Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

POP UPs Triggered By Web Links (media player upate)


  • This topic is locked This topic is locked
2 replies to this topic

#1 jfisheye

jfisheye

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 19 May 2014 - 01:22 PM

Hello All,

 

I am realtively experienced in eradicating malware but I am completly stumped on this one.  I am working with a Windows 8.1 system.

 

Symptoms:

  • When clicking a web link a POP will appear asking for a "Please update".  The web link is EU based and looks similar to the "Flash Player" malware I have seen before.
  • They are not always present.  I just trued to recreate the popup and couldn't.  They will come back and usually triggered when selecting a link that opens to a new tab.

What I have done to try and rid myself of this.

  • Tried to delete the applicaition that was causing the popups, none found (CC Clearner and WIndows Program)
  • Tried to delete the startup items, none found.  (CC Cleaner, Windows Startup)
  • Reset all browers back to default.
  • Deleted restore points.
  • Scanned with:
  • Hitman Pro Malwarebytes, Adware remover, SmitFraud, SuperAnti spyware, Adware Cleaner, Junkware Removal Tool, AVG)
  • I Ran root kits from malware bytes, TSS and one other I can't think of.)
  • Cleaned Cache with CC Cleaner & TFC

All of this has produced the same result, the scans come up clean and the popups seem to stay. 

 

Thanks in advance for any assistance.

 

Jonathon

 

Logfile of random's system information tool 1.09 (written by random/random)
Run by Amy at 2014-05-19 08:11:05
Microsoft Windows 8.1
System drive C: has 217 GB (23%) free of 938 GB
Total RAM: 6031 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:11:13, on 5/19/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\Amy\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\DELL\DELLOSD\FastUserSwitching.exe
C:\Program Files (x86)\DELL\Dell KM713 Wireless Keyboard software\CDCtr.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Program Files\trend micro\Amy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: (no name) - {d5a1d22b-9e17-454f-8ecd-83c578fb3983} - (no file)
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [DELLOSD] C:\Program Files (x86)\DELL\DELLOSD\FastUserSwitching.exe
O4 - HKLM\..\Run: [CDCtr] "C:\Program Files (x86)\Dell\Dell KM713 Wireless Keyboard software\CDCtr.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN35TB2GBT05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\Amy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6C099CC1D08F8E3594D1CD726B240377] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-21-127131230-1190425124-1215967749-1004\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LogMeInRemoteUser')
O4 - Startup: Dropbox.lnk = Amy\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O16 - DPF: {108D3206-846A-4A93-BACB-F0572D043ED7} (SurveillanceCtrl Control) - http://72.130.190.77/webrec.cab
O16 - DPF: {96ADD1E5-1B8D-41BB-AB80-2C69FFB82E4A} (WebAlarmReceiver Control) - http://192.168.0.102:7172/nwcv4Ssetup.exe
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell WMI Service - Unknown owner - C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MozyHome Backup Service (mozybackup) - Mozy, Inc. - C:\Program Files\MozyHome\mozybackup.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe

--
End of file - 13482 bytes

======Listing Processes======

c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=402c8132-1927-4661-bd8e-f736b4e28e69 /coreSdkOptions=4382 /logConfFile="C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg2014\temp\5ffebb5e-160e-440d-bb36-33183b5b780f-1f8-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg2014\log\"
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
dashost.exe {84ab471e-0f29-4e99-b6968f716eeb4214}
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe"
"C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=8187c02c-1cb6-4e60-8c01-6c5af65f0737 /coreSdkOptions=4114 /logConfFile="C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg2014\temp\5dbe2622-0458-492e-b229-a37a0af59e28-8a0-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
"C:\Program Files\MozyHome\mozybackup.exe"
"C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"
taskhost.exe $(Arg0)
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
 -hiberboot
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\WINDOWS\Explorer.EXE
"C:\Program Files\MozyHome\mozybackup.exe" /wts 4064 676 712
C:\Windows\System32\skydrive.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Windows\System32\igfxtray.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
"C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN35TB2GBT05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
/QuitInfo:00000000000008F8;0000000000000AE0;  
taskhostex.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
/loadhooks /Parent:0000000000001b08
"C:\Program Files\MozyHome\mozystat.exe"
"C:\Users\Amy\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Users\Amy\AppData\Local\Apps\2.0\LEKOB3XE.6BT\JQ553EGA.QTH\dell..tion_0f612f649c4a10af_0005.0004_3ddfe37344028d2c\DellSystemDetect.exe"
"C:\Program Files (x86)\DELL\DELLOSD\FastUserSwitching.exe"
"C:\Program Files (x86)\DELL\Dell KM713 Wireless Keyboard software\CDCtr.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" /logon
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1508.0.1231843388\904920649" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,28 --gpu-vendor-id=0x8086 --gpu-device-id=0x0152 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3412 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="1508.1.1140803606\1437872868" /prefetch:673131151
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe"
C:\WINDOWS\splwow64.exe 8192
ctfmon.exe
"C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE"
"C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe" /MainProcess 9064 /PrinterName "Canon MX450 series Printer" /ScannerName "Canon MX450 series Network" /Language en-US /Startup
"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"
taskhost.exe
"C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE" C:\Users\Amy
"C:\Program Files (x86)\LogMeIn\x64\LogMeInRC.exe" ra_rc 6357096 1 1 893359492100 0 0 0 950298358 250 15 32 0 0 2696 1 0 0 0 0
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4106d8c9-bc10-4397-9caa-0198784e2e7d -SystemEventPortName:HostProcess-bb43ad07-4ca9-4912-a813-10d4920b587a -IoCancelEventPortName:HostProcess-e1797c97-6854-49da-8fe1-449b61467387 -NonStateChangingEventPortName:HostProcess-52ac9a45-c3f4-41d6-a78a-7d7f6ecd0f95 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6becc92d-0ff2-4a04-8717-fb627365b739 -DeviceGroupId:WudfDefaultDevicePool
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-127131230-1190425124-1215967749-1001158_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-127131230-1190425124-1215967749-1001158 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"  "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Users\Amy\AppData\Local\Microsoft\Windows\INetCache\IE\L25LKUMY\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-127131230-1190425124-1215967749-1001Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-127131230-1190425124-1215967749-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\nbmc4isk.default-1399759552009

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-08-08 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5a1d22b-9e17-454f-8ecd-83c578fb3983}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-30 6548624]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-06-13 1212560]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-25 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-25 771544]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-25 770520]
"BtTray"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe [2012-08-08 763520]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2012-08-08 127616]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2012-11-29 57928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Officejet Pro 8600 (NET)"=C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\Amy\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-17 116648]
"DellSystemDetect"=C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [2013-08-27 370]
"GoogleChromeAutoLaunch_6C099CC1D08F8E3594D1CD726B240377"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-05-07 841032]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe [2012-09-12 56128]
"DELLOSD"=C:\Program Files (x86)\DELL\DELLOSD\FastUserSwitching.exe [2011-08-26 49152]
"CDCtr"=C:\Program Files (x86)\Dell\Dell KM713 Wireless Keyboard software\CDCtr.exe [2011-10-07 412672]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07 111120]
"CLVirtualDrive"=C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-07-04 491120]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-06-01 143888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-09-27 1279120]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-08-31 452272]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-02-12 43848]
"AirPort Base Station Agent"=C:\Program Files (x86)\AirPort\APAgent.exe [2009-11-11 771360]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-04-06 5180432]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-02-21 152392]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
MozyHome Status.lnk - C:\Program Files\MozyHome\mozystat.exe

C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Amy\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-25 624640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SystemEventsBroker]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableUIADesktopToggle"=0
"EnableCursorSuppression"=1
"ConsentPromptBehaviorUser"=3
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=1
"NoActiveDesktop"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-05-19 08:11:06 ----D---- C:\Program Files\trend micro
2014-05-19 08:11:05 ----D---- C:\rsit
2014-05-16 08:52:54 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-16 07:56:45 ----A---- C:\Users\Amy\AppData\Roaming\SetValue.bat
2014-05-16 07:56:45 ----A---- C:\Users\Amy\AppData\Roaming\GetValue.vbs
2014-05-16 07:56:44 ----A---- C:\WINDOWS\SYSWOW64\tmp.txt
2014-05-16 07:56:14 ----A---- C:\rapport.txt
2014-05-16 07:55:44 ----A---- C:\WINDOWS\SYSWOW64\VACFix.exe
2014-05-16 07:55:44 ----A---- C:\WINDOWS\SYSWOW64\o4Patch.exe
2014-05-16 07:55:44 ----A---- C:\WINDOWS\SYSWOW64\IEDFix.C.exe
2014-05-16 07:55:44 ----A---- C:\WINDOWS\SYSWOW64\Agent.OMZ.Fix.exe
2014-05-16 07:55:44 ----A---- C:\WINDOWS\SYSWOW64\404Fix.exe
2014-05-16 07:55:43 ----A---- C:\WINDOWS\SYSWOW64\WS2Fix.exe
2014-05-16 07:55:43 ----A---- C:\WINDOWS\SYSWOW64\VCCLSID.exe
2014-05-16 07:55:43 ----A---- C:\WINDOWS\SYSWOW64\swxcacls.exe
2014-05-16 07:55:43 ----A---- C:\WINDOWS\SYSWOW64\IEDFix.exe
2014-05-16 07:55:42 ----A---- C:\WINDOWS\SYSWOW64\swsc.exe
2014-05-16 07:55:42 ----A---- C:\WINDOWS\SYSWOW64\swreg.exe
2014-05-16 07:55:42 ----A---- C:\WINDOWS\SYSWOW64\SrchSTS.exe
2014-05-16 07:55:42 ----A---- C:\WINDOWS\SYSWOW64\Process.exe
2014-05-16 07:55:42 ----A---- C:\WINDOWS\SYSWOW64\dumphive.exe
2014-05-14 08:57:19 ----D---- C:\WINDOWS\PCHEALTH
2014-05-14 08:57:14 ----SHD---- C:\Config.Msi
2014-05-14 08:48:41 ----A---- C:\WINDOWS\SYSWOW64\wusa.exe
2014-05-14 08:48:41 ----A---- C:\WINDOWS\system32\wusa.exe
2014-05-14 08:48:36 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-05-14 08:48:34 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-05-14 08:48:33 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-05-14 08:48:22 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-05-14 08:48:22 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-05-14 08:48:21 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-05-14 08:48:21 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-05-14 08:48:17 ----A---- C:\WINDOWS\SYSWOW64\mrt100.dll
2014-05-14 08:48:17 ----A---- C:\WINDOWS\SYSWOW64\mrt_map.dll
2014-05-14 08:48:17 ----A---- C:\WINDOWS\system32\mrt100.dll
2014-05-14 08:48:17 ----A---- C:\WINDOWS\system32\mrt_map.dll
2014-05-14 08:48:04 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-05-14 08:48:04 ----A---- C:\WINDOWS\system32\twinui.dll
2014-05-14 08:48:04 ----A---- C:\WINDOWS\system32\storewuauth.dll
2014-05-14 08:48:03 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-05-14 08:47:57 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-05-14 08:47:57 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-05-14 08:47:56 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-05-14 08:47:56 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-05-14 08:47:56 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 08:47:56 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-05-14 08:47:56 ----A---- C:\WINDOWS\system32\ubpm.dll
2014-05-14 08:47:56 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 08:47:55 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-05-14 08:47:55 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-05-14 08:47:55 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-05-14 08:47:55 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-05-14 08:47:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 08:47:55 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2014-05-14 08:47:55 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2014-05-14 08:47:55 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-05-14 08:47:55 ----A---- C:\WINDOWS\system32\wups.dll
2014-05-14 08:47:55 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-05-14 08:47:55 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-05-14 08:47:55 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-05-14 08:47:55 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-05-14 08:47:55 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 08:47:55 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 08:47:45 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-05-14 08:47:45 ----A---- C:\WINDOWS\system32\shell32.dll
2014-05-10 11:20:28 ----D---- C:\Program Files (x86)\LogMeIn Rescue RC - 31bac94c-ff6b-4379-b520-9eaa4d8fb565
2014-05-10 10:37:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-07 19:40:45 ----A---- C:\WINDOWS\SYSWOW64\sqlite3.dll
2014-05-07 19:40:19 ----D---- C:\AdwCleaner
2014-05-07 18:35:09 ----D---- C:\WINDOWS\ERUNT
2014-05-06 18:37:52 ----D---- C:\Users\Amy\AppData\Roaming\DropboxMaster
2014-05-06 17:57:06 ----A---- C:\TDSSKiller.2.8.16.0_06.05.2014_17.57.06_log.txt
2014-05-06 17:44:39 ----D---- C:\ProgramData\HitmanPro
2014-04-30 11:29:09 ----A---- C:\WINDOWS\system32\drivers\mozy.sys
2014-04-29 11:28:53 ----D---- C:\Program Files\iPod
2014-04-29 11:28:52 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-29 11:28:52 ----D---- C:\Program Files\iTunes
2014-04-29 11:28:52 ----D---- C:\Program Files (x86)\iTunes
2014-04-26 04:41:04 ----A---- C:\WINDOWS\system32\drivers\tatgemm.sys
2014-04-24 12:09:49 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-04-24 12:09:48 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2014-04-24 12:09:48 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2014-04-24 12:09:48 ----A---- C:\WINDOWS\system32\kernel32.dll
2014-04-24 12:09:47 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2014-04-24 12:09:47 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2014-04-24 12:09:46 ----A---- C:\WINDOWS\system32\KernelBase.dll
2014-04-24 12:09:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-04-24 12:09:40 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-04-24 12:09:39 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-04-24 12:09:39 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-04-24 12:09:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2014-04-24 12:09:31 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-04-24 12:09:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-04-24 12:09:28 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-04-24 12:09:27 ----A---- C:\WINDOWS\system32\msftedit.dll
2014-04-24 12:09:26 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-04-24 12:09:25 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-04-24 12:09:23 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2014-04-24 12:09:23 ----A---- C:\WINDOWS\system32\msxml6.dll
2014-04-24 12:09:23 ----A---- C:\WINDOWS\explorer.exe
2014-04-24 12:09:22 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2014-04-24 12:09:22 ----A---- C:\WINDOWS\system32\authui.dll
2014-04-24 12:09:21 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2014-04-24 12:09:21 ----A---- C:\WINDOWS\system32\dwmcore.dll
2014-04-24 12:09:21 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-04-24 12:09:19 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-04-24 12:09:19 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2014-04-24 12:09:19 ----A---- C:\WINDOWS\system32\d3d11.dll
2014-04-24 12:09:18 ----A---- C:\WINDOWS\system32\ole32.dll
2014-04-24 12:09:17 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2014-04-24 12:09:17 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-04-24 12:09:16 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2014-04-24 12:09:16 ----A---- C:\WINDOWS\system32\wlansvc.dll
2014-04-24 12:09:15 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2014-04-24 12:09:15 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-04-24 12:09:14 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-04-24 12:09:14 ----A---- C:\WINDOWS\system32\kerberos.dll
2014-04-24 12:09:13 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2014-04-24 12:09:13 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-04-24 12:09:12 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2014-04-24 12:09:12 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-04-24 12:09:12 ----A---- C:\WINDOWS\system32\localspl.dll
2014-04-24 12:09:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2014-04-24 12:09:11 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-04-24 12:09:11 ----A---- C:\WINDOWS\system32\dnsapi.dll
2014-04-24 12:09:10 ----A---- C:\WINDOWS\system32\wlidprov.dll
2014-04-24 12:09:10 ----A---- C:\WINDOWS\system32\ReAgent.dll
2014-04-24 12:09:09 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2014-04-24 12:09:09 ----A---- C:\WINDOWS\system32\propsys.dll
2014-04-24 12:09:08 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2014-04-24 12:09:08 ----A---- C:\WINDOWS\system32\gdi32.dll
2014-04-24 12:09:06 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-04-24 12:09:06 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2014-04-24 12:09:06 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2014-04-24 12:09:06 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2014-04-24 12:09:06 ----A---- C:\WINDOWS\system32\mfsvr.dll
2014-04-24 12:09:06 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-04-24 12:09:05 ----A---- C:\WINDOWS\system32\dxgi.dll
2014-04-24 12:09:05 ----A---- C:\WINDOWS\system32\dcomp.dll
2014-04-24 12:09:05 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-04-24 12:08:59 ----A---- C:\WINDOWS\SYSWOW64\wlidprov.dll
2014-04-24 12:08:59 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-04-24 12:08:58 ----A---- C:\WINDOWS\system32\rasapi32.dll
2014-04-24 12:08:58 ----A---- C:\WINDOWS\system32\netlogon.dll
2014-04-24 12:08:58 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-04-24 12:08:58 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2014-04-24 12:08:57 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-04-24 12:08:56 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2014-04-24 12:08:56 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2014-04-24 12:08:56 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2014-04-24 12:08:56 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2014-04-24 12:08:55 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2014-04-24 12:08:55 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-04-24 12:08:55 ----A---- C:\WINDOWS\system32\SessEnv.dll
2014-04-24 12:08:55 ----A---- C:\WINDOWS\system32\fveapi.dll
2014-04-24 12:08:55 ----A---- C:\WINDOWS\system32\BFE.DLL
2014-04-24 12:08:54 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2014-04-24 12:08:54 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-04-24 12:08:54 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-04-24 12:08:53 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-04-24 12:08:53 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-04-24 12:08:52 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2014-04-24 12:08:52 ----A---- C:\WINDOWS\system32\profsvc.dll
2014-04-24 12:08:51 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2014-04-24 12:08:51 ----A---- C:\WINDOWS\system32\bdesvc.dll
2014-04-24 12:08:50 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2014-04-24 12:08:50 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-04-24 12:08:50 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-04-24 12:08:50 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-04-24 12:08:49 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-04-24 12:08:49 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2014-04-24 12:08:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2014-04-24 12:08:48 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2014-04-24 12:08:48 ----A---- C:\WINDOWS\system32\netcfgx.dll
2014-04-24 12:08:47 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2014-04-24 12:08:47 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-04-24 12:08:46 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2014-04-24 12:08:46 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2014-04-24 12:08:46 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2014-04-24 12:08:46 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-04-24 12:08:45 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2014-04-24 12:08:44 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2014-04-24 12:08:44 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2014-04-24 12:08:44 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-04-24 12:08:44 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-04-24 12:08:42 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2014-04-24 12:08:42 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2014-04-24 12:08:42 ----A---- C:\WINDOWS\system32\MDEServer.exe
2014-04-24 12:08:42 ----A---- C:\WINDOWS\system32\dafWfdProvider.dll
2014-04-24 12:08:42 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-04-24 12:08:40 ----A---- C:\WINDOWS\SYSWOW64\Display.dll
2014-04-24 12:08:40 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-04-24 12:08:40 ----A---- C:\WINDOWS\system32\userenv.dll
2014-04-24 12:08:40 ----A---- C:\WINDOWS\system32\pdh.dll
2014-04-24 12:08:40 ----A---- C:\WINDOWS\system32\Display.dll
2014-04-24 12:08:40 ----A---- C:\WINDOWS\system32\davclnt.dll
2014-04-24 12:08:39 ----A---- C:\WINDOWS\system32\ReInfo.dll
2014-04-24 12:08:38 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2014-04-24 12:08:37 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2014-04-24 12:08:37 ----A---- C:\WINDOWS\system32\mfreadwrite.dll
2014-04-24 12:08:37 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-04-24 12:08:37 ----A---- C:\WINDOWS\system32\cdd.dll
2014-04-24 12:08:36 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2014-04-24 12:08:35 ----A---- C:\WINDOWS\SYSWOW64\userenv.dll
2014-04-24 12:08:35 ----A---- C:\WINDOWS\SYSWOW64\mfreadwrite.dll
2014-04-24 12:08:35 ----A---- C:\WINDOWS\system32\wlangpui.dll
2014-04-24 12:08:35 ----A---- C:\WINDOWS\system32\wlanapi.dll
2014-04-24 12:08:35 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2014-04-24 12:08:34 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2014-04-24 12:08:34 ----A---- C:\WINDOWS\system32\aclui.dll
2014-04-24 12:08:33 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2014-04-24 12:08:33 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2014-04-24 12:08:33 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-04-24 12:08:33 ----A---- C:\WINDOWS\system32\spp.dll
2014-04-24 12:08:32 ----A---- C:\WINDOWS\SYSWOW64\spp.dll
2014-04-24 12:08:32 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-04-24 12:08:31 ----A---- C:\WINDOWS\SYSWOW64\pdh.dll
2014-04-24 12:08:31 ----A---- C:\WINDOWS\system32\WSDMon.dll
2014-04-24 12:08:31 ----A---- C:\WINDOWS\system32\drvinst.exe
2014-04-24 12:08:31 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2014-04-24 12:08:30 ----AC---- C:\WINDOWS\system32\drivers\hidusb.sys
2014-04-24 12:08:30 ----A---- C:\WINDOWS\system32\w32tm.exe
2014-04-24 12:08:30 ----A---- C:\WINDOWS\system32\adtschema.dll
2014-04-24 12:08:29 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2014-04-24 12:08:29 ----A---- C:\WINDOWS\system32\clusapi.dll
2014-04-24 12:08:28 ----A---- C:\WINDOWS\SYSWOW64\wlangpui.dll
2014-04-24 12:08:28 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2014-04-24 12:08:28 ----A---- C:\WINDOWS\SYSWOW64\drvinst.exe
2014-04-24 12:08:28 ----A---- C:\WINDOWS\system32\drivers\tcpipreg.sys
2014-04-24 12:08:27 ----A---- C:\WINDOWS\SYSWOW64\w32tm.exe
2014-04-24 12:08:27 ----A---- C:\WINDOWS\system32\fveapibase.dll
2014-04-24 12:08:27 ----A---- C:\WINDOWS\system32\drvcfg.exe
2014-04-24 12:08:27 ----A---- C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-04-24 12:08:26 ----AC---- C:\WINDOWS\system32\drivers\hidclass.sys
2014-04-24 12:08:26 ----A---- C:\WINDOWS\SYSWOW64\CredentialMigrationHandler.dll
2014-04-24 12:08:26 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2014-04-24 12:08:26 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-04-24 12:08:26 ----A---- C:\WINDOWS\system32\RMapi.dll
2014-04-24 12:08:25 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2014-04-24 12:08:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.dll
2014-04-24 12:08:24 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-04-24 12:08:24 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2014-04-24 12:08:24 ----A---- C:\WINDOWS\system32\LocationApi.dll
2014-04-24 12:08:23 ----A---- C:\WINDOWS\SYSWOW64\ReInfo.dll
2014-04-24 12:08:22 ----A---- C:\WINDOWS\system32\nshwfp.dll
2014-04-24 12:08:22 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2014-04-24 12:08:22 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-04-24 12:08:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Scanners.dll
2014-04-24 12:08:20 ----A---- C:\WINDOWS\SYSWOW64\LocationApi.dll
2014-04-24 12:08:20 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2014-04-24 12:08:20 ----A---- C:\WINDOWS\system32\sxproxy.dll
2014-04-24 12:08:20 ----A---- C:\WINDOWS\system32\fvewiz.dll
2014-04-24 12:08:20 ----A---- C:\WINDOWS\system32\DevPropMgr.dll
2014-04-24 12:08:18 ----A---- C:\WINDOWS\SYSWOW64\sxproxy.dll
2014-04-24 12:08:18 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2014-04-24 12:08:18 ----A---- C:\WINDOWS\system32\SetNetworkLocation.dll
2014-04-24 12:08:18 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2014-04-24 12:08:18 ----A---- C:\WINDOWS\system32\drivers\IPMIDrv.sys
2014-04-24 12:08:17 ----A---- C:\WINDOWS\system32\wlansec.dll
2014-04-24 12:08:15 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2014-04-24 12:08:15 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2014-04-24 12:08:15 ----A---- C:\WINDOWS\SYSWOW64\l2gpstore.dll
2014-04-24 12:08:15 ----A---- C:\WINDOWS\system32\WsmWmiPl.dll
2014-04-24 12:08:15 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2014-04-24 12:08:15 ----A---- C:\WINDOWS\system32\l2gpstore.dll
2014-04-24 12:08:15 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-04-24 12:06:08 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-04-24 11:59:17 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-04-24 11:59:15 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-04-24 11:59:14 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-04-24 11:59:13 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-04-24 11:59:10 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-04-24 11:59:09 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-04-24 11:59:07 ----A---- C:\WINDOWS\system32\win32k.sys
2014-04-24 11:59:07 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-04-24 11:58:53 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-04-24 11:58:51 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-04-24 11:58:47 ----AC---- C:\WINDOWS\system32\drivers\volsnap.sys
2014-04-24 11:58:43 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-04-24 11:58:42 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2014-04-24 11:58:41 ----A---- C:\WINDOWS\system32\WSService.dll
2014-04-24 11:58:41 ----A---- C:\WINDOWS\system32\OobeFldr.dll
2014-04-24 11:58:39 ----A---- C:\WINDOWS\SYSWOW64\OobeFldr.dll
2014-04-24 11:58:30 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-04-24 11:58:29 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2014-04-24 11:58:23 ----A---- C:\WINDOWS\system32\wininet.dll
2014-04-24 11:58:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2014-04-24 11:58:17 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-04-24 11:58:17 ----A---- C:\WINDOWS\system32\combase.dll
2014-04-24 11:58:13 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll
2014-04-24 11:58:13 ----A---- C:\WINDOWS\system32\qedit.dll
2014-04-24 11:58:12 ----A---- C:\WINDOWS\system32\wmp.dll
2014-04-24 11:58:10 ----A---- C:\WINDOWS\system32\sppobjs.dll
2014-04-24 11:58:09 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2014-04-24 11:58:06 ----A---- C:\WINDOWS\system32\tquery.dll
2014-04-24 11:58:04 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-04-24 11:58:01 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2014-04-24 11:57:58 ----A---- C:\WINDOWS\system32\sysmain.dll
2014-04-24 11:57:58 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-04-24 11:57:57 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-04-24 11:57:56 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-04-24 11:57:50 ----A---- C:\WINDOWS\system32\mssrch.dll
2014-04-24 11:57:49 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2014-04-24 11:57:43 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2014-04-24 11:57:41 ----A---- C:\WINDOWS\system32\Wpc.dll
2014-04-24 11:57:38 ----A---- C:\WINDOWS\system32\dui70.dll
2014-04-24 11:57:37 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2014-04-24 11:57:36 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-04-24 11:57:35 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2014-04-24 11:57:31 ----A---- C:\WINDOWS\system32\webservices.dll
2014-04-24 11:57:30 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-04-24 11:57:28 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2014-04-24 11:57:26 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-04-24 11:57:25 ----A---- C:\WINDOWS\system32\WpcMon.exe
2014-04-24 11:57:25 ----A---- C:\WINDOWS\system32\winmde.dll
2014-04-24 11:57:24 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-04-24 11:57:23 ----A---- C:\WINDOWS\system32\msctf.dll
2014-04-24 11:57:22 ----A---- C:\WINDOWS\SYSWOW64\dui70.dll
2014-04-24 11:57:22 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-04-24 11:57:21 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-04-24 11:57:20 ----A---- C:\WINDOWS\system32\mispace.dll
2014-04-24 11:57:19 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2014-04-24 11:57:19 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-04-24 11:57:19 ----A---- C:\WINDOWS\system32\msTextPrediction.dll
2014-04-24 11:57:14 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2014-04-24 11:57:13 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-04-24 11:57:11 ----A---- C:\WINDOWS\system32\swprv.dll
2014-04-24 11:57:09 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-04-24 11:57:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2014-04-24 11:57:07 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2014-04-24 11:57:06 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2014-04-24 11:57:03 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2014-04-24 11:57:02 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2014-04-24 11:57:02 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2014-04-24 11:57:01 ----A---- C:\WINDOWS\system32\WpcWebSync.dll
2014-04-24 11:57:01 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2014-04-24 11:57:00 ----A---- C:\WINDOWS\system32\WinTypes.dll
2014-04-24 11:56:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2014-04-24 11:56:59 ----A---- C:\WINDOWS\system32\reseteng.dll
2014-04-24 11:56:58 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2014-04-24 11:56:57 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2014-04-24 11:56:57 ----A---- C:\WINDOWS\system32\WerFault.exe
2014-04-24 11:56:57 ----A---- C:\WINDOWS\system32\Faultrep.dll
2014-04-24 11:56:56 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2014-04-24 11:56:56 ----A---- C:\WINDOWS\SYSWOW64\webservices.dll
2014-04-24 11:56:56 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2014-04-24 11:56:56 ----A---- C:\WINDOWS\system32\samsrv.dll
2014-04-24 11:56:54 ----AC---- C:\WINDOWS\system32\drivers\acpi.sys
2014-04-24 11:56:54 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2014-04-24 11:56:52 ----A---- C:\WINDOWS\SYSWOW64\WMVDECOD.DLL
2014-04-24 11:56:51 ----A---- C:\WINDOWS\system32\winresume.exe
2014-04-24 11:56:49 ----A---- C:\WINDOWS\system32\winload.exe
2014-04-24 11:56:45 ----A---- C:\WINDOWS\system32\wer.dll
2014-04-24 11:56:45 ----A---- C:\WINDOWS\system32\uDWM.dll
2014-04-24 11:56:44 ----A---- C:\WINDOWS\system32\WofTasks.dll
2014-04-24 11:56:44 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2014-04-24 11:56:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2014-04-24 11:56:43 ----A---- C:\WINDOWS\system32\DfpCommon.dll
2014-04-24 11:56:42 ----A---- C:\WINDOWS\system32\setupapi.dll
2014-04-24 11:56:42 ----A---- C:\WINDOWS\system32\rpcss.dll
2014-04-24 11:56:41 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2014-04-24 11:56:40 ----A---- C:\WINDOWS\system32\twinapi.dll
2014-04-24 11:56:35 ----A---- C:\WINDOWS\system32\RacEngn.dll
2014-04-24 11:56:34 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2014-04-24 11:56:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2014-04-24 11:56:32 ----A---- C:\WINDOWS\system32\mf.dll
2014-04-24 11:56:31 ----A---- C:\WINDOWS\system32\WWAHost.exe
2014-04-24 11:56:28 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2014-04-24 11:56:28 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2014-04-24 11:56:24 ----A---- C:\WINDOWS\system32\wpncore.dll
2014-04-24 11:56:24 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2014-04-24 11:56:23 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2014-04-24 11:56:23 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2014-04-24 11:56:23 ----A---- C:\WINDOWS\system32\SHCore.dll
2014-04-24 11:56:21 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2014-04-24 11:56:20 ----A---- C:\WINDOWS\system32\wpccpl.dll
2014-04-24 11:56:20 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2014-04-24 11:56:19 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2014-04-24 11:56:18 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2014-04-24 11:56:17 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2014-04-24 11:56:17 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2014-04-24 11:56:16 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2014-04-24 11:56:15 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2014-04-24 11:56:11 ----A---- C:\WINDOWS\system32\uxtheme.dll
2014-04-24 11:56:09 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2014-04-24 11:56:07 ----A---- C:\WINDOWS\system32\user32.dll
2014-04-24 11:56:07 ----A---- C:\WINDOWS\system32\SettingSync.dll
2014-04-24 11:56:07 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2014-04-24 11:56:06 ----A---- C:\WINDOWS\system32\hal.dll
2014-04-24 11:56:04 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2014-04-24 11:56:03 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-04-24 11:56:02 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2014-04-24 11:56:02 ----A---- C:\WINDOWS\system32\storagewmi.dll
2014-04-24 11:56:01 ----A---- C:\WINDOWS\SYSWOW64\apphelp.dll
2014-04-24 11:56:00 ----A---- C:\WINDOWS\system32\WofUtil.dll
2014-04-24 11:55:59 ----A---- C:\WINDOWS\system32\wimgapi.dll
2014-04-24 11:55:58 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2014-04-24 11:55:55 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2014-04-24 11:55:53 ----A---- C:\WINDOWS\SYSWOW64\scrrun.dll
2014-04-24 11:55:52 ----A---- C:\WINDOWS\system32\scrrun.dll
2014-04-24 11:55:51 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2014-04-24 11:55:50 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2014-04-24 11:55:48 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2014-04-24 11:55:46 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2014-04-24 11:55:45 ----A---- C:\WINDOWS\system32\comdlg32.dll
2014-04-24 11:55:45 ----A---- C:\WINDOWS\system32\apphelp.dll
2014-04-24 11:55:42 ----A---- C:\WINDOWS\system32\schannel.dll
2014-04-24 11:55:42 ----A---- C:\WINDOWS\system32\drivers\rdyboost.sys
2014-04-24 11:55:41 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2014-04-24 11:55:37 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2014-04-24 11:55:35 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2014-04-24 11:55:35 ----A---- C:\WINDOWS\SYSWOW64\RacEngn.dll
2014-04-24 11:55:34 ----A---- C:\WINDOWS\system32\wmpmde.dll
2014-04-24 11:55:34 ----A---- C:\WINDOWS\system32\wintrust.dll
2014-04-24 11:55:33 ----A---- C:\WINDOWS\system32\recimg.exe
2014-04-24 11:55:33 ----A---- C:\WINDOWS\system32\dfp.exe
2014-04-24 11:55:31 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2014-04-24 11:55:31 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2014-04-24 11:55:30 ----A---- C:\WINDOWS\system32\perftrack.dll
2014-04-24 11:55:27 ----A---- C:\WINDOWS\system32\usercpl.dll
2014-04-24 11:55:27 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2014-04-24 11:55:26 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2014-04-24 11:55:25 ----A---- C:\WINDOWS\system32\dfpinc.dat
2014-04-24 11:55:25 ----A---- C:\WINDOWS\system32\bisrv.dll
2014-04-24 11:55:25 ----A---- C:\WINDOWS\system32\advapi32.dll
2014-04-24 11:55:23 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2014-04-24 11:55:23 ----A---- C:\WINDOWS\system32\lsm.dll
2014-04-24 11:55:21 ----A---- C:\WINDOWS\system32\energy.dll
2014-04-24 11:55:17 ----A---- C:\WINDOWS\system32\mssvp.dll
2014-04-24 11:55:15 ----A---- C:\WINDOWS\system32\tdh.dll
2014-04-24 11:55:12 ----AC---- C:\WINDOWS\system32\drivers\pci.sys
2014-04-24 11:55:10 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2014-04-24 11:55:08 ----A---- C:\WINDOWS\system32\DismApi.dll
2014-04-24 11:55:07 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-04-24 11:55:06 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2014-04-24 11:55:05 ----A---- C:\WINDOWS\system32\winlogon.exe
2014-04-24 11:55:04 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2014-04-24 11:55:03 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2014-04-24 11:54:59 ----A---- C:\WINDOWS\SYSWOW64\MMDevAPI.dll
2014-04-24 11:54:58 ----A---- C:\WINDOWS\system32\oleaut32.dll
2014-04-24 11:54:57 ----AC---- C:\WINDOWS\system32\drivers\spaceport.sys
2014-04-24 11:54:55 ----A---- C:\WINDOWS\system32\msvproc.dll
2014-04-24 11:54:55 ----A---- C:\WINDOWS\system32\mssph.dll
2014-04-24 11:54:55 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2014-04-24 11:54:53 ----AC---- C:\WINDOWS\system32\drivers\portcls.sys
2014-04-24 11:54:53 ----A---- C:\WINDOWS\system32\werconcpl.dll
2014-04-24 11:54:53 ----A---- C:\WINDOWS\system32\ActionCenter.dll
2014-04-24 11:54:50 ----A---- C:\WINDOWS\system32\thumbcache.dll
2014-04-24 11:54:48 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-04-24 11:54:47 ----A---- C:\WINDOWS\system32\stobject.dll
2014-04-24 11:54:45 ----AC---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-04-24 11:54:45 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2014-04-24 11:54:44 ----A---- C:\WINDOWS\system32\msctfuimanager.dll
2014-04-24 11:54:43 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2014-04-24 11:54:43 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-04-24 11:54:42 ----AC---- C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-04-24 11:54:39 ----A---- C:\WINDOWS\system32\ci.dll
2014-04-24 11:54:38 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-04-24 11:54:30 ----A---- C:\WINDOWS\system32\sppwinob.dll
2014-04-24 11:54:27 ----A---- C:\WINDOWS\system32\ntshrui.dll
2014-04-24 11:54:25 ----A---- C:\WINDOWS\SYSWOW64\msctfuimanager.dll
2014-04-24 11:54:23 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2014-04-24 11:54:20 ----A---- C:\WINDOWS\system32\WSClient.dll
2014-04-24 11:54:20 ----A---- C:\WINDOWS\system32\psmsrv.dll
2014-04-24 11:54:20 ----A---- C:\WINDOWS\system32\iuilp.dll
2014-04-24 11:54:19 ----A---- C:\WINDOWS\system32\printui.dll
2014-04-24 11:54:18 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2014-04-24 11:54:18 ----A---- C:\WINDOWS\system32\wlidcli.dll
2014-04-24 11:54:13 ----A---- C:\WINDOWS\SYSWOW64\WSClient.dll
2014-04-24 11:54:13 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2014-04-24 11:54:13 ----A---- C:\WINDOWS\SYSWOW64\ActionCenter.dll
2014-04-24 11:54:10 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2014-04-24 11:54:10 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2014-04-24 11:54:10 ----A---- C:\WINDOWS\system32\aelupsvc.dll
2014-04-24 11:54:09 ----A---- C:\WINDOWS\SYSWOW64\slc.dll
2014-04-24 11:54:09 ----A---- C:\WINDOWS\system32\slc.dll
2014-04-24 11:54:09 ----A---- C:\WINDOWS\system32\MrmIndexer.dll
2014-04-24 11:54:05 ----A---- C:\WINDOWS\system32\Dism.exe
2014-04-24 11:54:04 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-04-24 11:54:04 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-04-24 11:54:04 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2014-04-24 11:54:03 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2014-04-24 11:54:02 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2014-04-24 11:54:02 ----A---- C:\WINDOWS\system32\nettrace.dll
2014-04-24 11:54:01 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2014-04-24 11:53:59 ----A---- C:\WINDOWS\SYSWOW64\uxtheme.dll
2014-04-24 11:53:58 ----A---- C:\WINDOWS\system32\pnidui.dll
2014-04-24 11:53:55 ----A---- C:\WINDOWS\system32\dwmredir.dll
2014-04-24 11:53:53 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2014-04-24 11:53:51 ----A---- C:\WINDOWS\system32\gpsvc.dll
2014-04-24 11:53:47 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2014-04-24 11:53:46 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2014-04-24 11:53:45 ----A---- C:\WINDOWS\system32\WlanMM.dll
2014-04-24 11:53:44 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-04-24 11:53:43 ----A---- C:\WINDOWS\system32\osk.exe
2014-04-24 11:53:43 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2014-04-24 11:53:42 ----A---- C:\WINDOWS\system32\ninput.dll
2014-04-24 11:53:41 ----A---- C:\WINDOWS\system32\VAN.dll
2014-04-24 11:53:38 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2014-04-24 11:53:38 ----A---- C:\WINDOWS\system32\authz.dll
2014-04-24 11:53:33 ----A---- C:\WINDOWS\system32\defragsvc.dll
2014-04-24 11:53:31 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2014-04-24 11:53:31 ----A---- C:\WINDOWS\system32\conhost.exe
2014-04-24 11:53:30 ----A---- C:\WINDOWS\system32\rascustom.dll
2014-04-24 11:53:29 ----A---- C:\WINDOWS\system32\taskeng.exe
2014-04-24 11:53:28 ----AC---- C:\WINDOWS\system32\drivers\vhdmp.sys
2014-04-24 11:53:26 ----A---- C:\WINDOWS\system32\wersvc.dll
2014-04-24 11:53:26 ----A---- C:\WINDOWS\system32\themeui.dll
2014-04-24 11:53:25 ----A---- C:\WINDOWS\system32\wlidcredprov.dll
2014-04-24 11:53:24 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2014-04-24 11:53:24 ----A---- C:\WINDOWS\system32\dwmapi.dll
2014-04-24 11:53:23 ----A---- C:\WINDOWS\system32\rdbui.dll
2014-04-24 11:53:19 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-04-24 11:53:16 ----A---- C:\WINDOWS\system32\sqmapi.dll
2014-04-24 11:53:15 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2014-04-24 11:53:14 ----A---- C:\WINDOWS\SYSWOW64\DismApi.dll
2014-04-24 11:53:13 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2014-04-24 11:53:12 ----A---- C:\WINDOWS\system32\rdpcore.dll
2014-04-24 11:53:11 ----A---- C:\WINDOWS\system32\wbengine.exe
2014-04-24 11:53:06 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2014-04-24 11:53:02 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2014-04-24 11:52:58 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2014-04-24 11:52:58 ----A---- C:\WINDOWS\system32\SndVol.exe
2014-04-24 11:52:56 ----A---- C:\WINDOWS\SYSWOW64\MrmIndexer.dll
2014-04-24 11:52:49 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-04-24 11:52:45 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-04-24 11:52:42 ----A---- C:\WINDOWS\SYSWOW64\Dism.exe
2014-04-24 11:52:40 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll
2014-04-24 11:52:36 ----A---- C:\WINDOWS\system32\sppc.dll
2014-04-24 11:52:35 ----A---- C:\WINDOWS\SYSWOW64\mssphtb.dll
2014-04-24 11:52:33 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2014-04-24 11:52:29 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2014-04-24 11:52:26 ----A---- C:\WINDOWS\system32\bcrypt.dll
2014-04-24 11:50:47 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-04-24 11:50:46 ----A---- C:\WINDOWS\system32\clrhost.dll
2014-04-24 11:50:45 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-04-24 11:50:23 ----A---- C:\WINDOWS\system32\PkgMgr.exe
2014-04-24 11:50:19 ----A---- C:\WINDOWS\SYSWOW64\sppc.dll
2014-04-24 11:50:17 ----A---- C:\WINDOWS\system32\wimserv.exe
2014-04-24 11:50:08 ----A---- C:\WINDOWS\system32\wwanmm.dll
2014-04-24 11:50:04 ----A---- C:\WINDOWS\system32\WLanConn.dll
2014-04-24 11:50:02 ----A---- C:\WINDOWS\SYSWOW64\VAN.dll
2014-04-24 11:50:01 ----A---- C:\WINDOWS\SYSWOW64\osk.exe
2014-04-24 11:50:01 ----A---- C:\WINDOWS\system32\wscinterop.dll
2014-04-24 11:50:00 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys
2014-04-24 11:50:00 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2014-04-24 11:50:00 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-04-24 11:49:59 ----A---- C:\WINDOWS\system32\ploptin.dll
2014-04-24 11:49:56 ----A---- C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-04-24 11:49:54 ----A---- C:\WINDOWS\SYSWOW64\SyncCenter.dll
2014-04-24 11:49:54 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll
2014-04-24 11:49:53 ----A---- C:\WINDOWS\system32\gameux.dll
2014-04-24 11:49:52 ----A---- C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2014-04-24 11:49:51 ----AC---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2014-04-24 11:49:51 ----A---- C:\WINDOWS\SYSWOW64\SndVol.exe
2014-04-24 11:49:51 ----A---- C:\WINDOWS\system32\fhcfg.dll
2014-04-24 11:49:50 ----A---- C:\WINDOWS\SYSWOW64\WlanMM.dll
2014-04-24 11:49:50 ----A---- C:\WINDOWS\system32\dwm.exe
2014-04-24 11:49:49 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2014-04-24 11:49:48 ----A---- C:\WINDOWS\system32\winsrv.dll
2014-04-24 11:49:48 ----A---- C:\WINDOWS\system32\taskhost.exe
2014-04-24 11:49:47 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2014-04-24 11:49:47 ----A---- C:\WINDOWS\system32\rasgcw.dll
2014-04-24 11:49:47 ----A---- C:\WINDOWS\system32\drivers\PEAuth.sys
2014-04-24 11:49:47 ----A---- C:\WINDOWS\system32\drivers\luafv.sys
2014-04-24 11:49:46 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2014-04-24 11:49:46 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2014-04-24 11:49:44 ----A---- C:\WINDOWS\system32\wscsvc.dll
2014-04-24 11:49:44 ----A---- C:\WINDOWS\system32\wscapi.dll
2014-04-24 11:49:43 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2014-04-24 11:49:43 ----A---- C:\WINDOWS\system32\wermgr.exe
2014-04-24 11:49:43 ----A---- C:\WINDOWS\system32\srchadmin.dll
2014-04-24 11:49:41 ----AC---- C:\WINDOWS\system32\drivers\rfcomm.sys
2014-04-24 11:49:40 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2014-04-24 11:49:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-04-24 11:49:39 ----A---- C:\WINDOWS\SYSWOW64\clrhost.dll
2014-04-24 11:49:38 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys
2014-04-24 11:49:38 ----A---- C:\WINDOWS\SYSWOW64\ninput.dll
2014-04-24 11:49:32 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2014-04-24 11:49:31 ----A---- C:\WINDOWS\system32\smss.exe
2014-04-24 11:49:30 ----A---- C:\WINDOWS\system32\wwanconn.dll
2014-04-24 11:49:30 ----A---- C:\WINDOWS\system32\BioCredProv.dll
2014-04-24 11:49:30 ----A---- C:\WINDOWS\system32\AltTab.dll
2014-04-24 11:49:29 ----A---- C:\WINDOWS\system32\vdsbas.dll
2014-04-24 11:49:29 ----A---- C:\WINDOWS\system32\systemreset.exe
2014-04-24 11:49:29 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2014-04-24 11:49:29 ----A---- C:\WINDOWS\system32\RASMM.dll
2014-04-24 11:49:29 ----A---- C:\WINDOWS\system32\imm32.dll
2014-04-24 11:49:28 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2014-04-24 11:49:28 ----A---- C:\WINDOWS\system32\fhcpl.dll
2014-04-24 11:49:26 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2014-04-24 11:49:25 ----A---- C:\WINDOWS\system32\netid.dll
2014-04-24 11:49:25 ----A---- C:\WINDOWS\system32\fsutil.exe
2014-04-24 11:49:20 ----A---- C:\WINDOWS\system32\taskhostex.exe
2014-04-24 11:49:20 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2014-04-24 11:49:20 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-04-24 11:49:20 ----A---- C:\WINDOWS\system32\drivers\msgpioclx.sys
2014-04-24 11:49:20 ----A---- C:\WINDOWS\system32\das.dll
2014-04-24 11:49:19 ----A---- C:\WINDOWS\system32\CloudNotifications.exe
2014-04-24 11:49:18 ----A---- C:\WINDOWS\system32\WSDApi.dll
2014-04-24 11:49:18 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2014-04-24 11:49:18 ----A---- C:\WINDOWS\system32\sdclt.exe
2014-04-24 11:49:17 ----A---- C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-04-24 11:49:16 ----A---- C:\WINDOWS\SYSWOW64\fsutil.exe
2014-04-24 11:49:16 ----A---- C:\WINDOWS\SYSWOW64\CloudNotifications.exe
2014-04-24 11:49:16 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-04-24 11:49:16 ----A---- C:\WINDOWS\system32\drivers\fileinfo.sys
2014-04-24 11:49:15 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-04-24 11:49:14 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2014-04-24 11:49:14 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2014-04-24 11:49:13 ----AC---- C:\WINDOWS\system32\drivers\bthport.sys
2014-04-24 11:49:12 ----A---- C:\WINDOWS\system32\powrprof.dll
2014-04-24 11:49:12 ----A---- C:\WINDOWS\system32\mssprxy.dll
2014-04-24 11:49:11 ----AC---- C:\WINDOWS\system32\drivers\BasicRender.sys
2014-04-24 11:49:11 ----A---- C:\WINDOWS\SYSWOW64\imm32.dll
2014-04-24 11:49:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2014-04-24 11:49:10 ----A---- C:\WINDOWS\system32\zipfldr.dll
2014-04-24 11:49:10 ----A---- C:\WINDOWS\system32\newdev.dll
2014-04-24 11:49:09 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2014-04-24 11:49:09 ----A---- C:\WINDOWS\system32\aepic.dll
2014-04-24 11:49:07 ----AC---- C:\WINDOWS\system32\drivers\sdstor.sys
2014-04-24 11:49:06 ----AC---- C:\WINDOWS\system32\drivers\BthLEEnum.sys
2014-04-24 11:49:06 ----A---- C:\WINDOWS\SYSWOW64\SndVolSSO.dll
2014-04-24 11:49:05 ----A---- C:\WINDOWS\system32\dmvdsitf.dll
2014-04-24 11:49:04 ----A---- C:\WINDOWS\system32\RestoreOptIn.exe
2014-04-24 11:49:03 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2014-04-24 11:49:03 ----A---- C:\WINDOWS\system32\spwizeng.dll
2014-04-24 11:49:02 ----A---- C:\WINDOWS\system32\vds.exe
2014-04-24 11:49:02 ----A---- C:\WINDOWS\system32\LockScreenContent.dll
2014-04-24 11:49:01 ----A---- C:\WINDOWS\system32\wow64win.dll
2014-04-24 11:49:01 ----A---- C:\WINDOWS\system32\UserAccountBroker.exe
2014-04-24 11:49:01 ----A---- C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-04-24 11:49:01 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2014-04-24 11:49:01 ----A---- C:\WINDOWS\system32\appinfo.dll
2014-04-24 11:49:00 ----A---- C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-04-24 11:48:59 ----A---- C:\WINDOWS\SYSWOW64\powrprof.dll
2014-04-24 11:48:59 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2014-04-24 11:48:58 ----A---- C:\WINDOWS\SYSWOW64\WLanConn.dll
2014-04-24 11:48:57 ----A---- C:\WINDOWS\SYSWOW64\WSDApi.dll
2014-04-24 11:48:57 ----A---- C:\WINDOWS\SYSWOW64\rasgcw.dll
2014-04-24 11:48:56 ----A---- C:\WINDOWS\SYSWOW64\RestoreOptIn.exe
2014-04-24 11:48:56 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-04-24 11:48:56 ----A---- C:\WINDOWS\system32\bcd.dll
2014-04-24 11:48:56 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2014-04-24 11:48:54 ----A---- C:\WINDOWS\system32\dot3mm.dll
2014-04-24 11:48:52 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2014-04-24 11:48:52 ----A---- C:\WINDOWS\SYSWOW64\UserAccountBroker.exe
2014-04-24 11:48:50 ----A---- C:\WINDOWS\SYSWOW64\srchadmin.dll
2014-04-24 11:48:50 ----A---- C:\WINDOWS\SYSWOW64\newdev.dll
2014-04-24 11:48:49 ----A---- C:\WINDOWS\SYSWOW64\wscinterop.dll
2014-04-24 11:48:49 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-04-24 11:48:49 ----A---- C:\WINDOWS\system32\easinvoker.exe
2014-04-24 11:48:46 ----A---- C:\WINDOWS\SYSWOW64\bcd.dll
2014-04-24 11:48:46 ----A---- C:\WINDOWS\system32\srclient.dll
2014-04-24 11:48:46 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2014-04-24 11:48:46 ----A---- C:\WINDOWS\system32\DAMM.dll
2014-04-24 11:48:46 ----A---- C:\WINDOWS\system32\bootux.dll
2014-04-24 11:48:43 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-04-24 11:48:40 ----A---- C:\WINDOWS\SYSWOW64\cleanmgr.exe
2014-04-24 11:48:39 ----A---- C:\WINDOWS\system32\samlib.dll
2014-04-24 11:48:39 ----A---- C:\WINDOWS\system32\drivers\wpcfltr.sys
2014-04-24 11:48:39 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2014-04-24 11:48:38 ----A---- C:\WINDOWS\SYSWOW64\srclient.dll
2014-04-24 11:48:38 ----A---- C:\WINDOWS\system32\rpchttp.dll
2014-04-24 11:48:38 ----A---- C:\WINDOWS\system32\provsvc.dll
2014-04-24 11:48:35 ----A---- C:\WINDOWS\system32\rasmans.dll
2014-04-24 11:48:35 ----A---- C:\WINDOWS\system32\AuthHost.exe
2014-04-24 11:48:34 ----AC---- C:\WINDOWS\system32\drivers\UCX01000.SYS
2014-04-24 11:48:33 ----A---- C:\WINDOWS\SYSWOW64\taskeng.exe
2014-04-24 11:48:33 ----A---- C:\WINDOWS\system32\easwrt.dll
2014-04-24 11:48:32 ----A---- C:\WINDOWS\system32\netiohlp.dll
2014-04-24 11:48:31 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2014-04-24 11:48:30 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2014-04-24 11:48:30 ----A---- C:\WINDOWS\system32\korwbrkr.dll
2014-04-24 11:48:29 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2014-04-24 11:48:29 ----A---- C:\WINDOWS\SYSWOW64\netid.dll
2014-04-24 11:48:28 ----A---- C:\WINDOWS\SYSWOW64\BioCredProv.dll
2014-04-24 11:48:27 ----A---- C:\WINDOWS\SYSWOW64\dmvdsitf.dll
2014-04-24 11:48:25 ----A---- C:\WINDOWS\system32\drivers\http.sys
2014-04-24 11:48:24 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2014-04-24 11:48:24 ----A---- C:\WINDOWS\SYSWOW64\netiohlp.dll
2014-04-24 11:48:23 ----A---- C:\WINDOWS\system32\srcore.dll
2014-04-24 11:48:22 ----A---- C:\WINDOWS\system32\acppage.dll
2014-04-24 11:48:21 ----A---- C:\WINDOWS\system32\netplwiz.dll
2014-04-24 11:48:21 ----A---- C:\WINDOWS\system32\CloudStorageWizard.exe
2014-04-24 11:48:20 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-04-24 11:48:19 ----A---- C:\WINDOWS\SYSWOW64\dmdskmgr.dll
2014-04-24 11:48:19 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2014-04-24 11:48:19 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-04-24 11:48:19 ----A---- C:\WINDOWS\system32\scrobj.dll
2014-04-24 11:48:18 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2014-04-24 11:48:18 ----A---- C:\WINDOWS\SYSWOW64\bcrypt.dll
2014-04-24 11:48:17 ----A---- C:\WINDOWS\system32\LockScreenContentServer.exe
2014-04-24 11:48:17 ----A---- C:\WINDOWS\system32\AuthBroker.dll
2014-04-24 11:48:16 ----A---- C:\WINDOWS\system32\winbrand.dll
2014-04-24 11:48:13 ----A---- C:\WINDOWS\system32\slpts.dll
2014-04-24 11:48:12 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2014-04-24 11:48:12 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountTokenProvider.dll
2014-04-24 11:48:11 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2014-04-24 11:48:11 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2014-04-24 11:48:11 ----A---- C:\WINDOWS\SYSWOW64\acppage.dll
2014-04-24 11:48:11 ----A---- C:\WINDOWS\system32\PrintDialogs.dll
2014-04-24 11:48:11 ----A---- C:\WINDOWS\system32\bcdedit.exe
2014-04-24 11:48:10 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2014-04-24 11:48:10 ----A---- C:\WINDOWS\system32\wpnprv.dll
2014-04-24 11:48:10 ----A---- C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-24 11:48:10 ----A---- C:\WINDOWS\system32\wbadmin.exe
2014-04-24 11:48:10 ----A---- C:\WINDOWS\system32\autoconv.exe
2014-04-24 11:48:09 ----A---- C:\WINDOWS\system32\sud.dll
2014-04-24 11:48:09 ----A---- C:\WINDOWS\system32\autofmt.exe
2014-04-24 11:48:08 ----A---- C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-04-24 11:48:08 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2014-04-24 11:48:08 ----A---- C:\WINDOWS\system32\SysResetErr.exe
2014-04-24 11:48:08 ----A---- C:\WINDOWS\system32\mfpmp.exe
2014-04-24 11:48:08 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2014-04-24 11:48:07 ----A---- C:\WINDOWS\SYSWOW64\provsvc.dll
2014-04-24 11:48:07 ----A---- C:\WINDOWS\SYSWOW64\printui.dll
2014-04-24 11:48:06 ----A---- C:\WINDOWS\system32\sppnp.dll
2014-04-24 11:48:05 ----A---- C:\WINDOWS\SYSWOW64\wlidcredprov.dll
2014-04-24 11:48:05 ----A---- C:\WINDOWS\SYSWOW64\scrobj.dll
2014-04-24 11:48:05 ----A---- C:\WINDOWS\system32\bcdboot.exe
2014-04-24 11:48:04 ----A---- C:\WINDOWS\system32\untfs.dll
2014-04-24 11:48:02 ----A---- C:\WINDOWS\system32\autochk.exe
2014-04-24 11:47:59 ----A---- C:\WINDOWS\system32\spbcd.dll
2014-04-24 11:47:59 ----A---- C:\WINDOWS\system32\setbcdlocale.dll
2014-04-24 11:47:58 ----A---- C:\WINDOWS\SYSWOW64\slpts.dll
2014-04-24 11:47:58 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-24 11:47:57 ----A---- C:\WINDOWS\SYSWOW64\PkgMgr.exe
2014-04-24 11:47:57 ----A---- C:\WINDOWS\system32\migisol.dll
2014-04-24 11:47:56 ----A---- C:\WINDOWS\SYSWOW64\winbrand.dll
2014-04-24 11:47:56 ----A---- C:\WINDOWS\SYSWOW64\autofmt.exe
2014-04-24 11:47:55 ----A---- C:\WINDOWS\SYSWOW64\autochk.exe
2014-04-24 11:47:54 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2014-04-24 11:47:54 ----A---- C:\WINDOWS\SYSWOW64\autoconv.exe
2014-04-24 11:47:54 ----A---- C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-04-24 11:47:54 ----A---- C:\WINDOWS\system32\fhevents.dll
2014-04-24 11:47:54 ----A---- C:\WINDOWS\system32\DAConn.dll
2014-04-24 11:47:53 ----A---- C:\WINDOWS\system32\dafBth.dll
2014-04-24 11:47:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2014-04-24 11:47:52 ----A---- C:\WINDOWS\system32\UXInit.dll
2014-04-24 11:47:52 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2014-04-24 11:47:49 ----A---- C:\WINDOWS\SYSWOW64\AuthBroker.dll
2014-04-24 11:47:48 ----A---- C:\WINDOWS\system32\spcompat.dll
2014-04-24 11:47:45 ----A---- C:\WINDOWS\system32\vdsutil.dll
2014-04-24 11:47:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-24 11:47:44 ----A---- C:\WINDOWS\SYSWOW64\StorageContextHandler.dll
2014-04-24 11:47:43 ----A---- C:\WINDOWS\system32\drivers\watchdog.sys
2014-04-24 11:47:42 ----AC---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2014-04-24 11:47:42 ----A---- C:\WINDOWS\system32\cscript.exe
2014-04-24 11:47:41 ----A---- C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2014-04-24 11:47:40 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2014-04-24 11:47:39 ----A---- C:\WINDOWS\SYSWOW64\spwizeng.dll
2014-04-24 11:47:38 ----A---- C:\WINDOWS\system32\energytask.dll
2014-04-24 11:47:36 ----A---- C:\WINDOWS\system32\diskpart.exe
2014-04-24 11:47:35 ----A---- C:\WINDOWS\SYSWOW64\spbcd.dll
2014-04-24 11:47:34 ----A---- C:\WINDOWS\SYSWOW64\WimBootCompress.ini
2014-04-24 11:47:34 ----A---- C:\WINDOWS\system32\WimBootCompress.ini
2014-04-24 11:47:28 ----A---- C:\WINDOWS\system32\werui.dll
2014-04-24 11:47:28 ----A---- C:\WINDOWS\system32\devinv.dll
2014-04-24 11:47:23 ----A---- C:\WINDOWS\system32\powercfg.exe
2014-04-24 11:47:20 ----A---- C:\WINDOWS\system32\RelPost.exe
2014-04-24 11:47:19 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2014-04-24 11:47:17 ----A---- C:\WINDOWS\system32\rstrui.exe
2014-04-24 11:47:17 ----A---- C:\WINDOWS\system32\pnpclean.dll
2014-04-24 11:47:17 ----A---- C:\WINDOWS\system32\deviceassociation.dll
2014-04-24 11:47:16 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2014-04-24 11:47:16 ----A---- C:\WINDOWS\system32\SettingMonitor.dll
2014-04-24 11:47:14 ----A---- C:\WINDOWS\SYSWOW64\SettingMonitor.dll
2014-04-24 11:47:14 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2014-04-24 11:47:14 ----A---- C:\WINDOWS\system32\dasHost.exe
2014-04-24 11:47:08 ----A---- C:\WINDOWS\system32\srrstr.dll
2014-04-24 11:47:05 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2014-04-24 11:47:05 ----A---- C:\WINDOWS\system32\ReAgentc.exe
2014-04-24 11:47:03 ----A---- C:\WINDOWS\system32\offreg.dll
2014-04-24 11:47:02 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-04-24 11:47:02 ----A---- C:\WINDOWS\system32\ActionQueue.dll
2014-04-24 11:47:01 ----A---- C:\WINDOWS\SYSWOW64\winsku.dll
2014-04-24 11:47:01 ----A---- C:\WINDOWS\SYSWOW64\PrintDialogs.dll
2014-04-24 11:47:00 ----A---- C:\WINDOWS\SYSWOW64\SSShim.dll
2014-04-24 11:47:00 ----A---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2014-04-24 11:47:00 ----A---- C:\WINDOWS\SYSWOW64\CloudStorageWizard.exe
2014-04-24 11:46:57 ----A---- C:\WINDOWS\system32\dfrgui.exe
2014-04-24 11:46:56 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2014-04-24 11:46:55 ----A---- C:\WINDOWS\SYSWOW64\UserLanguagesCpl.dll
2014-04-24 11:46:55 ----A---- C:\WINDOWS\SYSWOW64\deviceassociation.dll
2014-04-24 11:46:55 ----A---- C:\WINDOWS\system32\msshooks.dll
2014-04-24 11:46:54 ----A---- C:\WINDOWS\system32\mf3216.dll
2014-04-24 11:46:52 ----A---- C:\WINDOWS\SYSWOW64\powercfg.exe
2014-04-24 11:46:52 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-04-24 11:46:49 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2014-04-24 11:46:47 ----A---- C:\WINDOWS\system32\f3ahvoas.dll
2014-04-24 11:46:46 ----A---- C:\WINDOWS\SYSWOW64\migisol.dll
2014-04-24 11:46:44 ----A---- C:\WINDOWS\SYSWOW64\ReAgentc.exe
2014-04-24 11:46:44 ----A---- C:\WINDOWS\system32\SrTasks.exe
2014-04-24 11:46:42 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2014-04-24 11:46:40 ----A---- C:\WINDOWS\SYSWOW64\easwrt.dll
2014-04-24 11:46:40 ----A---- C:\WINDOWS\SYSWOW64\dfrgui.exe
2014-04-24 11:46:40 ----A---- C:\WINDOWS\system32\winsku.dll
2014-04-24 11:46:40 ----A---- C:\WINDOWS\system32\vdsdyn.dll
2014-04-24 11:46:38 ----A---- C:\WINDOWS\system32\LockScreenContentHost.dll
2014-04-24 11:46:38 ----A---- C:\WINDOWS\system32\Defrag.exe
2014-04-24 11:46:38 ----A---- C:\WINDOWS\system32\AepRoam.dll
2014-04-24 11:46:36 ----A---- C:\WINDOWS\system32\themecpl.dll
2014-04-24 11:46:35 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2014-04-24 11:46:32 ----A---- C:\WINDOWS\SYSWOW64\diskpart.exe
2014-04-24 11:46:30 ----A---- C:\WINDOWS\SYSWOW64\cscript.exe
2014-04-24 11:46:28 ----A---- C:\WINDOWS\SYSWOW64\sxshared.dll
2014-04-24 11:46:28 ----A---- C:\WINDOWS\SYSWOW64\msshooks.dll
2014-04-24 11:46:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2014-04-24 11:46:27 ----A---- C:\WINDOWS\SYSWOW64\ConfigureExpandedStorage.dll
2014-04-24 11:46:26 ----A---- C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-04-24 11:46:23 ----A---- C:\WINDOWS\system32\scavengeui.dll
2014-04-24 11:46:17 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-04-24 11:46:16 ----A---- C:\WINDOWS\system32\wincorlib.dll
2014-04-24 11:46:12 ----AH---- C:\WINDOWS\SYSWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-24 11:46:07 ----A---- C:\WINDOWS\SYSWOW64\setupugc.exe
2014-04-24 11:46:06 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2014-04-24 11:45:51 ----A---- C:\WINDOWS\system32\BulkOperationHost.exe
2014-04-24 11:45:50 ----A---- C:\WINDOWS\SYSWOW64\UXInit.dll
2014-04-24 11:45:47 ----A---- C:\WINDOWS\system32\syncui.dll
2014-04-24 11:45:46 ----A---- C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-04-24 11:45:43 ----A---- C:\WINDOWS\SYSWOW64\finger.exe
2014-04-24 11:45:43 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2014-04-24 11:45:41 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncPolicy.dll
2014-04-24 11:45:41 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2014-04-24 11:45:40 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2014-04-24 11:45:39 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2014-04-24 11:45:38 ----A---- C:\WINDOWS\system32\ocsetapi.dll
2014-04-24 11:45:35 ----A---- C:\WINDOWS\system32\StorageContextHandler.dll
2014-04-24 11:45:34 ----AH---- C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-24 11:45:34 ----A---- C:\WINDOWS\SYSWOW64\ocsetapi.dll
2014-04-24 11:45:34 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2014-04-24 11:45:34 ----A---- C:\WINDOWS\system32\aitagent.exe
2014-04-24 11:45:33 ----A---- C:\WINDOWS\system32\dataclen.dll
2014-04-24 11:45:28 ----A---- C:\WINDOWS\SYSWOW64\korwbrkr.dll
2014-04-24 11:45:25 ----AH---- C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-24 11:45:24 ----AH---- C:\WINDOWS\SYSWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-24 11:45:22 ----A---- C:\WINDOWS\system32\shsetup.dll
2014-04-24 11:45:16 ----A---- C:\WINDOWS\SYSWOW64\dataclen.dll
2014-04-24 11:45:15 ----A---- C:\WINDOWS\system32\shimeng.dll
2014-04-24 11:45:15 ----A---- C:\WINDOWS\system32\fhsvcctl.dll
2014-04-24 11:45:14 ----AH---- C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-24 11:45:14 ----A---- C:\WINDOWS\system32\lpksetupproxyserv.dll
2014-04-24 11:45:14 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-04-24 11:45:13 ----AH---- C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-24 11:45:13 ----A---- C:\WINDOWS\system32\dxmasf.dll
2014-04-24 11:45:12 ----AH---- C:\WINDOWS\SYSWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-24 11:45:12 ----A---- C:\WINDOWS\system32\winbici.dll
2014-04-24 11:45:10 ----AH---- C:\WINDOWS\SYSWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-24 11:45:10 ----A---- C:\WINDOWS\system32\occache.dll
2014-04-24 11:45:09 ----AH---- C:\WINDOWS\SYSWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-04-24 11:45:09 ----A---- C:\WINDOWS\SYSWOW64\occache.dll
2014-04-24 11:45:09 ----A---- C:\WINDOWS\system32\fveskybackup.dll
2014-04-24 11:45:09 ----A---- C:\WINDOWS\system32\finger.exe
2014-04-24 11:45:08 ----A---- C:\WINDOWS\SYSWOW64\f3ahvoas.dll
2014-04-24 11:45:02 ----A---- C:\WINDOWS\system32\srms.dat
2014-04-24 09:27:34 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-04-24 09:27:30 ----A---- C:\WINDOWS\system32\msrating.dll
2014-04-24 09:16:50 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-04-24 09:16:25 ----A---- C:\WINDOWS\system32\mfps.dll
2014-04-24 09:16:12 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-24 09:16:12 ----A---- C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-24 09:16:12 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-04-24 09:16:11 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-04-24 09:16:11 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-04-24 09:16:11 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-04-24 09:16:10 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-04-24 09:16:10 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-04-24 09:16:10 ----A---- C:\WINDOWS\system32\iernonce.dll

======List of files/folders modified in the last 1 month======

2014-05-19 08:11:13 ----D---- C:\WINDOWS\Prefetch
2014-05-19 08:11:06 ----RD---- C:\Program Files
2014-05-19 08:07:23 ----D---- C:\WINDOWS\Temp
2014-05-19 08:04:24 ----D---- C:\ProgramData\MFAData
2014-05-19 08:00:02 ----D---- C:\ProgramData\LogMeIn
2014-05-19 08:00:00 ----D---- C:\WINDOWS\system32\sru
2014-05-19 06:18:26 ----D---- C:\Windows
2014-05-19 06:17:52 ----SD---- C:\System Volume Information
2014-05-19 05:14:56 ----D---- C:\WINDOWS\Microsoft.NET
2014-05-18 11:33:51 ----D---- C:\Program Files (x86)\Dell Backup and Recovery
2014-05-18 11:32:23 ----D---- C:\Users\Amy\AppData\Roaming\Dropbox
2014-05-18 11:29:31 ----RD---- C:\WINDOWS\System32
2014-05-17 09:54:54 ----D---- C:\WINDOWS\Inf
2014-05-17 09:54:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-17 09:50:31 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-05-16 11:39:30 ----HD---- C:\ProgramData
2014-05-16 07:56:45 ----D---- C:\WINDOWS\SysWOW64
2014-05-16 07:36:56 ----D---- C:\WINDOWS\system32\config
2014-05-16 07:02:25 ----D---- C:\WINDOWS\system32\drivers
2014-05-16 06:36:40 ----D---- C:\WINDOWS\system32\drivers\etc
2014-05-14 10:29:46 ----D---- C:\WINDOWS\WinSxS
2014-05-14 09:58:08 ----RD---- C:\WINDOWS\assembly
2014-05-14 09:54:02 ----D---- C:\WINDOWS\rescache
2014-05-14 09:26:35 ----D---- C:\WINDOWS\AppReadiness
2014-05-14 09:26:35 ----D---- C:\Program Files\WindowsApps
2014-05-14 09:11:26 ----D---- C:\Program Files\Windows Defender
2014-05-14 09:11:25 ----RD---- C:\WINDOWS\ToastData
2014-05-14 09:11:25 ----D---- C:\WINDOWS\WinStore
2014-05-14 09:11:25 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-05-14 09:11:25 ----D---- C:\WINDOWS\system32\en-US
2014-05-14 09:11:25 ----D---- C:\Program Files (x86)\Windows Defender
2014-05-14 09:08:58 ----SHD---- C:\WINDOWS\Installer
2014-05-14 09:08:57 ----D---- C:\ProgramData\Microsoft Help
2014-05-14 09:08:48 ----D---- C:\WINDOWS\CbsTemp
2014-05-14 09:08:45 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2014-05-14 09:05:24 ----D---- C:\Program Files (x86)\Common Files
2014-05-14 09:03:17 ----D---- C:\WINDOWS\apppatch
2014-05-14 09:03:14 ----D---- C:\WINDOWS\system32\MRT
2014-05-14 08:59:13 ----A---- C:\WINDOWS\system32\MRT.exe
2014-05-14 08:47:34 ----D---- C:\WINDOWS\system32\catroot2
2014-05-13 11:57:22 ----D---- C:\Program Files (x86)\Internet Explorer
2014-05-11 18:47:55 ----D---- C:\WINDOWS\system32\NDF
2014-05-10 12:36:11 ----D---- C:\WINDOWS\debug
2014-05-10 12:28:58 ----RD---- C:\Program Files (x86)
2014-05-10 12:28:48 ----D---- C:\Program Files (x86)\Google
2014-05-10 12:20:45 ----D---- C:\WINDOWS\SoftwareDistribution
2014-05-10 11:33:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-07 19:17:20 ----DC---- C:\WINDOWS\Panther
2014-05-07 19:17:18 ----D---- C:\WINDOWS\Minidump
2014-05-06 18:09:43 ----D---- C:\WINDOWS\Tasks
2014-05-06 18:09:43 ----D---- C:\WINDOWS\system32\Tasks
2014-05-06 18:08:57 ----SD---- C:\ProgramData\Microsoft
2014-05-06 18:08:57 ----D---- C:\Program Files (x86)\Microsoft
2014-05-06 17:33:03 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-05 13:28:23 ----D---- C:\ProgramData\CanonIJPLM
2014-05-03 09:08:57 ----D---- C:\WINDOWS\system32\DriverStore
2014-05-01 10:30:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-04-30 11:29:10 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-04-30 11:29:08 ----D---- C:\Program Files\MozyHome
2014-04-29 14:25:13 ----D---- C:\Users\Amy\AppData\Roaming\Mozilla
2014-04-29 11:24:59 ----D---- C:\ProgramData\Apple
2014-04-26 05:04:25 ----D---- C:\WINDOWS\Logs
2014-04-26 04:42:56 ----D---- C:\WINDOWS\system32\wbem
2014-04-26 04:42:56 ----D---- C:\WINDOWS\system32\setup
2014-04-26 04:42:48 ----D---- C:\Program Files\Internet Explorer
2014-04-26 04:42:47 ----D---- C:\WINDOWS\system32\drivers\en-US
2014-04-26 04:42:36 ----D---- C:\Program Files\Windows Portable Devices
2014-04-26 04:42:36 ----D---- C:\Program Files\Windows Multimedia Platform
2014-04-26 04:42:36 ----D---- C:\Program Files\Windows Media Player
2014-04-26 04:42:36 ----D---- C:\Program Files (x86)\Windows Portable Devices
2014-04-26 04:42:36 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2014-04-26 04:42:36 ----D---- C:\Program Files (x86)\Windows Media Player
2014-04-26 04:42:35 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-04-26 04:42:35 ----D---- C:\WINDOWS\SYSWOW64\Dism
2014-04-26 04:42:35 ----D---- C:\WINDOWS\servicing
2014-04-26 04:42:35 ----D---- C:\WINDOWS\MediaViewer
2014-04-26 04:42:34 ----D---- C:\WINDOWS\SYSWOW64\wbem
2014-04-26 04:42:34 ----D---- C:\WINDOWS\SYSWOW64\oobe
2014-04-26 04:42:32 ----D---- C:\WINDOWS\en-US
2014-04-26 04:42:27 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-04-26 04:42:26 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2014-04-26 04:42:26 ----D---- C:\WINDOWS\system32\sk-SK
2014-04-26 04:42:26 ----D---- C:\WINDOWS\system32\lv-LV
2014-04-26 04:42:26 ----D---- C:\WINDOWS\system32\ko-KR
2014-04-26 04:42:26 ----D---- C:\WINDOWS\system32\hr-HR
2014-04-26 04:42:26 ----D---- C:\WINDOWS\system32\et-EE
2014-04-26 04:42:26 ----D---- C:\WINDOWS\system32\da-DK
2014-04-26 04:42:26 ----D---- C:\WINDOWS\PolicyDefinitions
2014-04-26 04:42:25 ----D---- C:\WINDOWS\system32\Sysprep
2014-04-26 04:42:25 ----D---- C:\WINDOWS\system32\oobe
2014-04-26 04:42:25 ----D---- C:\WINDOWS\system32\migration
2014-04-26 04:42:25 ----D---- C:\WINDOWS\system32\it-IT
2014-04-26 04:42:25 ----D---- C:\WINDOWS\system32\en-GB
2014-04-26 04:42:25 ----D---- C:\WINDOWS\system32\el-GR
2014-04-26 04:42:25 ----D---- C:\WINDOWS\system32\de-DE
2014-04-26 04:42:24 ----D---- C:\WINDOWS\system32\zh-CN
2014-04-26 04:42:24 ----D---- C:\WINDOWS\system32\sv-SE
2014-04-26 04:42:24 ----D---- C:\WINDOWS\system32\ru-RU
2014-04-26 04:42:24 ----D---- C:\WINDOWS\system32\pt-PT
2014-04-26 04:42:24 ----D---- C:\WINDOWS\system32\hu-HU
2014-04-26 04:42:24 ----D---- C:\WINDOWS\system32\he-IL
2014-04-26 04:42:24 ----D---- C:\WINDOWS\system32\fr-FR
2014-04-26 04:42:24 ----D---- C:\WINDOWS\system32\fi-FI
2014-04-26 04:42:24 ----D---- C:\WINDOWS\system32\cs-CZ
2014-04-26 04:42:23 ----D---- C:\WINDOWS\system32\zh-TW
2014-04-26 04:42:23 ----D---- C:\WINDOWS\system32\zh-HK
2014-04-26 04:42:23 ----D---- C:\WINDOWS\system32\uk-UA
2014-04-26 04:42:23 ----D---- C:\WINDOWS\system32\tr-TR
2014-04-26 04:42:23 ----D---- C:\WINDOWS\system32\th-TH
2014-04-26 04:42:23 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2014-04-26 04:42:23 ----D---- C:\WINDOWS\system32\sl-SI
2014-04-26 04:42:23 ----D---- C:\WINDOWS\system32\ro-RO
2014-04-26 04:42:23 ----D---- C:\WINDOWS\system32\pl-PL
2014-04-26 04:42:23 ----D---- C:\WINDOWS\system32\ja-JP
2014-04-26 04:42:23 ----D---- C:\WINDOWS\system32\es-ES
2014-04-26 04:42:23 ----D---- C:\WINDOWS\system32\bg-BG
2014-04-26 04:42:22 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2014-04-26 04:42:22 ----D---- C:\WINDOWS\system32\pt-BR
2014-04-26 04:42:22 ----D---- C:\WINDOWS\system32\nl-NL
2014-04-26 04:42:22 ----D---- C:\WINDOWS\system32\nb-NO
2014-04-26 04:42:22 ----D---- C:\WINDOWS\system32\migwiz
2014-04-26 04:42:22 ----D---- C:\WINDOWS\system32\lt-LT
2014-04-26 04:42:22 ----D---- C:\WINDOWS\system32\Dism
2014-04-26 04:42:22 ----D---- C:\WINDOWS\system32\Boot
2014-04-26 04:42:22 ----D---- C:\WINDOWS\system32\ar-SA
2014-04-26 04:42:14 ----RSD---- C:\WINDOWS\Fonts
2014-04-26 04:42:14 ----D---- C:\WINDOWS\Camera
2014-04-26 04:42:13 ----D---- C:\WINDOWS\FileManager
2014-04-26 04:41:57 ----D---- C:\WINDOWS\system32\drivers\UMDF
2014-04-26 04:41:04 ----D---- C:\WINDOWS\addins
2014-04-24 21:14:38 ----D---- C:\ProgramData\Temp
2014-04-24 14:20:51 ----SH---- C:\WINDOWS\system32\desktop.ini
2014-04-24 09:01:55 ----D---- C:\WINDOWS\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\WINDOWS\System32\drivers\ACPI.sys [2014-02-22 539992]
R0 acpiex;Microsoft ACPIEx Driver; C:\WINDOWS\System32\Drivers\acpiex.sys [2013-08-22 79712]
R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2014-03-27 192792]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2014-03-27 324376]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2014-03-31 130840]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2014-03-27 32536]
R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\WINDOWS\System32\drivers\CLFS.sys [2014-03-19 376152]
R0 CNG;CNG; C:\WINDOWS\System32\Drivers\cng.sys [2014-03-08 565536]
R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\WINDOWS\System32\drivers\disk.sys [2013-08-22 100192]
R0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\WINDOWS\System32\drivers\EhStorClass.sys [2013-08-22 82784]
R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\WINDOWS\System32\drivers\fileinfo.sys [2014-02-22 79192]
R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\WINDOWS\system32\drivers\fltmgr.sys [2014-02-22 360792]
R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\WINDOWS\System32\DRIVERS\fvevol.sys [2014-02-22 590168]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-10-26 651832]
R0 intelpep;@intelpep.inf,%INTELPEP.SVCDESC%;Intel® Power Engine Plug-in Driver; C:\WINDOWS\System32\drivers\intelpep.sys [2014-03-31 39768]
R0 KSecDD;KSecDD; C:\WINDOWS\System32\Drivers\ksecdd.sys [2013-11-13 101208]
R0 KSecPkg;KSecPkg; C:\WINDOWS\System32\Drivers\ksecpkg.sys [2014-03-08 180056]
R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\WINDOWS\System32\drivers\mountmgr.sys [2013-08-22 101728]
R0 msisadrv;msisadrv; C:\WINDOWS\System32\drivers\msisadrv.sys [2013-08-22 17248]
R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\WINDOWS\System32\Drivers\mup.sys [2013-08-22 78688]
R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\WINDOWS\system32\drivers\ndis.sys [2014-02-22 1118552]
R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\WINDOWS\System32\drivers\partmgr.sys [2013-08-22 88928]
R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus Driver; C:\WINDOWS\System32\drivers\pci.sys [2014-02-22 280920]
R0 pcw;Performance Counters for Windows Driver; C:\WINDOWS\System32\drivers\pcw.sys [2013-08-22 50016]
R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\WINDOWS\system32\drivers\pdc.sys [2014-03-31 86872]
R0 rdyboost;ReadyBoost; C:\WINDOWS\System32\drivers\rdyboost.sys [2014-02-22 249688]
R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\WINDOWS\System32\drivers\spaceport.sys [2014-02-22 384856]
R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\WINDOWS\System32\drivers\tcpip.sys [2014-03-04 2519384]
R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\WINDOWS\System32\drivers\vdrvroot.sys [2013-08-22 37728]
R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\WINDOWS\System32\drivers\volmgr.sys [2013-08-22 73568]
R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\WINDOWS\System32\drivers\volmgrx.sys [2013-08-22 377696]
R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\WINDOWS\System32\drivers\volsnap.sys [2014-02-22 311640]
R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\WINDOWS\system32\drivers\afd.sys [2013-08-22 567296]
R1 ahcache;@%systemroot%\system32\drivers\ahcache.sys,-102; C:\WINDOWS\system32\DRIVERS\ahcache.sys [2013-08-22 76800]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2014-03-27 153368]
R1 Avgfwfd;@oem1.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2014-04-18 237336]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2014-03-27 236824]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2014-03-31 274712]
R1 BasicDisplay;BasicDisplay; C:\WINDOWS\System32\drivers\BasicDisplay.sys [2013-08-22 50688]
R1 BasicRender;BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [2014-02-22 33280]
R1 Beep;Beep; C:\WINDOWS\system32\drivers\Beep.sys [2013-08-22 7680]
R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\WINDOWS\System32\drivers\cdrom.sys [2013-08-21 164352]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\WINDOWS\System32\Drivers\dfsc.sys [2014-03-05 134144]
R1 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2012-11-29 11552]
R1 mozyFilter;mozyFilter; C:\WINDOWS\system32\DRIVERS\mozy.sys [2013-05-21 67808]
R1 Msfs;Msfs; C:\WINDOWS\system32\drivers\Msfs.sys [2013-08-22 30208]
R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\WINDOWS\System32\drivers\mssmbios.sys [2013-08-22 37728]
R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\WINDOWS\system32\DRIVERS\netbios.sys [2013-08-22 48128]
R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\WINDOWS\System32\DRIVERS\netbt.sys [2013-08-22 282624]
R1 Npfs;Npfs; C:\WINDOWS\system32\drivers\Npfs.sys [2013-08-22 58880]
R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\WINDOWS\System32\drivers\npsvctrig.sys [2013-08-22 23040]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\WINDOWS\system32\drivers\nsiproxy.sys [2013-08-22 39936]
R1 Null;Null; C:\WINDOWS\system32\drivers\Null.sys [2013-08-22 5632]
R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\WINDOWS\system32\DRIVERS\pacer.sys [2013-08-22 151552]
R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\WINDOWS\system32\DRIVERS\rdbss.sys [2014-03-31 408576]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\WINDOWS\system32\DRIVERS\tdx.sys [2013-08-22 107520]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\WINDOWS\system32\DRIVERS\lltdio.sys [2013-08-22 59392]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2013-05-30 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2012-11-29 72216]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\WINDOWS\system32\drivers\luafv.sys [2014-02-22 124416]
R2 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys [2014-03-05 283648]
R2 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\WINDOWS\system32\DRIVERS\nwifi.sys [2014-03-05 443392]
R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\WINDOWS\system32\drivers\Ndu.sys [2013-08-22 103424]
R2 PEAUTH;PEAUTH; C:\WINDOWS\system32\drivers\peauth.sys [2014-02-22 663040]
R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2013-08-22 80384]
R2 secdrv;Security Driver; C:\WINDOWS\system32\drivers\secdrv.sys [2013-08-22 23040]
R2 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\WINDOWS\System32\DRIVERS\srv.sys [2013-11-13 454656]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\WINDOWS\System32\drivers\tcpipreg.sys [2014-03-05 49152]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\WINDOWS\system32\DRIVERS\bowser.sys [2013-08-22 102912]
R3 BTATH_HCRP;@oem21.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-08-08 178840]
R3 BTATH_RCP;@oem24.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-08-08 135832]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2013-11-07 591464]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2013-08-22 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\WINDOWS\System32\drivers\circlass.sys [2013-08-22 44032]
R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\WINDOWS\System32\drivers\CompositeBus.sys [2013-08-22 36352]
R3 condrv;Console Driver; C:\WINDOWS\System32\drivers\condrv.sys [2013-08-22 43008]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\WINDOWS\System32\drivers\dxgkrnl.sys [2014-03-06 1557848]
R3 fastfat;FAT12/16/32 File System Driver; C:\WINDOWS\system32\drivers\fastfat.sys [2013-08-22 217952]
R3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\WINDOWS\System32\drivers\fdc.sys [2013-08-22 30720]
R3 FintekCIR;@oem80.inf,%FintekCIR.SVCDESC%;Fintek eHome Transceiver; C:\WINDOWS\system32\DRIVERS\FintekCIR.sys [2012-06-07 33128]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\drivers\HDAudBus.sys [2013-08-22 78336]
R3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\WINDOWS\System32\drivers\hidir.sys [2013-08-22 45568]
R3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\WINDOWS\System32\drivers\hidusb.sys [2014-03-05 33280]
R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\WINDOWS\system32\drivers\HTTP.sys [2014-01-28 994136]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-25 4221440]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-30 4072080]
R3 IntcDAud;@oem10.inf,%IntcDAud.SvcDesc%;Intel® Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\WINDOWS\System32\drivers\intelppm.sys [2013-08-21 98816]
R3 iwdbus;@oem133.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-26 27032]
R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver; C:\WINDOWS\System32\drivers\kbdclass.sys [2013-08-22 58208]
R3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\WINDOWS\System32\drivers\kbdhid.sys [2013-08-22 32256]
R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20); C:\WINDOWS\system32\DRIVERS\kdnic.sys [2013-08-22 19456]
R3 ksthunk;Kernel Streaming Thunks; C:\WINDOWS\system32\drivers\ksthunk.sys [2013-08-22 21248]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2014-04-03 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2014-05-19 119512]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2014-04-03 63192]
R3 MEIx64;@oem81.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service; C:\WINDOWS\System32\drivers\monitor.sys [2013-08-22 30208]
R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver; C:\WINDOWS\System32\drivers\mouclass.sys [2013-08-22 51040]
R3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\WINDOWS\System32\drivers\mouhid.sys [2013-08-22 30208]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\WINDOWS\System32\drivers\mpsdrv.sys [2013-08-22 74240]
R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [2014-03-05 402944]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys [2013-11-13 207360]
R3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\WINDOWS\System32\drivers\MTConfig.sys [2013-08-22 13312]
R3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\ndisuio.sys [2013-08-22 60416]
R3 NdisVirtualBus;@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200; C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2013-08-22 16384]
R3 Ntfs;Ntfs; C:\WINDOWS\system32\drivers\Ntfs.sys [2014-03-19 2013016]
R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\WINDOWS\System32\drivers\rdpbus.sys [2013-08-22 22528]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\WINDOWS\System32\drivers\rdpvideominiport.sys [2013-11-13 27488]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-01-27 167424]
R3 RSPCIESTOR;@oem82.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2012-06-13 339600]
R3 Serenum;@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\WINDOWS\System32\drivers\serenum.sys [2013-08-22 23040]
R3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\WINDOWS\System32\drivers\serial.sys [2013-08-22 83456]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\WINDOWS\System32\DRIVERS\srv2.sys [2014-03-05 679424]
R3 srvnet;srvnet; C:\WINDOWS\System32\DRIVERS\srvnet.sys [2014-03-05 245760]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2013-08-22 11776]
R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\WINDOWS\System32\drivers\swenum.sys [2013-08-22 14176]
R3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunnel.sys [2013-08-22 154112]
R3 UCX01000;USB Controller Extension; C:\WINDOWS\System32\drivers\ucx01000.sys [2014-02-22 189784]
R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\WINDOWS\System32\drivers\umbus.sys [2013-08-22 46080]
R3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver; C:\WINDOWS\System32\drivers\umpass.sys [2013-08-22 11776]
R3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\drivers\usbccgp.sys [2013-11-13 155480]
R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\drivers\usbehci.sys [2013-08-22 89952]
R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\drivers\usbhub.sys [2013-08-22 422240]
R3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\WINDOWS\System32\drivers\UsbHub3.sys [2014-03-08 467800]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\WINDOWS\System32\drivers\USBXHCI.SYS [2014-02-22 325464]
R3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\WINDOWS\System32\drivers\vwifibus.sys [2013-08-22 24576]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
R4 cdfs;CD/DVD File System Reader; C:\WINDOWS\system32\DRIVERS\cdfs.sys [2013-08-22 88576]
S0 3ware;3ware; C:\WINDOWS\System32\drivers\3ware.sys [2013-08-22 108896]
S0 ADP80XX;ADP80XX; C:\WINDOWS\System32\drivers\ADP80XX.SYS [2013-08-22 782176]
S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\WINDOWS\System32\drivers\agp440.sys [2013-08-22 62304]
S0 amdsata;amdsata; C:\WINDOWS\System32\drivers\amdsata.sys [2013-08-22 79200]
S0 amdsbs;amdsbs; C:\WINDOWS\System32\drivers\amdsbs.sys [2013-08-22 259424]
S0 amdxata;amdxata; C:\WINDOWS\System32\drivers\amdxata.sys [2013-08-22 25952]
S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver; C:\WINDOWS\System32\drivers\arcsas.sys [2013-08-22 114016]
S0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\WINDOWS\System32\drivers\atapi.sys [2013-08-22 26464]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S0 b06bdrv;@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD; C:\WINDOWS\System32\drivers\bxvbda.sys [2013-08-22 531296]
S0 ebdrv;@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD; C:\WINDOWS\System32\drivers\evbda.sys [2013-08-22 3357024]
S0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys [2013-08-22 114016]
S0 gagp30kx;@machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\WINDOWS\System32\drivers\gagp30kx.sys [2013-08-22 65888]
S0 HpSAMD;HpSAMD; C:\WINDOWS\System32\drivers\HpSAMD.sys [2013-08-22 64352]
S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\WINDOWS\System32\drivers\hwpolicy.sys [2013-08-22 24416]
S0 iaStorAV;@iastorav.inf,%iaStorAV.DeviceDesc%;Intel® SATA RAID Controller Windows; C:\WINDOWS\System32\drivers\iaStorAV.sys [2013-08-09 651248]
S0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\WINDOWS\System32\drivers\iaStorV.sys [2013-08-22 412000]
S0 intelide;intelide; C:\WINDOWS\System32\drivers\intelide.sys [2013-08-22 18272]
S0 isapnp;isapnp; C:\WINDOWS\System32\drivers\isapnp.sys [2013-08-22 21856]
S0 LSI_SAS;LSI_SAS; C:\WINDOWS\System32\drivers\lsi_sas.sys [2013-08-22 109408]
S0 LSI_SAS2;LSI_SAS2; C:\WINDOWS\System32\drivers\lsi_sas2.sys [2013-08-22 93536]
S0 LSI_SAS3;LSI_SAS3; C:\WINDOWS\System32\drivers\lsi_sas3.sys [2013-08-22 81760]
S0 LSI_SSS;LSI_SSS; C:\WINDOWS\System32\drivers\lsi_sss.sys [2013-08-22 82784]
S0 megasas;megasas; C:\WINDOWS\System32\drivers\megasas.sys [2013-08-22 56672]
S0 megasr;megasr; C:\WINDOWS\System32\drivers\megasr.sys [2013-08-22 575840]
S0 mvumis;mvumis; C:\WINDOWS\System32\drivers\mvumis.sys [2013-08-22 63840]
S0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\System32\drivers\nv_agp.sys [2013-08-22 124768]
S0 nvraid;nvraid; C:\WINDOWS\System32\drivers\nvraid.sys [2013-08-22 150368]
S0 nvstor;nvstor; C:\WINDOWS\System32\drivers\nvstor.sys [2013-08-22 168288]
S0 pciide;pciide; C:\WINDOWS\System32\drivers\pciide.sys [2013-08-22 14688]
S0 pcmcia;pcmcia; C:\WINDOWS\System32\drivers\pcmcia.sys [2013-08-22 114528]
S0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\WINDOWS\System32\drivers\sbp2port.sys [2013-08-22 107872]
S0 SiSRaid2;SiSRaid2; C:\WINDOWS\System32\drivers\SiSRaid2.sys [2013-08-22 44896]
S0 SiSRaid4;SiSRaid4; C:\WINDOWS\System32\drivers\sisraid4.sys [2013-08-22 81760]
S0 stexstor;stexstor; C:\WINDOWS\System32\drivers\stexstor.sys [2013-08-22 31072]
S0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\WINDOWS\System32\drivers\storahci.sys [2013-08-22 107872]
S0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\WINDOWS\system32\DRIVERS\vmstorfl.sys [2013-08-22 49984]
S0 stornvme;@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver; C:\WINDOWS\System32\drivers\stornvme.sys [2013-11-13 57176]
S0 storvsc;storvsc; C:\WINDOWS\System32\drivers\storvsc.sys [2013-08-22 45888]
S0 uagp35;@machine.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter; C:\WINDOWS\System32\drivers\uagp35.sys [2013-08-22 64864]
S0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\WINDOWS\System32\drivers\uliagpkx.sys [2013-08-22 65888]
S0 viaide;viaide; C:\WINDOWS\System32\drivers\viaide.sys [2013-08-22 19808]
S0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\WINDOWS\System32\drivers\vmbus.sys [2013-08-22 97088]
S0 vsmraid;vsmraid; C:\WINDOWS\System32\drivers\vsmraid.sys [2013-08-22 168800]
S0 VSTXRAID;@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver; C:\WINDOWS\System32\drivers\vstxraid.sys [2013-08-22 305504]
S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\WINDOWS\system32\drivers\dam.sys [2013-08-22 57696]
S3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\WINDOWS\System32\drivers\1394ohci.sys [2013-08-22 231424]
S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\WINDOWS\System32\drivers\acpipagr.sys [2013-08-22 10240]
S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\WINDOWS\System32\drivers\acpipmi.sys [2013-08-22 12288]
S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\WINDOWS\System32\drivers\acpitime.sys [2013-08-22 10752]
S3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\WINDOWS\System32\drivers\amdk8.sys [2013-08-21 95744]
S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\WINDOWS\System32\drivers\amdppm.sys [2013-08-21 98816]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\WINDOWS\system32\drivers\appid.sys [2013-11-13 83456]
S3 AthBTPort;@oem19.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-08-08 88728]
S3 bcmfn2;@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service; C:\WINDOWS\System32\drivers\bcmfn2.sys [2013-08-12 17624]
S3 BTATH_A2DP;@oem18.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-08-08 344216]
S3 btath_avdt;@oem18.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-08-08 114840]
S3 BTATH_LWFLT;@oem117.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-08-08 76952]
S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2013-08-22 57856]
S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]
S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver; C:\WINDOWS\System32\drivers\bthmodem.sys [2013-08-22 63488]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-01-31 1200640]
S3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\System32\drivers\CmBatt.sys [2013-08-22 25472]
S3 DellRbtn;Airplane Mode Switch; C:\WINDOWS\System32\drivers\DellRbtn.sys [2012-08-04 10752]
S3 dg_ssudbus;@oem135.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dmvsc;dmvsc; C:\WINDOWS\System32\drivers\dmvsc.sys [2013-08-22 29696]
S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\WINDOWS\system32\drivers\drmkaud.sys [2013-08-22 14560]
S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\WINDOWS\System32\drivers\errdev.sys [2013-08-22 10240]
S3 exfat;exFAT File System Driver; C:\WINDOWS\system32\drivers\exfat.sys [2013-08-22 200704]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\WINDOWS\system32\drivers\filetrace.sys [2013-08-22 34816]
S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\WINDOWS\System32\drivers\flpydisk.sys [2013-08-22 25088]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\WINDOWS\System32\drivers\FsDepends.sys [2013-08-22 56672]
S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\WINDOWS\System32\drivers\fxppm.sys [2013-08-21 27136]
S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter; C:\WINDOWS\System32\drivers\vmgencounter.sys [2013-08-22 11264]
S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\WINDOWS\System32\Drivers\msgpioclx.sys [2014-02-22 146776]
S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\WINDOWS\System32\drivers\HidBatt.sys [2013-08-22 26624]
S3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\WINDOWS\System32\drivers\hidbth.sys [2013-08-22 96768]
S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\WINDOWS\System32\drivers\hidi2c.sys [2013-08-22 41472]
S3 hyperkbd;hyperkbd; C:\WINDOWS\System32\drivers\hyperkbd.sys [2013-08-22 13824]
S3 HyperVideo;HyperVideo; C:\WINDOWS\system32\DRIVERS\HyperVideo.sys [2013-08-22 22016]
S3 i8042prt;@keyboard.inf,%i8042prt.SvcDesc%;i8042 Keyboard and PS/2 Mouse Port Driver; C:\WINDOWS\System32\drivers\i8042prt.sys [2013-08-22 107520]
S3 iaLPSSi_GPIO;@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel® Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2013-07-30 24568]
S3 iaLPSSi_I2C;@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel® Serial IO I2C Controller Driver; C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2013-07-25 99320]
S3 intaud_WaveExtensible;@oem132.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-26 38296]
S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys [2013-08-22 84992]
S3 IPMIDRV;IPMIDRV; C:\WINDOWS\System32\drivers\IPMIDrv.sys [2014-03-05 79360]
S3 IPNAT;IP Network Address Translator; C:\WINDOWS\System32\drivers\ipnat.sys [2014-03-31 142848]
S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\WINDOWS\system32\drivers\irenum.sys [2013-08-22 17920]
S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\WINDOWS\System32\drivers\msiscsi.sys [2013-08-22 274784]
S3 Modem;Modem; C:\WINDOWS\system32\drivers\modem.sys [2013-08-22 40960]
S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\WINDOWS\system32\drivers\mrxdav.sys [2014-03-05 140288]
S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\WINDOWS\system32\DRIVERS\bridge.sys [2013-08-22 115712]
S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator; C:\WINDOWS\System32\drivers\msgpiowin32.sys [2013-08-22 41824]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\WINDOWS\System32\drivers\mshidkmdf.sys [2013-08-22 8192]
S3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\WINDOWS\System32\drivers\mshidumdf.sys [2013-08-22 9728]
S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy; C:\WINDOWS\system32\drivers\MSKSSRV.sys [2013-08-22 10624]
S3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\WINDOWS\system32\DRIVERS\mslldp.sys [2013-08-22 66560]
S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy; C:\WINDOWS\system32\drivers\MSPCLOCK.sys [2013-08-22 7040]
S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy; C:\WINDOWS\system32\drivers\MSPQM.sys [2013-08-22 6784]
S3 MsRPC;MsRPC; C:\WINDOWS\system32\drivers\MsRPC.sys [2013-08-22 366432]
S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2013-08-22 7936]
S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\WINDOWS\system32\DRIVERS\ndiscap.sys [2013-08-22 43008]
S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys [2013-08-22 124928]
S3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\WINDOWS\system32\DRIVERS\ndistapi.sys [2013-08-22 24576]
S3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\WINDOWS\system32\DRIVERS\ndiswan.sys [2013-08-22 220672]
S3 NdisWanLegacy;@%systemroot%\system32\rascfg.dll,-32014; C:\WINDOWS\system32\DRIVERS\ndiswan.sys [2013-08-22 220672]
S3 NDProxy;NDIS Proxy; C:\WINDOWS\system32\drivers\NDProxy.sys [2013-08-22 72192]
S3 netvsc;netvsc; C:\WINDOWS\system32\DRIVERS\netvsc63.sys [2013-08-22 87040]
S3 Parport;@msports.inf,%Parport.SVCDESC%;Parallel port driver; C:\WINDOWS\System32\drivers\parport.sys [2013-08-22 94208]
S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\WINDOWS\System32\drivers\processr.sys [2013-08-21 92160]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\WINDOWS\system32\drivers\qwavedrv.sys [2013-08-22 47104]
S3 RasAcd;Remote Access Auto Connection Driver; C:\WINDOWS\System32\DRIVERS\rasacd.sys [2013-08-22 17408]
S3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\WINDOWS\system32\DRIVERS\raspppoe.sys [2013-08-22 84992]
S3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\WINDOWS\System32\drivers\rdpdr.sys [2013-11-13 195584]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2014-02-22 924504]
S3 s3cap;s3cap; C:\WINDOWS\System32\drivers\vms3cap.sys [2013-08-22 7168]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\WINDOWS\System32\DRIVERS\scfilter.sys [2013-08-22 40960]
S3 sdbus;sdbus; C:\WINDOWS\System32\drivers\sdbus.sys [2014-02-22 236888]
S3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\WINDOWS\System32\drivers\sdstor.sys [2014-02-22 79192]
S3 SerCx;Serial UART Support Library; C:\WINDOWS\system32\drivers\SerCx.sys [2013-08-22 69472]
S3 SerCx2;Serial UART Support Library; C:\WINDOWS\system32\drivers\SerCx2.sys [2014-03-31 146776]
S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\WINDOWS\System32\drivers\sermouse.sys [2013-08-22 26112]
S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\WINDOWS\System32\drivers\sfloppy.sys [2013-08-22 17408]
S3 SpbCx;Simple Peripheral Bus Support Library; C:\WINDOWS\system32\drivers\SpbCx.sys [2013-08-22 72032]
S3 ssudmdm;@oem136.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip.sys [2014-03-04 2519384]
S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\WINDOWS\System32\drivers\terminpt.sys [2013-11-13 37216]
S3 TPM;@tpm.inf,%TPM%;TPM; C:\WINDOWS\system32\drivers\tpm.sys [2013-08-22 159584]
S3 TsUsbFlt;TsUsbFlt; C:\WINDOWS\system32\drivers\tsusbflt.sys [2013-08-22 56320]
S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\WINDOWS\System32\drivers\TsUsbGD.sys [2013-08-22 29696]
S3 UASPStor;@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver; C:\WINDOWS\System32\drivers\uaspstor.sys [2013-08-22 74080]
S3 UEFI;@uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver; C:\WINDOWS\System32\drivers\UEFI.sys [2013-08-22 26976]
S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\WINDOWS\System32\drivers\usbcir.sys [2013-08-22 98304]
S3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\drivers\usbohci.sys [2013-08-22 30208]
S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\WINDOWS\System32\drivers\usbprint.sys [2013-08-22 26112]
S3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver; C:\WINDOWS\System32\drivers\USBSTOR.SYS [2014-02-22 148824]
S3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\drivers\usbuhci.sys [2013-08-22 34816]
S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\WINDOWS\system32\drivers\VerifierExt.sys [2013-11-13 175960]
S3 vhdmp;vhdmp; C:\WINDOWS\System32\drivers\vhdmp.sys [2014-01-28 551256]
S3 VMBusHID;VMBusHID; C:\WINDOWS\System32\drivers\VMBusHID.sys [2013-08-22 21760]
S3 vpci;@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus; C:\WINDOWS\System32\drivers\vpci.sys [2013-08-22 69472]
S3 WacomPen;@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver; C:\WINDOWS\System32\drivers\wacompen.sys [2013-08-22 26752]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
S4 udfs;udfs; C:\WINDOWS\system32\DRIVERS\udfs.sys [2013-08-22 316928]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-20 65432]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2012-08-08 211072]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2014-04-03 1473280]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-04-18 3645456]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-03-27 291912]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 DcomLaunch;@combase.dll,-5012; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 Dell WMI Service;Dell WMI Service; C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe [2012-07-12 122880]
R2 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\WINDOWS\System32\lsass.exe [2013-08-22 45008]
R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 EventSystem;@comres.dll,-2450; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-09-01 14904]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2014-04-18 376144]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2014-04-18 226640]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2012-11-29 407424]
R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-04-03 1809720]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-04-03 857912]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 mozybackup;MozyHome Backup Service; C:\Program Files\MozyHome\mozybackup.exe [2013-05-21 55112]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2012-04-24 254512]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 RpcSs;@combase.dll,-5010; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2012-11-25 1914728]
R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\WINDOWS\System32\spoolsv.exe [2013-08-21 798208]
R2 stisvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R2 Wcmsvc;@%SystemRoot%\System32\wcmsvc.dll,-4097; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 Browser;@%systemroot%\system32\browser.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 NcbService;@%SystemRoot%\system32\ncbservice.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
S2 gpsvc;@gpapi.dll,-112; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-17 116648]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2013-08-22 37768]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\WINDOWS\system32\sppsvc.exe [2014-03-31 6353960]
S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\WINDOWS\System32\alg.exe [2013-08-21 92672]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 AppReadiness;@%SystemRoot%\System32\AppReadiness.dll,-1000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 AppXSvc;@%SystemRoot%\system32\appxdeploymentserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 COMSysApp;@comres.dll,-947; C:\WINDOWS\system32\dllhost.exe [2013-08-22 19296]
S3 cphs;Intel® Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-25 279000]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 Eaphost;@%systemroot%\system32\eapsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\WINDOWS\system32\fxssvc.exe [2013-08-22 655360]
S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-02 43696]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-17 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-03-11 136120]
S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\WINDOWS\system32\IEEtwCollector.exe [2014-04-24 111616]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-21 641352]
S3 KeyIso;@keyiso.dll,-100; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
S3 KtmRm;@comres.dll,-2946; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 lfsvc;@%SystemRoot%\System32\GeofenceMonitorService.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-10 119408]
S3 MSDTC;@comres.dll,-2797; C:\WINDOWS\System32\msdtc.exe [2013-08-21 142848]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\WINDOWS\system32\msiexec.exe [2013-08-22 62464]
S3 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\WINDOWS\SysWow64\perfhost.exe [2013-08-21 21504]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 PrintNotify;@C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\WINDOWS\system32\locator.exe [2013-08-22 10240]
S3 ScDeviceEnum;@%SystemRoot%\System32\ScDeviceEnum.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 smphost;@%SystemRoot%\System32\smphost.dll,-102; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\WINDOWS\System32\snmptrap.exe [2013-08-22 14848]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\WINDOWS\servicing\TrustedInstaller.exe [2014-02-21 99840]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\WINDOWS\system32\UI0Detect.exe [2013-08-22 40960]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\WINDOWS\System32\vds.exe [2014-02-22 1283584]
S3 vmicguestinterface;@%systemroot%\system32\vmicres.dll,-801; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\WINDOWS\system32\vssvc.exe [2014-02-21 1436160]
S3 W32Time;@%SystemRoot%\system32\w32time.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\WINDOWS\system32\wbengine.exe [2014-02-22 1543680]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-08-09 139856]
S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S4 RemoteRegistry;@regsvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S4 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]

-----------------EOF-----------------
 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:03 PM

Posted 23 May 2014 - 08:57 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Make sure you have the lastest version of AdwClesner 3.210.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:03 PM

Posted 28 May 2014 - 07:47 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users