Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removed Virus but computer is still acting up


  • Please log in to reply
12 replies to this topic

#1 MsTrudy

MsTrudy

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:13 AM

Posted 21 January 2013 - 07:55 PM

Over the weekend my computer started acting funny, I'd click on a link while surfing the web and would be redirected every time. My anti-virus protection didn't detect anything, neither did the scan I did through Microsoft. So I downloaded and ran a scan using Malwarebytes. It detected the virus: trojan.zbotr.gen and removed it. My computer is somewhat better since, but in Firefox it still redirects everything and in Google Chrome it will sometimes take 2-3 clicks to open a page and once the page is opened, you can tell it's not "right" because there is extra code at the top of the webpage, or big gaps here and there. Additionally, every time I restart my computer I get the following message when it starts back up: "Windows can not find 1141076.exe". Every scan I've done since removing the virus (including another through Malwarebytes) indicates my computer is free from viruses. Any ideas what is going on and how I can get my computer working right again?


MOD EDIT: Moved from Win 7 to Am I Infected ~~boopme

Edited by boopme, 21 January 2013 - 09:19 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:13 AM

Posted 21 January 2013 - 09:11 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 MsTrudy

MsTrudy
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:13 AM

Posted 22 January 2013 - 01:53 PM

TDSS Report
09:56:46.0500 9160 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:56:47.0305 9160 ============================================================
09:56:47.0305 9160 Current date / time: 2013/01/22 09:56:47.0305
09:56:47.0305 9160 SystemInfo:
09:56:47.0306 9160
09:56:47.0306 9160 OS Version: 6.1.7601 ServicePack: 1.0
09:56:47.0306 9160 Product type: Workstation
09:56:47.0306 9160 ComputerName: TRUDY-PC
09:56:47.0306 9160 UserName: Trudy
09:56:47.0306 9160 Windows directory: C:\windows
09:56:47.0306 9160 System windows directory: C:\windows
09:56:47.0306 9160 Running under WOW64
09:56:47.0306 9160 Processor architecture: Intel x64
09:56:47.0306 9160 Number of processors: 4
09:56:47.0306 9160 Page size: 0x1000
09:56:47.0306 9160 Boot type: Normal boot
09:56:47.0306 9160 ============================================================
09:56:48.0246 9160 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:56:48.0250 9160 ============================================================
09:56:48.0250 9160 \Device\Harddisk0\DR0:
09:56:48.0251 9160 MBR partitions:
09:56:48.0251 9160 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x3833E800
09:56:48.0251 9160 ============================================================
09:56:48.0270 9160 C: <-> \Device\Harddisk0\DR0\Partition1
09:56:48.0289 9160 ============================================================
09:56:48.0289 9160 Initialize success
09:56:48.0289 9160 ============================================================
09:57:26.0634 5680 ============================================================
09:57:26.0634 5680 Scan started
09:57:26.0634 5680 Mode: Manual; TDLFS;
09:57:26.0634 5680 ============================================================
09:57:27.0502 5680 ================ Scan system memory ========================
09:57:27.0502 5680 System memory - ok
09:57:27.0502 5680 ================ Scan services =============================
09:57:27.0669 5680 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
09:57:27.0738 5680 1394ohci - ok
09:57:27.0771 5680 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
09:57:27.0773 5680 ACPI - ok
09:57:27.0793 5680 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
09:57:27.0838 5680 AcpiPmi - ok
09:57:27.0897 5680 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
09:57:27.0909 5680 adp94xx - ok
09:57:27.0938 5680 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
09:57:27.0948 5680 adpahci - ok
09:57:27.0967 5680 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
09:57:27.0974 5680 adpu320 - ok
09:57:28.0004 5680 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
09:57:28.0006 5680 AeLookupSvc - ok
09:57:28.0068 5680 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
09:57:28.0077 5680 AFD - ok
09:57:28.0121 5680 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
09:57:28.0128 5680 agp440 - ok
09:57:28.0166 5680 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
09:57:28.0174 5680 ALG - ok
09:57:28.0221 5680 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
09:57:28.0225 5680 aliide - ok
09:57:28.0247 5680 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
09:57:28.0249 5680 amdide - ok
09:57:28.0264 5680 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
09:57:28.0268 5680 AmdK8 - ok
09:57:28.0284 5680 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
09:57:28.0301 5680 AmdPPM - ok
09:57:28.0325 5680 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
09:57:28.0372 5680 amdsata - ok
09:57:28.0396 5680 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
09:57:28.0404 5680 amdsbs - ok
09:57:28.0421 5680 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
09:57:28.0468 5680 amdxata - ok
09:57:28.0493 5680 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
09:57:28.0552 5680 AppID - ok
09:57:28.0578 5680 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
09:57:28.0582 5680 AppIDSvc - ok
09:57:28.0586 5680 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
09:57:28.0618 5680 Appinfo - ok
09:57:28.0645 5680 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
09:57:28.0649 5680 arc - ok
09:57:28.0681 5680 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
09:57:28.0687 5680 arcsas - ok
09:57:28.0738 5680 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
09:57:28.0743 5680 AsyncMac - ok
09:57:28.0778 5680 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
09:57:28.0781 5680 atapi - ok
09:57:28.0827 5680 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
09:57:28.0869 5680 AudioEndpointBuilder - ok
09:57:28.0878 5680 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
09:57:28.0883 5680 AudioSrv - ok
09:57:28.0934 5680 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
09:57:28.0967 5680 AxInstSV - ok
09:57:29.0023 5680 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
09:57:29.0047 5680 b06bdrv - ok
09:57:29.0088 5680 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
09:57:29.0106 5680 b57nd60a - ok
09:57:29.0148 5680 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
09:57:29.0155 5680 BDESVC - ok
09:57:29.0175 5680 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
09:57:29.0180 5680 Beep - ok
09:57:29.0223 5680 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
09:57:29.0263 5680 BFE - ok
09:57:29.0309 5680 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
09:57:29.0345 5680 BITS - ok
09:57:29.0377 5680 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
09:57:29.0388 5680 blbdrive - ok
09:57:29.0420 5680 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
09:57:29.0468 5680 bowser - ok
09:57:29.0506 5680 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
09:57:29.0510 5680 BrFiltLo - ok
09:57:29.0517 5680 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
09:57:29.0521 5680 BrFiltUp - ok
09:57:29.0547 5680 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
09:57:29.0581 5680 Browser - ok
09:57:29.0594 5680 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
09:57:29.0602 5680 Brserid - ok
09:57:29.0617 5680 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
09:57:29.0622 5680 BrSerWdm - ok
09:57:29.0640 5680 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
09:57:29.0644 5680 BrUsbMdm - ok
09:57:29.0654 5680 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
09:57:29.0658 5680 BrUsbSer - ok
09:57:29.0683 5680 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
09:57:29.0686 5680 BTHMODEM - ok
09:57:29.0716 5680 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
09:57:29.0719 5680 bthserv - ok
09:57:29.0761 5680 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
09:57:29.0775 5680 cdfs - ok
09:57:29.0843 5680 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
09:57:29.0914 5680 cdrom - ok
09:57:29.0938 5680 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
09:57:29.0972 5680 CertPropSvc - ok
09:57:30.0010 5680 [ DF8D07059E7237E0BE9C1421EF5F9482 ] cfwids C:\windows\system32\drivers\cfwids.sys
09:57:30.0056 5680 cfwids - ok
09:57:30.0085 5680 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
09:57:30.0088 5680 circlass - ok
09:57:30.0132 5680 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
09:57:30.0135 5680 CLFS - ok
09:57:30.0207 5680 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:57:30.0217 5680 clr_optimization_v2.0.50727_32 - ok
09:57:30.0251 5680 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:57:30.0261 5680 clr_optimization_v2.0.50727_64 - ok
09:57:30.0309 5680 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:57:30.0385 5680 clr_optimization_v4.0.30319_32 - ok
09:57:30.0408 5680 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:57:30.0461 5680 clr_optimization_v4.0.30319_64 - ok
09:57:30.0494 5680 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
09:57:30.0498 5680 CmBatt - ok
09:57:30.0511 5680 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
09:57:30.0515 5680 cmdide - ok
09:57:30.0570 5680 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
09:57:30.0639 5680 CNG - ok
09:57:30.0716 5680 [ 20506F12AFAD3DB588D007EA9325FBBC ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
09:57:30.0787 5680 CnxtHdAudService - ok
09:57:30.0827 5680 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
09:57:30.0834 5680 Compbatt - ok
09:57:30.0870 5680 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
09:57:30.0927 5680 CompositeBus - ok
09:57:30.0942 5680 COMSysApp - ok
09:57:30.0952 5680 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
09:57:30.0954 5680 crcdisk - ok
09:57:30.0992 5680 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
09:57:31.0026 5680 CryptSvc - ok
09:57:31.0140 5680 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:57:31.0148 5680 cvhsvc - ok
09:57:31.0206 5680 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
09:57:31.0210 5680 DcomLaunch - ok
09:57:31.0282 5680 [ 00EAF3956092A8008608CA6E2C5D649D ] DCService.exe C:\ProgramData\DatacardService\DCService.exe
09:57:31.0383 5680 DCService.exe - ok
09:57:31.0417 5680 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
09:57:31.0425 5680 defragsvc - ok
09:57:31.0458 5680 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
09:57:31.0503 5680 DfsC - ok
09:57:31.0525 5680 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
09:57:31.0561 5680 Dhcp - ok
09:57:31.0580 5680 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
09:57:31.0581 5680 discache - ok
09:57:31.0600 5680 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
09:57:31.0602 5680 Disk - ok
09:57:31.0621 5680 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
09:57:31.0655 5680 Dnscache - ok
09:57:31.0687 5680 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
09:57:31.0723 5680 dot3svc - ok
09:57:31.0750 5680 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
09:57:31.0752 5680 DPS - ok
09:57:31.0778 5680 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
09:57:31.0787 5680 drmkaud - ok
09:57:31.0862 5680 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
09:57:31.0939 5680 DXGKrnl - ok
09:57:31.0975 5680 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
09:57:31.0979 5680 EapHost - ok
09:57:32.0066 5680 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
09:57:32.0151 5680 ebdrv - ok
09:57:32.0169 5680 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
09:57:32.0215 5680 EFS - ok
09:57:32.0279 5680 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
09:57:32.0346 5680 ehRecvr - ok
09:57:32.0362 5680 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
09:57:32.0366 5680 ehSched - ok
09:57:32.0391 5680 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
09:57:32.0401 5680 elxstor - ok
09:57:32.0459 5680 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
09:57:32.0537 5680 EpsonBidirectionalService - ok
09:57:32.0545 5680 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
09:57:32.0548 5680 ErrDev - ok
09:57:32.0579 5680 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
09:57:32.0582 5680 EventSystem - ok
09:57:32.0634 5680 [ DA7CEF9FFBBD6498DF106BCAB84EB10A ] ewusbnet C:\windows\system32\DRIVERS\ewusbnet.sys
09:57:32.0680 5680 ewusbnet - ok
09:57:32.0713 5680 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
09:57:32.0721 5680 exfat - ok
09:57:32.0725 5680 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
09:57:32.0732 5680 fastfat - ok
09:57:32.0778 5680 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
09:57:32.0851 5680 Fax - ok
09:57:32.0884 5680 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
09:57:32.0888 5680 fdc - ok
09:57:32.0912 5680 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
09:57:32.0915 5680 fdPHost - ok
09:57:32.0927 5680 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
09:57:32.0930 5680 FDResPub - ok
09:57:32.0953 5680 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
09:57:32.0956 5680 FileInfo - ok
09:57:32.0981 5680 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
09:57:32.0984 5680 Filetrace - ok
09:57:33.0012 5680 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
09:57:33.0015 5680 flpydisk - ok
09:57:33.0050 5680 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
09:57:33.0108 5680 FltMgr - ok
09:57:33.0154 5680 [ 6CD6BB45BD3E0EEF6CE496BF52854FF1 ] FlyUsb C:\windows\system32\DRIVERS\FlyUsb.sys
09:57:33.0204 5680 FlyUsb - ok
09:57:33.0249 5680 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
09:57:33.0296 5680 FontCache - ok
09:57:33.0329 5680 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:57:33.0380 5680 FontCache3.0.0.0 - ok
09:57:33.0394 5680 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
09:57:33.0397 5680 FsDepends - ok
09:57:33.0431 5680 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
09:57:33.0478 5680 Fs_Rec - ok
09:57:33.0508 5680 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
09:57:33.0509 5680 fvevol - ok
09:57:33.0525 5680 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
09:57:33.0530 5680 gagp30kx - ok
09:57:33.0589 5680 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
09:57:33.0649 5680 GamesAppService - ok
09:57:33.0682 5680 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
09:57:33.0723 5680 gpsvc - ok
09:57:33.0779 5680 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:57:33.0784 5680 gupdate - ok
09:57:33.0792 5680 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:57:33.0797 5680 gupdatem - ok
09:57:33.0843 5680 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:57:33.0899 5680 gusvc - ok
09:57:33.0929 5680 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
09:57:33.0932 5680 hcw85cir - ok
09:57:33.0951 5680 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
09:57:33.0997 5680 HdAudAddService - ok
09:57:34.0012 5680 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
09:57:34.0013 5680 HDAudBus - ok
09:57:34.0022 5680 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
09:57:34.0025 5680 HidBatt - ok
09:57:34.0037 5680 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
09:57:34.0041 5680 HidBth - ok
09:57:34.0082 5680 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
09:57:34.0085 5680 HidIr - ok
09:57:34.0109 5680 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
09:57:34.0113 5680 hidserv - ok
09:57:34.0141 5680 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
09:57:34.0186 5680 HidUsb - ok
09:57:34.0242 5680 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\windows\system32\drivers\HipShieldK.sys
09:57:34.0290 5680 HipShieldK - ok
09:57:34.0313 5680 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
09:57:34.0346 5680 hkmsvc - ok
09:57:34.0362 5680 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
09:57:34.0397 5680 HomeGroupListener - ok
09:57:34.0427 5680 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
09:57:34.0461 5680 HomeGroupProvider - ok
09:57:34.0484 5680 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
09:57:34.0532 5680 HpSAMD - ok
09:57:34.0570 5680 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
09:57:34.0574 5680 HTTP - ok
09:57:34.0606 5680 [ 6DBD08BC1331C78548298E82C4B667C5 ] huawei_enumerator C:\windows\system32\DRIVERS\ew_jubusenum.sys
09:57:34.0653 5680 huawei_enumerator - ok
09:57:34.0694 5680 [ 6E5CD3984742A922D0C183C7E82C3C94 ] hwdatacard C:\windows\system32\DRIVERS\ewusbmdm.sys
09:57:34.0738 5680 hwdatacard - ok
09:57:34.0760 5680 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
09:57:34.0761 5680 hwpolicy - ok
09:57:34.0801 5680 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
09:57:34.0807 5680 i8042prt - ok
09:57:34.0841 5680 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
09:57:34.0844 5680 iaStor - ok
09:57:34.0877 5680 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
09:57:34.0953 5680 iaStorV - ok
09:57:35.0009 5680 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:57:35.0065 5680 IDriverT - ok
09:57:35.0121 5680 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:57:35.0202 5680 idsvc - ok
09:57:35.0459 5680 [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
09:57:35.0743 5680 igfx - ok
09:57:35.0786 5680 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
09:57:35.0798 5680 iirsp - ok
09:57:35.0837 5680 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
09:57:35.0896 5680 IKEEXT - ok
09:57:35.0949 5680 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
09:57:35.0996 5680 IntcDAud - ok
09:57:36.0027 5680 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
09:57:36.0029 5680 intelide - ok
09:57:36.0051 5680 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
09:57:36.0052 5680 intelppm - ok
09:57:36.0081 5680 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
09:57:36.0096 5680 IPBusEnum - ok
09:57:36.0114 5680 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
09:57:36.0167 5680 IpFilterDriver - ok
09:57:36.0213 5680 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
09:57:36.0216 5680 iphlpsvc - ok
09:57:36.0243 5680 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
09:57:36.0286 5680 IPMIDRV - ok
09:57:36.0294 5680 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
09:57:36.0299 5680 IPNAT - ok
09:57:36.0319 5680 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
09:57:36.0323 5680 IRENUM - ok
09:57:36.0332 5680 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
09:57:36.0335 5680 isapnp - ok
09:57:36.0348 5680 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
09:57:36.0397 5680 iScsiPrt - ok
09:57:36.0429 5680 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
09:57:36.0434 5680 kbdclass - ok
09:57:36.0444 5680 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
09:57:36.0488 5680 kbdhid - ok
09:57:36.0514 5680 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
09:57:36.0515 5680 KeyIso - ok
09:57:36.0532 5680 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
09:57:36.0567 5680 KSecDD - ok
09:57:36.0583 5680 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
09:57:36.0632 5680 KSecPkg - ok
09:57:36.0653 5680 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
09:57:36.0656 5680 ksthunk - ok
09:57:36.0685 5680 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
09:57:36.0695 5680 KtmRm - ok
09:57:36.0741 5680 [ EBED8B3FF4A823C1A6EEBEED7B29353F ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
09:57:36.0804 5680 L1C - ok
09:57:36.0832 5680 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
09:57:36.0866 5680 LanmanServer - ok
09:57:36.0889 5680 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
09:57:36.0923 5680 LanmanWorkstation - ok
09:57:37.0117 5680 [ 32F1B95C60042F3D95FC8AB43559B3B1 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
09:57:37.0316 5680 LeapFrog Connect Device Service - ok
09:57:37.0347 5680 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
09:57:37.0352 5680 lltdio - ok
09:57:37.0376 5680 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
09:57:37.0383 5680 lltdsvc - ok
09:57:37.0409 5680 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
09:57:37.0414 5680 lmhosts - ok
09:57:37.0475 5680 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:57:37.0593 5680 LMS - ok
09:57:37.0617 5680 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
09:57:37.0622 5680 LSI_FC - ok
09:57:37.0631 5680 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
09:57:37.0634 5680 LSI_SAS - ok
09:57:37.0638 5680 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
09:57:37.0641 5680 LSI_SAS2 - ok
09:57:37.0650 5680 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
09:57:37.0655 5680 LSI_SCSI - ok
09:57:37.0665 5680 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
09:57:37.0668 5680 luafv - ok
09:57:37.0725 5680 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\windows\system32\drivers\mbam.sys
09:57:37.0770 5680 MBAMProtector - ok
09:57:37.0840 5680 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:57:37.0909 5680 MBAMScheduler - ok
09:57:37.0941 5680 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:57:38.0004 5680 MBAMService - ok
09:57:38.0090 5680 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:57:38.0154 5680 McAfee SiteAdvisor Service - ok
09:57:38.0170 5680 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:57:38.0171 5680 McMPFSvc - ok
09:57:38.0176 5680 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:57:38.0177 5680 mcmscsvc - ok
09:57:38.0182 5680 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:57:38.0183 5680 McNaiAnn - ok
09:57:38.0194 5680 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:57:38.0196 5680 McNASvc - ok
09:57:38.0254 5680 [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
09:57:38.0263 5680 McODS - ok
09:57:38.0279 5680 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:57:38.0281 5680 McProxy - ok
09:57:38.0320 5680 [ 9BBCECBE3FE5AF5958A770DC512D0473 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
09:57:38.0386 5680 McShield - ok
09:57:38.0411 5680 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
09:57:38.0446 5680 Mcx2Svc - ok
09:57:38.0480 5680 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
09:57:38.0492 5680 megasas - ok
09:57:38.0537 5680 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
09:57:38.0550 5680 MegaSR - ok
09:57:38.0575 5680 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
09:57:38.0634 5680 MEIx64 - ok
09:57:38.0672 5680 [ 2D53234C24B0103FDE0BE06782AA6F80 ] mfeapfk C:\windows\system32\drivers\mfeapfk.sys
09:57:38.0719 5680 mfeapfk - ok
09:57:38.0750 5680 [ C0EAF4F2367C44157E1DE4817238FEC2 ] mfeavfk C:\windows\system32\drivers\mfeavfk.sys
09:57:38.0814 5680 mfeavfk - ok
09:57:38.0856 5680 mfeavfk01 - ok
09:57:38.0896 5680 [ 05248F2E6E1AFA6972D058C36199DEB7 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
09:57:38.0945 5680 mfefire - ok
09:57:38.0977 5680 [ 6856931F9F5B757E9D09369CC35096B9 ] mfefirek C:\windows\system32\drivers\mfefirek.sys
09:57:39.0031 5680 mfefirek - ok
09:57:39.0079 5680 [ 62E4C929A4DB48616B1B90143B48C948 ] mfehidk C:\windows\system32\drivers\mfehidk.sys
09:57:39.0135 5680 mfehidk - ok
09:57:39.0152 5680 [ B5B96149BE124092F577DE54EC7D4D65 ] mferkdet C:\windows\system32\drivers\mferkdet.sys
09:57:39.0198 5680 mferkdet - ok
09:57:39.0222 5680 [ DC5483CAD90D95D65B618E35C66E28DF ] mfevtp C:\windows\system32\mfevtps.exe
09:57:39.0270 5680 mfevtp - ok
09:57:39.0308 5680 [ E18162EA85F1531964F8222CC9E25E26 ] mfewfpk C:\windows\system32\drivers\mfewfpk.sys
09:57:39.0368 5680 mfewfpk - ok
09:57:39.0397 5680 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
09:57:39.0399 5680 MMCSS - ok
09:57:39.0461 5680 [ 41584AFCB3F530ACB6A92152F281E1B0 ] MOBK755backup C:\Program Files (x86)\McAfee Online Backup\MOBK755backup.exe
09:57:39.0536 5680 MOBK755backup - ok
09:57:39.0552 5680 [ 3C69AA906EE867ADE4437ACD8460B43D ] MOBK755Filter C:\windows\system32\DRIVERS\MOBK755.sys
09:57:39.0599 5680 MOBK755Filter - ok
09:57:39.0625 5680 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
09:57:39.0628 5680 Modem - ok
09:57:39.0637 5680 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
09:57:39.0638 5680 monitor - ok
09:57:39.0661 5680 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
09:57:39.0666 5680 mouclass - ok
09:57:39.0677 5680 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
09:57:39.0682 5680 mouhid - ok
09:57:39.0723 5680 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
09:57:39.0724 5680 mountmgr - ok
09:57:39.0783 5680 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:57:39.0837 5680 MozillaMaintenance - ok
09:57:39.0858 5680 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
09:57:39.0908 5680 mpio - ok
09:57:39.0945 5680 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
09:57:39.0951 5680 mpsdrv - ok
09:57:39.0984 5680 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
09:57:40.0027 5680 MpsSvc - ok
09:57:40.0035 5680 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
09:57:40.0085 5680 MRxDAV - ok
09:57:40.0103 5680 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
09:57:40.0148 5680 mrxsmb - ok
09:57:40.0169 5680 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
09:57:40.0228 5680 mrxsmb10 - ok
09:57:40.0232 5680 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
09:57:40.0277 5680 mrxsmb20 - ok
09:57:40.0293 5680 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
09:57:40.0342 5680 msahci - ok
09:57:40.0357 5680 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
09:57:40.0427 5680 msdsm - ok
09:57:40.0447 5680 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
09:57:40.0453 5680 MSDTC - ok
09:57:40.0477 5680 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
09:57:40.0481 5680 Msfs - ok
09:57:40.0504 5680 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
09:57:40.0509 5680 mshidkmdf - ok
09:57:40.0526 5680 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
09:57:40.0529 5680 msisadrv - ok
09:57:40.0557 5680 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
09:57:40.0563 5680 MSiSCSI - ok
09:57:40.0566 5680 msiserver - ok
09:57:40.0589 5680 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:57:40.0591 5680 MSK80Service - ok
09:57:40.0614 5680 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
09:57:40.0618 5680 MSKSSRV - ok
09:57:40.0657 5680 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
09:57:40.0662 5680 MSPCLOCK - ok
09:57:40.0665 5680 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
09:57:40.0667 5680 MSPQM - ok
09:57:40.0682 5680 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
09:57:40.0719 5680 MsRPC - ok
09:57:40.0740 5680 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
09:57:40.0741 5680 mssmbios - ok
09:57:40.0759 5680 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
09:57:40.0763 5680 MSTEE - ok
09:57:40.0772 5680 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
09:57:40.0776 5680 MTConfig - ok
09:57:40.0796 5680 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
09:57:40.0801 5680 Mup - ok
09:57:40.0825 5680 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
09:57:40.0831 5680 napagent - ok
09:57:40.0874 5680 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
09:57:40.0883 5680 NativeWifiP - ok
09:57:40.0937 5680 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
09:57:40.0942 5680 NDIS - ok
09:57:40.0981 5680 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
09:57:40.0986 5680 NdisCap - ok
09:57:41.0009 5680 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
09:57:41.0013 5680 NdisTapi - ok
09:57:41.0023 5680 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
09:57:41.0067 5680 Ndisuio - ok
09:57:41.0084 5680 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
09:57:41.0129 5680 NdisWan - ok
09:57:41.0148 5680 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
09:57:41.0192 5680 NDProxy - ok
09:57:41.0221 5680 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
09:57:41.0226 5680 NetBIOS - ok
09:57:41.0231 5680 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
09:57:41.0233 5680 NetBT - ok
09:57:41.0258 5680 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
09:57:41.0259 5680 Netlogon - ok
09:57:41.0303 5680 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
09:57:41.0319 5680 Netman - ok
09:57:41.0347 5680 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
09:57:41.0355 5680 netprofm - ok
09:57:41.0384 5680 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:57:41.0389 5680 NetTcpPortSharing - ok
09:57:41.0427 5680 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
09:57:41.0438 5680 nfrd960 - ok
09:57:41.0469 5680 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
09:57:41.0509 5680 NlaSvc - ok
09:57:41.0539 5680 Norton PC Checkup Application Launcher - ok
09:57:41.0567 5680 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
09:57:41.0569 5680 Npfs - ok
09:57:41.0594 5680 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
09:57:41.0598 5680 nsi - ok
09:57:41.0606 5680 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
09:57:41.0607 5680 nsiproxy - ok
09:57:41.0686 5680 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
09:57:41.0744 5680 Ntfs - ok
09:57:41.0761 5680 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
09:57:41.0766 5680 Null - ok
09:57:41.0794 5680 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
09:57:41.0841 5680 nvraid - ok
09:57:41.0856 5680 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
09:57:41.0904 5680 nvstor - ok
09:57:41.0920 5680 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
09:57:41.0927 5680 nv_agp - ok
09:57:41.0942 5680 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
09:57:41.0947 5680 ohci1394 - ok
09:57:41.0985 5680 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:57:42.0040 5680 ose - ok
09:57:42.0188 5680 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:57:42.0359 5680 osppsvc - ok
09:57:42.0393 5680 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
09:57:42.0396 5680 p2pimsvc - ok
09:57:42.0416 5680 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
09:57:42.0427 5680 p2psvc - ok
09:57:42.0455 5680 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
09:57:42.0460 5680 Parport - ok
09:57:42.0486 5680 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
09:57:42.0532 5680 partmgr - ok
09:57:42.0557 5680 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
09:57:42.0565 5680 PcaSvc - ok
09:57:42.0591 5680 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
09:57:42.0593 5680 PCCUJobMgr - ok
09:57:42.0622 5680 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
09:57:42.0671 5680 pci - ok
09:57:42.0691 5680 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
09:57:42.0695 5680 pciide - ok
09:57:42.0718 5680 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
09:57:42.0724 5680 pcmcia - ok
09:57:42.0737 5680 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
09:57:42.0741 5680 pcw - ok
09:57:42.0767 5680 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
09:57:42.0779 5680 PEAUTH - ok
09:57:42.0846 5680 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
09:57:42.0849 5680 PerfHost - ok
09:57:42.0894 5680 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
09:57:42.0950 5680 PGEffect - ok
09:57:43.0004 5680 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
09:57:43.0046 5680 pla - ok
09:57:43.0078 5680 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
09:57:43.0115 5680 PlugPlay - ok
09:57:43.0147 5680 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
09:57:43.0152 5680 PNRPAutoReg - ok
09:57:43.0171 5680 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
09:57:43.0174 5680 PNRPsvc - ok
09:57:43.0204 5680 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
09:57:43.0242 5680 PolicyAgent - ok
09:57:43.0278 5680 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
09:57:43.0282 5680 Power - ok
09:57:43.0327 5680 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
09:57:43.0403 5680 PptpMiniport - ok
09:57:43.0418 5680 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
09:57:43.0421 5680 Processor - ok
09:57:43.0449 5680 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
09:57:43.0482 5680 ProfSvc - ok
09:57:43.0491 5680 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
09:57:43.0493 5680 ProtectedStorage - ok
09:57:43.0508 5680 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
09:57:43.0510 5680 Psched - ok
09:57:43.0560 5680 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
09:57:43.0603 5680 QIOMem - ok
09:57:43.0641 5680 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
09:57:43.0664 5680 ql2300 - ok
09:57:43.0700 5680 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
09:57:43.0707 5680 ql40xx - ok
09:57:43.0737 5680 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
09:57:43.0748 5680 QWAVE - ok
09:57:43.0754 5680 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
09:57:43.0761 5680 QWAVEdrv - ok
09:57:43.0779 5680 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
09:57:43.0784 5680 RasAcd - ok
09:57:43.0809 5680 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
09:57:43.0813 5680 RasAgileVpn - ok
09:57:43.0836 5680 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
09:57:43.0843 5680 RasAuto - ok
09:57:43.0869 5680 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
09:57:43.0913 5680 Rasl2tp - ok
09:57:43.0962 5680 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
09:57:43.0998 5680 RasMan - ok
09:57:44.0017 5680 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
09:57:44.0023 5680 RasPppoe - ok
09:57:44.0030 5680 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
09:57:44.0033 5680 RasSstp - ok
09:57:44.0066 5680 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
09:57:44.0122 5680 rdbss - ok
09:57:44.0137 5680 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
09:57:44.0142 5680 rdpbus - ok
09:57:44.0171 5680 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
09:57:44.0171 5680 RDPCDD - ok
09:57:44.0177 5680 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
09:57:44.0177 5680 RDPENCDD - ok
09:57:44.0182 5680 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
09:57:44.0183 5680 RDPREFMP - ok
09:57:44.0210 5680 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
09:57:44.0255 5680 RDPWD - ok
09:57:44.0279 5680 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
09:57:44.0328 5680 rdyboost - ok
09:57:44.0349 5680 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
09:57:44.0354 5680 RemoteAccess - ok
09:57:44.0381 5680 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
09:57:44.0386 5680 RemoteRegistry - ok
09:57:44.0409 5680 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
09:57:44.0420 5680 RpcEptMapper - ok
09:57:44.0445 5680 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
09:57:44.0453 5680 RpcLocator - ok
09:57:44.0475 5680 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
09:57:44.0480 5680 RpcSs - ok
09:57:44.0499 5680 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
09:57:44.0503 5680 rspndr - ok
09:57:44.0543 5680 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
09:57:44.0549 5680 RSUSBSTOR - ok
09:57:44.0570 5680 [ E5DC911D0FEB72CAFF2BBDD6E7C3672F ] RSUSBVSTOR C:\windows\system32\Drivers\RTSUVSTOR.sys
09:57:44.0624 5680 RSUSBVSTOR - ok
09:57:44.0690 5680 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
09:57:44.0771 5680 RTL8192Ce - ok
09:57:44.0781 5680 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
09:57:44.0783 5680 SamSs - ok
09:57:44.0809 5680 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
09:57:44.0859 5680 sbp2port - ok
09:57:44.0897 5680 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
09:57:44.0910 5680 SCardSvr - ok
09:57:44.0933 5680 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
09:57:44.0995 5680 scfilter - ok
09:57:45.0021 5680 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
09:57:45.0066 5680 Schedule - ok
09:57:45.0084 5680 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
09:57:45.0085 5680 SCPolicySvc - ok
09:57:45.0103 5680 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
09:57:45.0137 5680 SDRSVC - ok
09:57:45.0165 5680 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
09:57:45.0168 5680 secdrv - ok
09:57:45.0189 5680 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
09:57:45.0224 5680 seclogon - ok
09:57:45.0243 5680 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
09:57:45.0245 5680 SENS - ok
09:57:45.0260 5680 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
09:57:45.0264 5680 SensrSvc - ok
09:57:45.0287 5680 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
09:57:45.0304 5680 Serenum - ok
09:57:45.0327 5680 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
09:57:45.0330 5680 Serial - ok
09:57:45.0342 5680 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
09:57:45.0346 5680 sermouse - ok
09:57:45.0385 5680 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
09:57:45.0419 5680 SessionEnv - ok
09:57:45.0428 5680 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
09:57:45.0432 5680 sffdisk - ok
09:57:45.0436 5680 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
09:57:45.0450 5680 sffp_mmc - ok
09:57:45.0453 5680 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
09:57:45.0495 5680 sffp_sd - ok
09:57:45.0517 5680 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
09:57:45.0521 5680 sfloppy - ok
09:57:45.0566 5680 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
09:57:45.0621 5680 Sftfs - ok
09:57:45.0692 5680 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
09:57:45.0777 5680 sftlist - ok
09:57:45.0808 5680 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
09:57:45.0856 5680 Sftplay - ok
09:57:45.0902 5680 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
09:57:45.0966 5680 Sftredir - ok
09:57:45.0989 5680 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
09:57:46.0035 5680 Sftvol - ok
09:57:46.0061 5680 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
09:57:46.0115 5680 sftvsa - ok
09:57:46.0143 5680 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
09:57:46.0153 5680 SharedAccess - ok
09:57:46.0187 5680 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
09:57:46.0224 5680 ShellHWDetection - ok
09:57:46.0234 5680 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
09:57:46.0238 5680 SiSRaid2 - ok
09:57:46.0274 5680 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
09:57:46.0279 5680 SiSRaid4 - ok
09:57:46.0307 5680 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
09:57:46.0317 5680 Smb - ok
09:57:46.0360 5680 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
09:57:46.0372 5680 SNMPTRAP - ok
09:57:46.0400 5680 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
09:57:46.0405 5680 spldr - ok
09:57:46.0435 5680 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
09:57:46.0494 5680 Spooler - ok
09:57:46.0586 5680 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
09:57:46.0661 5680 sppsvc - ok
09:57:46.0675 5680 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
09:57:46.0681 5680 sppuinotify - ok
09:57:46.0705 5680 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
09:57:46.0752 5680 srv - ok
09:57:46.0760 5680 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
09:57:46.0807 5680 srv2 - ok
09:57:46.0847 5680 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS
09:57:46.0863 5680 SrvHsfHDA - ok
09:57:46.0943 5680 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS
09:57:46.0991 5680 SrvHsfV92 - ok
09:57:47.0027 5680 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS
09:57:47.0041 5680 SrvHsfWinac - ok
09:57:47.0054 5680 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
09:57:47.0099 5680 srvnet - ok
09:57:47.0134 5680 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
09:57:47.0141 5680 SSDPSRV - ok
09:57:47.0145 5680 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
09:57:47.0150 5680 SstpSvc - ok
09:57:47.0177 5680 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
09:57:47.0180 5680 stexstor - ok
09:57:47.0212 5680 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
09:57:47.0252 5680 stisvc - ok
09:57:47.0270 5680 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
09:57:47.0275 5680 swenum - ok
09:57:47.0316 5680 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
09:57:47.0329 5680 swprv - ok
09:57:47.0382 5680 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
09:57:47.0433 5680 SynTP - ok
09:57:47.0494 5680 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
09:57:47.0521 5680 SysMain - ok
09:57:47.0537 5680 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
09:57:47.0578 5680 TabletInputService - ok
09:57:47.0584 5680 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
09:57:47.0621 5680 TapiSrv - ok
09:57:47.0632 5680 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
09:57:47.0634 5680 TBS - ok
09:57:47.0705 5680 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
09:57:47.0763 5680 Tcpip - ok
09:57:47.0786 5680 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
09:57:47.0797 5680 TCPIP6 - ok
09:57:47.0813 5680 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
09:57:47.0857 5680 tcpipreg - ok
09:57:47.0892 5680 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
09:57:47.0951 5680 tdcmdpst - ok
09:57:47.0982 5680 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
09:57:47.0987 5680 TDPIPE - ok
09:57:48.0023 5680 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
09:57:48.0085 5680 TDTCP - ok
09:57:48.0100 5680 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
09:57:48.0144 5680 tdx - ok
09:57:48.0154 5680 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
09:57:48.0188 5680 TermDD - ok
09:57:48.0225 5680 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
09:57:48.0265 5680 TermService - ok
09:57:48.0276 5680 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
09:57:48.0282 5680 Themes - ok
09:57:48.0309 5680 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
09:57:48.0311 5680 THREADORDER - ok
09:57:48.0378 5680 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
09:57:48.0446 5680 TMachInfo - ok
09:57:48.0483 5680 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\Windows\system32\TODDSrv.exe
09:57:48.0536 5680 TODDSrv - ok
09:57:48.0624 5680 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
09:57:48.0691 5680 TosCoSrv - ok
09:57:48.0746 5680 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
09:57:48.0821 5680 TOSHIBA eco Utility Service - ok
09:57:48.0858 5680 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
09:57:48.0934 5680 TOSHIBA HDD SSD Alert Service - ok
09:57:48.0974 5680 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
09:57:49.0024 5680 tos_sps64 - ok
09:57:49.0092 5680 [ 098B8A408C17E125A3D9A8E1166780C8 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
09:57:49.0102 5680 TPCHSrv - ok
09:57:49.0134 5680 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
09:57:49.0140 5680 TrkWks - ok
09:57:49.0179 5680 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
09:57:49.0181 5680 TrustedInstaller - ok
09:57:49.0191 5680 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
09:57:49.0236 5680 tssecsrv - ok
09:57:49.0257 5680 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
09:57:49.0300 5680 TsUsbFlt - ok
09:57:49.0331 5680 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
09:57:49.0376 5680 TsUsbGD - ok
09:57:49.0405 5680 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
09:57:49.0449 5680 tunnel - ok
09:57:49.0500 5680 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
09:57:49.0582 5680 TVALZ - ok
09:57:49.0606 5680 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
09:57:49.0651 5680 TVALZFL - ok
09:57:49.0684 5680 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
09:57:49.0688 5680 uagp35 - ok
09:57:49.0712 5680 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
09:57:49.0759 5680 udfs - ok
09:57:49.0800 5680 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
09:57:49.0805 5680 UI0Detect - ok
09:57:49.0839 5680 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
09:57:49.0843 5680 uliagpkx - ok
09:57:49.0860 5680 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
09:57:49.0904 5680 umbus - ok
09:57:49.0942 5680 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
09:57:49.0948 5680 UmPass - ok
09:57:50.0092 5680 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:57:50.0213 5680 UNS - ok
09:57:50.0248 5680 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
09:57:50.0257 5680 upnphost - ok
09:57:50.0281 5680 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
09:57:50.0335 5680 usbccgp - ok
09:57:50.0363 5680 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
09:57:50.0368 5680 usbcir - ok
09:57:50.0384 5680 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
09:57:50.0429 5680 usbehci - ok
09:57:50.0478 5680 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
09:57:50.0555 5680 usbhub - ok
09:57:50.0566 5680 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
09:57:50.0612 5680 usbohci - ok
09:57:50.0621 5680 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
09:57:50.0624 5680 usbprint - ok
09:57:50.0640 5680 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
09:57:50.0684 5680 USBSTOR - ok
09:57:50.0697 5680 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
09:57:50.0757 5680 usbuhci - ok
09:57:50.0775 5680 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
09:57:50.0820 5680 usbvideo - ok
09:57:50.0839 5680 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
09:57:50.0843 5680 UxSms - ok
09:57:50.0859 5680 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
09:57:50.0860 5680 VaultSvc - ok
09:57:50.0866 5680 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
09:57:50.0871 5680 vdrvroot - ok
09:57:50.0904 5680 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
09:57:50.0955 5680 vds - ok
09:57:50.0987 5680 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
09:57:50.0990 5680 vga - ok
09:57:51.0014 5680 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
09:57:51.0021 5680 VgaSave - ok
09:57:51.0038 5680 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
09:57:51.0089 5680 vhdmp - ok
09:57:51.0106 5680 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
09:57:51.0110 5680 viaide - ok
09:57:51.0122 5680 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
09:57:51.0169 5680 volmgr - ok
09:57:51.0183 5680 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
09:57:51.0185 5680 volmgrx - ok
09:57:51.0212 5680 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
09:57:51.0263 5680 volsnap - ok
09:57:51.0279 5680 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
09:57:51.0285 5680 vsmraid - ok
09:57:51.0333 5680 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
09:57:51.0388 5680 VSS - ok
09:57:51.0412 5680 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
09:57:51.0415 5680 vwifibus - ok
09:57:51.0442 5680 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
09:57:51.0447 5680 vwififlt - ok
09:57:51.0476 5680 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
09:57:51.0486 5680 W32Time - ok
09:57:51.0510 5680 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
09:57:51.0515 5680 WacomPen - ok
09:57:51.0535 5680 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
09:57:51.0579 5680 WANARP - ok
09:57:51.0582 5680 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
09:57:51.0583 5680 Wanarpv6 - ok
09:57:51.0649 5680 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
09:57:51.0706 5680 WatAdminSvc - ok
09:57:51.0783 5680 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
09:57:51.0854 5680 wbengine - ok
09:57:51.0860 5680 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
09:57:51.0884 5680 WbioSrvc - ok
09:57:51.0914 5680 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
09:57:51.0951 5680 wcncsvc - ok
09:57:51.0991 5680 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
09:57:51.0994 5680 WcsPlugInService - ok
09:57:52.0024 5680 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
09:57:52.0029 5680 Wd - ok
09:57:52.0080 5680 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
09:57:52.0155 5680 Wdf01000 - ok
09:57:52.0192 5680 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
09:57:52.0208 5680 WdiServiceHost - ok
09:57:52.0217 5680 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
09:57:52.0221 5680 WdiSystemHost - ok
09:57:52.0237 5680 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
09:57:52.0273 5680 WebClient - ok
09:57:52.0284 5680 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
09:57:52.0292 5680 Wecsvc - ok
09:57:52.0303 5680 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
09:57:52.0309 5680 wercplsupport - ok
09:57:52.0343 5680 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
09:57:52.0348 5680 WerSvc - ok
09:57:52.0372 5680 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
09:57:52.0375 5680 WfpLwf - ok
09:57:52.0388 5680 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
09:57:52.0391 5680 WIMMount - ok
09:57:52.0410 5680 WinDefend - ok
09:57:52.0415 5680 WinHttpAutoProxySvc - ok
09:57:52.0471 5680 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
09:57:52.0490 5680 Winmgmt - ok
09:57:52.0541 5680 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
09:57:52.0588 5680 WinRM - ok
09:57:52.0662 5680 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
09:57:52.0720 5680 WinUsb - ok
09:57:52.0759 5680 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
09:57:52.0774 5680 Wlansvc - ok
09:57:52.0822 5680 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:57:52.0908 5680 wlcrasvc - ok
09:57:52.0977 5680 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:57:53.0033 5680 wlidsvc - ok
09:57:53.0074 5680 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
09:57:53.0075 5680 WmiAcpi - ok
09:57:53.0102 5680 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
09:57:53.0109 5680 wmiApSrv - ok
09:57:53.0138 5680 WMPNetworkSvc - ok
09:57:53.0181 5680 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
09:57:53.0187 5680 WPCSvc - ok
09:57:53.0200 5680 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
09:57:53.0247 5680 WPDBusEnum - ok
09:57:53.0285 5680 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
09:57:53.0288 5680 ws2ifsl - ok
09:57:53.0302 5680 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
09:57:53.0306 5680 wscsvc - ok
09:57:53.0310 5680 WSearch - ok
09:57:53.0392 5680 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
09:57:53.0419 5680 wuauserv - ok
09:57:53.0450 5680 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
09:57:53.0493 5680 WudfPf - ok
09:57:53.0509 5680 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
09:57:53.0553 5680 WUDFRd - ok
09:57:53.0578 5680 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
09:57:53.0612 5680 wudfsvc - ok
09:57:53.0639 5680 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
09:57:53.0647 5680 WwanSvc - ok
09:57:53.0676 5680 ================ Scan global ===============================
09:57:53.0709 5680 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
09:57:53.0747 5680 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
09:57:53.0815 5680 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
09:57:53.0850 5680 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
09:57:53.0885 5680 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
09:57:53.0888 5680 [Global] - ok
09:57:53.0888 5680 ================ Scan MBR ==================================
09:57:53.0895 5680 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
09:57:54.0172 5680 \Device\Harddisk0\DR0 - ok
09:57:54.0173 5680 ================ Scan VBR ==================================
09:57:54.0200 5680 [ EF4E68F9EC02AABEC2867B5DE2945259 ] \Device\Harddisk0\DR0\Partition1
09:57:54.0202 5680 \Device\Harddisk0\DR0\Partition1 - ok
09:57:54.0202 5680 ============================================================
09:57:54.0202 5680 Scan finished
09:57:54.0202 5680 ============================================================
09:57:54.0210 7808 Detected object count: 0
09:57:54.0210 7808 Actual detected object count: 0
09:58:59.0916 0888 Deinitialize success

ASWMBR Report
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-22 10:00:59
-----------------------------
10:00:59.119 OS Version: Windows x64 6.1.7601 Service Pack 1
10:00:59.120 Number of processors: 4 586 0x2A07
10:00:59.120 ComputerName: TRUDY-PC UserName: Trudy
10:01:00.495 Initialize success
10:02:08.964 AVAST engine defs: 13012200
10:02:57.810 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:02:57.812 Disk 0 Vendor: TOSHIBA_ GT00 Size: 476940MB BusType: 3
10:02:57.823 Disk 0 MBR read successfully
10:02:57.825 Disk 0 MBR scan
10:02:57.829 Disk 0 Windows VISTA default MBR code
10:02:57.864 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
10:02:57.905 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 460413 MB offset 3074048
10:02:57.940 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 15026 MB offset 945999872
10:02:58.004 Disk 0 scanning C:\windows\system32\drivers
10:03:10.008 Service scanning
10:03:46.426 Modules scanning
10:03:46.433 Disk 0 trace - called modules:
10:03:46.469 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:03:46.814 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80072d5060]
10:03:46.818 3 CLASSPNP.SYS[fffff88001e8843f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004aaf050]
10:03:47.970 AVAST engine scan C:\windows
10:03:50.192 AVAST engine scan C:\windows\system32
10:08:31.753 AVAST engine scan C:\windows\system32\drivers
10:08:45.387 AVAST engine scan C:\Users\Trudy
10:09:52.848 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:09:52.860 The log file has been saved successfully to "C:\aswMBR.txt"

ESET online scanner ran and found NO THREATS

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:13 AM

Posted 22 January 2013 - 04:04 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 MsTrudy

MsTrudy
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:13 AM

Posted 22 January 2013 - 10:25 PM

Here are the results for all of the scans. I'm not sure that I saved Autoruns correctly, as it doesn't look right.... I really appreciate your help!!


Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.23.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Trudy :: TRUDY-PC [administrator]

Protection: Enabled

1/22/2013 8:29:57 PM
mbam-log-2013-01-22 (20-29-57).txt

Scan type: Full scan (C:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 352367
Time elapsed: 1 hour(s), 2 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



MiniToolBox by Farbar Version:10-01-2013
Ran by Trudy (administrator) on 22-01-2013 at 21:34:51
Running from "C:\Users\Trudy\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Trudy-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : 00580.geek.local
Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 04-7D-7B-8C-8F-84
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 9C-B7-0D-CC-AA-3B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a5fe:2fc7:77f8:11eb%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.7(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, January 19, 2013 9:37:52 PM
Lease Expires . . . . . . . . . . : Wednesday, January 23, 2013 8:00:04 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 245151501
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-38-03-35-04-7D-7B-8C-8F-84
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{BC119DC5-10C1-4FAB-84C5-8C79E74B4935}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:824:35bc:b9d3:b655(Preferred)
Link-local IPv6 Address . . . . . : fe80::824:35bc:b9d3:b655%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.00580.geek.local:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:801::1007
74.125.226.233
74.125.226.238
74.125.226.224
74.125.226.225
74.125.226.226
74.125.226.227
74.125.226.228
74.125.226.229
74.125.226.230
74.125.226.231
74.125.226.232


Pinging google.com [74.125.226.225] with 32 bytes of data:
Reply from 74.125.226.225: bytes=32 time=1304ms TTL=55
Reply from 74.125.226.225: bytes=32 time=32ms TTL=55

Ping statistics for 74.125.226.225:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 32ms, Maximum = 1304ms, Average = 668ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=198ms TTL=55
Reply from 98.138.253.109: bytes=32 time=76ms TTL=55

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 76ms, Maximum = 198ms, Average = 137ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=15ms TTL=128
Reply from 127.0.0.1: bytes=32 time=9ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 9ms, Maximum = 15ms, Average = 12ms
===========================================================================
Interface List
12...04 7d 7b 8c 8f 84 ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
11...9c b7 0d cc aa 3b ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.7 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.7 281
192.168.1.7 255.255.255.255 On-link 192.168.1.7 281
192.168.1.255 255.255.255.255 On-link 192.168.1.7 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.7 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.7 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:9d38:6ab8:824:35bc:b9d3:b655/128
On-link
11 281 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::824:35bc:b9d3:b655/128
On-link
11 281 fe80::a5fe:2fc7:77f8:11eb/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/22/2013 10:10:45 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/22/2013 10:10:42 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/20/2013 08:37:20 AM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 4532 (0x11b4)

Thread address : 0x000000007706138A

Thread message :

Build VSCORE.15.1.0.513 / 5500.1093
Object being scanned = \Device\HarddiskVolume2\Windows\System32\ieframe.dll
by C:\windows\Explorer.EXE
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (01/19/2013 09:40:14 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {60cd5c8e-d0d0-43dd-b1cb-d657b4bbb59d}

Error: (01/19/2013 09:39:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2013 09:38:30 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (01/19/2013 09:35:31 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (01/19/2013 09:31:01 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {5369e372-32f9-427d-b1a1-cec28058a410}

Error: (01/19/2013 09:30:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2013 09:29:35 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)


System errors:
=============
Error: (01/22/2013 01:45:41 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McMPFSvc service.

Error: (01/22/2013 00:22:27 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.

Error: (01/20/2013 08:37:25 AM) (Source: Service Control Manager) (User: )
Description: The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (01/19/2013 09:38:38 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (01/19/2013 09:28:39 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:26:48 PM on ?1/?19/?2013 was unexpected.

Error: (01/19/2013 05:34:51 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.

Error: (01/19/2013 03:32:08 PM) (Source: Service Control Manager) (User: )
Description: The DCService.exe service terminated unexpectedly. It has done this 1 time(s).

Error: (01/19/2013 03:15:57 PM) (Source: DCOM) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}

Error: (01/18/2013 09:50:50 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.

Error: (01/18/2013 07:19:37 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.


Microsoft Office Sessions:
=========================
Error: (01/22/2013 10:10:45 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Trudy\Downloads\esetsmartinstaller_enu (3).exe

Error: (01/22/2013 10:10:42 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Trudy\Downloads\esetsmartinstaller_enu (3).exe

Error: (01/20/2013 08:37:20 AM) (Source: McLogEvent)(User: NT AUTHORITY)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900004532 (0x11b4)0x000000007706138A
Build VSCORE.15.1.0.513 / 5500.1093
Object being scanned = \Device\HarddiskVolume2\Windows\System32\ieframe.dll
by C:\windows\Explorer.EXE
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (01/19/2013 09:40:14 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {60cd5c8e-d0d0-43dd-b1cb-d657b4bbb59d}

Error: (01/19/2013 09:39:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2013 09:38:30 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (01/19/2013 09:35:31 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (01/19/2013 09:31:01 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {5369e372-32f9-427d-b1a1-cec28058a410}

Error: (01/19/2013 09:30:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2013 09:29:35 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)


CodeIntegrity Errors:
===================================
Date: 2013-01-22 20:31:01.029
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-22 20:31:01.020
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-22 20:31:01.014
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-19 20:47:30.455
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-19 20:47:30.451
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-19 20:47:30.448
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-19 15:37:21.937
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-19 15:37:21.932
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-19 15:37:21.930
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe AIR (Version: 2.6.0.19140)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.34)
Adobe Flash Player 10 Plugin (Version: 10.3.181.34)
Adobe Reader X MUI (Version: 10.0.0)
Armand Morin's eCover Generator
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.36)
Bejeweled 3 (Version: 2.2.0.97)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Cisco WebEx Meetings
Conexant HD Audio (Version: 8.51.2.51)
Coupon Printer for Windows (Version: 5.0.0.1)
Cricket Broadband EC1705 (Version: 21.003.16.16.644)
D3DX10 (Version: 15.4.2368.0902)
Dropbox (Version: 1.6.14)
Epson Event Manager (Version: 2.40.0001)
Epson FAX Utility (Version: 1.10.00)
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 630 Series Printer Uninstall
EpsonNet Print (Version: 2.4j)
EpsonNet Setup 3.3 (Version: 3.3b)
ESET Online Scanner v3
FATE - The Traitor Soul (Version: 2.2.0.95)
Google Chrome (Version: 24.0.1312.52)
Google Drive (Version: 1.7.4018.3496)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
Home Business PLR Article Collection (Version: 1.0.1.0)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2509)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 25 (Version: 6.0.250)
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
LeapFrog Connect (Version: 4.2.9.15649)
LeapFrog Tag Plugin (Version: 4.2.9.15649)
Letters from Nowhere 2 (Version: 2.2.0.97)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee Internet Security (Version: 11.6.443)
McAfee Online Backup (Version: 1.16.6.1)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Access 2000 SR-1 (Version: 9.00.3821)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5139.5005)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 18.0.1 (x86 en-US) (Version: 18.0.1)
Mozilla Maintenance Service (Version: 18.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Netwaiting (Version: 1.0.1)
Penguins! (Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Polar Bowler (Version: 2.2.0.97)
Print Artist Gold (Version: 24.0.0.36)
Realtek USB 2.0 Reader Driver (Version: 1.0.0.15)
Realtek WLAN Driver (Version: 2.00.0013)
Revo Uninstaller 1.94 (Version: 1.94)
RollerCoaster Tycoon 3: Platinum (Version: 2.2.0.98)
Shared C Run-time for x64 (Version: 10.0.0)
Skype Launcher (Version: 2.01)
Synaptics Pointing Device Driver (Version: 15.2.11.1)
Tales of Lagoona (Version: 2.2.0.98)
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.2)
TOSHIBA Assist (Version: 4.2.3.0)
Toshiba Book Place (Version: 2.2.7530)
TOSHIBA Bulletin Board (Version: 1.6.11.64)
TOSHIBA Disc Creator (Version: 2.1.0.11 for x64)
TOSHIBA eco Utility (Version: 1.3.5.64)
TOSHIBA Face Recognition (Version: 3.1.17.64)
TOSHIBA Hardware Setup (Version: 4.08.09.00)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.9)
Toshiba Laptop Checkup (Version: 2.0.13.11)
TOSHIBA Media Controller (Version: 1.0.87.4)
TOSHIBA Media Controller Plug-in (Version: 1.0.7.5)
Toshiba Online Backup (Version: 2.0.0.31)
TOSHIBA PC Health Monitor (Version: 1.7.9.64)
TOSHIBA Quality Application (Version: 1.0.4)
TOSHIBA Recovery Media Creator (Version: 2.1.5.5109a)
TOSHIBA ReelTime (Version: 1.7.21.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.2001)
TOSHIBA Service Station (Version: 2.2.12)
TOSHIBA Sleep Utility (Version: 1.4.2.8)
TOSHIBA Supervisor Password (Version: 4.08.09.00)
TOSHIBA Value Added Package (Version: 1.6.1.64)
TOSHIBA Web Camera Application (Version: 2.0.3.3)
TOSHIBARegistration (Version: 1.0.7)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) (Version: 4.2.9.15649)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.97)
WildTangent Games (Version: 1.0.2.5)
WildTangent Games App (Toshiba Games) (Version: 4.0.5.31)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (Version: 11/05/2008 1.1.1.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zuma's Revenge (Version: 2.2.0.98)

========================= Memory info: ===================================

Percentage of memory in use: 70%
Total physical RAM: 4043.86 MB
Available physical RAM: 1178.11 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 3649.59 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.32 MB

========================= Partitions: =====================================

1 Drive c: (TI106320W0D) (Fixed) (Total:449.62 GB) (Free:396.7 GB) NTFS

========================= Users: ========================================

User accounts for \\TRUDY-PC

Administrator Guest Trudy

========================= Restore Points ==================================

20-01-2013 01:57:12 January

**** End of log ****



Farbar Service Scanner Version: 16-01-2013
Ran by Trudy (administrator) on 22-01-2013 at 21:40:43
Running from "C:\Users\Trudy\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============




Farbar Service Scanner Version: 16-01-2013
Ran by Trudy (administrator) on 22-01-2013 at 21:40:43
Running from "C:\Users\Trudy\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.8 (01.21.2013:2)
OS: Windows 7 Home Premium x64
Ran by Trudy on Tue 01/22/2013 at 21:51:54.54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\windows\couponprinter.ocx"



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 01/22/2013 at 22:03:52.13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/22/2013 10:06:47 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\ProgramData\DatacardService\DCService.exe (PID: 1672) [AU-HEUR]
* C:\ProgramData\DatacardService\DCSHelper.exe (PID: 2068) [AU-HEUR]
* C:\ProgramData\Cricket Broadband EC1705\userdata\ouc.exe (PID: 4292) [AU-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Disabled

* Security Center (wscsvc) is not Running.
Startup Type set to: Disabled

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 01/22/2013 10:07:08 PM
Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)




"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "cAudioFilterAgent" "Conexant High Definition Audio Filter Agent" "Conexant Systems, Inc." "c:\program files\conexant\caudiofilteragent\caudiofilteragent64.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "HSON" "HotStartOn" "TOSHIBA Corporation" "c:\program files\toshiba\tbs\hson.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SmartAudio" "SmartAudio Control Panel application" "Conexant Systems, Inc." "c:\program files\conexant\saii\saiicpl.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "TCrdMain" "TOSHIBA Flash Cards Main Module" "TOSHIBA Corporation" "c:\program files\toshiba\flashcards\tcrdmain.exe"
+ "Teco" "TOSHIBA eco Utility" "TOSHIBA Corporation" "c:\program files\toshiba\teco\teco.exe"
+ "TosNC" "Message Center" "TOSHIBA Corporation" "c:\program files\toshiba\bulletinboard\tosnccore.exe"
+ "TosReelTimeMonitor" "Monitor of TOSHIBA ReelTime" "TOSHIBA Corporation" "c:\program files\toshiba\reeltime\tosreeltimemonitor.exe"
+ "TosSENotify" "" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba hdd ssd alert\toswaitsrv.exe"
+ "TosVolRegulator" " Toshiba Volume Regulator" "TOSHIBA Corporation" "c:\program files\toshiba\tosvolregulator\tosvolregulator.exe"
+ "TosWaitSrv" "" "TOSHIBA Corporation" "c:\program files\toshiba\tphm\toswaitsrv.exe"
+ "TPwrMain" "TOSHIBA Power Saver" "TOSHIBA Corporation" "c:\program files\toshiba\power saver\tpwrmain.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EEventManager" "EEventManager Application" "SEIKO EPSON CORPORATION" "c:\program files (x86)\epson software\event manager\eeventmanager.exe"
+ "FUFAXSTM" "FAX Status Monitor" "SEIKO EPSON CORPORATION" "c:\program files (x86)\epson software\fax utility\fufaxstm.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "Monitor" "Monitor Application" "LeapFrog Enterprises, Inc." "c:\program files (x86)\leapfrog\leapfrog connect\monitor.exe"
+ "NortonOnlineBackupReminder" "Toshiba Online Backup Service" "Toshiba" "c:\program files (x86)\toshiba\toshiba online backup\activation\tobuactivation.exe"
+ "ReminderApp_69961952-30DE-4DEB-B6FB-572D30956785" "ReminderApp" "" "c:\program files (x86)\nova development\print artist gold 24\reminderapp.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "ToshibaAppPlace" "Toshiba App Place" "Toshiba" "c:\program files (x86)\toshiba\toshiba app place\toshibaappplace.exe"
+ "ToshibaServiceStation" "TOSHIBA Service Station" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba service station\toshibaservicestation.exe"
+ "TSleepSrv" "TOSHIBA Sleep Service" "TOSHIBA" "c:\program files (x86)\toshiba\toshiba sleep utility\tsleepsrv.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Microsoft Office.lnk" "Microsoft Office 2000 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office\osa9.exe"
"C:\Users\Trudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "_uninst_68121891.lnk" "" "" "c:\users\trudy\appdata\local\temp\_uninst_68121891.bat"
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\trudy\appdata\roaming\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\24.0.1312.52\installer\setup.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HW_OPENEYE_OUC_Cricket Broadband EC1705" "" "" "c:\program files (x86)\cricket broadband ec1705\updatedog\ouc.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe"
+ "WorkForce 630(Network)" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\windows\system32\spool\drivers\x64\3\e_iatigba.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\trudy\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "MOBK755" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobk755shell.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\trudy\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "MOBK755" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobk755shell.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\trudy\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "MOBK755" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobk755shell.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "MOBK755" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobk755shell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\trudy\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\trudy\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\trudy\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\trudy\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "GDriveBlacklistedOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSharedOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSyncedOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSyncingOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "MOBK755" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobk755shell.dll"
+ "MOBK7552" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobk755shell.dll"
+ "MOBK7553" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobk755shell.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "" "" "File not found: C:\Users\Trudy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll"
+ "DropboxExt2" "" "" "File not found: C:\Users\Trudy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll"
+ "DropboxExt3" "" "" "File not found: C:\Users\Trudy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20120628090415.dll"
+ "TOSHIBA Media Controller Plug-in" "TOSHIBA Media Controller Plug-in (64)" "<TOSHIBA>" "c:\program files (x86)\toshiba\toshiba media controller plug-in\x64\toshibamediacontrollerie.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files (x86)\common files\mcafee\systemcore\scriptsn.20120628090415.dll"
+ "TOSHIBA Media Controller Plug-in" "TOSHIBA Media Controller Plug-in (32)" "<TOSHIBA>" "c:\program files (x86)\toshiba\toshiba media controller plug-in\toshibamediacontrollerie.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
"Task Scheduler" "" "" ""
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Sonlb" "" "" "c:\windows\syswow64\kbdfi1v.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "DCService.exe" "DCSHOST" "" "c:\programdata\datacardservice\dcservice.exe"
+ "EpsonBidirectionalService" "eEBAPI Core Process module" "SEIKO EPSON CORPORATION" "c:\program files (x86)\common files\epson\ebapi\eebsvc.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "LeapFrog Connect Device Service" "Manages LeapFrog Connect devices." "LeapFrog Enterprises, Inc." "c:\program files (x86)\leapfrog\leapfrog connect\commandservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MOBK755backup" "Backs up configured files to the McAfee Online Backup servers. Please do not stop or restart this service - it could corrupt your McAfee Online Backup installation." "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobk755backup.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "Norton PC Checkup Application Launcher" "Provides consolidated application launching facility" "Symantec Corporation" "c:\program files (x86)\norton pc checkup\engine\2.0.13.11\symcpcculaunchsvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PCCUJobMgr" "Job Manager service for common client services" "Symantec Corporation" "c:\program files (x86)\norton pc checkup\engine\2.0.13.11\ccsvchst.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "TMachInfo" "TOSHIBA Machine Information Service" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba service station\tmachinfo.exe"
+ "TODDSrv" "TDCSrv Application" "TOSHIBA Corporation" "c:\windows\system32\toddsrv.exe"
+ "TosCoSrv" "TOSHIBA Power Saver manages power saving settings supported by TOSHIBA. These settings will not work if the service has stopped." "TOSHIBA Corporation" "c:\program files\toshiba\power saver\toscosrv.exe"
+ "TOSHIBA eco Utility Service" "TOSHIBA eco Utility Service" "TOSHIBA Corporation" "c:\program files\toshiba\teco\tecoservice.exe"
+ "TOSHIBA HDD SSD Alert Service" "TOSHIBA HDD SSD Alert" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba hdd ssd alert\tossmartsrv.exe"
+ "TPCHSrv" "TOSHIBA PC Health Monitor" "TOSHIBA Corporation" "c:\program files\toshiba\tphm\tpchsrv.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CnxtHdAudService" "64-bit High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdrt64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "ewusbnet" "USB NDIS Miniport Driver" "Huawei Technologies Co., Ltd." "c:\windows\system32\drivers\ewusbnet.sys"
+ "FlyUsb" "FLY Fusion USB Driver" "LeapFrog" "c:\windows\system32\drivers\flyusb.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "huawei_enumerator" "ew_jubusenum Driver" "Huawei Technologies Co., Ltd." "c:\windows\system32\drivers\ew_jubusenum.sys"
+ "hwdatacard" "USB Modem/Serial Device Driver" "Huawei Technologies Co., Ltd." "c:\windows\system32\drivers\ewusbmdm.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "MOBK755Filter" "McAfee Online Backup Change Monitor" "Mozy, Inc." "c:\windows\system32\drivers\mobk755.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PGEffect" "TOSHIBA Universal Camera Filter Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\pgeffect.sys"
+ "QIOMem" "Generic IO & Memory Access" "TOSHIBA" "c:\windows\system32\drivers\qiomem.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "RSUSBVSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsuvstor.sys"
+ "RTL8192Ce" "Realtek RTL81892CE NDIS Driverr" "Realtek Semiconductor Corporation " "c:\windows\system32\drivers\rtl8192ce.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl6.sys"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt6.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "tdcmdpst" "TOSHIBA ODD Writing Driver for x64." "TOSHIBA Corporation." "c:\windows\system32\drivers\tdcmdpst.sys"
+ "tos_sps64" "tos_sps64" "TOSHIBA Corporation" "c:\windows\system32\drivers\tos_sps64.sys"
+ "TVALZ" "TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\tvalz_o.sys"
+ "TVALZFL" "TOSHIBA TVALZ Filter Driver for x64" "TOSHIBA Corporation" "c:\windows\system32\drivers\tvalzfl.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
+ "SFVCaptureFilter" "SmartFaceVCapt" "TOSHIBA Corporation" "c:\program files\toshiba\smartfacev\smartfacevcapt.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Image Effects" "TimeStam Dynamic Link Library" "TOSHIBA CORPORATION." "c:\program files (x86)\toshiba\toshiba web camera application\pgtimefilter.dll"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Samsung AAC Decoding Filter" "AAC Decoder Filter Dll" "Pixtree, Inc." "c:\program files (x86)\samsung\intelli-studio\filters\pxtraacd.dll"
+ "Samsung AAC Encoder Filter" "AAC Encoder Filter Dll" "Pixtree, Inc." "c:\program files (x86)\samsung\intelli-studio\filters\pxtraace.dll"
+ "Samsung H264 Decoder" "HTH264Dec1" "Honest Technology" "c:\program files (x86)\samsung\intelli-studio\filters\pxtrvdf.dll"
+ "Samsung H264 Encoding Filter" "Pixtree h264 video encoder dshow filter" "PIXTREE, Inc." "c:\program files (x86)\samsung\intelli-studio\filters\pxtrvef.dll"
+ "Samsung MJPEG Decoder" "HTH264Dec1" "Honest Technology" "c:\program files (x86)\samsung\intelli-studio\filters\pxtrvdf.dll"
+ "Samsung MP4 Muxer Filter" "" "" "c:\program files (x86)\samsung\intelli-studio\filters\ssmp4mux.ax"
+ "Samsung MPEG-4 Splitter Filter" "Pixtree MP4 Splitter Filter" "Pixtree, Inc." "c:\program files (x86)\samsung\intelli-studio\filters\pxtrmp4s.dll"
+ "TOSHIBA Progress Monitor" "TOSHIBA Progress Monitor" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba disc creator\tprogmon.ax"
+ "TOSHIBA WAV Converter" "TOSHIBA Wav Converter" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba disc creator\twavconv.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "SmartFaceVCP" "SmartFaceVCP" "TOSHIBA Corporation" "c:\program files\toshiba\smartfacev\smartfacevcp.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "EPSON WorkForce 630 Series 64MonitorBA" "EPSON Bi-directional Monitor AMD64" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_ilmgba.dll"
+ "EpsonNet Print Port" "EpsonNet Print Port Monitor DLL" "SEIKO EPSON CORPORATION" "c:\windows\system32\enppmon.dll"

#6 MsTrudy

MsTrudy
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:13 AM

Posted 25 January 2013 - 11:34 AM

Is there anything else I should do?

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:13 AM

Posted 26 January 2013 - 11:21 AM

Yes,you're still infected

Click on startmenu and type

cmd

Right click on it and select run as administrator and run these commands

cd \windows\syswow64
attrib > c:\attrib.txt


Now go to C drive and post the contents of attrib.txt log here

#8 MsTrudy

MsTrudy
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:13 AM

Posted 29 January 2013 - 08:02 PM

A C:\Windows\SysWOW64\12520437.cpx
A C:\Windows\SysWOW64\12520850.cpx
A C:\Windows\SysWOW64\aaclient.dll
A C:\Windows\SysWOW64\accessibilitycpl.dll
A C:\Windows\SysWOW64\ACCTRES.dll
A C:\Windows\SysWOW64\acledit.dll
A C:\Windows\SysWOW64\aclui.dll
A C:\Windows\SysWOW64\acppage.dll
A C:\Windows\SysWOW64\ActionCenter.dll
A C:\Windows\SysWOW64\ActionCenterCPL.dll
A C:\Windows\SysWOW64\activeds.dll
A C:\Windows\SysWOW64\activeds.tlb
A C:\Windows\SysWOW64\actxprxy.dll
A C:\Windows\SysWOW64\AdapterTroubleshooter.exe
A C:\Windows\SysWOW64\admparse.dll
A C:\Windows\SysWOW64\adprovider.dll
A C:\Windows\SysWOW64\adsldp.dll
A C:\Windows\SysWOW64\adsldpc.dll
A C:\Windows\SysWOW64\adsmsext.dll
A C:\Windows\SysWOW64\adsnt.dll
A C:\Windows\SysWOW64\adtschema.dll
A C:\Windows\SysWOW64\advapi32.dll
A C:\Windows\SysWOW64\advpack.dll
A C:\Windows\SysWOW64\aecache.dll
A C:\Windows\SysWOW64\aeevts.dll
A C:\Windows\SysWOW64\AltTab.dll
A C:\Windows\SysWOW64\amcompat.tlb
A C:\Windows\SysWOW64\amstream.dll
A C:\Windows\SysWOW64\amxread.dll
A C:\Windows\SysWOW64\apds.dll
A H C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-security-lsalookup-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-security-sddl-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-service-core-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-service-management-l1-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-service-management-l2-1-0.dll
A H C:\Windows\SysWOW64\api-ms-win-service-winsvc-l1-1-0.dll
A C:\Windows\SysWOW64\apilogen.dll
A C:\Windows\SysWOW64\apircl.dll
A C:\Windows\SysWOW64\apisetschema.dll
A C:\Windows\SysWOW64\apphelp.dll
A C:\Windows\SysWOW64\Apphlpdm.dll
A C:\Windows\SysWOW64\appidapi.dll
A C:\Windows\SysWOW64\appwiz.cpl
A C:\Windows\SysWOW64\apss.dll
A C:\Windows\SysWOW64\ARP.EXE
A C:\Windows\SysWOW64\asferror.dll
A C:\Windows\SysWOW64\asycfilt.dll
A C:\Windows\SysWOW64\at.exe
A C:\Windows\SysWOW64\AtBroker.exe
A C:\Windows\SysWOW64\atl.dll
A C:\Windows\SysWOW64\atl100.dll
A C:\Windows\SysWOW64\atmfd.dll
A C:\Windows\SysWOW64\atmlib.dll
A C:\Windows\SysWOW64\attrib.exe
A C:\Windows\SysWOW64\audiodev.dll
A C:\Windows\SysWOW64\AudioEng.dll
A C:\Windows\SysWOW64\AUDIOKSE.dll
A C:\Windows\SysWOW64\AudioSes.dll
A C:\Windows\SysWOW64\auditpol.exe
A C:\Windows\SysWOW64\authfwcfg.dll
A C:\Windows\SysWOW64\AuthFWGP.dll
A C:\Windows\SysWOW64\AuthFWSnapin.dll
A C:\Windows\SysWOW64\AuthFWWizFwk.dll
A C:\Windows\SysWOW64\authui.dll
A C:\Windows\SysWOW64\authz.dll
A C:\Windows\SysWOW64\autochk.exe
A C:\Windows\SysWOW64\autoconv.exe
A C:\Windows\SysWOW64\autofmt.exe
A C:\Windows\SysWOW64\autoplay.dll
A C:\Windows\SysWOW64\AuxiliaryDisplayApi.dll
A C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll
A C:\Windows\SysWOW64\avicap32.dll
A C:\Windows\SysWOW64\avifil32.dll
A C:\Windows\SysWOW64\avrt.dll
A C:\Windows\SysWOW64\azman.msc
A C:\Windows\SysWOW64\azroles.dll
A C:\Windows\SysWOW64\azroleui.dll
A C:\Windows\SysWOW64\AzSqlExt.dll
A C:\Windows\SysWOW64\basecsp.dll
A C:\Windows\SysWOW64\batmeter.dll
A C:\Windows\SysWOW64\bcrypt.dll
A C:\Windows\SysWOW64\bcryptprimitives.dll
A C:\Windows\SysWOW64\bdaplgin.ax
A C:\Windows\SysWOW64\bidispl.dll
A C:\Windows\SysWOW64\BioCredProv.dll
A C:\Windows\SysWOW64\bitsadmin.exe
A C:\Windows\SysWOW64\bitsperf.dll
A C:\Windows\SysWOW64\bitsprx2.dll
A C:\Windows\SysWOW64\bitsprx3.dll
A C:\Windows\SysWOW64\bitsprx4.dll
A C:\Windows\SysWOW64\bitsprx5.dll
A C:\Windows\SysWOW64\bitsprx6.dll
A C:\Windows\SysWOW64\blackbox.dll
A C:\Windows\SysWOW64\bminstall.dll
A C:\Windows\SysWOW64\bmutil.dll
A C:\Windows\SysWOW64\boot.sdi
A C:\Windows\SysWOW64\bootcfg.exe
A C:\Windows\SysWOW64\BOOTVID.DLL
A C:\Windows\SysWOW64\bopomofo.uce
A C:\Windows\SysWOW64\browcli.dll
A C:\Windows\SysWOW64\browseui.dll
A C:\Windows\SysWOW64\bthprops.cpl
A C:\Windows\SysWOW64\bthudtask.exe
A C:\Windows\SysWOW64\btpanui.dll
A C:\Windows\SysWOW64\Bubbles.scr
A C:\Windows\SysWOW64\BWContextHandler.dll
A C:\Windows\SysWOW64\BWUnpairElevated.dll
A C:\Windows\SysWOW64\cabinet.dll
A C:\Windows\SysWOW64\cabview.dll
A C:\Windows\SysWOW64\cacls.exe
A C:\Windows\SysWOW64\calc.exe
A C:\Windows\SysWOW64\capiprovider.dll
A C:\Windows\SysWOW64\capisp.dll
A C:\Windows\SysWOW64\catsrv.dll
A C:\Windows\SysWOW64\catsrvps.dll
A C:\Windows\SysWOW64\catsrvut.dll
A C:\Windows\SysWOW64\cca.dll
A C:\Windows\SysWOW64\cdosys.dll
A C:\Windows\SysWOW64\cero.rs
A C:\Windows\SysWOW64\certcli.dll
A C:\Windows\SysWOW64\certCredProvider.dll
A C:\Windows\SysWOW64\certenc.dll
A C:\Windows\SysWOW64\CertEnroll.dll
A C:\Windows\SysWOW64\CertEnrollCtrl.exe
A C:\Windows\SysWOW64\CertEnrollUI.dll
A C:\Windows\SysWOW64\certmgr.dll
A C:\Windows\SysWOW64\certmgr.msc
A C:\Windows\SysWOW64\CertPolEng.dll
A C:\Windows\SysWOW64\certreq.exe
A C:\Windows\SysWOW64\certutil.exe
A C:\Windows\SysWOW64\cewmdm.dll
A C:\Windows\SysWOW64\cfgbkend.dll
A C:\Windows\SysWOW64\cfgmgr32.dll
A C:\Windows\SysWOW64\chajei.ime
A C:\Windows\SysWOW64\charmap.exe
A C:\Windows\SysWOW64\chcp.com
A C:\Windows\SysWOW64\chkdsk.exe
A C:\Windows\SysWOW64\chkntfs.exe
A C:\Windows\SysWOW64\choice.exe
A C:\Windows\SysWOW64\chsbrkr.dll
A C:\Windows\SysWOW64\chtbrkr.dll
A C:\Windows\SysWOW64\CHxReadingStringIME.dll
A I C:\Windows\SysWOW64\cic.dll
A C:\Windows\SysWOW64\cintlgnt.ime
A C:\Windows\SysWOW64\cipher.exe
A C:\Windows\SysWOW64\clb.dll
A C:\Windows\SysWOW64\clbcatq.dll
A C:\Windows\SysWOW64\cleanmgr.exe
A C:\Windows\SysWOW64\clfsw32.dll
A C:\Windows\SysWOW64\cliconfg.dll
A C:\Windows\SysWOW64\cliconfg.exe
A C:\Windows\SysWOW64\cliconfg.rll
A C:\Windows\SysWOW64\clip.exe
A C:\Windows\SysWOW64\clusapi.dll
A C:\Windows\SysWOW64\cmcfg32.dll
A C:\Windows\SysWOW64\cmd.exe
A C:\Windows\SysWOW64\cmdial32.dll
A C:\Windows\SysWOW64\cmdkey.exe
A C:\Windows\SysWOW64\cmdl32.exe
A C:\Windows\SysWOW64\cmicryptinstall.dll
A C:\Windows\SysWOW64\cmifw.dll
A C:\Windows\SysWOW64\cmipnpinstall.dll
A C:\Windows\SysWOW64\cmlua.dll
A C:\Windows\SysWOW64\cmmon32.exe
A C:\Windows\SysWOW64\cmpbk32.dll
A C:\Windows\SysWOW64\cmstp.exe
A C:\Windows\SysWOW64\cmstplua.dll
A C:\Windows\SysWOW64\cmutil.dll
A C:\Windows\SysWOW64\cngaudit.dll
A C:\Windows\SysWOW64\cngprovider.dll
A C:\Windows\SysWOW64\cnvfat.dll
A C:\Windows\SysWOW64\cob-au.rs
A C:\Windows\SysWOW64\colbact.dll
A C:\Windows\SysWOW64\COLORCNV.DLL
A C:\Windows\SysWOW64\colorcpl.exe
A C:\Windows\SysWOW64\colorui.dll
A C:\Windows\SysWOW64\comcat.dll
A C:\Windows\SysWOW64\comctl32.dll
A C:\Windows\SysWOW64\comdlg32.dll
A C:\Windows\SysWOW64\comexp.msc
A C:\Windows\SysWOW64\comp.exe
A C:\Windows\SysWOW64\compact.exe
A C:\Windows\SysWOW64\compmgmt.msc
A C:\Windows\SysWOW64\compobj.dll
A C:\Windows\SysWOW64\compstui.dll
A C:\Windows\SysWOW64\ComputerDefaults.exe
A C:\Windows\SysWOW64\comrepl.dll
A C:\Windows\SysWOW64\comres.dll
A C:\Windows\SysWOW64\comsnap.dll
A C:\Windows\SysWOW64\comsvcs.dll
A C:\Windows\SysWOW64\comuid.dll
A C:\Windows\SysWOW64\connect.dll
A C:\Windows\SysWOW64\console.dll
A C:\Windows\SysWOW64\control.exe
A C:\Windows\SysWOW64\convert.exe
A C:\Windows\SysWOW64\CPFilters.dll
A C:\Windows\SysWOW64\credssp.dll
A C:\Windows\SysWOW64\credui.dll
A C:\Windows\SysWOW64\credwiz.exe
A C:\Windows\SysWOW64\crtdll.dll
A C:\Windows\SysWOW64\crypt32.dll
A C:\Windows\SysWOW64\cryptbase.dll
A C:\Windows\SysWOW64\cryptdlg.dll
A C:\Windows\SysWOW64\cryptdll.dll
A C:\Windows\SysWOW64\cryptext.dll
A C:\Windows\SysWOW64\cryptnet.dll
A C:\Windows\SysWOW64\cryptsp.dll
A C:\Windows\SysWOW64\cryptsvc.dll
A C:\Windows\SysWOW64\cryptui.dll
A C:\Windows\SysWOW64\cryptxml.dll
A C:\Windows\SysWOW64\cscapi.dll
A C:\Windows\SysWOW64\cscdll.dll
A C:\Windows\SysWOW64\cscript.exe
A C:\Windows\SysWOW64\csrr.rs
A C:\Windows\SysWOW64\CSVer.dll
A C:\Windows\SysWOW64\ctfmon.exe
A C:\Windows\SysWOW64\ctl3d32.dll
A C:\Windows\SysWOW64\cttune.exe
A C:\Windows\SysWOW64\cttunesvr.exe
A C:\Windows\SysWOW64\C_037.NLS
A C:\Windows\SysWOW64\C_10000.NLS
A C:\Windows\SysWOW64\C_10001.NLS
A C:\Windows\SysWOW64\C_10002.NLS
A C:\Windows\SysWOW64\C_10003.NLS
A C:\Windows\SysWOW64\C_10004.NLS
A C:\Windows\SysWOW64\C_10005.NLS
A C:\Windows\SysWOW64\C_10006.NLS
A C:\Windows\SysWOW64\C_10007.NLS
A C:\Windows\SysWOW64\C_10008.NLS
A C:\Windows\SysWOW64\C_10010.NLS
A C:\Windows\SysWOW64\C_10017.NLS
A C:\Windows\SysWOW64\C_10021.NLS
A C:\Windows\SysWOW64\C_10029.NLS
A C:\Windows\SysWOW64\C_10079.NLS
A C:\Windows\SysWOW64\C_10081.NLS
A C:\Windows\SysWOW64\C_10082.NLS
A C:\Windows\SysWOW64\C_1026.NLS
A C:\Windows\SysWOW64\C_1047.NLS
A C:\Windows\SysWOW64\C_1140.NLS
A C:\Windows\SysWOW64\C_1141.NLS
A C:\Windows\SysWOW64\C_1142.NLS
A C:\Windows\SysWOW64\C_1143.NLS
A C:\Windows\SysWOW64\C_1144.NLS
A C:\Windows\SysWOW64\C_1145.NLS
A C:\Windows\SysWOW64\C_1146.NLS
A C:\Windows\SysWOW64\C_1147.NLS
A C:\Windows\SysWOW64\C_1148.NLS
A C:\Windows\SysWOW64\C_1149.NLS
A C:\Windows\SysWOW64\C_1250.NLS
A C:\Windows\SysWOW64\C_1251.NLS
A C:\Windows\SysWOW64\C_1252.NLS
A C:\Windows\SysWOW64\C_1253.NLS
A C:\Windows\SysWOW64\C_1254.NLS
A C:\Windows\SysWOW64\C_1255.NLS
A C:\Windows\SysWOW64\C_1256.NLS
A C:\Windows\SysWOW64\C_1257.NLS
A C:\Windows\SysWOW64\C_1258.NLS
A C:\Windows\SysWOW64\C_1361.NLS
A C:\Windows\SysWOW64\C_20000.NLS
A C:\Windows\SysWOW64\C_20001.NLS
A C:\Windows\SysWOW64\C_20002.NLS
A C:\Windows\SysWOW64\C_20003.NLS
A C:\Windows\SysWOW64\C_20004.NLS
A C:\Windows\SysWOW64\C_20005.NLS
A C:\Windows\SysWOW64\C_20105.NLS
A C:\Windows\SysWOW64\C_20106.NLS
A C:\Windows\SysWOW64\C_20107.NLS
A C:\Windows\SysWOW64\C_20108.NLS
A C:\Windows\SysWOW64\C_20127.NLS
A C:\Windows\SysWOW64\C_20261.NLS
A C:\Windows\SysWOW64\C_20269.NLS
A C:\Windows\SysWOW64\C_20273.NLS
A C:\Windows\SysWOW64\C_20277.NLS
A C:\Windows\SysWOW64\C_20278.NLS
A C:\Windows\SysWOW64\C_20280.NLS
A C:\Windows\SysWOW64\C_20284.NLS
A C:\Windows\SysWOW64\C_20285.NLS
A C:\Windows\SysWOW64\C_20290.NLS
A C:\Windows\SysWOW64\C_20297.NLS
A C:\Windows\SysWOW64\C_20420.NLS
A C:\Windows\SysWOW64\C_20423.NLS
A C:\Windows\SysWOW64\C_20424.NLS
A C:\Windows\SysWOW64\C_20833.NLS
A C:\Windows\SysWOW64\C_20838.NLS
A C:\Windows\SysWOW64\C_20866.NLS
A C:\Windows\SysWOW64\C_20871.NLS
A C:\Windows\SysWOW64\C_20880.NLS
A C:\Windows\SysWOW64\C_20905.NLS
A C:\Windows\SysWOW64\C_20924.NLS
A C:\Windows\SysWOW64\C_20932.NLS
A C:\Windows\SysWOW64\C_20936.NLS
A C:\Windows\SysWOW64\C_20949.NLS
A C:\Windows\SysWOW64\C_21025.NLS
A C:\Windows\SysWOW64\C_21027.NLS
A C:\Windows\SysWOW64\C_21866.NLS
A C:\Windows\SysWOW64\C_28591.NLS
A C:\Windows\SysWOW64\C_28592.NLS
A C:\Windows\SysWOW64\C_28593.NLS
A C:\Windows\SysWOW64\C_28594.NLS
A C:\Windows\SysWOW64\C_28595.NLS
A C:\Windows\SysWOW64\C_28596.NLS
A C:\Windows\SysWOW64\C_28597.NLS
A C:\Windows\SysWOW64\C_28598.NLS
A C:\Windows\SysWOW64\C_28599.NLS
A C:\Windows\SysWOW64\c_28603.nls
A C:\Windows\SysWOW64\C_28605.NLS
A C:\Windows\SysWOW64\C_437.NLS
A C:\Windows\SysWOW64\C_500.NLS
A C:\Windows\SysWOW64\C_708.NLS
A C:\Windows\SysWOW64\C_720.NLS
A C:\Windows\SysWOW64\C_737.NLS
A C:\Windows\SysWOW64\C_775.NLS
A C:\Windows\SysWOW64\C_850.NLS
A C:\Windows\SysWOW64\C_852.NLS
A C:\Windows\SysWOW64\C_855.NLS
A C:\Windows\SysWOW64\C_857.NLS
A C:\Windows\SysWOW64\C_858.NLS
A C:\Windows\SysWOW64\C_860.NLS
A C:\Windows\SysWOW64\C_861.NLS
A C:\Windows\SysWOW64\C_862.NLS
A C:\Windows\SysWOW64\C_863.NLS
A C:\Windows\SysWOW64\C_864.NLS
A C:\Windows\SysWOW64\C_865.NLS
A C:\Windows\SysWOW64\C_866.NLS
A C:\Windows\SysWOW64\C_869.NLS
A C:\Windows\SysWOW64\C_870.NLS
A C:\Windows\SysWOW64\C_874.NLS
A C:\Windows\SysWOW64\C_875.NLS
A C:\Windows\SysWOW64\C_932.NLS
A C:\Windows\SysWOW64\C_936.NLS
A C:\Windows\SysWOW64\C_949.NLS
A C:\Windows\SysWOW64\C_950.NLS
A C:\Windows\SysWOW64\C_G18030.DLL
A C:\Windows\SysWOW64\C_IS2022.DLL
A C:\Windows\SysWOW64\C_ISCII.DLL
A C:\Windows\SysWOW64\d2d1.dll
A C:\Windows\SysWOW64\d3d10.dll
A C:\Windows\SysWOW64\d3d10core.dll
A C:\Windows\SysWOW64\d3d10level9.dll
A C:\Windows\SysWOW64\d3d10warp.dll
A C:\Windows\SysWOW64\d3d10_1.dll
A C:\Windows\SysWOW64\d3d10_1core.dll
A C:\Windows\SysWOW64\d3d11.dll
A C:\Windows\SysWOW64\d3d8.dll
A C:\Windows\SysWOW64\d3d8thk.dll
A C:\Windows\SysWOW64\d3d9.dll
A C:\Windows\SysWOW64\D3DCompiler_33.dll
A C:\Windows\SysWOW64\D3DCompiler_34.dll
A C:\Windows\SysWOW64\D3DCompiler_35.dll
A C:\Windows\SysWOW64\D3DCompiler_36.dll
A C:\Windows\SysWOW64\D3DCompiler_37.dll
A C:\Windows\SysWOW64\D3DCompiler_38.dll
A C:\Windows\SysWOW64\D3DCompiler_39.dll
A C:\Windows\SysWOW64\D3DCompiler_40.dll
A C:\Windows\SysWOW64\D3DCompiler_41.dll
A C:\Windows\SysWOW64\D3DCompiler_42.dll
A C:\Windows\SysWOW64\D3DCompiler_43.dll
A C:\Windows\SysWOW64\d3dcsx_42.dll
A C:\Windows\SysWOW64\d3dcsx_43.dll
A C:\Windows\SysWOW64\d3dim.dll
A C:\Windows\SysWOW64\d3dim700.dll
A C:\Windows\SysWOW64\d3dramp.dll
A C:\Windows\SysWOW64\d3dx10.dll
A C:\Windows\SysWOW64\d3dx10_33.dll
A C:\Windows\SysWOW64\d3dx10_34.dll
A C:\Windows\SysWOW64\d3dx10_35.dll
A C:\Windows\SysWOW64\d3dx10_36.dll
A C:\Windows\SysWOW64\d3dx10_37.dll
A C:\Windows\SysWOW64\d3dx10_38.dll
A C:\Windows\SysWOW64\d3dx10_39.dll
A C:\Windows\SysWOW64\d3dx10_40.dll
A C:\Windows\SysWOW64\d3dx10_41.dll
A C:\Windows\SysWOW64\d3dx10_42.dll
A C:\Windows\SysWOW64\d3dx10_43.dll
A C:\Windows\SysWOW64\d3dx11_42.dll
A C:\Windows\SysWOW64\d3dx11_43.dll
A C:\Windows\SysWOW64\d3dx9_24.dll
A C:\Windows\SysWOW64\d3dx9_25.dll
A C:\Windows\SysWOW64\d3dx9_26.dll
A C:\Windows\SysWOW64\d3dx9_27.dll
A C:\Windows\SysWOW64\d3dx9_28.dll
A C:\Windows\SysWOW64\d3dx9_29.dll
A C:\Windows\SysWOW64\d3dx9_30.dll
A C:\Windows\SysWOW64\d3dx9_31.dll
A C:\Windows\SysWOW64\d3dx9_32.dll
A C:\Windows\SysWOW64\d3dx9_33.dll
A C:\Windows\SysWOW64\d3dx9_34.dll
A C:\Windows\SysWOW64\d3dx9_35.dll
A C:\Windows\SysWOW64\d3dx9_36.dll
A C:\Windows\SysWOW64\D3DX9_37.dll
A C:\Windows\SysWOW64\D3DX9_38.dll
A C:\Windows\SysWOW64\D3DX9_39.dll
A C:\Windows\SysWOW64\D3DX9_40.dll
A C:\Windows\SysWOW64\D3DX9_41.dll
A C:\Windows\SysWOW64\D3DX9_42.dll
A C:\Windows\SysWOW64\D3DX9_43.dll
A C:\Windows\SysWOW64\d3dxof.dll
A C:\Windows\SysWOW64\dataclen.dll
A C:\Windows\SysWOW64\davclnt.dll
A C:\Windows\SysWOW64\davhlpr.dll
A C:\Windows\SysWOW64\dbgeng.dll
A C:\Windows\SysWOW64\dbghelp.dll
A C:\Windows\SysWOW64\dbnetlib.dll
A C:\Windows\SysWOW64\dbnmpntw.dll
A C:\Windows\SysWOW64\dccw.exe
A C:\Windows\SysWOW64\dciman32.dll
A C:\Windows\SysWOW64\dcomcnfg.exe
A C:\Windows\SysWOW64\DDACLSys.dll
A C:\Windows\SysWOW64\ddodiag.exe
A C:\Windows\SysWOW64\DDOIProxy.dll
A C:\Windows\SysWOW64\DDORes.dll
A C:\Windows\SysWOW64\ddraw.dll
A C:\Windows\SysWOW64\ddrawex.dll
A C:\Windows\SysWOW64\defaultlocationcpl.dll
A C:\Windows\SysWOW64\deployJava1.dll
A C:\Windows\SysWOW64\desk.cpl
A C:\Windows\SysWOW64\deskadp.dll
A C:\Windows\SysWOW64\deskmon.dll
A C:\Windows\SysWOW64\deskperf.dll
A C:\Windows\SysWOW64\devenum.dll
A C:\Windows\SysWOW64\DeviceCenter.dll
A C:\Windows\SysWOW64\DeviceDisplayStatusManager.dll
A C:\Windows\SysWOW64\DeviceMetadataParsers.dll
A C:\Windows\SysWOW64\DevicePairing.dll
A C:\Windows\SysWOW64\DevicePairingFolder.dll
A C:\Windows\SysWOW64\DevicePairingHandler.dll
A C:\Windows\SysWOW64\DevicePairingProxy.dll
A C:\Windows\SysWOW64\DevicePairingWizard.exe
A C:\Windows\SysWOW64\DeviceProperties.exe
A C:\Windows\SysWOW64\DeviceUxRes.dll
A C:\Windows\SysWOW64\devmgmt.msc
A C:\Windows\SysWOW64\devmgr.dll
A C:\Windows\SysWOW64\devobj.dll
A C:\Windows\SysWOW64\devrtl.dll
A C:\Windows\SysWOW64\dfrgui.exe
A C:\Windows\SysWOW64\dfscli.dll
A C:\Windows\SysWOW64\dfshim.dll
A C:\Windows\SysWOW64\DfsShlEx.dll
A C:\Windows\SysWOW64\dhcpcmonitor.dll
A C:\Windows\SysWOW64\dhcpcore.dll
A C:\Windows\SysWOW64\dhcpcore6.dll
A C:\Windows\SysWOW64\dhcpcsvc.dll
A C:\Windows\SysWOW64\dhcpcsvc6.dll
A C:\Windows\SysWOW64\DHCPQEC.DLL
A C:\Windows\SysWOW64\dhcpsapi.dll
A C:\Windows\SysWOW64\dialer.exe
A C:\Windows\SysWOW64\diantz.exe
A C:\Windows\SysWOW64\difxapi.dll
A C:\Windows\SysWOW64\dimsjob.dll
A C:\Windows\SysWOW64\dimsroam.dll
A C:\Windows\SysWOW64\dinput.dll
A C:\Windows\SysWOW64\dinput8.dll
A C:\Windows\SysWOW64\diskcomp.com
A C:\Windows\SysWOW64\diskcopy.com
A C:\Windows\SysWOW64\diskcopy.dll
A C:\Windows\SysWOW64\diskmgmt.msc
A C:\Windows\SysWOW64\diskpart.exe
A C:\Windows\SysWOW64\diskperf.exe
A C:\Windows\SysWOW64\diskraid.exe
A C:\Windows\SysWOW64\Dism.exe
A C:\Windows\SysWOW64\dispex.dll
A C:\Windows\SysWOW64\Display.dll
A C:\Windows\SysWOW64\DisplaySwitch.exe
A C:\Windows\SysWOW64\djctq.rs
A C:\Windows\SysWOW64\dllhost.exe
A C:\Windows\SysWOW64\dllhst3g.exe
A C:\Windows\SysWOW64\dmband.dll
A C:\Windows\SysWOW64\dmcompos.dll
A C:\Windows\SysWOW64\dmdlgs.dll
A C:\Windows\SysWOW64\dmdskmgr.dll
A C:\Windows\SysWOW64\dmdskres.dll
A C:\Windows\SysWOW64\dmdskres2.dll
A C:\Windows\SysWOW64\dmime.dll
A C:\Windows\SysWOW64\dmintf.dll
A C:\Windows\SysWOW64\dmloader.dll
A C:\Windows\SysWOW64\dmocx.dll
A C:\Windows\SysWOW64\dmrc.dll
A C:\Windows\SysWOW64\dmscript.dll
A C:\Windows\SysWOW64\dmstyle.dll
A C:\Windows\SysWOW64\dmsynth.dll
A C:\Windows\SysWOW64\dmusic.dll
A C:\Windows\SysWOW64\dmutil.dll
A C:\Windows\SysWOW64\dmvdsitf.dll
A C:\Windows\SysWOW64\dmview.ocx
A C:\Windows\SysWOW64\dnsapi.dll
A C:\Windows\SysWOW64\dnscacheugc.exe
A C:\Windows\SysWOW64\dnscmmc.dll
A C:\Windows\SysWOW64\docprop.dll
A C:\Windows\SysWOW64\doskey.exe
A C:\Windows\SysWOW64\dot3api.dll
A C:\Windows\SysWOW64\dot3cfg.dll
A C:\Windows\SysWOW64\dot3dlg.dll
A C:\Windows\SysWOW64\dot3gpclnt.dll
A C:\Windows\SysWOW64\dot3gpui.dll
A C:\Windows\SysWOW64\dot3hc.dll
A C:\Windows\SysWOW64\dot3msm.dll
A C:\Windows\SysWOW64\dot3ui.dll
A C:\Windows\SysWOW64\dpapimig.exe
A C:\Windows\SysWOW64\dpapiprovider.dll
A C:\Windows\SysWOW64\DpiScaling.exe
A C:\Windows\SysWOW64\dplaysvr.exe
A C:\Windows\SysWOW64\dplayx.dll
A C:\Windows\SysWOW64\dpmodemx.dll
A C:\Windows\SysWOW64\dpnaddr.dll
A C:\Windows\SysWOW64\dpnathlp.dll
A C:\Windows\SysWOW64\dpnet.dll
A C:\Windows\SysWOW64\dpnhpast.dll
A C:\Windows\SysWOW64\dpnhupnp.dll
A C:\Windows\SysWOW64\dpnlobby.dll
A C:\Windows\SysWOW64\dpnsvr.exe
A C:\Windows\SysWOW64\dpwsockx.dll
A C:\Windows\SysWOW64\dpx.dll
A C:\Windows\SysWOW64\driverquery.exe
A C:\Windows\SysWOW64\drmmgrtn.dll
A C:\Windows\SysWOW64\drmv2clt.dll
A C:\Windows\SysWOW64\drprov.dll
A C:\Windows\SysWOW64\drt.dll
A C:\Windows\SysWOW64\drtprov.dll
A C:\Windows\SysWOW64\drttransport.dll
A C:\Windows\SysWOW64\drvinst.exe
A C:\Windows\SysWOW64\drvstore.dll
A C:\Windows\SysWOW64\ds32gt.dll
A C:\Windows\SysWOW64\dsauth.dll
A C:\Windows\SysWOW64\dsdmo.dll
A C:\Windows\SysWOW64\DShowRdpFilter.dll
A C:\Windows\SysWOW64\dskquota.dll
A C:\Windows\SysWOW64\dskquoui.dll
A C:\Windows\SysWOW64\dsound.dll
A C:\Windows\SysWOW64\dsprop.dll
A C:\Windows\SysWOW64\dsquery.dll
A C:\Windows\SysWOW64\dsrole.dll
A C:\Windows\SysWOW64\dssec.dat
A C:\Windows\SysWOW64\dssec.dll
A C:\Windows\SysWOW64\dssenh.dll
A C:\Windows\SysWOW64\dsuiext.dll
A C:\Windows\SysWOW64\dswave.dll
A C:\Windows\SysWOW64\dtsh.dll
A C:\Windows\SysWOW64\dui70.dll
A C:\Windows\SysWOW64\duser.dll
A C:\Windows\SysWOW64\dvdplay.exe
A C:\Windows\SysWOW64\dvdupgrd.exe
A C:\Windows\SysWOW64\dwmapi.dll
A C:\Windows\SysWOW64\dwmcore.dll
A C:\Windows\SysWOW64\DWrite.dll
A C:\Windows\SysWOW64\DWWIN.EXE
A C:\Windows\SysWOW64\dxdiag.exe
A C:\Windows\SysWOW64\dxdiagn.dll
A C:\Windows\SysWOW64\dxgi.dll
A C:\Windows\SysWOW64\dxmasf.dll
A C:\Windows\SysWOW64\DXPTaskRingtone.dll
A C:\Windows\SysWOW64\DxpTaskSync.dll
A C:\Windows\SysWOW64\dxtmsft.dll
A C:\Windows\SysWOW64\dxtrans.dll
A C:\Windows\SysWOW64\dxva2.dll
A C:\Windows\SysWOW64\eapp3hst.dll
A C:\Windows\SysWOW64\eappcfg.dll
A C:\Windows\SysWOW64\eappgnui.dll
A C:\Windows\SysWOW64\eapphost.dll
A C:\Windows\SysWOW64\eappprxy.dll
A C:\Windows\SysWOW64\EAPQEC.DLL
A C:\Windows\SysWOW64\EBAPI.dll
A C:\Windows\SysWOW64\EEBAPI.dll
A C:\Windows\SysWOW64\EEBDSCVR.dll
A C:\Windows\SysWOW64\EEBSDKIF.dll
A C:\Windows\SysWOW64\EEBUtil.dll
A C:\Windows\SysWOW64\efsadu.dll
A C:\Windows\SysWOW64\efscore.dll
A C:\Windows\SysWOW64\efsui.exe
A C:\Windows\SysWOW64\efsutil.dll
A C:\Windows\SysWOW64\EhStorAPI.dll
A C:\Windows\SysWOW64\EhStorAuthn.exe
A C:\Windows\SysWOW64\EhStorPwdMgr.dll
A C:\Windows\SysWOW64\EhStorShell.dll
A C:\Windows\SysWOW64\els.dll
A C:\Windows\SysWOW64\ELSCore.dll
A C:\Windows\SysWOW64\elslad.dll
A C:\Windows\SysWOW64\elsTrans.dll
A C:\Windows\SysWOW64\encapi.dll
A C:\Windows\SysWOW64\EncDec.dll
A C:\Windows\SysWOW64\eqossnap.dll
A C:\Windows\SysWOW64\es.dll
A C:\Windows\SysWOW64\esent.dll
A C:\Windows\SysWOW64\esentprf.dll
A C:\Windows\SysWOW64\esentutl.exe
A C:\Windows\SysWOW64\esrb.rs
A C:\Windows\SysWOW64\eudcedit.exe
A C:\Windows\SysWOW64\eventcls.dll
A C:\Windows\SysWOW64\eventcreate.exe
A C:\Windows\SysWOW64\EventViewer_EventDetails.xsl
A C:\Windows\SysWOW64\eventvwr.exe
A C:\Windows\SysWOW64\eventvwr.msc
A C:\Windows\SysWOW64\evr.dll
A C:\Windows\SysWOW64\expand.exe
A C:\Windows\SysWOW64\explorer.exe
A C:\Windows\SysWOW64\ExplorerFrame.dll
A C:\Windows\SysWOW64\expsrv.dll
A C:\Windows\SysWOW64\extrac32.exe
A C:\Windows\SysWOW64\f3ahvoas.dll
A C:\Windows\SysWOW64\Faultrep.dll
A C:\Windows\SysWOW64\fc.exe
A C:\Windows\SysWOW64\fdBth.dll
A C:\Windows\SysWOW64\fdBthProxy.dll
A C:\Windows\SysWOW64\fde.dll
A C:\Windows\SysWOW64\fdeploy.dll
A C:\Windows\SysWOW64\fdPnp.dll
A C:\Windows\SysWOW64\fdProxy.dll
A C:\Windows\SysWOW64\fdSSDP.dll
A C:\Windows\SysWOW64\fdWCN.dll
A C:\Windows\SysWOW64\fdWNet.dll
A C:\Windows\SysWOW64\fdWSD.dll
A C:\Windows\SysWOW64\feclient.dll
A C:\Windows\SysWOW64\filemgmt.dll
A C:\Windows\SysWOW64\find.exe
A C:\Windows\SysWOW64\findnetprinters.dll
A C:\Windows\SysWOW64\findstr.exe
A C:\Windows\SysWOW64\finger.exe
A C:\Windows\SysWOW64\Firewall.cpl
A C:\Windows\SysWOW64\FirewallAPI.dll
A C:\Windows\SysWOW64\FirewallControlPanel.dll
A C:\Windows\SysWOW64\fixmapi.exe
A C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
A C:\Windows\SysWOW64\fltLib.dll
A C:\Windows\SysWOW64\fltMC.exe
A C:\Windows\SysWOW64\FM20.DLL
A C:\Windows\SysWOW64\FM20ENU.DLL
A C:\Windows\SysWOW64\fmifs.dll
A C:\Windows\SysWOW64\fms.dll
A C:\Windows\SysWOW64\fontext.dll
A C:\Windows\SysWOW64\fontsub.dll
A C:\Windows\SysWOW64\fontview.exe
A C:\Windows\SysWOW64\forfiles.exe
A C:\Windows\SysWOW64\format.com
A C:\Windows\SysWOW64\fpb.rs
A C:\Windows\SysWOW64\fphc.dll
A C:\Windows\SysWOW64\framedyn.dll
A C:\Windows\SysWOW64\framedynos.dll
A C:\Windows\SysWOW64\fsmgmt.msc
A C:\Windows\SysWOW64\fsutil.exe
A C:\Windows\SysWOW64\fthsvc.dll
A C:\Windows\SysWOW64\ftp.exe
A C:\Windows\SysWOW64\fundisc.dll
A C:\Windows\SysWOW64\fwcfg.dll
A C:\Windows\SysWOW64\FWPUCLNT.DLL
A C:\Windows\SysWOW64\FwRemoteSvr.dll
A C:\Windows\SysWOW64\FXSAPI.dll
A C:\Windows\SysWOW64\FXSCOM.dll
A C:\Windows\SysWOW64\FXSCOMEX.dll
A C:\Windows\SysWOW64\FXSEXT32.dll
A C:\Windows\SysWOW64\FXSRESM.dll
A C:\Windows\SysWOW64\FXSXP32.dll
A C:\Windows\SysWOW64\g711codc.ax
A C:\Windows\SysWOW64\gameux.dll
A C:\Windows\SysWOW64\GameUXLegacyGDFs.dll
A C:\Windows\SysWOW64\gb2312.uce
A C:\Windows\SysWOW64\gcdef.dll
A C:\Windows\SysWOW64\gdi32.dll
A C:\Windows\SysWOW64\getmac.exe
A C:\Windows\SysWOW64\getuname.dll
A C:\Windows\SysWOW64\glmf32.dll
A C:\Windows\SysWOW64\glu32.dll
A C:\Windows\SysWOW64\gpapi.dll
A C:\Windows\SysWOW64\gpedit.dll
A C:\Windows\SysWOW64\gpprnext.dll
A C:\Windows\SysWOW64\gpresult.exe
A C:\Windows\SysWOW64\gptext.dll
A C:\Windows\SysWOW64\gpupdate.exe
A C:\Windows\SysWOW64\grb.rs
A C:\Windows\SysWOW64\grpconv.exe
A C:\Windows\SysWOW64\hbaapi.dll
A C:\Windows\SysWOW64\hcproviders.dll
A C:\Windows\SysWOW64\hdwwiz.cpl
A C:\Windows\SysWOW64\hdwwiz.exe
A C:\Windows\SysWOW64\help.exe
A C:\Windows\SysWOW64\HelpPaneProxy.dll
A C:\Windows\SysWOW64\hgcpl.dll
A C:\Windows\SysWOW64\hh.exe
A C:\Windows\SysWOW64\hhctrl.ocx
A C:\Windows\SysWOW64\hhsetup.dll
A C:\Windows\SysWOW64\hid.dll
A C:\Windows\SysWOW64\hidphone.tsp
A C:\Windows\SysWOW64\hidserv.dll
A C:\Windows\SysWOW64\hlink.dll
A C:\Windows\SysWOW64\hnetcfg.dll
A C:\Windows\SysWOW64\hnetmon.dll
A C:\Windows\SysWOW64\HOSTNAME.EXE
A C:\Windows\SysWOW64\html.iec
A C:\Windows\SysWOW64\httpapi.dll
A C:\Windows\SysWOW64\htui.dll
A C:\Windows\SysWOW64\iac25_32.ax
A C:\Windows\SysWOW64\ias.dll
A C:\Windows\SysWOW64\iasacct.dll
A C:\Windows\SysWOW64\iasads.dll
A C:\Windows\SysWOW64\iasdatastore.dll
A C:\Windows\SysWOW64\iashlpr.dll
A C:\Windows\SysWOW64\IasMigPlugin.dll
A C:\Windows\SysWOW64\iasnap.dll
A C:\Windows\SysWOW64\iaspolcy.dll
A C:\Windows\SysWOW64\iasrad.dll
A C:\Windows\SysWOW64\iasrecst.dll
A C:\Windows\SysWOW64\iassam.dll
A C:\Windows\SysWOW64\iassdo.dll
A C:\Windows\SysWOW64\iassvcs.dll
A C:\Windows\SysWOW64\icacls.exe
A C:\Windows\SysWOW64\icardagt.exe
A C:\Windows\SysWOW64\icardie.dll
A C:\Windows\SysWOW64\icardres.dll
A C:\Windows\SysWOW64\iccvid.dll
A C:\Windows\SysWOW64\icm32.dll
A C:\Windows\SysWOW64\icmp.dll
A C:\Windows\SysWOW64\icmui.dll
A C:\Windows\SysWOW64\IconCodecService.dll
A C:\Windows\SysWOW64\icrav03.rat
A C:\Windows\SysWOW64\icsigd.dll
A C:\Windows\SysWOW64\icsunattend.exe
A C:\Windows\SysWOW64\ideograf.uce
A C:\Windows\SysWOW64\idndl.dll
A C:\Windows\SysWOW64\IDStore.dll
A C:\Windows\SysWOW64\ie4uinit.exe
A C:\Windows\SysWOW64\IEAdvpack.dll
A C:\Windows\SysWOW64\ieakeng.dll
A C:\Windows\SysWOW64\ieaksie.dll
A C:\Windows\SysWOW64\ieakui.dll
A C:\Windows\SysWOW64\ieapfltr.dat
A C:\Windows\SysWOW64\ieapfltr.dll
A C:\Windows\SysWOW64\iedkcs32.dll
A C:\Windows\SysWOW64\ieframe.dll
A C:\Windows\SysWOW64\iepeers.dll
A C:\Windows\SysWOW64\iernonce.dll
A C:\Windows\SysWOW64\iertutil.dll
A C:\Windows\SysWOW64\iesetup.dll
A C:\Windows\SysWOW64\iesysprep.dll
A C:\Windows\SysWOW64\ieui.dll
A C:\Windows\SysWOW64\ieuinit.inf
A C:\Windows\SysWOW64\ieUnatt.exe
A C:\Windows\SysWOW64\iexpress.exe
A C:\Windows\SysWOW64\ifmon.dll
A C:\Windows\SysWOW64\ifsutil.dll
A C:\Windows\SysWOW64\ifsutilx.dll
A C:\Windows\SysWOW64\ig4icd32.dll
A C:\Windows\SysWOW64\igcompkrng600.bin
A C:\Windows\SysWOW64\igd10umd32.dll
A C:\Windows\SysWOW64\igdde32.dll
A C:\Windows\SysWOW64\igdumd32.dll
A C:\Windows\SysWOW64\igdumdx32.dll
A C:\Windows\SysWOW64\igfcg600m.bin
A C:\Windows\SysWOW64\igfxcmrt32.dll
A C:\Windows\SysWOW64\igfxdv32.dll
A C:\Windows\SysWOW64\igfxexps32.dll
A C:\Windows\SysWOW64\igkrng600.bin
A C:\Windows\SysWOW64\iglhcp32.dll
A C:\Windows\SysWOW64\iglhsip32.dll
A C:\Windows\SysWOW64\imaadp32.acm
A C:\Windows\SysWOW64\imagehlp.dll
A C:\Windows\SysWOW64\imageres.dll
A C:\Windows\SysWOW64\imagesp1.dll
A C:\Windows\SysWOW64\imapi.dll
A C:\Windows\SysWOW64\imapi2.dll
A C:\Windows\SysWOW64\imapi2fs.dll
A C:\Windows\SysWOW64\IMESHARE.DLL
A C:\Windows\SysWOW64\imgutil.dll
A C:\Windows\SysWOW64\IMJP10.IME
A C:\Windows\SysWOW64\IMJP10K.DLL
A C:\Windows\SysWOW64\imkr80.ime
A C:\Windows\SysWOW64\imm32.dll
A C:\Windows\SysWOW64\inetcomm.dll
A C:\Windows\SysWOW64\inetcpl.cpl
A C:\Windows\SysWOW64\inetmib1.dll
A C:\Windows\SysWOW64\INETRES.dll
A C:\Windows\SysWOW64\InfDefaultInstall.exe
A C:\Windows\SysWOW64\infocardapi.dll
A C:\Windows\SysWOW64\infocardcpl.cpl
A C:\Windows\SysWOW64\InkEd.dll
A C:\Windows\SysWOW64\input.dll
A C:\Windows\SysWOW64\inseng.dll
A C:\Windows\SysWOW64\instnm.exe
A C:\Windows\SysWOW64\intl.cpl
A C:\Windows\SysWOW64\iologmsg.dll
A C:\Windows\SysWOW64\IPBusEnumProxy.dll
A C:\Windows\SysWOW64\ipconfig.exe
A C:\Windows\SysWOW64\IPHLPAPI.DLL
A C:\Windows\SysWOW64\iprop.dll
A C:\Windows\SysWOW64\iprtprio.dll
A C:\Windows\SysWOW64\iprtrmgr.dll
A C:\Windows\SysWOW64\ipsecsnp.dll
A C:\Windows\SysWOW64\ipsmsnap.dll
A C:\Windows\SysWOW64\ir32_32.dll
A C:\Windows\SysWOW64\ir41_32.ax
A C:\Windows\SysWOW64\ir41_qc.dll
A C:\Windows\SysWOW64\ir41_qcx.dll
A C:\Windows\SysWOW64\ir50_32.dll
A C:\Windows\SysWOW64\ir50_qc.dll
A C:\Windows\SysWOW64\ir50_qcx.dll
A C:\Windows\SysWOW64\irclass.dll
A C:\Windows\SysWOW64\irprops.cpl
A C:\Windows\SysWOW64\iscsicli.exe
A C:\Windows\SysWOW64\iscsicpl.dll
A C:\Windows\SysWOW64\iscsicpl.exe
A C:\Windows\SysWOW64\iscsidsc.dll
A C:\Windows\SysWOW64\iscsied.dll
A C:\Windows\SysWOW64\iscsium.dll
A C:\Windows\SysWOW64\iscsiwmi.dll
A C:\Windows\SysWOW64\isoburn.exe
C:\Windows\SysWOW64\ISSRemoveSP.exe
A C:\Windows\SysWOW64\itircl.dll
A C:\Windows\SysWOW64\itss.dll
A C:\Windows\SysWOW64\iTVData.dll
A C:\Windows\SysWOW64\ivfsrc.ax
A C:\Windows\SysWOW64\iyuv_32.dll
A C:\Windows\SysWOW64\java.exe
A C:\Windows\SysWOW64\javaw.exe
A C:\Windows\SysWOW64\javaws.exe
A C:\Windows\SysWOW64\joy.cpl
A C:\Windows\SysWOW64\jscript.dll
A C:\Windows\SysWOW64\jscript9.dll
A C:\Windows\SysWOW64\jsproxy.dll
A C:\Windows\SysWOW64\kanji_1.uce
A C:\Windows\SysWOW64\kanji_2.uce
A C:\Windows\SysWOW64\kbd101.DLL
A C:\Windows\SysWOW64\kbd101a.DLL
A C:\Windows\SysWOW64\kbd101b.DLL
A C:\Windows\SysWOW64\kbd101c.DLL
A C:\Windows\SysWOW64\kbd103.DLL
A C:\Windows\SysWOW64\kbd106.dll
A C:\Windows\SysWOW64\kbd106n.dll
A C:\Windows\SysWOW64\KBDA1.DLL
A C:\Windows\SysWOW64\KBDA2.DLL
A C:\Windows\SysWOW64\KBDA3.DLL
A C:\Windows\SysWOW64\KBDAL.DLL
A C:\Windows\SysWOW64\KBDARME.DLL
A C:\Windows\SysWOW64\KBDARMW.DLL
A C:\Windows\SysWOW64\kbdax2.dll
A C:\Windows\SysWOW64\KBDAZE.DLL
A C:\Windows\SysWOW64\KBDAZEL.DLL
A C:\Windows\SysWOW64\KBDBASH.DLL
A C:\Windows\SysWOW64\KBDBE.DLL
A C:\Windows\SysWOW64\KBDBENE.DLL
A C:\Windows\SysWOW64\KBDBGPH.DLL
A C:\Windows\SysWOW64\KBDBGPH1.DLL
A C:\Windows\SysWOW64\KBDBHC.DLL
A C:\Windows\SysWOW64\KBDBLR.DLL
A C:\Windows\SysWOW64\KBDBR.DLL
A C:\Windows\SysWOW64\KBDBU.DLL
A C:\Windows\SysWOW64\KBDBULG.DLL
A C:\Windows\SysWOW64\KBDCA.DLL
A C:\Windows\SysWOW64\KBDCAN.DLL
A C:\Windows\SysWOW64\KBDCR.DLL
A C:\Windows\SysWOW64\KBDCZ.DLL
A C:\Windows\SysWOW64\KBDCZ1.DLL
A C:\Windows\SysWOW64\KBDCZ2.DLL
A C:\Windows\SysWOW64\KBDDA.DLL
A C:\Windows\SysWOW64\KBDDIV1.DLL
A C:\Windows\SysWOW64\KBDDIV2.DLL
A C:\Windows\SysWOW64\KBDDV.DLL
A C:\Windows\SysWOW64\KBDES.DLL
A C:\Windows\SysWOW64\KBDEST.DLL
A C:\Windows\SysWOW64\KBDFA.DLL
A C:\Windows\SysWOW64\KBDFC.DLL
A C:\Windows\SysWOW64\KBDFI.DLL
A C:\Windows\SysWOW64\KBDFI1.DLL
A SHR C:\Windows\SysWOW64\KBDFI1V.dll
A C:\Windows\SysWOW64\KBDFO.DLL
A C:\Windows\SysWOW64\KBDFR.DLL
A C:\Windows\SysWOW64\KBDGAE.DLL
A C:\Windows\SysWOW64\KBDGEO.DLL
A C:\Windows\SysWOW64\kbdgeoer.dll
A C:\Windows\SysWOW64\kbdgeoqw.dll
A C:\Windows\SysWOW64\KBDGKL.DLL
A C:\Windows\SysWOW64\KBDGR.DLL
A C:\Windows\SysWOW64\KBDGR1.DLL
A C:\Windows\SysWOW64\KBDGRLND.DLL
A C:\Windows\SysWOW64\KBDHAU.DLL
A C:\Windows\SysWOW64\KBDHE.DLL
A C:\Windows\SysWOW64\KBDHE220.DLL
A C:\Windows\SysWOW64\KBDHE319.DLL
A C:\Windows\SysWOW64\KBDHEB.DLL
A C:\Windows\SysWOW64\KBDHELA2.DLL
A C:\Windows\SysWOW64\KBDHELA3.DLL
A C:\Windows\SysWOW64\KBDHEPT.DLL
A C:\Windows\SysWOW64\KBDHU.DLL
A C:\Windows\SysWOW64\KBDHU1.DLL
A C:\Windows\SysWOW64\kbdibm02.DLL
A C:\Windows\SysWOW64\KBDIBO.DLL
A C:\Windows\SysWOW64\KBDIC.DLL
A C:\Windows\SysWOW64\KBDINASA.DLL
A C:\Windows\SysWOW64\KBDINBE1.DLL
A C:\Windows\SysWOW64\KBDINBE2.DLL
A C:\Windows\SysWOW64\KBDINBEN.DLL
A C:\Windows\SysWOW64\KBDINDEV.DLL
A C:\Windows\SysWOW64\KBDINGUJ.DLL
A C:\Windows\SysWOW64\KBDINHIN.DLL
A C:\Windows\SysWOW64\KBDINKAN.DLL
A C:\Windows\SysWOW64\KBDINMAL.DLL
A C:\Windows\SysWOW64\KBDINMAR.DLL
A C:\Windows\SysWOW64\KBDINORI.DLL
A C:\Windows\SysWOW64\KBDINPUN.DLL
A C:\Windows\SysWOW64\KBDINTAM.DLL
A C:\Windows\SysWOW64\KBDINTEL.DLL
A C:\Windows\SysWOW64\KBDINUK2.DLL
A C:\Windows\SysWOW64\KBDIR.DLL
A C:\Windows\SysWOW64\KBDIT.DLL
A C:\Windows\SysWOW64\KBDIT142.DLL
A C:\Windows\SysWOW64\KBDIULAT.DLL
A C:\Windows\SysWOW64\KBDJPN.DLL
A C:\Windows\SysWOW64\KBDKAZ.DLL
A C:\Windows\SysWOW64\KBDKHMR.DLL
A C:\Windows\SysWOW64\KBDKOR.DLL
A C:\Windows\SysWOW64\KBDKYR.DLL
A C:\Windows\SysWOW64\KBDLA.DLL
A C:\Windows\SysWOW64\KBDLAO.DLL
A C:\Windows\SysWOW64\kbdlk41a.dll
A C:\Windows\SysWOW64\KBDLT.DLL
A C:\Windows\SysWOW64\KBDLT1.DLL
A C:\Windows\SysWOW64\KBDLT2.DLL
A C:\Windows\SysWOW64\KBDLV.DLL
A C:\Windows\SysWOW64\KBDLV1.DLL
A C:\Windows\SysWOW64\KBDMAC.DLL
A C:\Windows\SysWOW64\KBDMACST.DLL
A C:\Windows\SysWOW64\KBDMAORI.DLL
A C:\Windows\SysWOW64\KBDMLT47.DLL
A C:\Windows\SysWOW64\KBDMLT48.DLL
A C:\Windows\SysWOW64\KBDMON.DLL
A C:\Windows\SysWOW64\KBDMONMO.DLL
A C:\Windows\SysWOW64\KBDNE.DLL
A C:\Windows\SysWOW64\kbdnec.DLL
A C:\Windows\SysWOW64\kbdnec95.DLL
A C:\Windows\SysWOW64\kbdnecat.DLL
A C:\Windows\SysWOW64\kbdnecnt.DLL
A C:\Windows\SysWOW64\KBDNEPR.DLL
A C:\Windows\SysWOW64\KBDNO.DLL
A C:\Windows\SysWOW64\KBDNO1.DLL
A C:\Windows\SysWOW64\KBDNSO.DLL
A C:\Windows\SysWOW64\KBDPASH.DLL
A C:\Windows\SysWOW64\KBDPL.DLL
A C:\Windows\SysWOW64\KBDPL1.DLL
A C:\Windows\SysWOW64\KBDPO.DLL
A C:\Windows\SysWOW64\KBDRO.DLL
A C:\Windows\SysWOW64\KBDROPR.DLL
A C:\Windows\SysWOW64\KBDROST.DLL
A C:\Windows\SysWOW64\KBDRU.DLL
A C:\Windows\SysWOW64\KBDRU1.DLL
A C:\Windows\SysWOW64\KBDSF.DLL
A C:\Windows\SysWOW64\KBDSG.DLL
A C:\Windows\SysWOW64\KBDSL.DLL
A C:\Windows\SysWOW64\KBDSL1.DLL
A C:\Windows\SysWOW64\KBDSMSFI.DLL
A C:\Windows\SysWOW64\KBDSMSNO.DLL
A C:\Windows\SysWOW64\KBDSN1.DLL
A C:\Windows\SysWOW64\KBDSOREX.DLL
A C:\Windows\SysWOW64\KBDSORS1.DLL
A C:\Windows\SysWOW64\KBDSORST.DLL
A C:\Windows\SysWOW64\KBDSP.DLL
A C:\Windows\SysWOW64\KBDSW.DLL
A C:\Windows\SysWOW64\KBDSW09.DLL
A C:\Windows\SysWOW64\KBDSYR1.DLL
A C:\Windows\SysWOW64\KBDSYR2.DLL
A C:\Windows\SysWOW64\KBDTAJIK.DLL
A C:\Windows\SysWOW64\KBDTAT.DLL
A C:\Windows\SysWOW64\KBDTH0.DLL
A C:\Windows\SysWOW64\KBDTH1.DLL
A C:\Windows\SysWOW64\KBDTH2.DLL
A C:\Windows\SysWOW64\KBDTH3.DLL
A C:\Windows\SysWOW64\KBDTIPRC.DLL
A C:\Windows\SysWOW64\KBDTUF.DLL
A C:\Windows\SysWOW64\KBDTUQ.DLL
A C:\Windows\SysWOW64\KBDTURME.DLL
A C:\Windows\SysWOW64\KBDUGHR.DLL
A C:\Windows\SysWOW64\KBDUGHR1.DLL
A C:\Windows\SysWOW64\KBDUK.DLL
A C:\Windows\SysWOW64\KBDUKX.DLL
A C:\Windows\SysWOW64\KBDUR.DLL
A C:\Windows\SysWOW64\KBDUR1.DLL
A C:\Windows\SysWOW64\KBDURDU.DLL
A C:\Windows\SysWOW64\KBDUS.DLL
A C:\Windows\SysWOW64\KBDUSA.DLL
A C:\Windows\SysWOW64\KBDUSL.DLL
A C:\Windows\SysWOW64\KBDUSR.DLL
A C:\Windows\SysWOW64\KBDUSX.DLL
A C:\Windows\SysWOW64\KBDUZB.DLL
A C:\Windows\SysWOW64\KBDVNTC.DLL
A C:\Windows\SysWOW64\KBDWOL.DLL
A C:\Windows\SysWOW64\KBDYAK.DLL
A C:\Windows\SysWOW64\KBDYBA.DLL
A C:\Windows\SysWOW64\KBDYCC.DLL
A C:\Windows\SysWOW64\KBDYCL.DLL
A C:\Windows\SysWOW64\kerberos.dll
A C:\Windows\SysWOW64\kernel32.dll
A C:\Windows\SysWOW64\KernelBase.dll
A C:\Windows\SysWOW64\keyiso.dll
A C:\Windows\SysWOW64\keymgr.dll
A C:\Windows\SysWOW64\kmddsp.tsp
A C:\Windows\SysWOW64\korean.uce
A C:\Windows\SysWOW64\korwbrkr.dll
A C:\Windows\SysWOW64\korwbrkr.lex
A C:\Windows\SysWOW64\ksproxy.ax
A C:\Windows\SysWOW64\kstvtune.ax
A C:\Windows\SysWOW64\ksuser.dll
A C:\Windows\SysWOW64\Kswdmcap.ax
A C:\Windows\SysWOW64\ksxbar.ax
A C:\Windows\SysWOW64\ktmutil.exe
A C:\Windows\SysWOW64\ktmw32.dll
A C:\Windows\SysWOW64\l2gpstore.dll
A C:\Windows\SysWOW64\l2nacp.dll
A C:\Windows\SysWOW64\L2SecHC.dll
A C:\Windows\SysWOW64\l3codeca.acm
A C:\Windows\SysWOW64\l3codecp.acm
A C:\Windows\SysWOW64\label.exe
A C:\Windows\SysWOW64\LAPRXY.DLL
A C:\Windows\SysWOW64\lcphrase.tbl
A C:\Windows\SysWOW64\lcptr.tbl
A C:\Windows\SysWOW64\license.rtf
A C:\Windows\SysWOW64\licmgr10.dll
A C:\Windows\SysWOW64\linkinfo.dll
A C:\Windows\SysWOW64\LIVESSP.DLL
A C:\Windows\SysWOW64\loadperf.dll
A C:\Windows\SysWOW64\locale.nls
A C:\Windows\SysWOW64\localsec.dll
A C:\Windows\SysWOW64\LocationApi.dll
A C:\Windows\SysWOW64\LocationNotifications.exe
A C:\Windows\SysWOW64\locationnotificationsview.xml
A C:\Windows\SysWOW64\lodctr.exe
A C:\Windows\SysWOW64\log.txt
A C:\Windows\SysWOW64\logagent.exe
A C:\Windows\SysWOW64\loghours.dll
A C:\Windows\SysWOW64\logman.exe
A C:\Windows\SysWOW64\logoncli.dll
A C:\Windows\SysWOW64\lpk.dll
A C:\Windows\SysWOW64\lsmproxy.dll
A C:\Windows\SysWOW64\luainstall.dll
A C:\Windows\SysWOW64\lusrmgr.msc
A C:\Windows\SysWOW64\lz32.dll
A C:\Windows\SysWOW64\l_intl.nls
A C:\Windows\SysWOW64\Magnification.dll
A C:\Windows\SysWOW64\Magnify.exe
A C:\Windows\SysWOW64\main.cpl
A C:\Windows\SysWOW64\makecab.exe
A C:\Windows\SysWOW64\mapi32.dll
A C:\Windows\SysWOW64\mapistub.dll
A C:\Windows\SysWOW64\mapisvc.inf
A C:\Windows\SysWOW64\mcbuilder.exe
A C:\Windows\SysWOW64\MCEWMDRMNDBootstrap.dll
A C:\Windows\SysWOW64\mciavi32.dll
A C:\Windows\SysWOW64\mcicda.dll
A C:\Windows\SysWOW64\mciqtz32.dll
A C:\Windows\SysWOW64\mciseq.dll
A C:\Windows\SysWOW64\mciwave.dll
A C:\Windows\SysWOW64\mctres.dll
A C:\Windows\SysWOW64\mdminst.dll
A C:\Windows\SysWOW64\MDT2FW95.DLL
A C:\Windows\SysWOW64\MediaMetadataHandler.dll
A C:\Windows\SysWOW64\mf.dll
A C:\Windows\SysWOW64\mf3216.dll
A C:\Windows\SysWOW64\mfAACEnc.dll
A C:\Windows\SysWOW64\mfc100.dll
A C:\Windows\SysWOW64\mfc100chs.dll
A C:\Windows\SysWOW64\mfc100cht.dll
A C:\Windows\SysWOW64\mfc100deu.dll
A C:\Windows\SysWOW64\mfc100enu.dll
A C:\Windows\SysWOW64\mfc100esn.dll
A C:\Windows\SysWOW64\mfc100fra.dll
A C:\Windows\SysWOW64\mfc100ita.dll
A C:\Windows\SysWOW64\mfc100jpn.dll
A C:\Windows\SysWOW64\mfc100kor.dll
A C:\Windows\SysWOW64\mfc100rus.dll
A C:\Windows\SysWOW64\mfc100u.dll
A C:\Windows\SysWOW64\mfc40.dll
A C:\Windows\SysWOW64\mfc40u.dll
A C:\Windows\SysWOW64\mfc42.dll
A C:\Windows\SysWOW64\MFC42ENU.DLL
A C:\Windows\SysWOW64\mfc42u.dll
A C:\Windows\SysWOW64\mfcm100.dll
A C:\Windows\SysWOW64\mfcm100u.dll
A C:\Windows\SysWOW64\mfcsubs.dll
A C:\Windows\SysWOW64\mfds.dll
A C:\Windows\SysWOW64\mfdvdec.dll
A C:\Windows\SysWOW64\mferror.dll
A C:\Windows\SysWOW64\mfh264enc.dll
A C:\Windows\SysWOW64\mfmjpegdec.dll
A C:\Windows\SysWOW64\mfplat.dll
A C:\Windows\SysWOW64\MFPlay.dll
A C:\Windows\SysWOW64\mfpmp.exe
A C:\Windows\SysWOW64\mfps.dll
A C:\Windows\SysWOW64\mfreadwrite.dll
A C:\Windows\SysWOW64\mfvdsp.dll
A C:\Windows\SysWOW64\MFWMAAEC.DLL
A C:\Windows\SysWOW64\mgmtapi.dll
A C:\Windows\SysWOW64\midimap.dll
A C:\Windows\SysWOW64\MigAutoPlay.exe
A C:\Windows\SysWOW64\migisol.dll
A C:\Windows\SysWOW64\miguiresource.dll
A C:\Windows\SysWOW64\mimefilt.dll
A C:\Windows\SysWOW64\mlang.dat
A C:\Windows\SysWOW64\mlang.dll
A I C:\Windows\SysWOW64\mmc.exe
A I C:\Windows\SysWOW64\mmcbase.dll
A C:\Windows\SysWOW64\mmci.dll
A C:\Windows\SysWOW64\mmcico.dll
A C:\Windows\SysWOW64\mmcndmgr.dll
A I C:\Windows\SysWOW64\mmcshext.dll
A C:\Windows\SysWOW64\MMDevAPI.dll
A C:\Windows\SysWOW64\mmres.dll
A C:\Windows\SysWOW64\mmsys.cpl
A C:\Windows\SysWOW64\mobsync.exe
A C:\Windows\SysWOW64\mode.com
A C:\Windows\SysWOW64\modemui.dll
A C:\Windows\SysWOW64\more.com
A C:\Windows\SysWOW64\moricons.dll
A C:\Windows\SysWOW64\mountvol.exe
A C:\Windows\SysWOW64\MP3DMOD.DLL
A C:\Windows\SysWOW64\MP43DECD.DLL
A C:\Windows\SysWOW64\MP4SDECD.DLL
A C:\Windows\SysWOW64\Mpeg2Data.ax
A C:\Windows\SysWOW64\mpg2splt.ax
A C:\Windows\SysWOW64\MPG4DECD.DLL
A C:\Windows\SysWOW64\mpr.dll
A C:\Windows\SysWOW64\mprapi.dll
A C:\Windows\SysWOW64\mprddm.dll
A C:\Windows\SysWOW64\mprdim.dll
A C:\Windows\SysWOW64\mprmsg.dll
A C:\Windows\SysWOW64\MRINFO.EXE
A C:\Windows\SysWOW64\msaatext.dll
A C:\Windows\SysWOW64\MSAC3ENC.DLL
A C:\Windows\SysWOW64\msacm32.dll
A C:\Windows\SysWOW64\msacm32.drv
A C:\Windows\SysWOW64\msadp32.acm
A C:\Windows\SysWOW64\msafd.dll
A C:\Windows\SysWOW64\msasn1.dll
A C:\Windows\SysWOW64\msaudite.dll
A C:\Windows\SysWOW64\mscandui.dll
A C:\Windows\SysWOW64\mscat32.dll
A C:\Windows\SysWOW64\msclmd.dll
A C:\Windows\SysWOW64\mscms.dll
A C:\Windows\SysWOW64\MSCOMCTL.OCX
A C:\Windows\SysWOW64\mscoree.dll
A C:\Windows\SysWOW64\mscorier.dll
A C:\Windows\SysWOW64\mscories.dll
A C:\Windows\SysWOW64\mscpx32r.dLL
A C:\Windows\SysWOW64\mscpxl32.dLL
A C:\Windows\SysWOW64\msctf.dll
A C:\Windows\SysWOW64\msctfime.ime
A C:\Windows\SysWOW64\MsCtfMonitor.dll
A C:\Windows\SysWOW64\msctfp.dll
A C:\Windows\SysWOW64\msctfui.dll
A C:\Windows\SysWOW64\msdadiag.dll
A C:\Windows\SysWOW64\msdart.dll
A C:\Windows\SysWOW64\msdatsrc.tlb
A C:\Windows\SysWOW64\msdelta.dll
A C:\Windows\SysWOW64\msdmo.dll
A C:\Windows\SysWOW64\msdrm.dll
A C:\Windows\SysWOW64\msdt.exe
A C:\Windows\SysWOW64\msdtcprx.dll
A C:\Windows\SysWOW64\msdtcuiu.dll
A C:\Windows\SysWOW64\msdtcVSp1res.dll
A C:\Windows\SysWOW64\MSDvbNP.ax
A C:\Windows\SysWOW64\msdxm.ocx
A C:\Windows\SysWOW64\msdxm.tlb
A C:\Windows\SysWOW64\msexch40.dll
A C:\Windows\SysWOW64\msexcl40.dll
A C:\Windows\SysWOW64\msfeeds.dll
A C:\Windows\SysWOW64\msfeedsbs.dll
A C:\Windows\SysWOW64\msfeedssync.exe
A C:\Windows\SysWOW64\msftedit.dll
A C:\Windows\SysWOW64\msg711.acm
A C:\Windows\SysWOW64\msgsm32.acm
A C:\Windows\SysWOW64\mshta.exe
A C:\Windows\SysWOW64\mshtml.dll
A C:\Windows\SysWOW64\mshtml.tlb
A C:\Windows\SysWOW64\mshtmled.dll
A C:\Windows\SysWOW64\mshtmler.dll
A C:\Windows\SysWOW64\msi.dll
A C:\Windows\SysWOW64\msidcrl30.dll
A C:\Windows\SysWOW64\msident.dll
A C:\Windows\SysWOW64\msidle.dll
A C:\Windows\SysWOW64\msidntld.dll
A C:\Windows\SysWOW64\msieftp.dll
A C:\Windows\SysWOW64\msiexec.exe
A C:\Windows\SysWOW64\msihnd.dll
A C:\Windows\SysWOW64\msiltcfg.dll
A C:\Windows\SysWOW64\msimg32.dll
A C:\Windows\SysWOW64\msimsg.dll
A C:\Windows\SysWOW64\msimtf.dll
A C:\Windows\SysWOW64\msinfo32.exe
A C:\Windows\SysWOW64\msisip.dll
A C:\Windows\SysWOW64\msjet40.dll
A C:\Windows\SysWOW64\msjetoledb40.dll
A C:\Windows\SysWOW64\msjint40.dll
A C:\Windows\SysWOW64\msjter40.dll
A C:\Windows\SysWOW64\msjtes40.dll
A C:\Windows\SysWOW64\msls31.dll
A C:\Windows\SysWOW64\msltus40.dll
A C:\Windows\SysWOW64\msmpeg2adec.dll
A C:\Windows\SysWOW64\MSMPEG2ENC.DLL
A C:\Windows\SysWOW64\msmpeg2vdec.dll
A C:\Windows\SysWOW64\msnetobj.dll
A C:\Windows\SysWOW64\MSNP.ax
A C:\Windows\SysWOW64\msobjs.dll
A C:\Windows\SysWOW64\msoeacct.dll
A C:\Windows\SysWOW64\msoert2.dll
A C:\Windows\SysWOW64\msorc32r.dll
A C:\Windows\SysWOW64\msorcl32.dll
A C:\Windows\SysWOW64\mspaint.exe
A C:\Windows\SysWOW64\mspatcha.dll
A C:\Windows\SysWOW64\mspbde40.dll
A C:\Windows\SysWOW64\msports.dll
A C:\Windows\SysWOW64\msra.exe
A C:\Windows\SysWOW64\MsraLegacy.tlb
A C:\Windows\SysWOW64\msrating.dll
A C:\Windows\SysWOW64\MSRCLR40.DLL
A C:\Windows\SysWOW64\msrd2x40.dll
A C:\Windows\SysWOW64\msrd3x40.dll
A C:\Windows\SysWOW64\msrdc.dll
A C:\Windows\SysWOW64\MSRDO20.DLL
A C:\Windows\SysWOW64\MsRdpWebAccess.dll
A C:\Windows\SysWOW64\MSRECR40.DLL
A C:\Windows\SysWOW64\msrepl40.dll
A C:\Windows\SysWOW64\msrle32.dll
A C:\Windows\SysWOW64\MSRTEDIT.DLL
A C:\Windows\SysWOW64\msscntrs.dll
A C:\Windows\SysWOW64\msscp.dll
A C:\Windows\SysWOW64\msscript.ocx
A C:\Windows\SysWOW64\mssha.dll
A C:\Windows\SysWOW64\msshavmsg.dll
A C:\Windows\SysWOW64\msshooks.dll
A C:\Windows\SysWOW64\mssign32.dll
A C:\Windows\SysWOW64\mssip32.dll
A C:\Windows\SysWOW64\mssitlb.dll
A C:\Windows\SysWOW64\mssph.dll
A C:\Windows\SysWOW64\mssphtb.dll
A C:\Windows\SysWOW64\mssprxy.dll
A C:\Windows\SysWOW64\mssrch.dll
A C:\Windows\SysWOW64\MSSTDFMT.DLL
A C:\Windows\SysWOW64\MSSTKPRP.DLL
A C:\Windows\SysWOW64\mssvp.dll
A C:\Windows\SysWOW64\msswch.dll
A C:\Windows\SysWOW64\mstask.dll
A C:\Windows\SysWOW64\mstext40.dll
A C:\Windows\SysWOW64\mstsc.exe
A C:\Windows\SysWOW64\mstscax.dll
A C:\Windows\SysWOW64\msutb.dll
A C:\Windows\SysWOW64\msv1_0.dll
A C:\Windows\SysWOW64\msvbvm60.dll
A C:\Windows\SysWOW64\msvcirt.dll
A C:\Windows\SysWOW64\msvcp100.dll
A C:\Windows\SysWOW64\msvcp60.dll
A C:\Windows\SysWOW64\msvcr100.dll
A C:\Windows\SysWOW64\msvcr100_clr0400.dll
A C:\Windows\SysWOW64\msvcrt.dll
A C:\Windows\SysWOW64\msvcrt20.dll
A C:\Windows\SysWOW64\msvcrt40.dll
A C:\Windows\SysWOW64\msvfw32.dll
A C:\Windows\SysWOW64\msvidc32.dll
A C:\Windows\SysWOW64\MSVidCtl.dll
A C:\Windows\SysWOW64\mswdat10.dll
A C:\Windows\SysWOW64\mswmdm.dll
A C:\Windows\SysWOW64\mswsock.dll
A C:\Windows\SysWOW64\mswstr10.dll
A C:\Windows\SysWOW64\msxbde40.dll
A C:\Windows\SysWOW64\msxml3.dll
A C:\Windows\SysWOW64\msxml3r.dll
A C:\Windows\SysWOW64\msxml6.dll
A C:\Windows\SysWOW64\msxml6r.dll
A C:\Windows\SysWOW64\msyuv.dll
A C:\Windows\SysWOW64\mtstocom.exe
A C:\Windows\SysWOW64\mtxclu.dll
A C:\Windows\SysWOW64\mtxdm.dll
A C:\Windows\SysWOW64\mtxex.dll
A C:\Windows\SysWOW64\mtxlegih.dll
A C:\Windows\SysWOW64\mtxoci.dll
A C:\Windows\SysWOW64\muifontsetup.dll
A C:\Windows\SysWOW64\MuiUnattend.exe
A C:\Windows\SysWOW64\mycomput.dll
A C:\Windows\SysWOW64\mydocs.dll
A C:\Windows\SysWOW64\Mystify.scr
A C:\Windows\SysWOW64\NAPCLCFG.MSC
A C:\Windows\SysWOW64\NAPCRYPT.DLL
A C:\Windows\SysWOW64\napdsnap.dll
A C:\Windows\SysWOW64\NAPHLPR.DLL
A C:\Windows\SysWOW64\NapiNSP.dll
A C:\Windows\SysWOW64\napipsec.dll
A C:\Windows\SysWOW64\NAPMONTR.DLL
A C:\Windows\SysWOW64\NAPSTAT.EXE
A C:\Windows\SysWOW64\NativeHooks.dll
A C:\Windows\SysWOW64\NaturalLanguage6.dll
A C:\Windows\SysWOW64\NcdProp.dll
A C:\Windows\SysWOW64\nci.dll
A C:\Windows\SysWOW64\ncobjapi.dll
A C:\Windows\SysWOW64\ncpa.cpl
A C:\Windows\SysWOW64\ncrypt.dll
A C:\Windows\SysWOW64\ncryptui.dll
A C:\Windows\SysWOW64\ncsi.dll
A C:\Windows\SysWOW64\ndadmin.exe
A C:\Windows\SysWOW64\nddeapi.dll
A C:\Windows\SysWOW64\ndfapi.dll
A C:\Windows\SysWOW64\ndfetw.dll
A C:\Windows\SysWOW64\NdfEventView.xml
A C:\Windows\SysWOW64\ndfhcdiscovery.dll
A C:\Windows\SysWOW64\ndiscapCfg.dll
A C:\Windows\SysWOW64\ndishc.dll
A C:\Windows\SysWOW64\ndproxystub.dll
A C:\Windows\SysWOW64\ndptsp.tsp
A C:\Windows\SysWOW64\negoexts.dll
A C:\Windows\SysWOW64\net.exe
A C:\Windows\SysWOW64\net1.exe
A C:\Windows\SysWOW64\netapi32.dll
A C:\Windows\SysWOW64\netbios.dll
A C:\Windows\SysWOW64\netbtugc.exe
A C:\Windows\SysWOW64\netcenter.dll
A C:\Windows\SysWOW64\netcfgx.dll
A C:\Windows\SysWOW64\netcorehc.dll
A C:\Windows\SysWOW64\netdiagfx.dll
A C:\Windows\SysWOW64\netevent.dll
A C:\Windows\SysWOW64\netfxperf.dll
A C:\Windows\SysWOW64\neth.dll
A C:\Windows\SysWOW64\netid.dll
A C:\Windows\SysWOW64\netiohlp.dll
A C:\Windows\SysWOW64\netiougc.exe
A C:\Windows\SysWOW64\netjoin.dll
A C:\Windows\SysWOW64\netlogon.dll
A C:\Windows\SysWOW64\netmsg.dll
A C:\Windows\SysWOW64\netplwiz.dll
A C:\Windows\SysWOW64\Netplwiz.exe
A C:\Windows\SysWOW64\netprof.dll
A C:\Windows\SysWOW64\netprofm.dll
A C:\Windows\SysWOW64\netsh.exe
A C:\Windows\SysWOW64\netshell.dll
A C:\Windows\SysWOW64\NETSTAT.EXE
A C:\Windows\SysWOW64\netutils.dll
A C:\Windows\SysWOW64\networkexplorer.dll
A C:\Windows\SysWOW64\networkitemfactory.dll
A C:\Windows\SysWOW64\networkmap.dll
A C:\Windows\SysWOW64\newdev.dll
A C:\Windows\SysWOW64\newdev.exe
A C:\Windows\SysWOW64\nlaapi.dll
A C:\Windows\SysWOW64\nlhtml.dll
A C:\Windows\SysWOW64\nlmgp.dll
A C:\Windows\SysWOW64\nlmsprep.dll
A C:\Windows\SysWOW64\nlsbres.dll
A C:\Windows\SysWOW64\NlsData0000.dll
A C:\Windows\SysWOW64\NlsData0001.dll
A C:\Windows\SysWOW64\NlsData0002.dll
A C:\Windows\SysWOW64\NlsData0003.dll
A C:\Windows\SysWOW64\NlsData0007.dll
A C:\Windows\SysWOW64\NlsData0009.dll
A C:\Windows\SysWOW64\NlsData000a.dll
A C:\Windows\SysWOW64\NlsData000c.dll
A C:\Windows\SysWOW64\NlsData000d.dll
A C:\Windows\SysWOW64\NlsData000f.dll
A C:\Windows\SysWOW64\NlsData0010.dll
A C:\Windows\SysWOW64\NlsData0011.dll
A C:\Windows\SysWOW64\NlsData0013.dll
A C:\Windows\SysWOW64\NlsData0018.dll
A C:\Windows\SysWOW64\NlsData0019.dll
A C:\Windows\SysWOW64\NlsData001a.dll
A C:\Windows\SysWOW64\NlsData001b.dll
A C:\Windows\SysWOW64\NlsData001d.dll
A C:\Windows\SysWOW64\NlsData0020.dll
A C:\Windows\SysWOW64\NlsData0021.dll
A C:\Windows\SysWOW64\NlsData0022.dll
A C:\Windows\SysWOW64\NlsData0024.dll
A C:\Windows\SysWOW64\NlsData0026.dll
A C:\Windows\SysWOW64\NlsData0027.dll
A C:\Windows\SysWOW64\NlsData002a.dll
A C:\Windows\SysWOW64\NlsData0039.dll
A C:\Windows\SysWOW64\NlsData003e.dll
A C:\Windows\SysWOW64\NlsData0045.dll
A C:\Windows\SysWOW64\NlsData0046.dll
A C:\Windows\SysWOW64\NlsData0047.dll
A C:\Windows\SysWOW64\NlsData0049.dll
A C:\Windows\SysWOW64\NlsData004a.dll
A C:\Windows\SysWOW64\NlsData004b.dll
A C:\Windows\SysWOW64\NlsData004c.dll
A C:\Windows\SysWOW64\NlsData004e.dll
A C:\Windows\SysWOW64\NlsData0414.dll
A C:\Windows\SysWOW64\NlsData0416.dll
A C:\Windows\SysWOW64\NlsData0816.dll
A C:\Windows\SysWOW64\NlsData081a.dll
A C:\Windows\SysWOW64\NlsData0c1a.dll
A C:\Windows\SysWOW64\Nlsdl.dll
A C:\Windows\SysWOW64\NlsLexicons0001.dll
A C:\Windows\SysWOW64\NlsLexicons0002.dll
A C:\Windows\SysWOW64\NlsLexicons0003.dll
A C:\Windows\SysWOW64\NlsLexicons0007.dll
A C:\Windows\SysWOW64\NlsLexicons0009.dll
A C:\Windows\SysWOW64\NlsLexicons000a.dll
A C:\Windows\SysWOW64\NlsLexicons000c.dll
A C:\Windows\SysWOW64\NlsLexicons000d.dll
A C:\Windows\SysWOW64\NlsLexicons000f.dll
A C:\Windows\SysWOW64\NlsLexicons0010.dll
A C:\Windows\SysWOW64\NlsLexicons0011.dll
A C:\Windows\SysWOW64\NlsLexicons0013.dll
A C:\Windows\SysWOW64\NlsLexicons0018.dll
A C:\Windows\SysWOW64\NlsLexicons0019.dll
A C:\Windows\SysWOW64\NlsLexicons001a.dll
A C:\Windows\SysWOW64\NlsLexicons001b.dll
A C:\Windows\SysWOW64\NlsLexicons001d.dll
A C:\Windows\SysWOW64\NlsLexicons0020.dll
A C:\Windows\SysWOW64\NlsLexicons0021.dll
A C:\Windows\SysWOW64\NlsLexicons0022.dll
A C:\Windows\SysWOW64\NlsLexicons0024.dll
A C:\Windows\SysWOW64\NlsLexicons0026.dll
A C:\Windows\SysWOW64\NlsLexicons0027.dll
A C:\Windows\SysWOW64\NlsLexicons002a.dll
A C:\Windows\SysWOW64\NlsLexicons0039.dll
A C:\Windows\SysWOW64\NlsLexicons003e.dll
A C:\Windows\SysWOW64\NlsLexicons0045.dll
A C:\Windows\SysWOW64\NlsLexicons0046.dll
A C:\Windows\SysWOW64\NlsLexicons0047.dll
A C:\Windows\SysWOW64\NlsLexicons0049.dll
A C:\Windows\SysWOW64\NlsLexicons004a.dll
A C:\Windows\SysWOW64\NlsLexicons004b.dll
A C:\Windows\SysWOW64\NlsLexicons004c.dll
A C:\Windows\SysWOW64\NlsLexicons004e.dll
A C:\Windows\SysWOW64\NlsLexicons0414.dll
A C:\Windows\SysWOW64\NlsLexicons0416.dll
A C:\Windows\SysWOW64\NlsLexicons0816.dll
A C:\Windows\SysWOW64\NlsLexicons081a.dll
A C:\Windows\SysWOW64\NlsLexicons0c1a.dll
A C:\Windows\SysWOW64\NlsModels0011.dll
A C:\Windows\SysWOW64\NOISE.CHS
A C:\Windows\SysWOW64\NOISE.CHT
A C:\Windows\SysWOW64\NOISE.DAT
A C:\Windows\SysWOW64\noise.jpn
A C:\Windows\SysWOW64\noise.kor
A C:\Windows\SysWOW64\NOISE.THA
A C:\Windows\SysWOW64\normaliz.dll
A C:\Windows\SysWOW64\notepad.exe
A C:\Windows\SysWOW64\npDeployJava1.dll
A C:\Windows\SysWOW64\npmproxy.dll
A C:\Windows\SysWOW64\nshhttp.dll
A C:\Windows\SysWOW64\nshipsec.dll
A C:\Windows\SysWOW64\nshwfp.dll
A C:\Windows\SysWOW64\nsi.dll
A C:\Windows\SysWOW64\nslookup.exe
A C:\Windows\SysWOW64\ntdll.dll
A C:\Windows\SysWOW64\ntdsapi.dll
A C:\Windows\SysWOW64\ntkrnlpa.exe
A C:\Windows\SysWOW64\ntlanman.dll
A C:\Windows\SysWOW64\ntlanui2.dll
A C:\Windows\SysWOW64\ntmarta.dll
A C:\Windows\SysWOW64\ntoskrnl.exe
A C:\Windows\SysWOW64\ntprint.dll
A C:\Windows\SysWOW64\ntprint.exe
A C:\Windows\SysWOW64\ntshrui.dll
A C:\Windows\SysWOW64\ntvdm64.dll
A C:\Windows\SysWOW64\objsel.dll
A C:\Windows\SysWOW64\occache.dll
A C:\Windows\SysWOW64\ocsetapi.dll
A C:\Windows\SysWOW64\ocsetup.exe
A C:\Windows\SysWOW64\odbc32.dll
A C:\Windows\SysWOW64\odbc32gt.dll
A C:\Windows\SysWOW64\odbcad32.exe
A C:\Windows\SysWOW64\odbcbcp.dll
A C:\Windows\SysWOW64\odbcconf.dll
A C:\Windows\SysWOW64\odbcconf.exe
A C:\Windows\SysWOW64\odbcconf.rsp
A C:\Windows\SysWOW64\odbccp32.dll
A C:\Windows\SysWOW64\odbccr32.dll
A C:\Windows\SysWOW64\odbccu32.dll
A C:\Windows\SysWOW64\odbcint.dll
A C:\Windows\SysWOW64\odbcji32.dll
A C:\Windows\SysWOW64\odbcjt32.dll
A C:\Windows\SysWOW64\odbctrac.dll
A C:\Windows\SysWOW64\oddbse32.dll
A C:\Windows\SysWOW64\odexl32.dll
A C:\Windows\SysWOW64\odfox32.dll
A C:\Windows\SysWOW64\odpdx32.dll
A C:\Windows\SysWOW64\odtext32.dll
A C:\Windows\SysWOW64\offfilt.dll
A C:\Windows\SysWOW64\oflc-nz.rs
A C:\Windows\SysWOW64\oflc.rs
A C:\Windows\SysWOW64\ogldrv.dll
A C:\Windows\SysWOW64\ole2.dll
A C:\Windows\SysWOW64\ole2disp.dll
A C:\Windows\SysWOW64\ole2nls.dll
A C:\Windows\SysWOW64\ole32.dll
A C:\Windows\SysWOW64\oleacc.dll
A C:\Windows\SysWOW64\oleacchooks.dll
A C:\Windows\SysWOW64\oleaccrc.dll
A C:\Windows\SysWOW64\oleaut32.dll
A C:\Windows\SysWOW64\olecli32.dll
A C:\Windows\SysWOW64\oledlg.dll
A C:\Windows\SysWOW64\oleprn.dll
A C:\Windows\SysWOW64\olepro32.dll
A C:\Windows\SysWOW64\oleres.dll
A C:\Windows\SysWOW64\olesvr32.dll
A C:\Windows\SysWOW64\olethk32.dll
A C:\Windows\SysWOW64\onex.dll
A C:\Windows\SysWOW64\onexui.dll
A C:\Windows\SysWOW64\OnLineIDCpl.dll
A C:\Windows\SysWOW64\OobeFldr.dll
A C:\Windows\SysWOW64\OpcServices.dll
A C:\Windows\SysWOW64\openfiles.exe
A C:\Windows\SysWOW64\opengl32.dll
A C:\Windows\SysWOW64\OptionalFeatures.exe
A C:\Windows\SysWOW64\osbaseln.dll
A C:\Windows\SysWOW64\osk.exe
A C:\Windows\SysWOW64\osuninst.dll
A C:\Windows\SysWOW64\P2P.dll
A C:\Windows\SysWOW64\p2pcollab.dll
A C:\Windows\SysWOW64\P2PGraph.dll
A C:\Windows\SysWOW64\p2pnetsh.dll
A C:\Windows\SysWOW64\packager.dll
A C:\Windows\SysWOW64\panmap.dll
A C:\Windows\SysWOW64\PATHPING.EXE
A C:\Windows\SysWOW64\pautoenr.dll
A C:\Windows\SysWOW64\pcaui.dll
A C:\Windows\SysWOW64\pcaui.exe
A C:\Windows\SysWOW64\pcl.sep
A C:\Windows\SysWOW64\pcwum.dll
A C:\Windows\SysWOW64\pdh.dll
A C:\Windows\SysWOW64\pdhui.dll
A C:\Windows\SysWOW64\pegi-fi.rs
A C:\Windows\SysWOW64\pegi-pt.rs
A C:\Windows\SysWOW64\pegi.rs
A C:\Windows\SysWOW64\pegibbfc.rs
A C:\Windows\SysWOW64\PerfCenterCPL.dll
A C:\Windows\SysWOW64\PerfCenterCpl.ico
A C:\Windows\SysWOW64\perfctrs.dll
A C:\Windows\SysWOW64\perfdisk.dll
A C:\Windows\SysWOW64\perfhost.exe
A C:\Windows\SysWOW64\perfmon.exe
A C:\Windows\SysWOW64\perfmon.msc
A C:\Windows\SysWOW64\perfnet.dll
A C:\Windows\SysWOW64\perfos.dll
A C:\Windows\SysWOW64\perfproc.dll
A C:\Windows\SysWOW64\PerfStringBackup.INI
A C:\Windows\SysWOW64\perfts.dll
A C:\Windows\SysWOW64\phon.ime
A C:\Windows\SysWOW64\PhotoMetadataHandler.dll
A C:\Windows\SysWOW64\PhotoScreensaver.scr
A C:\Windows\SysWOW64\photowiz.dll
A C:\Windows\SysWOW64\pid.dll
A C:\Windows\SysWOW64\pidgenx.dll
A C:\Windows\SysWOW64\pifmgr.dll
A C:\Windows\SysWOW64\PING.EXE
A C:\Windows\SysWOW64\pintlgnt.ime
A C:\Windows\SysWOW64\PkgMgr.exe
A C:\Windows\SysWOW64\pku2u.dll
A C:\Windows\SysWOW64\pla.dll
A C:\Windows\SysWOW64\PlaySndSrv.dll
A C:\Windows\SysWOW64\pngfilt.dll
A C:\Windows\SysWOW64\pnidui.dll
A C:\Windows\SysWOW64\pnpsetup.dll
A C:\Windows\SysWOW64\pnrpnsp.dll
A C:\Windows\SysWOW64\polstore.dll
A C:\Windows\SysWOW64\poqexec.exe
A C:\Windows\SysWOW64\PortableDeviceApi.dll
A C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
A C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
A C:\Windows\SysWOW64\PortableDeviceStatus.dll
A C:\Windows\SysWOW64\PortableDeviceSyncProvider.dll
A C:\Windows\SysWOW64\PortableDeviceTypes.dll
A C:\Windows\SysWOW64\PortableDeviceWiaCompat.dll
A C:\Windows\SysWOW64\PortableDeviceWMDRM.dll
A C:\Windows\SysWOW64\pots.dll
A C:\Windows\SysWOW64\powercfg.cpl
A C:\Windows\SysWOW64\powercfg.exe
A C:\Windows\SysWOW64\powercpl.dll
A C:\Windows\SysWOW64\powrprof.dll
A C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
A C:\Windows\SysWOW64\PresentationHost.exe
A C:\Windows\SysWOW64\PresentationHostProxy.dll
A C:\Windows\SysWOW64\PresentationNative_v0300.dll
A C:\Windows\SysWOW64\prevhost.exe
A C:\Windows\SysWOW64\prflbmsg.dll
A C:\Windows\SysWOW64\print.exe
A C:\Windows\SysWOW64\printui.dll
A C:\Windows\SysWOW64\printui.exe
A C:\Windows\SysWOW64\prncache.dll
A C:\Windows\SysWOW64\prnfldr.dll
A C:\Windows\SysWOW64\prnntfy.dll
A C:\Windows\SysWOW64\prntvpt.dll
A C:\Windows\SysWOW64\profapi.dll
A C:\Windows\SysWOW64\propsys.dll
A C:\Windows\SysWOW64\proquota.exe
A C:\Windows\SysWOW64\provsvc.dll
A C:\Windows\SysWOW64\provthrd.dll
A C:\Windows\SysWOW64\psapi.dll
A C:\Windows\SysWOW64\psbase.dll
A C:\Windows\SysWOW64\pscript.sep
A C:\Windows\SysWOW64\PSHED.DLL
A C:\Windows\SysWOW64\psisdecd.dll
A C:\Windows\SysWOW64\psisrndr.ax
A C:\Windows\SysWOW64\psr.exe
A C:\Windows\SysWOW64\pstorec.dll
A C:\Windows\SysWOW64\pstorsvc.dll
A C:\Windows\SysWOW64\puiapi.dll
A C:\Windows\SysWOW64\puiobj.dll
A C:\Windows\SysWOW64\pwrshplugin.dll
A C:\Windows\SysWOW64\QAGENT.DLL
A C:\Windows\SysWOW64\qasf.dll
A C:\Windows\SysWOW64\qcap.dll
A C:\Windows\SysWOW64\QCLIPROV.DLL
A C:\Windows\SysWOW64\qdv.dll
A C:\Windows\SysWOW64\qdvd.dll
A C:\Windows\SysWOW64\qedit.dll
A C:\Windows\SysWOW64\qedwipes.dll
A C:\Windows\SysWOW64\qintlgnt.ime
A C:\Windows\SysWOW64\qmgrprxy.dll
A C:\Windows\SysWOW64\QSHVHOST.DLL
A C:\Windows\SysWOW64\QSVRMGMT.DLL
A C:\Windows\SysWOW64\quartz.dll
A C:\Windows\SysWOW64\Query.dll
A C:\Windows\SysWOW64\quick.ime
A C:\Windows\SysWOW64\QUTIL.DLL
A C:\Windows\SysWOW64\qwave.dll
A C:\Windows\SysWOW64\RacEngn.dll
A C:\Windows\SysWOW64\racpldlg.dll
A C:\Windows\SysWOW64\RacRules.xml
A C:\Windows\SysWOW64\radardt.dll
A C:\Windows\SysWOW64\radarrs.dll
A C:\Windows\SysWOW64\rasadhlp.dll
A C:\Windows\SysWOW64\rasapi32.dll
A C:\Windows\SysWOW64\rasautou.exe
A C:\Windows\SysWOW64\rascfg.dll
A C:\Windows\SysWOW64\raschap.dll
A C:\Windows\SysWOW64\rasctrnm.h
A C:\Windows\SysWOW64\rasctrs.dll
A C:\Windows\SysWOW64\rasdiag.dll
A C:\Windows\SysWOW64\rasdial.exe
A C:\Windows\SysWOW64\rasdlg.dll
A C:\Windows\SysWOW64\raserver.exe
A C:\Windows\SysWOW64\rasgcw.dll
A C:\Windows\SysWOW64\rasman.dll
A C:\Windows\SysWOW64\RASMM.dll
A C:\Windows\SysWOW64\rasmontr.dll
A C:\Windows\SysWOW64\rasmxs.dll
A C:\Windows\SysWOW64\rasphone.exe
A C:\Windows\SysWOW64\rasplap.dll
A C:\Windows\SysWOW64\rasppp.dll
A C:\Windows\SysWOW64\rasser.dll
A C:\Windows\SysWOW64\rastapi.dll
A C:\Windows\SysWOW64\rastls.dll
A C:\Windows\SysWOW64\RDOCURS.DLL
A C:\Windows\SysWOW64\rdpcore.dll
A C:\Windows\SysWOW64\rdpd3d.dll
A C:\Windows\SysWOW64\rdpencom.dll
A C:\Windows\SysWOW64\rdprefdrvapi.dll
A C:\Windows\SysWOW64\rdrleakdiag.exe
A C:\Windows\SysWOW64\ReAgent.dll
A C:\Windows\SysWOW64\ReAgentc.exe
A C:\Windows\SysWOW64\recover.exe
A C:\Windows\SysWOW64\reg.exe
A C:\Windows\SysWOW64\regapi.dll
A C:\Windows\SysWOW64\RegCtrl.dll
A C:\Windows\SysWOW64\regedit.exe
A C:\Windows\SysWOW64\regedt32.exe
A C:\Windows\SysWOW64\regini.exe
A C:\Windows\SysWOW64\RegisterIEPKEYs.exe
A C:\Windows\SysWOW64\regsvr32.exe
A C:\Windows\SysWOW64\rekeywiz.exe
A C:\Windows\SysWOW64\relog.exe
A C:\Windows\SysWOW64\remotepg.dll
A C:\Windows\SysWOW64\remotesp.tsp
A C:\Windows\SysWOW64\rendezvousSession.tlb
A C:\Windows\SysWOW64\replace.exe
A C:\Windows\SysWOW64\RESAMPLEDMO.DLL
A C:\Windows\SysWOW64\resmon.exe
A C:\Windows\SysWOW64\RestartManager.mof
A C:\Windows\SysWOW64\RestartManagerUninstall.mof
A C:\Windows\SysWOW64\resutils.dll
A C:\Windows\SysWOW64\rgb9rast.dll
A C:\Windows\SysWOW64\Ribbons.scr
A C:\Windows\SysWOW64\riched20.dll
A C:\Windows\SysWOW64\riched32.dll
A C:\Windows\SysWOW64\RMActivate.exe
A C:\Windows\SysWOW64\RMActivate_isv.exe
A C:\Windows\SysWOW64\RMActivate_ssp.exe
A C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
A C:\Windows\SysWOW64\RmClient.exe
A C:\Windows\SysWOW64\rnr20.dll
A C:\Windows\SysWOW64\Robocopy.exe
A C:\Windows\SysWOW64\ROUTE.EXE
A C:\Windows\SysWOW64\RpcDiag.dll
A C:\Windows\SysWOW64\rpchttp.dll
A C:\Windows\SysWOW64\RPCNDFP.dll
A C:\Windows\SysWOW64\RpcNs4.dll
A C:\Windows\SysWOW64\rpcnsh.dll
A C:\Windows\SysWOW64\RpcPing.exe
A C:\Windows\SysWOW64\rpcrt4.dll
A C:\Windows\SysWOW64\RpcRtRemote.dll
A C:\Windows\SysWOW64\rrinstaller.exe
A C:\Windows\SysWOW64\rsaenh.dll
A C:\Windows\SysWOW64\rshx32.dll
A C:\Windows\SysWOW64\RstrtMgr.dll
A C:\Windows\SysWOW64\rtffilt.dll
A C:\Windows\SysWOW64\rtm.dll
A C:\Windows\SysWOW64\RtsUStoricon.dll
A C:\Windows\SysWOW64\rtutils.dll
A C:\Windows\SysWOW64\runas.exe
A C:\Windows\SysWOW64\rundll32.exe
A C:\Windows\SysWOW64\RunLegacyCPLElevated.exe
A C:\Windows\SysWOW64\runonce.exe
A C:\Windows\SysWOW64\samcli.dll
A C:\Windows\SysWOW64\samlib.dll
A C:\Windows\SysWOW64\SampleRes.dll
A C:\Windows\SysWOW64\sas.dll
A C:\Windows\SysWOW64\sbe.dll
A C:\Windows\SysWOW64\sbeio.dll
A C:\Windows\SysWOW64\sberes.dll
A C:\Windows\SysWOW64\sbunattend.exe
A C:\Windows\SysWOW64\sc.exe
A C:\Windows\SysWOW64\scansetting.dll
A C:\Windows\SysWOW64\SCardDlg.dll
A C:\Windows\SysWOW64\scecli.dll
A C:\Windows\SysWOW64\scesrv.dll
A C:\Windows\SysWOW64\schannel.dll
A C:\Windows\SysWOW64\schedcli.dll
A C:\Windows\SysWOW64\schtasks.exe
A C:\Windows\SysWOW64\scksp.dll
A C:\Windows\SysWOW64\SCP32.DLL
A C:\Windows\SysWOW64\scripto.dll
A C:\Windows\SysWOW64\scrnsave.scr
A C:\Windows\SysWOW64\scrobj.dll
A C:\Windows\SysWOW64\scrrun.dll
A C:\Windows\SysWOW64\sdbinst.exe
A C:\Windows\SysWOW64\sdchange.exe
A C:\Windows\SysWOW64\sdiageng.dll
A C:\Windows\SysWOW64\sdiagnhost.exe
A C:\Windows\SysWOW64\sdiagprv.dll
A C:\Windows\SysWOW64\sdohlp.dll
A C:\Windows\SysWOW64\SearchFilterHost.exe
A C:\Windows\SysWOW64\SearchFolder.dll
A C:\Windows\SysWOW64\SearchIndexer.exe
A C:\Windows\SysWOW64\SearchProtocolHost.exe
A C:\Windows\SysWOW64\SecEdit.exe
A C:\Windows\SysWOW64\sechost.dll
A C:\Windows\SysWOW64\secinit.exe
A C:\Windows\SysWOW64\secproc.dll
A C:\Windows\SysWOW64\secproc_isv.dll
A C:\Windows\SysWOW64\secproc_ssp.dll
A C:\Windows\SysWOW64\secproc_ssp_isv.dll
A C:\Windows\SysWOW64\secur32.dll
A C:\Windows\SysWOW64\security.dll
A C:\Windows\SysWOW64\sendmail.dll
A C:\Windows\SysWOW64\Sens.dll
A C:\Windows\SysWOW64\SensApi.dll
A C:\Windows\SysWOW64\SensorsApi.dll
A C:\Windows\SysWOW64\SensorsCpl.dll
A C:\Windows\SysWOW64\serialui.dll
A C:\Windows\SysWOW64\services.msc
A C:\Windows\SysWOW64\serwvdrv.dll
A C:\Windows\SysWOW64\SessEnv.dll
A C:\Windows\SysWOW64\sethc.exe
A C:\Windows\SysWOW64\SetIEInstalledDate.exe
A C:\Windows\SysWOW64\setup16.exe
A C:\Windows\SysWOW64\setupapi.dll
A C:\Windows\SysWOW64\setupcln.dll
A C:\Windows\SysWOW64\setupSNK.exe
A C:\Windows\SysWOW64\setupugc.exe
A C:\Windows\SysWOW64\setx.exe
A C:\Windows\SysWOW64\sfc.dll
A C:\Windows\SysWOW64\sfc.exe
A C:\Windows\SysWOW64\sfc_os.dll
A C:\Windows\SysWOW64\sftldr_wow64.dll
A C:\Windows\SysWOW64\shacct.dll
A C:\Windows\SysWOW64\shdocvw.dll
A C:\Windows\SysWOW64\shell32.dll
A C:\Windows\SysWOW64\shellstyle.dll
A C:\Windows\SysWOW64\shfolder.dll
A C:\Windows\SysWOW64\shgina.dll
A C:\Windows\SysWOW64\ShiftJIS.uce
A C:\Windows\SysWOW64\shimeng.dll
A C:\Windows\SysWOW64\shimgvw.dll
A C:\Windows\SysWOW64\shlwapi.dll
A C:\Windows\SysWOW64\shpafact.dll
A C:\Windows\SysWOW64\shrpubw.exe
A C:\Windows\SysWOW64\shsetup.dll
A C:\Windows\SysWOW64\shsvcs.dll
A C:\Windows\SysWOW64\shunimpl.dll
A C:\Windows\SysWOW64\shutdown.exe
A C:\Windows\SysWOW64\shwebsvc.dll
A C:\Windows\SysWOW64\signdrv.dll
A C:\Windows\SysWOW64\simpdata.tlb
A C:\Windows\SysWOW64\sirenacm.dll
A C:\Windows\SysWOW64\sisbkup.dll
A C:\Windows\SysWOW64\slc.dll
A C:\Windows\SysWOW64\slcext.dll
A C:\Windows\SysWOW64\slmgr.vbs
A C:\Windows\SysWOW64\slwga.dll
A C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
A C:\Windows\SysWOW64\SMBHelperClass.dll
A C:\Windows\SysWOW64\SndVol.exe
A C:\Windows\SysWOW64\SndVolSSO.dll
A C:\Windows\SysWOW64\snmpapi.dll
A C:\Windows\SysWOW64\softkbd.dll
A C:\Windows\SysWOW64\softpub.dll
A C:\Windows\SysWOW64\sort.exe
A C:\Windows\SysWOW64\SortServer2003Compat.dll
A C:\Windows\SysWOW64\SortWindows6Compat.dll
A C:\Windows\SysWOW64\spbcd.dll
A C:\Windows\SysWOW64\spfileq.dll
A C:\Windows\SysWOW64\SPInf.dll
A C:\Windows\SysWOW64\spnet.dll
A C:\Windows\SysWOW64\spopk.dll
A C:\Windows\SysWOW64\spp.dll
A C:\Windows\SysWOW64\sppc.dll
A C:\Windows\SysWOW64\sppcc.dll
A C:\Windows\SysWOW64\sppcext.dll
A C:\Windows\SysWOW64\sppcomapi.dll
A C:\Windows\SysWOW64\sppcommdlg.dll
A C:\Windows\SysWOW64\sppinst.dll
A C:\Windows\SysWOW64\sppwmi.dll
A C:\Windows\SysWOW64\spwinsat.dll
A C:\Windows\SysWOW64\spwizeng.dll
A C:\Windows\SysWOW64\spwizimg.dll
A C:\Windows\SysWOW64\spwizres.dll
A C:\Windows\SysWOW64\spwmp.dll
A C:\Windows\SysWOW64\sqlceoledb30.dll
A C:\Windows\SysWOW64\sqlceqp30.dll
A C:\Windows\SysWOW64\sqlcese30.dll
A C:\Windows\SysWOW64\sqlsrv32.dll
A C:\Windows\SysWOW64\sqlsrv32.rll
A C:\Windows\SysWOW64\sqlunirl.dll
A C:\Windows\SysWOW64\sqlwid.dll
A C:\Windows\SysWOW64\sqlwoa.dll
A C:\Windows\SysWOW64\sqmapi.dll
A C:\Windows\SysWOW64\srchadmin.dll
A C:\Windows\SysWOW64\srclient.dll
A C:\Windows\SysWOW64\srdelayed.exe
A C:\Windows\SysWOW64\srhelper.dll
A C:\Windows\SysWOW64\srvcli.dll
A C:\Windows\SysWOW64\ss2uinst.exe
A C:\Windows\SysWOW64\sscore.dll
A C:\Windows\SysWOW64\ssdpapi.dll
A C:\Windows\SysWOW64\sspicli.dll
A C:\Windows\SysWOW64\SSShim.dll
A C:\Windows\SysWOW64\ssText3d.scr
A C:\Windows\SysWOW64\stclient.dll
A C:\Windows\SysWOW64\stdole2.tlb
A C:\Windows\SysWOW64\stdole32.tlb
A C:\Windows\SysWOW64\sti.dll
A C:\Windows\SysWOW64\stobject.dll
A C:\Windows\SysWOW64\storage.dll
A C:\Windows\SysWOW64\StorageContextHandler.dll
A C:\Windows\SysWOW64\Storprop.dll
A C:\Windows\SysWOW64\StructuredQuery.dll
A C:\Windows\SysWOW64\SubRange.uce
A C:\Windows\SysWOW64\subst.exe
A C:\Windows\SysWOW64\sud.dll
A C:\Windows\SysWOW64\svchost.exe
A C:\Windows\SysWOW64\sxproxy.dll
A C:\Windows\SysWOW64\sxs.dll
A C:\Windows\SysWOW64\sxshared.dll
A C:\Windows\SysWOW64\sxsstore.dll
A C:\Windows\SysWOW64\sxstrace.exe
A C:\Windows\SysWOW64\SyncCenter.dll
A C:\Windows\SysWOW64\synceng.dll
A C:\Windows\SysWOW64\SyncHost.exe
A C:\Windows\SysWOW64\SyncHostps.dll
A C:\Windows\SysWOW64\SyncInfrastructure.dll
A C:\Windows\SysWOW64\SyncInfrastructureps.dll
A C:\Windows\SysWOW64\SynCOM.dll
A C:\Windows\SysWOW64\Syncreg.dll
A C:\Windows\SysWOW64\SynCtrl.dll
A C:\Windows\SysWOW64\syncui.dll
A C:\Windows\SysWOW64\SynTPCOM.dll
A C:\Windows\SysWOW64\SynTPEnhPS.dll
A C:\Windows\SysWOW64\sysdm.cpl
A C:\Windows\SysWOW64\syskey.exe
A C:\Windows\SysWOW64\sysmon.ocx
A C:\Windows\SysWOW64\sysprint.sep
A C:\Windows\SysWOW64\sysprtj.sep
A C:\Windows\SysWOW64\syssetup.dll
A C:\Windows\SysWOW64\systemcpl.dll
A C:\Windows\SysWOW64\systeminfo.exe
A C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe
A C:\Windows\SysWOW64\SystemPropertiesComputerName.exe
A C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe
A C:\Windows\SysWOW64\SystemPropertiesHardware.exe
A C:\Windows\SysWOW64\SystemPropertiesPerformance.exe
A C:\Windows\SysWOW64\SystemPropertiesProtection.exe
A C:\Windows\SysWOW64\SystemPropertiesRemote.exe
A C:\Windows\SysWOW64\systray.exe
A C:\Windows\SysWOW64\t2embed.dll
A C:\Windows\SysWOW64\takeown.exe
A C:\Windows\SysWOW64\tapi3.dll
A C:\Windows\SysWOW64\tapi32.dll
A C:\Windows\SysWOW64\TapiMigPlugin.dll
A C:\Windows\SysWOW64\tapiperf.dll
A C:\Windows\SysWOW64\tapisrv.dll
A C:\Windows\SysWOW64\TapiSysprep.dll
A C:\Windows\SysWOW64\tapiui.dll
A C:\Windows\SysWOW64\TapiUnattend.exe
A C:\Windows\SysWOW64\taskcomp.dll
A C:\Windows\SysWOW64\taskeng.exe
A C:\Windows\SysWOW64\taskkill.exe
A C:\Windows\SysWOW64\tasklist.exe
A C:\Windows\SysWOW64\taskmgr.exe
A C:\Windows\SysWOW64\taskschd.dll
A C:\Windows\SysWOW64\taskschd.msc
A C:\Windows\SysWOW64\TaskSchdPS.dll
A C:\Windows\SysWOW64\tbs.dll
A C:\Windows\SysWOW64\tcmsetup.exe
A C:\Windows\SysWOW64\tcpbidi.xml
A C:\Windows\SysWOW64\tcpipcfg.dll
A C:\Windows\SysWOW64\tcpmonui.dll
A C:\Windows\SysWOW64\TCPSVCS.EXE
A C:\Windows\SysWOW64\tdc.ocx
A C:\Windows\SysWOW64\tdh.dll
A C:\Windows\SysWOW64\telephon.cpl
A C:\Windows\SysWOW64\termmgr.dll
A C:\Windows\SysWOW64\thawbrkr.dll
A C:\Windows\SysWOW64\THCI.dll
A C:\Windows\SysWOW64\themecpl.dll
A C:\Windows\SysWOW64\themeui.dll
A C:\Windows\SysWOW64\thumbcache.dll
A C:\Windows\SysWOW64\ticrf.rat
A C:\Windows\SysWOW64\timedate.cpl
A C:\Windows\SysWOW64\TimeDateMUICallback.dll
A C:\Windows\SysWOW64\timeout.exe
A C:\Windows\SysWOW64\tintlgnt.ime
A C:\Windows\SysWOW64\tlscsp.dll
A C:\Windows\SysWOW64\tpm.msc
A C:\Windows\SysWOW64\tpmcompc.dll
A C:\Windows\SysWOW64\TpmInit.exe
A C:\Windows\SysWOW64\tquery.dll
A C:\Windows\SysWOW64\tracerpt.exe
A C:\Windows\SysWOW64\TRACERT.EXE
A C:\Windows\SysWOW64\traffic.dll
A C:\Windows\SysWOW64\TRAPI.dll
A C:\Windows\SysWOW64\tree.com
A C:\Windows\SysWOW64\tsbyuv.dll
A C:\Windows\SysWOW64\TSChannel.dll
A C:\Windows\SysWOW64\TSCI.dll
A C:\Windows\SysWOW64\tsgqec.dll
A C:\Windows\SysWOW64\tsmf.dll
A C:\Windows\SysWOW64\TSpkg.dll
A C:\Windows\SysWOW64\TSTheme.exe
A C:\Windows\SysWOW64\TSWorkspace.dll
A C:\Windows\SysWOW64\TsWpfWrp.exe
A C:\Windows\SysWOW64\tvratings.dll
A C:\Windows\SysWOW64\twext.dll
A C:\Windows\SysWOW64\txflog.dll
A C:\Windows\SysWOW64\txfw32.dll
A C:\Windows\SysWOW64\typelib.dll
A C:\Windows\SysWOW64\typeperf.exe
A C:\Windows\SysWOW64\tzres.dll
A C:\Windows\SysWOW64\tzutil.exe
A C:\Windows\SysWOW64\ubpm.dll
A C:\Windows\SysWOW64\ucmhc.dll
A C:\Windows\SysWOW64\udhisapi.dll
A C:\Windows\SysWOW64\uexfat.dll
A C:\Windows\SysWOW64\ufat.dll
A C:\Windows\SysWOW64\UIAnimation.dll
A C:\Windows\SysWOW64\UIAutomationCore.dll
A C:\Windows\SysWOW64\uicom.dll
A C:\Windows\SysWOW64\UIRibbon.dll
A C:\Windows\SysWOW64\UIRibbonRes.dll
A C:\Windows\SysWOW64\ulib.dll
A C:\Windows\SysWOW64\umdmxfrm.dll
A C:\Windows\SysWOW64\unimdm.tsp
A C:\Windows\SysWOW64\unimdmat.dll
A C:\Windows\SysWOW64\uniplat.dll
A C:\Windows\SysWOW64\unlodctr.exe
A C:\Windows\SysWOW64\unregmp2.exe
A C:\Windows\SysWOW64\untfs.dll
A C:\Windows\SysWOW64\upnp.dll
A C:\Windows\SysWOW64\upnpcont.exe
A C:\Windows\SysWOW64\upnphost.dll
A C:\Windows\SysWOW64\ureg.dll
A C:\Windows\SysWOW64\url.dll
A C:\Windows\SysWOW64\urlmon.dll
A C:\Windows\SysWOW64\usbceip.dll
A C:\Windows\SysWOW64\usbperf.dll
A C:\Windows\SysWOW64\usbui.dll
A C:\Windows\SysWOW64\user.exe
A C:\Windows\SysWOW64\user32.dll
A C:\Windows\SysWOW64\UserAccountControlSettings.dll
A C:\Windows\SysWOW64\UserAccountControlSettings.exe
A C:\Windows\SysWOW64\usercpl.dll
A C:\Windows\SysWOW64\userenv.dll
A C:\Windows\SysWOW64\userinit.exe
A C:\Windows\SysWOW64\usk.rs
A C:\Windows\SysWOW64\usp10.dll
A C:\Windows\SysWOW64\utildll.dll
A C:\Windows\SysWOW64\Utilman.exe
A C:\Windows\SysWOW64\uudf.dll
A C:\Windows\SysWOW64\UXInit.dll
A C:\Windows\SysWOW64\uxlib.dll
A C:\Windows\SysWOW64\uxlibres.dll
A C:\Windows\SysWOW64\uxtheme.dll
A C:\Windows\SysWOW64\VAN.dll
A C:\Windows\SysWOW64\Vault.dll
A C:\Windows\SysWOW64\vaultcli.dll
A C:\Windows\SysWOW64\VBAEN32.OLB
A C:\Windows\SysWOW64\VBAEND32.OLB
A C:\Windows\SysWOW64\vbajet32.dll
A C:\Windows\SysWOW64\VBAME.DLL
A C:\Windows\SysWOW64\VBICodec.ax
A C:\Windows\SysWOW64\vbisurf.ax
A C:\Windows\SysWOW64\vbscript.dll
A C:\Windows\SysWOW64\vcomp100.dll
A C:\Windows\SysWOW64\vdmdbg.dll
A C:\Windows\SysWOW64\vdsbas.dll
A C:\Windows\SysWOW64\vdsdyn.dll
A C:\Windows\SysWOW64\vdsvd.dll
A C:\Windows\SysWOW64\vds_ps.dll
A C:\Windows\SysWOW64\VEN2232.OLB
A C:\Windows\SysWOW64\verclsid.exe
A C:\Windows\SysWOW64\verifier.dll
A C:\Windows\SysWOW64\verifier.exe
A C:\Windows\SysWOW64\version.dll
A C:\Windows\SysWOW64\vfpodbc.dll
A C:\Windows\SysWOW64\vfwwdm32.dll
A C:\Windows\SysWOW64\vidcap.ax
A C:\Windows\SysWOW64\VIDRESZR.DLL
A C:\Windows\SysWOW64\virtdisk.dll
A C:\Windows\SysWOW64\vpnikeapi.dll
A C:\Windows\SysWOW64\VSFLEX3.OCX
A C:\Windows\SysWOW64\vssadmin.exe
A C:\Windows\SysWOW64\vssapi.dll
A C:\Windows\SysWOW64\vsstrace.dll
A C:\Windows\SysWOW64\vss_ps.dll
A C:\Windows\SysWOW64\w32tm.exe
A C:\Windows\SysWOW64\w32topl.dll
A C:\Windows\SysWOW64\WABSyncProvider.dll
A C:\Windows\SysWOW64\waitfor.exe
A C:\Windows\SysWOW64\wavemsp.dll
A C:\Windows\SysWOW64\wbemcomn.dll
A C:\Windows\SysWOW64\WcnApi.dll
A C:\Windows\SysWOW64\wcncsvc.dll
A C:\Windows\SysWOW64\WcnEapAuthProxy.dll
A C:\Windows\SysWOW64\WcnEapPeerProxy.dll
A C:\Windows\SysWOW64\wcnwiz.dll
A C:\Windows\SysWOW64\WcsPlugInService.dll
A C:\Windows\SysWOW64\wdc.dll
A C:\Windows\SysWOW64\wdi.dll
A C:\Windows\SysWOW64\wdigest.dll
A C:\Windows\SysWOW64\wdmaud.drv
A C:\Windows\SysWOW64\wdscore.dll
A C:\Windows\SysWOW64\WEB.rs
A C:\Windows\SysWOW64\webcheck.dll
A C:\Windows\SysWOW64\WebClnt.dll
A C:\Windows\SysWOW64\webio.dll
A C:\Windows\SysWOW64\webservices.dll
A C:\Windows\SysWOW64\wecapi.dll
A C:\Windows\SysWOW64\wecutil.exe
A C:\Windows\SysWOW64\wer.dll
A C:\Windows\SysWOW64\werdiagcontroller.dll
A C:\Windows\SysWOW64\WerFault.exe
A C:\Windows\SysWOW64\WerFaultSecure.exe
A C:\Windows\SysWOW64\wermgr.exe
A C:\Windows\SysWOW64\werui.dll
A C:\Windows\SysWOW64\wevtapi.dll
A C:\Windows\SysWOW64\wevtfwd.dll
A C:\Windows\SysWOW64\wevtutil.exe
A C:\Windows\SysWOW64\wextract.exe
A C:\Windows\SysWOW64\WF.msc
A C:\Windows\SysWOW64\wfapigp.dll
A C:\Windows\SysWOW64\WfHC.dll
A C:\Windows\SysWOW64\whealogr.dll
A C:\Windows\SysWOW64\where.exe
A C:\Windows\SysWOW64\whhelper.dll
A C:\Windows\SysWOW64\whoami.exe
A C:\Windows\SysWOW64\wiaacmgr.exe
A C:\Windows\SysWOW64\wiaaut.dll
A C:\Windows\SysWOW64\wiadefui.dll
A C:\Windows\SysWOW64\wiadss.dll
A C:\Windows\SysWOW64\WiaExtensionHost64.dll
A C:\Windows\SysWOW64\wiascanprofiles.dll
A C:\Windows\SysWOW64\wiashext.dll
A C:\Windows\SysWOW64\wiatrace.dll
A C:\Windows\SysWOW64\wiavideo.dll
A C:\Windows\SysWOW64\wimgapi.dll
A C:\Windows\SysWOW64\wimserv.exe
A C:\Windows\SysWOW64\win32spl.dll
A C:\Windows\SysWOW64\winbio.dll
A C:\Windows\SysWOW64\winbrand.dll
A C:\Windows\SysWOW64\wincredprovider.dll
A C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
A C:\Windows\SysWOW64\WindowsCodecs.dll
A C:\Windows\SysWOW64\WindowsCodecsExt.dll
A C:\Windows\SysWOW64\WinFax.dll
A C:\Windows\SysWOW64\winhttp.dll
A C:\Windows\SysWOW64\wininet.dll
A C:\Windows\SysWOW64\wininit.exe
A C:\Windows\SysWOW64\winipsec.dll
A C:\Windows\SysWOW64\winmm.dll
A C:\Windows\SysWOW64\winnsi.dll
A C:\Windows\SysWOW64\winrm.cmd
A C:\Windows\SysWOW64\winrm.vbs
A C:\Windows\SysWOW64\winrnr.dll
A C:\Windows\SysWOW64\winrs.exe
A C:\Windows\SysWOW64\winrscmd.dll
A C:\Windows\SysWOW64\winrshost.exe
A C:\Windows\SysWOW64\winrsmgr.dll
A C:\Windows\SysWOW64\winrssrv.dll
A C:\Windows\SysWOW64\WinSATAPI.dll
A C:\Windows\SysWOW64\WinSCard.dll
A C:\Windows\SysWOW64\winshfhc.dll
A C:\Windows\SysWOW64\winsockhc.dll
A C:\Windows\SysWOW64\winspool.drv
A C:\Windows\SysWOW64\WINSRPC.DLL
A C:\Windows\SysWOW64\winsta.dll
A C:\Windows\SysWOW64\WinSync.dll
A C:\Windows\SysWOW64\WinSyncMetastore.dll
A C:\Windows\SysWOW64\WinSyncProviders.dll
A C:\Windows\SysWOW64\wintrust.dll
A C:\Windows\SysWOW64\winusb.dll
A C:\Windows\SysWOW64\winver.exe
A C:\Windows\SysWOW64\wkscli.dll
A C:\Windows\SysWOW64\wksprtPS.dll
A C:\Windows\SysWOW64\wlanapi.dll
A C:\Windows\SysWOW64\wlancfg.dll
A C:\Windows\SysWOW64\WLanConn.dll
A C:\Windows\SysWOW64\wlandlg.dll
A C:\Windows\SysWOW64\wlanext.exe
A C:\Windows\SysWOW64\wlangpui.dll
A C:\Windows\SysWOW64\wlanhlp.dll
A C:\Windows\SysWOW64\wlaninst.dll
A C:\Windows\SysWOW64\WlanMM.dll
A C:\Windows\SysWOW64\wlanmsm.dll
A C:\Windows\SysWOW64\wlanpref.dll
A C:\Windows\SysWOW64\wlansec.dll
A C:\Windows\SysWOW64\wlanui.dll
A C:\Windows\SysWOW64\wlanutil.dll
A C:\Windows\SysWOW64\Wldap32.dll
A C:\Windows\SysWOW64\wlgpclnt.dll
A C:\Windows\SysWOW64\WlS0WndH.dll
A C:\Windows\SysWOW64\WMADMOD.DLL
A C:\Windows\SysWOW64\WMADMOE.DLL
A C:\Windows\SysWOW64\WMASF.DLL
A C:\Windows\SysWOW64\wmcodecdspps.dll
A C:\Windows\SysWOW64\wmdmlog.dll
A C:\Windows\SysWOW64\wmdmps.dll
A C:\Windows\SysWOW64\wmdrmdev.dll
A C:\Windows\SysWOW64\wmdrmnet.dll
A C:\Windows\SysWOW64\wmdrmsdk.dll
A C:\Windows\SysWOW64\wmerror.dll
A C:\Windows\SysWOW64\wmi.dll
A C:\Windows\SysWOW64\wmidx.dll
A C:\Windows\SysWOW64\wmiprop.dll
A C:\Windows\SysWOW64\WMNetMgr.dll
A C:\Windows\SysWOW64\wmp.dll
A C:\Windows\SysWOW64\wmpcm.dll
A C:\Windows\SysWOW64\WmpDui.dll
A C:\Windows\SysWOW64\wmpdxm.dll
A C:\Windows\SysWOW64\wmpeffects.dll
A C:\Windows\SysWOW64\WMPEncEn.dll
A C:\Windows\SysWOW64\WMPhoto.dll
A C:\Windows\SysWOW64\wmploc.DLL
A C:\Windows\SysWOW64\wmpmde.dll
A C:\Windows\SysWOW64\wmpps.dll
A C:\Windows\SysWOW64\wmpshell.dll
A C:\Windows\SysWOW64\wmpsrcwp.dll
A C:\Windows\SysWOW64\wmsgapi.dll
A C:\Windows\SysWOW64\WMSPDMOD.DLL
A C:\Windows\SysWOW64\WMSPDMOE.DLL
A C:\Windows\SysWOW64\WMVCORE.DLL
A C:\Windows\SysWOW64\WMVDECOD.DLL
A C:\Windows\SysWOW64\wmvdspa.dll
A C:\Windows\SysWOW64\WMVENCOD.DLL
A C:\Windows\SysWOW64\WMVSDECD.DLL
A C:\Windows\SysWOW64\WMVSENCD.DLL
A C:\Windows\SysWOW64\WMVXENCD.DLL
A C:\Windows\SysWOW64\wow32.dll
A C:\Windows\SysWOW64\wowreg32.exe
A C:\Windows\SysWOW64\Wpc.dll
A C:\Windows\SysWOW64\wpcao.dll
A C:\Windows\SysWOW64\wpcsvc.dll
A C:\Windows\SysWOW64\wpdshext.dll
A C:\Windows\SysWOW64\WPDShextAutoplay.exe
A C:\Windows\SysWOW64\WPDShServiceObj.dll
A C:\Windows\SysWOW64\WPDSp.dll
A C:\Windows\SysWOW64\wpdwcn.dll
A C:\Windows\SysWOW64\write.exe
A C:\Windows\SysWOW64\ws2help.dll
A C:\Windows\SysWOW64\ws2_32.dll
A C:\Windows\SysWOW64\wscapi.dll
A C:\Windows\SysWOW64\wscinterop.dll
A C:\Windows\SysWOW64\wscisvif.dll
A C:\Windows\SysWOW64\wscmisetup.dll
A C:\Windows\SysWOW64\wscproxystub.dll
A C:\Windows\SysWOW64\wscript.exe
A C:\Windows\SysWOW64\wscui.cpl
A C:\Windows\SysWOW64\WSDApi.dll
A C:\Windows\SysWOW64\wsdchngr.dll
A C:\Windows\SysWOW64\wsecedit.dll
A C:\Windows\SysWOW64\wshbth.dll
A C:\Windows\SysWOW64\wshcon.dll
A C:\Windows\SysWOW64\wshelper.dll
A C:\Windows\SysWOW64\wshext.dll
A C:\Windows\SysWOW64\wship6.dll
A C:\Windows\SysWOW64\wshirda.dll
A C:\Windows\SysWOW64\wshom.ocx
A C:\Windows\SysWOW64\wshqos.dll
A C:\Windows\SysWOW64\wshrm.dll
A C:\Windows\SysWOW64\WSHTCPIP.DLL
A C:\Windows\SysWOW64\wsmanconfig_schema.xml
A C:\Windows\SysWOW64\WSManHTTPConfig.exe
A C:\Windows\SysWOW64\WSManMigrationPlugin.dll
A C:\Windows\SysWOW64\WsmAuto.dll
A C:\Windows\SysWOW64\wsmplpxy.dll
A C:\Windows\SysWOW64\wsmprovhost.exe
A C:\Windows\SysWOW64\WsmPty.xsl
A C:\Windows\SysWOW64\WsmRes.dll
A C:\Windows\SysWOW64\WsmSvc.dll
A C:\Windows\SysWOW64\WsmTxt.xsl
A C:\Windows\SysWOW64\WsmWmiPl.dll
A C:\Windows\SysWOW64\wsnmp32.dll
A C:\Windows\SysWOW64\wsock32.dll
A C:\Windows\SysWOW64\WSTPager.ax
A C:\Windows\SysWOW64\wtsapi32.dll
A C:\Windows\SysWOW64\wuapi.dll
A C:\Windows\SysWOW64\wuapp.exe
A C:\Windows\SysWOW64\wudriver.dll
A C:\Windows\SysWOW64\wups.dll
A C:\Windows\SysWOW64\wusa.exe
A C:\Windows\SysWOW64\wuwebv.dll
A C:\Windows\SysWOW64\wvc.dll
A C:\Windows\SysWOW64\WWanAPI.dll
A C:\Windows\SysWOW64\wwapi.dll
A C:\Windows\SysWOW64\wzcdlg.dll
A C:\Windows\SysWOW64\x3daudio1_0.dll
A C:\Windows\SysWOW64\x3daudio1_1.dll
A C:\Windows\SysWOW64\X3DAudio1_2.dll
A C:\Windows\SysWOW64\X3DAudio1_3.dll
A C:\Windows\SysWOW64\X3DAudio1_4.dll
A C:\Windows\SysWOW64\X3DAudio1_5.dll
A C:\Windows\SysWOW64\X3DAudio1_6.dll
A C:\Windows\SysWOW64\xactengine2_0.dll
A C:\Windows\SysWOW64\xactengine2_1.dll
A C:\Windows\SysWOW64\xactengine2_10.dll
A C:\Windows\SysWOW64\xactengine2_2.dll
A C:\Windows\SysWOW64\xactengine2_3.dll
A C:\Windows\SysWOW64\xactengine2_4.dll
A C:\Windows\SysWOW64\xactengine2_5.dll
A C:\Windows\SysWOW64\xactengine2_6.dll
A C:\Windows\SysWOW64\xactengine2_7.dll
A C:\Windows\SysWOW64\xactengine2_8.dll
A C:\Windows\SysWOW64\xactengine2_9.dll
A C:\Windows\SysWOW64\xactengine3_0.dll
A C:\Windows\SysWOW64\xactengine3_1.dll
A C:\Windows\SysWOW64\xactengine3_2.dll
A C:\Windows\SysWOW64\xactengine3_3.dll
A C:\Windows\SysWOW64\xactengine3_4.dll
A C:\Windows\SysWOW64\xactengine3_5.dll
A C:\Windows\SysWOW64\xactengine3_7.dll
A C:\Windows\SysWOW64\XAPOFX1_0.dll
A C:\Windows\SysWOW64\XAPOFX1_1.dll
A C:\Windows\SysWOW64\XAPOFX1_2.dll
A C:\Windows\SysWOW64\XAPOFX1_3.dll
A C:\Windows\SysWOW64\XAPOFX1_5.dll
A C:\Windows\SysWOW64\XAudio2_0.dll
A C:\Windows\SysWOW64\XAudio2_1.dll
A C:\Windows\SysWOW64\XAudio2_2.dll
A C:\Windows\SysWOW64\XAudio2_3.dll
A C:\Windows\SysWOW64\XAudio2_4.dll
A C:\Windows\SysWOW64\XAudio2_5.dll
A C:\Windows\SysWOW64\XAudio2_7.dll
A C:\Windows\SysWOW64\xcopy.exe
A C:\Windows\SysWOW64\xinput1_1.dll
A C:\Windows\SysWOW64\xinput1_2.dll
A C:\Windows\SysWOW64\xinput1_3.dll
A C:\Windows\SysWOW64\XInput9_1_0.dll
A C:\Windows\SysWOW64\xmlfilter.dll
A C:\Windows\SysWOW64\xmllite.dll
A C:\Windows\SysWOW64\xmlprovi.dll
A C:\Windows\SysWOW64\xolehlp.dll
A C:\Windows\SysWOW64\XpsFilt.dll
A C:\Windows\SysWOW64\XpsGdiConverter.dll
A C:\Windows\SysWOW64\XpsPrint.dll
A C:\Windows\SysWOW64\XpsRasterService.dll
A C:\Windows\SysWOW64\xpsrchvw.exe
A C:\Windows\SysWOW64\xpsrchvw.xml
A C:\Windows\SysWOW64\xpsservices.dll
A C:\Windows\SysWOW64\XPSSHHDR.dll
A C:\Windows\SysWOW64\xpssvcs.dll
A C:\Windows\SysWOW64\xwizard.dtd
A C:\Windows\SysWOW64\xwizard.exe
A C:\Windows\SysWOW64\xwizards.dll
A C:\Windows\SysWOW64\xwreg.dll
A C:\Windows\SysWOW64\xwtpdui.dll
A C:\Windows\SysWOW64\xwtpw32.dll
A C:\Windows\SysWOW64\zipfldr.dll

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:13 AM

Posted 29 January 2013 - 09:21 PM

Click on startmenu and type

cmd

Right click on it and select run as administrator and run these commands

cd C:\Windows\SysWOW64
takeown /a /f KBDFI1V.dll
cacls KBDFI1V.dll /g everyone:f


Type Y and press <ENTER>

attrib -s -h -r KBDFI1V.dll
del KBDFI1V.dll


Restart the PC and let me know if you still have issues

#10 MsTrudy

MsTrudy
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:13 AM

Posted 30 January 2013 - 08:36 AM

Thanks again for all of your help. I'm going to check more into it later to make sure I'm not having any problems. However, upon restart I still immediately got the message "error: 1141076.exe - make sure you typed the name correctly and then try again". Any idea what that means/

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:13 AM

Posted 30 January 2013 - 08:41 AM

Can you post the screenshot or exact error message?

Please run Farbar service scanner and post the new log

#12 MsTrudy

MsTrudy
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:13 AM

Posted 31 January 2013 - 09:40 AM

Here is the link to the error message that pops up immediately upon restarting my computer:
My link


Farbar Service Scanner Version: 30-01-2013
Ran by Trudy (administrator) on 31-01-2013 at 09:35:03
Running from "C:\Users\Trudy\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:13 AM

Posted 31 January 2013 - 10:39 AM

Press Windows+R key and type

services.msc and click ok

Right click on SECURITY CENTER-PROPERTIES

Change the startup type to Automatic and start it.Let me know if that works

Press Windows+R key and type

msconfig and click ok

Change the startup type to normal and click ok

Now run Autoruns again and post the new log




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users