL (74F80000 - 74FA1000)
WLDAP32.dll (77600000 - 7764A000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
SAMLIB.dll (75710000 - 75721000)
ole32.dll (75D30000 - 75E74000)
SHSVCS.dll (74790000 - 747CE000)
NETAPI32.dll (75820000 - 75895000)
slc.dll (75620000 - 7565A000)
MPR.dll (75660000 - 75674000)

PID 520 - C:\Windows\system32\services.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
msvcrt.dll (763B0000 - 7645A000)
USERENV.dll (75B10000 - 75B2E000)
Secur32.dll (75AF0000 - 75B04000)
SCESRV.dll (75A70000 - 75ABE000)
AUTHZ.dll (758A0000 - 758B6000)
NETAPI32.dll (75820000 - 75895000)
PSAPI.DLL (75BC0000 - 75BC7000)
NCObjAPI.DLL (75780000 - 7578F000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
CRYPT32.dll (754A0000 - 75591000)
MSASN1.dll (756D0000 - 756E2000)
credssp.dll (755C0000 - 755C7000)
schannel.dll (75160000 - 751A4000)
NTMARTA.DLL (74F80000 - 74FA1000)
WLDAP32.dll (77600000 - 7764A000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
SAMLIB.dll (75710000 - 75721000)
ole32.dll (75D30000 - 75E74000)
mswsock.dll (75330000 - 7536B000)
wshtcpip.dll (75420000 - 75425000)
wship6.dll (75410000 - 75415000)

PID 532 - C:\Windows\system32\lsass.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
msvcrt.dll (763B0000 - 7645A000)
LSASRV.dll (758C0000 - 759F6000)
Secur32.dll (75AF0000 - 75B04000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
SAMSRV.dll (757A0000 - 7581A000)
cryptdll.dll (75760000 - 75771000)
DNSAPI.dll (75730000 - 7575C000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
NETAPI32.dll (75820000 - 75895000)
PSAPI.DLL (75BC0000 - 75BC7000)
SAMLIB.dll (75710000 - 75721000)
MSASN1.dll (756D0000 - 756E2000)
NTDSAPI.dll (756F0000 - 75708000)
WLDAP32.dll (77600000 - 7764A000)
FeClient.dll (756A0000 - 756B1000)
MPR.dll (75660000 - 75674000)
USERENV.dll (75B10000 - 75B2E000)
CRYPT32.dll (754A0000 - 75591000)
slc.dll (75620000 - 7565A000)
SYSNTFY.dll (75A60000 - 75A67000)
wevtapi.dll (755E0000 - 75620000)
IPHLPAPI.DLL (75680000 - 75699000)
dhcpcsvc.DLL (75460000 - 75495000)
WINNSI.DLL (755D0000 - 755D7000)
dhcpcsvc6.DLL (75430000 - 75451000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
cngaudit.dll (756C0000 - 756C6000)
AUTHZ.dll (758A0000 - 758B6000)
ncrypt.dll (753C0000 - 753F5000)
BCRYPT.dll (75370000 - 753B5000)
credssp.dll (755C0000 - 755C7000)
msprivs.dll (755B0000 - 755B2000)
kerberos.dll (751B0000 - 7522C000)
mswsock.dll (75330000 - 7536B000)
wship6.dll (75410000 - 75415000)
msv1_0.dll (752F0000 - 75328000)
netlogon.dll (75250000 - 752E4000)
WINBRAND.dll (75070000 - 75147000)
schannel.dll (75160000 - 751A4000)
wdigest.dll (75040000 - 7506D000)
rsaenh.dll (75000000 - 7503B000)
tspkg.dll (75230000 - 75242000)
GPAPI.dll (74FE0000 - 74FF5000)
setupapi.dll (75E80000 - 7600A000)
OLEAUT32.dll (77570000 - 775FD000)
ole32.dll (75D30000 - 75E74000)
scecli.dll (74FB0000 - 74FDE000)
wshtcpip.dll (75420000 - 75425000)

PID 540 - C:\Windows\system32\lsm.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
msvcrt.dll (763B0000 - 7645A000)
SYSNTFY.dll (75A60000 - 75A67000)
WMsgAPI.dll (75790000 - 75796000)
secur32.dll (75AF0000 - 75B04000)
CRYPT32.dll (754A0000 - 75591000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
MSASN1.dll (756D0000 - 756E2000)
USERENV.dll (75B10000 - 75B2E000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
credssp.dll (755C0000 - 755C7000)
schannel.dll (75160000 - 751A4000)
NETAPI32.dll (75820000 - 75895000)
PSAPI.DLL (75BC0000 - 75BC7000)

PID 696 - C:\Windows\system32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
msvcrt.dll (763B0000 - 7645A000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
umpnpmgr.dll (74F00000 - 74F39000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
USERENV.dll (75B10000 - 75B2E000)
Secur32.dll (75AF0000 - 75B04000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
POWRPROF.dll (74F60000 - 74F7A000)
GPAPI.dll (74FE0000 - 74FF5000)
slc.dll (75620000 - 7565A000)
rpcss.dll (74DE0000 - 74E6A000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
FirewallAPI.dll (74E90000 - 74EF6000)
OLEAUT32.dll (77570000 - 775FD000)
ole32.dll (75D30000 - 75E74000)
VERSION.dll (755A0000 - 755A8000)
CRYPT32.dll (754A0000 - 75591000)
MSASN1.dll (756D0000 - 756E2000)
credssp.dll (755C0000 - 755C7000)
schannel.dll (75160000 - 751A4000)
NETAPI32.dll (75820000 - 75895000)
PSAPI.DLL (75BC0000 - 75BC7000)
CLBCatQ.DLL (76490000 - 76514000)
NTMARTA.DLL (74F80000 - 74FA1000)
WLDAP32.dll (77600000 - 7764A000)
SAMLIB.dll (75710000 - 75721000)
WINSTA.dll (75AC0000 - 75AE5000)
WTSAPI32.dll (74F50000 - 74F5A000)
SETUPAPI.dll (75E80000 - 7600A000)
Cabinet.dll (738D0000 - 738E5000)

PID 756 - C:\Windows\system32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
msvcrt.dll (763B0000 - 7645A000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
rpcss.dll (74DE0000 - 74E6A000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
Secur32.dll (75AF0000 - 75B04000)
FirewallAPI.dll (74E90000 - 74EF6000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
OLEAUT32.dll (77570000 - 775FD000)
ole32.dll (75D30000 - 75E74000)
VERSION.dll (755A0000 - 755A8000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
CRYPT32.dll (754A0000 - 75591000)
MSASN1.dll (756D0000 - 756E2000)
USERENV.dll (75B10000 - 75B2E000)
credssp.dll (755C0000 - 755C7000)
schannel.dll (75160000 - 751A4000)
NETAPI32.dll (75820000 - 75895000)
PSAPI.DLL (75BC0000 - 75BC7000)
rsaenh.dll (75000000 - 7503B000)
mswsock.dll (75330000 - 7536B000)
wshtcpip.dll (75420000 - 75425000)
wship6.dll (75410000 - 75415000)
fwpuclnt.dll (74260000 - 742F6000)
CLBCatQ.DLL (76490000 - 76514000)

PID 792 - C:\Windows\System32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
msvcrt.dll (763B0000 - 7645A000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
mpsvc.dll (74D40000 - 74D83000)
VERSION.dll (755A0000 - 755A8000)
CRYPT32.dll (754A0000 - 75591000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
MSASN1.dll (756D0000 - 756E2000)
USERENV.dll (75B10000 - 75B2E000)
Secur32.dll (75AF0000 - 75B04000)
WINTRUST.dll (74DB0000 - 74DDD000)
imagehlp.dll (76520000 - 76549000)
MpClient.dll (74B00000 - 74B4D000)
SHELL32.dll (765F0000 - 77100000)
SHLWAPI.dll (77390000 - 773E8000)
ole32.dll (75D30000 - 75E74000)
OLEAUT32.dll (77570000 - 775FD000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
comctl32.dll (74960000 - 74AFE000)
GPAPI.dll (74FE0000 - 74FF5000)
slc.dll (75620000 - 7565A000)
rsaenh.dll (75000000 - 7503B000)
psapi.dll (75BC0000 - 75BC7000)
ncrypt.dll (753C0000 - 753F5000)
BCRYPT.dll (75370000 - 753B5000)
NTMARTA.DLL (74F80000 - 74FA1000)
WLDAP32.dll (77600000 - 7764A000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
SAMLIB.dll (75710000 - 75721000)
mpengine.dll (732E0000 - 73846000)
wininet.dll (76030000 - 76101000)
Normaliz.dll (76010000 - 76013000)
iertutil.dll (76360000 - 763A6000)
iphlpapi.dll (75680000 - 75699000)
dhcpcsvc.DLL (75460000 - 75495000)
DNSAPI.dll (75730000 - 7575C000)
WINNSI.DLL (755D0000 - 755D7000)
dhcpcsvc6.DLL (75430000 - 75451000)
mprtplug.dll (741F0000 - 741FF000)
tdh.dll (73D50000 - 73DBD000)
credssp.dll (755C0000 - 755C7000)
schannel.dll (75160000 - 751A4000)
NETAPI32.dll (75820000 - 75895000)
wscapi.dll (74F40000 - 74F4B000)
urlmon.dll (77100000 - 7722A000)
CLBCatQ.DLL (76490000 - 76514000)

PID 876 - C:\Windows\System32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
msvcrt.dll (763B0000 - 7645A000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
wevtsvc.dll (744C0000 - 745BB000)
USERENV.dll (75B10000 - 75B2E000)
Secur32.dll (75AF0000 - 75B04000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
VERSION.dll (755A0000 - 755A8000)
GPAPI.dll (74FE0000 - 74FF5000)
slc.dll (75620000 - 7565A000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
CRYPT32.dll (754A0000 - 75591000)
MSASN1.dll (756D0000 - 756E2000)
credssp.dll (755C0000 - 755C7000)
schannel.dll (75160000 - 751A4000)
NETAPI32.dll (75820000 - 75895000)
PSAPI.DLL (75BC0000 - 75BC7000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
mswsock.dll (75330000 - 7536B000)
wshtcpip.dll (75420000 - 75425000)
wship6.dll (75410000 - 75415000)
lmhsvc.dll (748C0000 - 748C8000)
IPHLPAPI.DLL (75680000 - 75699000)
dhcpcsvc.DLL (75460000 - 75495000)
DNSAPI.dll (75730000 - 7575C000)
WINNSI.DLL (755D0000 - 755D7000)
dhcpcsvc6.DLL (75430000 - 75451000)

PID 900 - C:\Windows\system32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
msvcrt.dll (763B0000 - 7645A000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
NTMARTA.DLL (74F80000 - 74FA1000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
WLDAP32.dll (77600000 - 7764A000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
PSAPI.DLL (75BC0000 - 75BC7000)
SAMLIB.dll (75710000 - 75721000)
ole32.dll (75D30000 - 75E74000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
profsvc.dll (74860000 - 74889000)
SYSNTFY.dll (75A60000 - 75A67000)
USERENV.dll (75B10000 - 75B2E000)
Secur32.dll (75AF0000 - 75B04000)
nlaapi.dll (75150000 - 7515F000)
IPHLPAPI.DLL (75680000 - 75699000)
dhcpcsvc.DLL (75460000 - 75495000)
DNSAPI.dll (75730000 - 7575C000)
WINNSI.DLL (755D0000 - 755D7000)
dhcpcsvc6.DLL (75430000 - 75451000)
ATL.DLL (74E70000 - 74E84000)
ikeext.dll (74070000 - 740DF000)
AUTHZ.dll (758A0000 - 758B6000)
fwpuclnt.dll (74260000 - 742F6000)
wmisvc.dll (74120000 - 7414A000)
wbemcomn.dll (74010000 - 7406B000)
OLEAUT32.dll (77570000 - 775FD000)
ncrypt.dll (753C0000 - 753F5000)
CRYPT32.dll (754A0000 - 75591000)
MSASN1.dll (756D0000 - 756E2000)
BCRYPT.dll (75370000 - 753B5000)
CLBCatQ.DLL (76490000 - 76514000)
rsaenh.dll (75000000 - 7503B000)
mswsock.dll (75330000 - 7536B000)
wshtcpip.dll (75420000 - 75425000)
wship6.dll (75410000 - 75415000)
VSSAPI.DLL (73EA0000 - 73FAA000)
vsstrace.dll (74770000 - 74784000)
XmlLite.dll (74890000 - 748BF000)
NETAPI32.dll (75820000 - 75895000)
MPR.dll (75660000 - 75674000)
SETUPAPI.dll (75E80000 - 7600A000)
wbemcore.dll (70AA0000 - 70B58000)
esscli.dll (71730000 - 71773000)
FastProx.dll (713B0000 - 71449000)
NTDSAPI.dll (756F0000 - 75708000)
wmiutils.dll (71370000 - 71387000)
repdrvfs.dll (70F50000 - 70F94000)
wmiprvsd.dll (709A0000 - 70A1D000)
NCObjAPI.DLL (75780000 - 7578F000)
wbemess.dll (70A40000 - 70A97000)
ncprov.dll (71390000 - 713A0000)
wbemsvc.dll (6F840000 - 6F850000)

PID 980 - C:\Windows\system32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
msvcrt.dll (763B0000 - 7645A000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
NTMARTA.DLL (74F80000 - 74FA1000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
WLDAP32.dll (77600000 - 7764A000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
PSAPI.DLL (75BC0000 - 75BC7000)
SAMLIB.dll (75710000 - 75721000)
ole32.dll (75D30000 - 75E74000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
dnsrslvr.dll (747F0000 - 74808000)
DNSAPI.dll (75730000 - 7575C000)
dhcpcsvc.DLL (75460000 - 75495000)
Secur32.dll (75AF0000 - 75B04000)
WINNSI.DLL (755D0000 - 755D7000)
dhcpcsvc6.DLL (75430000 - 75451000)
IPHLPAPI.DLL (75680000 - 75699000)
mswsock.dll (75330000 - 7536B000)
wship6.dll (75410000 - 75415000)
cryptsvc.dll (74150000 - 74172000)
OLEAUT32.dll (77570000 - 775FD000)
VSSAPI.DLL (73EA0000 - 73FAA000)
ATL.DLL (74E70000 - 74E84000)
vsstrace.dll (74770000 - 74784000)
AUTHZ.dll (758A0000 - 758B6000)
XmlLite.dll (74890000 - 748BF000)
NETAPI32.dll (75820000 - 75895000)
MPR.dll (75660000 - 75674000)
SETUPAPI.dll (75E80000 - 7600A000)
CRYPT32.dll (754A0000 - 75591000)
MSASN1.dll (756D0000 - 756E2000)
USERENV.dll (75B10000 - 75B2E000)
nlasvc.dll (740F0000 - 7411B000)
wevtapi.dll (755E0000 - 75620000)
ncsi.dll (74240000 - 7425A000)
WINHTTP.dll (73E40000 - 73E9F000)
SHLWAPI.dll (77390000 - 773E8000)
WTSAPI32.dll (74F50000 - 74F5A000)
bcrypt.dll (75370000 - 753B5000)
CFGMGR32.dll (74810000 - 74818000)
comctl32.dll (74960000 - 74AFE000)
credssp.dll (755C0000 - 755C7000)
schannel.dll (75160000 - 751A4000)
ssdpapi.dll (74230000 - 7423C000)
WINSTA.dll (75AC0000 - 75AE5000)
ESENT.dll (70830000 - 70997000)
wshtcpip.dll (75420000 - 75425000)

PID 1000 - C:\Windows\system32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
msvcrt.dll (763B0000 - 7645A000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
NTMARTA.DLL (74F80000 - 74FA1000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
WLDAP32.dll (77600000 - 7764A000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
PSAPI.DLL (75BC0000 - 75BC7000)
SAMLIB.dll (75710000 - 75721000)
ole32.dll (75D30000 - 75E74000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
nsisvc.dll (748E0000 - 748E8000)
secur32.dll (75AF0000 - 75B04000)
CRYPT32.dll (754A0000 - 75591000)
MSASN1.dll (756D0000 - 756E2000)
USERENV.dll (75B10000 - 75B2E000)
credssp.dll (755C0000 - 755C7000)
schannel.dll (75160000 - 751A4000)
NETAPI32.dll (75820000 - 75895000)
wkssvc.dll (74200000 - 7422A000)
IPHLPAPI.DLL (75680000 - 75699000)
dhcpcsvc.DLL (75460000 - 75495000)
DNSAPI.dll (75730000 - 7575C000)
WINNSI.DLL (755D0000 - 755D7000)
dhcpcsvc6.DLL (75430000 - 75451000)
NTDSAPI.dll (756F0000 - 75708000)
WINBRAND.dll (75070000 - 75147000)
netprofm.dll (73DC0000 - 73DFC000)
OLEAUT32.dll (77570000 - 775FD000)
GPAPI.dll (74FE0000 - 74FF5000)
slc.dll (75620000 - 7565A000)
nlaapi.dll (75150000 - 7515F000)
rsaenh.dll (75000000 - 7503B000)
CLBCatQ.DLL (76490000 - 76514000)
npmproxy.dll (740E0000 - 740E8000)
WINTRUST.dll (74DB0000 - 74DDD000)
imagehlp.dll (76520000 - 76549000)

PID 1084 - C:\Windows\system32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
msvcrt.dll (763B0000 - 7645A000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
bfe.dll (74300000 - 74355000)
AUTHZ.dll (758A0000 - 758B6000)
Secur32.dll (75AF0000 - 75B04000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
mpssvc.dll (74180000 - 741E2000)
FirewallAPI.dll (74E90000 - 74EF6000)
OLEAUT32.dll (77570000 - 775FD000)
ole32.dll (75D30000 - 75E74000)
VERSION.dll (755A0000 - 755A8000)
nlaapi.dll (75150000 - 7515F000)
IPHLPAPI.DLL (75680000 - 75699000)
dhcpcsvc.DLL (75460000 - 75495000)
DNSAPI.dll (75730000 - 7575C000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
WINNSI.DLL (755D0000 - 755D7000)
dhcpcsvc6.DLL (75430000 - 75451000)
CRYPT32.dll (754A0000 - 75591000)
MSASN1.dll (756D0000 - 756E2000)
USERENV.dll (75B10000 - 75B2E000)
bcrypt.dll (75370000 - 753B5000)
WTSAPI32.dll (74F50000 - 74F5A000)
SHLWAPI.dll (77390000 - 773E8000)
fwpuclnt.dll (74260000 - 742F6000)
comctl32.dll (74960000 - 74AFE000)
credssp.dll (755C0000 - 755C7000)
schannel.dll (75160000 - 751A4000)
NETAPI32.dll (75820000 - 75895000)
PSAPI.DLL (75BC0000 - 75BC7000)
GPAPI.dll (74FE0000 - 74FF5000)
slc.dll (75620000 - 7565A000)
wfapigp.dll (748D0000 - 748D8000)
ntmarta.dll (74F80000 - 74FA1000)
WLDAP32.dll (77600000 - 7764A000)
SAMLIB.dll (75710000 - 75721000)
CLBCatQ.DLL (76490000 - 76514000)
rsaenh.dll (75000000 - 7503B000)
npmproxy.dll (740E0000 - 740E8000)
mswsock.dll (75330000 - 7536B000)
wshtcpip.dll (75420000 - 75425000)
wship6.dll (75410000 - 75415000)

PID 1180 - C:\Windows\system32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
msvcrt.dll (763B0000 - 7645A000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
ipsecsvc.dll (73FB0000 - 7400B000)
AUTHZ.dll (758A0000 - 758B6000)
ole32.dll (75D30000 - 75E74000)
GDI32.dll (77520000 - 7756B000)
USER32.dll (76550000 - 765ED000)
IPHLPAPI.DLL (75680000 - 75699000)
dhcpcsvc.DLL (75460000 - 75495000)
DNSAPI.dll (75730000 - 7575C000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
Secur32.dll (75AF0000 - 75B04000)
WINNSI.DLL (755D0000 - 755D7000)
dhcpcsvc6.DLL (75430000 - 75451000)
CRYPT32.dll (754A0000 - 75591000)
MSASN1.dll (756D0000 - 756E2000)
USERENV.dll (75B10000 - 75B2E000)
fwpuclnt.dll (74260000 - 742F6000)
OLEAUT32.dll (77570000 - 775FD000)
FirewallAPI.dll (74E90000 - 74EF6000)
VERSION.dll (755A0000 - 755A8000)
FwRemoteSvr.DLL (74820000 - 7482A000)
WLDAP32.dll (77600000 - 7764A000)
PSAPI.DLL (75BC0000 - 75BC7000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
CLBCatQ.DLL (76490000 - 76514000)
SHLWAPI.dll (77390000 - 773E8000)
comctl32.dll (74960000 - 74AFE000)
mswsock.dll (75330000 - 7536B000)
wshtcpip.dll (75420000 - 75425000)
wship6.dll (75410000 - 75415000)
credssp.dll (755C0000 - 755C7000)
schannel.dll (75160000 - 751A4000)
NETAPI32.dll (75820000 - 75895000)

PID 1428 - C:\Windows\Explorer.EXE
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
[i] Unable to load module C:\Windows\system32\OneX.DLL for checking.
[i] Unable to load module C:\Windows\system32\OneX.DLL for checking.
[i] Unable to load module C:\Windows\system32\OneX.DLL for checking.
[i] Unable to load module C:\Windows\system32\OneX.DLL for checking.
[i] Unable to load module C:\Windows\system32\OneX.DLL for checking.
[i] Unable to load module C:\Windows\system32\OneX.DLL for checking.
ADVAPI32.dll (76290000 - 76356000)
[i] Unable to load module C:\Windows\system32\OneX.DLL for checking.
[i] Unable to load module C:\Windows\system32\OneX.DLL for checking.
[i] Unable to load module C:\Windows\system32\OneX.DLL for checking.
[i] Unable to load module C:\Windows\system32\OneX.DLL for checking.
[i] Unable to load module C:\Windows\system32\OneX.DLL for checking.
[i] Unable to load module C:\Windows\system32\OneX.DLL for checking.
[i] Unable to load module C:\Windows\system32\OneX.DLL for checking.
RPCRT4.dll (761C0000 - 76282000)
GDI32.dll (77520000 - 7756B000)
USER32.dll (76550000 - 765ED000)
msvcrt.dll (763B0000 - 7645A000)
SHLWAPI.dll (77390000 - 773E8000)
SHELL32.dll (765F0000 - 77100000)
ole32.dll (75D30000 - 75E74000)
OLEAUT32.dll (77570000 - 775FD000)
SHDOCVW.dll (73B60000 - 73C67000)
UxTheme.dll (74920000 - 7495F000)
POWRPROF.dll (74F60000 - 74F7A000)
dwmapi.dll (73C70000 - 73C7C000)
gdiplus.dll (745C0000 - 7476B000)
slc.dll (75620000 - 7565A000)
PROPSYS.dll (74360000 - 7441B000)
BROWSEUI.dll (73A10000 - 73B56000)
IMM32.dll (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
DUser.dll (748F0000 - 74920000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
comctl32.dll (74960000 - 74AFE000)
WindowsCodecs.dll (73950000 - 73A03000)
IconCodecService.dll(73930000 - 73936000)
CLBCatQ.DLL (76490000 - 76514000)
rsaenh.dll (75000000 - 7503B000)
timedate.cpl (73140000 - 731F2000)
ATL.DLL (74E70000 - 74E84000)
NETAPI32.dll (75820000 - 75895000)
PSAPI.DLL (75BC0000 - 75BC7000)
OLEACC.dll (73D10000 - 73D49000)
WINBRAND.dll (75070000 - 75147000)
USERENV.dll (75B10000 - 75B2E000)
Secur32.dll (75AF0000 - 75B04000)
shacct.dll (747D0000 - 747E6000)
SAMLIB.dll (75710000 - 75721000)
apphelp.dll (738A0000 - 738CC000)
msshsq.dll (73100000 - 7313C000)
NaturalLanguage6.dll(72F60000 - 73026000)
CRYPT32.dll (754A0000 - 75591000)
MSASN1.dll (756D0000 - 756E2000)
NLSData0009.dll (72600000 - 72AA9000)
NLSLexicons0009.dll (72370000 - 725F7000)
authui.dll (74B50000 - 74D38000)
MSIMG32.dll (75400000 - 75405000)
ieframe.dll (71DA0000 - 7236E000)
iertutil.dll (76360000 - 763A6000)
LINKINFO.dll (73940000 - 73949000)
WININET.dll (76030000 - 76101000)
Normaliz.dll (76010000 - 76013000)
stobject.dll (72EC0000 - 72F52000)
BatMeter.dll (73040000 - 730F6000)
SETUPAPI.dll (75E80000 - 7600A000)
WTSAPI32.dll (74F50000 - 74F5A000)
WINSTA.dll (75AC0000 - 75AE5000)
es.dll (73850000 - 73897000)
SndVolSSO.dll (73CB0000 - 73CE0000)
MMDevApi.dll (73C80000 - 73CA7000)
msiltcfg.dll (73D00000 - 73D07000)
VERSION.dll (755A0000 - 755A8000)
msi.dll (72CB0000 - 72EB2000)
NTMARTA.DLL (74F80000 - 74FA1000)
WLDAP32.dll (77600000 - 7764A000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
netshell.dll (71780000 - 71A8B000)
IPHLPAPI.DLL (75680000 - 75699000)
dhcpcsvc.DLL (75460000 - 75495000)
DNSAPI.dll (75730000 - 7575C000)
WINNSI.DLL (755D0000 - 755D7000)
dhcpcsvc6.DLL (75430000 - 75451000)
nlaapi.dll (75150000 - 7515F000)
pnidui.dll (72AD0000 - 72C8F000)
QUtil.dll (73CE0000 - 73CF7000)
wevtapi.dll (755E0000 - 75620000)
wlanutil.dll (73030000 - 73036000)
ExplorerFrame.dll (72AC0000 - 72AC9000)
urlmon.dll (77100000 - 7722A000)
WINMM.dll (73E00000 - 73E32000)
wdmaud.drv (71C90000 - 71CBF000)
ksuser.dll (71C80000 - 71C84000)
AVRT.dll (71C70000 - 71C77000)
npmproxy.dll (740E0000 - 740E8000)
ntshrui.dll (71AA0000 - 71AEA000)
cscapi.dll (74DA0000 - 74DAB000)
Wlanapi.dll (715B0000 - 715C2000)
OneX.DLL (71190000 - 7130C000)
[-] Unable to load module C:\Windows\system32\OneX.DLL for checking
eappprxy.dll (74D90000 - 74D9E000)
eappcfg.dll (71580000 - 715A4000)
bcrypt.dll (75370000 - 753B5000)
AltTab.dll (71A90000 - 71A9D000)
wpdshserviceobj.dll (71520000 - 71543000)
WINHTTP.dll (73E40000 - 73E9F000)
srchadmin.dll (71140000 - 7118D000)
webcheck.dll (714A0000 - 714DC000)
SyncCenter.dll (70D00000 - 70F1C000)
PortableDeviceTypes.dll(714F0000 - 7151B000)
PortableDeviceApi.dll(710C0000 - 710FE000)
imapi2.dll (71000000 - 71051000)
wscntfy.dll (71100000 - 71139000)
WSCAPI.dll (74F40000 - 74F4B000)
actxprxy.dll (70FA0000 - 70FF3000)
WINTRUST.dll (74DB0000 - 74DDD000)
imagehlp.dll (76520000 - 76549000)
MLANG.dll (71550000 - 71580000)
QAgent.dll (71060000 - 7108E000)
fwpuclnt.dll (74260000 - 742F6000)
bthprops.cpl (70C00000 - 70CF9000)
MSVCR80.dll (70B60000 - 70BFB000)
SXS.DLL (75A00000 - 75A5F000)
wzshlstb.dll (72C90000 - 72C96000)
NavShExt.dll (677B0000 - 677F4000)
MSVCP80.dll (716A0000 - 71727000)
ccL80U.dll (6AE10000 - 6AE92000)
ncrypt.dll (753C0000 - 753F5000)
GPAPI.dll (74FE0000 - 74FF5000)
syncui.dll (71B50000 - 71B7E000)
SYNCENG.dll (71680000 - 71696000)
MPR.dll (75660000 - 75674000)
ntlanman.dll (71350000 - 71363000)
drprov.dll (71490000 - 71498000)
davclnt.dll (713A0000 - 713AF000)

PID 1460 - C:\Windows\System32\WerFault.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
msvcrt.dll (763B0000 - 7645A000)
ole32.dll (75D30000 - 75E74000)
OLEAUT32.dll (77570000 - 775FD000)
SHLWAPI.dll (77390000 - 773E8000)
IMM32.dll (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
ncrypt.dll (753C0000 - 753F5000)
CRYPT32.dll (754A0000 - 75591000)
MSASN1.dll (756D0000 - 756E2000)
USERENV.dll (75B10000 - 75B2E000)
Secur32.dll (75AF0000 - 75B04000)
BCRYPT.DLL (75370000 - 753B5000)
wer.dll (73200000 - 732D9000)
SensApi.dll (73920000 - 73926000)
OLEACC.dll (73D10000 - 73D49000)
faultrep.dll (738F0000 - 73918000)
VERSION.dll (755A0000 - 755A8000)
PSAPI.DLL (75BC0000 - 75BC7000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
comctl32.dll (74960000 - 74AFE000)
SETUPAPI.dll (75E80000 - 7600A000)
WINTRUST.dll (74DB0000 - 74DDD000)
imagehlp.dll (76520000 - 76549000)
DUser.dll (748F0000 - 74920000)
RICHED20.DLL (6F890000 - 6F902000)
SHELL32.dll (765F0000 - 77100000)
UxTheme.dll (74920000 - 7495F000)
CLBCatQ.DLL (76490000 - 76514000)

PID 1636 - C:\Windows\System32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
msvcrt.dll (763B0000 - 7645A000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
NTMARTA.DLL (74F80000 - 74FA1000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
WLDAP32.dll (77600000 - 7764A000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
PSAPI.DLL (75BC0000 - 75BC7000)
SAMLIB.dll (75710000 - 75721000)
ole32.dll (75D30000 - 75E74000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
netman.dll (71D00000 - 71D46000)
OLEAUT32.dll (77570000 - 775FD000)
RASAPI32.dll (71D50000 - 71D9A000)
rasman.dll (71B30000 - 71B44000)
NETAPI32.dll (75820000 - 75895000)
TAPI32.dll (71CC0000 - 71CF1000)
SHLWAPI.dll (77390000 - 773E8000)
rtutils.dll (72AB0000 - 72ABC000)
WINMM.dll (73E00000 - 73E32000)
OLEACC.dll (73D10000 - 73D49000)
USERENV.dll (75B10000 - 75B2E000)
Secur32.dll (75AF0000 - 75B04000)
SHELL32.dll (765F0000 - 77100000)
WINNSI.DLL (755D0000 - 755D7000)
comctl32.dll (74960000 - 74AFE000)
CLBCatQ.DLL (76490000 - 76514000)
rsaenh.dll (75000000 - 7503B000)
netshell.dll (71780000 - 71A8B000)
IPHLPAPI.DLL (75680000 - 75699000)
dhcpcsvc.DLL (75460000 - 75495000)
DNSAPI.dll (75730000 - 7575C000)
dhcpcsvc6.DLL (75430000 - 75451000)
nlaapi.dll (75150000 - 7515F000)
RASDLG.dll (71BA0000 - 71C6E000)
MPRAPI.dll (71B80000 - 71B9A000)
ACTIVEDS.dll (71AF0000 - 71B25000)
adsldpc.dll (71450000 - 71483000)
credui.dll (74830000 - 7485E000)
ATL.DLL (74E70000 - 74E84000)
SETUPAPI.dll (75E80000 - 7600A000)
slc.dll (75620000 - 7565A000)
CRYPT32.dll (754A0000 - 75591000)
MSASN1.dll (756D0000 - 756E2000)
hnetcfg.dll (6F7C0000 - 6F80A000)
GPAPI.dll (74FE0000 - 74FF5000)
WINHTTP.dll (73E40000 - 73E9F000)
mswsock.dll (75330000 - 7536B000)
wshtcpip.dll (75420000 - 75425000)
WINTRUST.dll (74DB0000 - 74DDD000)
imagehlp.dll (76520000 - 76549000)
netcfgx.dll (6F6C0000 - 6F720000)
Cabinet.dll (738D0000 - 738E5000)
wbemprox.dll (6F850000 - 6F85B000)
wbemcomn.dll (74010000 - 7406B000)
wbemsvc.dll (6F840000 - 6F850000)
fastprox.dll (713B0000 - 71449000)
NTDSAPI.dll (756F0000 - 75708000)

PID 1836 - C:\Users\MarceMARc\Desktop\radixgui.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
comdlg32.dll (76140000 - 761B3000)
msvcrt.dll (763B0000 - 7645A000)
SHLWAPI.dll (77390000 - 773E8000)
COMCTL32.dll (715F0000 - 71675000)
SHELL32.dll (765F0000 - 77100000)
ole32.dll (75D30000 - 75E74000)
VERSION.dll (755A0000 - 755A8000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
comctl32.dll (74960000 - 74AFE000)
wintrust.dll (74DB0000 - 74DDD000)
CRYPT32.dll (754A0000 - 75591000)
MSASN1.dll (756D0000 - 756E2000)
USERENV.dll (75B10000 - 75B2E000)
Secur32.dll (75AF0000 - 75B04000)
imagehlp.dll (76520000 - 76549000)
sfc.dll (72CA0000 - 72CA5000)
sfc_os.dll (715E0000 - 715ED000)
SETUPAPI.dll (75E80000 - 7600A000)
OLEAUT32.dll (77570000 - 775FD000)
DisasmEngineDLL.dll (10000000 - 10021000)

PID 2036 - C:\Program Files\Mozilla Firefox\firefox.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
The code of LdrLoadDll at 77417933 (0) got patched. Here is the diff:
Address New-Original
77417933: E9 - 68
77417934: 02 - 44
77417935: 87 - 02
77417936: AA - 00
77417937: 8A - 00
--> JMP DWORD PTR DS:[01EC003A]
Disassembly old code:
77417933: 68 44020000 PUSH 00000244

Disassembly new code:
77417933: E9 0287AA8A JMP 01EC003A
Disassembly of hooker:
01EC003A: B8 01000000 MOV EAX, 00000001
01EC003F: F0:0FC1050800EA01 LOCK XADD DWORD PTR DS:[01EA0008],EAX
01EC0047: 833D0C00EA01 00 CMP DWORD PTR DS:[01EA000C],00H
01EC004E: 750F JNZ 01EC005F
01EC0050: B8 FFFFFFFF MOV EAX, FFFFFFFF
01EC0055: F0:0FC1050800EA01 LOCK XADD DWORD PTR DS:[01EA0008],EAX
kernel32.dll (77230000 - 7730B000)
xul.dll (6FCF0000 - 7082C000)
sqlite3.dll (6FC70000 - 6FCE3000)
MOZCRT19.dll (6FBC0000 - 6FC70000)
msvcrt.dll (763B0000 - 7645A000)
js3250.dll (6FAC0000 - 6FBBA000)
nspr4.dll (10000000 - 10029000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
WSOCK32.dll (715D0000 - 715D7000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
WINMM.dll (73E00000 - 73E32000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
ole32.dll (75D30000 - 75E74000)
OLEAUT32.dll (77570000 - 775FD000)
OLEACC.dll (73D10000 - 73D49000)
smime3.dll (00050000 - 00068000)
nss3.dll (00070000 - 0010D000)
nssutil3.dll (00210000 - 00224000)
plc4.dll (00020000 - 00027000)
plds4.dll (00230000 - 00237000)
ssl3.dll (00240000 - 00261000)
SHELL32.dll (765F0000 - 77100000)
SHLWAPI.dll (77390000 - 773E8000)
VERSION.dll (755A0000 - 755A8000)
WINSPOOL.DRV (6FA70000 - 6FAB2000)
COMDLG32.dll (76140000 - 761B3000)
COMCTL32.dll (74960000 - 74AFE000)
IMM32.dll (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
MSIMG32.dll (75400000 - 75405000)
USP10.dll (77310000 - 7738D000)
xpcom.dll (71330000 - 71337000)
LPK.DLL (76020000 - 76029000)
uxtheme.dll (74920000 - 7495F000)
dwmapi.dll (73C70000 - 73C7C000)
dbghelp.dll (6F990000 - 6FA6C000)
USERENV.dll (75B10000 - 75B2E000)
Secur32.dll (75AF0000 - 75B04000)
PROPSYS.dll (74360000 - 7441B000)
CLBCatQ.DLL (76490000 - 76514000)
SETUPAPI.dll (75E80000 - 7600A000)
browserdirprovider.dll(71310000 - 71318000)
coFFPlgn.dll (69B40000 - 69BC9000)
CRYPT32.dll (754A0000 - 75591000)
MSASN1.dll (756D0000 - 756E2000)
mswsock.dll (75330000 - 7536B000)
wshtcpip.dll (75420000 - 75425000)
iphlpapi.dll (75680000 - 75699000)
dhcpcsvc.DLL (75460000 - 75495000)
DNSAPI.dll (75730000 - 7575C000)
WINNSI.DLL (755D0000 - 755D7000)
dhcpcsvc6.DLL (75430000 - 75451000)
IPSFFPl.dll (6BF60000 - 6BF89000)
urlmon.dll (77100000 - 7722A000)
The code of URLDownloadToCacheFileA at 771844A7 (0) got patched. Here is the diff:
Address New-Original
771844A7: EB - 8B
771844A8: F9 - FF
Disassembly old code:
771844A7: 8BFF MOV EDI, EDI

Disassembly new code:
771844A7: EBF9 JMP 771844A2
The code of URLDownloadToCacheFileW at 77131CFA (0) got patched. Here is the diff:
Address New-Original
77131CFA: EB - 8B
77131CFB: F9 - FF
Disassembly old code:
77131CFA: 8BFF MOV EDI, EDI

Disassembly new code:
77131CFA: EBF9 JMP 77131CF5
The code of URLDownloadToFileA at 77184395 (0) got patched. Here is the diff:
Address New-Original
77184395: EB - 8B
77184396: F9 - FF
Disassembly old code:
77184395: 8BFF MOV EDI, EDI

Disassembly new code:
77184395: EBF9 JMP 77184390
The code of URLDownloadToFileW at 7718424A (0) got patched. Here is the diff:
Address New-Original
7718424A: EB - 8B
7718424B: F9 - FF
Disassembly old code:
7718424A: 8BFF MOV EDI, EDI

Disassembly new code:
7718424A: EBF9 JMP 77184245
iertutil.dll (76360000 - 763A6000)
Scxpx86.dll (02200000 - 022CF000)
WINTRUST.dll (74DB0000 - 74DDD000)
imagehlp.dll (76520000 - 76549000)
ccVrTrst.dll (6B050000 - 6B067000)
MSVCR80.dll (70B60000 - 70BFB000)
MSVCP80.dll (716A0000 - 71727000)
ccL80U.dll (6AE10000 - 6AE92000)
EFACli.dll (69380000 - 6938C000)
rsaenh.dll (75000000 - 7503B000)
psapi.dll (75BC0000 - 75BC7000)
ncrypt.dll (753C0000 - 753F5000)
BCRYPT.dll (75370000 - 753B5000)
NTMARTA.DLL (74F80000 - 74FA1000)
WLDAP32.dll (77600000 - 7764A000)
SAMLIB.dll (75710000 - 75721000)
GPAPI.dll (74FE0000 - 74FF5000)
slc.dll (75620000 - 7565A000)
ccIPC.dll (6AD80000 - 6ADA6000)
wininet.dll (76030000 - 76101000)
Normaliz.dll (76010000 - 76013000)
t2embed.dll (71090000 - 710BB000)
brwsrcmp.dll (70F20000 - 70F44000)
NLAapi.dll (75150000 - 7515F000)
napinsp.dll (71320000 - 7132F000)
pnrpnsp.dll (70A20000 - 70A32000)
winrnr.dll (6F980000 - 6F988000)
WindowsCodecs.dll (73950000 - 73A03000)
softokn3.dll (020D0000 - 020F6000)
nssdbm3.dll (022D0000 - 022E8000)
freebl3.dll (025E0000 - 02621000)
nssckbi.dll (02630000 - 02685000)
mscms.dll (6F910000 - 6F972000)
wship6.dll (75410000 - 75415000)
rasadhlp.dll (6F880000 - 6F886000)
wdmaud.drv (71C90000 - 71CBF000)
ksuser.dll (71C80000 - 71C84000)
MMDevAPI.DLL (73C80000 - 73CA7000)
AVRT.dll (71C70000 - 71C77000)
shdocvw.dll (73B60000 - 73C67000)

PID 1944 - C:\Windows\system32\wbem\wmiprvse.exe
-------------------------------------------------------------------------------
ntdll.dll (773F0000 - 77517000)
kernel32.dll (77230000 - 7730B000)
ADVAPI32.dll (76290000 - 76356000)
RPCRT4.dll (761C0000 - 76282000)
USER32.dll (76550000 - 765ED000)
GDI32.dll (77520000 - 7756B000)
msvcrt.dll (763B0000 - 7645A000)
wbemcomn.dll (74010000 - 7406B000)
OLEAUT32.dll (77570000 - 775FD000)
ole32.dll (75D30000 - 75E74000)
FastProx.dll (713B0000 - 71449000)
NTDSAPI.dll (756F0000 - 75708000)
DNSAPI.dll (75730000 - 7575C000)
WS2_32.dll (76110000 - 7613D000)
NSI.dll (76480000 - 76486000)
WLDAP32.dll (77600000 - 7764A000)
PSAPI.DLL (75BC0000 - 75BC7000)
NETAPI32.dll (75820000 - 75895000)
Secur32.dll (75AF0000 - 75B04000)
NCObjAPI.DLL (75780000 - 7578F000)
IMM32.DLL (76460000 - 7647E000)
MSCTF.dll (75C60000 - 75D28000)
LPK.DLL (76020000 - 76029000)
USP10.dll (77310000 - 7738D000)
NTMARTA.DLL (74F80000 - 74FA1000)
SAMLIB.dll (75710000 - 75721000)
CLBCatQ.DLL (76490000 - 76514000)
rsaenh.dll (75000000 - 7503B000)
wbemsvc.dll (6F840000 - 6F850000)
wmiutils.dll (71370000 - 71387000)
wmiprov.dll (6F720000 - 6F748000)
WMI.dll (71340000 - 71343000)
---- Check ended at 26.5.2010 0:34:12 ----

Edited by Orange Blossom, 25 May 2010 - 08:14 PM.
Move to AII forum from Vista forum. ~ OB


#3 marc197779

marc197779
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 25 May 2010 - 08:42 PM

Hi I think I have a root kit virus. Someone is obtaining all my info. Also my computer monitor says that my computer is running 50% to 80% all the time. Please help me combat this issue.

Edited by Budapest, 25 May 2010 - 08:46 PM.
Moved from Vista and merged into existing topic ~BP


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:29 AM

Posted 25 May 2010 - 08:53 PM

Hello and welcome please run these next. If you have Spybot installed temporarily disable it.
Next run ATF:
Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

Please download ATF Cleaner by Atribune & save it to your desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.

Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware (v1.46) and save it to your desktop.alternate download link 1
alternate download link 2
MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users