Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

trojan horse small.fht


  • This topic is locked This topic is locked
46 replies to this topic

#1 samymaarten

samymaarten

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 15 June 2015 - 10:40 AM

Hello

 

My laptop is been detected for trojan horse small.fht by AVG internet security 2015 again today on 6/15/2015

 

even though it has been scanned earlier and healed it keep coming up often in few days

 

i have installed another antivirus Avast internet security 2015 but this program does not detect small.fht

 

but avast has detected some problem in my system file svchost.exe

 

there no detection by mcirosoft security essential or microsoft removal tool

 

my avg report look like this

 

Threat : Trojan horse small.fht

 

object name : c;windows/system32/MRT.exe (804)

 

Severity : High

 

State : Secured

 

Identified by  : Scan

 

extended element information

 

trojan horse small.fht      status healed        type : process

c:\windows \system32\MRT.exe (804)

 

trojan horse small.fht      status healed        type : embedded element in the archive , email , cookies etc..

c:\windows \system32\MRT.exe (804):\memory_10670000

 

Please advise how to remove this  trojan horse small.fht as it is very severe



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:40 AM

Posted 17 June 2015 - 07:54 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Threat : Trojan horse small.fht

object name : c;windows/system32/MRT.exe (804)


Unless the file was compromised it should be good.
It's part of Microsoft malicious software removal tool.
Did you install the application?
http://www.systemlookup.com/Startup/7493-MRT_exe.html
===

It may be a false/positive issue.
Let me check further.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

#3 samymaarten

samymaarten
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 18 June 2015 - 04:14 AM

ADWCLEANER REPORT :

 

# AdwCleaner v4.206 - Logfile created 18/06/2015 at 03:09:24
# Updated 01/06/2015 by Xplode
# Database : 2015-06-17.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : sam - SAM-PC
# Running from : C:\Users\sam\Desktop\adwcleaner_4.206.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\sam\AppData\Roaming\BGMTQ
File Deleted : C:\Users\sam\AppData\Roaming\BPTOO

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
Key Deleted : HKCU\Software\Avg Secure Update
Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v38.0.5 (x86 en-US)


-\\ Google Chrome v43.0.2357.124


*************************

AdwCleaner[R6].txt - [1405 bytes] - [18/06/2015 03:06:05]
AdwCleaner[S5].txt - [1287 bytes] - [18/06/2015 03:09:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1346  bytes] ##########
 

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by sam at 2015-06-18 03:21:32
Running from C:\Users\sam\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2986117267-240792929-3407148286-500 - Administrator - Disabled)
Guest (S-1-5-21-2986117267-240792929-3407148286-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2986117267-240792929-3407148286-1002 - Limited - Enabled)
sam (S-1-5-21-2986117267-240792929-3407148286-1000 - Administrator - Enabled) => C:\Users\sam

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: AVG Internet Security 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: AVG Internet Security 2015 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
AirportMadness4 (HKLM-x32\...\AirportMadness4) (Version: 1.01 - Big Fat Simulations)
AirportMadness4 (x32 Version: 1.01 - Big Fat Simulations) Hidden
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5961 - AVG Technologies)
AVG 2015 (Version: 15.0.4360 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5961 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.518 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.518 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.518 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.5.7 - AVG Technologies)
Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden
Best Buy pc app (HKU\S-1-5-21-2986117267-240792929-3407148286-1000\...\48e4cff94f039634) (Version: 3.0.0.0 - Best Buy)
Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.04 - Broadcom Corporation)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2829.50 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.9.22 - SCS Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Gateway InfoCentre (HKLM-x32\...\Gateway InfoCentre) (Version: 3.02.3000 - Gateway Incorporated)
Gateway MyBackup (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Gateway Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Gateway Incorporated)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.03.3003 - Gateway Incorporated)
Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.0121.2010 - Gateway Incorporated)
Gateway Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 1.0.1901 - CyberLink Corp.)
Gateway Social Networks (x32 Version: 1.0.1901 - CyberLink Corp.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Gateway Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel WiMAX Tutorial (HKLM\...\{4F26C164-9373-4974-8F43-E0F2176AF937}) (Version: 1.5.3.1 - Intel Corporation)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2125 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Intel® Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{6548B189-BEA4-4041-80E0-AEB60548E046}) (Version: 2.03.0005 - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.8 - Gateway)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nymgo (HKU-x32\S-1-5-21-2986117267-240792929-3407148286-1000\...\Nymgo) (Version: 5.1.7 - Nymgo S.A.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6015 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30118 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-2986117267-240792929-3407148286-1000\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Web Camera (HKLM-x32\...\{6D9021DC-CF1B-4148-8C80-6D8E8A8A33EB}) (Version: 0.5.35.1 - SuYin)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.02.3002 - Gateway Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

12-06-2015 15:44:40 Device Driver Package Install: Avast Network Service
13-06-2015 08:54:12 Removed Skype™ 7.0
14-06-2015 02:39:48 Windows Update
17-06-2015 07:39:54 avast! antivirus system restore point
17-06-2015 07:46:30 Device Driver Package Install: Avast Network Service
17-06-2015 07:52:55 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2015-06-05 08:23 - 00000975 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1            localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05FF74C5-F504-4A30-B6DA-2C4B1B123C3B} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-05-01] (Adobe Systems Incorporated)
Task: {1FFCF230-6AC6-4BDD-924E-63FA8CE4BFE0} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-01] (Microsoft Corporation)
Task: {2030867F-FD0E-467E-B4F7-0266AFCF1AF6} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {2772E2BE-6190-4778-8807-7FCC654F0FE5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-12] (Avast Software s.r.o.)
Task: {2DC27358-6829-4642-9565-B7A4A12B65F9} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {3ADCD456-7756-4A20-812F-838FE52DCCF5} - System32\Tasks\{DD38C529-A3E5-4EE3-A1FC-6FEB6E6AE08F} => pcalua.exe -a C:\Users\sam\AppData\Roaming\webssearches\UninstallManager.exe -c  -ptid=tugs <==== ATTENTION
Task: {3B6AA1FD-E1A1-4870-AD59-94F8004713F4} - System32\Tasks\Google Update => C:\Users\sam\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {5E4844E0-B36F-4AFD-83E8-E9853E312A9E} - System32\Tasks\Opera scheduled Autoupdate 1433336326 => C:\Program Files (x86)\Opera\launcher.exe
Task: {5F2D0CAA-2875-4E26-AE6C-6530CE7D1481} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {7CFC57BE-AD6F-47AE-9969-EB0C8119BB15} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {8E1056AD-67AA-4D8B-AA77-D330689318FF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {8F13AB56-E88C-47A9-ACAC-C94D4B23E488} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-06] (Google Inc.)
Task: {952D28DB-6169-4B35-BF09-57845DEE2D65} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe [2015-06-03] (Adobe Systems Incorporated)
Task: {A04158B7-BFB8-4B58-978A-4FBF58C5D635} - System32\Tasks\{A4BE881E-EDA3-4DF8-A35D-AFC0D91B9057} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {AC4E31A5-6C8D-4921-AFDC-16A4E5B95023} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-05-15] (AVG Technologies)
Task: {BF900578-12DD-4319-99A4-190A746527D0} - System32\Tasks\UALU notificatin => C:\Program Files\Gateway\Gateway Updater\UALU.exe [2012-04-05] (Acer Incorporated)
Task: {C0317DA3-70E0-4C20-9561-8D42C615B86A} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {C677BE95-F44C-47C6-A6DC-F055A8C2E8B1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CF429CF4-3552-4188-9845-72623336D83B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {D2FD0DE9-39E4-42F6-BCB6-6F15C4F2B143} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {D9B855D9-D86E-44C8-BCA6-D71B9A27C4E3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-18] (Adobe Systems Incorporated)
Task: {DA800C1F-F73A-4D09-B8DF-4268A1D69B8D} - System32\Tasks\{EBDF3557-0C47-41FC-9EC8-00E609E739E7} => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUI.exe [2010-04-13] (Intel Corporation)
Task: {F6AC9640-3869-4051-82F3-F54B39F71AF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-06] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-15 09:57 - 2015-05-15 09:57 - 00718136 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2015-05-15 09:58 - 2015-05-15 09:58 - 00862008 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2015-06-12 15:43 - 2015-06-12 15:43 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-12 15:42 - 2015-06-12 15:42 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-18 02:28 - 2015-06-18 02:28 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15061702\algo.dll
2010-07-19 10:20 - 2009-05-20 02:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2015-01-16 12:04 - 2015-01-16 12:03 - 01686552 _____ () C:\Program Files (x86)\AVG Web TuneUp\TBAPI.dll
2015-06-12 15:43 - 2015-06-12 15:43 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2986117267-240792929-3407148286-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\sam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 203.94.227.70 - 203.94.243.70

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Acer ePower Management => C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: Facebook Update => "C:\Users\sam\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IntelWirelessWiMAX => "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: PLFSetI => C:\Windows\PLFSetI.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: VideoWebCamera => "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{94CE7B69-2876-431D-A955-98E239F1095E}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{B90EFA3A-C1A1-4F5D-95DE-8BD8BDA980FF}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{1B7C347B-3DBA-4CAC-A640-48EDE6A5EF9A}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{5402586A-EC5A-4F6E-9967-AC0C84D5372E}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{5DD89AEA-25D0-4E3D-8023-DA5D55C5226F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{8B6ABF27-0C7E-4F65-B40B-9CCB535E4579}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{9E89091F-F333-425B-97A7-277DA2CC84C0}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{2FA330EF-FB05-44C2-8D98-334F37FFEB91}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{B18C808D-3E11-49A8-A8C1-64E1C7154166}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{ADBDC91F-606F-47DA-AEE5-8B7661D33499}] => (Allow) LPort=2869
FirewallRules: [{5F00068A-B9A2-4CCD-A0E4-2CADC2710565}] => (Allow) LPort=1900
FirewallRules: [{622C27CD-1A88-423A-918F-DA5C4E6922AC}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{6571CFE0-B0CA-499B-842E-94D25A4BA959}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{FA2D0074-3BD0-4B18-8603-B57EE29894EE}] => (Allow) LPort=80
FirewallRules: [{728D62C3-4EDD-4251-9807-7C3A53FDBEF6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D3349BD1-089F-4CDF-9B3B-22078B01EABD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1DD08742-7771-4161-8E06-64702C7D0289}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{AB0527A1-0467-406A-95A0-95A2AEC2D86F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{02BC4427-16FD-4B2F-95B7-A6E63912364F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{23043650-C3C9-4E57-9EC3-098EBF41AB6A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{F17537BE-2522-4DB4-ACB3-7BA1CF3EB5E8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{984D7E68-F124-42C6-86E0-2D1D1285DF7F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{FD8BC43B-D496-43CD-94CD-799B9C0DC2AF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{AC73AC91-9072-4089-AF0C-8D44B31212CD}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{EEF1913A-EEB4-4BFF-83AA-BA668092EDFD}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{9BDD2A02-6CE6-499E-9CC5-ABA8E557CD67}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{D73E5B8F-477E-4597-B89A-05AADC5DE167}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{AFD92069-FB6E-4E39-B0A3-10A4CAB8EFD3}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{8245EB43-093E-4535-9341-F8B5F92F7E45}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{10AFDF41-7BAD-495D-BD3F-8CACFBA24AD4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{02C6F19A-A07C-486D-85BE-178A83078BEC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{6046591D-941B-47B5-91A5-152A1FBE5827}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{7F8E7386-35E8-4FC1-911C-E6813DAD82C7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: adgnetworktdi
Description: adgnetworktdi
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: adgnetworktdi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: BAPIDRV
Description: BAPIDRV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BAPIDRV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/18/2015 03:18:12 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Click-2-Run package registration failure.

Error: (06/18/2015 02:31:35 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Click-2-Run package registration failure.

Error: (06/17/2015 01:07:26 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Click-2-Run package registration failure.

Error: (06/17/2015 11:45:02 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Click-2-Run package registration failure.

Error: (06/17/2015 11:45:02 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {tid=ED4}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.7145.5001.sft' (rc 24600F0A-10000001, original rc 24600F0A-10000001).

Error: (06/17/2015 07:52:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Avast! Firewall Driver.

System Error:
The system cannot find the file specified.
.

Error: (06/17/2015 07:43:41 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Click-2-Run package registration failure.

Error: (06/17/2015 05:11:56 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Click-2-Run package registration failure.

Error: (06/17/2015 02:05:41 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Click-2-Run package registration failure.

Error: (06/16/2015 01:08:53 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Click-2-Run package registration failure.


System errors:
=============
Error: (06/18/2015 03:21:57 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (06/18/2015 03:21:40 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (06/18/2015 03:21:39 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (06/18/2015 03:21:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (06/18/2015 03:21:03 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (06/18/2015 03:20:03 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (06/18/2015 03:20:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (06/18/2015 03:15:01 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (06/18/2015 03:14:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (06/18/2015 03:13:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058


Microsoft Office:
=========================
Error: (06/18/2015 03:18:12 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Click-2-Run package registration failure.

Error: (06/18/2015 02:31:35 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Click-2-Run package registration failure.

Error: (06/17/2015 01:07:26 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Click-2-Run package registration failure.

Error: (06/17/2015 11:45:02 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Click-2-Run package registration failure.

Error: (06/17/2015 11:45:02 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {tid=ED4}
http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.7145.5001.sft24600F0A-1000000124600F0A-10000001

Error: (06/17/2015 07:52:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Avast! Firewall Driver.

System Error:
The system cannot find the file specified.

Error: (06/17/2015 07:43:41 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Click-2-Run package registration failure.

Error: (06/17/2015 05:11:56 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Click-2-Run package registration failure.

Error: (06/17/2015 02:05:41 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Click-2-Run package registration failure.

Error: (06/16/2015 01:08:53 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Click-2-Run package registration failure.


CodeIntegrity Errors:
===================================
  Date: 2015-06-17 04:16:42.664
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-17 04:16:42.398
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-17 04:16:41.915
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-17 04:16:41.634
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-17 03:20:27.964
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-17 03:20:27.683
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-17 03:20:27.387
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-17 03:20:27.184
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-15 13:08:04.972
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-15 13:08:04.590
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 46%
Total physical RAM: 3766.71 MB
Available physical RAM: 1999.13 MB
Total Pagefile: 7531.63 MB
Available Pagefile: 5375.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Gateway) (Fixed) (Total:452.66 GB) (Free:368.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8B6198A2)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.7 GB) - (Type=07 NTFS)

==================== End of log ============================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by sam (administrator) on SAM-PC on 18-06-2015 03:16:32
Running from C:\Users\sam\Desktop
Loaded Profiles: sam (Available Profiles: sam)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [908368 2010-04-08] (Dritek System Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745744 2015-05-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-05-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-12] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2986117267-240792929-3407148286-1000\...\Policies\Explorer: [NoInternetIcon] 0
HKU\S-1-5-21-2986117267-240792929-3407148286-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-12] (Avast Software s.r.o.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2986117267-240792929-3407148286-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid=%7B3AD35D25-B62B-4810-937C-54AF881CDA45%7D&mid=9ba5eb46936c47cd9f7e59e75b46935e-6e770fe101a6aeae12daefef8ade26ec10c8798a&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-01-16%2011:04:54&v=4.0.5.7&pid=wtu&sg=&sap=hp
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-12] (Avast Software s.r.o.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-12] (Avast Software s.r.o.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> No Name - {E6AE90A4-1B01-47F0-AA78-E6B122E145E9} -  No File
Toolbar: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> No Name - {813B80F0-CA12-41F2-9923-EB1ED1C5AA12} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
Tcpip\Parameters: [DhcpNameServer] 203.94.227.70 203.94.243.70

FireFox:
========
FF ProfilePath: C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\oqwyuko9.default-1417196471380
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-18] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2986117267-240792929-3407148286-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\sam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-2986117267-240792929-3407148286-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\sam\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2986117267-240792929-3407148286-1000: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Click&Clean - C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\oqwyuko9.default-1417196471380\Extensions\clickclean@hotcleaner.com [2015-06-03]
FF Extension: Remove Google Tracking - C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\oqwyuko9.default-1417196471380\Extensions\jid0-DpogclPgnN9OvqNntEBbPZxBinY@jetpack.xpi [2014-11-28]
FF Extension: Safe Preview - C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\oqwyuko9.default-1417196471380\Extensions\safepreview@everhelper.me.xpi [2014-11-28]
FF Extension: Adblock Plus - C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\oqwyuko9.default-1417196471380\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-28]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-17]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-01-17]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-01-17]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-01-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-17]
FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.9.0.21\coFFFw
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-12]

Chrome:
=======
CHR Profile: C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-06]
CHR Extension: (Adguard AdBlocker) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2015-06-17]
CHR Extension: (YouTube) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-06]
CHR Extension: (Google Search) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-06]
CHR Extension: (Google Wallet) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-06]
CHR Extension: (Gmail) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-06]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-12]
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-12] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-06-12] (Avast Software s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1522664 2015-05-18] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438544 2015-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-05-18] (AVG Technologies CZ, s.r.o.)
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [408576 2010-06-07] (Red Bend Ltd.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2967864 2015-05-15] (AVG Technologies)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44856 2015-05-15] (AVG Technologies)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36664 2015-05-15] (AVG Technologies)
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [911872 2010-06-07] (Intel® Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-12] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-06-12] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-12] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-06-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-12] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-12] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [67040 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-27] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253920 2015-05-07] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [220128 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-05-04] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [52000 2015-01-16] (AVG Technologies)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-11-24] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [146928 2010-04-28] (CyberLink Corp.)
S1 adgnetworktdi; system32\drivers\adgnetworktdi.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\system32\drivers\aswHwid.sys B5B4C90E9F52DA8586F1E5461AD90A5D
C:\Windows\system32\drivers\aswKbd.sys 2EF62E6F46345480A2946AA7D7EB28F5
C:\Windows\system32\drivers\aswMonFlt.sys 300CB8E510855189CAD0B72FFB5590CB
C:\Windows\System32\DRIVERS\aswNdisFlt.sys 81A2A421E6D7B43AA9E87A5FCB5730C3
C:\Windows\system32\drivers\aswRdr2.sys 6D37D8DB30D086739507C5F6E542656A
C:\Windows\System32\Drivers\aswRvrt.sys 07E32DFCA422A2920482D762D01957EC
C:\Windows\system32\drivers\aswSnx.sys 3B4AC2DBFC86F7247C1FF1FAF2860530
C:\Windows\system32\drivers\aswSP.sys B1368BE5F6BA529E0886F4DA2361BD2D
C:\Windows\system32\drivers\aswStm.sys 6E53278ECCFFBC2ACC2A5006745ED4BB
C:\Windows\System32\Drivers\aswVmm.sys 91782404718C6352C26B3242BAC3F0F1
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avgdiska.sys E7C8FBDCB1C079C332F962DD1C075E5E
C:\Windows\System32\DRIVERS\avgfwd6a.sys 77CFD15E9905AA1E641B6973861538EE
C:\Windows\System32\DRIVERS\avgidsdrivera.sys D5735E2268D835B97F60D8508709B0D4
C:\Windows\System32\DRIVERS\avgidsha.sys 398FEC9A9146E31E84AFB29731F4CA17
C:\Windows\System32\DRIVERS\avgldx64.sys 4FB010DEA1028ED0A26F20D2F404210F
C:\Windows\System32\DRIVERS\avgloga.sys 7EC2B7BBA7A30691D2E0D8478F219B90
C:\Windows\System32\DRIVERS\avgmfx64.sys BA60ECC498585DA1A918D424D7D07A18
C:\Windows\System32\DRIVERS\avgrkx64.sys 719EF00B1C5BED9CF5675274A4F774B9
C:\Windows\System32\DRIVERS\avgtdia.sys 5643C475C78072C36AE7D785E4CA7735
C:\Windows\system32\drivers\avgtpx64.sys BAF08BEEC204D01E6CDB47F2BCD4A5DD
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bpenum.sys F46DD257FAD7D2D097EF32E72220A06C
C:\Windows\System32\DRIVERS\bpmp.sys E82060AED0F28ED8909F2B07FA276185
C:\Windows\System32\Drivers\bpusb.sys FC6313A5A45C1AE53D0491F0057D5A4D
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys 07DA62C960DDCCC2D35836AEAB4FC578
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AF
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 1384872112E8E7FD5786ECEB8BDDF4C9
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys F4F91789C7C7A159CE8215C1F69F2A85
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Impcd.sys DD587A55390ED2295BCE6D36AD567DA9
C:\Windows\System32\drivers\RTKVHD64.sys 51C98815721B44BF70E8AEB3FF3F57D6
C:\Windows\System32\DRIVERS\IntcDAud.sys 58CF58DEE26C909BD6F977B61D246295
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\k57nd60a.sys C9B4ECC187581E5BF3F76648884B7829
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys BF69D973523D539A35807946C6DA7E16
C:\Windows\System32\Drivers\ksecpkg.sys 272C27711C8AA6E7815EE33F8ACA9C66
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbamchameleon.sys 54D70409DE6932E9EFA117779611E7A9
C:\Windows\system32\drivers\mbam.sys 1E9E32AEC3E1EB1B31B8169F33168B56
C:\Windows\system32\drivers\MBAMSwissArmy.sys E9CD058C79EA15B4AA93E259FA713B07
C:\Windows\system32\drivers\mwac.sys F49FB3C88E263AE9A246593B0BB29294
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\System32\DRIVERS\MpFilter.sys 73150F67D20270FF95A021A22E64F28A
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETw5s64.sys 18555F48844C2861D9DCE8F2B7223AE5
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys 4774AD83C650001B337B92E5E5DA337B
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\system32\drivers\NTIDrvr.sys 64DDD0DEE976302F4BD93E5EFCC2F013
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RimUsb_AMD64.sys 7B04C9843921AB1F695FB395422C5360
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys CE2EF8030932B98832EB2F9580C5B1DD
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Sftfslh.sys 21AB491BBCC8C1B26FDC402A374AB196
C:\Windows\System32\DRIVERS\Sftplaylh.sys 3B8D43FEEFF7A187534DDDFD675FE123
C:\Windows\System32\DRIVERS\Sftredirlh.sys F1D1B1DC7A8765A09D7640FBF8D20970
C:\Windows\System32\DRIVERS\Sftvollh.sys B3B9ADE7F8C4AF0C20E712E040588543
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 064A2530A4A7C7CEC1BE6A1945645BE4
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys 45427C4B8CAC6B241478F149B935CD80
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TurboB.sys 825E7A1F48FB8BCFBA27C178AAB4E275
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\system32\drivers\UBHelper.sys 2E22C1FD397A5A9FFEF55E9D1FC96C00
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\system32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl 74983ADDCA2D9618512C088D856D6615

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-18 03:16 - 2015-06-18 03:18 - 00040791 _____ C:\Users\sam\Desktop\FRST.txt
2015-06-18 03:16 - 2015-06-18 03:16 - 00000000 ____D C:\FRST
2015-06-18 03:06 - 2015-06-18 03:09 - 00000000 ____D C:\AdwCleaner
2015-06-18 03:00 - 2015-06-18 03:01 - 02109952 _____ (Farbar) C:\Users\sam\Desktop\FRST64.exe
2015-06-18 02:59 - 2015-06-18 03:00 - 02231296 _____ C:\Users\sam\Desktop\adwcleaner_4.206.exe
2015-06-17 07:43 - 2015-06-12 15:43 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-06-17 03:06 - 2015-06-17 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect
2015-06-17 03:06 - 2015-06-17 03:06 - 00000000 ____D C:\Program Files\Reason
2015-06-16 02:34 - 2015-06-17 09:21 - 00381254 _____ C:\Users\sam\Desktop\avgrep.txt
2015-06-14 09:45 - 2015-06-14 09:45 - 00000000 ____D C:\Program Files (x86)\NirSoft
2015-06-14 02:30 - 2015-06-14 02:33 - 01125056 _____ (Adobe Systems Incorporated) C:\Users\sam\Downloads\flashplayer18ppau_ha_install.exe
2015-06-14 02:21 - 2015-06-14 02:21 - 00000000 _____ C:\Windows\setuperr.log
2015-06-12 15:49 - 2015-06-12 15:49 - 00000000 ____D C:\Users\sam\AppData\Roaming\AVAST Software
2015-06-12 15:45 - 2015-06-17 07:47 - 00001989 _____ C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-06-12 15:45 - 2015-06-17 07:47 - 00001929 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-06-12 15:45 - 2015-06-12 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-12 15:44 - 2015-06-18 02:28 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-12 15:43 - 2015-06-12 15:43 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-06-12 15:43 - 2015-06-12 15:43 - 00272248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-06-12 15:43 - 2015-06-12 15:43 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-06-12 15:43 - 2015-06-12 15:43 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-06-12 15:43 - 2015-06-12 15:43 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-06-12 15:43 - 2015-06-12 15:43 - 00065736 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-06-12 15:43 - 2015-06-12 15:43 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-06-12 15:43 - 2015-06-12 15:43 - 00029168 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-06-12 15:43 - 2015-06-12 15:42 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-06-12 15:43 - 2015-06-12 15:42 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-06-12 15:42 - 2015-06-12 15:42 - 00449896 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-06-12 14:33 - 2015-06-17 11:35 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-12 14:30 - 2015-06-12 14:33 - 05471128 _____ (Avast Software s.r.o.) C:\Users\sam\Downloads\avast_internet_security_setup_online.exe
2015-06-10 06:15 - 2015-06-01 15:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 06:15 - 2015-06-01 14:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 06:15 - 2015-05-27 10:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 06:15 - 2015-05-22 23:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 06:15 - 2015-05-22 23:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 06:15 - 2015-05-22 23:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 06:15 - 2015-05-22 23:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 06:15 - 2015-05-22 23:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 06:15 - 2015-05-22 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 06:15 - 2015-05-22 23:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 06:15 - 2015-05-22 23:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 06:15 - 2015-05-22 23:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 06:15 - 2015-05-22 23:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 06:15 - 2015-05-22 23:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 06:15 - 2015-05-22 23:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 06:15 - 2015-05-22 23:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 06:15 - 2015-05-22 22:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 06:15 - 2015-05-22 22:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 06:15 - 2015-05-22 22:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 06:15 - 2015-05-22 22:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 06:15 - 2015-05-22 22:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 06:15 - 2015-05-22 22:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 06:15 - 2015-05-22 22:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 06:15 - 2015-05-22 22:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 06:15 - 2015-05-22 22:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 06:15 - 2015-05-22 22:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 06:15 - 2015-05-22 22:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 06:15 - 2015-05-22 22:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 06:15 - 2015-05-22 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 06:15 - 2015-05-22 15:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 06:15 - 2015-05-22 15:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 06:15 - 2015-05-22 15:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 06:15 - 2015-05-22 15:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 06:15 - 2015-05-22 15:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 06:15 - 2015-05-22 15:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 06:15 - 2015-05-22 14:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 06:15 - 2015-05-22 14:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 06:15 - 2015-05-22 14:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 06:15 - 2015-05-22 14:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 06:15 - 2015-05-22 14:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 06:15 - 2015-05-22 14:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 06:15 - 2015-05-22 14:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 06:15 - 2015-05-22 14:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 06:15 - 2015-05-22 14:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 06:15 - 2015-05-22 14:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 06:15 - 2015-05-22 14:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 06:15 - 2015-05-22 14:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 06:15 - 2015-05-22 14:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 06:15 - 2015-05-22 14:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 06:15 - 2015-05-22 14:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 06:15 - 2015-05-22 14:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 06:15 - 2015-05-22 14:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 06:15 - 2015-05-22 13:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 06:15 - 2015-05-22 13:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 06:15 - 2015-05-22 13:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 06:14 - 2015-05-27 10:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 06:14 - 2015-05-22 15:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 06:14 - 2015-05-22 14:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 06:14 - 2015-05-22 14:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 06:14 - 2015-05-22 13:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 05:58 - 2015-05-22 14:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 05:58 - 2015-05-22 14:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 05:58 - 2015-05-22 14:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 05:58 - 2015-05-22 14:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 05:58 - 2015-05-22 14:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 05:58 - 2015-05-22 14:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 05:58 - 2015-05-22 14:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 05:58 - 2015-05-21 09:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 05:48 - 2015-05-25 13:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 05:48 - 2015-04-29 14:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 05:48 - 2015-04-29 14:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 05:48 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 05:48 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 05:48 - 2015-04-29 14:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 05:48 - 2015-04-29 14:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 05:48 - 2015-04-29 14:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 05:48 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 05:48 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 05:48 - 2015-04-29 14:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 05:48 - 2015-04-24 14:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 05:48 - 2015-04-24 13:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-09 11:19 - 2015-06-17 08:16 - 00010990 _____ C:\Windows\PFRO.log
2015-06-09 02:41 - 2015-06-18 03:11 - 00002408 _____ C:\Windows\setupact.log
2015-06-06 14:50 - 2015-06-09 11:56 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-06 14:50 - 2015-06-09 04:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-06 14:31 - 2015-06-18 03:12 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-06 14:31 - 2015-06-18 02:36 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-06 14:31 - 2015-06-09 04:45 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-06 14:31 - 2015-06-09 04:45 - 00003646 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-06 14:30 - 2015-06-06 14:31 - 00931408 _____ (Google Inc.) C:\Users\sam\Downloads\ChromeSetup(2).exe
2015-06-06 09:00 - 2015-05-25 14:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-06 09:00 - 2015-05-25 14:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-06 09:00 - 2015-05-25 14:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-06 09:00 - 2015-05-25 14:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-06 09:00 - 2015-05-25 14:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-06 09:00 - 2015-05-25 14:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-06 09:00 - 2015-05-25 14:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-06 09:00 - 2015-05-25 14:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-06 09:00 - 2015-05-25 14:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-06 09:00 - 2015-05-25 14:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-06 09:00 - 2015-05-25 14:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-06 09:00 - 2015-05-25 14:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-06 09:00 - 2015-05-25 14:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-06 09:00 - 2015-05-25 14:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-06 09:00 - 2015-05-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-06 09:00 - 2015-05-25 14:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-06 09:00 - 2015-05-25 14:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-06 09:00 - 2015-05-25 14:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-06 09:00 - 2015-05-25 14:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-06 09:00 - 2015-05-25 14:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 14:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-06 09:00 - 2015-05-25 14:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-06 09:00 - 2015-05-25 14:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-06 09:00 - 2015-05-25 14:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-06 09:00 - 2015-05-25 14:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-06 09:00 - 2015-05-25 14:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-06 09:00 - 2015-05-25 14:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-06 09:00 - 2015-05-25 14:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-06 09:00 - 2015-05-25 14:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-06 09:00 - 2015-05-25 14:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-06 09:00 - 2015-05-25 14:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-06 09:00 - 2015-05-25 14:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-06 09:00 - 2015-05-25 14:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-06 09:00 - 2015-05-25 14:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-06 09:00 - 2015-05-25 14:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-06 09:00 - 2015-05-25 14:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-06 09:00 - 2015-05-25 14:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-06 09:00 - 2015-05-25 14:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-06 09:00 - 2015-05-25 14:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-06 09:00 - 2015-05-25 14:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-06 09:00 - 2015-05-25 14:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-06 09:00 - 2015-05-25 14:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-06 09:00 - 2015-05-25 14:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-06 09:00 - 2015-05-25 13:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-06 09:00 - 2015-05-25 13:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-06 09:00 - 2015-05-25 13:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-06 09:00 - 2015-05-25 13:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-06 09:00 - 2015-05-25 13:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-06 09:00 - 2015-05-25 13:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 13:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-06 09:00 - 2015-05-25 12:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-06 09:00 - 2015-05-25 12:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-06 09:00 - 2015-05-25 12:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 12:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 12:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-06 09:00 - 2015-05-25 12:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-06 08:44 - 2015-05-08 23:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-06 08:44 - 2015-05-08 23:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-06 08:44 - 2015-05-08 23:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-06 08:44 - 2015-05-08 23:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-06 08:44 - 2015-05-08 23:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-06 08:44 - 2015-05-08 23:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-06 08:44 - 2015-05-08 23:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-06 08:44 - 2015-05-08 23:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-06 08:44 - 2015-05-08 23:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-06 08:44 - 2015-05-08 23:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-06 08:44 - 2015-05-08 23:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-06 08:44 - 2015-05-08 23:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-06 08:44 - 2015-05-08 23:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-06 08:44 - 2015-05-08 23:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-06 08:44 - 2015-05-08 23:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-06 08:44 - 2015-05-08 23:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-05 11:47 - 2015-06-05 11:48 - 00000000 ____D C:\de4b05976369dabcf58d9b1a9e3765
2015-06-05 09:24 - 2015-06-05 09:29 - 00000000 ____D C:\moserbear
2015-06-05 08:23 - 2009-06-10 17:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.trb
2015-06-05 07:15 - 2015-06-09 04:45 - 00003818 _____ C:\Windows\System32\Tasks\Google Update
2015-06-03 09:42 - 2015-06-13 14:22 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-06-03 09:42 - 2015-06-03 09:42 - 00003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-06-03 08:58 - 2015-06-06 14:04 - 00003814 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1433336326
2015-06-03 08:44 - 2015-06-06 14:10 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-02 10:53 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-06-02 10:53 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-06-02 10:53 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-06-02 10:53 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-06-02 10:53 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-06-02 10:53 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-06-02 10:53 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-06-02 10:53 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-06-02 10:53 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-06-02 10:53 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-06-02 10:52 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-06-02 10:52 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-06-02 10:52 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-06-02 10:52 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-06-02 10:52 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-06-02 10:52 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-06-02 10:52 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-06-02 10:52 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-06-02 10:52 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-06-02 10:52 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-06-02 10:52 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-06-02 10:52 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-06-02 10:52 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-06-02 10:52 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-06-02 10:52 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-06-02 10:52 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-06-02 10:52 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-06-02 10:52 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-06-02 10:52 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-06-02 10:52 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-06-02 10:52 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-06-02 10:51 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-06-02 10:51 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-06-02 10:51 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-06-02 10:51 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-06-02 10:51 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-06-02 10:51 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-06-02 10:51 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-06-02 10:51 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-06-02 10:51 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-06-02 10:51 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-06-02 10:51 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-06-02 10:51 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-06-02 10:51 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-06-02 10:51 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-06-02 10:51 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-06-02 10:51 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-06-02 10:51 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-06-02 10:51 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-06-02 10:51 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-06-02 10:51 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-06-02 10:51 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-06-02 10:50 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-06-02 10:50 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-06-02 10:50 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-06-02 10:50 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-06-02 10:50 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-06-02 10:50 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-06-02 10:50 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-06-02 10:50 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-06-02 10:50 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-06-02 10:50 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-06-02 10:50 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-06-02 10:50 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-06-02 10:50 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-06-02 10:50 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-06-02 10:50 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-06-02 10:50 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-06-02 10:50 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-06-02 10:50 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-06-02 10:50 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-06-02 10:50 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-06-02 10:49 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-06-02 10:49 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-06-02 10:49 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-06-02 10:49 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-06-02 10:49 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-06-02 10:49 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-06-02 10:49 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-06-02 10:49 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-06-02 10:49 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-06-02 10:49 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-06-02 10:49 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-06-02 10:49 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-06-02 10:49 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-06-02 10:49 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-06-02 10:49 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-06-02 10:49 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-06-02 10:49 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-06-02 10:49 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-06-02 10:49 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-06-02 10:49 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-06-02 10:48 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-06-02 10:48 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-06-02 10:48 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-06-02 10:48 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-06-02 10:48 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-06-02 10:48 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-06-02 10:48 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-06-02 10:48 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-06-02 10:48 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-06-02 10:48 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-06-02 10:48 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-06-02 10:48 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-06-02 10:48 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-06-02 10:48 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-06-02 10:48 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-06-02 10:48 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-06-02 10:47 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-06-02 10:47 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-06-02 10:47 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-06-02 10:47 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-06-02 10:47 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-06-02 10:47 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-06-02 10:47 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-06-02 10:47 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-06-02 10:47 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-06-02 10:47 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-06-02 10:47 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-06-02 10:47 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-06-02 10:47 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-06-02 10:47 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-06-02 10:47 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-06-02 10:47 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-06-02 10:47 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-06-02 10:47 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-06-02 10:47 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-06-02 10:47 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-06-02 10:47 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-06-02 10:47 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-06-02 10:47 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-06-02 10:47 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-06-02 10:46 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-06-02 10:46 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-06-02 10:46 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-06-02 10:46 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-06-02 10:46 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-06-02 10:46 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-06-02 10:46 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-06-02 10:46 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-06-02 10:46 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-06-02 10:46 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-06-02 10:46 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-06-02 10:46 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-06-02 10:45 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-06-02 10:45 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-06-02 10:45 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-06-02 10:45 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-06-02 10:45 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-06-02 10:45 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-06-02 10:45 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-06-02 10:45 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-06-02 10:45 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-06-02 10:45 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-06-02 10:45 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-06-02 10:45 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-06-02 10:45 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-06-02 10:45 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-06-02 10:45 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-06-02 10:45 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-06-02 10:45 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-06-02 10:45 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-06-02 10:45 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-06-02 10:45 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-06-02 10:45 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-06-02 10:45 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-06-02 10:44 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-06-02 10:44 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-06-02 10:44 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-06-02 10:44 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-06-02 10:44 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-06-02 10:44 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-06-02 10:44 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-06-02 10:44 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-06-02 09:59 - 2015-06-02 10:00 - 00292184 _____ (Microsoft Corporation) C:\Users\sam\Downloads\dxwebsetup(1).exe
2015-06-02 09:48 - 2015-06-02 10:53 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-02 09:47 - 2015-06-02 09:47 - 00292184 _____ (Microsoft Corporation) C:\Users\sam\Downloads\dxwebsetup.exe
2015-06-01 02:55 - 2015-06-01 02:55 - 00000000 ____D C:\Users\sam\AppData\Local\GWX
2015-05-30 13:04 - 2015-05-30 13:04 - 00000080 _____ C:\Windows\SysWOW64\usergui.cfg
2015-05-30 13:04 - 2015-05-30 13:04 - 00000060 _____ C:\Windows\SysWOW64\userguistate.cfg
2015-05-30 13:04 - 2015-05-30 13:04 - 00000050 _____ C:\Windows\SysWOW64\outlook.cfg
2015-05-26 04:11 - 2015-05-15 09:57 - 00044856 _____ (AVG Technologies) C:\Windows\system32\uxtuneup.dll
2015-05-26 04:11 - 2015-05-15 09:57 - 00036664 _____ (AVG Technologies) C:\Windows\SysWOW64\uxtuneup.dll
2015-05-26 04:11 - 2015-05-15 09:57 - 00030520 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2015-05-26 04:11 - 2015-05-15 09:57 - 00025912 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2015-05-20 02:51 - 2015-04-10 23:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-05-19 09:44 - 2015-05-19 09:46 - 05592241 _____ C:\Users\sam\Downloads\AMT_Intel_6.0.0.1179_W7x64_A.zip
2015-05-19 09:40 - 2015-05-19 09:40 - 00003230 _____ C:\Windows\System32\Tasks\SidebarExecute
2015-05-19 09:38 - 2015-05-19 09:38 - 00000000 ____D C:\Users\sam\AppData\Roaming\InstallShield
2015-05-19 09:37 - 2015-05-19 09:41 - 10896589 _____ C:\Users\sam\Downloads\AHCI_Intel_9.5.6.1001_W7x64_A.zip
2015-05-19 09:37 - 2015-05-19 09:37 - 00000000 ____D C:\Users\sam\Downloads\Turbo Boost_Intel_1.03_W7x64_A
2015-05-19 09:30 - 2015-05-19 09:36 - 10027782 _____ C:\Users\sam\Downloads\PowerSmart Manager_Gateway_5.00.3003_W7x64_A.zip
2015-05-19 09:28 - 2015-05-19 09:28 - 00000000 ____D C:\Users\sam\Downloads\LaunchManager_Dritek_4.0.14_W7x86W7x64_A
2015-05-19 09:25 - 2015-05-19 09:37 - 18163299 _____ C:\Users\sam\Downloads\Turbo Boost_Intel_1.03_W7x64_A.zip
2015-05-19 09:23 - 2015-05-19 09:26 - 06425123 _____ C:\Users\sam\Downloads\LaunchManager_Dritek_4.0.14_W7x86W7x64_A.zip
2015-05-19 09:23 - 2015-05-19 09:23 - 00000000 ____D C:\Users\sam\Downloads\Application_Acer_1.02.3502_W7x64_A
2015-05-19 09:20 - 2015-05-19 09:23 - 08163850 _____ C:\Users\sam\Downloads\Application_Acer_1.02.3502_W7x64_A.zip
2015-05-13 08:02 - 2015-05-13 08:03 - 00880208 _____ (Google Inc.) C:\Users\sam\Downloads\ChromeSetup(1).exe
2015-05-13 06:06 - 2015-05-01 09:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 06:06 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 06:05 - 2015-04-17 23:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 06:05 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 05:29 - 2015-04-12 23:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 03:15 - 2015-04-19 23:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 03:15 - 2015-04-19 23:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 03:15 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 03:15 - 2015-04-07 23:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 03:15 - 2015-04-07 23:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 03:15 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 03:12 - 2015-05-13 03:13 - 00000000 ____D C:\4dba836d065887b32fbae16641c3
2015-05-07 13:50 - 2015-05-07 13:50 - 00378336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2015-05-07 13:49 - 2015-05-07 13:49 - 00253920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2015-05-07 13:49 - 2015-05-07 13:49 - 00220128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2015-05-04 14:14 - 2015-05-04 14:14 - 00291296 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2015-05-03 10:21 - 2015-05-03 10:21 - 00000000 ____D C:\Users\sam\AppData\Local\ExtractNow
2015-05-03 08:44 - 2015-06-13 11:02 - 00000000 ____D C:\Users\sam\AppData\Roaming\vlc
2015-05-03 08:43 - 2015-05-03 08:43 - 00000878 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-05-03 08:43 - 2015-05-03 08:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-05-03 08:42 - 2015-05-03 08:42 - 00000000 ____D C:\Program Files\VideoLAN
2015-05-03 08:27 - 2015-05-03 08:41 - 29833438 _____ C:\Users\sam\Downloads\vlc-2.2.1-win64.exe
2015-05-03 08:16 - 2015-05-03 08:16 - 00000000 ____D C:\Users\sam\AppData\Local\{7BAAC6AE-8039-4A5B-AA26-0662EB570B55}
2015-05-02 11:16 - 2015-03-13 23:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-02 11:16 - 2015-03-13 23:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-05-02 11:16 - 2015-03-13 23:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-02 11:16 - 2015-03-13 23:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-05-02 11:15 - 2015-03-04 00:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-02 11:15 - 2015-03-04 00:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-02 11:15 - 2015-03-04 00:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-02 11:15 - 2015-03-04 00:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-02 11:15 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-02 11:15 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-02 11:15 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-02 11:15 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-02 11:15 - 2015-02-18 03:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-02 11:15 - 2015-01-28 23:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-02 11:15 - 2015-01-28 23:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-04-27 13:19 - 2015-04-27 13:19 - 00284128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-04-27 10:26 - 2015-04-27 10:26 - 00000000 _____ C:\Windows\SysWOW64\REN2952.tmp
2015-04-15 13:06 - 2015-04-15 13:06 - 00256992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2015-04-15 00:50 - 2015-03-09 23:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 00:50 - 2015-03-09 23:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 00:50 - 2015-03-09 23:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 00:50 - 2015-03-09 23:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 00:50 - 2015-03-05 01:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 00:50 - 2015-03-05 00:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 00:49 - 2015-02-24 23:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 00:43 - 2015-03-04 00:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 00:43 - 2015-03-04 00:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 00:43 - 2015-03-04 00:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-07 03:26 - 2015-04-07 03:26 - 00000000 ____D C:\Users\sam\Documents\Akruti Classic
2015-04-06 11:49 - 2015-04-06 11:49 - 00047423 _____ C:\Users\sam\Documents\ashercollection.jpeg
2015-04-06 02:18 - 2015-04-06 02:18 - 00047104 _____ C:\Users\sam\Downloads\15H.xls
2015-04-06 01:12 - 2015-04-06 01:12 - 00006208 _____ C:\Users\sam\Downloads\15h.zip
2015-04-03 23:01 - 2015-06-17 11:35 - 00000000 ___SD C:\Windows\system32\GWX
2015-04-03 23:01 - 2015-05-20 02:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-03-29 10:12 - 2015-06-18 03:14 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-29 10:12 - 2015-05-02 11:48 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-29 10:12 - 2015-05-02 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-29 10:12 - 2015-05-02 11:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-29 10:12 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-29 10:12 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-29 10:12 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-25 02:58 - 2015-03-25 03:00 - 04929584 _____ (AVG Technologies) C:\Users\sam\Downloads\avg_isi_stb_all_2014_4800.exe
2015-03-24 07:17 - 2015-03-24 07:19 - 02168320 _____ C:\Users\sam\Downloads\adwcleaner_4.113.exe
2015-03-24 07:14 - 2015-03-24 07:14 - 00000000 ____D C:\Program Files\HitmanPro
2015-03-20 12:18 - 2015-03-20 12:18 - 00040928 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-18 03:18 - 2015-03-07 10:44 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D2A61921-26C4-468E-B3D5-7C3333CE6684}
2015-06-18 03:16 - 2010-09-30 19:43 - 01671868 _____ C:\Windows\WindowsUpdate.log
2015-06-18 03:12 - 2010-09-30 19:45 - 00000050 _____ C:\Windows\system32\SupplicantTest.log
2015-06-18 03:11 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-18 02:56 - 2012-03-30 10:47 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-18 02:38 - 2012-03-30 10:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-18 02:38 - 2012-03-30 10:47 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-18 02:38 - 2011-06-01 19:06 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-18 02:35 - 2009-07-14 00:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-18 02:35 - 2009-07-14 00:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-17 11:35 - 2014-11-07 03:52 - 00000000 ____D C:\Users\sam\Downloads\malware tools
2015-06-17 11:35 - 2014-02-12 14:09 - 00000000 ____D C:\Windows\Minidump
2015-06-17 11:35 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-06-17 11:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\NetworkList
2015-06-17 11:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\Msdtc
2015-06-17 11:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NetworkList
2015-06-17 11:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\Msdtc
2015-06-17 11:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2015-06-17 11:34 - 2011-09-01 19:53 - 00000000 __RHD C:\MSOCache
2015-06-17 07:54 - 2013-09-28 08:33 - 00007611 _____ C:\Users\sam\AppData\Local\Resmon.ResmonCfg
2015-06-17 07:37 - 2010-12-01 02:58 - 00000000 ____D C:\Users\sam
2015-06-14 02:44 - 2014-06-25 00:16 - 00000000 ____D C:\Users\sam\AppData\Local\Adobe
2015-06-13 15:14 - 2011-03-24 19:51 - 00000000 ____D C:\Users\sam\AppData\Roaming\SoftGrid Client
2015-06-13 10:49 - 2012-07-04 10:13 - 00000000 ____D C:\Users\sam\Documents\Sam
2015-06-13 10:02 - 2014-11-17 14:43 - 00000000 __SHD C:\Users\sam\AppData\Local\EmieBrowserModeList
2015-06-13 10:02 - 2014-05-13 03:01 - 00000000 __SHD C:\Users\sam\AppData\Local\EmieUserList
2015-06-13 10:02 - 2014-05-13 03:01 - 00000000 __SHD C:\Users\sam\AppData\Local\EmieSiteList
2015-06-13 08:55 - 2010-12-01 13:17 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-13 08:55 - 2010-12-01 13:17 - 00000000 ____D C:\ProgramData\Skype
2015-06-13 06:11 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-13 04:34 - 2010-12-05 00:24 - 00000000 ____D C:\Users\sam\EA SPORTS™ Cricket 07
2015-06-12 14:35 - 2014-11-18 02:49 - 00000000 ____D C:\Program Files\AVAST Software
2015-06-12 07:52 - 2015-01-16 10:09 - 00000000 ____D C:\ProgramData\MFAData
2015-06-12 07:50 - 2009-07-14 01:08 - 00032540 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-12 05:31 - 2010-07-19 10:19 - 00000000 ___HD C:\OEM
2015-06-11 07:00 - 2011-03-04 20:47 - 00000000 ____D C:\Users\sam\AppData\Local\CrashDumps
2015-06-10 06:36 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-10 06:34 - 2014-09-09 03:43 - 00314432 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 06:30 - 2014-05-06 05:52 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 06:29 - 2014-12-10 12:48 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-10 06:29 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 06:27 - 2013-07-14 04:48 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 06:19 - 2010-12-01 12:22 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-10 05:32 - 2009-07-14 01:13 - 00783464 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-09 11:18 - 2012-04-28 00:09 - 00000000 ____D C:\Windows\en
2015-06-09 04:24 - 2010-07-19 09:42 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-06 09:57 - 2010-12-01 12:36 - 00000000 ____D C:\Users\sam\AppData\Local\Google
2015-06-05 08:24 - 2010-07-19 09:35 - 00000000 ____D C:\ProgramData\Temp
2015-06-04 04:17 - 2015-01-16 06:07 - 00003696 _____ C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2015-06-03 13:00 - 2014-04-20 10:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-03 08:51 - 2014-11-18 14:38 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-06-03 08:08 - 2015-01-17 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-02 09:48 - 2012-05-31 22:16 - 00000000 ____D C:\Temp
2015-05-30 13:04 - 2015-02-01 03:32 - 00000793 _____ C:\Windows\SysWOW64\userawacs.cfg
2015-05-30 13:04 - 2015-01-16 10:44 - 00000891 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-05-30 13:04 - 2015-01-16 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-30 12:57 - 2015-01-16 03:57 - 00000000 ____D C:\Users\sam\AppData\Local\Avg
2015-05-19 09:44 - 2010-07-19 09:31 - 00000000 ____D C:\Program Files (x86)\Intel
2015-05-19 09:39 - 2010-07-19 09:40 - 00000000 ____D C:\Program Files\Intel
2015-05-19 09:38 - 2010-07-19 09:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-19 09:20 - 2014-10-30 04:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Files in the root of some directories =======

2013-09-28 08:33 - 2015-06-17 07:54 - 0007611 _____ () C:\Users\sam\AppData\Local\Resmon.ResmonCfg
2010-12-02 12:03 - 2010-12-02 12:03 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2015-01-01 10:30 - 2015-01-01 10:30 - 0000261 _____ () C:\ProgramData\fontcacheev1.dat

Files to move or delete:
====================
C:\ProgramData\fontcacheev1.dat


Some files in TEMP:
====================
C:\Users\sam\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\sam\AppData\Local\Temp\Quarantine.exe
C:\Users\sam\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume2
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {adecb2f8-ccf2-11df-83e9-fe46d5770525}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {adecb2fa-ccf2-11df-83e9-fe46d5770525}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {adecb2f8-ccf2-11df-83e9-fe46d5770525}
nx                      OptIn
bootlog                 No

Windows Boot Loader
-------------------
identifier              {adecb2fa-ccf2-11df-83e9-fe46d5770525}
device                  ramdisk=[C:]\Recovery\adecb2fa-ccf2-11df-83e9-fe46d5770525\Winre.wim,{adecb2fb-ccf2-11df-83e9-fe46d5770525}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\adecb2fa-ccf2-11df-83e9-fe46d5770525\Winre.wim,{adecb2fb-ccf2-11df-83e9-fe46d5770525}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {adecb2f8-ccf2-11df-83e9-fe46d5770525}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {adecb2fb-ccf2-11df-83e9-fe46d5770525}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\adecb2fa-ccf2-11df-83e9-fe46d5770525\boot.sdi



LastRegBack: 2015-04-09 09:02

==================== End of log ============================



#4 samymaarten

samymaarten
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 18 June 2015 - 04:15 AM

Users shortcut scan result (x64) Version:13-06-2015
Ran by sam at 2015-06-18 03:23:43
Running from C:\Users\sam\Desktop
Boot Mode: Normal
==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirportMadness4.lnk -> C:\Program Files (x86)\AirportMadness4\AirportMadness4.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\Integrator.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk -> C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk -> C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger\Yahoo! Messenger India.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Family Safety.lnk -> C:\Windows\Installer\{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}\fssicon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Mesh.lnk -> C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Web Camera\Video Web Camera.lnk -> C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe (Suyin)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Social Networks\Social Networks.lnk -> C:\Program Files (x86)\Social Networks\SNS.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero ControlCenter 4.lnk -> C:\Program Files (x86)\Nero\Nero ControlCenter 4\ncc.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 9\Nero StartSmart Essentials.lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 9\Nero Toolkit\Nero DiscSpeed.lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero DiscSpeed\DiscSpeed.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 9\Nero Toolkit\Nero DriveSpeed.lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero DriveSpeed\DriveSpeed.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 9\Nero Toolkit\Nero InfoTool.lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero InfoTool\InfoTool.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiMAX Connection Utility.lnk -> C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk -> C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Rapid Storage Technology.lnk -> C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\WiMAX\4G WiMAX Tutorial.lnk -> C:\Program Files\Intel\WiMAXDemo\Intel_WiMAX_Demo.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway MyBackup\Gateway MyBackup.lnk -> C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManager.exe (NewTech Infosystems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway\Gateway Recovery Management.lnk -> C:\Program Files\Gateway\Gateway Recovery Management\Recovery Management.exe (Acer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway\Gateway Updater.lnk -> C:\Program Files\Gateway\Gateway Updater\ALU.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway\Welcome Center.lnk -> C:\Program Files (x86)\Gateway\Welcome Center\OEMWelcomeCenter.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Euro Truck Simulator 2 Manual.lnk -> C:\Program Files (x86)\Euro Truck Simulator 2\manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Play Euro Truck Simulator 2.lnk -> C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Troubleshooting\Troubleshooting - DirectX.lnk -> C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\troubleshoot_dx9.cmd ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Troubleshooting\Troubleshooting - OpenGL.lnk -> C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\troubleshoot_gl.cmd ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Troubleshooting\Troubleshooting - Safe mode.lnk -> C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\troubleshoot_safe.cmd ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9\CyberLink PowerDVD 9.lnk -> C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVDLaunchPolicy.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9\PowerDVD 9 Help file.lnk -> C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Enu\PowerDVD9.CHM ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9\Read Me.lnk -> C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Enu\Readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\AVG PC TuneUp 2015.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\Integrator.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\AVG PC TuneUp Help.lnk -> C:\ProgramData\AVG\AWL2015\en-US\main_vista_7.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG 1-Click Maintenance.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Browser Cleaner.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\BrowserCleaner.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Cleaner for iOS.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\iOSCleaner.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Disk Cleaner.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\DiskCleaner.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Disk Doctor.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\DiskDoctor.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Disk Space Explorer.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\DiskExplorer.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Drive Defrag.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\DriveDefrag.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Duplicate Finder.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\DuplicateFinder.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Economy Mode.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\EnergyOptimizer.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Optimization Report.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\Report.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Process Manager.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\ProcessManager.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Program Deactivator.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\ProgramDeactivator.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Registry Cleaner.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\RegistryCleaner.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Registry Defrag.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\RegistryDefrag.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Registry Editor.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\RegistryEditor.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Repair Wizard.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\RepairWizard.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Rescue Center.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\RescueCenter.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Setting Center.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\SettingCenter.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Shortcut Cleaner.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\ShortcutCleaner.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Shredder.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\Shredder.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG StartUp Manager.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\StartUpManager.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG StartUp Optimizer.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\StartupOptimizer.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Styler.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\Styler.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG System Control.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\SystemControl.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG System Information.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\SystemInformation.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Undelete.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\Undelete.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Uninstall Manager.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\UninstallManager.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Update Wizard.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\UpdateWizard.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2015.lnk -> C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Internet Security.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (Avast Software s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Intel\ExtremeGraphics\CUI\Resource\Intel® HD Graphics.lnk -> C:\Windows\System32\GfxUI.exe (Intel Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Adobe Reader XI.lnk -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\AirportMadness4.lnk -> C:\Program Files (x86)\AirportMadness4\AirportMadness4.exe ()
Shortcut: C:\Users\Public\Desktop\Avast Internet Security.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (Avast Software s.r.o.)
Shortcut: C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe (AVG Technologies)
Shortcut: C:\Users\Public\Desktop\AVG 2015.lnk -> C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\Integrator.exe (AVG Technologies)
Shortcut: C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk -> C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe (Nero AG)
Shortcut: C:\Users\Public\Desktop\User's Guide (Gateway InfoCentre).lnk -> C:\Program Files (x86)\Gateway\InfoCentre\InfoCtr.exe (Acer Incorporated)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\Public\Desktop\Yahoo! Messenger India.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
Shortcut: C:\Users\sam\Links\Desktop.lnk -> C:\Users\sam\Desktop ()
Shortcut: C:\Users\sam\Links\Downloads.lnk -> C:\Users\sam\Downloads ()
Shortcut: C:\Users\sam\Documents\Norton Installation Files.lnk -> C:\Users\Public\Downloads\Norton\{N360202122-SHPD-FSD31014} ()
Shortcut: C:\Users\sam\Desktop\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\Users\sam\Desktop\DivX Movies.lnk -> C:\Users\sam\Videos\DivX Movies ()
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger India.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\4G WiMAX Tutorial.lnk -> C:\Program Files\Intel\WiMAXDemo\Intel_WiMAX_Demo.exe (Intel Corporation)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Welcome Center.lnk -> C:\Program Files (x86)\Gateway\Welcome Center\OEMWelcomeCenter.exe (Acer Incorporated)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\sam\AppData\Roaming\Microsoft\Excel\15H304374254065474365\15H.xls.lnk -> C:\Users\sam\Desktop\15H.xls (No File)




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 9\Nero Express Essentials SE.lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero Express\NeroExpress.exe (Nero AG) -> /w
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Excel Starter 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Excel Starter 2010 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Word Starter 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Word Starter 2010 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Clip Organizer.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Clip Organizer 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Office 2010 Upload Center.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office 2010 Upload Center 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Office Picture Manager.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office Picture Manager 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Office Starter To-Go Device Manager 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office Starter To-Go Device Manager 2010 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\WiMAX\Uninstall 4G WiMAX Tutorial.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {4F26C164-9373-4974-8F43-E0F2176AF937}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway\Identity Card.lnk -> C:\Program Files (x86)\Gateway\Identity Card\IdentityCard.exe () -> Identity Card
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway\User's Guide (Gateway InfoCentre).lnk -> C:\Program Files (x86)\Gateway\InfoCentre\InfoCtr.exe (Acer Incorporated) -> User's Guide (Gateway InfoCentre)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9\Online registration.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD9\OLRSubmission\OLRSubmission.exe () -> /LANG:Enu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\All functions\AVG Live Optimization.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\SettingCenter.exe (AVG Technologies) -> /live
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast SafeZone.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (Avast Software s.r.o.) -> /sfzonebrowser
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Public\Desktop\Avast SafeZone.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (Avast Software s.r.o.) -> /sfzonebrowser
ShortcutWithArgument: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\sam\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\sam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect\herdProtect on the Web.url -> hxxp://www.herdProtect.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Euro Truck Simulator 2 Website.url -> hxxp://www.eurotrucksimulator2.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\SCS Software Website.url -> hxxp://www.scssoft.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\AVG Software Website.url -> hxxp://www.avg.com
InternetURL: C:\Users\sam\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\sam\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\sam\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\sam\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\sam\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\sam\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\sam\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\sam\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\sam\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\sam\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\sam\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\sam\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\sam\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\sam\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\sam\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\sam\Favorites\Links for United States\GobiernoUSA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129792
InternetURL: C:\Users\sam\Favorites\Links for United States\USA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129791
InternetURL: C:\Users\sam\Favorites\Links\Suggested Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\sam\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315

==================== End of log =============================
 



#5 samymaarten

samymaarten
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 18 June 2015 - 04:18 AM

here are some of avg scan report

 

Resident Shield Results Threat Name;"Status";"Detection Time";"Object Type";"Process" Virus found JS/Agent, c:\ProgramData\kkcpbedfofbpafjhbkacpljdinmfephm\nlUO5qH.js;"Secured";"1/28/2015, 4:15:46 AM";"File or Directory";"c:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" Virus found JS/Agent, c:\ProgramData\mhhmcpgmbbdaoechfpfckdpnbfbdhncl\WtB2O.js;"Secured";"1/28/2015, 4:15:57 AM";"File or Directory";"c:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" Found MalSign.Ukra.EBB, c:\Users\sam\AppData\Local\Temp\5EAyNLcb.exe.part;"Secured";"1/24/2015, 2:11:40 PM";"File or Directory";"c:\Program Files (x86)\Mozilla Firefox\firefox.exe"

 

 

 


Identity Protection Results Threat Name;"Status";"Detection Time";"Object Type";"Process" Unknown, C:\Users\sam\Downloads\Games\AMWE\AMWE\Airport Madness World Edition\Airport Madness World Edition.exe;"Secured";"3/11/2015, 3:38:38 AM";"File or Directory";"" General behavioral detection, C:\USERS\SAM\APPDATA\LOCAL\TEMP\{CD365C6D-7D8A-4BA2-B1AC-EC50EAD5AAA1}\SETUP.EXE;"Restored from Virus Vault";"4/15/2015, 5:47:20 AM";"File or Directory";""

Online Shield Results
Threat Name;"Status";"Detection Time";"Object Type"
Virus identified SWF/Exploit.CY, www.fatratgames6.com/swf/0-parking-mania.swf;"Secured";"2/25/2015, 8:17:30 AM";"URL"
Virus found HTML/Framer, www.iluvcinema.in/tamil/tamil-nadu-box-office-yennai-arindhaal-first-day-collections/;"Secured";"2/9/2015, 10:05:26 AM";"URL"
Virus found HTML/Framer, www.schenckmansion.com/wp-content/plugins/nextgen-galleryview2/galleryview/js/jquery.timers.min.js;"Secured";"2/14/2015, 10:19:19 AM";"URL"
Virus found HTML/Framer, www.schenckmansion.com/wp-content/plugins/nextgen-galleryview2/galleryview/js/jquery.galleryview.min.js;"Secured";"2/14/2015, 10:19:20 AM";"URL"
Virus found HTML/Framer, www.iluvcinema.in/tamil/tamil-nadu-box-office-yennai-arindhaal-first-day-collections/;"Secured";"2/9/2015, 10:05:25 AM";"URL"
Adware Generic_r.AAD, lps.ezdownloadpro.info/hp/?q=tz2XT5e9Kszp0tvqom2ShUdhzK1NOZyHkIejCWK58swzIheO%2FhNSOWdUAhrNaj8h1qyefpoI6vebRtMj%2B%2Bnxl21oXquWNv2u6rLfwnMqK%2Fh%2FaP8jbonFODR%2FXwoos4838oLoZEtz%2BMuzlv68f%2Ff1xM9BCe5cB588SL1QyPpNFRfbc4UFew7MEGH%2FJylWCWsnjhq%2FqV2YqVHwl5aeEB81q4%2FKnHQ9s0y4c%2Fwv8x%2FV6I%2Bt%2FMmODqwe0VTuZbwPkVS18MYkhGLyr31CT6a%2BR4KNQjgfsKt2uhvRc4QWbWEO1L1d6oaBzCL94ZJhYHhMjc1JsvMcyuKdFy9LG4YGKmIy6zfrWMDyfLrW7H%2Fn1kqBOMjXLq0QDrOjb%2BcumU2BmtgqedAID3BycsGuPhzs7ZFc&external_id=142556;"Secured";"3/5/2015, 10:44:23 AM";"URL"
 



#6 samymaarten

samymaarten
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 18 June 2015 - 04:29 AM

avast internet security 2015 which i have installed 5 days back has found below mentioned problem

 

1. virus in boot scan win32.binder and jsjogger (not sure about name)

 

2 it has suggest me to install grime fighter which had found 10 problem and can free up 484 Mb space

 

3 my keyboard act funny when i type the cursor moves automatically back ward hence i can put password on any program

 

4  my router has been hacked and avast suggest 2 connection one is my laptop and other it says is my router.

 

5. my computer get hots and freezed all the time

 

6. it has also located problem in svchost.com

 

7. i had downloaded herd xxxxxx antivirus software it had detected one program trjsetup683.exe and after restart nothing much happened but herd and nero software got deleted, nero was used to see what device are connected to my laptop.


i registered to this site using my yahoo email address and now i cannot log in to yahoo



#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:40 AM

Posted 18 June 2015 - 08:15 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

CreateRestorePoint:
CloseProcesses:

IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2986117267-240792929-3407148286-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={3AD35D25-B62B-4810-937C-54AF881CDA45}&mid=9ba5eb46936c47cd9f7e59e75b46935e-6e770fe101a6aeae12daefef8ade26ec10c8798a&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-01-16%2011:04:54&v=4.0.5.7&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
Toolbar: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> No Name - {E6AE90A4-1B01-47F0-AA78-E6B122E145E9} -  No File
Toolbar: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> No Name - {813B80F0-CA12-41F2-9923-EB1ED1C5AA12} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin HKU\S-1-5-21-2986117267-240792929-3407148286-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\sam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-2986117267-240792929-3407148286-1000: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll No File
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-01-17]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-01-17]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-01-17]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-12]
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
S1 adgnetworktdi; system32\drivers\adgnetworktdi.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
Task: {3ADCD456-7756-4A20-812F-838FE52DCCF5} - System32\Tasks\{DD38C529-A3E5-4EE3-A1FC-6FEB6E6AE08F} => pcalua.exe -a C:\Users\sam\AppData\Roaming\webssearches\UninstallManager.exe -c  -ptid=tugs <==== ATTENTION

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Temporarily disable your AV program so it does not interfere.
Info on how to disable your security applications How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides.

Download Zeok tool from here

When the download appears, save to the Desktop.
On the Desktop, right-click the Zoek.exe file and select: Run as Administrator
(Give it a few seconds to appear.)

Next, copy/paste the entire script inside the code box below to the input field of Zoek:
createsrpoint;
autoclean;
emptyalltemp;
ipconfig /flushdns;b
Now...
Close any open Browsers.
Click the Run script button, and wait. It takes a few minutes to run all the script.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.

Please attach the zoek-results.log in your reply.

Also, please provide an update on how the computer is behaving after running the above script.

===

#8 samymaarten

samymaarten
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 18 June 2015 - 10:53 AM

Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by sam at 2015-06-18 11:37:06 Run:1
Running from C:\Users\sam\Desktop
Loaded Profiles: sam (Available Profiles: sam)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start

CreateRestorePoint:
CloseProcesses:

IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2986117267-240792929-3407148286-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={3AD35D25-B62B-4810-937C-54AF881CDA45}&mid=9ba5eb46936c47cd9f7e59e75b46935e-6e770fe101a6aeae12daefef8ade26ec10c8798a&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-01-16%2011:04:54&v=4.0.5.7&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
Toolbar: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> No Name - {E6AE90A4-1B01-47F0-AA78-E6B122E145E9} -  No File
Toolbar: HKU\S-1-5-21-2986117267-240792929-3407148286-1000 -> No Name - {813B80F0-CA12-41F2-9923-EB1ED1C5AA12} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin HKU\S-1-5-21-2986117267-240792929-3407148286-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\sam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-2986117267-240792929-3407148286-1000: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll No File
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-01-17]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-01-17]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-01-17]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-12]
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
S1 adgnetworktdi; system32\drivers\adgnetworktdi.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
Task: {3ADCD456-7756-4A20-812F-838FE52DCCF5} - System32\Tasks\{DD38C529-A3E5-4EE3-A1FC-6FEB6E6AE08F} => pcalua.exe -a C:\Users\sam\AppData\Roaming\webssearches\UninstallManager.exe -c  -ptid=tugs <==== ATTENTION

End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\skype.exe" => key removed successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKU\S-1-5-21-2986117267-240792929-3407148286-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-2986117267-240792929-3407148286-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKU\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value removed successfully
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => key not found.
HKU\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
HKU\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E6AE90A4-1B01-47F0-AA78-E6B122E145E9} => value removed successfully
HKCR\CLSID\{E6AE90A4-1B01-47F0-AA78-E6B122E145E9} => key not found.
HKU\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{813B80F0-CA12-41F2-9923-EB1ED1C5AA12} => value removed successfully
HKCR\CLSID\{813B80F0-CA12-41F2-9923-EB1ED1C5AA12} => key not found.
"HKCR\PROTOCOLS\Handler\livecall" => key removed successfully
HKCR\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => key not found.
"HKCR\PROTOCOLS\Handler\msnim" => key removed successfully
HKCR\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => key not found.
"HKCR\PROTOCOLS\Handler\skype4com" => key removed successfully
HKCR\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKU\S-1-5-21-2986117267-240792929-3407148286-1000\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin" => key removed successfully
C:\Users\sam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll not found.
"HKU\S-1-5-21-2986117267-240792929-3407148286-1000\Software\MozillaPlugins\anvisoft.com/AdblockPlugin" => key removed successfully
C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll not found.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} => moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} => moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} => moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\jeaohhlajejodfjadcponpnjgkiikocn" => key removed successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => key removed successfully
Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx" => Scheduled to move on reboot.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => key removed successfully
Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Scheduled to move on reboot.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lhmiofmipcpmhgihiecmpiekcacigpgb" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek" => key removed successfully
adgnetworktdi => Service removed successfully
BAPIDRV => Service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3ADCD456-7756-4A20-812F-838FE52DCCF5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3ADCD456-7756-4A20-812F-838FE52DCCF5}" => key removed successfully
C:\Windows\System32\Tasks\{DD38C529-A3E5-4EE3-A1FC-6FEB6E6AE08F} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DD38C529-A3E5-4EE3-A1FC-6FEB6E6AE08F}" => key removed successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-06-18 11:43:59)<=

"C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx" => Could not move
"C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Could not move

==== End of Fixlog 11:43:59 ====



#9 samymaarten

samymaarten
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 19 June 2015 - 01:55 AM

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by sam on Thu 06/18/2015 at 13:35:55.75.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\sam\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-06-18-170352.log    409 bytes

==== System Restore Info ======================

6/18/2015 1:40:12 PM Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\360 deleted successfully
C:\PROGRA~2\GUM2645.tmp deleted successfully
C:\PROGRA~2\Spybot - Search & Destroy 2 deleted successfully
C:\PROGRA~2\VideoLAN deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\Google deleted successfully
C:\Program Files\HitmanPro deleted successfully
C:\PROGRA~3\PCSettings deleted successfully
C:\Users\sam\AppData\Roaming\DMCache deleted successfully
C:\Users\sam\AppData\Roaming\Octoshape deleted successfully
C:\Users\sam\AppData\Roaming\TP deleted successfully
C:\Users\sam\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\sam\AppData\Local\EmieSiteList deleted successfully
C:\Users\sam\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} deleted successfully
HKEY_USERS\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B851AF-A4B9-43EF-97D3-28E1B4A5DB9B} deleted successfully
HKEY_USERS\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} deleted successfully
HKEY_USERS\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BCECAA-C896-4D18-B3DD-F1925DB5D5B} deleted successfully
HKEY_USERS\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219BF9A3-2AC0-428C-84FE-C27F56E3D} deleted successfully
HKEY_USERS\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{45631061-E4B7-4DC0-B1CF-C1BC227E19} deleted successfully
HKEY_USERS\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E66592B-8E7C-4A14-88A5-8BF21032F651} deleted successfully
HKEY_USERS\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C0FC736-A468-4FB6-A259-31F91125888} deleted successfully
HKEY_USERS\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A165BE83-ED8B-4CD7-9D8E-4EAC422B76E0} deleted successfully
HKEY_USERS\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B292D6D4-5057-4C98-8FE1-13629DC7C4B} deleted successfully
HKEY_USERS\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAED87D1-60DE-4D67-BFEF-F2FBB90375} deleted successfully
HKEY_USERS\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8EDCC96-B7EE-4BA6-85A9-F1C3F5842EA} deleted successfully
HKEY_USERS\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA56E6FC-E6EC-421F-92F2-BD1C9922AE} deleted successfully
HKEY_USERS\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} deleted successfully
HKEY_USERS\S-1-5-21-2986117267-240792929-3407148286-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E415733E-7A47-4917-B4C9-6A45F3A3D928} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\oqwyuko9.default-1417196471380

user.js not found
---- Lines extensions.gaYsetRxSYTNSuLe removed from prefs.js ----
user_pref("extensions.gaYsetRxSYTNSuLe.epoch", "1418371844");
user_pref("extensions.gaYsetRxSYTNSuLe.url", "http://gooded.net/sync2/?q=hfZ9oetKCGhEAen0rHY7rGhTB6lKDzt4okVptNtVh7n0rjnFrTa4rjnGqjrEtMFHhd9FqdwGrdUFq
---- FireFox user.js and prefs.js backups ----

prefs_20150618_0330_.backup

==== Batch Command(s) Run By Tool======================

C:\Windows\system32\appdata deleted

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


==== Deleting Files \ Folders ======================

C:\PROGRA~2\360 not found
C:\PROGRA~2\GUM2645.tmp not found
C:\PROGRA~2\Spybot - Search & Destroy 2 not found
C:\PROGRA~2\VideoLAN not found
C:\Users\sam\AppData\Local\AVG Web TuneUp deleted
C:\PROGRA~2\Yahoo! deleted
C:\Users\sam\AppData\Roaming\Yahoo! deleted
C:\PROGRA~3\fontcacheev1.dat deleted
C:\PROGRA~3\Yahoo! deleted
C:\PROGRA~3\AVG Web TuneUp deleted
C:\PROGRA~3\Avg_Update_0215avi deleted
C:\PROGRA~3\Avg_Update_1014av deleted
C:\Users\sam\AppData\Local\cache deleted
C:\Users\sam\AppData\LocalLow\AVG Web TuneUp deleted
C:\Users\sam\AppData\LocalLow\Yahoo! deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Yahoo! deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Yahoo! Companion deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\d3dx9_11.dll.tmp deleted
C:\Windows\Syswow64\REN2952.tmp deleted
C:\Windows\Syswow64\RENF779.tmp deleted
C:\Windows\Syswow64\shoF068.tmp deleted
C:\Windows\SysWOW64\LavasoftTcpService.dll deleted
C:\Windows\SysWOW64\LavasoftTcpService.ini deleted
C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini deleted
C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\oqwyuko9.default-1417196471380\jetpack deleted
"C:\PROGRA~2\AVG Web TuneUp\TBAPI.dll" deleted
"C:\Users\sam\AppData\Roaming\Temp" deleted
"C:\PROGRA~2\AVG Web TuneUp" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\oqwyuko9.default-1417196471380
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.defaultenginename.US", "Google");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06/17/2015 07:43 AM]
 



#10 samymaarten

samymaarten
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 19 June 2015 - 02:29 AM

Hi Nasddaq

 

Thanks for all the help things are getting better. I feel there is long way to go before

 

my cursor problem is solved , now i can type freely

 

my startup is different now earlier i had to choose windows 7 from boot menu , i feel this worm had affected Microsoft hence MRT.exe was affected , I had deleted Mrt.exe after scan and reinstalled also.

 

I had difficult time with zoek.exe due to my system, it got hot and computer got shutdown on first attempt , i see lots of svchost.exe process going on, i have html version of resource and performance it is 2.1mb file i will try to attach it to post but feel it will stop me due to long post.

 

zoek.exe got shutdown in first try and then i switched off my ruoter and then restarted the program, laptop got heated after almost 3 hours and shutdown again but this time i feel the whole process got completed please see report and advise . i have asked my ISP for change of router as it is hacked and i can 2 device are connected to my laptop , the other one it says is router , i cannot check mac address of it as my computer got shutdown and when restarted that program got deleted same also happened with herd protect which i saw in video of britec on you tube.

 

my biggest problem right now is too many number of unwanted process in system which are heating up my laptop and freezing it and shuting it down and files are present in too many location like some of my document file are present in 6 location , so too much memory is being used which will be problem for me when windows X get ready for download as i have selected for upgrade.

 

My problem is i have downloaded too many programs and games from wrong sources mostly from Jimmy Tutorials.com , the program i have installed are

 

Euro truck simulator 2 , I have unistalled it already , it was cracked game , file might in system in download folder

 

airport madness 4 , present in system

 

airport madness 6 , unistalled already , adobe air also came with it.

 

avg 2015 internet  security is with key i got it from youtube ( i see it firewall is getting compromised , it get switched off automatically at startup )

 

avg pc tune is cracked version from jimmy tutoriales

 

malware byte anti malware premium is also key from youtube.

 

Should i also remove malware byte , avg 2015 internet security and avg pc tune as they not genuine and also adobe air and airport madness 4 ?

 

I would be left with avast internet security 2015 ( trail version 24 days left ) , microsoft security essential and windows defender ( i feel these both microsoft product might be affected by virus )

 

Please later on also suggest me free anti virus , anti malware and anti spyware.

 

i have got key for antivirus from avast for 1 year ( www,getavast.com ) in my hotmail address , but i am not sure about avast as it has bad reputation on net.



#11 samymaarten

samymaarten
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 19 June 2015 - 02:48 AM

System Diagnostics Report    
    
Diagnostic Results    
    
Warnings    
Error    
Symptom:    
A service is reported as having an unexpected error code
Cause:    One or more services has failed. The service did not stop gracefully, suggesting the service may have crashed or one of its components stopped in an unsupported way.
Details:    Service exited with code not equal to 0 or 1077
Resolution:    Restart the service
Related:    Performance Diagnosis
Symptom:    
Device is not present, not working properly, or does not have all of its drivers installed.
Cause:    A device has a configuration problem that prevents it from working properly.
Details:    The device, adgnetworktdi, is reporting "tv_ConfigMgrErr24". This device will not be available until the issue is resolved. The Plug and Play ID for this device is ROOT\LEGACY_ADGNETWORKTDI\0000.
Resolution:    1. Verify the correct driver is installed.
    2. Try updating the drivers using Windows Update.
    3. Check with the manufacturer for an updated driver.
    4. Attempt to uninstall and then reinstall the device using Device Manager.
Related:    Explanation of Error Codes Generated by Device Manager
    Manage Devices in Windows
Symptom:    
Device is not present, not working properly, or does not have all of its drivers installed.
Cause:    A device has a configuration problem that prevents it from working properly.
Details:    The device, BAPIDRV, is reporting "tv_ConfigMgrErr24". This device will not be available until the issue is resolved. The Plug and Play ID for this device is ROOT\LEGACY_BAPIDRV\0000.
Resolution:    1. Verify the correct driver is installed.
    2. Try updating the drivers using Windows Update.
    3. Check with the manufacturer for an updated driver.
    4. Attempt to uninstall and then reinstall the device using Device Manager.
Related:    Explanation of Error Codes Generated by Device Manager
    Manage Devices in Windows
Informational    
Symptom:    
The Security Center has not recorded an anti-virus product.
Cause:    The Security Center is unable to identify an active anti-virus application. Either there is no anti-virus product installed or it is not recognized.
Resolution:    1. Verify that an anti-virus product is installed.
    2. If an anti-virus product is installed and functioning configure Security Center to stop monitoring anti-virus status.
Related:    Anti-virus
Severity:    
Information
Warning:    The average disk queue length is 6. The disk may be at its maximum transfer capacity due to throughput and disk seeks
Related:    Disk Diagnosis
Basic System Checks    
    Tests    Result    Description
    OS Checks    
Passed    Checks for attributes of the operating system
    
Test Groups    Tests    Failed    Description
OS Version Check    1    0    Passed
    Disk Checks    
Passed    Checks for disk status
    
Test Groups    Tests    Failed    Description
SMART Predict Failure Check    1    0    Passed
Logical Disk Dirty Bit Check    1    0    Passed
    Security Center Tests    
Passed    Checks for state of Security Center related information.
    
Test Groups    Tests    Failed    Description
User Account Control Enabled Check    1    0    Passed
Windows Update Enabled Check    1    0    Passed
    System Service Checks    
Failed    Checks for state of system services
    
Test Groups    Tests    Failed    Description
Abnormally Terminated Services Check    1    2    Failed
Workstation Service Check    1    0    Passed
    Hardware Device and Driver Checks    
Failed    Survey of Windows Management Infrastructure supported devices.
    
Test Groups    Tests    Failed    Description
Controller Device Configured Fail Count    10    0    Controller devices.
Controller Device Status Fail Count    10    0    Controller devices.
Cooling Configured Fail Count    1    0    Cooling devices.
Cooling Status Fail Count    1    0    Cooling devices.
Input Configured Fail Count    2    0    Input devices.
Input Status Fail Count    2    0    Input devices.
Memory Device Configured Fail Count    89    0    Memory devices.
Memory Device Status Fail Count    89    0    Memory devices.
Motherboard Device Configured Fail Count    21    0    Motherboard devices.
Motherboard Device Status Fail Count    21    0    Motherboard devices.
Network Configured Fail Count    16    0    Network devices.
Network Status Fail Count    16    0    Network devices.
Port Device Configured Fail Count    59    0    Port devices.
Port Device Status Fail Count    59    0    Port devices.
Power Device Configured Fail Count    2    0    Power devices.
Power Device Status Fail Count    2    0    Power devices.
Printing Device Configured Fail Count    0    0    Printing devices.
Printing Device Status Fail Count    0    0    Printing devices.
Storage Device Configured Fail Count    2    0    Storage devices.
Storage Device Status Fail Count    2    0    Storage devices.
Video Device Configured Fail Count    2    0    Video devices.
Video Device Status Fail Count    2    0    Video devices.
PlugAndPlay Device Configured Fail Count    160    2    PlugAndPlay devices.
PlugAndPlay Device Status Fail Count    160    0    PlugAndPlay devices.
Performance    
Resource Overview    
Component    Status    Utilization    Details
CPU    
Idle    16 %    Low CPU load.
Network    
Idle    0 %    Busiest network adapter is less than 15%.
   
Nic Intel[R] Centrino[R] Advanced-N 6250 AGN using 192 bits and has 150,000,000 bits capacity.
Disk    
Idle    97 /sec    Disk I/O is less than 100 (read/write) per second on disk 0.
   
Reads 79.2/sec + Writes 17.6/sec
Memory    
Normal    75 %    935 MB Available.



#12 samymaarten

samymaarten
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 19 June 2015 - 02:54 AM

Software Configuration    
    
OS Checks    
Operating System Information    Top: of  2
    Query    Query Result
    root\cimv2:SELECT * FROM Win32_OperatingSystem    0x0
    
    Returned Objects
    Win32_OperatingSystem=@
    
Property    Value
BootDevice    \Device\HarddiskVolume2
BuildNumber    7601
BuildType    Multiprocessor Free
Caption    Microsoft Windows 7 Home Premium
CodeSet    1252
CountryCode    1
CSCreationClassName    Win32_ComputerSystem
CSDVersion    Service Pack 1
CSName    SAM-PC
CurrentTimeZone    -240
DataExecutionPrevention_32BitApplications    True
DataExecutionPrevention_Available    True
DataExecutionPrevention_Drivers    True
DataExecutionPrevention_SupportPolicy    2
Debug    False
Description    
Distributed    0
EncryptionLevel    256
ForegroundApplicationBoost    2
FreePhysicalMemory    977564
FreeSpaceInPagingFiles    3338752
FreeVirtualMemory    4621144
InstallDate    20101201015836.000000-300
LastBootUpTime    20150618095129.125599-240
LocalDateTime    20150618110049.126000-240
Locale    0409
Manufacturer    Microsoft Corporation
MaxNumberOfProcesses    -1
MaxProcessMemorySize    8589934464
Name    Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition3
NumberOfLicensedUsers    0
NumberOfProcesses    77
NumberOfUsers    3
OperatingSystemSKU    3
Organization    
OSArchitecture    64-bit
OSLanguage    1033
OSProductSuite    768
OSType    18
Primary    True
ProductType    1
RegisteredUser    sam
SerialNumber    00359-OEM-8992687-00006
ServicePackMajorVersion    1
ServicePackMinorVersion    0
SizeStoredInPagingFiles    3857112
Status    OK
SuiteMask    784
SystemDevice    \Device\HarddiskVolume3
SystemDirectory    C:\Windows\system32
SystemDrive    C:
TotalVirtualMemorySize    7712388
TotalVisibleMemorySize    3857112
Version    6.1.7601
WindowsDirectory    C:\Windows
    root\cimv2:SELECT * FROM Win32_ComputerSystem    0x0
    
    Returned Objects
    Win32_ComputerSystem.Name="SAM-PC"
    
Property    Value
AdminPasswordStatus    3
AutomaticManagedPagefile    True
AutomaticResetBootOption    True
AutomaticResetCapability    True
BootROMSupported    True
BootupState    Normal boot
Caption    SAM-PC
ChassisBootupState    3
CurrentTimeZone    -240
DaylightInEffect    True
Description    AT/AT COMPATIBLE
DNSHostName    sam-PC
Domain    WORKGROUP
DomainRole    0
EnableDaylightSavingsTime    True
FrontPanelResetStatus    3
InfraredSupported    False
KeyboardPasswordStatus    3
Manufacturer    Gateway
Model    NV59C
Name    SAM-PC
NetworkServerModeEnabled    True
NumberOfLogicalProcessors    4
NumberOfProcessors    1
PartOfDomain    False
PauseAfterReset    -1
PCSystemType    2
PowerOnPasswordStatus    3
PowerState    0
PowerSupplyState    3
PrimaryOwnerName    sam
ResetCapability    1
ResetCount    -1
ResetLimit    -1
Status    OK
SystemType    x64-based PC
ThermalState    3
TotalPhysicalMemory    3949682688
UserName    sam-PC\sam
WakeUpType    6
Workgroup    WORKGROUP
Security Center Information    
Anti-Spyware Information    Top: of  1
    Query    Query Result
    root\SecurityCenter:SELECT * FROM AntiSpywareProduct    0x0
    
    Returned Objects
Anti-Virus Information    Top: of  1
    Query    Query Result
    root\SecurityCenter:SELECT * FROM AntiVirusProduct
   
The Security Center has not recorded an anti-virus product.
The Security Center is unable to identify an active anti-virus application. Either there is no anti-virus product installed or it is not recognized.
1. Verify that an anti-virus product is installed.
2. If an anti-virus product is installed and functioning configure Security Center to stop monitoring anti-virus status.
    0x0
    
    Returned Objects
Firewall Information    Top: of  1
    Query    Query Result
    root\SecurityCenter:SELECT * FROM FirewallProduct    0x0
    
    Returned Objects
User Account Control Settings    Top: of  1
    Query    Result
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA    0x0
    
Key    Value    Type    Result
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA    1    4    0x0
Windows Update Settings    Top: of  2
    Query    Result
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\\    0x0
    
Key    Value    Type    Result
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\SusClientIdValidation    BgIoATAqIAAgACAAIAAgAFcARAAtAFcAWAA0ADEAQQA5ADAARgAwADcAMgA0AAaIrh2ieq1CAGEAcwBlACAAQgBvAGEAcgBkACAAUwBlAHIAaQBhAGwAIABOAHUAbQBiAGUAcgBDAGgAYQBzAHMAaQBzACAAUwBlAHIAaQBhAGwAIABOAHUAbQBiAGUAcgA=    3    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\SusClientId    99cf94c5-ed9b-496a-9ac1-ea826a25f702    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\LastRestorePointSetTime    2015-06-17 11:53:38    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\NextSqmReportTime    2015-06-19 13:41:20    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\FeaturedUpdatesNotificationSeqNum    4943    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\FeaturedUpdatesNotificationSeqNumGenTime    2015-06-06 12:29:55    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\ElevateNonAdmins    1    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\AUOptions    4    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\ScheduledInstallDay    0    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\ScheduledInstallTime    3    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\IncludeRecommendedUpdates    1    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\ActionCenterLastPossibleRestartNotification    2014-09-12 07:00:00    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\LastRestoreId    {9182371D-5226-4723-A549-EE8A6A3CE29D}    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\EnableFeaturedSoftware    1    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\NextDetectionTime    2015-06-19 04:16:41    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\NextFeaturedUpdatesNotificationTime    2015-06-11 14:31:27    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\ScheduledInstallDate    2015-06-19 07:00:00    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\DownloadExpirationTime    2015-06-19 11:46:33    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Detect\LastSuccessTime    2015-06-18 09:01:03    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Detect\LastError    0    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Download\LastError    -2145124341    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\UAS\UpdateCount    0    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade\ReservationsAllowed    1    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\BatchFlushAge    350    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\SamplingValue2    725    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services\DefaultService    7971f918-a847-4430-9279-4a52d1efe18d    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services\7971f918-a847-4430-9279-4a52d1efe18d\AuthorizationCab    authcab.cab    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services\Pending\ValidatedPreWsus3RegistrationRequests    1    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup\SelfUpdateStatus    0    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup\SelfupdateUnmanaged    1    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup\ServerId    9482f4b4-e343-43b6-b170-9a65bc822c77    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup\SetupHandlerUpdateId    61ca813a-7585-442e-a66b-b0d15ce6bdc0    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup\UpdateSessionId    -1    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup\Results\SelfUpdate\LastSuccessTime    2014-08-19 12:17:19    1    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup\Results\SelfUpdate\RebootFailCount    0    4    0x0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup\Results\SelfUpdate\LastError    0    4    0x0
    HKLM\SOFTWARE\Policies\Windows\WindowsUpdate\\    0x80070002
    
Key    Value    Type    Result
System Services    
System Services    Top: of  1
    Query    Query Result
    root\cimv2:SELECT __Relpath, Name, Caption, Description, DisplayName, PathName, Started, ExitCode, State, ServiceSpecificExitCode FROM Win32_Service    0x0
    
    Returned Objects
    Win32_Service.Name="AdobeARMservice"
    
Property    Value
Caption    Adobe Acrobat Update Service
Description    Adobe Acrobat Updater keeps your Adobe software up to date.
DisplayName    Adobe Acrobat Update Service
ExitCode    1077
Name    AdobeARMservice
PathName    "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="AdobeFlashPlayerUpdateSvc"
    
Property    Value
Caption    Adobe Flash Player Update Service
Description    This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes.
DisplayName    Adobe Flash Player Update Service
ExitCode    0
Name    AdobeFlashPlayerUpdateSvc
PathName    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="AeLookupSvc"
    
Property    Value
Caption    Application Experience
Description    Processes application compatibility cache requests for applications as they are launched
DisplayName    Application Experience
ExitCode    0
Name    AeLookupSvc
PathName    C:\Windows\system32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="ALG"
    
Property    Value
Caption    Application Layer Gateway Service
Description    Provides support for 3rd party protocol plug-ins for Internet Connection Sharing
DisplayName    Application Layer Gateway Service
ExitCode    1077
Name    ALG
PathName    C:\Windows\System32\alg.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="AppIDSvc"
    
Property    Value
Caption    Application Identity
Description    Determines and verifies the identity of an application. Disabling this service will prevent AppLocker from being enforced.
DisplayName    Application Identity
ExitCode    1077
Name    AppIDSvc
PathName    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="Appinfo"
    
Property    Value
Caption    Application Information
Description    Facilitates the running of interactive applications with additional administrative privileges. If this service is stopped, users will be unable to launch applications with the additional administrative privileges they may require to perform desired user tasks.
DisplayName    Application Information
ExitCode    0
Name    Appinfo
PathName    C:\Windows\system32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="aspnet_state"
    
Property    Value
Caption    ASP.NET State Service
Description    Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    ASP.NET State Service
ExitCode    1077
Name    aspnet_state
PathName    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="AudioEndpointBuilder"
    
Property    Value
Caption    Windows Audio Endpoint Builder
Description    Manages audio devices for the Windows Audio service. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start
DisplayName    Windows Audio Endpoint Builder
ExitCode    0
Name    AudioEndpointBuilder
PathName    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="AudioSrv"
    
Property    Value
Caption    Windows Audio
Description    Manages audio for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start
DisplayName    Windows Audio
ExitCode    0
Name    AudioSrv
PathName    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="avast! Antivirus"
    
Property    Value
Caption    Avast Antivirus
Description    Manages and implements Avast antivirus services for this computer. This includes the real-time shields, the virus chest and the scheduler.
DisplayName    Avast Antivirus
ExitCode    0
Name    avast! Antivirus
PathName    "C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="avast! Firewall"
    
Property    Value
Caption    Avast Firewall
Description    Implements main functionality for avast! Firewall
DisplayName    Avast Firewall
ExitCode    0
Name    avast! Firewall
PathName    "C:\Program Files\AVAST Software\Avast\afwServ.exe"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="avgfws"
    
Property    Value
Caption    AVG Firewall
Description    AVG Firewall Service
DisplayName    AVG Firewall
ExitCode    0
Name    avgfws
PathName    "C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="AVGIDSAgent"
    
Property    Value
Caption    AVGIDSAgent
Description    Provides Identity Protection Against Cyber Crime.
DisplayName    AVGIDSAgent
ExitCode    0
Name    AVGIDSAgent
PathName    "C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="avgwd"
    
Property    Value
Caption    AVG WatchDog
Description    AVG Watchdog Service
DisplayName    AVG WatchDog
ExitCode    0
Name    avgwd
PathName    "C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="AxInstSV"
    
Property    Value
Caption    ActiveX Installer (AxInstSV)
Description    Provides User Account Control validation for the installation of ActiveX controls from the Internet and enables management of ActiveX control installation based on Group Policy settings. This service is started on demand and if disabled the installation of ActiveX controls will behave according to default browser settings.
DisplayName    ActiveX Installer (AxInstSV)
ExitCode    1077
Name    AxInstSV
PathName    C:\Windows\system32\svchost.exe -k AxInstSVGroup
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="BDESVC"
    
Property    Value
Caption    BitLocker Drive Encryption Service
Description    BDESVC hosts the BitLocker Drive Encryption service. BitLocker Drive Encryption provides secure startup for the operating system, as well as full volume encryption for OS, fixed or removable volumes. This service allows BitLocker to prompt users for various actions related to their volumes when mounted, and unlocks volumes automatically without user interaction. Additionally, it stores recovery information to Active Directory, if available, and, if necessary, ensures the most recent recovery certificates are used. Stopping or disabling the service would prevent users from leveraging this functionality.
DisplayName    BitLocker Drive Encryption Service
ExitCode    1077
Name    BDESVC
PathName    C:\Windows\System32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="BFE"
    
Property    Value
Caption    Base Filtering Engine
Description    The Base Filtering Engine (BFE) is a service that manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Stopping or disabling the BFE service will significantly reduce the security of the system. It will also result in unpredictable behavior in IPsec management and firewall applications.
DisplayName    Base Filtering Engine
ExitCode    0
Name    BFE
PathName    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="BITS"
    
Property    Value
Caption    Background Intelligent Transfer Service
Description    Transfers files in the background using idle network bandwidth. If the service is disabled, then any applications that depend on BITS, such as Windows Update or MSN Explorer, will be unable to automatically download programs and other information.
DisplayName    Background Intelligent Transfer Service
ExitCode    0
Name    BITS
PathName    C:\Windows\System32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="Browser"
    
Property    Value
Caption    Computer Browser
Description    Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Computer Browser
ExitCode    0
Name    Browser
PathName    C:\Windows\System32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="bthserv"
    
Property    Value
Caption    Bluetooth Support Service
Description    The Bluetooth service supports discovery and association of remote Bluetooth devices. Stopping or disabling this service may cause already installed Bluetooth devices to fail to operate properly and prevent new devices from being discovered or associated.
DisplayName    Bluetooth Support Service
ExitCode    1077
Name    bthserv
PathName    C:\Windows\system32\svchost.exe -k bthsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="CertPropSvc"
    
Property    Value
Caption    Certificate Propagation
Description    Copies user certificates and root certificates from smart cards into the current user's certificate store, detects when a smart card is inserted into a smart card reader, and, if needed, installs the smart card Plug and Play minidriver.
DisplayName    Certificate Propagation
ExitCode    1077
Name    CertPropSvc
PathName    C:\Windows\system32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="clr_optimization_v2.0.50727_32"
    
Property    Value
Caption    Microsoft .NET Framework NGEN v2.0.50727_X86
Description    Microsoft .NET Framework NGEN
DisplayName    Microsoft .NET Framework NGEN v2.0.50727_X86
ExitCode    1077
Name    clr_optimization_v2.0.50727_32
PathName    C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="clr_optimization_v2.0.50727_64"
    
Property    Value
Caption    Microsoft .NET Framework NGEN v2.0.50727_X64
Description    Microsoft .NET Framework NGEN
DisplayName    Microsoft .NET Framework NGEN v2.0.50727_X64
ExitCode    1077
Name    clr_optimization_v2.0.50727_64
PathName    C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="clr_optimization_v4.0.30319_32"
    
Property    Value
Caption    Microsoft .NET Framework NGEN v4.0.30319_X86
Description    Microsoft .NET Framework NGEN
DisplayName    Microsoft .NET Framework NGEN v4.0.30319_X86
ExitCode    0
Name    clr_optimization_v4.0.30319_32
PathName    C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="clr_optimization_v4.0.30319_64"
    
Property    Value
Caption    Microsoft .NET Framework NGEN v4.0.30319_X64
Description    Microsoft .NET Framework NGEN
DisplayName    Microsoft .NET Framework NGEN v4.0.30319_X64
ExitCode    0
Name    clr_optimization_v4.0.30319_64
PathName    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="COMSysApp"
    
Property    Value
Caption    COM+ System Application
Description    Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    COM+ System Application
ExitCode    1077
Name    COMSysApp
PathName    C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="CryptSvc"
    
Property    Value
Caption    Cryptographic Services
Description    Provides four management services: Catalog Database Service, which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; Automatic Root Certificate Update Service, which retrieves root certificates from Windows Update and enable scenarios such as SSL; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Cryptographic Services
ExitCode    0
Name    CryptSvc
PathName    C:\Windows\system32\svchost.exe -k NetworkService
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="cvhsvc"
    
Property    Value
Caption    Client Virtualization Handler
Description    Client Virtualization Handler Service (unlocalized description)
DisplayName    Client Virtualization Handler
ExitCode    0
Name    cvhsvc
PathName    "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="DcomLaunch"
    
Property    Value
Caption    DCOM Server Process Launcher
Description    The DCOMLAUNCH service launches COM and DCOM servers in response to object activation requests. If this service is stopped or disabled, programs using COM or DCOM will not function properly. It is strongly recommended that you have the DCOMLAUNCH service running.
DisplayName    DCOM Server Process Launcher
ExitCode    0
Name    DcomLaunch
PathName    C:\Windows\system32\svchost.exe -k DcomLaunch
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="defragsvc"
    
Property    Value
Caption    Disk Defragmenter
Description    Provides Disk Defragmentation Capabilities.
DisplayName    Disk Defragmenter
ExitCode    1077
Name    defragsvc
PathName    C:\Windows\system32\svchost.exe -k defragsvc
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="Dhcp"
    
Property    Value
Caption    DHCP Client
Description    Registers and updates IP addresses and DNS records for this computer. If this service is stopped, this computer will not receive dynamic IP addresses and DNS updates. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    DHCP Client
ExitCode    0
Name    Dhcp
PathName    C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="DiagTrack"
    
Property    Value
Caption    Diagnostics Tracking Service
Description    The Diagnostics Tracking Service enables data collection about functional issues in Windows components.
DisplayName    Diagnostics Tracking Service
ExitCode    0
Name    DiagTrack
PathName    C:\Windows\System32\svchost.exe -k utcsvc
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="DMAgent"
    
Property    Value
Caption    Intel® PROSet/Wireless WiMAX Red Bend Device Management Service
Description    Red Bend Device Management Service for Intel® PROSet/Wireless WiMAX Software.
DisplayName    Intel® PROSet/Wireless WiMAX Red Bend Device Management Service
ExitCode    0
Name    DMAgent
PathName    "C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="Dnscache"
    
Property    Value
Caption    DNS Client
Description    The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer. If the service is stopped, DNS names will continue to be resolved. However, the results of DNS name queries will not be cached and the computer's name will not be registered. If the service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    DNS Client
ExitCode    0
Name    Dnscache
PathName    C:\Windows\system32\svchost.exe -k NetworkService
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="dot3svc"
    
Property    Value
Caption    Wired AutoConfig
Description    The Wired AutoConfig (DOT3SVC) service is responsible for performing IEEE 802.1X authentication on Ethernet interfaces. If your current wired network deployment enforces 802.1X authentication, the DOT3SVC service should be configured to run for establishing Layer 2 connectivity and/or providing access to network resources. Wired networks that do not enforce 802.1X authentication are unaffected by the DOT3SVC service.
DisplayName    Wired AutoConfig
ExitCode    1077
Name    dot3svc
PathName    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="DPS"
    
Property    Value
Caption    Diagnostic Policy Service
Description    The Diagnostic Policy Service enables problem detection, troubleshooting and resolution for Windows components. If this service is stopped, diagnostics will no longer function.
DisplayName    Diagnostic Policy Service
ExitCode    0
Name    DPS
PathName    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
ServiceSpecificExitCode    0
Started    True
State    Stop Pending
    Win32_Service.Name="DsiWMIService"
    
Property    Value
Caption    Dritek WMI Service
DisplayName    Dritek WMI Service
ExitCode    0
Name    DsiWMIService
PathName    C:\Program Files (x86)\Launch Manager\dsiwmis.exe
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="EapHost"
    
Property    Value
Caption    Extensible Authentication Protocol
Description    The Extensible Authentication Protocol (EAP) service provides network authentication in such scenarios as 802.1x wired and wireless, VPN, and Network Access Protection (NAP). EAP also provides application programming interfaces (APIs) that are used by network access clients, including wireless and VPN clients, during the authentication process. If you disable this service, this computer is prevented from accessing networks that require EAP authentication.
DisplayName    Extensible Authentication Protocol
ExitCode    0
Name    EapHost
PathName    C:\Windows\System32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="EFS"
    
Property    Value
Caption    Encrypting File System (EFS)
Description    Provides the core file encryption technology used to store encrypted files on NTFS file system volumes. If this service is stopped or disabled, applications will be unable to access encrypted files.
DisplayName    Encrypting File System (EFS)
ExitCode    1077
Name    EFS
PathName    C:\Windows\System32\lsass.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="ehRecvr"
    
Property    Value
Caption    Windows Media Center Receiver Service
Description    Windows Media Center Service for TV and FM broadcast reception
DisplayName    Windows Media Center Receiver Service
ExitCode    1077
Name    ehRecvr
PathName    C:\Windows\ehome\ehRecvr.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="ehSched"
    
Property    Value
Caption    Windows Media Center Scheduler Service
Description    Starts and stops recording of TV programs within Windows Media Center
DisplayName    Windows Media Center Scheduler Service
ExitCode    1077
Name    ehSched
PathName    C:\Windows\ehome\ehsched.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="eventlog"
    
Property    Value
Caption    Windows Event Log
Description    This service manages events and event logs. It supports logging events, querying events, subscribing to events, archiving event logs, and managing event metadata. It can display events in both XML and plain text format. Stopping this service may compromise security and reliability of the system.
DisplayName    Windows Event Log
ExitCode    0
Name    eventlog
PathName    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="EventSystem"
    
Property    Value
Caption    COM+ Event System
Description    Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    COM+ Event System
ExitCode    0
Name    EventSystem
PathName    C:\Windows\system32\svchost.exe -k LocalService
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="Fax"
    
Property    Value
Caption    Fax
Description    Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network.
DisplayName    Fax
ExitCode    1077
Name    Fax
PathName    C:\Windows\system32\fxssvc.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="fdPHost"
    
Property    Value
Caption    Function Discovery Provider Host
Description    The FDPHOST service hosts the Function Discovery (FD) network discovery providers. These FD providers supply network discovery services for the Simple Services Discovery Protocol (SSDP) and Web Services – Discovery (WS-D) protocol. Stopping or disabling the FDPHOST service will disable network discovery for these protocols when using FD. When this service is unavailable, network services using FD and relying on these discovery protocols will be unable to find network devices or resources.
DisplayName    Function Discovery Provider Host
ExitCode    1077
Name    fdPHost
PathName    C:\Windows\system32\svchost.exe -k LocalService
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="FDResPub"
    
Property    Value
Caption    Function Discovery Resource Publication
Description    Publishes this computer and resources attached to this computer so they can be discovered over the network. If this service is stopped, network resources will no longer be published and they will not be discovered by other computers on the network.
DisplayName    Function Discovery Resource Publication
ExitCode    0
Name    FDResPub
PathName    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="FontCache"
    
Property    Value
Caption    Windows Font Cache Service
Description    Optimizes performance of applications by caching commonly used font data. Applications will start this service if it is not already running. It can be disabled, though doing so will degrade application performance.
DisplayName    Windows Font Cache Service
ExitCode    1077
Name    FontCache
PathName    C:\Windows\system32\svchost.exe -k LocalService
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="FontCache3.0.0.0"
    
Property    Value
Caption    Windows Presentation Foundation Font Cache 3.0.0.0
Description    Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications.
DisplayName    Windows Presentation Foundation Font Cache 3.0.0.0
ExitCode    1077
Name    FontCache3.0.0.0
PathName    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="fsssvc"
    
Property    Value
Caption    Windows Live Family Safety Service
Description    This service enables Family Safety on the computer. If this service is not running, Family Safety will not work.
DisplayName    Windows Live Family Safety Service
ExitCode    1077
Name    fsssvc
PathName    "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe"
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="gpsvc"
    
Property    Value
Caption    Group Policy Client
Description    The service is responsible for applying settings configured by administrators for the computer and users through the Group Policy component. If the service is stopped or disabled, the settings will not be applied and applications and components will not be manageable through Group Policy. Any components or applications that depend on the Group Policy component might not be functional if the service is stopped or disabled.
DisplayName    Group Policy Client
ExitCode    0
Name    gpsvc
PathName    C:\Windows\system32\svchost.exe -k GPSvcGroup
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="GREGService"
    
Property    Value
Caption    GREGService
DisplayName    GREGService
ExitCode    1077
Name    GREGService
PathName    C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="gupdate"
    
Property    Value
Caption    Google Update Service (gupdate)
Description    Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it.
DisplayName    Google Update Service (gupdate)
ExitCode    0
Name    gupdate
PathName    "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="gupdatem"
    
Property    Value
Caption    Google Update Service (gupdatem)
Description    Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it.
DisplayName    Google Update Service (gupdatem)
ExitCode    1077
Name    gupdatem
PathName    "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="hidserv"
    
Property    Value
Caption    Human Interface Device Access
Description    Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Human Interface Device Access
ExitCode    1077
Name    hidserv
PathName    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="hkmsvc"
    
Property    Value
Caption    Health Key and Certificate Management
Description    Provides X.509 certificate and key management services for the Network Access Protection Agent (NAPAgent). Enforcement technologies that use X.509 certificates may not function properly without this service
DisplayName    Health Key and Certificate Management
ExitCode    1077
Name    hkmsvc
PathName    C:\Windows\System32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="HomeGroupListener"
    
Property    Value
Caption    HomeGroup Listener
Description    Makes local computer changes associated with configuration and maintenance of the homegroup-joined computer. If this service is stopped or disabled, your computer will not work properly in a homegroup and your homegroup might not work properly. It is recommended that you keep this service running.
DisplayName    HomeGroup Listener
ExitCode    1077
Name    HomeGroupListener
PathName    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="HomeGroupProvider"
    
Property    Value
Caption    HomeGroup Provider
Description    Performs networking tasks associated with configuration and maintenance of homegroups. If this service is stopped or disabled, your computer will be unable to detect other homegroups and your homegroup might not work properly. It is recommended that you keep this service running.
DisplayName    HomeGroup Provider
ExitCode    1068
Name    HomeGroupProvider
PathName    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="IAStorDataMgrSvc"
    
Property    Value
Caption    Intel® Rapid Storage Technology
Description    Provides storage event notification and manages communication between the storage driver and user space applications.
DisplayName    Intel® Rapid Storage Technology
ExitCode    1077
Name    IAStorDataMgrSvc
PathName    "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="idsvc"
    
Property    Value
Caption    Windows CardSpace
Description    Securely enables the creation, management, and disclosure of digital identities.
DisplayName    Windows CardSpace
ExitCode    1077
Name    idsvc
PathName    "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="IEEtwCollectorService"
    
Property    Value
Caption    Internet Explorer ETW Collector Service
Description    ETW Collector Service for Internet Explorer. When running, this service collects real time ETW events and processes them.
DisplayName    Internet Explorer ETW Collector Service
ExitCode    1077
Name    IEEtwCollectorService
PathName    C:\Windows\system32\IEEtwCollector.exe /V
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="IKEEXT"
    
Property    Value
Caption    IKE and AuthIP IPsec Keying Modules
Description    The IKEEXT service hosts the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules. These keying modules are used for authentication and key exchange in Internet Protocol security (IPsec). Stopping or disabling the IKEEXT service will disable IKE and AuthIP key exchange with peer computers. IPsec is typically configured to use IKE or AuthIP; therefore, stopping or disabling the IKEEXT service might result in an IPsec failure and might compromise the security of the system. It is strongly recommended that you have the IKEEXT service running.
DisplayName    IKE and AuthIP IPsec Keying Modules
ExitCode    0
Name    IKEEXT
PathName    C:\Windows\system32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="IPBusEnum"
    
Property    Value
Caption    PnP-X IP Bus Enumerator
Description    The PnP-X bus enumerator service manages the virtual network bus. It discovers network connected devices using the SSDP/WS discovery protocols and gives them presence in PnP. If this service is stopped or disabled, presence of NCD devices will not be maintained in PnP. All pnpx based scenarios will stop functioning.
DisplayName    PnP-X IP Bus Enumerator
ExitCode    1077
Name    IPBusEnum
PathName    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="iphlpsvc"
    
Property    Value
Caption    IP Helper
Description    Provides tunnel connectivity using IPv6 transition technologies (6to4, ISATAP, Port Proxy, and Teredo), and IP-HTTPS. If this service is stopped, the computer will not have the enhanced connectivity benefits that these technologies offer.
DisplayName    IP Helper
ExitCode    0
Name    iphlpsvc
PathName    C:\Windows\System32\svchost.exe -k NetSvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="KeyIso"
    
Property    Value
Caption    CNG Key Isolation
Description    The CNG key isolation service is hosted in the LSA process. The service provides key process isolation to private keys and associated cryptographic operations as required by the Common Criteria. The service stores and uses long-lived keys in a secure process complying with Common Criteria requirements.
DisplayName    CNG Key Isolation
ExitCode    0
Name    KeyIso
PathName    C:\Windows\system32\lsass.exe
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="KtmRm"
    
Property    Value
Caption    KtmRm for Distributed Transaction Coordinator
Description    Coordinates transactions between the Distributed Transaction Coordinator (MSDTC) and the Kernel Transaction Manager (KTM). If it is not needed, it is recommended that this service remain stopped. If it is needed, both MSDTC and KTM will start this service automatically. If this service is disabled, any MSDTC transaction interacting with a Kernel Resource Manager will fail and any services that explicitly depend on it will fail to start.
DisplayName    KtmRm for Distributed Transaction Coordinator
ExitCode    1077
Name    KtmRm
PathName    C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="LanmanServer"
    
Property    Value
Caption    Server
Description    Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Server
ExitCode    0
Name    LanmanServer
PathName    C:\Windows\system32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="LanmanWorkstation"
    
Property    Value
Caption    Workstation
Description    Creates and maintains client network connections to remote servers using the SMB protocol. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Workstation
ExitCode    0
Name    LanmanWorkstation
PathName    C:\Windows\System32\svchost.exe -k NetworkService
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="Live Updater Service"
    
Property    Value
Caption    Live Updater Service
DisplayName    Live Updater Service
ExitCode    0
Name    Live Updater Service
PathName    C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="lltdsvc"
    
Property    Value
Caption    Link-Layer Topology Discovery Mapper
Description    Creates a Network Map, consisting of PC and device topology (connectivity) information, and metadata describing each PC and device. If this service is disabled, the Network Map will not function properly.
DisplayName    Link-Layer Topology Discovery Mapper
ExitCode    1077
Name    lltdsvc
PathName    C:\Windows\System32\svchost.exe -k LocalService
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="lmhosts"
    
Property    Value
Caption    TCP/IP NetBIOS Helper
Description    Provides support for the NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution for clients on the network, therefore enabling users to share files, print, and log on to the network. If this service is stopped, these functions might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    TCP/IP NetBIOS Helper
ExitCode    0
Name    lmhosts
PathName    C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="LMS"
    
Property    Value
Caption    Intel® Management and Security Application Local Management Service
Description    Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces.
DisplayName    Intel® Management and Security Application Local Management Service
ExitCode    0
Name    LMS
PathName    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="MBAMScheduler"
    
Property    Value
Caption    MBAMScheduler
Description    Malwarebytes Anti-Malware scheduler
DisplayName    MBAMScheduler
ExitCode    0
Name    MBAMScheduler
PathName    "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="MBAMService"
    
Property    Value
Caption    MBAMService
Description    Malwarebytes Anti-Malware service
DisplayName    MBAMService
ExitCode    0
Name    MBAMService
PathName    "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="Mcx2Svc"
    
Property    Value
Caption    Media Center Extender Service
Description    Allows Media Center Extenders to locate and connect to the computer.
DisplayName    Media Center Extender Service
ExitCode    1077
Name    Mcx2Svc
PathName    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="MMCSS"
    
Property    Value
Caption    Multimedia Class Scheduler
Description    Enables relative prioritization of work based on system-wide task priorities. This is intended mainly for multimedia applications. If this service is stopped, individual tasks resort to their default priority.
DisplayName    Multimedia Class Scheduler
ExitCode    0
Name    MMCSS
PathName    C:\Windows\system32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="MozillaMaintenance"
    
Property    Value
Caption    Mozilla Maintenance Service
Description    The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled.
DisplayName    Mozilla Maintenance Service
ExitCode    1077
Name    MozillaMaintenance
PathName    "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="MpsSvc"
    
Property    Value
Caption    Windows Firewall
Description    Windows Firewall helps protect your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network.
DisplayName    Windows Firewall
ExitCode    0
Name    MpsSvc
PathName    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="MSDTC"
    
Property    Value
Caption    Distributed Transaction Coordinator
Description    Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will fail. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Distributed Transaction Coordinator
ExitCode    1077
Name    MSDTC
PathName    C:\Windows\System32\msdtc.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="MSiSCSI"
    
Property    Value
Caption    Microsoft iSCSI Initiator Service
Description    Manages Internet SCSI (iSCSI) sessions from this computer to remote iSCSI target devices. If this service is stopped, this computer will not be able to login or access iSCSI targets. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Microsoft iSCSI Initiator Service
ExitCode    1077
Name    MSiSCSI
PathName    C:\Windows\system32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="msiserver"
    
Property    Value
Caption    Windows Installer
Description    Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Windows Installer
ExitCode    1077
Name    msiserver
PathName    C:\Windows\System32\msiexec.exe /V
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="MsMpSvc"
    
Property    Value
Caption    Microsoft Antimalware Service
Description    Helps protect users from malware and other potentially unwanted software
DisplayName    Microsoft Antimalware Service
ExitCode    0
Name    MsMpSvc
PathName    "c:\Program Files\Microsoft Security Client\MsMpEng.exe"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="napagent"
    
Property    Value
Caption    Network Access Protection Agent
Description    The Network Access Protection (NAP) agent service collects and manages health information for client computers on a network. Information collected by NAP agent is used to make sure that the client computer has the required software and settings. If a client computer is not compliant with health policy, it can be provided with restricted network access until its configuration is updated. Depending on the configuration of health policy, client computers might be automatically updated so that users quickly regain full network access without having to manually update their computer.
DisplayName    Network Access Protection Agent
ExitCode    1077
Name    napagent
PathName    C:\Windows\System32\svchost.exe -k NetworkService
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="Nero BackItUp Scheduler 4.0"
    
Property    Value
Caption    Nero BackItUp Scheduler 4.0
Description    Nero BackItUp Scheduler 4.0 is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP.
DisplayName    Nero BackItUp Scheduler 4.0
ExitCode    1077
Name    Nero BackItUp Scheduler 4.0
PathName    C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="Netlogon"
    
Property    Value
Caption    Netlogon
Description    Maintains a secure channel between this computer and the domain controller for authenticating users and services. If this service is stopped, the computer may not authenticate users and services and the domain controller cannot register DNS records. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Netlogon
ExitCode    1077
Name    Netlogon
PathName    C:\Windows\system32\lsass.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="Netman"
    
Property    Value
Caption    Network Connections
Description    Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
DisplayName    Network Connections
ExitCode    0
Name    Netman
PathName    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="NetMsmqActivator"
    
Property    Value
Caption    Net.Msmq Listener Adapter
Description    Receives activation requests over the net.msmq and msmq.formatname protocols and passes them to the Windows Process Activation Service.
DisplayName    Net.Msmq Listener Adapter
ExitCode    1077
Name    NetMsmqActivator
PathName    "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="NetPipeActivator"
    
Property    Value
Caption    Net.Pipe Listener Adapter
Description    Receives activation requests over the net.pipe protocol and passes them to the Windows Process Activation Service.
DisplayName    Net.Pipe Listener Adapter
ExitCode    1077
Name    NetPipeActivator
PathName    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="netprofm"
    
Property    Value
Caption    Network List Service
Description    Identifies the networks to which the computer has connected, collects and stores properties for these networks, and notifies applications when these properties change.
DisplayName    Network List Service
ExitCode    0
Name    netprofm
PathName    C:\Windows\System32\svchost.exe -k LocalService
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="NetTcpActivator"
    
Property    Value
Caption    Net.Tcp Listener Adapter
Description    Receives activation requests over the net.tcp protocol and passes them to the Windows Process Activation Service.
DisplayName    Net.Tcp Listener Adapter
ExitCode    1077
Name    NetTcpActivator
PathName    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="NetTcpPortSharing"
    
Property    Value
Caption    Net.Tcp Port Sharing Service
Description    Provides ability to share TCP ports over the net.tcp protocol.
DisplayName    Net.Tcp Port Sharing Service
ExitCode    1077
Name    NetTcpPortSharing
PathName    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="NisSrv"
    
Property    Value
Caption    Microsoft Network Inspection
Description    Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols
DisplayName    Microsoft Network Inspection
ExitCode    0
Name    NisSrv
PathName    "c:\Program Files\Microsoft Security Client\NisSrv.exe"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="NlaSvc"
    
Property    Value
Caption    Network Location Awareness
Description    Collects and stores configuration information for the network and notifies programs when this information is modified. If this service is stopped, configuration information might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Network Location Awareness
ExitCode    0
Name    NlaSvc
PathName    C:\Windows\System32\svchost.exe -k NetworkService
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="nsi"
    
Property    Value
Caption    Network Store Interface Service
Description    This service delivers network notifications (e.g. interface addition/deleting etc) to user mode clients. Stopping this service will cause loss of network connectivity. If this service is disabled, any other services that explicitly depend on this service will fail to start.
DisplayName    Network Store Interface Service
ExitCode    0
Name    nsi
PathName    C:\Windows\system32\svchost.exe -k LocalService
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="NTI IScheduleSvc"
    
Property    Value
Caption    NTI IScheduleSvc
Description    NTI IShadow Manage backup/Sync jobs and etc...
DisplayName    NTI IScheduleSvc
ExitCode    1077
Name    NTI IScheduleSvc
PathName    C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="ose"
    
Property    Value
Caption    Office Source Engine
Description    Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.
DisplayName    Office Source Engine
ExitCode    1077
Name    ose
PathName    "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="osppsvc"
    
Property    Value
Caption    Office Software Protection Platform
Description    Office Software Protection Platform Service (unlocalized description)
DisplayName    Office Software Protection Platform
ExitCode    1077
Name    osppsvc
PathName    "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="p2pimsvc"
    
Property    Value
Caption    Peer Networking Identity Manager
Description    Provides identity services for the Peer Name Resolution Protocol (PNRP) and Peer-to-Peer Grouping services. If disabled, the Peer Name Resolution Protocol (PNRP) and Peer-to-Peer Grouping services may not function, and some applications, such as HomeGroup and Remote Assistance, may not function correctly.
DisplayName    Peer Networking Identity Manager
ExitCode    1077
Name    p2pimsvc
PathName    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="p2psvc"
    
Property    Value
Caption    Peer Networking Grouping
Description    Enables multi-party communication using Peer-to-Peer Grouping. If disabled, some applications, such as HomeGroup, may not function.
DisplayName    Peer Networking Grouping
ExitCode    1077
Name    p2psvc
PathName    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="PcaSvc"
    
Property    Value
Caption    Program Compatibility Assistant Service
Description    This service provides support for the Program Compatibility Assistant (PCA). PCA monitors programs installed and run by the user and detects known compatibility problems. If this service is stopped, PCA will not function properly.
DisplayName    Program Compatibility Assistant Service
ExitCode    1077
Name    PcaSvc
PathName    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="PerfHost"
    
Property    Value
Caption    Performance Counter DLL Host
Description    Enables remote users and 64-bit processes to query performance counters provided by 32-bit DLLs. If this service is stopped, only local users and 32-bit processes will be able to query performance counters provided by 32-bit DLLs.
DisplayName    Performance Counter DLL Host
ExitCode    1077
Name    PerfHost
PathName    C:\Windows\SysWow64\perfhost.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="pla"
    
Property    Value
Caption    Performance Logs & Alerts
Description    Performance Logs and Alerts Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Performance Logs & Alerts
ExitCode    0
Name    pla
PathName    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="PlugPlay"
    
Property    Value
Caption    Plug and Play
Description    Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
DisplayName    Plug and Play
ExitCode    0
Name    PlugPlay
PathName    C:\Windows\system32\svchost.exe -k DcomLaunch
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="PNRPAutoReg"
    
Property    Value
Caption    PNRP Machine Name Publication Service
Description    This service publishes a machine name using the Peer Name Resolution Protocol. Configuration is managed via the netsh context 'p2p pnrp peer'
DisplayName    PNRP Machine Name Publication Service
ExitCode    1077
Name    PNRPAutoReg
PathName    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="PNRPsvc"
    
Property    Value
Caption    Peer Name Resolution Protocol
Description    Enables serverless peer name resolution over the Internet using the Peer Name Resolution Protocol (PNRP). If disabled, some peer-to-peer and collaborative applications, such as Remote Assistance, may not function.
DisplayName    Peer Name Resolution Protocol
ExitCode    1077
Name    PNRPsvc
PathName    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="PolicyAgent"
    
Property    Value
Caption    IPsec Policy Agent
Description    Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool "netsh ipsec". If you stop this service, you may experience network connectivity issues if your policy requires that connections use IPsec. Also,remote management of Windows Firewall is not available when this service is stopped.
DisplayName    IPsec Policy Agent
ExitCode    0
Name    PolicyAgent
PathName    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="Power"
    
Property    Value
Caption    Power
Description    Manages power policy and power policy notification delivery.
DisplayName    Power
ExitCode    0
Name    Power
PathName    C:\Windows\system32\svchost.exe -k DcomLaunch
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="ProfSvc"
    
Property    Value
Caption    User Profile Service
Description    This service is responsible for loading and unloading user profiles. If this service is stopped or disabled, users will no longer be able to successfully logon or logoff, applications may have problems getting to users' data, and components registered to receive profile event notifications will not receive them.
DisplayName    User Profile Service
ExitCode    0
Name    ProfSvc
PathName    C:\Windows\system32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="ProtectedStorage"
    
Property    Value
Caption    Protected Storage
Description    Provides protected storage for sensitive data, such as passwords, to prevent access by unauthorized services, processes, or users.
DisplayName    Protected Storage
ExitCode    1077
Name    ProtectedStorage
PathName    C:\Windows\system32\lsass.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="QWAVE"
    
Property    Value
Caption    Quality Windows Audio Video Experience
Description    Quality Windows Audio Video Experience (qWave) is a networking platform for Audio Video (AV) streaming applications on IP home networks. qWave enhances AV streaming performance and reliability by ensuring network quality-of-service (QoS) for AV applications. It provides mechanisms for admission control, run time monitoring and enforcement, application feedback, and traffic prioritization.
DisplayName    Quality Windows Audio Video Experience
ExitCode    1077
Name    QWAVE
PathName    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="RasAuto"
    
Property    Value
Caption    Remote Access Auto Connection Manager
Description    Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
DisplayName    Remote Access Auto Connection Manager
ExitCode    1077
Name    RasAuto
PathName    C:\Windows\System32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="RasMan"
    
Property    Value
Caption    Remote Access Connection Manager
Description    Manages dial-up and virtual private network (VPN) connections from this computer to the Internet or other remote networks. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Remote Access Connection Manager
ExitCode    1077
Name    RasMan
PathName    C:\Windows\System32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="RemoteAccess"
    
Property    Value
Caption    Routing and Remote Access
Description    Offers routing services to businesses in local area and wide area network environments.
DisplayName    Routing and Remote Access
ExitCode    1077
Name    RemoteAccess
PathName    C:\Windows\System32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="RemoteRegistry"
    
Property    Value
Caption    Remote Registry
Description    Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Remote Registry
ExitCode    1077
Name    RemoteRegistry
PathName    C:\Windows\system32\svchost.exe -k regsvc
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="RpcEptMapper"
    
Property    Value
Caption    RPC Endpoint Mapper
Description    Resolves RPC interfaces identifiers to transport endpoints. If this service is stopped or disabled, programs using Remote Procedure Call (RPC) services will not function properly.
DisplayName    RPC Endpoint Mapper
ExitCode    0
Name    RpcEptMapper
PathName    C:\Windows\system32\svchost.exe -k RPCSS
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="RpcLocator"
    
Property    Value
Caption    Remote Procedure Call (RPC) Locator
Description    In Windows 2003 and earlier versions of Windows, the Remote Procedure Call (RPC) Locator service manages the RPC name service database. In Windows Vista and later versions of Windows, this service does not provide any functionality and is present for application compatibility.
DisplayName    Remote Procedure Call (RPC) Locator
ExitCode    1077
Name    RpcLocator
PathName    C:\Windows\system32\locator.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="RpcSs"
    
Property    Value
Caption    Remote Procedure Call (RPC)
Description    The RPCSS service is the Service Control Manager for COM and DCOM servers. It performs object activations requests, object exporter resolutions and distributed garbage collection for COM and DCOM servers. If this service is stopped or disabled, programs using COM or DCOM will not function properly. It is strongly recommended that you have the RPCSS service running
DisplayName    Remote Procedure Call (RPC)
ExitCode    0
Name    RpcSs
PathName    C:\Windows\system32\svchost.exe -k rpcss
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="SamSs"
    
Property    Value
Caption    Security Accounts Manager
Description    The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests. Disabling this service will prevent other services in the system from being notified when the SAM is ready, which may in turn cause those services to fail to start correctly. This service should not be disabled.
DisplayName    Security Accounts Manager
ExitCode    0
Name    SamSs
PathName    C:\Windows\system32\lsass.exe
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="SCardSvr"
    
Property    Value
Caption    Smart Card
Description    Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Smart Card
ExitCode    1077
Name    SCardSvr
PathName    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="Schedule"
    
Property    Value
Caption    Task Scheduler
Description    Enables a user to configure and schedule automated tasks on this computer. The service also hosts multiple Windows system-critical tasks. If this service is stopped or disabled, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Task Scheduler
ExitCode    0
Name    Schedule
PathName    C:\Windows\system32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="SCPolicySvc"
    
Property    Value
Caption    Smart Card Removal Policy
Description    Allows the system to be configured to lock the user desktop upon smart card removal.
DisplayName    Smart Card Removal Policy
ExitCode    1077
Name    SCPolicySvc
PathName    C:\Windows\system32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="SDRSVC"
    
Property    Value
Caption    Windows Backup
Description    Provides Windows Backup and Restore capabilities.
DisplayName    Windows Backup
ExitCode    1077
Name    SDRSVC
PathName    C:\Windows\system32\svchost.exe -k SDRSVC
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="seclogon"
    
Property    Value
Caption    Secondary Logon
Description    Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Secondary Logon
ExitCode    1077
Name    seclogon
PathName    C:\Windows\system32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="SENS"
    
Property    Value
Caption    System Event Notification Service
Description    Monitors system events and notifies subscribers to COM+ Event System of these events.
DisplayName    System Event Notification Service
ExitCode    0
Name    SENS
PathName    C:\Windows\system32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="SensrSvc"
    
Property    Value
Caption    Adaptive Brightness
Description    Monitors ambient light sensors to detect changes in ambient light and adjust the display brightness. If this service is stopped or disabled, the display brightness will not adapt to lighting conditions.
DisplayName    Adaptive Brightness
ExitCode    1077
Name    SensrSvc
PathName    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="SessionEnv"
    
Property    Value
Caption    Remote Desktop Configuration
Description    Remote Desktop Configuration service (RDCS) is responsible for all Remote Desktop Services and Remote Desktop related configuration and session maintenance activities that require SYSTEM context. These include per-session temporary folders, RD themes, and RD certificates.
DisplayName    Remote Desktop Configuration
ExitCode    1077
Name    SessionEnv
PathName    C:\Windows\System32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="sftlist"
    
Property    Value
Caption    Application Virtualization Client
Description    Streams and manages applications.
DisplayName    Application Virtualization Client
ExitCode    0
Name    sftlist
PathName    "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="sftvsa"
    
Property    Value
Caption    Application Virtualization Service Agent
Description    Monitors global service events and launches virtual services.
DisplayName    Application Virtualization Service Agent
ExitCode    0
Name    sftvsa
PathName    "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="SharedAccess"
    
Property    Value
Caption    Internet Connection Sharing (ICS)
Description    Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
DisplayName    Internet Connection Sharing (ICS)
ExitCode    1077
Name    SharedAccess
PathName    C:\Windows\System32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="ShellHWDetection"
    
Property    Value
Caption    Shell Hardware Detection
Description    Provides notifications for AutoPlay hardware events.
DisplayName    Shell Hardware Detection
ExitCode    1077
Name    ShellHWDetection
PathName    C:\Windows\System32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="SNMPTRAP"



#13 samymaarten

samymaarten
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 19 June 2015 - 03:00 AM

Property    Value
Caption    SNMP Trap
Description    Receives trap messages generated by local or remote Simple Network Management Protocol (SNMP) agents and forwards the messages to SNMP management programs running on this computer. If this service is stopped, SNMP-based programs on this computer will not receive SNMP trap messages. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    SNMP Trap
ExitCode    1077
Name    SNMPTRAP
PathName    C:\Windows\System32\snmptrap.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="Spooler"
    
Property    Value
Caption    Print Spooler
Description    Loads files to memory for later printing
DisplayName    Print Spooler
ExitCode    1077
Name    Spooler
PathName    C:\Windows\System32\spoolsv.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="sppsvc"
    
Property    Value
Caption    Software Protection
Description    Enables the download, installation and enforcement of digital licenses for Windows and Windows applications. If the service is disabled, the operating system and licensed applications may run in a notification mode. It is strongly recommended that you not disable the Software Protection service.
DisplayName    Software Protection
ExitCode    0
Name    sppsvc
PathName    C:\Windows\system32\sppsvc.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="sppuinotify"
    
Property    Value
Caption    SPP Notification Service
Description    Provides Software Licensing activation and notification
DisplayName    SPP Notification Service
ExitCode    1077
Name    sppuinotify
PathName    C:\Windows\system32\svchost.exe -k LocalService
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="SSDPSRV"
    
Property    Value
Caption    SSDP Discovery
Description    Discovers networked devices and services that use the SSDP discovery protocol, such as UPnP devices. Also announces SSDP devices and services running on the local computer. If this service is stopped, SSDP-based devices will not be discovered. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    SSDP Discovery
ExitCode    1077
Name    SSDPSRV
PathName    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="SstpSvc"
    
Property    Value
Caption    Secure Socket Tunneling Protocol Service
Description    Provides support for the Secure Socket Tunneling Protocol (SSTP) to connect to remote computers using VPN. If this service is disabled, users will not be able to use SSTP to access remote servers.
DisplayName    Secure Socket Tunneling Protocol Service
ExitCode    1077
Name    SstpSvc
PathName    C:\Windows\system32\svchost.exe -k LocalService
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="stisvc"
    
Property    Value
Caption    Windows Image Acquisition (WIA)
Description    Provides image acquisition services for scanners and cameras
DisplayName    Windows Image Acquisition (WIA)
ExitCode    1068
Name    stisvc
PathName    C:\Windows\system32\svchost.exe -k imgsvc
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="swprv"
    
Property    Value
Caption    Microsoft Software Shadow Copy Provider
Description    Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Microsoft Software Shadow Copy Provider
ExitCode    1077
Name    swprv
PathName    C:\Windows\System32\svchost.exe -k swprv
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="SysMain"
    
Property    Value
Caption    Superfetch
Description    Maintains and improves system performance over time.
DisplayName    Superfetch
ExitCode    0
Name    SysMain
PathName    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="TabletInputService"
    
Property    Value
Caption    Tablet PC Input Service
Description    Enables Tablet PC pen and ink functionality
DisplayName    Tablet PC Input Service
ExitCode    1077
Name    TabletInputService
PathName    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="TapiSrv"
    
Property    Value
Caption    Telephony
Description    Provides Telephony API (TAPI) support for programs that control telephony devices on the local computer and, through the LAN, on servers that are also running the service.
DisplayName    Telephony
ExitCode    1077
Name    TapiSrv
PathName    C:\Windows\System32\svchost.exe -k NetworkService
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="TBS"
    
Property    Value
Caption    TPM Base Services
Description    Enables access to the Trusted Platform Module (TPM), which provides hardware-based cryptographic services to system components and applications. If this service is stopped or disabled, applications will be unable to use keys protected by the TPM.
DisplayName    TPM Base Services
ExitCode    1077
Name    TBS
PathName    C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="TermService"
    
Property    Value
Caption    Remote Desktop Services
Description    Allows users to connect interactively to a remote computer. Remote Desktop and Remote Desktop Session Host Server depend on this service. To prevent remote use of this computer, clear the checkboxes on the Remote tab of the System properties control panel item.
DisplayName    Remote Desktop Services
ExitCode    1077
Name    TermService
PathName    C:\Windows\System32\svchost.exe -k NetworkService
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="Themes"
    
Property    Value
Caption    Themes
Description    Provides user experience theme management.
DisplayName    Themes
ExitCode    0
Name    Themes
PathName    C:\Windows\System32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="THREADORDER"
    
Property    Value
Caption    Thread Ordering Server
Description    Provides ordered execution for a group of threads within a specific period of time.
DisplayName    Thread Ordering Server
ExitCode    1077
Name    THREADORDER
PathName    C:\Windows\system32\svchost.exe -k LocalService
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="TrkWks"
    
Property    Value
Caption    Distributed Link Tracking Client
Description    Maintains links between NTFS files within a computer or across computers in a network.
DisplayName    Distributed Link Tracking Client
ExitCode    1077
Name    TrkWks
PathName    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="TrustedInstaller"
    
Property    Value
Caption    Windows Modules Installer
Description    Enables installation, modification, and removal of Windows updates and optional components. If this service is disabled, install or uninstall of Windows updates might fail for this computer.
DisplayName    Windows Modules Installer
ExitCode    0
Name    TrustedInstaller
PathName    C:\Windows\servicing\TrustedInstaller.exe
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="TuneUp.UtilitiesSvc"
    
Property    Value
Caption    AVG PC TuneUp Service
Description    This service analyzes the usage of your computer in the background, enabling automatic usage-dependent optimizations. All of its functions can be set in AVG PC TuneUp. If you stop or disable this service, parts of AVG PC TuneUp will not work anymore.
DisplayName    AVG PC TuneUp Service
ExitCode    0
Name    TuneUp.UtilitiesSvc
PathName    "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="TurboBoost"
    
Property    Value
Caption    TurboBoost
DisplayName    TurboBoost
ExitCode    1077
Name    TurboBoost
PathName    "C:\Program Files\Intel\TurboBoost\TurboBoost.exe"
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="UI0Detect"
    
Property    Value
Caption    Interactive Services Detection
Description    Enables user notification of user input for interactive services, which enables access to dialogs created by interactive services when they appear. If this service is stopped, notifications of new interactive service dialogs will no longer function and there might not be access to interactive service dialogs. If this service is disabled, both notifications of and access to new interactive service dialogs will no longer function.
DisplayName    Interactive Services Detection
ExitCode    1077
Name    UI0Detect
PathName    C:\Windows\system32\UI0Detect.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="UNS"
    
Property    Value
Caption    Intel® Management & Security Application User Notification Service
Description    Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device.
DisplayName    Intel® Management & Security Application User Notification Service
ExitCode    0
Name    UNS
PathName    "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="Updater Service"
    
Property    Value
Caption    Updater Service
DisplayName    Updater Service
ExitCode    1077
Name    Updater Service
PathName    C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="upnphost"
    
Property    Value
Caption    UPnP Device Host
Description    Allows UPnP devices to be hosted on this computer. If this service is stopped, any hosted UPnP devices will stop functioning and no additional hosted devices can be added. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    UPnP Device Host
ExitCode    1077
Name    upnphost
PathName    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="UxSms"
    
Property    Value
Caption    Desktop Window Manager Session Manager
Description    Provides Desktop Window Manager startup and maintenance services
DisplayName    Desktop Window Manager Session Manager
ExitCode    0
Name    UxSms
PathName    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="UxTuneUp"
    
Property    Value
Caption    AVG Theme Extension
Description    Allows to use visual styles without Microsoft signature.
DisplayName    AVG Theme Extension
ExitCode    0
Name    UxTuneUp
PathName    C:\Windows\System32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="VaultSvc"
    
Property    Value
Caption    Credential Manager
Description    Provides secure storage and retrieval of credentials to users, applications and security service packages.
DisplayName    Credential Manager
ExitCode    1077
Name    VaultSvc
PathName    C:\Windows\system32\lsass.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="vds"
    
Property    Value
Caption    Virtual Disk
Description    Provides management services for disks, volumes, file systems, and storage arrays.
DisplayName    Virtual Disk
ExitCode    1077
Name    vds
PathName    C:\Windows\System32\vds.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="VSS"
    
Property    Value
Caption    Volume Shadow Copy
Description    Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Volume Shadow Copy
ExitCode    1077
Name    VSS
PathName    C:\Windows\system32\vssvc.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="W32Time"
    
Property    Value
Caption    Windows Time
Description    Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Windows Time
ExitCode    0
Name    W32Time
PathName    C:\Windows\system32\svchost.exe -k LocalService
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="WatAdminSvc"
    
Property    Value
Caption    Windows Activation Technologies Service
Description    Performs Windows 7 Validation.
DisplayName    Windows Activation Technologies Service
ExitCode    1077
Name    WatAdminSvc
PathName    C:\Windows\system32\Wat\WatAdminSvc.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="wbengine"
    
Property    Value
Caption    Block Level Backup Engine Service
Description    The WBENGINE service is used by Windows Backup to perform backup and recovery operations. If this service is stopped by a user, it may cause the currently running backup or recovery operation to fail. Disabling this service may disable backup and recovery operations using Windows Backup on this computer.
DisplayName    Block Level Backup Engine Service
ExitCode    1077
Name    wbengine
PathName    "C:\Windows\system32\wbengine.exe"
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="WbioSrvc"
    
Property    Value
Caption    Windows Biometric Service
Description    The Windows biometric service gives client applications the ability to capture, compare, manipulate, and store biometric data without gaining direct access to any biometric hardware or samples. The service is hosted in a privileged SVCHOST process.
DisplayName    Windows Biometric Service
ExitCode    1077
Name    WbioSrvc
PathName    C:\Windows\system32\svchost.exe -k WbioSvcGroup
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="wcncsvc"
    
Property    Value
Caption    Windows Connect Now - Config Registrar
Description    WCNCSVC hosts the Windows Connect Now Configuration which is Microsoft's Implementation of Wi-Fi Protected Setup (WPS) protocol. This is used to configure Wireless LAN settings for an Access Point (AP) or a Wi-Fi Device. The service is started programmatically as needed.
DisplayName    Windows Connect Now - Config Registrar
ExitCode    0
Name    wcncsvc
PathName    C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="WcsPlugInService"
    
Property    Value
Caption    Windows Color System
Description    The WcsPlugInService service hosts third-party Windows Color System color device model and gamut map model plug-in modules. These plug-in modules are vendor-specific extensions to the Windows Color System baseline color device and gamut map models. Stopping or disabling the WcsPlugInService service will disable this extensibility feature, and the Windows Color System will use its baseline model processing rather than the vendor's desired processing. This might result in inaccurate color rendering.
DisplayName    Windows Color System
ExitCode    1077
Name    WcsPlugInService
PathName    C:\Windows\system32\svchost.exe -k wcssvc
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="WdiServiceHost"
    
Property    Value
Caption    Diagnostic Service Host
Description    The Diagnostic Service Host is used by the Diagnostic Policy Service to host diagnostics that need to run in a Local Service context. If this service is stopped, any diagnostics that depend on it will no longer function.
DisplayName    Diagnostic Service Host
ExitCode    0
Name    WdiServiceHost
PathName    C:\Windows\System32\svchost.exe -k LocalService
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="WdiSystemHost"
    
Property    Value
Caption    Diagnostic System Host
Description    The Diagnostic System Host is used by the Diagnostic Policy Service to host diagnostics that need to run in a Local System context. If this service is stopped, any diagnostics that depend on it will no longer function.
DisplayName    Diagnostic System Host
ExitCode    0
Name    WdiSystemHost
PathName    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="WebClient"
    
Property    Value
Caption    WebClient
Description    Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    WebClient
ExitCode    1077
Name    WebClient
PathName    C:\Windows\system32\svchost.exe -k LocalService
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="Wecsvc"
    
Property    Value
Caption    Windows Event Collector
Description    This service manages persistent subscriptions to events from remote sources that support WS-Management protocol. This includes Windows Vista event logs, hardware and IPMI-enabled event sources. The service stores forwarded events in a local Event Log. If this service is stopped or disabled event subscriptions cannot be created and forwarded events cannot be accepted.
DisplayName    Windows Event Collector
ExitCode    1077
Name    Wecsvc
PathName    C:\Windows\system32\svchost.exe -k NetworkService
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="wercplsupport"
    
Property    Value
Caption    Problem Reports and Solutions Control Panel Support
Description    This service provides support for viewing, sending and deletion of system-level problem reports for the Problem Reports and Solutions control panel.
DisplayName    Problem Reports and Solutions Control Panel Support
ExitCode    0
Name    wercplsupport
PathName    C:\Windows\System32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="WerSvc"
    
Property    Value
Caption    Windows Error Reporting Service
Description    Allows errors to be reported when programs stop working or responding and allows existing solutions to be delivered. Also allows logs to be generated for diagnostic and repair services. If this service is stopped, error reporting might not work correctly and results of diagnostic services and repairs might not be displayed.
DisplayName    Windows Error Reporting Service
ExitCode    0
Name    WerSvc
PathName    C:\Windows\System32\svchost.exe -k WerSvcGroup
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="WiMAXAppSrv"
    
Property    Value
Caption    Intel® PROSet/Wireless WiMAX Service
Description    WiMAX SDK Service for Intel® PROSet/Wireless WiMAX Software
DisplayName    Intel® PROSet/Wireless WiMAX Service
ExitCode    0
Name    WiMAXAppSrv
PathName    "C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="WinDefend"
    
Property    Value
Caption    Windows Defender
Description    Protection against spyware and potentially unwanted software
DisplayName    Windows Defender
ExitCode    1077
Name    WinDefend
PathName    C:\Windows\System32\svchost.exe -k secsvcs
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="WinHttpAutoProxySvc"
    
Property    Value
Caption    WinHTTP Web Proxy Auto-Discovery Service
Description    WinHTTP implements the client HTTP stack and provides developers with a Win32 API and COM Automation component for sending HTTP requests and receiving responses. In addition, WinHTTP provides support for auto-discovering a proxy configuration via its implementation of the Web Proxy Auto-Discovery (WPAD) protocol.
DisplayName    WinHTTP Web Proxy Auto-Discovery Service
ExitCode    0
Name    WinHttpAutoProxySvc
PathName    C:\Windows\system32\svchost.exe -k LocalService
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="Winmgmt"
    
Property    Value
Caption    Windows Management Instrumentation
Description    Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName    Windows Management Instrumentation
ExitCode    0
Name    Winmgmt
PathName    C:\Windows\system32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="WinRM"
    
Property    Value
Caption    Windows Remote Management (WS-Management)
Description    Windows Remote Management (WinRM) service implements the WS-Management protocol for remote management. WS-Management is a standard web services protocol used for remote software and hardware management. The WinRM service listens on the network for WS-Management requests and processes them. The WinRM Service needs to be configured with a listener using winrm.cmd command line tool or through Group Policy in order for it to listen over the network. The WinRM service provides access to WMI data and enables event collection. Event collection and subscription to events require that the service is running. WinRM messages use HTTP and HTTPS as transports. The WinRM service does not depend on IIS but is preconfigured to share a port with IIS on the same machine. The WinRM service reserves the /wsman URL prefix. To prevent conflicts with IIS, administrators should ensure that any websites hosted on IIS do not use the /wsman URL prefix.
DisplayName    Windows Remote Management (WS-Management)
ExitCode    1077
Name    WinRM
PathName    C:\Windows\System32\svchost.exe -k NetworkService
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="Wlansvc"
    
Property    Value
Caption    WLAN AutoConfig
Description    The WLANSVC service provides the logic required to configure, discover, connect to, and disconnect from a wireless local area network (WLAN) as defined by IEEE 802.11 standards. It also contains the logic to turn your computer into a software access point so that other devices or computers can connect to your computer wirelessly using a WLAN adapter that can support this. Stopping or disabling the WLANSVC service will make all WLAN adapters on your computer inaccessible from the Windows networking UI. It is strongly recommended that you have the WLANSVC service running if your computer has a WLAN adapter.
DisplayName    WLAN AutoConfig
ExitCode    0
Name    Wlansvc
PathName    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="wlcrasvc"
    
Property    Value
Caption    Windows Live Mesh remote connections service
Description    Lets you connect over the Internet to this computer and work on it as if you were sitting in front it - you can run the programs on it and browse all the files and folders on it.
DisplayName    Windows Live Mesh remote connections service
ExitCode    1077
Name    wlcrasvc
PathName    "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe"
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="wlidsvc"
    
Property    Value
Caption    Windows Live ID Sign-in Assistant
Description    Enables Windows Live ID authentication.
DisplayName    Windows Live ID Sign-in Assistant
ExitCode    0
Name    wlidsvc
PathName    "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="wmiApSrv"
    
Property    Value
Caption    WMI Performance Adapter
Description    Provides performance library information from Windows Management Instrumentation (WMI) providers to clients on the network. This service only runs when Performance Data Helper is activated.
DisplayName    WMI Performance Adapter
ExitCode    1077
Name    wmiApSrv
PathName    C:\Windows\system32\wbem\WmiApSrv.exe
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="WMPNetworkSvc"
    
Property    Value
Caption    Windows Media Player Network Sharing Service
Description    Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play
DisplayName    Windows Media Player Network Sharing Service
ExitCode    0
Name    WMPNetworkSvc
PathName    "C:\Program Files\Windows Media Player\wmpnetwk.exe"
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="WPCSvc"
    
Property    Value
Caption    Parental Controls
Description    This service is a stub for Windows Parental Control functionality that existed in Vista. It is provided for backward compatibility only.
DisplayName    Parental Controls
ExitCode    1077
Name    WPCSvc
PathName    C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="WPDBusEnum"
    
Property    Value
Caption    Portable Device Enumerator Service
Description    Enforces group policy for removable mass-storage devices. Enables applications such as Windows Media Player and Image Import Wizard to transfer and synchronize content using removable mass-storage devices.
DisplayName    Portable Device Enumerator Service
ExitCode    1077
Name    WPDBusEnum
PathName    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="wscsvc"
    
Property    Value
Caption    Security Center
Description    The WSCSVC (Windows Security Center) service monitors and reports security health settings on the computer. The health settings include firewall (on/off), antivirus (on/off/out of date), antispyware (on/off/out of date), Windows Update (automatically/manually download and install updates), User Account Control (on/off), and Internet settings (recommended/not recommended). The service provides COM APIs for independent software vendors to register and record the state of their products to the Security Center service. The Action Center (AC) UI uses the service to provide systray alerts and a graphical view of the security health states in the AC control panel. Network Access Protection (NAP) uses the service to report the security health states of clients to the NAP Network Policy Server to make network quarantine decisions. The service also has a public API that allows external consumers to programmatically retrieve the aggregated security health state of the system.
DisplayName    Security Center
ExitCode    0
Name    wscsvc
PathName    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="WSearch"
    
Property    Value
Caption    Windows Search
Description    Provides content indexing, property caching, and search results for files, e-mail, and other content.
DisplayName    Windows Search
ExitCode    1077
Name    WSearch
PathName    C:\Windows\system32\SearchIndexer.exe /Embedding
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="wuauserv"
    
Property    Value
Caption    Windows Update
Description    Enables the detection, download, and installation of updates for Windows and other programs. If this service is disabled, users of this computer will not be able to use Windows Update or its automatic updating feature, and programs will not be able to use the Windows Update Agent (WUA) API.
DisplayName    Windows Update
ExitCode    0
Name    wuauserv
PathName    C:\Windows\system32\svchost.exe -k netsvcs
ServiceSpecificExitCode    0
Started    True
State    Running
    Win32_Service.Name="wudfsvc"
    
Property    Value
Caption    Windows Driver Foundation - User-mode Driver Framework
Description    Creates and manages user-mode driver processes. This service cannot be stopped.
DisplayName    Windows Driver Foundation - User-mode Driver Framework
ExitCode    1077
Name    wudfsvc
PathName    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
ServiceSpecificExitCode    0
Started    False
State    Stopped
    Win32_Service.Name="WwanSvc"
    
Property    Value
Caption    WWAN AutoConfig
Description    This service manages mobile broadband (GSM & CDMA) data card/embedded module adapters and connections by auto-configuring the networks. It is strongly recommended that this service be kept running for best user experience of mobile broadband devices.
DisplayName    WWAN AutoConfig
ExitCode    1077
Name    WwanSvc
PathName    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
ServiceSpecificExitCode    0
Started    False
State    Stopped
Abnormally Stopped System Services
   
A service is reported as having an unexpected error code
One or more services has failed. The service did not stop gracefully, suggesting the service may have crashed or one of its components stopped in an unsupported way.
Service exited with code not equal to 0 or 1077
Restart the service
    Top: of  2
    Service
    HomeGroupProvider
    
Display Name:    HomeGroup Provider
Exit Code:    1068
Service Name:    HomeGroupProvider
Path:    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Service Code:    0
Started:    False
State:    Stopped
    stisvc
    
Display Name:    Windows Image Acquisition (WIA)
Exit Code:    1068
Service Name:    stisvc
Path:    C:\Windows\system32\svchost.exe -k imgsvc
Service Code:    0
Started:    False
State:    Stopped
Workstation Service    Top: of  1
    Service
    LanmanWorkstation
    
Display Name:    Workstation
Exit Code:    0
Service Name:    LanmanWorkstation
Path:    C:\Windows\System32\svchost.exe -k NetworkService
Service Code:    0
Started:    True
State:    Running
Startup Programs    
Startup Programs    Top: of  6
Startup Item    Command
SynTPEnh    %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSC    "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
LManager    C:\Program Files (x86)\Launch Manager\LManager.exe
AVG_UI    "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
Adobe ARM    "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
AvastUI.exe    "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
Hardware Configuration    
    
Disk Checks    
SMART Disk Status    Top: of  1
    Query    Query Result
    root\wmi:SELECT * FROM MSStorageDriver_FailurePredictStatus WHERE PredictFailure = true    0x0
    
    Returned Objects
Logical Disk Dirty Bit Set    Top: of  1
    Query    Query Result
    root\cimv2:SELECT __Relpath, Name, Description, FileSystem, VolumeDirty FROM Win32_LogicalDisk Where DriveType = 3 and VolumeDirty = true    0x0
    
    Returned Objects
System    
IRQ    Top: of  18
Description    Affinity    IRQ
ACPI\PNP0100\4&BAA10F&0    0xFFFFFFFF    0
ACPI\PNP0303\4&BAA10F&0    0xFFFFFFFF    1
ACPI\PNP0B00\4&BAA10F&0    0xFFFFFFFF    8
PCI\VEN_8086&DEV_3B30&SUBSYS_036D1025&REV_05\3&11583659&0&FB    0xFFFFFFFF    10
ACPI\SYN1B16\4&BAA10F&0    0xFFFFFFFF    12
ACPI\PNP0C04\4&BAA10F&0    0xFFFFFFFF    13
PCI\VEN_8086&DEV_3B3C&SUBSYS_036D1025&REV_05\3&11583659&0&D0    0xFFFFFFFF    16
PCI\VEN_8086&DEV_3B44&SUBSYS_036D1025&REV_05\3&11583659&0&E1    0xFFFFFFFF    16
PCI\VEN_8086&DEV_3B64&SUBSYS_036D1025&REV_06\3&11583659&0&B0    0xFFFFFFFF    16
PCI\VEN_8086&DEV_3B42&SUBSYS_036D1025&REV_05\3&11583659&0&E0    0xFFFFFFFF    17
PCI\VEN_8086&DEV_3B29&SUBSYS_036D1025&REV_05\3&11583659&0&FA    0xFFFFFFFF    19
PCI\VEN_8086&DEV_3B32&SUBSYS_036D1025&REV_05\3&11583659&0&FE    0xFFFFFFFF    21
PCI\VEN_8086&DEV_3B56&SUBSYS_036D1025&REV_05\3&11583659&0&D8    0xFFFFFFFF    22
PCI\VEN_8086&DEV_3B34&SUBSYS_036D1025&REV_05\3&11583659&0&E8    0xFFFFFFFF    23
ACPI_HAL\PNP0C08\0    0xFFFFFFFF    81
PCI\VEN_8086&DEV_0087&SUBSYS_13018086&REV_5F\4&E764662&0&00E1    0x0    4294967292
PCI\VEN_14E4&DEV_1692&SUBSYS_036D1025&REV_01\4&12119FE&0&00E0    0x0    4294967293
PCI\VEN_8086&DEV_0046&SUBSYS_036D1025&REV_02\3&11583659&0&10    0x0    4294967294
Desktop Rating    
Desktop Rating    Top: of  1
    Query    Query Result
    root\cimv2:SELECT CPUScore, D3DScore, DiskScore, GraphicsScore, MemoryScore FROM Win32_WinSAT    0x0
    
    Returned Objects
    Win32_WinSAT.TimeTaken="MostRecentAssessment"
    
Property    Value
CPUScore    6.7
D3DScore    5.3
DiskScore    5.8
GraphicsScore    4.6
MemoryScore    5.9
TimeTaken    MostRecentAssessment
BIOS    
BIOS    Top: of  2
    Query    Query Result
    root\cimv2:SELECT * FROM Win32_BIOS    0x0
    
    Returned Objects
    Win32_BIOS.Name="InsydeH2O Version V1.13",SoftwareElementID="InsydeH2O Version V1.13",SoftwareElementState=3,TargetOperatingSystem=0,Version="ACRSYS - 1"
    
Property    Value
Description    InsydeH2O Version V1.13
Name    InsydeH2O Version V1.13
PrimaryBIOS    -1
ReleaseDate    20100810000000.000000+000
SerialNumber    LXWRE020010394ACBA1601
SMBIOSBIOSVersion    V1.13
SMBIOSMajorVersion    2
SMBIOSMinorVersion    6
SMBIOSPresent    -1
SoftwareElementID    InsydeH2O Version V1.13
SoftwareElementState    3
TargetOperatingSystem    0
Version    ACRSYS - 1
    root\cimv2:SELECT * FROM Win32_SystemBIOS    0x0
    
    Returned Objects
    Win32_SystemBIOS.GroupComponent="\\\\SAM-PC\\root\\cimv2:Win32_ComputerSystem.Name=\"SAM-PC\"",PartComponent="\\\\SAM-PC\\root\\cimv2:Win32_BIOS.Name=\"InsydeH2O Version V1.13\",SoftwareElementID=\"InsydeH2O Version V1.13\",SoftwareElementState=3,TargetOperatingSystem=0,Version=\"ACRSYS - 1\""
    
Property    Value
GroupComponent    \\SAM-PC\root\cimv2:Win32_ComputerSystem.Name="SAM-PC"
PartComponent    \\SAM-PC\root\cimv2:Win32_BIOS.Name="InsydeH2O Version V1.13",SoftwareElementID="InsydeH2O Version V1.13",SoftwareElementState=3,TargetOperatingSystem=0,Version="ACRSYS - 1"
Devices    
Controller Classes    Top: of  6
    Query    Query Result
    root\cimv2:SELECT * FROM Win32_1394Controller    0x0
    
    Returned Objects
    root\cimv2:SELECT * FROM Win32_FloppyController    0x0
    
    Returned Objects
    root\cimv2:SELECT * FROM Win32_IDEController    0x0
    
    Returned Objects
    Win32_IDEController.DeviceID="PCI\\VEN_8086&DEV_3B29&SUBSYS_036D1025&REV_05\\3&11583659&0&FA"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® 5 Series 4 Port SATA AHCI Controller
Name    Intel® 5 Series 4 Port SATA AHCI Controller
ProtocolSupported    37
    root\cimv2:SELECT * FROM Win32_SCSIController    0x0
    
    Returned Objects
    root\cimv2:SELECT * FROM Win32_USBController    0x0
    
    Returned Objects
    Win32_USBController.DeviceID="PCI\\VEN_8086&DEV_3B3C&SUBSYS_036D1025&REV_05\\3&11583659&0&D0"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C
Name    Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C
ProtocolSupported    16
    Win32_USBController.DeviceID="PCI\\VEN_8086&DEV_3B34&SUBSYS_036D1025&REV_05\\3&11583659&0&E8"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B34
Name    Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B34
ProtocolSupported    16
    root\cimv2:SELECT * FROM Win32_USBHub    0x0
    
    Returned Objects
    Win32_USBHub.DeviceID="USB\\VID_8087&PID_0020\\5&1CA6D89C&0&1"
    
Property    Value
ConfigManagerErrorCode    0
Description    Generic USB Hub
Name    Generic USB Hub
    Win32_USBHub.DeviceID="USB\\VID_0D8C&PID_0103\\6&23F52E15&0&2"
    
Property    Value
ConfigManagerErrorCode    0
Description    USB Composite Device
Name    USB Composite Device
    Win32_USBHub.DeviceID="USB\\ROOT_HUB20\\4&26472D72&0"
    
Property    Value
ConfigManagerErrorCode    0
Description    USB Root Hub
Name    USB Root Hub
    Win32_USBHub.DeviceID="USB\\ROOT_HUB20\\4&32AB1A0&0"
    
Property    Value
ConfigManagerErrorCode    0
Description    USB Root Hub
Name    USB Root Hub
    Win32_USBHub.DeviceID="USB\\VID_1A40&PID_0101\\6&23F52E15&0&3"
    
Property    Value
ConfigManagerErrorCode    0
Description    Generic USB Hub
Name    Generic USB Hub
    Win32_USBHub.DeviceID="USB\\VID_064E&PID_A219\\HF1315-S32B-OV01-VA-R02.01.05"
    
Property    Value
ConfigManagerErrorCode    0
Description    USB Composite Device
Name    USB Composite Device
    Win32_USBHub.DeviceID="USB\\VID_8087&PID_0020\\5&1631E715&0&1"
    
Property    Value
ConfigManagerErrorCode    0
Description    Generic USB Hub
Name    Generic USB Hub
Cooling Classes    Top: of  4
    Query    Query Result
    root\cimv2:SELECT * FROM Win32_Fan    0x0
    
    Returned Objects
    Win32_Fan.DeviceID="root\\cimv2 0"
    
Property    Value
ActiveCooling    -1
Availability    3
Description    Cooling Device
Name    Cooling Device
StatusInfo    2
    root\cimv2:SELECT * FROM Win32_HeatPipe    0x0
    
    Returned Objects
    root\cimv2:SELECT * FROM Win32_Refrigeration    0x0
    
    Returned Objects
    root\cimv2:SELECT * FROM Win32_TemperatureProbe    0x0
    
    Returned Objects
Input Classes    Top: of  2
    Query    Query Result
    root\cimv2:SELECT * FROM Win32_Keyboard    0x0
    
    Returned Objects
    Win32_Keyboard.DeviceID="ACPI\\PNP0303\\4&BAA10F&0"
    
Property    Value
ConfigManagerErrorCode    0
Description    Standard PS/2 Keyboard
Layout    00000409
Name    Enhanced (101- or 102-key)
NumberOfFunctionKeys    12
PowerManagementSupported    0
    root\cimv2:SELECT * FROM Win32_PointingDevice    0x0
    
    Returned Objects
    Win32_PointingDevice.DeviceID="ACPI\\SYN1B16\\4&BAA10F&0"
    
Property    Value
ConfigManagerErrorCode    0
Description    Synaptics PS/2 Port TouchPad
DeviceInterface    4
HardwareType    Synaptics PS/2 Port TouchPad
InfFileName    oem15.inf
InfSection    Acer_GROUP13_PS2_Inst
Name    Synaptics PS/2 Port TouchPad
NumberOfButtons    0
PointingType    2
PowerManagementSupported    0
Memory Classes    Top: of  3
    Query    Query Result
    root\cimv2:SELECT __RELPATH, Availability, Status, StatusInfo FROM Win32_CacheMemory    0x0
    
    Returned Objects
    Win32_CacheMemory.DeviceID="Cache Memory 0"
    
Property    Value
Availability    3
StatusInfo    3
    Win32_CacheMemory.DeviceID="Cache Memory 1"
    
Property    Value
Availability    3
StatusInfo    3
    Win32_CacheMemory.DeviceID="Cache Memory 2"
    
Property    Value
Availability    3
StatusInfo    3
    Win32_CacheMemory.DeviceID="Cache Memory 3"
    
Property    Value
Availability    3
StatusInfo    3
    root\cimv2:SELECT __RELPATH, Availability, Status FROM Win32_DMAChannel    0x0
    
    Returned Objects
    Win32_DMAChannel.DMAChannel=4
    
Property    Value
Availability    4
DMAChannel    4
    root\cimv2:SELECT __RELPATH, Description, Status FROM Win32_SystemMemoryResource    0x0
    
    Returned Objects
    Win32_DeviceMemoryAddress.StartingAddress="3024116736"
    
Property    Value
Description    0xB4405C00-0xB4405FFF
StartingAddress    3024116736
    Win32_DeviceMemoryAddress.StartingAddress="3007315968"
    
Property    Value
Description    0xB3400000-0xB340FFFF
StartingAddress    3007315968
    Win32_DeviceMemoryAddress.StartingAddress="2956984320"
    
Property    Value
Description    0xB0400000-0xB13FFFFF
StartingAddress    2956984320
    Win32_DeviceMemoryAddress.StartingAddress="4278190080"
    
Property    Value
Description    0xFF000000-0xFFFFFFFF
StartingAddress    4278190080
    Win32_DeviceMemoryAddress.StartingAddress="2990538752"
    
Property    Value
Description    0xB2400000-0xB33FFFFF
StartingAddress    2990538752
    Win32_DeviceMemoryAddress.StartingAddress="2973761536"
    
Property    Value
Description    0xB1400000-0xB23FFFFF
StartingAddress    2973761536
    Win32_DeviceMemoryAddress.StartingAddress="2952790016"
    
Property    Value
Description    0xB0000000-0xB03FFFFF
StartingAddress    2952790016
    Win32_DeviceMemoryAddress.StartingAddress="2684354560"
    
Property    Value
Description    0xA0000000-0xAFFFFFFF
StartingAddress    2684354560
    Win32_DeviceMemoryAddress.StartingAddress="655360"
    
Property    Value
Description    0xA0000-0xBFFFF
StartingAddress    655360
    Win32_DeviceMemoryAddress.StartingAddress="4275044352"
    
Property    Value
Description    0xFED00000-0xFED003FF
StartingAddress    4275044352
    Win32_DeviceMemoryAddress.StartingAddress="3024093184"
    
Property    Value
Description    0xB4400000-0xB4403FFF
StartingAddress    3024093184
    Win32_DeviceMemoryAddress.StartingAddress="3024113664"
    
Property    Value
Description    0xB4405000-0xB44057FF
StartingAddress    3024113664
    Win32_DeviceMemoryAddress.StartingAddress="3024118016"
    
Property    Value
Description    0xB4406100-0xB440610F
StartingAddress    3024118016
    Win32_DeviceMemoryAddress.StartingAddress="4275159040"
    
Property    Value
Description    0xFED1C000-0xFED1FFFF
StartingAddress    4275159040
    Win32_DeviceMemoryAddress.StartingAddress="4275109888"
    
Property    Value
Description    0xFED10000-0xFED13FFF
StartingAddress    4275109888
    Win32_DeviceMemoryAddress.StartingAddress="4275142656"
    
Property    Value
Description    0xFED18000-0xFED18FFF
StartingAddress    4275142656
    Win32_DeviceMemoryAddress.StartingAddress="4275146752"
    
Property    Value
Description    0xFED19000-0xFED19FFF
StartingAddress    4275146752
    Win32_DeviceMemoryAddress.StartingAddress="3758096384"
    
Property    Value
Description    0xE0000000-0xEFFFFFFF
StartingAddress    3758096384
    Win32_DeviceMemoryAddress.StartingAddress="3025141760"
    
Property    Value
Description    0xB4500000-0xB4500FFF
StartingAddress    3025141760
    Win32_DeviceMemoryAddress.StartingAddress="4275175424"
    
Property    Value
Description    0xFED20000-0xFED3FFFF
StartingAddress    4275175424
    Win32_DeviceMemoryAddress.StartingAddress="4275326976"
    
Property    Value
Description    0xFED45000-0xFED8FFFF
StartingAddress    4275326976
    Win32_DeviceMemoryAddress.StartingAddress="4276092928"
    
Property    Value
Description    0xFEE00000-0xFEEFFFFF
StartingAddress    4276092928
    Win32_DeviceMemoryAddress.StartingAddress="3024117760"
    
Property    Value
Description    0xB4406000-0xB44060FF
StartingAddress    3024117760
    Win32_DeviceMemoryAddress.StartingAddress="3024109568"
    
Property    Value
Description    0xB4404000-0xB4404FFF
StartingAddress    3024109568
    Win32_DeviceMemoryAddress.StartingAddress="3024115712"
    
Property    Value
Description    0xB4405800-0xB4405BFF
StartingAddress    3024115712
    Win32_PortResource.StartingAddress="8192"
    
Property    Value
Description    0x00002000-0x00002FFF
StartingAddress    8192
    Win32_PortResource.StartingAddress="32"
    
Property    Value
Description    0x00000020-0x00000021
StartingAddress    32
    Win32_PortResource.StartingAddress="36"
    
Property    Value
Description    0x00000024-0x00000025
StartingAddress    36
    Win32_PortResource.StartingAddress="40"
    
Property    Value
Description    0x00000028-0x00000029
StartingAddress    40
    Win32_PortResource.StartingAddress="44"
    
Property    Value
Description    0x0000002C-0x0000002D
StartingAddress    44
    Win32_PortResource.StartingAddress="48"
    
Property    Value
Description    0x00000030-0x00000031
StartingAddress    48
    Win32_PortResource.StartingAddress="52"
    
Property    Value
Description    0x00000034-0x00000035
StartingAddress    52
    Win32_PortResource.StartingAddress="56"
    
Property    Value
Description    0x00000038-0x00000039
StartingAddress    56
    Win32_PortResource.StartingAddress="60"
    
Property    Value
Description    0x0000003C-0x0000003D
StartingAddress    60
    Win32_PortResource.StartingAddress="160"
    
Property    Value
Description    0x000000A0-0x000000A1
StartingAddress    160
    Win32_PortResource.StartingAddress="164"
    
Property    Value
Description    0x000000A4-0x000000A5
StartingAddress    164
    Win32_PortResource.StartingAddress="168"
    
Property    Value
Description    0x000000A8-0x000000A9
StartingAddress    168
    Win32_PortResource.StartingAddress="172"
    
Property    Value
Description    0x000000AC-0x000000AD
StartingAddress    172
    Win32_PortResource.StartingAddress="176"
    
Property    Value
Description    0x000000B0-0x000000B1
StartingAddress    176
    Win32_PortResource.StartingAddress="180"
    
Property    Value
Description    0x000000B4-0x000000B5
StartingAddress    180
    Win32_PortResource.StartingAddress="184"
    
Property    Value
Description    0x000000B8-0x000000B9
StartingAddress    184
    Win32_PortResource.StartingAddress="188"
    
Property    Value
Description    0x000000BC-0x000000BD
StartingAddress    188
    Win32_PortResource.StartingAddress="1232"
    
Property    Value
Description    0x000004D0-0x000004D1
StartingAddress    1232
    Win32_PortResource.StartingAddress="57344"
    
Property    Value
Description    0x0000E000-0x0000EFFF
StartingAddress    57344
    Win32_PortResource.StartingAddress="12368"
    
Property    Value
Description    0x00003050-0x00003057
StartingAddress    12368
    Win32_PortResource.StartingAddress="944"
    
Property    Value
Description    0x000003B0-0x000003BB
StartingAddress    944
    Win32_PortResource.StartingAddress="960"
    
Property    Value
Description    0x000003C0-0x000003DF
StartingAddress    960
    Win32_PortResource.StartingAddress="64"
    
Property    Value
Description    0x00000040-0x00000043
StartingAddress    64
    Win32_PortResource.StartingAddress="80"
    
Property    Value
Description    0x00000050-0x00000053
StartingAddress    80
    Win32_PortResource.StartingAddress="0"
    
Property    Value
Description    0x00000000-0x0000001F
StartingAddress    0
    Win32_PortResource.StartingAddress="129"
    
Property    Value
Description    0x00000081-0x00000091
StartingAddress    129
    Win32_PortResource.StartingAddress="147"
    
Property    Value
Description    0x00000093-0x0000009F
StartingAddress    147
    Win32_PortResource.StartingAddress="192"
    
Property    Value
Description    0x000000C0-0x000000DF
StartingAddress    192
    Win32_PortResource.StartingAddress="96"
    
Property    Value
Description    0x00000060-0x00000060
StartingAddress    96
    Win32_PortResource.StartingAddress="100"
    
Property    Value
Description    0x00000064-0x00000064
StartingAddress    100
    Win32_PortResource.StartingAddress="3328"
    
Property    Value
Description    0x00000D00-0x0000FFFF
StartingAddress    3328
    Win32_PortResource.StartingAddress="12360"
    
Property    Value
Description    0x00003048-0x0000304F
StartingAddress    12360
    Win32_PortResource.StartingAddress="12380"
    
Property    Value
Description    0x0000305C-0x0000305F
StartingAddress    12380
    Win32_PortResource.StartingAddress="12352"
    
Property    Value
Description    0x00003040-0x00003047
StartingAddress    12352
    Win32_PortResource.StartingAddress="12376"
    
Property    Value
Description    0x00003058-0x0000305B
StartingAddress    12376
    Win32_PortResource.StartingAddress="12320"
    
Property    Value
Description    0x00003020-0x0000303F
StartingAddress    12320
    Win32_PortResource.StartingAddress="112"
    
Property    Value
Description    0x00000070-0x00000077
StartingAddress    112
    Win32_PortResource.StartingAddress="46"
    
Property    Value
Description    0x0000002E-0x0000002F
StartingAddress    46
    Win32_PortResource.StartingAddress="78"
    
Property    Value
Description    0x0000004E-0x0000004F
StartingAddress    78
    Win32_PortResource.StartingAddress="97"
    
Property    Value
Description    0x00000061-0x00000061
StartingAddress    97
    Win32_PortResource.StartingAddress="99"
    
Property    Value
Description    0x00000063-0x00000063
StartingAddress    99
    Win32_PortResource.StartingAddress="101"
    
Property    Value
Description    0x00000065-0x00000065
StartingAddress    101
    Win32_PortResource.StartingAddress="103"
    
Property    Value
Description    0x00000067-0x00000067
StartingAddress    103
    Win32_PortResource.StartingAddress="104"
    
Property    Value
Description    0x00000068-0x00000068
StartingAddress    104
    Win32_PortResource.StartingAddress="108"
    
Property    Value
Description    0x0000006C-0x0000006C
StartingAddress    108
    Win32_PortResource.StartingAddress="128"
    
Property    Value
Description    0x00000080-0x00000080
StartingAddress    128
    Win32_PortResource.StartingAddress="146"
    
Property    Value
Description    0x00000092-0x00000092
StartingAddress    146
    Win32_PortResource.StartingAddress="178"
    
Property    Value
Description    0x000000B2-0x000000B3
StartingAddress    178
    Win32_PortResource.StartingAddress="1664"
    
Property    Value
Description    0x00000680-0x0000069F
StartingAddress    1664
    Win32_PortResource.StartingAddress="65324"
    
Property    Value
Description    0x0000FF2C-0x0000FF2F
StartingAddress    65324
    Win32_PortResource.StartingAddress="2048"
    
Property    Value
Description    0x00000800-0x0000080F
StartingAddress    2048
    Win32_PortResource.StartingAddress="65535"
    
Property    Value
Description    0x0000FFFF-0x0000FFFF
StartingAddress    65535
    Win32_PortResource.StartingAddress="1024"
    
Property    Value
Description    0x00000400-0x0000047F
StartingAddress    1024
    Win32_PortResource.StartingAddress="1280"
    
Property    Value
Description    0x00000500-0x0000057F
StartingAddress    1280
    Win32_PortResource.StartingAddress="5710"
    
Property    Value
Description    0x0000164E-0x0000164F
StartingAddress    5710
    Win32_PortResource.StartingAddress="12288"
    
Property    Value
Description    0x00003000-0x0000301F
StartingAddress    12288
    Win32_PortResource.StartingAddress="240"
    
Property    Value
Description    0x000000F0-0x000000F0
StartingAddress    240
    Win32_PortResource.StartingAddress="98"
    
Property    Value
Description    0x00000062-0x00000062
StartingAddress    98
    Win32_PortResource.StartingAddress="102"
    
Property    Value
Description    0x00000066-0x00000066
StartingAddress    102
Motherboard Classes    Top: of  8
    Query    Query Result
    root\cimv2:SELECT * FROM Win32_Bus    0x0
    
    Returned Objects
    Win32_Bus.DeviceID="PCI_BUS_0"
    
Property    Value
BusNum    0
BusType    5
Description    Bus
Name    Bus
    Win32_Bus.DeviceID="PCI_BUS_255"
    
Property    Value
BusNum    255
BusType    5
Description    Bus
Name    Bus
    Win32_Bus.DeviceID="PCI_BUS_1"
    
Property    Value
BusNum    1
BusType    5
Description    Bus
Name    Bus
    Win32_Bus.DeviceID="PNP_BUS_0"
    
Property    Value
BusNum    0
BusType    15
Description    Bus
Name    Bus
    Win32_Bus.DeviceID="PCI_BUS_2"
    
Property    Value
BusNum    2
BusType    5
Description    Bus
Name    Bus
    Win32_Bus.DeviceID="PCI_BUS_FF"
    
Property    Value
BusNum    0
BusType    5
Description    Bus
Name    Bus
    root\cimv2:SELECT * FROM Win32_InfraredDevice    0x0
    
    Returned Objects
    root\cimv2:SELECT * FROM Win32_MotherboardDevice    0x0
    
    Returned Objects
    Win32_MotherboardDevice.DeviceID="Motherboard"
    
Property    Value
Availability    3
Description    Motherboard
Name    Motherboard
PrimaryBusType    PCI
SecondaryBusType    ISA
    root\cimv2:SELECT * FROM Win32_OnBoardDevice    0x0
    
    Returned Objects
    Win32_OnBoardDevice.Tag="On Board Device 0"
    
Property    Value
Description    Intel Video Graphics Controller
DeviceType    3
Enabled    -1
Name    On Board Device
Tag    On Board Device 0
    Win32_OnBoardDevice.Tag="On Board Device 1"
    
Property    Value
Description    Realtek Lan Controller
DeviceType    5
Enabled    -1
Name    On Board Device
Tag    On Board Device 1
    root\cimv2:SELECT * FROM Win32_PCMCIAController    0x0
    
    Returned Objects
    root\cimv2:SELECT * FROM Win32_Processor    0x0
    
    Returned Objects
    Win32_Processor.DeviceID="CPU0"
    
Property    Value
AddressWidth    64
Architecture    9
Availability    3
CpuStatus    1
CurrentClockSpeed    2399
CurrentVoltage    0
DataWidth    64
Description    Intel64 Family 6 Model 37 Stepping 5
ExtClock    1066
Family    191
L2CacheSize    256
L3CacheSize    3072
L3CacheSpeed    0
Level    6
LoadPercentage    17
MaxClockSpeed    2399
Name    Intel® Core™ i3 CPU M 370 @ 2.40GHz
NumberOfCores    2
NumberOfLogicalProcessors    4
PowerManagementSupported    0
ProcessorId    BFEBFBFF00020655
ProcessorType    3
Revision    9477
Role    CPU
SocketDesignation    CPU
StatusInfo    3
UpgradeMethod    4
Version    
    root\cimv2:SELECT * FROM Win32_SoundDevice    0x0
    
    Returned Objects
    Win32_SoundDevice.DeviceID="USB\\VID_0D8C&PID_0103&MI_00\\7&1AC4FB28&0&0000"
    
Property    Value
ConfigManagerErrorCode    0
Description    USB Audio Device
Name    USB Audio Device
PowerManagementSupported    0
ProductName    USB Audio Device
StatusInfo    3
    Win32_SoundDevice.DeviceID="HDAUDIO\\FUNC_01&VEN_10EC&DEV_0272&SUBSYS_1025036D&REV_1000\\4&1A845CA6&0&0001"
    
Property    Value
ConfigManagerErrorCode    0
Description    Realtek High Definition Audio
Name    Realtek High Definition Audio
PowerManagementSupported    0
ProductName    Realtek High Definition Audio
StatusInfo    3
    Win32_SoundDevice.DeviceID="HDAUDIO\\FUNC_01&VEN_8086&DEV_2804&SUBSYS_80860101&REV_1000\\4&1A845CA6&0&0301"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® Display Audio
Name    Intel® Display Audio
PowerManagementSupported    0
ProductName    Intel® Display Audio
StatusInfo    3
    root\cimv2:SELECT * FROM Win32_SystemSlot    0x0
    
    Returned Objects
    Win32_SystemSlot.Tag="System Slot 0"
    
Property    Value
CurrentUsage    3
Description    System Slot
MaxDataWidth    10
Name    System Slot
PMESignal    -1
Shared    0
SlotDesignation    J5C1
SupportsHotPlug    -1
Tag    System Slot 0
    Win32_SystemSlot.Tag="System Slot 1"
    
Property    Value
CurrentUsage    3
Description    System Slot
MaxDataWidth    5
Name    System Slot
PMESignal    -1
Shared    0
SlotDesignation    J6C1
SupportsHotPlug    -1
Tag    System Slot 1
    Win32_SystemSlot.Tag="System Slot 2"
    
Property    Value
CurrentUsage    3
Description    System Slot
MaxDataWidth    5
Name    System Slot
PMESignal    -1
Shared    0
SlotDesignation    J6C2
SupportsHotPlug    -1
Tag    System Slot 2
    Win32_SystemSlot.Tag="System Slot 3"
    
Property    Value
CurrentUsage    3
Description    System Slot
MaxDataWidth    5
Name    System Slot
PMESignal    -1
Shared    0
SlotDesignation    J6D2
SupportsHotPlug    -1
Tag    System Slot 3
    Win32_SystemSlot.Tag="System Slot 4"



#14 samymaarten

samymaarten
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 19 June 2015 - 03:02 AM

Property    Value
CurrentUsage    3
Description    System Slot
MaxDataWidth    5
Name    System Slot
PMESignal    -1
Shared    0
SlotDesignation    J7C1
SupportsHotPlug    -1
Tag    System Slot 4
    Win32_SystemSlot.Tag="System Slot 5"
    
Property    Value
CurrentUsage    3
Description    System Slot
MaxDataWidth    5
Name    System Slot
PMESignal    -1
Shared    0
SlotDesignation    J7D2
SupportsHotPlug    -1
Tag    System Slot 5
    Win32_SystemSlot.Tag="System Slot 6"
    
Property    Value
CurrentUsage    3
Description    System Slot
MaxDataWidth    10
Name    System Slot
PMESignal    -1
Shared    0
SlotDesignation    J8C2
SupportsHotPlug    -1
Tag    System Slot 6
    Win32_SystemSlot.Tag="System Slot 7"
    
Property    Value
CurrentUsage    3
Description    System Slot
MaxDataWidth    5
Name    System Slot
PMESignal    -1
Shared    0
SlotDesignation    J8C1
SupportsHotPlug    -1
Tag    System Slot 7
Network Classes    Top: of  1
    Query    Query Result
    root\cimv2:SELECT * FROM Win32_NetworkAdapter    0x0
    
    Returned Objects
    Win32_NetworkAdapter.DeviceID="0"
    
Property    Value
Availability    3
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    WAN Miniport (SSTP)
Index    0
Installed    -1
InterfaceIndex    2
Manufacturer    Microsoft
MaxNumberControlled    0
Name    WAN Miniport (SSTP)
PhysicalAdapter    0
PowerManagementSupported    0
ProductName    WAN Miniport (SSTP)
ServiceName    RasSstp
TimeOfLastReset    20150618095129.125599-240
    Win32_NetworkAdapter.DeviceID="1"
    
Property    Value
Availability    3
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    WAN Miniport (IKEv2)
Index    1
Installed    -1
InterfaceIndex    14
Manufacturer    Microsoft
MaxNumberControlled    0
Name    WAN Miniport (IKEv2)
PhysicalAdapter    0
PowerManagementSupported    0
ProductName    WAN Miniport (IKEv2)
ServiceName    RasAgileVpn
TimeOfLastReset    20150618095129.125599-240
    Win32_NetworkAdapter.DeviceID="2"
    
Property    Value
Availability    3
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    WAN Miniport (L2TP)
Index    2
Installed    -1
InterfaceIndex    3
Manufacturer    Microsoft
MaxNumberControlled    0
Name    WAN Miniport (L2TP)
PhysicalAdapter    0
PowerManagementSupported    0
ProductName    WAN Miniport (L2TP)
ServiceName    Rasl2tp
TimeOfLastReset    20150618095129.125599-240
    Win32_NetworkAdapter.DeviceID="3"
    
Property    Value
Availability    3
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    WAN Miniport (PPTP)
Index    3
Installed    -1
InterfaceIndex    4
Manufacturer    Microsoft
MaxNumberControlled    0
Name    WAN Miniport (PPTP)
PhysicalAdapter    0
PowerManagementSupported    0
ProductName    WAN Miniport (PPTP)
ServiceName    PptpMiniport
TimeOfLastReset    20150618095129.125599-240
    Win32_NetworkAdapter.DeviceID="4"
    
Property    Value
Availability    3
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    WAN Miniport (PPPOE)
Index    4
Installed    -1
InterfaceIndex    5
Manufacturer    Microsoft
MaxNumberControlled    0
Name    WAN Miniport (PPPOE)
PhysicalAdapter    0
PowerManagementSupported    0
ProductName    WAN Miniport (PPPOE)
ServiceName    RasPppoe
TimeOfLastReset    20150618095129.125599-240
    Win32_NetworkAdapter.DeviceID="5"
    
Property    Value
Availability    3
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    WAN Miniport (IPv6)
Index    5
Installed    -1
InterfaceIndex    6
Manufacturer    Microsoft
MaxNumberControlled    0
Name    WAN Miniport (IPv6)
PhysicalAdapter    0
PowerManagementSupported    0
ProductName    WAN Miniport (IPv6)
ServiceName    NdisWan
TimeOfLastReset    20150618095129.125599-240
    Win32_NetworkAdapter.DeviceID="6"
    
Property    Value
Availability    3
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    WAN Miniport (Network Monitor)
Index    6
Installed    -1
InterfaceIndex    7
Manufacturer    Microsoft
MaxNumberControlled    0
Name    WAN Miniport (Network Monitor)
PhysicalAdapter    0
PowerManagementSupported    0
ProductName    WAN Miniport (Network Monitor)
ServiceName    NdisWan
TimeOfLastReset    20150618095129.125599-240
    Win32_NetworkAdapter.DeviceID="7"
    
Property    Value
AdapterType    Ethernet 802.3
AdapterTypeId    0
Availability    3
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Broadcom NetLink ™ Gigabit Ethernet
GUID    {258E57C4-4B23-49C4-B4E4-97C18ADF72AB}
Index    7
Installed    -1
InterfaceIndex    10
MACAddress    88:AE:1D:A2:7A:AD
Manufacturer    Broadcom
MaxNumberControlled    0
Name    Broadcom NetLink ™ Gigabit Ethernet
NetConnectionID    Local Area Connection
NetConnectionStatus    7
NetEnabled    0
PhysicalAdapter    -1
PowerManagementSupported    0
ProductName    Broadcom NetLink ™ Gigabit Ethernet
ServiceName    k57nd60a
Speed    9223372036854775807
TimeOfLastReset    20150618095129.125599-240
    Win32_NetworkAdapter.DeviceID="8"
    
Property    Value
Availability    3
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    WAN Miniport (IP)
Index    8
Installed    -1
InterfaceIndex    8
Manufacturer    Microsoft
MaxNumberControlled    0
Name    WAN Miniport (IP)
PhysicalAdapter    0
PowerManagementSupported    0
ProductName    WAN Miniport (IP)
ServiceName    NdisWan
TimeOfLastReset    20150618095129.125599-240
    Win32_NetworkAdapter.DeviceID="9"
    
Property    Value
AdapterType    Tunnel
AdapterTypeId    15
Availability    3
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Microsoft ISATAP Adapter
Index    9
Installed    -1
InterfaceIndex    20
Manufacturer    Microsoft
MaxNumberControlled    0
Name    Microsoft ISATAP Adapter
PhysicalAdapter    0
PowerManagementSupported    0
ProductName    Microsoft ISATAP Adapter
ServiceName    tunnel
Speed    100000
TimeOfLastReset    20150618095129.125599-240
    Win32_NetworkAdapter.DeviceID="10"
    
Property    Value
Availability    3
Description    RAS Async Adapter
Index    10
Installed    -1
InterfaceIndex    9
MaxNumberControlled    0
Name    RAS Async Adapter
PhysicalAdapter    0
PowerManagementSupported    0
ProductName    RAS Async Adapter
TimeOfLastReset    20150618095129.125599-240
    Win32_NetworkAdapter.DeviceID="11"
    
Property    Value
AdapterType    Ethernet 802.3
AdapterTypeId    0
Availability    3
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Intel® Centrino® Advanced-N 6250 AGN
GUID    {89233335-BA28-4A47-ABE7-EAC91EAD74A1}
Index    11
Installed    -1
InterfaceIndex    11
MACAddress    00:23:15:52:E2:F4
Manufacturer    Intel Corporation
MaxNumberControlled    0
Name    Intel® Centrino® Advanced-N 6250 AGN
NetConnectionID    Wireless Network Connection
NetConnectionStatus    2
NetEnabled    -1
PhysicalAdapter    -1
PowerManagementSupported    0
ProductName    Intel® Centrino® Advanced-N 6250 AGN
ServiceName    NETw5s64
Speed    150000000
TimeOfLastReset    20150618095129.125599-240
    Win32_NetworkAdapter.DeviceID="12"
    
Property    Value
AdapterType    Tunnel
AdapterTypeId    15
Availability    3
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Microsoft ISATAP Adapter
Index    12
Installed    -1
InterfaceIndex    49
Manufacturer    Microsoft
MaxNumberControlled    0
Name    Microsoft ISATAP Adapter #2
PhysicalAdapter    0
PowerManagementSupported    0
ProductName    Microsoft ISATAP Adapter
ServiceName    tunnel
Speed    100000
TimeOfLastReset    20150618095129.125599-240
    Win32_NetworkAdapter.DeviceID="13"
    
Property    Value
AdapterType    Ethernet 802.3
AdapterTypeId    0
Availability    3
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Intel® Centrino® WiMAX 6250
GUID    {D332CB70-2C98-4FD0-920D-847DCF662B4D}
Index    13
Installed    -1
InterfaceIndex    12
MACAddress    64:D4:DA:09:84:90
Manufacturer    Intel Corporation
MaxNumberControlled    0
Name    Intel® Centrino® WiMAX 6250
NetConnectionID    Local Area Connection 2
NetConnectionStatus    7
NetEnabled    0
PhysicalAdapter    -1
PowerManagementSupported    0
ProductName    Intel® Centrino® WiMAX 6250
ServiceName    bpmp
Speed    0
TimeOfLastReset    20150618095129.125599-240
    Win32_NetworkAdapter.DeviceID="15"
    
Property    Value
AdapterType    Tunnel
AdapterTypeId    15
Availability    3
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Microsoft Teredo Tunneling Adapter
Index    15
Installed    -1
InterfaceIndex    19
Manufacturer    Microsoft
MaxNumberControlled    0
Name    Teredo Tunneling Pseudo-Interface
PhysicalAdapter    0
PowerManagementSupported    0
ProductName    Microsoft Teredo Tunneling Adapter
ServiceName    tunnel
Speed    100000
TimeOfLastReset    20150618095129.125599-240
    Win32_NetworkAdapter.DeviceID="16"
    
Property    Value
AdapterType    Ethernet 802.3
AdapterTypeId    0
Availability    3
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Microsoft Virtual WiFi Miniport Adapter
GUID    {4E17D8E8-B0E6-49FA-8A51-DA3A03916DB0}
Index    16
Installed    -1
InterfaceIndex    13
MACAddress    00:23:15:52:E2:F5
Manufacturer    Microsoft
MaxNumberControlled    0
Name    Microsoft Virtual WiFi Miniport Adapter
NetConnectionID    Wireless Network Connection 2
NetConnectionStatus    7
NetEnabled    0
PhysicalAdapter    -1
PowerManagementSupported    0
ProductName    Microsoft Virtual WiFi Miniport Adapter
ServiceName    vwifimp
Speed    9223372036854775807
TimeOfLastReset    20150618095129.125599-240
Port Classes    Top: of  3
    Query    Query Result
    root\cimv2:SELECT * FROM Win32_ParallelPort    0x0
    
    Returned Objects
    root\cimv2:SELECT __RELPATH, Description, Status FROM Win32_PortResource    0x0
    
    Returned Objects
    Win32_PortResource.StartingAddress="8192"
    
Property    Value
Description    0x00002000-0x00002FFF
StartingAddress    8192
    Win32_PortResource.StartingAddress="32"
    
Property    Value
Description    0x00000020-0x00000021
StartingAddress    32
    Win32_PortResource.StartingAddress="36"
    
Property    Value
Description    0x00000024-0x00000025
StartingAddress    36
    Win32_PortResource.StartingAddress="40"
    
Property    Value
Description    0x00000028-0x00000029
StartingAddress    40
    Win32_PortResource.StartingAddress="44"
    
Property    Value
Description    0x0000002C-0x0000002D
StartingAddress    44
    Win32_PortResource.StartingAddress="48"
    
Property    Value
Description    0x00000030-0x00000031
StartingAddress    48
    Win32_PortResource.StartingAddress="52"
    
Property    Value
Description    0x00000034-0x00000035
StartingAddress    52
    Win32_PortResource.StartingAddress="56"
    
Property    Value
Description    0x00000038-0x00000039
StartingAddress    56
    Win32_PortResource.StartingAddress="60"
    
Property    Value
Description    0x0000003C-0x0000003D
StartingAddress    60
    Win32_PortResource.StartingAddress="160"
    
Property    Value
Description    0x000000A0-0x000000A1
StartingAddress    160
    Win32_PortResource.StartingAddress="164"
    
Property    Value
Description    0x000000A4-0x000000A5
StartingAddress    164
    Win32_PortResource.StartingAddress="168"
    
Property    Value
Description    0x000000A8-0x000000A9
StartingAddress    168
    Win32_PortResource.StartingAddress="172"
    
Property    Value
Description    0x000000AC-0x000000AD
StartingAddress    172
    Win32_PortResource.StartingAddress="176"
    
Property    Value
Description    0x000000B0-0x000000B1
StartingAddress    176
    Win32_PortResource.StartingAddress="180"
    
Property    Value
Description    0x000000B4-0x000000B5
StartingAddress    180
    Win32_PortResource.StartingAddress="184"
    
Property    Value
Description    0x000000B8-0x000000B9
StartingAddress    184
    Win32_PortResource.StartingAddress="188"
    
Property    Value
Description    0x000000BC-0x000000BD
StartingAddress    188
    Win32_PortResource.StartingAddress="1232"
    
Property    Value
Description    0x000004D0-0x000004D1
StartingAddress    1232
    Win32_PortResource.StartingAddress="57344"
    
Property    Value
Description    0x0000E000-0x0000EFFF
StartingAddress    57344
    Win32_PortResource.StartingAddress="12368"
    
Property    Value
Description    0x00003050-0x00003057
StartingAddress    12368
    Win32_PortResource.StartingAddress="944"
    
Property    Value
Description    0x000003B0-0x000003BB
StartingAddress    944
    Win32_PortResource.StartingAddress="960"
    
Property    Value
Description    0x000003C0-0x000003DF
StartingAddress    960
    Win32_PortResource.StartingAddress="64"
    
Property    Value
Description    0x00000040-0x00000043
StartingAddress    64
    Win32_PortResource.StartingAddress="80"
    
Property    Value
Description    0x00000050-0x00000053
StartingAddress    80
    Win32_PortResource.StartingAddress="0"
    
Property    Value
Description    0x00000000-0x0000001F
StartingAddress    0
    Win32_PortResource.StartingAddress="129"
    
Property    Value
Description    0x00000081-0x00000091
StartingAddress    129
    Win32_PortResource.StartingAddress="147"
    
Property    Value
Description    0x00000093-0x0000009F
StartingAddress    147
    Win32_PortResource.StartingAddress="192"
    
Property    Value
Description    0x000000C0-0x000000DF
StartingAddress    192
    Win32_PortResource.StartingAddress="96"
    
Property    Value
Description    0x00000060-0x00000060
StartingAddress    96
    Win32_PortResource.StartingAddress="100"
    
Property    Value
Description    0x00000064-0x00000064
StartingAddress    100
    Win32_PortResource.StartingAddress="3328"
    
Property    Value
Description    0x00000D00-0x0000FFFF
StartingAddress    3328
    Win32_PortResource.StartingAddress="12360"
    
Property    Value
Description    0x00003048-0x0000304F
StartingAddress    12360
    Win32_PortResource.StartingAddress="12380"
    
Property    Value
Description    0x0000305C-0x0000305F
StartingAddress    12380
    Win32_PortResource.StartingAddress="12352"
    
Property    Value
Description    0x00003040-0x00003047
StartingAddress    12352
    Win32_PortResource.StartingAddress="12376"
    
Property    Value
Description    0x00003058-0x0000305B
StartingAddress    12376
    Win32_PortResource.StartingAddress="12320"
    
Property    Value
Description    0x00003020-0x0000303F
StartingAddress    12320
    Win32_PortResource.StartingAddress="112"
    
Property    Value
Description    0x00000070-0x00000077
StartingAddress    112
    Win32_PortResource.StartingAddress="46"
    
Property    Value
Description    0x0000002E-0x0000002F
StartingAddress    46
    Win32_PortResource.StartingAddress="78"
    
Property    Value
Description    0x0000004E-0x0000004F
StartingAddress    78
    Win32_PortResource.StartingAddress="97"
    
Property    Value
Description    0x00000061-0x00000061
StartingAddress    97
    Win32_PortResource.StartingAddress="99"
    
Property    Value
Description    0x00000063-0x00000063
StartingAddress    99
    Win32_PortResource.StartingAddress="101"
    
Property    Value
Description    0x00000065-0x00000065
StartingAddress    101
    Win32_PortResource.StartingAddress="103"
    
Property    Value
Description    0x00000067-0x00000067
StartingAddress    103
    Win32_PortResource.StartingAddress="104"
    
Property    Value
Description    0x00000068-0x00000068
StartingAddress    104
    Win32_PortResource.StartingAddress="108"
    
Property    Value
Description    0x0000006C-0x0000006C
StartingAddress    108
    Win32_PortResource.StartingAddress="128"
    
Property    Value
Description    0x00000080-0x00000080
StartingAddress    128
    Win32_PortResource.StartingAddress="146"
    
Property    Value
Description    0x00000092-0x00000092
StartingAddress    146
    Win32_PortResource.StartingAddress="178"
    
Property    Value
Description    0x000000B2-0x000000B3
StartingAddress    178
    Win32_PortResource.StartingAddress="1664"
    
Property    Value
Description    0x00000680-0x0000069F
StartingAddress    1664
    Win32_PortResource.StartingAddress="65324"
    
Property    Value
Description    0x0000FF2C-0x0000FF2F
StartingAddress    65324
    Win32_PortResource.StartingAddress="2048"
    
Property    Value
Description    0x00000800-0x0000080F
StartingAddress    2048
    Win32_PortResource.StartingAddress="65535"
    
Property    Value
Description    0x0000FFFF-0x0000FFFF
StartingAddress    65535
    Win32_PortResource.StartingAddress="1024"
    
Property    Value
Description    0x00000400-0x0000047F
StartingAddress    1024
    Win32_PortResource.StartingAddress="1280"
    
Property    Value
Description    0x00000500-0x0000057F
StartingAddress    1280
    Win32_PortResource.StartingAddress="5710"
    
Property    Value
Description    0x0000164E-0x0000164F
StartingAddress    5710
    Win32_PortResource.StartingAddress="12288"
    
Property    Value
Description    0x00003000-0x0000301F
StartingAddress    12288
    Win32_PortResource.StartingAddress="240"
    
Property    Value
Description    0x000000F0-0x000000F0
StartingAddress    240
    Win32_PortResource.StartingAddress="98"
    
Property    Value
Description    0x00000062-0x00000062
StartingAddress    98
    Win32_PortResource.StartingAddress="102"
    
Property    Value
Description    0x00000066-0x00000066
StartingAddress    102
    root\cimv2:SELECT __RELPATH, Availability, ConfigManagerUserConfig, Description, Status, StatusInfo FROM Win32_SerialPort    0x0
    
    Returned Objects
Power Classes    Top: of  2
    Query    Query Result
    root\cimv2:SELECT * FROM Win32_Battery    0x0
    
    Returned Objects
    Win32_Battery.DeviceID="92DSONY Li_Ion_4000mA "
    
Property    Value
Availability    3
BatteryStatus    1
Chemistry    2
Description    Internal Battery
DesignVoltage    11652
EstimatedChargeRemaining    92
EstimatedRunTime    139
Name    Li_Ion_4000mA
PowerManagementSupported    0
    root\cimv2:SELECT * FROM Win32_PortableBattery    0x0
    
    Returned Objects
    Win32_PortableBattery.DeviceID="Portable Battery 0"
    
Property    Value
CapacityMultiplier    0
Chemistry    6
Description    Portable Battery
DesignCapacity    0
DesignVoltage    0
Location    Fake
ManufactureDate    20071011200000.000000-240
Manufacturer    -Virtual Battery 0-
MaxBatteryError    0
Name    Li-lon Battery
SmartBatteryVersion    
Printing Classes    Top: of  2
    Query    Query Result
    root\cimv2:SELECT * FROM Win32_Printer    0x80041001
    
    Returned Objects
    root\cimv2:SELECT * FROM Win32_PrinterDriver    0x80041001
    
    Returned Objects
Storage Classes    Top: of  4
    Query    Query Result
    root\cimv2:SELECT * FROM Win32_CDROMDrive    0x0
    
    Returned Objects
    Win32_CDROMDrive.DeviceID="IDE\\CDROMPIONEER_BD-ROM_BDCTD03RS________________1.01____\\4&2D54901A&0&0.1.0"
    
Property    Value
Availability    3
CompressionMethod    Unknown
ConfigManagerErrorCode    0
Description    CD-ROM Drive
Drive    D:
Id    D:
MediaLoaded    0
MediaType    DVD Writer
MfrAssignedRevisionLevel    1.01
Name    PIONEER BD-ROM BDCTD03RS
SCSIBus    0
SCSILogicalUnit    0
SCSIPort    0
SCSITargetId    1
SerialNumber    J
TransferRate    -1
    root\cimv2:SELECT * FROM Win32_DiskDrive    0x0
    
    Returned Objects
    Win32_DiskDrive.DeviceID="\\\\.\\PHYSICALDRIVE0"
    
Property    Value
BytesPerSector    512
ConfigManagerErrorCode    0
Description    Disk drive
FirmwareRevision    01.0
Index    0
InterfaceType    IDE
MediaLoaded    -1
MediaType    Fixed hard disk media
Model    WDC WD5000BEVT-22A0RT0
Name    \\.\PHYSICALDRIVE0
Partitions    3
SCSIBus    0
SCSILogicalUnit    0
SCSIPort    0
SCSITargetId    0
SectorsPerTrack    63
SerialNumber    W -DXW149AF07042
Signature    -1956538206
Size    500105249280
TotalCylinders    60801
TotalHeads    255
TotalSectors    976768065
TotalTracks    15504255
TracksPerCylinder    255
    root\cimv2:SELECT * FROM Win32_FloppyDrive    0x0
    
    Returned Objects
    root\cimv2:SELECT * FROM Win32_TapeDrive    0x0
    
    Returned Objects
Video Classes    Top: of  2
    Query    Query Result
    root\cimv2:SELECT * FROM Win32_DesktopMonitor    0x0
    
    Returned Objects
    Win32_DesktopMonitor.DeviceID="DesktopMonitor1"
    
Property    Value
Availability    3
ConfigManagerErrorCode    0
Description    Generic PnP Monitor
MonitorManufacturer    (Standard monitor types)
MonitorType    Generic PnP Monitor
Name    Generic PnP Monitor
PixelsPerXLogicalInch    96
PixelsPerYLogicalInch    96
ScreenHeight    768
ScreenWidth    1366
    root\cimv2:SELECT * FROM Win32_VideoController    0x0
    
    Returned Objects
    Win32_VideoController.DeviceID="VideoController1"
    
Property    Value
AdapterCompatibility    Intel Corporation
AdapterDACType    Internal
AdapterRAM    1840623616
Availability    3
ConfigManagerErrorCode    0
CurrentBitsPerPixel    32
CurrentHorizontalResolution    1366
CurrentNumberOfColors    4294967296
CurrentNumberOfColumns    0
CurrentNumberOfRows    0
CurrentRefreshRate    60
CurrentScanMode    4
CurrentVerticalResolution    768
Description    Intel® HD Graphics
DitherType    0
DriverDate    20120110000000.000000-000
DriverVersion    8.15.10.2622
InfFilename    oem23.inf
InfSection    iILKM0
InstalledDisplayDrivers    igdumd64.dll,igd10umd64.dll,igdumdx32,igd10umd32
MaxRefreshRate    60
MinRefreshRate    60
Monochrome    0
Name    Intel® HD Graphics
VideoArchitecture    5
VideoMemoryType    2
VideoModeDescription    1366 x 768 x 4294967296 colors
VideoProcessor    Intel® HD Graphics (Core i3)
PlugAndPlay Classes
   
The Win32_PnPEntity WMI class represents the properties of a Plug and Play device. Plug and Play entities are shown as entries in the Device Manager located in Control Panel. See Microsoft online document for individual field descriptions under each of the devices below.
    Top: of  1
    Query    Query Result
    root\cimv2:SELECT * FROM Win32_PNPEntity    0x0
    
    Returned Objects
    Win32_PnPEntity.DeviceID="PCI\\VEN_8086&DEV_3B3C&SUBSYS_036D1025&REV_05\\3&11583659&0&D0"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C
Name    Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C
    Win32_PnPEntity.DeviceID="ACPI\\SYN1B16\\4&BAA10F&0"
    
Property    Value
ConfigManagerErrorCode    0
Description    Synaptics PS/2 Port TouchPad
Name    Synaptics PS/2 Port TouchPad
    Win32_PnPEntity.DeviceID="PCI\\VEN_8086&DEV_2D11&SUBSYS_036D1025&REV_02\\3&4F11E61&0&11"
    
Property    Value
ConfigManagerErrorCode    0
Description    QPI Physical 0 - 2D11
Name    QPI Physical 0 - 2D11
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_SFTFS\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Sftfs
Name    Sftfs
Service    Sftfs
Status    Degraded
    Win32_PnPEntity.DeviceID="PCI\\VEN_14E4&DEV_1692&SUBSYS_036D1025&REV_01\\4&12119FE&0&00E0"
    
Property    Value
ConfigManagerErrorCode    0
Description    Broadcom NetLink ™ Gigabit Ethernet
Name    Broadcom NetLink ™ Gigabit Ethernet
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_VGASAVE\\0000"



#15 samymaarten

samymaarten
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 19 June 2015 - 03:05 AM

Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    VgaSave
Name    VgaSave
Service    VgaSave
Status    Degraded
    Win32_PnPEntity.DeviceID="USB\\VID_8087&PID_0020\\5&1CA6D89C&0&1"
    
Property    Value
ConfigManagerErrorCode    0
Description    Generic USB Hub
Name    Generic USB Hub
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_KSECDD\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    KSecDD
Name    KSecDD
Service    KSecDD
Status    Degraded
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_NDIS\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    NDIS System Driver
Name    NDIS System Driver
Service    NDIS
Status    Degraded
    Win32_PnPEntity.DeviceID="ROOT\\MS_PPTPMINIPORT\\0000"
    
Property    Value
ConfigManagerErrorCode    0
Description    WAN Miniport (PPTP)
Name    WAN Miniport (PPTP)
    Win32_PnPEntity.DeviceID="ACPI_HAL\\PNP0C08\\0"
    
Property    Value
ConfigManagerErrorCode    0
Description    Microsoft ACPI-Compliant System
Name    Microsoft ACPI-Compliant System
    Win32_PnPEntity.DeviceID="USB\\VID_0D8C&PID_0103\\6&23F52E15&0&2"
    
Property    Value
ConfigManagerErrorCode    0
Description    USB Composite Device
Name    USB Composite Device
    Win32_PnPEntity.DeviceID="STORAGE\\VOLUMESNAPSHOT\\HARDDISKVOLUMESNAPSHOT3"
    
Property    Value
ConfigManagerErrorCode    0
Description    Generic volume shadow copy
Name    Generic volume shadow copy
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_SFTPLAY\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Sftplay
Name    Sftplay
Service    Sftplay
Status    Degraded
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_VOLMGRX\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Dynamic Volume Manager
Name    Dynamic Volume Manager
Service    volmgrx
Status    Degraded
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_NDISUIO\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    NDIS Usermode I/O Protocol
Name    NDIS Usermode I/O Protocol
Service    Ndisuio
Status    Degraded
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_KSECPKG\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    KSecPkg
Name    KSecPkg
Service    KSecPkg
Status    Degraded
    Win32_PnPEntity.DeviceID="ROOT\\MS_SSTPMINIPORT\\0000"
    
Property    Value
ConfigManagerErrorCode    0
Description    WAN Miniport (SSTP)
Name    WAN Miniport (SSTP)
    Win32_PnPEntity.DeviceID="PCI\\VEN_8086&DEV_3B42&SUBSYS_036D1025&REV_05\\3&11583659&0&E0"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 1 - 3B42
Name    Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 1 - 3B42
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_VOLSNAP\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Storage volumes
Name    Storage volumes
Service    volsnap
Status    Degraded
    Win32_PnPEntity.DeviceID="PCI\\VEN_8086&DEV_2D12&SUBSYS_036D1025&REV_02\\3&4F11E61&0&12"
    
Property    Value
ConfigManagerErrorCode    0
Description    Reserved - 2D12
Name    Reserved - 2D12
    Win32_PnPEntity.DeviceID="USB\\VID_0D8C&PID_0103&MI_00\\7&1AC4FB28&0&0000"
    
Property    Value
ConfigManagerErrorCode    0
Description    USB Audio Device
Name    USB Sound Device
    Win32_PnPEntity.DeviceID="PCI\\VEN_8086&DEV_0044&SUBSYS_036D1025&REV_02\\3&11583659&0&00"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® processor DRAM Controller - 0044
Name    Intel® processor DRAM Controller - 0044
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_NDPROXY\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    NDProxy
Name    NDProxy
Service    NDProxy
Status    Degraded
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_LLTDIO\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Link-Layer Topology Discovery Mapper I/O Driver
Name    Link-Layer Topology Discovery Mapper I/O Driver
Service    lltdio
Status    Degraded
    Win32_PnPEntity.DeviceID="{12110A2A-BBCC-418B-B9F4-76099D720767}\\BPMP_8086_0186\\1&1869C5E3&0&00"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® Centrino® WiMAX 6250
Name    Intel® Centrino® WiMAX 6250
    Win32_PnPEntity.DeviceID="ROOT\\RDP_KBD\\0000"
    
Property    Value
ConfigManagerErrorCode    0
Description    Terminal Server Keyboard Driver
Name    Terminal Server Keyboard Driver
    Win32_PnPEntity.DeviceID="ACPI\\INT0800\\4&BAA10F&0"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Intel® 82802 Firmware Hub Device
Manufacturer    Intel
Name    Intel® 82802 Firmware Hub Device
Status    
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_SFTVOL\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Sftvol
Name    Sftvol
Service    Sftvol
Status    Degraded
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_VWIFIFLT\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Virtual WiFi Filter Driver
Name    Virtual WiFi Filter Driver
Service    vwififlt
Status    Degraded
    Win32_PnPEntity.DeviceID="DISPLAY\\AUO22EC\\4&118AF09C&0&UID67568640"
    
Property    Value
ConfigManagerErrorCode    0
Description    Generic PnP Monitor
Name    Generic PnP Monitor
    Win32_PnPEntity.DeviceID="USB\\ROOT_HUB20\\4&26472D72&0"
    
Property    Value
ConfigManagerErrorCode    0
Description    USB Root Hub
Name    USB Root Hub
    Win32_PnPEntity.DeviceID="ROOT\\RDP_MOU\\0000"
    
Property    Value
ConfigManagerErrorCode    0
Description    Terminal Server Mouse Driver
Name    Terminal Server Mouse Driver
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_ADGNETWORKTDI\\0000"
    
Property    Value
ConfigManagerErrorCode
   
Device is not present, not working properly, or does not have all of its drivers installed.
A device has a configuration problem that prevents it from working properly.
The device, adgnetworktdi, is reporting "tv_ConfigMgrErr24". This device will not be available until the issue is resolved. The Plug and Play ID for this device is ROOT\LEGACY_ADGNETWORKTDI\0000.
1. Verify the correct driver is installed.
2. Try updating the drivers using Windows Update.
3. Check with the manufacturer for an updated driver.
4. Attempt to uninstall and then reinstall the device using Device Manager.
Explanation of Error Codes Generated by Device Manager
Manage Devices in Windows
    Device is not present, not working properly, or does not have all of its drivers installed.
ConfigManagerUserConfig    0
Description    adgnetworktdi
Name    adgnetworktdi
Service    adgnetworktdi
Status    Error
    Win32_PnPEntity.DeviceID="ACPI\\PNP0000\\4&BAA10F&0"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Programmable interrupt controller
Manufacturer    (Standard system devices)
Name    Programmable interrupt controller
Status    
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_SPLDR\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Security Processor Loader Driver
Name    Security Processor Loader Driver
Service    spldr
Status    Degraded
    Win32_PnPEntity.DeviceID="ROOT\\SYSTEM\\0000"
    
Property    Value
ConfigManagerErrorCode    0
Description    Plug and Play Software Device Enumerator
Name    Plug and Play Software Device Enumerator
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_WANARPV6\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Remote Access IPv6 ARP Driver
Name    Remote Access IPv6 ARP Driver
Service    Wanarpv6
Status    Degraded
    Win32_PnPEntity.DeviceID="PCI\\VEN_8086&DEV_3B44&SUBSYS_036D1025&REV_05\\3&11583659&0&E1"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 2 - 3B44
Name    Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 2 - 3B44
    Win32_PnPEntity.DeviceID="PCI\\VEN_8086&DEV_2D13&SUBSYS_036D1025&REV_02\\3&4F11E61&0&13"
    
Property    Value
ConfigManagerErrorCode    0
Description    Reserved - 2D13
Name    Reserved - 2D13
    Win32_PnPEntity.DeviceID="ACPI\\ACPI0003\\4&BAA10F&0"
    
Property    Value
ConfigManagerErrorCode    0
Description    Microsoft AC Adapter
Name    Microsoft AC Adapter
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_NETBT\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    NETBT
Name    NETBT
Service    NetBT
Status    Degraded
    Win32_PnPEntity.DeviceID="USB\\ROOT_HUB20\\4&32AB1A0&0"
    
Property    Value
ConfigManagerErrorCode    0
Description    USB Root Hub
Name    USB Root Hub
    Win32_PnPEntity.DeviceID="PCI\\VEN_8086&DEV_0046&SUBSYS_036D1025&REV_02\\3&11583659&0&10"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® HD Graphics
Name    Intel® HD Graphics
    Win32_PnPEntity.DeviceID="ACPI\\PNP0100\\4&BAA10F&0"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    System timer
Manufacturer    (Standard system devices)
Name    System timer
Status    
    Win32_PnPEntity.DeviceID="ROOT\\UMBUS\\0000"
    
Property    Value
ConfigManagerErrorCode    0
Description    UMBus Root Bus Enumerator
Name    UMBus Root Bus Enumerator
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_AFD\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Ancillary Function Driver for Winsock
Name    Ancillary Function Driver for Winsock
Service    AFD
Status    Degraded
    Win32_PnPEntity.DeviceID="{5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\\VWIFIMP\\5&391EBEF&0&01"
    
Property    Value
ConfigManagerErrorCode    0
Description    Microsoft Virtual WiFi Miniport Adapter
Name    Microsoft Virtual WiFi Miniport Adapter
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_WDF01000\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Kernel Mode Driver Frameworks service
Name    Kernel Mode Driver Frameworks service
Service    Wdf01000
Status    Degraded
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_NISDRV\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Microsoft Network Inspection System
Name    Microsoft Network Inspection System
Service    NisDrv
Status    Degraded
    Win32_PnPEntity.DeviceID="ACPI\\FIXEDBUTTON\\2&DABA3FF&1"
    
Property    Value
ConfigManagerErrorCode    0
Description    ACPI Fixed Feature Button
Name    ACPI Fixed Feature Button
    Win32_PnPEntity.DeviceID="ROOT\\VDRVROOT\\0000"
    
Property    Value
ConfigManagerErrorCode    0
Description    Microsoft Virtual Drive Enumerator Driver
Name    Microsoft Virtual Drive Enumerator Driver
    Win32_PnPEntity.DeviceID="ACPI\\PNP0103\\0"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    High precision event timer
Manufacturer    (Standard system devices)
Name    High precision event timer
Status    
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_WFPLWF\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    WFP Lightweight Filter
Name    WFP Lightweight Filter
Service    WfpLwf
Status    Degraded
    Win32_PnPEntity.DeviceID="STORAGE\\VOLUMESNAPSHOT\\HARDDISKVOLUMESNAPSHOT4"
    
Property    Value
ConfigManagerErrorCode    0
Description    Generic volume shadow copy
Name    Generic volume shadow copy
    Win32_PnPEntity.DeviceID="ROOT\\VOLMGR\\0000"
    
Property    Value
ConfigManagerErrorCode    0
Description    Volume Manager
Name    Volume Manager
    Win32_PnPEntity.DeviceID="ACPI\\PNP0200\\4&BAA10F&0"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Direct memory access controller
Manufacturer    (Standard system devices)
Name    Direct memory access controller
Status    
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_AVGTDIA\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    AVG TDI Driver
Name    AVG TDI Driver
Service    Avgtdia
Status    Degraded
    Win32_PnPEntity.DeviceID="HDAUDIO\\FUNC_01&VEN_10EC&DEV_0272&SUBSYS_1025036D&REV_1000\\4&1A845CA6&0&0001"
    
Property    Value
ConfigManagerErrorCode    0
Description    Realtek High Definition Audio
Name    Realtek High Definition Audio
    Win32_PnPEntity.DeviceID="ACPI\\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_37_-_INTEL®_CORE™_I3_CPU_______M_370__@_2.40GHZ\\_1"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel Processor
Name    Intel® Core™ i3 CPU M 370 @ 2.40GHz
    Win32_PnPEntity.DeviceID="PCI\\VEN_8086&DEV_3B09&SUBSYS_036D1025&REV_05\\3&11583659&0&F8"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® HM55 Express Chipset LPC Interface Controller - 3B09
Name    Intel® HM55 Express Chipset LPC Interface Controller - 3B09
    Win32_PnPEntity.DeviceID="PCI\\VEN_8086&DEV_3B56&SUBSYS_036D1025&REV_05\\3&11583659&0&D8"
    
Property    Value
ConfigManagerErrorCode    0
Description    High Definition Audio Controller
Name    High Definition Audio Controller
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_ASWHWID\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    avast! HardwareID
Name    avast! HardwareID
Service    aswHwid
Status    Degraded
    Win32_PnPEntity.DeviceID="PCI\\VEN_8086&DEV_0087&SUBSYS_13018086&REV_5F\\4&E764662&0&00E1"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® Centrino® Advanced-N 6250 AGN
Name    Intel® Centrino® Advanced-N 6250 AGN
    Win32_PnPEntity.DeviceID="ROOT\\WIMAX\\0000"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® Centrino® WiMAX Enumerator
Name    Intel® Centrino® WiMAX Enumerator
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_NSIPROXY\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    NSI proxy service driver.
Name    NSI proxy service driver.
Service    nsiproxy
Status    Degraded
    Win32_PnPEntity.DeviceID="ACPI\\PNP0303\\4&BAA10F&0"
    
Property    Value
ConfigManagerErrorCode    0
Description    Standard PS/2 Keyboard
Name    Standard PS/2 Keyboard
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_AVGTP\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    avgtp
Name    avgtp
Service    avgtp
Status    Degraded
    Win32_PnPEntity.DeviceID="STORAGE\\VOLUMESNAPSHOT\\HARDDISKVOLUMESNAPSHOT5"
    
Property    Value
ConfigManagerErrorCode    0
Description    Generic volume shadow copy
Name    Generic volume shadow copy
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_WS2IFSL\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Windows Socket 2.0 Non-IFS Service Provider Support Environment
Name    Windows Socket 2.0 Non-IFS Service Provider Support Environment
Service    ws2ifsl
Status    Degraded
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_MOUNTMGR\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Mount Point Manager
Name    Mount Point Manager
Service    mountmgr
Status    Degraded
    Win32_PnPEntity.DeviceID="ACPI\\PNP0A03\\FF"
    
Property    Value
ConfigManagerErrorCode    0
Description    PCI bus
Name    PCI bus
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_BAPIDRV\\0000"
    
Property    Value
ConfigManagerErrorCode
   
Device is not present, not working properly, or does not have all of its drivers installed.
A device has a configuration problem that prevents it from working properly.
The device, BAPIDRV, is reporting "tv_ConfigMgrErr24". This device will not be available until the issue is resolved. The Plug and Play ID for this device is ROOT\LEGACY_BAPIDRV\0000.
1. Verify the correct driver is installed.
2. Try updating the drivers using Windows Update.
3. Check with the manufacturer for an updated driver.
4. Attempt to uninstall and then reinstall the device using Device Manager.
Explanation of Error Codes Generated by Device Manager
Manage Devices in Windows
    Device is not present, not working properly, or does not have all of its drivers installed.
ConfigManagerUserConfig    0
Description    BAPIDRV
Name    BAPIDRV
Service    BAPIDRV
Status    Error
    Win32_PnPEntity.DeviceID="STORAGE\\VOLUME\\{75D0DF6D-CCEB-11DF-888E-806E6F6E6963}#0000000000100000"
    
Property    Value
ConfigManagerErrorCode    0
Description    Generic volume
Name    Generic volume
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_ASWNDISFLT\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Avast! Firewall Driver
Name    Avast! Firewall Driver
Service    aswNdisFlt
Status    Degraded
    Win32_PnPEntity.DeviceID="ACPI\\PNP0A08\\0"
    
Property    Value
ConfigManagerErrorCode    0
Description    PCI bus
Name    PCI bus
    Win32_PnPEntity.DeviceID="PCI\\VEN_8086&DEV_3B29&SUBSYS_036D1025&REV_05\\3&11583659&0&FA"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® 5 Series 4 Port SATA AHCI Controller
Name    Intel® 5 Series 4 Port SATA AHCI Controller
    Win32_PnPEntity.DeviceID="PCI\\VEN_8086&DEV_3B64&SUBSYS_036D1025&REV_06\\3&11583659&0&B0"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® Management Engine Interface
Name    Intel® Management Engine Interface
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_NULL\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Null
Name    Null
Service    Null
Status    Degraded
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_WUDFPF\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    User Mode Driver Frameworks Platform Driver
Name    User Mode Driver Frameworks Platform Driver
Service    WudfPf
Status    Degraded
    Win32_PnPEntity.DeviceID="PCI\\VEN_8086&DEV_2448&SUBSYS_036D1025&REV_A5\\3&11583659&0&F0"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® 82801 PCI Bridge - 2448
Name    Intel® 82801 PCI Bridge - 2448
    Win32_PnPEntity.DeviceID="HDAUDIO\\FUNC_01&VEN_8086&DEV_2804&SUBSYS_80860101&REV_1000\\4&1A845CA6&0&0301"
    
Property    Value
ConfigManagerErrorCode    0
Description    Intel® Display Audio
Name    Intel® Display Audio
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_BEEP\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Beep
Name    Beep
Service    Beep
Status    Degraded
    Win32_PnPEntity.DeviceID="ACPI\\PNP0B00\\4&BAA10F&0"
    
Property    Value
ConfigManagerErrorCode    0
Description    System CMOS/real time clock
Name    System CMOS/real time clock
    Win32_PnPEntity.DeviceID="STORAGE\\VOLUMESNAPSHOT\\HARDDISKVOLUMESNAPSHOT6"
    
Property    Value
ConfigManagerErrorCode    0
Description    Generic volume shadow copy
Name    Generic volume shadow copy
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_PCW\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Performance Counters for Windows Driver
Name    Performance Counters for Windows Driver
Service    pcw
Status    Degraded
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_ASWRDR\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    aswRdr
Name    aswRdr
Service    aswRdr
Status    Degraded
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_{B154377D-700F-42CC-9474-23858FBDF4BD}\\0000"
    
Property    Value
ConfigManagerErrorCode    0
ConfigManagerUserConfig    0
Description    Power Control [2010/09/30 16:49:43]
Name    Power Control [2010/09/30 16:49:43]
Service    {B154377D-700F-42cc-9474-23858FBDF4BD}
Status    Degraded
    Win32_PnPEntity.DeviceID="ROOT\\LEGACY_MPSDRV\\0000"
  






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users