GetSystemInfo version 4.0.1.243:
BuildNumber[:]
InstallDate[:]
Manufacturer[:]American Megatrends Inc.
Name[:]BIOS Date: 10/30/09 15:13:23 Ver: 08.00.10
PrimaryBIOS[:]True
ReleaseDate[:]20100721000000.000000+000
SerialNumber[:]A8N0AS22432533
SMBIOSBIOSVersion[:]U52F.208
SMBIOSMajorVersion[:]2
SMBIOSMinorVersion[:]6
SMBIOSPresent[:]True
SoftwareElementID[:]BIOS Date: 10/30/09 15:13:23 Ver: 08.00.10
SoftwareElementState[:]3
Status[:]OK
TargetOperatingSystem[:]0
version[:]_ASUS_ - 6222004
AddressWidth[:]64
Architecture[:]9
Availability[:]3
Caption[:]Intel64 Family 6 Model 37 Stepping 5
CpuStatus[:]1
CurrentClockSpeed[:]2534
CurrentVoltage[:]0
DataWidth[:]64
Description[:]Intel64 Family 6 Model 37 Stepping 5
DeviceID[:]CPU0
Family[:]191
LastErrorCode[:]
Level[:]6
LoadPercentage[:]7
Manufacturer[:]GenuineIntel
MaxClockSpeed[:]2534
Name[:]Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
NumberOfCores[:]
NumberOfLogicalProcessors[:]
ProcessorType[:]3
Role[:]CPU
SocketDesignation[:]Socket 989
Status[:]OK
StatusInfo[:]3
Stepping[:]
SystemName[:]KEVIN-PC
UpgradeMethod[:]1
version[:]
VoltageCaps[:]
BootDevice[:]\Device\HarddiskVolume2
BuildNumber[:]7600
BuildType[:]Multiprocessor Free
Caption[:]Microsoft Windows 7 Home Premium
CountryCode[:]1
CSDVersion[:]
Description[:]
FreePhysicalMemory[:]2367624
FreeSpaceInPagingFiles[:]3591860
FreeVirtualMemory[:]5783320
InstallDate[:]20101028190214.000000-300
LastBootUpTime[:]20101102014546.109999-300
LocalDateTime[:]20101102034602.015000-300
Manufacturer[:]Microsoft Corporation
MUILanguages[:]en-US
NumberOfProcesses[:]96
NumberOfUsers[:]2
OSArchitecture[:]64-bit
OSLanguage[:]1033
ServicePackMajorVersion[:]0
ServicePackMinorVersion[:]0
SizeStoredInPagingFiles[:]3977776
SystemDevice[:]\Device\HarddiskVolume2
SystemDirectory[:]C:\Windows\system32
TotalVirtualMemorySize[:]7953652
TotalVisibleMemorySize[:]3977776
version[:]6.1.7600
WindowsDirectory[:]C:\Windows
BootupState[:]Normal boot
DNSHostName[:]Kevin-PC
Domain[:]WORKGROUP
DomainRole[:]0
Manufacturer[:]ASUSTeK Computer Inc.
Model[:]U52F
NetworkServerModeEnabled[:]True
PartOfDomain[:]False
PCSystemType[:]2
Status[:]OK
SupportContactDescription[:]
SystemType[:]x64-based PC
UserName[:]Kevin-PC\Kevin
Workgroup[:]WORKGROUP
[][:]ComSpec => %SystemRoot%\system32\cmd.exe
[][:]FP_NO_HOST_CHECK => NO
[][:]OS => Windows_NT
[][:]Path => %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
[][:]PATHEXT => .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
[][:]PROCESSOR_ARCHITECTURE => AMD64
[][:]TEMP => %SystemRoot%\TEMP
[][:]TMP => %SystemRoot%\TEMP
[][:]USERNAME => SYSTEM
[][:]windir => %SystemRoot%
[][:]PSModulePath => %SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
[][:]NUMBER_OF_PROCESSORS => 4
[][:]PROCESSOR_LEVEL => 6
[][:]PROCESSOR_IDENTIFIER => Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
[][:]PROCESSOR_REVISION => 2505
[][:]configsetroot => %SystemRoot%\ConfigSetRoot
[NT AUTHORITY\SYSTEM][:]TEMP => %USERPROFILE%\AppData\Local\Temp
[NT AUTHORITY\SYSTEM][:]TMP => %USERPROFILE%\AppData\Local\Temp
[Kevin-PC\Kevin][:]TEMP => %USERPROFILE%\AppData\Local\Temp
[Kevin-PC\Kevin][:]TMP => %USERPROFILE%\AppData\Local\Temp
Name[:]Microsoft XPS Document Writer
Default[:]False
HorizontalResolution[:]600
JobCountSinceLastReset[:]0
Local[:]True
Network[:]False
PortName[:]XPSPort:
PrinterState[:]0
PrintProcessor[:]winprint
Priority[:]1
Published[:]False
Queued[:]False
RawOnly[:]False
ServerName[:]
Shared[:]False
ShareName[:]
SpoolEnabled[:]True
Status[:]Unknown
VerticalResolution[:]600
WorkOffline[:]False
Name[:]Lexmark 3500-4500 Series
Default[:]True
HorizontalResolution[:]600
JobCountSinceLastReset[:]0
Local[:]True
Network[:]False
PortName[:]USB001
PrinterState[:]0
PrintProcessor[:]Lexmark 3500-4500 Series Print Processor
Priority[:]1
Published[:]False
Queued[:]False
RawOnly[:]False
ServerName[:]
Shared[:]False
ShareName[:]
SpoolEnabled[:]True
Status[:]Unknown
VerticalResolution[:]600
WorkOffline[:]True
Name[:]Fax
Default[:]False
HorizontalResolution[:]200
JobCountSinceLastReset[:]0
Local[:]True
Network[:]False
PortName[:]SHRFAX:
PrinterState[:]0
PrintProcessor[:]winprint
Priority[:]1
Published[:]False
Queued[:]False
RawOnly[:]False
ServerName[:]
Shared[:]False
ShareName[:]
SpoolEnabled[:]True
Status[:]Unknown
VerticalResolution[:]200
WorkOffline[:]False
AdapterCompatibility[:]Intel Corporation
AdapterDACType[:]Internal
AdapterRAM[:]1801740288
Availability[:]3
ConfigManagerErrorCode[:]0
ConfigManagerUserConfig[:]False
CurrentBitsPerPixel[:]32
CurrentHorizontalResolution[:]1366
CurrentNumberOfColors[:]4294967296
CurrentRefreshRate[:]60
CurrentScanMode[:]4
CurrentVerticalResolution[:]768
DriverDate[:]20100825000000.000000-000
DriverVersion[:]8.15.10.2202
InfFilename[:]oem25.inf
InfSection[:]iILKM0
InstalledDisplayDrivers[:]igdumd64.dll,igd10umd64.dll,igdumdx32,igd10umd32
MaxRefreshRate[:]60
MinRefreshRate[:]False
Name[:]Intel(R) HD Graphics
Status[:]OK
VideoArchitecture[:]5
VideoMemoryType[:]2
VideoProcessor[:]Intel(R) HD Graphics (Core i5)
ConfigManagerErrorCode[:]0
DeviceID[:]DesktopMonitor1
MonitorManufacturer[:](Standard monitor types)
MonitorType[:]Generic PnP Monitor
Name[:]Generic PnP Monitor
PixelsPerXLogicalInch[:]96
ScreenHeight[:]768
ScreenWidth[:]1366
Status[:]OK
ConfigManagerErrorCode[:]0
DeviceID[:]HDAUDIO\FUNC_01&VEN_10EC&DEV_0269&SUBSYS_10431283&REV_1001\4&10FD7A8D&0&0001
Manufacturer[:]Realtek
Name[:]Realtek High Definition Audio
ProductName[:]Realtek High Definition Audio
Status[:]OK
StatusInfo[:]3
ConfigManagerErrorCode[:]0
DeviceID[:]HDAUDIO\FUNC_01&VEN_8086&DEV_2804&SUBSYS_80860101&REV_1000\4&10FD7A8D&0&0301
Manufacturer[:]Intel(R) Corporation
Name[:]Intel(R) Display Audio
ProductName[:]Intel(R) Display Audio
Status[:]OK
StatusInfo[:]3
Category[:]0
CategoryString[:]
EventCode[:]903
EventIdentifier[:]1073742727
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has stopped.
RecordNumber[:]3454
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101102065332.000000-000
TimeWritten[:]20101102065332.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]902
EventIdentifier[:]1073742726
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has started. 6.1.7600.16385
RecordNumber[:]3450
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101102064832.000000-000
TimeWritten[:]20101102064832.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]3439
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101102064634.000000-000
TimeWritten[:]20101102064634.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]3432
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101102064620.000000-000
TimeWritten[:]20101102064620.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1
EventIdentifier[:]-2147483647
EventType[:]2
Logfile[:]Application
Message[:]LMS Service cannot connect to Intel(R) MEI driver
RecordNumber[:]3426
SourceName[:]LMS
TimeGenerated[:]20101102064605.000000-000
TimeWritten[:]20101102064605.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]1530
EventIdentifier[:]1530
EventType[:]2
Logfile[:]Application
Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000:
Process 1372 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1372 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
RecordNumber[:]3420
SourceName[:]Microsoft-Windows-User Profiles Service
TimeGenerated[:]20101102064356.812025-000
TimeWritten[:]20101102064356.812025-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]903
EventIdentifier[:]1073742727
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has stopped.
RecordNumber[:]3417
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101102062500.000000-000
TimeWritten[:]20101102062500.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]902
EventIdentifier[:]1073742726
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has started. 6.1.7600.16385
RecordNumber[:]3414
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101102062000.000000-000
TimeWritten[:]20101102062000.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]3403
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101102061801.000000-000
TimeWritten[:]20101102061801.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]3394
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101102061743.000000-000
TimeWritten[:]20101102061743.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1
EventIdentifier[:]-2147483647
EventType[:]2
Logfile[:]Application
Message[:]LMS Service cannot connect to Intel(R) MEI driver
RecordNumber[:]3391
SourceName[:]LMS
TimeGenerated[:]20101102061736.000000-000
TimeWritten[:]20101102061736.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]1530
EventIdentifier[:]1530
EventType[:]2
Logfile[:]Application
Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 17 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000:
Process 1312 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1312 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\trust
Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Root
Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\My
Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\CA
Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Disallowed
RecordNumber[:]3384
SourceName[:]Microsoft-Windows-User Profiles Service
TimeGenerated[:]20101102061506.433805-000
TimeWritten[:]20101102061506.433805-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]100
CategoryString[:]Application Crashing Events
EventCode[:]1000
EventIdentifier[:]1000
EventType[:]1
Logfile[:]Application
Message[:]Faulting application name: lxdicoms.exe, version: 1.0.27.0, time stamp: 0x464c71be Faulting module name: lxdicoms.exe, version: 1.0.27.0, time stamp: 0x464c71be Exception code: 0xc0000005 Fault offset: 0x000000000002cf3c Faulting process id: 0x1764 Faulting application start time: 0x01cb7a335aeec1ae Faulting application path: C:\Windows\system32\lxdicoms.exe Faulting module path: C:\Windows\system32\lxdicoms.exe Report Id: cdc2dbc6-e626-11df-bde2-20cf30356afa
RecordNumber[:]3349
SourceName[:]Application Error
TimeGenerated[:]20101102021338.000000-000
TimeWritten[:]20101102021338.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]903
EventIdentifier[:]1073742727
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has stopped.
RecordNumber[:]3344
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101102020908.000000-000
TimeWritten[:]20101102020908.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]902
EventIdentifier[:]1073742726
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has started. 6.1.7600.16385
RecordNumber[:]3340
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101102020408.000000-000
TimeWritten[:]20101102020408.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]3324
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101102020203.000000-000
TimeWritten[:]20101102020203.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]3322
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101102020202.000000-000
TimeWritten[:]20101102020202.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1
EventIdentifier[:]-2147483647
EventType[:]2
Logfile[:]Application
Message[:]LMS Service cannot connect to Intel(R) MEI driver
RecordNumber[:]3316
SourceName[:]LMS
TimeGenerated[:]20101102020141.000000-000
TimeWritten[:]20101102020141.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]6000
EventIdentifier[:]-2147477648
EventType[:]2
Logfile[:]Application
Message[:]The winlogon notification subscriber was unavailable to handle a notification event.
RecordNumber[:]3310
SourceName[:]Microsoft-Windows-Winlogon
TimeGenerated[:]20101102015931.000000-000
TimeWritten[:]20101102015931.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]6000
EventIdentifier[:]-2147477648
EventType[:]2
Logfile[:]Application
Message[:]The winlogon notification subscriber was unavailable to handle a notification event.
RecordNumber[:]3307
SourceName[:]Microsoft-Windows-Winlogon
TimeGenerated[:]20101102015930.000000-000
TimeWritten[:]20101102015930.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]6000
EventIdentifier[:]-2147477648
EventType[:]2
Logfile[:]Application
Message[:]The winlogon notification subscriber was unavailable to handle a notification event.
RecordNumber[:]3299
SourceName[:]Microsoft-Windows-Winlogon
TimeGenerated[:]20101102005404.000000-000
TimeWritten[:]20101102005404.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]3296
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101102005345.000000-000
TimeWritten[:]20101102005345.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]3294
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101102005344.000000-000
TimeWritten[:]20101102005344.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]6000
EventIdentifier[:]-2147477648
EventType[:]2
Logfile[:]Application
Message[:]The winlogon notification subscriber was unavailable to handle a notification event.
RecordNumber[:]3291
SourceName[:]Microsoft-Windows-Winlogon
TimeGenerated[:]20101102005136.000000-000
TimeWritten[:]20101102005136.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]6000
EventIdentifier[:]-2147477648
EventType[:]2
Logfile[:]Application
Message[:]The winlogon notification subscriber was unavailable to handle a notification event.
RecordNumber[:]3288
SourceName[:]Microsoft-Windows-Winlogon
TimeGenerated[:]20101102005135.000000-000
TimeWritten[:]20101102005135.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1015
EventIdentifier[:]1015
EventType[:]2
Logfile[:]Application
Message[:]Failed to connect to server. Error: 0x8007043C
RecordNumber[:]3287
SourceName[:]MsiInstaller
TimeGenerated[:]20101102004945.000000-000
TimeWritten[:]20101102004945.000000-000
Type[:]Warning
User[:]Kevin-PC\Administrator
Category[:]0
CategoryString[:]
EventCode[:]6000
EventIdentifier[:]-2147477648
EventType[:]2
Logfile[:]Application
Message[:]The winlogon notification subscriber was unavailable to handle a notification event.
RecordNumber[:]3285
SourceName[:]Microsoft-Windows-Winlogon
TimeGenerated[:]20101102004832.000000-000
TimeWritten[:]20101102004832.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]3282
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101102004823.000000-000
TimeWritten[:]20101102004823.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]3280
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101102004823.000000-000
TimeWritten[:]20101102004823.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]6000
EventIdentifier[:]-2147477648
EventType[:]2
Logfile[:]Application
Message[:]The winlogon notification subscriber was unavailable to handle a notification event.
RecordNumber[:]3277
SourceName[:]Microsoft-Windows-Winlogon
TimeGenerated[:]20101102004625.000000-000
TimeWritten[:]20101102004625.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]6000
EventIdentifier[:]-2147477648
EventType[:]2
Logfile[:]Application
Message[:]The winlogon notification subscriber was unavailable to handle a notification event.
RecordNumber[:]3274
SourceName[:]Microsoft-Windows-Winlogon
TimeGenerated[:]20101102004624.000000-000
TimeWritten[:]20101102004624.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]6000
EventIdentifier[:]-2147477648
EventType[:]2
Logfile[:]Application
Message[:]The winlogon notification subscriber was unavailable to handle a notification event.
RecordNumber[:]3272
SourceName[:]Microsoft-Windows-Winlogon
TimeGenerated[:]20101102004213.000000-000
TimeWritten[:]20101102004213.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]3269
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101102004208.000000-000
TimeWritten[:]20101102004208.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]3267
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101102004208.000000-000
TimeWritten[:]20101102004208.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1530
EventIdentifier[:]1530
EventType[:]2
Logfile[:]Application
Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 5 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-500:
Process 1404 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500
Process 1404 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500
Process 1404 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500
Process 1404 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500\Software\Microsoft\Windows\CurrentVersion\Explorer
Process 1404 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
RecordNumber[:]3264
SourceName[:]Microsoft-Windows-User Profiles Service
TimeGenerated[:]20101102004016.606330-000
TimeWritten[:]20101102004016.606330-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]258
EventIdentifier[:]258
EventType[:]0
Logfile[:]Application
Message[:]The disk defragmenter successfully completed boot optimization on OS (C:)
RecordNumber[:]3258
SourceName[:]Microsoft-Windows-Defrag
TimeGenerated[:]20101101212859.000000-000
TimeWritten[:]20101101212859.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]258
EventIdentifier[:]258
EventType[:]0
Logfile[:]Application
Message[:]The disk defragmenter successfully completed defragmentation on OS (C:)
RecordNumber[:]3257
SourceName[:]Microsoft-Windows-Defrag
TimeGenerated[:]20101101204904.000000-000
TimeWritten[:]20101101204904.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]903
EventIdentifier[:]1073742727
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has stopped.
RecordNumber[:]3255
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101101204444.000000-000
TimeWritten[:]20101101204444.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]8208
EventIdentifier[:]-1073733616
EventType[:]1
Logfile[:]Application
Message[:]Acquisition of genuine ticket failed (hr=0x80072EE7) for template Id 66c92734-d682-4d71-983e-d6ec3f16059f
RecordNumber[:]3251
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101101203944.000000-000
TimeWritten[:]20101101203944.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]8200
EventIdentifier[:]-1073733624
EventType[:]1
Logfile[:]Application
Message[:]License acquisition failure details. hr=0x80072EE7
RecordNumber[:]3250
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101101203944.000000-000
TimeWritten[:]20101101203944.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]59
EventIdentifier[:]-1056899013
EventType[:]1
Logfile[:]Application
Message[:]Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll" on line 2. Invalid Xml syntax.
RecordNumber[:]3249
SourceName[:]SideBySide
TimeGenerated[:]20101101203935.000000-000
TimeWritten[:]20101101203935.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]902
EventIdentifier[:]1073742726
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has started. 6.1.7600.16385
RecordNumber[:]3246
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101101203852.000000-000
TimeWritten[:]20101101203852.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]258
EventIdentifier[:]258
EventType[:]0
Logfile[:]Application
Message[:]The disk defragmenter successfully completed defragmentation on OS (C:)
RecordNumber[:]3239
SourceName[:]Microsoft-Windows-Defrag
TimeGenerated[:]20101101200952.000000-000
TimeWritten[:]20101101200952.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]903
EventIdentifier[:]1073742727
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has stopped.
RecordNumber[:]3238
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101101195557.000000-000
TimeWritten[:]20101101195557.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]258
EventIdentifier[:]258
EventType[:]0
Logfile[:]Application
Message[:]The disk defragmenter successfully completed analysis on OS (C:)
RecordNumber[:]3236
SourceName[:]Microsoft-Windows-Defrag
TimeGenerated[:]20101101195430.000000-000
TimeWritten[:]20101101195430.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]902
EventIdentifier[:]1073742726
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has started. 6.1.7600.16385
RecordNumber[:]3234
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101101195056.000000-000
TimeWritten[:]20101101195056.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]2019
EventIdentifier[:]-1073739805
EventType[:]1
Logfile[:]Application
Message[:]SNMP Event Log Extension Agent did not initialize correctly.
RecordNumber[:]3219
SourceName[:]EvntAgnt
TimeGenerated[:]20101101194852.000000-000
TimeWritten[:]20101101194852.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1020
EventIdentifier[:]-1073740804
EventType[:]1
Logfile[:]Application
Message[:]Error processing registry parameters. Extension agent terminating.
RecordNumber[:]3218
SourceName[:]EvntAgnt
TimeGenerated[:]20101101194852.000000-000
TimeWritten[:]20101101194852.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]2019
EventIdentifier[:]-1073739805
EventType[:]1
Logfile[:]Application
Message[:]SNMP Event Log Extension Agent did not initialize correctly.
RecordNumber[:]3217
SourceName[:]EvntAgnt
TimeGenerated[:]20101101194852.000000-000
TimeWritten[:]20101101194852.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]3001
EventIdentifier[:]-2147480647
EventType[:]2
Logfile[:]Application
Message[:]Log file not positioned at end.
RecordNumber[:]3216
SourceName[:]EvntAgnt
TimeGenerated[:]20101101194852.000000-000
TimeWritten[:]20101101194852.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]3001
EventIdentifier[:]-2147480647
EventType[:]2
Logfile[:]Application
Message[:]Log file not positioned at end.
RecordNumber[:]3215
SourceName[:]EvntAgnt
TimeGenerated[:]20101101194852.000000-000
TimeWritten[:]20101101194852.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]3006
EventIdentifier[:]-2147480642
EventType[:]2
Logfile[:]Application
Message[:]Error reading log event record. Handle specified is 22675496. Return code from ReadEventLog is 122.
RecordNumber[:]3214
SourceName[:]EvntAgnt
TimeGenerated[:]20101101194852.000000-000
TimeWritten[:]20101101194852.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]3211
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101101194850.000000-000
TimeWritten[:]20101101194850.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]3205
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101101194849.000000-000
TimeWritten[:]20101101194849.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1
EventIdentifier[:]-2147483647
EventType[:]2
Logfile[:]Application
Message[:]LMS Service cannot connect to Intel(R) MEI driver
RecordNumber[:]3202
SourceName[:]LMS
TimeGenerated[:]20101101194849.000000-000
TimeWritten[:]20101101194849.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]1530
EventIdentifier[:]1530
EventType[:]2
Logfile[:]Application
Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 18 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000:
Process 1340 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1340 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\trust
Process 756 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Root
Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\My
Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\CA
Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Disallowed
RecordNumber[:]3196
SourceName[:]Microsoft-Windows-User Profiles Service
TimeGenerated[:]20101101194739.633550-000
TimeWritten[:]20101101194739.633550-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]903
EventIdentifier[:]1073742727
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has stopped.
RecordNumber[:]3184
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101101183847.000000-000
TimeWritten[:]20101101183847.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]902
EventIdentifier[:]1073742726
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has started. 6.1.7600.16385
RecordNumber[:]3183
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101101183347.000000-000
TimeWritten[:]20101101183347.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]3165
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101101183104.000000-000
TimeWritten[:]20101101183104.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]3163
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101101183104.000000-000
TimeWritten[:]20101101183104.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1
EventIdentifier[:]-2147483647
EventType[:]2
Logfile[:]Application
Message[:]LMS Service cannot connect to Intel(R) MEI driver
RecordNumber[:]3159
SourceName[:]LMS
TimeGenerated[:]20101101183044.000000-000
TimeWritten[:]20101101183044.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]3149
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101031000007.000000-000
TimeWritten[:]20101031000007.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]2019
EventIdentifier[:]-1073739805
EventType[:]1
Logfile[:]Application
Message[:]SNMP Event Log Extension Agent did not initialize correctly.
RecordNumber[:]3146
SourceName[:]EvntAgnt
TimeGenerated[:]20101031000001.000000-000
TimeWritten[:]20101031000001.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1020
EventIdentifier[:]-1073740804
EventType[:]1
Logfile[:]Application
Message[:]Error processing registry parameters. Extension agent terminating.
RecordNumber[:]3145
SourceName[:]EvntAgnt
TimeGenerated[:]20101031000001.000000-000
TimeWritten[:]20101031000001.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]2019
EventIdentifier[:]-1073739805
EventType[:]1
Logfile[:]Application
Message[:]SNMP Event Log Extension Agent did not initialize correctly.
RecordNumber[:]3144
SourceName[:]EvntAgnt
TimeGenerated[:]20101031000001.000000-000
TimeWritten[:]20101031000001.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]3001
EventIdentifier[:]-2147480647
EventType[:]2
Logfile[:]Application
Message[:]Log file not positioned at end.
RecordNumber[:]3143
SourceName[:]EvntAgnt
TimeGenerated[:]20101031000001.000000-000
TimeWritten[:]20101031000001.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]3001
EventIdentifier[:]-2147480647
EventType[:]2
Logfile[:]Application
Message[:]Log file not positioned at end.
RecordNumber[:]3142
SourceName[:]EvntAgnt
TimeGenerated[:]20101031000001.000000-000
TimeWritten[:]20101031000001.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]3006
EventIdentifier[:]-2147480642
EventType[:]2
Logfile[:]Application
Message[:]Error reading log event record. Handle specified is 24248360. Return code from ReadEventLog is 122.
RecordNumber[:]3141
SourceName[:]EvntAgnt
TimeGenerated[:]20101031000001.000000-000
TimeWritten[:]20101031000001.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]3139
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030235958.000000-000
TimeWritten[:]20101030235958.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1
EventIdentifier[:]-2147483647
EventType[:]2
Logfile[:]Application
Message[:]LMS Service cannot connect to Intel(R) MEI driver
RecordNumber[:]3135
SourceName[:]LMS
TimeGenerated[:]20101030235940.000000-000
TimeWritten[:]20101030235940.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]1530
EventIdentifier[:]1530
EventType[:]2
Logfile[:]Application
Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 20 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000:
Process 1356 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1356 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1356 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\trust
Process 1356 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Root
Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\My
Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\CA
Process 1356 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\Windows\CurrentVersion\Explorer
Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Disallowed
RecordNumber[:]3130
SourceName[:]Microsoft-Windows-User Profiles Service
TimeGenerated[:]20101030235853.988312-000
TimeWritten[:]20101030235853.988312-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]903
EventIdentifier[:]1073742727
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has stopped.
RecordNumber[:]3126
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101030213737.000000-000
TimeWritten[:]20101030213737.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]902
EventIdentifier[:]1073742726
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has started. 6.1.7600.16385
RecordNumber[:]3124
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101030213237.000000-000
TimeWritten[:]20101030213237.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]3108
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030213019.000000-000
TimeWritten[:]20101030213019.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]3106
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030213019.000000-000
TimeWritten[:]20101030213019.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1
EventIdentifier[:]-2147483647
EventType[:]2
Logfile[:]Application
Message[:]LMS Service cannot connect to Intel(R) MEI driver
RecordNumber[:]3100
SourceName[:]LMS
TimeGenerated[:]20101030212953.000000-000
TimeWritten[:]20101030212953.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]3089
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030121752.000000-000
TimeWritten[:]20101030121752.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]3087
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030121752.000000-000
TimeWritten[:]20101030121752.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1
EventIdentifier[:]-2147483647
EventType[:]2
Logfile[:]Application
Message[:]LMS Service cannot connect to Intel(R) MEI driver
RecordNumber[:]3083
SourceName[:]LMS
TimeGenerated[:]20101030121731.000000-000
TimeWritten[:]20101030121731.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]1530
EventIdentifier[:]1530
EventType[:]2
Logfile[:]Application
Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000:
Process 1352 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1352 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
RecordNumber[:]3077
SourceName[:]Microsoft-Windows-User Profiles Service
TimeGenerated[:]20101030121230.197185-000
TimeWritten[:]20101030121230.197185-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]902
EventIdentifier[:]1073742726
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has started. 6.1.7600.16385
RecordNumber[:]3066
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101030120755.000000-000
TimeWritten[:]20101030120755.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]3056
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030120548.000000-000
TimeWritten[:]20101030120548.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]3054
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030120548.000000-000
TimeWritten[:]20101030120548.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1
EventIdentifier[:]-2147483647
EventType[:]2
Logfile[:]Application
Message[:]LMS Service cannot connect to Intel(R) MEI driver
RecordNumber[:]3050
SourceName[:]LMS
TimeGenerated[:]20101030120524.000000-000
TimeWritten[:]20101030120524.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]1530
EventIdentifier[:]1530
EventType[:]2
Logfile[:]Application
Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000:
Process 1372 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1372 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
RecordNumber[:]3044
SourceName[:]Microsoft-Windows-User Profiles Service
TimeGenerated[:]20101030114910.408863-000
TimeWritten[:]20101030114910.408863-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]903
EventIdentifier[:]1073742727
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has stopped.
RecordNumber[:]3041
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101030111240.000000-000
TimeWritten[:]20101030111240.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]902
EventIdentifier[:]1073742726
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has started. 6.1.7600.16385
RecordNumber[:]3040
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101030110740.000000-000
TimeWritten[:]20101030110740.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]3024
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030110528.000000-000
TimeWritten[:]20101030110528.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]3022
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030110527.000000-000
TimeWritten[:]20101030110527.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1
EventIdentifier[:]-2147483647
EventType[:]2
Logfile[:]Application
Message[:]LMS Service cannot connect to Intel(R) MEI driver
RecordNumber[:]3016
SourceName[:]LMS
TimeGenerated[:]20101030110453.000000-000
TimeWritten[:]20101030110453.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]1530
EventIdentifier[:]1530
EventType[:]2
Logfile[:]Application
Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000:
Process 1348 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1348 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
RecordNumber[:]3009
SourceName[:]Microsoft-Windows-User Profiles Service
TimeGenerated[:]20101030110408.278284-000
TimeWritten[:]20101030110408.278284-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]2999
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030110222.000000-000
TimeWritten[:]20101030110222.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]2992
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030110220.000000-000
TimeWritten[:]20101030110220.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1
EventIdentifier[:]-2147483647
EventType[:]2
Logfile[:]Application
Message[:]LMS Service cannot connect to Intel(R) MEI driver
RecordNumber[:]2988
SourceName[:]LMS
TimeGenerated[:]20101030110151.000000-000
TimeWritten[:]20101030110151.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]1530
EventIdentifier[:]1530
EventType[:]2
Logfile[:]Application
Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-500:
Process 1348 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500
Process 1348 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500
RecordNumber[:]2982
SourceName[:]Microsoft-Windows-User Profiles Service
TimeGenerated[:]20101030103512.522184-000
TimeWritten[:]20101030103512.522184-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]902
EventIdentifier[:]1073742726
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has started. 6.1.7600.16385
RecordNumber[:]2979
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101030103252.000000-000
TimeWritten[:]20101030103252.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]2960
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030103025.000000-000
TimeWritten[:]20101030103025.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]2957
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030103020.000000-000
TimeWritten[:]20101030103020.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1
EventIdentifier[:]-2147483647
EventType[:]2
Logfile[:]Application
Message[:]LMS Service cannot connect to Intel(R) MEI driver
RecordNumber[:]2953
SourceName[:]LMS
TimeGenerated[:]20101030103005.000000-000
TimeWritten[:]20101030103005.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]1530
EventIdentifier[:]1530
EventType[:]2
Logfile[:]Application
Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-500:
Process 1384 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500
Process 1384 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500
RecordNumber[:]2947
SourceName[:]Microsoft-Windows-User Profiles Service
TimeGenerated[:]20101030102913.818736-000
TimeWritten[:]20101030102913.818736-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]63
EventIdentifier[:]-2147483585
EventType[:]2
Logfile[:]Application
Message[:]A provider, WebAdministrationProvider, has been registered in the Windows Management Instrumentation namespace Root\WebAdministration to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
RecordNumber[:]2927
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030102700.000000-000
TimeWritten[:]20101030102700.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]63
EventIdentifier[:]-2147483585
EventType[:]2
Logfile[:]Application
Message[:]A provider, WebAdministrationProvider, has been registered in the Windows Management Instrumentation namespace Root\WebAdministration to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
RecordNumber[:]2926
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030102700.000000-000
TimeWritten[:]20101030102700.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]63
EventIdentifier[:]-2147483585
EventType[:]2
Logfile[:]Application
Message[:]A provider, WebAdministrationProvider, has been registered in the Windows Management Instrumentation namespace Root\WebAdministration to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
RecordNumber[:]2925
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030102700.000000-000
TimeWritten[:]20101030102700.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]902
EventIdentifier[:]1073742726
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has started. 6.1.7600.16385
RecordNumber[:]2923
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101030102511.000000-000
TimeWritten[:]20101030102511.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]2909
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030102254.000000-000
TimeWritten[:]20101030102254.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]2906
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030102247.000000-000
TimeWritten[:]20101030102247.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1
EventIdentifier[:]-2147483647
EventType[:]2
Logfile[:]Application
Message[:]LMS Service cannot connect to Intel(R) MEI driver
RecordNumber[:]2903
SourceName[:]LMS
TimeGenerated[:]20101030102242.000000-000
TimeWritten[:]20101030102242.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]1530
EventIdentifier[:]1530
EventType[:]2
Logfile[:]Application
Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000:
Process 1428 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1428 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
RecordNumber[:]2897
SourceName[:]Microsoft-Windows-User Profiles Service
TimeGenerated[:]20101030102151.876039-000
TimeWritten[:]20101030102151.876039-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]902
EventIdentifier[:]1073742726
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has started. 6.1.7600.16385
RecordNumber[:]2894
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101030102111.000000-000
TimeWritten[:]20101030102111.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]2019
EventIdentifier[:]-1073739805
EventType[:]1
Logfile[:]Application
Message[:]SNMP Event Log Extension Agent did not initialize correctly.
RecordNumber[:]2881
SourceName[:]EvntAgnt
TimeGenerated[:]20101030101840.000000-000
TimeWritten[:]20101030101840.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1020
EventIdentifier[:]-1073740804
EventType[:]1
Logfile[:]Application
Message[:]Error processing registry parameters. Extension agent terminating.
RecordNumber[:]2880
SourceName[:]EvntAgnt
TimeGenerated[:]20101030101840.000000-000
TimeWritten[:]20101030101840.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]2019
EventIdentifier[:]-1073739805
EventType[:]1
Logfile[:]Application
Message[:]SNMP Event Log Extension Agent did not initialize correctly.
RecordNumber[:]2879
SourceName[:]EvntAgnt
TimeGenerated[:]20101030101840.000000-000
TimeWritten[:]20101030101840.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]3001
EventIdentifier[:]-2147480647
EventType[:]2
Logfile[:]Application
Message[:]Log file not positioned at end.
RecordNumber[:]2878
SourceName[:]EvntAgnt
TimeGenerated[:]20101030101840.000000-000
TimeWritten[:]20101030101840.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]3001
EventIdentifier[:]-2147480647
EventType[:]2
Logfile[:]Application
Message[:]Log file not positioned at end.
RecordNumber[:]2877
SourceName[:]EvntAgnt
TimeGenerated[:]20101030101840.000000-000
TimeWritten[:]20101030101840.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]3006
EventIdentifier[:]-2147480642
EventType[:]2
Logfile[:]Application
Message[:]Error reading log event record. Handle specified is 25296920. Return code from ReadEventLog is 122.
RecordNumber[:]2876
SourceName[:]EvntAgnt
TimeGenerated[:]20101030101840.000000-000
TimeWritten[:]20101030101840.000000-000
Type[:]Warning
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5617
EventIdentifier[:]-1073736207
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service subsystems initialized successfully
RecordNumber[:]2874
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030101833.000000-000
TimeWritten[:]20101030101833.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]5615
EventIdentifier[:]-1073736209
EventType[:]0
Logfile[:]Application
Message[:]Windows Management Instrumentation Service started sucessfully
RecordNumber[:]2873
SourceName[:]Microsoft-Windows-WMI
TimeGenerated[:]20101030101833.000000-000
TimeWritten[:]20101030101833.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1
EventIdentifier[:]-2147483647
EventType[:]2
Logfile[:]Application
Message[:]LMS Service cannot connect to Intel(R) MEI driver
RecordNumber[:]2867
SourceName[:]LMS
TimeGenerated[:]20101030101816.000000-000
TimeWritten[:]20101030101816.000000-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]13
EventIdentifier[:]13
EventType[:]1
Logfile[:]Application
Message[:]Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070013, The media is write protected. ]
RecordNumber[:]2861
SourceName[:]VSS
TimeGenerated[:]20101030101726.000000-000
TimeWritten[:]20101030101726.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1530
EventIdentifier[:]1530
EventType[:]2
Logfile[:]Application
Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 22 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000:
Process 1352 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 1352 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000
Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates
Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\trust
Process 1056 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software
Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Root
Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\My
Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\CA
Process 1056 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Process 1056 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Process 1056 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies
Process 1056 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Disallowed
RecordNumber[:]2860
SourceName[:]Microsoft-Windows-User Profiles Service
TimeGenerated[:]20101030101716.418814-000
TimeWritten[:]20101030101716.418814-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]903
EventIdentifier[:]1073742727
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has stopped.
RecordNumber[:]2857
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101030101422.000000-000
TimeWritten[:]20101030101422.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]902
EventIdentifier[:]1073742726
EventType[:]0
Logfile[:]Application
Message[:]The Software Protection service has started. 6.1.7600.16385
RecordNumber[:]2855
SourceName[:]Microsoft-Windows-Security-SPP
TimeGenerated[:]20101030100826.000000-000
TimeWritten[:]20101030100826.000000-000
Type[:]Information
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]12397
SourceName[:]SNMP
TimeGenerated[:]20101102064619.000000-000
TimeWritten[:]20101102064619.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7000
EventIdentifier[:]-1073734824
EventType[:]1
Logfile[:]System
Message[:]The lxdiCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
RecordNumber[:]12386
SourceName[:]Service Control Manager
TimeGenerated[:]20101102064609.710439-000
TimeWritten[:]20101102064609.710439-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7009
EventIdentifier[:]-1073734815
EventType[:]1
Logfile[:]System
Message[:]A timeout was reached (30000 milliseconds) while waiting for the lxdiCATSCustConnectService service to connect.
RecordNumber[:]12385
SourceName[:]Service Control Manager
TimeGenerated[:]20101102064609.710439-000
TimeWritten[:]20101102064609.710439-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]12384
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101102064607.978836-000
TimeWritten[:]20101102064607.978836-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]12333
SourceName[:]volmgr
TimeGenerated[:]20101102064555.735216-000
TimeWritten[:]20101102064555.735216-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]12324
SourceName[:]volmgr
TimeGenerated[:]20101102064550.680807-000
TimeWritten[:]20101102064550.680807-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]4001
EventIdentifier[:]4001
EventType[:]2
Logfile[:]System
Message[:]WLAN AutoConfig service has successfully stopped.
RecordNumber[:]12320
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101102064443.627708-000
TimeWritten[:]20101102064443.627708-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]10003
EventIdentifier[:]10003
EventType[:]1
Logfile[:]System
Message[:]WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
RecordNumber[:]12319
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101102064443.612108-000
TimeWritten[:]20101102064443.612108-000
Type[:]Error
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]7034
EventIdentifier[:]-1073734790
EventType[:]1
Logfile[:]System
Message[:]The ASLDR Service service terminated unexpectedly. It has done this 1 time(s).
RecordNumber[:]12262
SourceName[:]Service Control Manager
TimeGenerated[:]20101102064337.991192-000
TimeWritten[:]20101102064337.991192-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]12190
SourceName[:]SNMP
TimeGenerated[:]20101102061742.000000-000
TimeWritten[:]20101102061742.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7000
EventIdentifier[:]-1073734824
EventType[:]1
Logfile[:]System
Message[:]The lxdiCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
RecordNumber[:]12180
SourceName[:]Service Control Manager
TimeGenerated[:]20101102061735.426847-000
TimeWritten[:]20101102061735.426847-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7009
EventIdentifier[:]-1073734815
EventType[:]1
Logfile[:]System
Message[:]A timeout was reached (30000 milliseconds) while waiting for the lxdiCATSCustConnectService service to connect.
RecordNumber[:]12179
SourceName[:]Service Control Manager
TimeGenerated[:]20101102061735.426847-000
TimeWritten[:]20101102061735.426847-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]12129
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101102061730.199638-000
TimeWritten[:]20101102061730.199638-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]12128
SourceName[:]volmgr
TimeGenerated[:]20101102061717.969216-000
TimeWritten[:]20101102061717.969216-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]12119
SourceName[:]volmgr
TimeGenerated[:]20101102061713.164408-000
TimeWritten[:]20101102061713.164408-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]4001
EventIdentifier[:]4001
EventType[:]2
Logfile[:]System
Message[:]WLAN AutoConfig service has successfully stopped.
RecordNumber[:]12115
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101102061602.999504-000
TimeWritten[:]20101102061602.999504-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]10003
EventIdentifier[:]10003
EventType[:]1
Logfile[:]System
Message[:]WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
RecordNumber[:]12114
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101102061602.999504-000
TimeWritten[:]20101102061602.999504-000
Type[:]Error
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]7034
EventIdentifier[:]-1073734790
EventType[:]1
Logfile[:]System
Message[:]The ASLDR Service service terminated unexpectedly. It has done this 1 time(s).
RecordNumber[:]12058
SourceName[:]Service Control Manager
TimeGenerated[:]20101102061437.452953-000
TimeWritten[:]20101102061437.452953-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1014
EventIdentifier[:]1014
EventType[:]2
Logfile[:]System
Message[:]Name resolution for the name www.doctus.net timed out after none of the configured DNS servers responded.
RecordNumber[:]12002
SourceName[:]Microsoft-Windows-DNS-Client
TimeGenerated[:]20101102024952.304529-000
TimeWritten[:]20101102024952.304529-000
Type[:]Warning
User[:]NT AUTHORITY\NETWORK SERVICE
Category[:]0
CategoryString[:]
EventCode[:]7034
EventIdentifier[:]-1073734790
EventType[:]1
Logfile[:]System
Message[:]The lxdi_device service terminated unexpectedly. It has done this 1 time(s).
RecordNumber[:]11979
SourceName[:]Service Control Manager
TimeGenerated[:]20101102021340.364027-000
TimeWritten[:]20101102021340.364027-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7030
EventIdentifier[:]-1073734794
EventType[:]1
Logfile[:]System
Message[:]The lxdi_device service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
RecordNumber[:]11968
SourceName[:]Service Control Manager
TimeGenerated[:]20101102021209.719843-000
TimeWritten[:]20101102021209.719843-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]11899
SourceName[:]SNMP
TimeGenerated[:]20101102020202.000000-000
TimeWritten[:]20101102020202.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]11892
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101102020145.203638-000
TimeWritten[:]20101102020145.203638-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]11840
SourceName[:]volmgr
TimeGenerated[:]20101102020134.324820-000
TimeWritten[:]20101102020134.324820-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]11831
SourceName[:]volmgr
TimeGenerated[:]20101102020126.961607-000
TimeWritten[:]20101102020126.961607-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]4001
EventIdentifier[:]4001
EventType[:]2
Logfile[:]System
Message[:]WLAN AutoConfig service has successfully stopped.
RecordNumber[:]11823
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101102015940.669380-000
TimeWritten[:]20101102015940.669380-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11789
SourceName[:]Service Control Manager
TimeGenerated[:]20101102011429.135017-000
TimeWritten[:]20101102011429.135017-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11787
SourceName[:]Service Control Manager
TimeGenerated[:]20101102011429.135017-000
TimeWritten[:]20101102011429.135017-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11785
SourceName[:]Service Control Manager
TimeGenerated[:]20101102011429.135017-000
TimeWritten[:]20101102011429.135017-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11784
SourceName[:]Service Control Manager
TimeGenerated[:]20101102011049.127831-000
TimeWritten[:]20101102011049.127831-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11783
SourceName[:]Service Control Manager
TimeGenerated[:]20101102011049.127831-000
TimeWritten[:]20101102011049.127831-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11782
SourceName[:]Service Control Manager
TimeGenerated[:]20101102011049.127831-000
TimeWritten[:]20101102011049.127831-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11779
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005413.128481-000
TimeWritten[:]20101102005413.128481-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11778
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005413.128481-000
TimeWritten[:]20101102005413.128481-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11777
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005413.128481-000
TimeWritten[:]20101102005413.128481-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]10005
EventIdentifier[:]-1073731819
EventType[:]1
Logfile[:]System
Message[:]DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
RecordNumber[:]11774
SourceName[:]Microsoft-Windows-DistributedCOM
TimeGenerated[:]20101102005411.000000-000
TimeWritten[:]20101102005411.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]10005
EventIdentifier[:]-1073731819
EventType[:]1
Logfile[:]System
Message[:]DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
RecordNumber[:]11773
SourceName[:]Microsoft-Windows-DistributedCOM
TimeGenerated[:]20101102005411.000000-000
TimeWritten[:]20101102005411.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]10005
EventIdentifier[:]-1073731819
EventType[:]1
Logfile[:]System
Message[:]DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
RecordNumber[:]11772
SourceName[:]Microsoft-Windows-DistributedCOM
TimeGenerated[:]20101102005410.000000-000
TimeWritten[:]20101102005410.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]10005
EventIdentifier[:]-1073731819
EventType[:]1
Logfile[:]System
Message[:]DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
RecordNumber[:]11771
SourceName[:]Microsoft-Windows-DistributedCOM
TimeGenerated[:]20101102005405.000000-000
TimeWritten[:]20101102005405.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]10000
EventIdentifier[:]10000
EventType[:]1
Logfile[:]System
Message[:]WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
RecordNumber[:]11769
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101102005401.506461-000
TimeWritten[:]20101102005401.506461-000
Type[:]Error
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]11768
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101102005347.669237-000
TimeWritten[:]20101102005347.669237-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11766
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005345.329233-000
TimeWritten[:]20101102005345.329233-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11765
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005345.329233-000
TimeWritten[:]20101102005345.329233-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11764
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005345.329233-000
TimeWritten[:]20101102005345.329233-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11763
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005345.313633-000
TimeWritten[:]20101102005345.313633-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11762
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005345.313633-000
TimeWritten[:]20101102005345.313633-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11761
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005345.313633-000
TimeWritten[:]20101102005345.313633-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7026
EventIdentifier[:]-1073734798
EventType[:]1
Logfile[:]System
Message[:]The following boot-start or system-start driver(s) failed to load: discache KLIF SASDIFSV SASKUTIL spldr Wanarpv6
RecordNumber[:]11760
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005345.298033-000
TimeWritten[:]20101102005345.298033-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Net.Msmq Listener Adapter service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11754
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005343.972030-000
TimeWritten[:]20101102005343.972030-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Message Queuing Triggers service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11753
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005343.972030-000
TimeWritten[:]20101102005343.972030-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The LPD Service service depends on the Print Spooler service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11752
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005343.972030-000
TimeWritten[:]20101102005343.972030-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]11728
SourceName[:]volmgr
TimeGenerated[:]20101102005337.139218-000
TimeWritten[:]20101102005337.139218-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]11725
SourceName[:]volmgr
TimeGenerated[:]20101102005330.462407-000
TimeWritten[:]20101102005330.462407-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]4001
EventIdentifier[:]4001
EventType[:]2
Logfile[:]System
Message[:]WLAN AutoConfig service has successfully stopped.
RecordNumber[:]11718
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101102005137.097173-000
TimeWritten[:]20101102005137.097173-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11697
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005134.179968-000
TimeWritten[:]20101102005134.179968-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11696
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005134.179968-000
TimeWritten[:]20101102005134.179968-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11695
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005134.179968-000
TimeWritten[:]20101102005134.179968-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11692
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005120.139943-000
TimeWritten[:]20101102005120.139943-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11691
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005120.139943-000
TimeWritten[:]20101102005120.139943-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11690
SourceName[:]Service Control Manager
TimeGenerated[:]20101102005120.139943-000
TimeWritten[:]20101102005120.139943-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]10005
EventIdentifier[:]-1073731819
EventType[:]1
Logfile[:]System
Message[:]DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
RecordNumber[:]11687
SourceName[:]Microsoft-Windows-DistributedCOM
TimeGenerated[:]20101102004945.000000-000
TimeWritten[:]20101102004945.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11686
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004840.380063-000
TimeWritten[:]20101102004840.380063-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11685
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004840.380063-000
TimeWritten[:]20101102004840.380063-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11684
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004840.380063-000
TimeWritten[:]20101102004840.380063-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]10000
EventIdentifier[:]10000
EventType[:]1
Logfile[:]System
Message[:]WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
RecordNumber[:]11683
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101102004840.130462-000
TimeWritten[:]20101102004840.130462-000
Type[:]Error
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]10005
EventIdentifier[:]-1073731819
EventType[:]1
Logfile[:]System
Message[:]DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
RecordNumber[:]11680
SourceName[:]Microsoft-Windows-DistributedCOM
TimeGenerated[:]20101102004839.000000-000
TimeWritten[:]20101102004839.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]10005
EventIdentifier[:]-1073731819
EventType[:]1
Logfile[:]System
Message[:]DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
RecordNumber[:]11679
SourceName[:]Microsoft-Windows-DistributedCOM
TimeGenerated[:]20101102004839.000000-000
TimeWritten[:]20101102004839.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]10005
EventIdentifier[:]-1073731819
EventType[:]1
Logfile[:]System
Message[:]DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
RecordNumber[:]11678
SourceName[:]Microsoft-Windows-DistributedCOM
TimeGenerated[:]20101102004838.000000-000
TimeWritten[:]20101102004838.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]10005
EventIdentifier[:]-1073731819
EventType[:]1
Logfile[:]System
Message[:]DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
RecordNumber[:]11677
SourceName[:]Microsoft-Windows-DistributedCOM
TimeGenerated[:]20101102004833.000000-000
TimeWritten[:]20101102004833.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]11675
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101102004826.308838-000
TimeWritten[:]20101102004826.308838-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11673
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004823.922034-000
TimeWritten[:]20101102004823.922034-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11672
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004823.922034-000
TimeWritten[:]20101102004823.922034-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11671
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004823.922034-000
TimeWritten[:]20101102004823.922034-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11670
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004823.922034-000
TimeWritten[:]20101102004823.922034-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11669
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004823.922034-000
TimeWritten[:]20101102004823.922034-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11668
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004823.922034-000
TimeWritten[:]20101102004823.922034-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7026
EventIdentifier[:]-1073734798
EventType[:]1
Logfile[:]System
Message[:]The following boot-start or system-start driver(s) failed to load: discache KLIF SASDIFSV SASKUTIL spldr Wanarpv6
RecordNumber[:]11667
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004823.906434-000
TimeWritten[:]20101102004823.906434-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Net.Msmq Listener Adapter service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11661
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004822.549231-000
TimeWritten[:]20101102004822.549231-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Message Queuing Triggers service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11660
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004822.549231-000
TimeWritten[:]20101102004822.549231-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The LPD Service service depends on the Print Spooler service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11659
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004822.549231-000
TimeWritten[:]20101102004822.549231-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]11636
SourceName[:]volmgr
TimeGenerated[:]20101102004815.841219-000
TimeWritten[:]20101102004815.841219-000
Type[:]Error
User[:]
Category[:]63
CategoryString[:]
EventCode[:]41
EventIdentifier[:]41
EventType[:]1
Logfile[:]System
Message[:]The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
RecordNumber[:]11633
SourceName[:]Microsoft-Windows-Kernel-Power
TimeGenerated[:]20101102004811.738412-000
TimeWritten[:]20101102004811.738412-000
Type[:]Critical
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]11631
SourceName[:]volmgr
TimeGenerated[:]20101102004811.036411-000
TimeWritten[:]20101102004811.036411-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]4001
EventIdentifier[:]4001
EventType[:]2
Logfile[:]System
Message[:]WLAN AutoConfig service has successfully stopped.
RecordNumber[:]11624
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101102004626.119087-000
TimeWritten[:]20101102004626.119087-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11604
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004618.506274-000
TimeWritten[:]20101102004618.506274-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11603
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004618.506274-000
TimeWritten[:]20101102004618.506274-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11602
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004618.506274-000
TimeWritten[:]20101102004618.506274-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11598
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004244.504098-000
TimeWritten[:]20101102004244.504098-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11597
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004244.504098-000
TimeWritten[:]20101102004244.504098-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11596
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004244.504098-000
TimeWritten[:]20101102004244.504098-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]10000
EventIdentifier[:]10000
EventType[:]1
Logfile[:]System
Message[:]WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
RecordNumber[:]11595
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101102004225.144464-000
TimeWritten[:]20101102004225.144464-000
Type[:]Error
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11594
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004222.508059-000
TimeWritten[:]20101102004222.508059-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11593
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004222.508059-000
TimeWritten[:]20101102004222.508059-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11592
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004222.508059-000
TimeWritten[:]20101102004222.508059-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]10005
EventIdentifier[:]-1073731819
EventType[:]1
Logfile[:]System
Message[:]DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
RecordNumber[:]11589
SourceName[:]Microsoft-Windows-DistributedCOM
TimeGenerated[:]20101102004220.000000-000
TimeWritten[:]20101102004220.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]10005
EventIdentifier[:]-1073731819
EventType[:]1
Logfile[:]System
Message[:]DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
RecordNumber[:]11588
SourceName[:]Microsoft-Windows-DistributedCOM
TimeGenerated[:]20101102004220.000000-000
TimeWritten[:]20101102004220.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]10005
EventIdentifier[:]-1073731819
EventType[:]1
Logfile[:]System
Message[:]DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
RecordNumber[:]11587
SourceName[:]Microsoft-Windows-DistributedCOM
TimeGenerated[:]20101102004219.000000-000
TimeWritten[:]20101102004219.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]10005
EventIdentifier[:]-1073731819
EventType[:]1
Logfile[:]System
Message[:]DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
RecordNumber[:]11585
SourceName[:]Microsoft-Windows-DistributedCOM
TimeGenerated[:]20101102004214.000000-000
TimeWritten[:]20101102004214.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]11584
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101102004211.198039-000
TimeWritten[:]20101102004211.198039-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11582
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004209.279236-000
TimeWritten[:]20101102004209.279236-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11581
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004209.279236-000
TimeWritten[:]20101102004209.279236-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11580
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004209.279236-000
TimeWritten[:]20101102004209.279236-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11579
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004209.279236-000
TimeWritten[:]20101102004209.279236-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11578
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004209.279236-000
TimeWritten[:]20101102004209.279236-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11577
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004209.263636-000
TimeWritten[:]20101102004209.263636-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7026
EventIdentifier[:]-1073734798
EventType[:]1
Logfile[:]System
Message[:]The following boot-start or system-start driver(s) failed to load: discache KLIF SASDIFSV SASKUTIL spldr Wanarpv6
RecordNumber[:]11576
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004209.263636-000
TimeWritten[:]20101102004209.263636-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Net.Msmq Listener Adapter service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11570
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004207.859634-000
TimeWritten[:]20101102004207.859634-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The Message Queuing Triggers service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11569
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004207.859634-000
TimeWritten[:]20101102004207.859634-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7001
EventIdentifier[:]-1073734823
EventType[:]1
Logfile[:]System
Message[:]The LPD Service service depends on the Print Spooler service which failed to start because of the following error: The dependency service or group failed to start.
RecordNumber[:]11568
SourceName[:]Service Control Manager
TimeGenerated[:]20101102004207.859634-000
TimeWritten[:]20101102004207.859634-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]11544
SourceName[:]volmgr
TimeGenerated[:]20101102004159.919220-000
TimeWritten[:]20101102004159.919220-000
Type[:]Error
User[:]
Category[:]63
CategoryString[:]
EventCode[:]41
EventIdentifier[:]41
EventType[:]1
Logfile[:]System
Message[:]The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
RecordNumber[:]11541
SourceName[:]Microsoft-Windows-Kernel-Power
TimeGenerated[:]20101102004156.502814-000
TimeWritten[:]20101102004156.502814-000
Type[:]Critical
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]11540
SourceName[:]volmgr
TimeGenerated[:]20101102004156.066013-000
TimeWritten[:]20101102004156.066013-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]4001
EventIdentifier[:]4001
EventType[:]2
Logfile[:]System
Message[:]WLAN AutoConfig service has successfully stopped.
RecordNumber[:]11536
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101102004102.954011-000
TimeWritten[:]20101102004102.954011-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]10003
EventIdentifier[:]10003
EventType[:]1
Logfile[:]System
Message[:]WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
RecordNumber[:]11535
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101102004102.954011-000
TimeWritten[:]20101102004102.954011-000
Type[:]Error
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]11356
SourceName[:]SNMP
TimeGenerated[:]20101101194849.000000-000
TimeWritten[:]20101101194849.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]11309
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101101194829.900041-000
TimeWritten[:]20101101194829.900041-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]11308
SourceName[:]volmgr
TimeGenerated[:]20101101194817.201618-000
TimeWritten[:]20101101194817.201618-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]11299
SourceName[:]volmgr
TimeGenerated[:]20101101194811.554408-000
TimeWritten[:]20101101194811.554408-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]4001
EventIdentifier[:]4001
EventType[:]2
Logfile[:]System
Message[:]WLAN AutoConfig service has successfully stopped.
RecordNumber[:]11295
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101101194752.612772-000
TimeWritten[:]20101101194752.612772-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]10003
EventIdentifier[:]10003
EventType[:]1
Logfile[:]System
Message[:]WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
RecordNumber[:]11294
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101101194752.565972-000
TimeWritten[:]20101101194752.565972-000
Type[:]Error
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]11148
SourceName[:]SNMP
TimeGenerated[:]20101101183102.000000-000
TimeWritten[:]20101101183102.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]11140
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101101183043.328438-000
TimeWritten[:]20101101183043.328438-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]11093
SourceName[:]volmgr
TimeGenerated[:]20101101183031.326419-000
TimeWritten[:]20101101183031.326419-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]11084
SourceName[:]volmgr
TimeGenerated[:]20101101183025.414008-000
TimeWritten[:]20101101183025.414008-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]11015
SourceName[:]SNMP
TimeGenerated[:]20101030235958.000000-000
TimeWritten[:]20101030235958.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]11001
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101030235940.504040-000
TimeWritten[:]20101030235940.504040-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]10951
SourceName[:]volmgr
TimeGenerated[:]20101030235927.466819-000
TimeWritten[:]20101030235927.466819-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]10943
SourceName[:]volmgr
TimeGenerated[:]20101030235921.554408-000
TimeWritten[:]20101030235921.554408-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]7034
EventIdentifier[:]-1073734790
EventType[:]1
Logfile[:]System
Message[:]The ASLDR Service service terminated unexpectedly. It has done this 1 time(s).
RecordNumber[:]10929
SourceName[:]Service Control Manager
TimeGenerated[:]20101030235823.669059-000
TimeWritten[:]20101030235823.669059-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]10826
SourceName[:]SNMP
TimeGenerated[:]20101030213019.000000-000
TimeWritten[:]20101030213019.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]10816
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101030212955.250438-000
TimeWritten[:]20101030212955.250438-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]10767
SourceName[:]volmgr
TimeGenerated[:]20101030212943.310819-000
TimeWritten[:]20101030212943.310819-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]10758
SourceName[:]volmgr
TimeGenerated[:]20101030212937.523208-000
TimeWritten[:]20101030212937.523208-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]10689
SourceName[:]SNMP
TimeGenerated[:]20101030121752.000000-000
TimeWritten[:]20101030121752.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]10680
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101030121733.654441-000
TimeWritten[:]20101030121733.654441-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]10630
SourceName[:]volmgr
TimeGenerated[:]20101030121722.838023-000
TimeWritten[:]20101030121722.838023-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]10621
SourceName[:]volmgr
TimeGenerated[:]20101030121714.492008-000
TimeWritten[:]20101030121714.492008-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]4001
EventIdentifier[:]4001
EventType[:]2
Logfile[:]System
Message[:]WLAN AutoConfig service has successfully stopped.
RecordNumber[:]10613
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101030121239.120401-000
TimeWritten[:]20101030121239.120401-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]10002
EventIdentifier[:]10002
EventType[:]2
Logfile[:]System
Message[:]WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
RecordNumber[:]10612
SourceName[:]Microsoft-Windows-WLAN-AutoConfig
TimeGenerated[:]20101030121239.104801-000
TimeWritten[:]20101030121239.104801-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]10510
SourceName[:]SNMP
TimeGenerated[:]20101030120547.000000-000
TimeWritten[:]20101030120547.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]10499
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101030120526.139640-000
TimeWritten[:]20101030120526.139640-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]10451
SourceName[:]volmgr
TimeGenerated[:]20101030120513.794419-000
TimeWritten[:]20101030120513.794419-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]10442
SourceName[:]volmgr
TimeGenerated[:]20101030120508.303210-000
TimeWritten[:]20101030120508.303210-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1014
EventIdentifier[:]1014
EventType[:]2
Logfile[:]System
Message[:]Name resolution for the name api.flattr.com timed out after none of the configured DNS servers responded.
RecordNumber[:]10352
SourceName[:]Microsoft-Windows-DNS-Client
TimeGenerated[:]20101030110645.766434-000
TimeWritten[:]20101030110645.766434-000
Type[:]Warning
User[:]NT AUTHORITY\NETWORK SERVICE
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]10323
SourceName[:]SNMP
TimeGenerated[:]20101030110526.000000-000
TimeWritten[:]20101030110526.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]10309
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101030110454.593639-000
TimeWritten[:]20101030110454.593639-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]10261
SourceName[:]volmgr
TimeGenerated[:]20101030110442.310819-000
TimeWritten[:]20101030110442.310819-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]10252
SourceName[:]volmgr
TimeGenerated[:]20101030110436.523208-000
TimeWritten[:]20101030110436.523208-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]10172
SourceName[:]SNMP
TimeGenerated[:]20101030110220.000000-000
TimeWritten[:]20101030110220.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]10160
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101030110151.980443-000
TimeWritten[:]20101030110151.980443-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]10113
SourceName[:]volmgr
TimeGenerated[:]20101030110139.354422-000
TimeWritten[:]20101030110139.354422-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]10104
SourceName[:]volmgr
TimeGenerated[:]20101030110131.882009-000
TimeWritten[:]20101030110131.882009-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]9990
SourceName[:]SNMP
TimeGenerated[:]20101030103020.000000-000
TimeWritten[:]20101030103020.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]9981
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101030103004.616042-000
TimeWritten[:]20101030103004.616042-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]9936
SourceName[:]volmgr
TimeGenerated[:]20101030102952.104822-000
TimeWritten[:]20101030102952.104822-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]9927
SourceName[:]volmgr
TimeGenerated[:]20101030102945.599610-000
TimeWritten[:]20101030102945.599610-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]9824
SourceName[:]SNMP
TimeGenerated[:]20101030102659.000000-000
TimeWritten[:]20101030102659.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]9771
SourceName[:]SNMP
TimeGenerated[:]20101030102247.000000-000
TimeWritten[:]20101030102247.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]9768
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101030102240.458043-000
TimeWritten[:]20101030102240.458043-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]9722
SourceName[:]volmgr
TimeGenerated[:]20101030102227.995622-000
TimeWritten[:]20101030102227.995622-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]9713
SourceName[:]volmgr
TimeGenerated[:]20101030102220.850809-000
TimeWritten[:]20101030102220.850809-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]9600
SourceName[:]SNMP
TimeGenerated[:]20101030101834.000000-000
TimeWritten[:]20101030101834.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]11
EventIdentifier[:]11
EventType[:]2
Logfile[:]System
Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
RecordNumber[:]9540
SourceName[:]Microsoft-Windows-Wininit
TimeGenerated[:]20101030101807.101243-000
TimeWritten[:]20101030101807.101243-000
Type[:]Warning
User[:]NT AUTHORITY\SYSTEM
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]9539
SourceName[:]volmgr
TimeGenerated[:]20101030101755.541622-000
TimeWritten[:]20101030101755.541622-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]46
EventIdentifier[:]-1073479634
EventType[:]1
Logfile[:]System
Message[:]Crash dump initialization failed!
RecordNumber[:]9530
SourceName[:]volmgr
TimeGenerated[:]20101030101747.913209-000
TimeWritten[:]20101030101747.913209-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]1500
EventIdentifier[:]-1057028644
EventType[:]1
Logfile[:]System
Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
RecordNumber[:]9471
SourceName[:]SNMP
TimeGenerated[:]20101030100827.000000-000
TimeWritten[:]20101030100827.000000-000
Type[:]Error
User[:]
Category[:]0
CategoryString[:]
EventCode[:]134
EventIdentifier[:]134
EventType[:]2
Logfile[:]System
Message[:]NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)
RecordNumber[:]9426
SourceName[:]Microsoft-Windows-Time-Service
TimeGenerated[:]20101030095537.515128-000
TimeWritten[:]20101030095537.515128-000
Type[:]Warning
User[:]NT AUTHORITY\LOCAL SERVICE
Caption[:]C:
CreationClassName[:]Win32_LogicalDisk
Description[:]Local Fixed Disk
DeviceID[:]C:
DriveType[:]3
FileSystem[:]NTFS
FreeSpace[:]593050951680
MediaType[:]12
Name[:]C:
SIZE[:]619159515136
VolumeName[:]OS
VolumeSerialNumber[:]EA27DC2E
Caption[:]E:
CreationClassName[:]Win32_LogicalDisk
Description[:]CD-ROM Disc
DeviceID[:]E:
DriveType[:]5
FileSystem[:]
FreeSpace[:]
MediaType[:]11
Name[:]E:
SIZE[:]
VolumeName[:]
VolumeSerialNumber[:]
Name[:]Adobe Flash Player 10 Plugin
Uninstall[:]C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin
Vendor[:]Adobe Systems Incorporated
Version[:]10.1.85.3
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]Advanced SystemCare 3
Uninstall[:]"C:\Program Files (x86)\IObit\Advanced SystemCare 3\unins000.exe"
Vendor[:]IObit
Version[:]3.7.2
InstallDate[:]20101029
InstallLocation[:]C:\Program Files (x86)\IObit\Advanced SystemCare 3\
Language[:]
Name[:]ASUS_Screensaver
Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u
Vendor[:]
Version[:]
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]ASUS_Screensaver
Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u
Vendor[:]
Version[:]
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]ASUS_Screensaver
Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u
Vendor[:]
Version[:]
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]ASUS_Screensaver
Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u
Vendor[:]
Version[:]
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]ASUS_Screensaver
Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u
Vendor[:]
Version[:]
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]ASUS_Screensaver
Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u
Vendor[:]
Version[:]
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]ASUS_Screensaver
Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u
Vendor[:]
Version[:]
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]ASUS_Screensaver
Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u
Vendor[:]
Version[:]
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]ASUS_Screensaver
Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u
Vendor[:]
Version[:]
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]ASUS_Screensaver
Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u
Vendor[:]
Version[:]
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]CyberLink Power2Go
Uninstall[:]"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Vendor[:]CyberLink Corp.
Version[:]6.1.3602c
InstallDate[:]20100811
InstallLocation[:]C:\Program Files (x86)\Cyberlink\Power2Go\
Language[:]0
Name[:]CyberLink LabelPrint
Uninstall[:]"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
Vendor[:]CyberLink Corp.
Version[:]2.5.1908
InstallDate[:]20100811
InstallLocation[:]C:\Program Files (x86)\CyberLink\LabelPrint\
Language[:]0
Name[:]Alcor Micro USB Card Reader
Uninstall[:]C:\Program Files (x86)\InstallShield Installation Information\{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}\Setup.exe -runfromtemp -l0x0409
Vendor[:]Alcor Micro Corp.
Version[:]1.5.17.25482
InstallDate[:]20100811
InstallLocation[:]C:\Program Files (x86)\AmIcoSingLun\
Language[:]0
Name[:]Kaspersky Internet Security 2011
Uninstall[:]
Vendor[:]Kaspersky Lab
Version[:]11.0.1.400
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]IObit Security 360
Uninstall[:]"C:\Program Files (x86)\IObit\IObit Security 360\unins000.exe"
Vendor[:]IObit
Version[:]1.0
InstallDate[:]20101030
InstallLocation[:]C:\Program Files (x86)\IObit\IObit Security 360\
Language[:]
Name[:]IObit Toolbar
Uninstall[:]rundll32 C:\PROGRA~2\IObitBar\toolbar\1.bin\i0Bar.dll,O
Vendor[:]IObit
Version[:]
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]Malwarebytes' Anti-Malware
Uninstall[:]"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Vendor[:]Malwarebytes Corporation
Version[:]
InstallDate[:]20101029
InstallLocation[:]C:\Program Files (x86)\Malwarebytes' Anti-Malware\
Language[:]
Name[:]Malwarebytes' Anti-Malware
Uninstall[:]"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Vendor[:]Malwarebytes Corporation
Version[:]
InstallDate[:]20101029
InstallLocation[:]C:\Program Files (x86)\Malwarebytes' Anti-Malware\
Language[:]
Name[:]Mozilla Firefox (3.6.12)
Uninstall[:]C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Vendor[:]Mozilla
Version[:]3.6.12 (en-US)
InstallDate[:]
InstallLocation[:]C:\Program Files (x86)\Mozilla Firefox
Language[:]
Name[:]Revo Uninstaller 1.90
Uninstall[:]C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
Vendor[:]VS Revo Group
Version[:]1.90
InstallDate[:]
InstallLocation[:]C:\Program Files (x86)\VS Revo Group\Revo Uninstaller
Language[:]1033
Name[:]Revo Uninstaller 1.90
Uninstall[:]C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
Vendor[:]VS Revo Group
Version[:]1.90
InstallDate[:]
InstallLocation[:]C:\Program Files (x86)\VS Revo Group\Revo Uninstaller
Language[:]1033
Name[:]Revo Uninstaller 1.90
Uninstall[:]C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
Vendor[:]VS Revo Group
Version[:]1.90
InstallDate[:]
InstallLocation[:]C:\Program Files (x86)\VS Revo Group\Revo Uninstaller
Language[:]1033
Name[:]Windows Live Essentials
Uninstall[:]C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Vendor[:]Microsoft Corporation
Version[:]14.0.8050.1202
InstallDate[:]
InstallLocation[:]C:\Program Files (x86)\Windows Live\
Language[:]9
Name[:]Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Uninstall[:]MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Vendor[:]Microsoft Corporation
Version[:]9.0.30729.4148
InstallDate[:]20101029
InstallLocation[:]
Language[:]1033
Name[:]Windows Live Call
Uninstall[:]MsiExec.exe /I{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}
Vendor[:]Microsoft Corporation
Version[:]14.0.8050.1202
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]ASUS AI Recovery
Uninstall[:]MsiExec.exe /I{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}
Vendor[:]ASUS
Version[:]1.0.10
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]ASUS Splendid Video Enhancement Technology
Uninstall[:]MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
Vendor[:]ASUS
Version[:]1.02.0028
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]Windows Live Messenger
Uninstall[:]MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Vendor[:]Microsoft Corporation
Version[:]14.0.8050.1202
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]ASUS LifeFrame3
Uninstall[:]MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
Vendor[:]ASUS
Version[:]3.0.20
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]Windows Live Upload Tool
Uninstall[:]MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Vendor[:]Microsoft Corporation
Version[:]14.0.8014.1029
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]Wireless Console 3
Uninstall[:]MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}
Vendor[:]ASUS
Version[:]3.0.17
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]MSVCRT
Uninstall[:]MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Vendor[:]Microsoft
Version[:]14.0.1468.721
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]Microsoft Search Enhancement Pack
Uninstall[:]MsiExec.exe /I{299CF645-48C7-4FA1-8BCD-5CE200CF180D}
Vendor[:]Microsoft Corporation
Version[:]1.2.121.0
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]Windows Live Toolbar
Uninstall[:]MsiExec.exe /X{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}
Vendor[:]Microsoft Corporation
Version[:]14.0.8052.1208
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]CyberLink Power2Go
Uninstall[:]"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Vendor[:]CyberLink Corp.
Version[:]6.1.3602c
InstallDate[:]20100811
InstallLocation[:]C:\Program Files (x86)\Cyberlink\Power2Go\
Language[:]0
Name[:]Junk Mail filter update
Uninstall[:]MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
Vendor[:]Microsoft Corporation
Version[:]14.0.8050.1202
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]ControlDeck
Uninstall[:]MsiExec.exe /I{5B65EF64-1DFA-414A-8C94-7BB726158E21}
Vendor[:]ASUS
Version[:]1.0.8
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]Windows Live Mail
Uninstall[:]MsiExec.exe /I{63C1109E-D977-49ED-BCE3-D00D0BF187D6}
Vendor[:]Microsoft Corporation
Version[:]14.0.8050.1202
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]ASUS SmartLogon
Uninstall[:]MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
Vendor[:]ASUS
Version[:]1.0.0008
InstallDate[:]20100811
InstallLocation[:]C:\Program Files (x86)\ASUS\SmartLogon\
Language[:]1033
Name[:]Intel(R) Management Engine Components
Uninstall[:]C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Vendor[:]Intel Corporation
Version[:]6.0.0.1179
InstallDate[:]
InstallLocation[:]C:\Program Files (x86)\Intel\Intel(R) Management Engine Components
Language[:]
Name[:]Kaspersky Internet Security 2011
Uninstall[:]
Vendor[:]Kaspersky Lab
Version[:]11.0.1.400
InstallDate[:]20101029
InstallLocation[:]C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\
Language[:]1033
Name[:]Windows Live Writer
Uninstall[:]MsiExec.exe /X{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}
Vendor[:]Microsoft Corporation
Version[:]14.0.8050.1202
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]MSXML 4.0 SP3 Parser (KB973685)
Uninstall[:]MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
Vendor[:]Microsoft Corporation
Version[:]4.30.2107.0
InstallDate[:]20100811
InstallLocation[:]C:\Windows\SysWOW64\
Language[:]1033
Name[:]Microsoft Silverlight
Uninstall[:]MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Vendor[:]Microsoft Corporation
Version[:]4.0.50917.0
InstallDate[:]20101029
InstallLocation[:]c:\Program Files (x86)\Microsoft Silverlight\
Language[:]1033
Name[:]Microsoft Sync Framework Runtime Native v1.0 (x86)
Uninstall[:]MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Vendor[:]Microsoft Corporation
Version[:]1.0.1215.0
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]WinFlash
Uninstall[:]MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
Vendor[:]ASUS
Version[:]2.30.3
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]Choice Guard
Uninstall[:]MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Vendor[:]Microsoft Corporation
Version[:]1.2.87.0
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]Windows Live Sign-in Assistant
Uninstall[:]MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00}
Vendor[:]Microsoft Corporation
Version[:]5.000.818.6
InstallDate[:]20101029
InstallLocation[:]
Language[:]1033
Name[:]Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Uninstall[:]MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Vendor[:]Microsoft Corporation
Version[:]9.0.30729
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]ASUS MultiFrame
Uninstall[:]RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9
Vendor[:]ASUS
Version[:]1.0.0021
InstallDate[:]8-11-2010
InstallLocation[:]
Language[:]
Name[:]ATK Package
Uninstall[:]MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
Vendor[:]ASUS
Version[:]1.0.0004
InstallDate[:]20100811
InstallLocation[:]C:\Program Files (x86)\ASUS\ATK Package\
Language[:]1033
Name[:]Express Gate
Uninstall[:]MsiExec.exe /X{B5A5627C-0173-4DB2-ADA8-740479370F67}
Vendor[:]DeviceVM, Inc.
Version[:]1.4.10.2
InstallDate[:]20100811
InstallLocation[:]C:\temp\Splashtop_temp_folder\ASUS.SYS\
Language[:]0
Name[:]Microsoft Sync Framework Services Native v1.0 (x86)
Uninstall[:]MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Vendor[:]Microsoft Corporation
Version[:]1.0.1215.0
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]CyberLink LabelPrint
Uninstall[:]"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
Vendor[:]CyberLink Corp.
Version[:]2.5.1908
InstallDate[:]20100811
InstallLocation[:]C:\Program Files (x86)\CyberLink\LabelPrint\
Language[:]0
Name[:]Windows Live Essentials
Uninstall[:]MsiExec.exe /I{D9D754A1-EAC5-406C-A28B-C49B1E846711}
Vendor[:]Microsoft Corporation
Version[:]14.0.8050.1202
InstallDate[:]20100811
InstallLocation[:]
Language[:]9
Name[:]ASUS Live Update
Uninstall[:]RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9
Vendor[:]ASUS
Version[:]2.5.9
InstallDate[:]8-11-2010
InstallLocation[:]
Language[:]
Name[:]ASUS Virtual Camera
Uninstall[:]MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
Vendor[:]asus
Version[:]1.0.19
InstallDate[:]20100811
InstallLocation[:]
Language[:]0
Name[:]Microsoft SQL Server 2005 Compact Edition [ENU]
Uninstall[:]MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Vendor[:]Microsoft Corporation
Version[:]3.1.0000
InstallDate[:]20100811
InstallLocation[:]C:\Program Files (x86)\Microsoft SQL Server Compact Edition\
Language[:]1033
Name[:]Intel(R) Graphics Media Accelerator Driver
Uninstall[:]C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
Vendor[:]Intel Corporation
Version[:]8.15.10.2125
InstallDate[:]
InstallLocation[:]C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver
Language[:]
Name[:]Realtek High Definition Audio Driver
Uninstall[:]RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
Vendor[:]Realtek Semiconductor Corp.
Version[:]6.0.1.6110
InstallDate[:]20100811
InstallLocation[:]C:\Program Files\Realtek\Audio\HDA
Language[:]9
Name[:]Alcor Micro USB Card Reader
Uninstall[:]
Vendor[:]Alcor Micro Corp.
Version[:]1.5.17.25482
InstallDate[:]20100811
InstallLocation[:]C:\Program Files (x86)\AmIcoSingLun\
Language[:]0
Name[:]Alcor Micro USB Card Reader
Uninstall[:]
Vendor[:]Alcor Micro Corp.
Version[:]1.5.17.25482
InstallDate[:]20100811
InstallLocation[:]C:\Program Files (x86)\AmIcoSingLun\
Language[:]0
Name[:]Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Uninstall[:]c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Vendor[:]Microsoft Corporation
Version[:]1
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Uninstall[:]c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Vendor[:]Microsoft Corporation
Version[:]1
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Uninstall[:]c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Vendor[:]Microsoft Corporation
Version[:]1
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Uninstall[:]c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Vendor[:]Microsoft Corporation
Version[:]1
InstallDate[:]
InstallLocation[:]
Language[:]
Name[:]Windows Live Communications Platform
Uninstall[:]MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Vendor[:]Microsoft Corporation
Version[:]14.0.8050.1202
InstallDate[:]20100811
InstallLocation[:]
Language[:]0
Name[:]Windows Live Photo Gallery
Uninstall[:]MsiExec.exe /X{F73A5B18-EB75-4B2C-B32D-9457576E2417}
Vendor[:]Microsoft Corporation
Version[:]14.0.8051.1204
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
Name[:]Intel(R) Control Center
Uninstall[:]C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Vendor[:]Intel Corporation
Version[:]1.2.1.1007
InstallDate[:]
InstallLocation[:]C:\Program Files (x86)\Intel\Intel Control Center
Language[:]
Name[:]Intel(R) Control Center
Uninstall[:]C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Vendor[:]Intel Corporation
Version[:]1.2.1.1007
InstallDate[:]
InstallLocation[:]C:\Program Files (x86)\Intel\Intel Control Center
Language[:]
Name[:]Windows Live Sync
Uninstall[:]MsiExec.exe /X{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}
Vendor[:]Microsoft Corporation
Version[:]14.0.8050.1202
InstallDate[:]20100811
InstallLocation[:]
Language[:]1033
CommandLine[:]
Priority[:]0
ProcessId[:]0
ReadOperationCount[:]0
ReadTransferCount[:]0
SessionId[:]0
ThreadCount[:]4
||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0||||||||||
CommandLine[:]
Priority[:]8
ProcessId[:]4
ReadOperationCount[:]8467
ReadTransferCount[:]88258521
SessionId[:]0
ThreadCount[:]127
CommandLine[:]
Priority[:]11
ProcessId[:]336
ReadOperationCount[:]12
ReadTransferCount[:]37406
SessionId[:]0
ThreadCount[:]2
CommandLine[:]
Priority[:]13
ProcessId[:]452
ReadOperationCount[:]956
ReadTransferCount[:]637049
SessionId[:]0
ThreadCount[:]11
wininit.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||94.0KB (96,256 bytes)||||2009/07/13 18:36:49||2009/07/13 20:14:45||2009/07/13 18:36:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Start-Up Application||© Microsoft Corporation. All rights reserved.||b5c5dcad3899512020d135600129d665||
CommandLine[:]
Priority[:]13
ProcessId[:]516
ReadOperationCount[:]1
ReadTransferCount[:]6656
SessionId[:]0
ThreadCount[:]3
CommandLine[:]
Priority[:]13
ProcessId[:]540
ReadOperationCount[:]149531
ReadTransferCount[:]4453431
SessionId[:]1
ThreadCount[:]12
CommandLine[:]
Priority[:]9
ProcessId[:]592
ReadOperationCount[:]111
ReadTransferCount[:]486540
SessionId[:]0
ThreadCount[:]9
CommandLine[:]
Priority[:]13
ProcessId[:]624
ReadOperationCount[:]3
ReadTransferCount[:]6800
SessionId[:]1
ThreadCount[:]3
CommandLine[:]
Priority[:]9
ProcessId[:]640
ReadOperationCount[:]1298
ReadTransferCount[:]87269
SessionId[:]0
ThreadCount[:]7
CommandLine[:]
Priority[:]8
ProcessId[:]652
ReadOperationCount[:]0
ReadTransferCount[:]0
SessionId[:]0
ThreadCount[:]11
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]792
ReadOperationCount[:]0
ReadTransferCount[:]0
SessionId[:]0
ThreadCount[:]11
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]880
ReadOperationCount[:]0
ReadTransferCount[:]0
SessionId[:]0
ThreadCount[:]8
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]972
ReadOperationCount[:]3191
ReadTransferCount[:]16433372
SessionId[:]0
ThreadCount[:]22
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]368
ReadOperationCount[:]1114
ReadTransferCount[:]55103452
SessionId[:]0
ThreadCount[:]18
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]484
ReadOperationCount[:]4779
ReadTransferCount[:]40890925
SessionId[:]0
ThreadCount[:]39
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]1044
ReadOperationCount[:]33
ReadTransferCount[:]674
SessionId[:]0
ThreadCount[:]12
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]1152
ReadOperationCount[:]786
ReadTransferCount[:]631884
SessionId[:]0
ThreadCount[:]18
CommandLine[:]
Priority[:]8
ProcessId[:]1332
ReadOperationCount[:]80
ReadTransferCount[:]1833659
SessionId[:]0
ThreadCount[:]8
wlanext.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||75.5KB (77,312 bytes)||||2009/07/13 18:51:56||2009/07/13 20:14:46||2009/07/13 18:51:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Wireless LAN 802.11 Extensibility Framework||© Microsoft Corporation. All rights reserved.||6f44f5c0bc6b210fe5f5a1c8d899ad0a||
CommandLine[:]
Priority[:]8
ProcessId[:]1340
ReadOperationCount[:]16
ReadTransferCount[:]1604
SessionId[:]0
ThreadCount[:]13
CommandLine[:]
Priority[:]8
ProcessId[:]1348
ReadOperationCount[:]0
ReadTransferCount[:]0
SessionId[:]0
ThreadCount[:]1
CommandLine[:]
Priority[:]8
ProcessId[:]1472
ReadOperationCount[:]0
ReadTransferCount[:]0
SessionId[:]0
ThreadCount[:]4
CommandLine[:]
Priority[:]8
ProcessId[:]1528
ReadOperationCount[:]15
ReadTransferCount[:]16608
SessionId[:]0
ThreadCount[:]4
CommandLine[:]
Priority[:]8
ProcessId[:]1592
ReadOperationCount[:]5
ReadTransferCount[:]8030
SessionId[:]0
ThreadCount[:]16
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]1628
ReadOperationCount[:]14700
ReadTransferCount[:]268871202
SessionId[:]0
ThreadCount[:]18
CommandLine[:]
Priority[:]8
ProcessId[:]1744
ReadOperationCount[:]1114971
ReadTransferCount[:]45943506196
SessionId[:]0
ThreadCount[:]5
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]1776
ReadOperationCount[:]141
ReadTransferCount[:]540195
SessionId[:]0
ThreadCount[:]10
CommandLine[:]
Priority[:]8
ProcessId[:]1796
ReadOperationCount[:]732465
ReadTransferCount[:]1843911929
SessionId[:]0
ThreadCount[:]93
CommandLine[:]
Priority[:]8
ProcessId[:]1900
ReadOperationCount[:]0
ReadTransferCount[:]0
SessionId[:]0
ThreadCount[:]3
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]1948
ReadOperationCount[:]88
ReadTransferCount[:]329079
SessionId[:]0
ThreadCount[:]15
CommandLine[:]
Priority[:]8
ProcessId[:]1968
ReadOperationCount[:]15
ReadTransferCount[:]574640
SessionId[:]0
ThreadCount[:]6
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]2004
ReadOperationCount[:]0
ReadTransferCount[:]0
SessionId[:]0
ThreadCount[:]5
CommandLine[:]
Priority[:]8
ProcessId[:]464
ReadOperationCount[:]3
ReadTransferCount[:]2222
SessionId[:]0
ThreadCount[:]10
CommandLine[:]
Priority[:]8
ProcessId[:]2084
ReadOperationCount[:]0
ReadTransferCount[:]0
SessionId[:]0
ThreadCount[:]4
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]2124
ReadOperationCount[:]4
ReadTransferCount[:]16384
SessionId[:]0
ThreadCount[:]6
lxdicoms.exe||1.0.27.0||1.0.27.0||Application||C:\Windows\System32\||505KB (517,040 bytes)||||2010/11/01 21:12:19||2007/06/11 10:14:52||2010/11/01 21:12:19||0||1||0||0||0||0||Printer Communication System||Printer Communication System|| ||7b09187a3611480ba6632f4e3c86ddc0||
CommandLine[:]
Priority[:]8
ProcessId[:]2528
ReadOperationCount[:]2906
ReadTransferCount[:]0
SessionId[:]0
ThreadCount[:]9
CommandLine[:]
Priority[:]8
ProcessId[:]2572
ReadOperationCount[:]114
ReadTransferCount[:]136703
SessionId[:]0
ThreadCount[:]22
CommandLine[:]
Priority[:]8
ProcessId[:]2604
ReadOperationCount[:]36
ReadTransferCount[:]79613
SessionId[:]0
ThreadCount[:]9
RegSrvc.exe||13, 2, 0, 0||13, 2, 0, 0||Application||C:\Program Files\Common Files\Intel\WirelessCommon\||812KB (831,760 bytes)||||2010/03/05 12:06:22||2010/03/05 12:06:22||2010/08/11 20:35:46||0||1||0||0||0||0||Intel(R) PROSet/Wireless||Intel(R) PROSet/Wireless Registry Service||Copyright (c) Intel Corporation 1999-2010||0aa473966357c4a41b5eb19649eb6e5e||
CommandLine[:]
Priority[:]8
ProcessId[:]3056
ReadOperationCount[:]5981
ReadTransferCount[:]126470
SessionId[:]0
ThreadCount[:]4
CommandLine[:]"taskhost.exe"
Priority[:]8
ProcessId[:]120
ReadOperationCount[:]10
ReadTransferCount[:]1742248
SessionId[:]1
ThreadCount[:]8
taskeng.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||186KB (190,464 bytes)||||2009/07/13 18:30:45||2009/07/13 20:14:42||2009/07/13 18:30:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Task Scheduler Engine||© Microsoft Corporation. All rights reserved.||de5dacebd4c89834ec6d2c41c8643cda||
CommandLine[:]
Priority[:]8
ProcessId[:]2868
ReadOperationCount[:]12
ReadTransferCount[:]17912
SessionId[:]1
ThreadCount[:]9
CommandLine[:]"C:\Windows\system32\Dwm.exe"
Priority[:]13
ProcessId[:]1360
ReadOperationCount[:]1
ReadTransferCount[:]60
SessionId[:]1
ThreadCount[:]5
explorer.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\||2.74MB (2,870,272 bytes)||||2010/08/11 20:57:39||2010/08/11 20:57:39||2010/08/11 20:57:39||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Explorer||© Microsoft Corporation. All rights reserved.||9aaaec8dac27aa17b053e6352ad233ae||
CommandLine[:]C:\Windows\Explorer.EXE
Priority[:]8
ProcessId[:]2932
ReadOperationCount[:]2548
ReadTransferCount[:]6940240
SessionId[:]1
ThreadCount[:]27
CommandLine[:]
Priority[:]8
ProcessId[:]2104
ReadOperationCount[:]539
ReadTransferCount[:]2531861
SessionId[:]0
ThreadCount[:]13
TCPSVCS.EXE||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||9.00KB (9,216 bytes)||||2009/07/13 18:55:14||2009/07/13 20:14:42||2009/07/13 18:55:14||0||1||0||0||0||0||Microsoft® Windows® Operating System||TCP/IP Services Application||© Microsoft Corporation. All rights reserved.||f5aaa8cdda25b6387af590d676d25bad||
CommandLine[:]
Priority[:]8
ProcessId[:]3196
ReadOperationCount[:]10
ReadTransferCount[:]40960
SessionId[:]0
ThreadCount[:]4
CommandLine[:]
Priority[:]6
ProcessId[:]3264
ReadOperationCount[:]67
ReadTransferCount[:]3056
SessionId[:]1
ThreadCount[:]5
CommandLine[:]
Priority[:]6
ProcessId[:]3296
ReadOperationCount[:]65
ReadTransferCount[:]110208
SessionId[:]1
ThreadCount[:]6
snmp.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||46.5KB (47,616 bytes)||||2009/07/13 18:55:05||2009/07/13 20:14:39||2009/07/13 18:55:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||SNMP Service||© Microsoft Corporation. All rights reserved.||007f394efb7bf80bf9999d9384cc272a||
CommandLine[:]
Priority[:]8
ProcessId[:]3304
ReadOperationCount[:]4
ReadTransferCount[:]293940
SessionId[:]0
ThreadCount[:]7
CommandLine[:]
Priority[:]6
ProcessId[:]3344
ReadOperationCount[:]17
ReadTransferCount[:]53248
SessionId[:]1
ThreadCount[:]3
CommandLine[:]
Priority[:]6
ProcessId[:]3384
ReadOperationCount[:]0
ReadTransferCount[:]0
SessionId[:]1
ThreadCount[:]3
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]3396
ReadOperationCount[:]2
ReadTransferCount[:]17
SessionId[:]0
ThreadCount[:]9
ACEngSvr.exe||1.0.0.4||1, 0, 0, 4||Application||C:\Windows\System32\||179KB (183,296 bytes)||||2010/08/11 20:42:56||2006/10/09 21:07:56||2010/08/11 20:42:56||0||1||0||0||0||0||ACEngSvr Module||ACEngSvr Module||Copyright (c) 2005 ASUSTeK Computer Inc.||41a5048e49372f091b2ae5a5b705b72d||
CommandLine[:]
Priority[:]8
ProcessId[:]3460
ReadOperationCount[:]66
ReadTransferCount[:]3595
SessionId[:]1
ThreadCount[:]3
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]3492
ReadOperationCount[:]118
ReadTransferCount[:]542066
SessionId[:]0
ThreadCount[:]16
CommandLine[:]
Priority[:]8
ProcessId[:]3596
ReadOperationCount[:]619
ReadTransferCount[:]670775
SessionId[:]0
ThreadCount[:]13
CommandLine[:]
Priority[:]8
ProcessId[:]3688
ReadOperationCount[:]1
ReadTransferCount[:]60
SessionId[:]1
ThreadCount[:]7
AmIcoSinglun64.exe||1, 1, 0, 9||1, 1, 0, 9||Application||C:\Program Files (x86)\AmIcoSingLun\||316KB (323,584 bytes)||||2009/09/01 02:10:27||2009/09/01 02:10:27||2010/08/11 20:35:17||0||1||0||0||0||0||IconUtility||Single LUN Icon Utility for VID 058F PID 6366||AlcorMicro Co., Ltd. All rights reserved.||dfac78508defe8841da4cdd1fa472c1a||
CommandLine[:]"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
Priority[:]8
ProcessId[:]3804
ReadOperationCount[:]1
ReadTransferCount[:]60
SessionId[:]1
ThreadCount[:]1
iFrmewrk.exe||13, 2, 0, 0||13, 2, 0, 0||Application||C:\Program Files\Common Files\Intel\WirelessCommon\||1.84MB (1,928,976 bytes)||||2010/03/05 12:09:02||2010/03/05 12:09:02||2010/08/11 20:35:47||0||1||0||0||0||0||Intel(R) PROSet/Wireless||Intel(R) PROSet/Wireless Framework||Copyright (c) Intel Corporation 1999-2010||f2c49a7aa03fc231be87a65e50d0b6f6||
CommandLine[:]"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
Priority[:]8
ProcessId[:]3820
ReadOperationCount[:]6206
ReadTransferCount[:]174891
SessionId[:]1
ThreadCount[:]6
CommandLine[:]"C:\Windows\System32\igfxtray.exe"
Priority[:]8
ProcessId[:]3828
ReadOperationCount[:]0
ReadTransferCount[:]0
SessionId[:]1
ThreadCount[:]3
CommandLine[:]"C:\Windows\System32\hkcmd.exe"
Priority[:]8
ProcessId[:]3852
ReadOperationCount[:]10
ReadTransferCount[:]119166
SessionId[:]1
ThreadCount[:]3
CommandLine[:]"C:\Windows\System32\igfxpers.exe"
Priority[:]8
ProcessId[:]3900
ReadOperationCount[:]2
ReadTransferCount[:]398
SessionId[:]1
ThreadCount[:]3
lxdimon.exe||0.1.25.0||||Application||C:\Program Files (x86)\Lexmark 3500-4500 Series\||425KB (434,856 bytes)||||2010/11/01 21:12:24||2009/04/27 13:30:52||2010/11/01 21:12:24||0||1||0||0||0||0||||Device Monitor||||78c697c80328080200c5d6935f23aad2||
CommandLine[:]"C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe"
Priority[:]8
ProcessId[:]3992
ReadOperationCount[:]1
ReadTransferCount[:]28666
SessionId[:]1
ThreadCount[:]7
Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>winspool.drv||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Device driver||C:\Windows\System32\||312KB (319,488 bytes)||||2009/07/13 19:18:30||2009/07/13 20:14:08||2009/07/13 19:18:30||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Spooler Driver||© Microsoft Corporation. All rights reserved.||61e02cc3184b63fafe0b83eac8b3b8ef||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>lxdiscw.dll||||||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||272KB (278,528 bytes)||||2010/11/01 21:12:24||2007/03/23 15:41:44||2010/11/01 21:12:24||0||1||0||0||0||0||||||||3900c249757bf8208ddcedddaf53fdd6||<||||>lxdicfg.dll||1, 0, 0, 1||1, 0, 0, 1||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||76.1KB (77,906 bytes)||||2010/11/01 21:12:24||2007/11/07 12:28:18||2010/11/01 21:12:24||0||1||0||0||0||0||Lexmark International config||config||||6c6d57dd53e3c8ad074cf97fc27e4b35||<||||>lxdidatr.dll||99.99.99.99||99.99.99.99||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||576KB (589,824 bytes)||||2010/11/01 21:12:21||2007/03/05 10:45:26||2010/11/01 21:12:21||0||1||0||0||0||0||||Data Recorder||||7ed76fc8b1cf5c11b50a5e71024bc0d9||<||||>lxdicats.dll||1, 0, 0, 1||1, 0, 0, 1||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||72.0KB (73,728 bytes)||||2010/11/01 21:12:21||2006/12/28 11:47:42||2010/11/01 21:12:21||0||1||0||0||0||0||cats||cats||Copyright © 2003||0ed29e08b136aa11f6fbd4dea0a11c54||<||||>lxdimonr.dll||0.1.25.0||||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||76.0KB (77,824 bytes)||||2010/11/01 21:12:24||2007/01/23 19:22:10||2010/11/01 21:12:24||0||1||0||0||0||0||||||Copyright © 2005||e3f05c710a5c269fc67e642c31f031b8||<||||>ws2_32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||202KB (206,336 bytes)||||2009/07/13 18:12:28||2009/07/13 20:16:20||2009/07/13 18:12:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 2.0 32-Bit DLL||© Microsoft Corporation. All rights reserved.||daae8a9b8c0acc7f858454132553c30d||<||||>nsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||8.50KB (8,704 bytes)||||2009/07/13 18:12:06||2009/07/13 20:16:11||2009/07/13 18:12:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||NSI User-mode interface DLL||© Microsoft Corporation. All rights reserved.||6377051c63d5552a311935c67e9fdfdc||<||||>mswsock.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||227KB (232,448 bytes)||||2009/07/13 18:12:34||2009/07/13 20:15:51||2009/07/13 18:12:34||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Sockets 2.0 Service Provider||© Microsoft Corporation. All rights reserved.||11a41f17527ed75d6b758fdd7f4fd00d||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>lxdicomc.dll||1.0.27.0||1.0.27.0||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||748KB (765,952 bytes)||||2010/11/01 21:12:24||2007/05/17 10:58:12||2010/11/01 21:12:24||0||1||0||0||0||0||Printer Communication System||Printer Communication System|| ||b781f15ba5c19760ba046c59d5edaf4b||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>SPICtrl.dll||1, 0, 0, 1||1, 0, 0, 0||Application extension||C:\Program Files (x86)\IObit\Advanced SystemCare 3\||1.37MB (1,433,296 bytes)||||2010/10/29 19:31:28||2010/09/28 20:50:14||2010/10/29 19:31:28||0||1||0||0||0||0||SPICtrl Dynamic Link Library||SPICtrl Dynamic Link Library||Copyright(C) 2005-2009||c7868fd23610dc8077f5037d5c7fde47||<||||>comdlg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||476KB (486,912 bytes)||||2009/07/13 18:39:49||2009/07/13 20:15:07||2009/07/13 18:39:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||Common Dialogs DLL||© Microsoft Corporation. All rights reserved.||a223cf703e28cbd7e9e7982141fa403c||<||||>comctl32.dll||5.82 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\||518KB (530,432 bytes)||||2010/10/29 16:06:18||2010/08/21 00:33:24||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Common Controls Library||© Microsoft Corporation. All rights reserved.||d3ead1cf16ba729a7f7c9a5d94aa7c05||<||||>WSHTCPIP.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||9.00KB (9,216 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv4)||© Microsoft Corporation. All rights reserved.||ee5c8e27c37b79cb54a2fceeed2dc262||<||||>
CommandLine[:]
Priority[:]8
ProcessId[:]4080
ReadOperationCount[:]1
ReadTransferCount[:]21768
SessionId[:]0
ThreadCount[:]11
CommandLine[:]
Priority[:]8
ProcessId[:]2144
ReadOperationCount[:]36
ReadTransferCount[:]79613
SessionId[:]0
ThreadCount[:]8
CommandLine[:]
Priority[:]8
ProcessId[:]920
ReadOperationCount[:]632
ReadTransferCount[:]769760
SessionId[:]0
ThreadCount[:]10
lxdiamon.exe||1.0.2676.13196||1.0.2676.13196||Application||C:\Program Files (x86)\Lexmark 3500-4500 Series\||24.7KB (25,256 bytes)||||2010/11/01 21:12:25||2009/04/27 13:30:54||2010/11/01 21:12:25||0||1||0||0||0||0||||Device Monitor Application|| ||c498ba6ce31d62d27718c70bd6221940||
CommandLine[:]"C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe"
Priority[:]8
ProcessId[:]4112
ReadOperationCount[:]46
ReadTransferCount[:]698081
SessionId[:]1
ThreadCount[:]7
Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>mscoree.dll||4.0.31106.0 (Main.031106-0000)||4.0.31106.0||Application extension||C:\Windows\System32\||291KB (297,808 bytes)||||2010/10/29 16:11:44||2009/11/25 12:47:34||2010/10/29 16:11:44||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Runtime Execution Engine||© Microsoft Corporation. All rights reserved.||128dd9af8640dbcc711940903c8b554f||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>mscoreei.dll||4.0.30319.1 (RTMRel.030319-0100)||4.0.30319.1||Application extension||C:\Windows\Microsoft.NET\Framework\v4.0.30319\||403KB (413,008 bytes)||||2010/03/18 13:16:28||2010/03/18 13:16:28||2010/10/29 17:02:50||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Runtime Execution Engine||© Microsoft Corporation. All rights reserved.||83ba5e873164a3711b44052f58c8fe9f||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>mscorwks.dll||2.0.50727.4952 (win7RTMGDR.050727-4900)||2.0.50727.4952||Application extension||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||5.55MB (5,816,656 bytes)||||2010/10/29 16:06:50||2010/05/20 17:49:18||2010/10/29 16:06:50||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Runtime Common Language Runtime - WorkStation||© Microsoft Corporation. All rights reserved.||2d10eb6c6a8701c8609892b90b3abf2d||<||||>msvcr80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||618KB (632,656 bytes)||||2009/07/13 15:46:13||2009/06/10 16:23:11||2009/07/13 15:46:13||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C Runtime Library||© Microsoft Corporation. All rights reserved.||c4e9e285e1730d864dd4b35b73cdafdb||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>profapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||31.0KB (31,744 bytes)||||2009/07/13 18:12:02||2009/07/13 20:16:12||2009/07/13 18:12:02||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Profile Basic API||© Microsoft Corporation. All rights reserved.||c733d233b623b7ffce5031e4b756ee26||<||||>mscorlib.ni.dll||2.0.50727.4952 (win7RTMGDR.050727-4900)||2.0.50727.4952||DLL File||C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f58ab951b57c8526430486dcf7ee38fd\||11.0MB (11,490,304 bytes)||||2010/10/29 16:26:48||2010/10/29 16:26:48||2010/10/29 16:26:48||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft Common Language Runtime Class Library||© Microsoft Corporation. All rights reserved.||6b3569b08cf6aa9023281b09426e9ad2||<||||>mscorsec.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application extension||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||72.3KB (74,064 bytes)||||2009/07/13 15:46:26||2009/06/10 16:23:08||2009/07/13 15:46:26||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Security module||© Microsoft Corporation. All rights reserved.||6e9e439517d89edc9a6cb1e94489620a||<||||>wintrust.dll||6.1.7600.16493 (win7_gdr.091228-1501)||6.1.7600.16493||Application extension||C:\Windows\SysWOW64\||168KB (172,032 bytes)||||2010/08/11 20:58:51||2010/08/11 20:58:51||2010/08/11 20:58:51||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Trust Verification APIs||© Microsoft Corporation. All rights reserved.||f8090992723d55f6a2a8238f0d152149||<||||>crypt32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.10MB (1,151,488 bytes)||||2009/07/13 18:34:18||2009/07/13 20:15:07||2009/07/13 18:34:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Crypto API32||© Microsoft Corporation. All rights reserved.||e6b5de86abf68d7d67e451c29287b5c5||<||||>msasn1.dll||6.1.7600.16415 (win7_gdr.090828-1615)||6.1.7600.16415||Application extension||C:\Windows\SysWOW64\||34.0KB (34,816 bytes)||||2010/08/11 20:54:49||2010/08/11 20:54:49||2010/08/11 20:54:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||ASN.1 Runtime APIs||© Microsoft Corporation. All rights reserved.||4c04900aa8c323f5d4c316a89e976849||<||||>comctl32.dll||5.82 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\||518KB (530,432 bytes)||||2010/10/29 16:06:18||2010/08/21 00:33:24||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Common Controls Library||© Microsoft Corporation. All rights reserved.||d3ead1cf16ba729a7f7c9a5d94aa7c05||<||||>cryptsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||77.0KB (78,848 bytes)||||2009/07/13 18:37:21||2009/07/13 20:15:07||2009/07/13 18:37:21||0||1||0||0||0||0||Microsoft® Windows® Operating System||Cryptographic Service Provider API||© Microsoft Corporation. All rights reserved.||7321f18d1f820612ed0e9f2d4b578a7e||<||||>rsaenh.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||237KB (242,936 bytes)||||2009/07/13 18:37:33||2009/07/13 20:17:54||2009/07/13 18:37:33||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Enhanced Cryptographic Provider||© Microsoft Corporation. All rights reserved.||ed8ec63f7522df4852147c84ec62c36a||<||||>imagehlp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||151KB (154,624 bytes)||||2009/07/13 18:57:51||2009/07/13 20:15:31||2009/07/13 18:57:51||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT Image Helper||© Microsoft Corporation. All rights reserved.||61da1dd85f7a9a8f8dea8771931faaf6||<||||>ncrypt.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||214KB (219,136 bytes)||||2009/07/13 18:33:05||2009/07/13 20:16:02||2009/07/13 18:33:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows cryptographic library||© Microsoft Corporation. All rights reserved.||c20ff1a17726c357461a7ac5b3bfc3ad||<||||>bcrypt.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||79.0KB (80,896 bytes)||||2009/07/13 18:32:57||2009/07/13 20:11:20||2009/07/13 18:32:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Cryptographic Primitives Library (Wow64)||© Microsoft Corporation. All rights reserved.||ce71b9119a258edd0a05b37d7b0f92e3||<||||>bcryptprimitives.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||244KB (249,680 bytes)||||2009/07/13 18:33:07||2009/07/13 20:17:54||2009/07/13 18:33:07||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Cryptographic Primitives Library||© Microsoft Corporation. All rights reserved.||e8449fe262d7406bcb2ac2a45c53ec5f||<||||>userenv.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||77.5KB (79,360 bytes)||||2009/07/13 18:34:19||2009/07/13 20:16:17||2009/07/13 18:34:19||0||1||0||0||0||0||Microsoft® Windows® Operating System||Userenv||© Microsoft Corporation. All rights reserved.||9c0dc1daad14d443dd5a0d1ee78d775e||<||||>gpapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||78.0KB (79,872 bytes)||||2009/07/13 18:38:32||2009/07/13 20:15:22||2009/07/13 18:38:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Group Policy Client API||© Microsoft Corporation. All rights reserved.||1097f3035baf46ced8b332b3564c5108||<||||>cryptnet.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||101KB (103,424 bytes)||||2009/07/13 18:32:43||2009/07/13 20:15:07||2009/07/13 18:32:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||Crypto Network Related API||© Microsoft Corporation. All rights reserved.||04d16553664796613fe98d441a0c35d7||<||||>Wldap32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||263KB (268,800 bytes)||||2009/07/13 18:38:45||2009/07/13 20:16:19||2009/07/13 18:38:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Win32 LDAP API DLL||© Microsoft Corporation. All rights reserved.||bfa70a99ad1434263f2dfbba103bdef8||<||||>SensApi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||10.5KB (10,752 bytes)||||2009/07/13 18:21:53||2009/07/13 20:16:13||2009/07/13 18:21:53||0||1||0||0||0||0||Microsoft® Windows® Operating System||SENS Connectivity API DLL||© Microsoft Corporation. All rights reserved.||6f8e3b7b70e1bba871212940c1fbdf60||<||||>cabinet.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||71.0KB (72,704 bytes)||||2009/07/13 18:12:33||2009/07/13 20:15:00||2009/07/13 18:12:33||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft® Cabinet File API||© Microsoft Corporation. All rights reserved.||def30cbea881149c2affdf9a059fb759||<||||>devrtl.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||43.5KB (44,544 bytes)||||2009/07/13 18:16:06||2009/07/13 20:15:11||2009/07/13 18:16:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Device Management Run Time Library||© Microsoft Corporation. All rights reserved.||fd07f21e0a19c27ed4e1eec2b07452b3||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>mscorjit.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application extension||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||355KB (363,856 bytes)||||2009/07/13 15:46:24||2009/06/10 16:23:05||2009/07/13 15:46:24||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Runtime Just-In-Time Compiler||© Microsoft Corporation. All rights reserved.||07f4fcc206ccd2b95e842bb127609c1c||<||||>RpcRtRemote.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||44.5KB (45,568 bytes)||||2009/07/13 18:43:48||2009/07/13 20:16:13||2009/07/13 18:43:48||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote RPC Extension||© Microsoft Corporation. All rights reserved.||6c0bd9d59c7e97dee2fb3407d17bf697||<||||>App4R.Monitor.Core.dll||1.0.2676.13195||1.0.2676.13195||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||40.0KB (40,960 bytes)||||2010/11/01 21:12:25||2007/05/02 05:11:56||2010/11/01 21:12:25||0||1||0||0||0||0|||| || ||5068e451bd71967a0d67ec2e3c1a6d6e||<||||>App4R.Monitor.Common.dll||1.0.2676.13193||1.0.2676.13193||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||28.0KB (28,672 bytes)||||2010/11/01 21:12:25||2007/05/02 05:11:56||2010/11/01 21:12:25||0||1||0||0||0||0|||| || ||2b1a2ce30b65e75746c7c753697bcb92||<||||>System.ni.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||DLL File||C:\Windows\assembly\NativeImages_v2.0.50727_32\System\500ddd904b1099f95552a81b54223b7f\||7.58MB (7,949,312 bytes)||||2010/10/29 16:26:52||2010/10/29 16:26:52||2010/10/29 16:26:52||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Framework||© Microsoft Corporation. All rights reserved.||306f368dceeccd7b856814ca9adafb63||<||||>System.Drawing.ni.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||DLL File||C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\fdeec42fa02f3d789c42be2e33b130eb\||1.51MB (1,586,688 bytes)||||2010/10/29 16:27:11||2010/10/29 16:27:11||2010/10/29 16:27:11||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Framework||© Microsoft Corporation. All rights reserved.||0e8deab79bf37617c41783c99684190e||<||||>System.Windows.Forms.ni.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||DLL File||C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f92c882fd4e7005c005e208daa04c28d\||11.9MB (12,430,848 bytes)||||2010/10/29 16:27:16||2010/10/29 16:27:16||2010/10/29 16:27:16||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Framework||© Microsoft Corporation. All rights reserved.||1383868bf3724167026f8db984718b6d||<||||>System.Configuration.ni.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||DLL File||C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4be2653d1c9804d2ff6e6b66d22764e1\||949KB (971,264 bytes)||||2010/10/29 16:26:53||2010/10/29 16:26:53||2010/10/29 16:26:53||0||1||0||0||0||0||Microsoft® .NET Framework||System.Configuration.dll||© Microsoft Corporation. All rights reserved.||d689e8f39bbbb41b8f2704f85220590a||<||||>System.Xml.ni.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||DLL File||C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3060dfcdecbeb8ee65077fb29b217c3d\||5.20MB (5,452,800 bytes)||||2010/10/29 16:26:56||2010/10/29 16:26:56||2010/10/29 16:26:56||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Framework||© Microsoft Corporation. All rights reserved.||f55e3a708c1b6db16a64c40c3d8bfb88||<||||>App4R.DevMons.MCMDevMon.dll||1.0.2676.13194||1.0.2676.13194||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||56.0KB (57,344 bytes)||||2010/11/01 21:12:25||2007/05/02 05:10:58||2010/11/01 21:12:25||0||1||0||0||0||0|||| || ||65b0522086ef3d0ab4e01f5601041701||<||||>App4R.DevMons.NetworkCardDevMon.dll||1.0.2676.13193||1.0.2676.13193||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||20.0KB (20,480 bytes)||||2010/11/01 21:12:25||2007/04/30 08:19:48||2010/11/01 21:12:25||0||1||0||0||0||0||NetworkCardDevMon||NetworkCardDevMon|| ||c7093a310b2dd6cfb0436938711ba409||<||||>App4R.DevMons.ScanDevMon.dll||1.0.2676.13195||1.0.2676.13195||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||20.0KB (20,480 bytes)||||2010/11/01 21:12:25||2007/04/30 08:19:52||2010/11/01 21:12:25||0||1||0||0||0||0|||| || ||a8efd009143c7ab1731235524b54341d||<||||>winspool.drv||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Device driver||C:\Windows\System32\||312KB (319,488 bytes)||||2009/07/13 19:18:30||2009/07/13 20:14:08||2009/07/13 19:18:30||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Spooler Driver||© Microsoft Corporation. All rights reserved.||61e02cc3184b63fafe0b83eac8b3b8ef||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>comctl32.dll||6.10 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\||1.60MB (1,680,896 bytes)||||2010/10/29 16:06:18||2010/08/21 00:21:32||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Experience Controls Library||© Microsoft Corporation. All rights reserved.||4b8dd8541c0e26602005dd0137333615||<||||>App4R.DevMons.MCMDevMon.AutoPlayUtil.dll||||||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||11.5KB (11,776 bytes)||||2010/11/01 21:12:25||2007/04/30 08:20:26||2010/11/01 21:12:25||0||1||0||0||0||0||||||||82696f34a604b65b4102ca96da153ef1||<||||>mfc71.dll||7.10.3077.0||7.10.3077.0||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||1.01MB (1,060,864 bytes)||||2010/11/01 21:12:25||2007/01/19 04:10:14||2010/11/01 21:12:25||0||1||0||0||0||0||Microsoft® Visual Studio .NET||MFCDLL Shared Library - Retail Version||© Microsoft Corporation. All rights reserved.||f35a584e947a5b401feb0fe01db4a0d7||<||||>msvcr71.dll||7.10.3052.4||7.10.3052.4||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||340KB (348,160 bytes)||||2010/11/01 21:12:25||2007/01/19 04:10:14||2010/11/01 21:12:25||0||1||0||0||0||0||Microsoft® Visual Studio .NET||Microsoft® C Runtime Library||© Microsoft Corporation. All rights reserved.||86f1895ae8c5e8b17d99ece768a70732||<||||>System.Runtime.Remoting.ni.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||DLL File||C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\6afe3a43d112ed5356d73468c5c44045\||754KB (771,584 bytes)||||2010/10/29 16:27:38||2010/10/29 16:27:38||2010/10/29 16:27:38||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Runtime Object Remoting||© Microsoft Corporation. All rights reserved.||e84a99eae286881d9b7057ec2ab34e0b||<||||>ws2_32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||202KB (206,336 bytes)||||2009/07/13 18:12:28||2009/07/13 20:16:20||2009/07/13 18:12:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 2.0 32-Bit DLL||© Microsoft Corporation. All rights reserved.||daae8a9b8c0acc7f858454132553c30d||<||||>nsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||8.50KB (8,704 bytes)||||2009/07/13 18:12:06||2009/07/13 20:16:11||2009/07/13 18:12:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||NSI User-mode interface DLL||© Microsoft Corporation. All rights reserved.||6377051c63d5552a311935c67e9fdfdc||<||||>SPICtrl.dll||1, 0, 0, 1||1, 0, 0, 0||Application extension||C:\Program Files (x86)\IObit\Advanced SystemCare 3\||1.37MB (1,433,296 bytes)||||2010/10/29 19:31:28||2010/09/28 20:50:14||2010/10/29 19:31:28||0||1||0||0||0||0||SPICtrl Dynamic Link Library||SPICtrl Dynamic Link Library||Copyright(C) 2005-2009||c7868fd23610dc8077f5037d5c7fde47||<||||>comdlg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||476KB (486,912 bytes)||||2009/07/13 18:39:49||2009/07/13 20:15:07||2009/07/13 18:39:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||Common Dialogs DLL||© Microsoft Corporation. All rights reserved.||a223cf703e28cbd7e9e7982141fa403c||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>mswsock.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||227KB (232,448 bytes)||||2009/07/13 18:12:34||2009/07/13 20:15:51||2009/07/13 18:12:34||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Sockets 2.0 Service Provider||© Microsoft Corporation. All rights reserved.||11a41f17527ed75d6b758fdd7f4fd00d||<||||>WSHTCPIP.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||9.00KB (9,216 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv4)||© Microsoft Corporation. All rights reserved.||ee5c8e27c37b79cb54a2fceeed2dc262||<||||>wship6.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||10.5KB (10,752 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv6)||© Microsoft Corporation. All rights reserved.||73e8667a19feedd856df2695e9e511d4||<||||>nlaapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||50.5KB (51,712 bytes)||||2009/07/13 18:53:54||2009/07/13 20:16:03||2009/07/13 18:53:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Location Awareness 2||© Microsoft Corporation. All rights reserved.||045db4eab4fbd23210e85ecc3f464a2e||<||||>dnsapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||264KB (269,824 bytes)||||2009/07/13 18:12:41||2009/07/13 20:15:12||2009/07/13 18:12:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||DNS Client API DLL||© Microsoft Corporation. All rights reserved.||6d5a49d6479eb753c7879f73a4c35e0f||<||||>winrnr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:37:57||2009/07/13 20:16:19||2009/07/13 18:37:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||LDAP RnR Provider DLL||© Microsoft Corporation. All rights reserved.||5df5d8cfd9b9573fa3b2c89d9061a240||<||||>NapiNSP.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||51.0KB (52,224 bytes)||||2009/07/13 18:54:55||2009/07/13 20:16:02||2009/07/13 18:54:55||0||1||0||0||0||0||Microsoft® Windows® Operating System||E-mail Naming Shim Provider||© Microsoft Corporation. All rights reserved.||0b7e85364cb878e2ad531db7b601a9e5||<||||>pnrpnsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||63.5KB (65,024 bytes)||||2009/07/13 18:55:50||2009/07/13 20:16:12||2009/07/13 18:55:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||PNRP Name Space Provider||© Microsoft Corporation. All rights reserved.||5cf640eddb1e40a5ab1bb743bcdec610||<||||>IPHLPAPI.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||102KB (103,936 bytes)||||2009/07/13 18:12:15||2009/07/13 20:15:33||2009/07/13 18:12:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||IP Helper API||© Microsoft Corporation. All rights reserved.||6095266caaf5e75f394cfd4844cc4c25||<||||>winnsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||16.5KB (16,896 bytes)||||2009/07/13 18:12:05||2009/07/13 20:16:19||2009/07/13 18:12:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Store Information RPC interface||© Microsoft Corporation. All rights reserved.||cff35b879d1618d42c86644c717ba947||<||||>rasadhlp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||11.5KB (11,776 bytes)||||2009/07/13 18:54:36||2009/07/13 20:16:12||2009/07/13 18:54:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Access AutoDial Helper||© Microsoft Corporation. All rights reserved.||ed6ee83d61ebc683c2cd8e899ea6febe||<||||>FWPUCLNT.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||212KB (216,576 bytes)||||2009/07/13 18:54:04||2009/07/13 20:15:21||2009/07/13 18:54:04||0||1||0||0||0||0||Microsoft® Windows® Operating System||FWP/IPsec User-Mode API||© Microsoft Corporation. All rights reserved.||158117f3cf278f01c6f24e89e2141e81||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||>
EvtEng.exe||13, 2, 0, 3||13, 2, 0, 0||Application||C:\Program Files\Intel\WiFi\bin\||1.36MB (1,425,168 bytes)||||2010/03/05 12:26:38||2010/03/05 12:26:38||2010/08/11 20:35:45||0||1||0||0||0||0||Intel(R) PROSet/Wireless||Intel(R) PROSet/Wireless Event Log Service||Copyright (c) Intel Corporation 1999-2010||b56d9602db5fe1c116b1ca5efd8e2e50||
CommandLine[:]
Priority[:]8
ProcessId[:]4732
ReadOperationCount[:]213
ReadTransferCount[:]56794
SessionId[:]0
ThreadCount[:]20
CLMLSvc.exe||2.1.1803.0||2.1.1803.0||Application||C:\Program Files (x86)\CyberLink\Power2Go\||101KB (103,720 bytes)||||2009/11/02 16:21:26||2009/11/02 16:21:26||2010/08/11 20:15:26||0||1||0||0||0||0||CyberLink MediaLibray Service||CyberLink MediaLibray Service||Copyright (C) 2005||57b4d34232852bfe4453be571df90d21||
CommandLine[:]"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
Priority[:]8
ProcessId[:]5064
ReadOperationCount[:]44
ReadTransferCount[:]35157
SessionId[:]1
ThreadCount[:]6
Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>msvcp71.dll||7.10.4301.0||7.10.4301.0||Application extension||C:\Program Files (x86)\CyberLink\Power2Go\||497KB (509,224 bytes)||||2009/11/02 16:17:54||2009/11/02 16:17:54||2010/08/11 20:15:27||0||1||0||0||0||0||Microsoft® Visual Studio .NET||Microsoft® C++ Runtime Library||© Microsoft Corporation. All rights reserved.||c3a5ffd57c2563204cd9351f0c7a0dea||<||||>msvcr71.dll||7.10.6014.4||7.10.6014.4||Application extension||C:\Program Files (x86)\CyberLink\Power2Go\||345KB (353,576 bytes)||||2009/11/02 16:17:42||2009/11/02 16:17:42||2010/08/11 20:15:27||0||1||0||0||0||0||Microsoft® Visual Studio .NET||Microsoft® C Runtime Library||© Microsoft Corporation. All rights reserved.||a1a6fc56a1d0dadc164637fe43c40605||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>clbcatq.dll||2001.12.8530.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||510KB (522,240 bytes)||||2009/07/13 18:44:44||2009/07/13 20:15:03||2009/07/13 18:44:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||COM+ Configuration Catalog||© Microsoft Corporation. All rights reserved.||ff5688d309347f2720911d8796912834||<||||>cryptsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||77.0KB (78,848 bytes)||||2009/07/13 18:37:21||2009/07/13 20:15:07||2009/07/13 18:37:21||0||1||0||0||0||0||Microsoft® Windows® Operating System||Cryptographic Service Provider API||© Microsoft Corporation. All rights reserved.||7321f18d1f820612ed0e9f2d4b578a7e||<||||>rsaenh.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||237KB (242,936 bytes)||||2009/07/13 18:37:33||2009/07/13 20:17:54||2009/07/13 18:37:33||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Enhanced Cryptographic Provider||© Microsoft Corporation. All rights reserved.||ed8ec63f7522df4852147c84ec62c36a||<||||>RpcRtRemote.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||44.5KB (45,568 bytes)||||2009/07/13 18:43:48||2009/07/13 20:16:13||2009/07/13 18:43:48||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote RPC Extension||© Microsoft Corporation. All rights reserved.||6c0bd9d59c7e97dee2fb3407d17bf697||<||||>profapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||31.0KB (31,744 bytes)||||2009/07/13 18:12:02||2009/07/13 20:16:12||2009/07/13 18:12:02||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Profile Basic API||© Microsoft Corporation. All rights reserved.||c733d233b623b7ffce5031e4b756ee26||<||||>CLMediaLibrary.dll||3.10.1803.0||3.10.1803.0||Application extension||C:\Program Files (x86)\CyberLink\Power2Go\||605KB (619,816 bytes)||||2009/11/02 16:20:10||2009/11/02 16:20:10||2010/08/11 20:15:26||0||1||0||0||0||0|| CLMediaLibrary Dynamic Link Library||CLMediaLibrary Dynamic Link Library||Copyright (C) 2006||6a5d0ed8f280ab8e312a4252472a14a4||<||||>GdiPlus.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\||1.55MB (1,624,576 bytes)||||2009/07/13 18:26:25||2009/07/13 20:03:50||2009/07/13 18:26:25||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft GDI+||© Microsoft Corporation. All rights reserved.||edb57065790b62ef83be117ad3edfde2||<||||>ntmarta.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||119KB (121,856 bytes)||||2009/07/13 18:34:20||2009/07/13 20:16:11||2009/07/13 18:34:20||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT MARTA provider||© Microsoft Corporation. All rights reserved.||3fd15b4611d9bda3f8013548c0ecaeca||<||||>Wldap32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||263KB (268,800 bytes)||||2009/07/13 18:38:45||2009/07/13 20:16:19||2009/07/13 18:38:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Win32 LDAP API DLL||© Microsoft Corporation. All rights reserved.||bfa70a99ad1434263f2dfbba103bdef8||<||||>wmp.dll||12.0.7600.16667 (win7_gdr.100831-1503)||12.0.7600.16667||Application extension||C:\Windows\System32\||10.9MB (11,406,848 bytes)||||2010/10/29 16:02:24||2010/08/31 23:29:28||2010/10/29 16:02:24||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Media Player||© Microsoft Corporation. All rights reserved.||9967bce6cf289223adc2fbf311c6a78f||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>wmploc.DLL||12.0.7600.16385 (win7_rtm.090713-1255)||12.0.7600.16385||Application extension||C:\Windows\System32\||12.0MB (12,625,408 bytes)||||2010/10/29 16:02:22||2010/08/31 23:23:49||2010/10/29 16:02:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Media Player Resources||© Microsoft Corporation. All rights reserved.||fa05241c7bc7ebcc36af78299d0d37fe||<||||>CLMLSvcPS.dll||1, 0, 0, 1||1, 0, 0, 1||Application extension||C:\Program Files (x86)\CyberLink\Power2Go\||12.8KB (13,096 bytes)||||2009/11/02 16:23:36||2009/11/02 16:23:36||2010/08/11 20:15:31||0||1||0||0||0||0|| CLMLSvc Dynamic Link Library||CLMLSvc Dynamic Link Library||Copyright (C) 2005||2168e61b9e3b06eeb8b3eacdfdc4699b||<||||>
avp.exe||11.0.1.419||11.0.1.419||Application||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||345KB (352,976 bytes)||||2010/07/01 21:39:08||2010/10/29 17:20:36||2010/10/29 17:20:36||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Anti-Virus||© 1997-2010 Kaspersky Lab ZAO.||946d70667b0119f2beeae0849e1d46a2||
CommandLine[:]"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
Priority[:]8
ProcessId[:]5104
ReadOperationCount[:]1198
ReadTransferCount[:]4971744
SessionId[:]1
ThreadCount[:]20
Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>msvcr80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||618KB (632,656 bytes)||||2009/07/13 15:46:13||2009/06/10 16:23:11||2009/07/13 15:46:13||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C Runtime Library||© Microsoft Corporation. All rights reserved.||c4e9e285e1730d864dd4b35b73cdafdb||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>fssync.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||86.7KB (88,760 bytes)||||2010/07/01 21:35:02||2010/07/01 21:35:02||2010/10/29 17:08:07||0||1||0||0||0||0||Kaspersky Anti-Virus||FSSYNC.DLL||© 1997-2010 Kaspersky Lab ZAO.||a39c30993dcbd6e6979cd775dc9d07f8||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>fltLib.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||14.5KB (14,848 bytes)||||2009/07/13 18:14:03||2009/07/13 20:15:21||2009/07/13 18:14:03||0||1||0||0||0||0||Microsoft® Windows® Operating System||Filter Library||© Microsoft Corporation. All rights reserved.||1ebe9524683c7c4eed8b8bc93fb6fbcc||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>psapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||6.00KB (6,144 bytes)||||2009/07/13 18:15:50||2009/07/13 20:16:12||2009/07/13 18:15:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||Process Status Helper||© Microsoft Corporation. All rights reserved.||a543ac1f7138376d778d630a35fcbc4c||<||||>dumpwriter.dll||11.0.1.416||11.0.1.416||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||115KB (117,432 bytes)||||2010/07/01 21:35:00||2010/10/29 17:20:36||2010/10/29 17:20:36||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Dump Writer DLL||© 1997-2010 Kaspersky Lab ZAO.||8a2440aaf3809a325dfb30ea98f0810d||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>msvcp80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||542KB (554,816 bytes)||||2009/07/13 15:46:11||2009/06/10 16:23:11||2009/07/13 15:46:11||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C++ Runtime Library||© Microsoft Corporation. All rights reserved.||cfc54225d1870fdbf6e9e75fb83a27cb||<||||>memmng.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||16.2KB (16,568 bytes)||||2010/07/01 21:35:16||2010/07/01 21:35:16||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||Memmng module||© 1997-2010 Kaspersky Lab ZAO.||3623c04d8f6eaafa918b797ede0f6c90||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>wtsapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||39.0KB (39,936 bytes)||||2009/07/13 19:02:18||2009/07/13 20:16:20||2009/07/13 19:02:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Remote Desktop Session Host Server SDK APIs||© Microsoft Corporation. All rights reserved.||e30e5bb0dba49efe5bbbafea440cfbd9||<||||>winsta.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||153KB (156,160 bytes)||||2009/07/13 19:02:29||2009/07/13 20:16:19||2009/07/13 19:02:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winstation Library||© Microsoft Corporation. All rights reserved.||ae5ff948400a51b040f999bf04290373||<||||>ushata.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||54.7KB (55,992 bytes)||||2010/07/01 21:35:24||2010/07/01 21:35:24||2010/10/29 17:08:27||0||1||0||0||0||0||Kaspersky Anti-Virus||Ushata module||© 1997-2010 Kaspersky Lab ZAO.||d44925e16d98bf4089dd0e624791536c||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||>clldr.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||17.7KB (18,104 bytes)||||2010/07/01 21:34:56||2010/07/01 21:34:56||2010/10/29 17:08:06||0||1||0||0||0||0||Kaspersky Anti-Virus||CLLDR||© 1997-2010 Kaspersky Lab ZAO.||9f61b1b7b715409fd4d57c2b2a97af79||<||||>prremote.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||143KB (146,104 bytes)||||2010/07/01 21:35:20||2010/07/01 21:35:20||2010/10/29 17:08:16||0||1||0||0||0||0||Kaspersky Anti-Virus||PR_REMOTE||© 1997-2010 Kaspersky Lab ZAO.||734b1b0b9eba64026428bbbab2d92b58||<||||>prloader.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||247KB (252,600 bytes)||||2010/07/01 21:35:20||2010/07/01 21:35:20||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||Prague Loader||© 1997-2010 Kaspersky Lab ZAO.||1010dd531904fd62ec0ebc0d7610b858||<||||>userenv.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||77.5KB (79,360 bytes)||||2009/07/13 18:34:19||2009/07/13 20:16:17||2009/07/13 18:34:19||0||1||0||0||0||0||Microsoft® Windows® Operating System||Userenv||© Microsoft Corporation. All rights reserved.||9c0dc1daad14d443dd5a0d1ee78d775e||<||||>profapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||31.0KB (31,744 bytes)||||2009/07/13 18:12:02||2009/07/13 20:16:12||2009/07/13 18:12:02||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Profile Basic API||© Microsoft Corporation. All rights reserved.||c733d233b623b7ffce5031e4b756ee26||<||||>pxstub.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||38.7KB (39,608 bytes)||||2010/07/01 21:36:02||2010/07/01 21:36:02||2010/10/29 17:08:16||0||1||0||0||0||0||Kaspersky Anti-Virus||Proxy Stubs||© 1997-2010 Kaspersky Lab ZAO.||97b3cc546e4fd6c192d377784033f7d0||<||||>params.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||1.00MB (1,051,320 bytes)||||2010/07/01 21:35:56||2010/07/01 21:35:56||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||Structure Serializer||© 1997-2010 Kaspersky Lab ZAO.||1290f60e791d0a6198999215698d6b9a||<||||>WinReg.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||35.7KB (36,536 bytes)||||2010/07/01 21:36:20||2010/07/01 21:36:20||2010/10/29 17:08:27||0||1||0||0||0||0||Kaspersky Anti-Virus||WINREG||© 1997-2010 Kaspersky Lab ZAO.||6c000c2052c3fbcf37b34c852e7fb3c2||<||||>HASHMD5.PPL||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||15.2KB (15,544 bytes)||||2010/07/01 21:35:44||2010/07/01 21:35:44||2010/10/29 17:08:07||0||1||0||0||0||0||Kaspersky Anti-Virus||HASHMD5||© 1997-2010 Kaspersky Lab ZAO.||902876ab7186e64e6a5ffd1d594aa913||<||||>nfio.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||111KB (113,336 bytes)||||2010/07/01 21:35:54||2010/07/01 21:35:54||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||NFIO||© 1997-2010 Kaspersky Lab ZAO.||482d226b656be4a773768b6adec0809c||<||||>mpr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||62.5KB (64,000 bytes)||||2009/07/13 18:55:36||2009/07/13 20:15:41||2009/07/13 18:55:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multiple Provider Router DLL||© Microsoft Corporation. All rights reserved.||b9a8cbcfcd3ec9d2ea4740af347bf108||<||||>FsDrvPlg.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||18.7KB (19,128 bytes)||||2010/07/01 21:35:44||2010/07/01 21:35:44||2010/10/29 17:08:07||0||1||0||0||0||0||Kaspersky Anti-Virus||Plugin for FSDrv||© 1997-2010 Kaspersky Lab ZAO.||920e9b09a52bd402fca78cef9efb6015||<||||>RpcRtRemote.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||44.5KB (45,568 bytes)||||2009/07/13 18:43:48||2009/07/13 20:16:13||2009/07/13 18:43:48||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote RPC Extension||© Microsoft Corporation. All rights reserved.||6c0bd9d59c7e97dee2fb3407d17bf697||<||||>avpgui.ppl||11.0.1.416||11.0.1.416||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||1.28MB (1,346,232 bytes)||||2010/08/04 12:56:08||2010/10/29 17:20:36||2010/10/29 17:20:36||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Anti-Virus GUI Logic||© 1997-2010 Kaspersky Lab ZAO.||ff89b53d9e3dbd734bf1380201d91a7b||<||||>service.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||187KB (191,160 bytes)||||2010/07/01 21:35:20||2010/07/01 21:35:20||2010/10/29 17:08:17||0||1||0||0||0||0||Kaspersky Anti-Virus||Component service provider||© 1997-2010 Kaspersky Lab ZAO.||66fea468fca2d11cd31bbe04ab1f2964||<||||>eka_meta.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||459KB (469,688 bytes)||||2010/07/01 21:35:00||2010/07/01 21:35:00||2010/10/29 17:08:07||0||1||0||0||0||0||Kaspersky Anti-Virus||EKA_META||© 1997-2010 Kaspersky Lab ZAO.||8ac0b70dec4324863fa8c65319dfd305||<||||>esmgr.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||263KB (268,984 bytes)||||2010/07/01 21:35:02||2010/07/01 21:35:02||2010/10/29 17:08:07||0||1||0||0||0||0||Kaspersky Anti-Virus||ESMgr||© 1997-2010 Kaspersky Lab ZAO.||aaf5eea8ec73d2d73055c09ee2545382||<||||>basegui.ppl||11.0.1.414||11.0.1.414||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||1.62MB (1,694,392 bytes)||||2010/07/27 20:19:06||2010/10/29 17:20:36||2010/10/29 17:20:36||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Anti-Virus GUI Windows part||© 1997-2010 Kaspersky Lab ZAO.||eb66085ecaca891b5c35f5b2f55cc55a||<||||>netapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||55.5KB (56,832 bytes)||||2009/07/13 18:37:53||2009/07/13 20:16:02||2009/07/13 18:37:53||0||1||0||0||0||0||Microsoft® Windows® Operating System||Net Win32 API DLL||© Microsoft Corporation. All rights reserved.||c3dbf7dff5a38136e26badb7ab4e2972||<||||>netutils.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||21.5KB (22,016 bytes)||||2009/07/13 18:37:29||2009/07/13 20:16:03||2009/07/13 18:37:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Net Win32 API Helpers DLL||© Microsoft Corporation. All rights reserved.||c6bb27d9a8ac13d4a44486f528b5c884||<||||>srvcli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||88.0KB (90,112 bytes)||||2009/07/13 18:37:36||2009/07/13 20:16:15||2009/07/13 18:37:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Server Service Client DLL||© Microsoft Corporation. All rights reserved.||89d840773c9c4358a5031dcc860449ec||<||||>wkscli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||46.0KB (47,104 bytes)||||2009/07/13 18:37:38||2009/07/13 20:16:19||2009/07/13 18:37:38||0||1||0||0||0||0||Microsoft® Windows® Operating System||Workstation Service Client DLL||© Microsoft Corporation. All rights reserved.||7ad12703039056d2a0815f85960e1fa1||<||||>samcli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||49.5KB (50,688 bytes)||||2009/07/13 18:37:32||2009/07/13 20:16:13||2009/07/13 18:37:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Accounts Manager Client DLL||© Microsoft Corporation. All rights reserved.||742aa02bd9fa3492c9e525bbd427d87d||<||||>msimg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||4.50KB (4,608 bytes)||||2009/07/13 18:25:24||2009/07/13 20:15:44||2009/07/13 18:25:24||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDIEXT Client DLL||© Microsoft Corporation. All rights reserved.||18ab2e5a40064ed5f7791ac5946a90f3||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>ws2_32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||202KB (206,336 bytes)||||2009/07/13 18:12:28||2009/07/13 20:16:20||2009/07/13 18:12:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 2.0 32-Bit DLL||© Microsoft Corporation. All rights reserved.||daae8a9b8c0acc7f858454132553c30d||<||||>nsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||8.50KB (8,704 bytes)||||2009/07/13 18:12:06||2009/07/13 20:16:11||2009/07/13 18:12:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||NSI User-mode interface DLL||© Microsoft Corporation. All rights reserved.||6377051c63d5552a311935c67e9fdfdc||<||||>comctl32.dll||6.10 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\||1.60MB (1,680,896 bytes)||||2010/10/29 16:06:18||2010/08/21 00:21:32||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Experience Controls Library||© Microsoft Corporation. All rights reserved.||4b8dd8541c0e26602005dd0137333615||<||||>clbcatq.dll||2001.12.8530.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||510KB (522,240 bytes)||||2009/07/13 18:44:44||2009/07/13 20:15:03||2009/07/13 18:44:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||COM+ Configuration Catalog||© Microsoft Corporation. All rights reserved.||ff5688d309347f2720911d8796912834||<||||>cryptsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||77.0KB (78,848 bytes)||||2009/07/13 18:37:21||2009/07/13 20:15:07||2009/07/13 18:37:21||0||1||0||0||0||0||Microsoft® Windows® Operating System||Cryptographic Service Provider API||© Microsoft Corporation. All rights reserved.||7321f18d1f820612ed0e9f2d4b578a7e||<||||>rsaenh.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||237KB (242,936 bytes)||||2009/07/13 18:37:33||2009/07/13 20:17:54||2009/07/13 18:37:33||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Enhanced Cryptographic Provider||© Microsoft Corporation. All rights reserved.||ed8ec63f7522df4852147c84ec62c36a||<||||>thpimpl.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||38.7KB (39,608 bytes)||||2010/07/01 21:36:12||2010/07/01 21:36:12||2010/10/29 17:08:26||0||1||0||0||0||0||Kaspersky Anti-Virus||Thread Pool||© 1997-2010 Kaspersky Lab ZAO.||2af329701a3368d2d66546b3a90ceeac||<||||>riched20.dll||5.31.23.1229||3.1||Application extension||C:\Windows\SysWOW64\||463KB (473,600 bytes)||||2009/07/13 18:26:19||2009/07/13 20:16:13||2009/07/13 18:26:19||0||1||0||0||0||0||Microsoft RichEdit Control, version 3.1||Rich Text Edit Control, v3.1||Copyright © Microsoft Corp. 1997-2008.||6ec594ab7efa45eacde65fd4040f53d9||<||||>setupapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.59MB (1,668,608 bytes)||||2009/07/13 18:16:56||2009/07/13 20:16:14||2009/07/13 18:16:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Setup API||© Microsoft Corporation. All rights reserved.||41323ab614a2b66ad77b1121d24ac895||<||||>cfgmgr32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||143KB (145,920 bytes)||||2009/07/13 18:16:10||2009/07/13 20:15:02||2009/07/13 18:16:10||0||1||0||0||0||0||Microsoft® Windows® Operating System||Configuration Manager DLL||© Microsoft Corporation. All rights reserved.||15b94e4ac75c9295275bdc9a1d7054c3||<||||>devobj.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||63.0KB (64,512 bytes)||||2009/07/13 18:16:09||2009/07/13 20:15:11||2009/07/13 18:16:09||0||1||0||0||0||0||Microsoft® Windows® Operating System||Device Information Set DLL||© Microsoft Corporation. All rights reserved.||cc4ed8bea78b0dca6f217e014c3291a7||<||||>propsys.dll||7.00.7600.16385 (win7_rtm.090713-1255)||7.00.7600.16385||Application extension||C:\Windows\SysWOW64\||965KB (988,160 bytes)||||2009/07/13 18:40:28||2009/07/13 20:16:12||2009/07/13 18:40:28||0||1||0||0||0||0||Windows® Search||Microsoft Property System||© Microsoft Corporation. All rights reserved.||26eaee08caf82aa7f03c5020f51da541||<||||>ntmarta.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||119KB (121,856 bytes)||||2009/07/13 18:34:20||2009/07/13 20:16:11||2009/07/13 18:34:20||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT MARTA provider||© Microsoft Corporation. All rights reserved.||3fd15b4611d9bda3f8013548c0ecaeca||<||||>Wldap32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||263KB (268,800 bytes)||||2009/07/13 18:38:45||2009/07/13 20:16:19||2009/07/13 18:38:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Win32 LDAP API DLL||© Microsoft Corporation. All rights reserved.||bfa70a99ad1434263f2dfbba103bdef8||<||||>WindowsCodecs.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||988KB (1,011,200 bytes)||||2009/07/13 18:29:14||2009/07/13 20:16:18||2009/07/13 18:29:14||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Codecs Library||© Microsoft Corporation. All rights reserved.||691c8dfb208227f0cbb5c0897c742ace||<||||>apphelp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||286KB (292,352 bytes)||||2009/07/13 18:14:31||2009/07/13 20:14:53||2009/07/13 18:14:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Application Compatibility Client Library||© Microsoft Corporation. All rights reserved.||c02e3ce20e7776c922b5c8938350b5f1||<||||>EhStorShell.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||186KB (189,952 bytes)||||2009/07/13 18:45:42||2009/07/13 20:15:14||2009/07/13 18:45:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Enhanced Storage Shell Extension DLL||© Microsoft Corporation. All rights reserved.||846d0e4db261cfaf363902e41498e961||<||||>ntshrui.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||433KB (442,880 bytes)||||2009/07/13 18:41:55||2009/07/13 20:16:11||2009/07/13 18:41:55||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell extensions for sharing||© Microsoft Corporation. All rights reserved.||36333d345062e42e849c0af00cbefc97||<||||>cscapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||34.0KB (34,816 bytes)||||2009/07/13 18:14:26||2009/07/13 20:15:07||2009/07/13 18:14:26||0||1||0||0||0||0||Microsoft® Windows® Operating System||Offline Files Win32 API||© Microsoft Corporation. All rights reserved.||add9d33d685dfaddfad5afb42cf31a70||<||||>slc.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||26.5KB (27,136 bytes)||||2009/07/13 18:35:27||2009/07/13 20:16:15||2009/07/13 18:35:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Software Licensing Client Dll||© Microsoft Corporation. All rights reserved.||8b74cec6980d4816b0037ae9a27e538f||<||||>winlibhlpr.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||42.7KB (43,704 bytes)||||2010/07/01 21:36:18||2010/07/01 21:36:18||2010/10/29 17:08:27||0||1||0||0||0||0||Kaspersky Anti-Virus||WINLIBHLPR||© 1997-2010 Kaspersky Lab ZAO.||ec182cad18aaee605d72c759a91de3fe||<||||>shdocvw.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||176KB (179,712 bytes)||||2009/07/13 18:39:18||2009/07/13 20:16:14||2009/07/13 18:39:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Doc Object and Control Library||© Microsoft Corporation. All rights reserved.||e07b77c3bdc82a024e294fb67abfeda0||<||||>sandbox.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||239KB (244,408 bytes)||||2010/07/01 21:36:06||2010/07/01 21:36:06||2010/10/29 17:08:16||0||1||0||0||0||0||Kaspersky Anti-Virus||Virtual environment for executing applications||© 1997-2010 Kaspersky Lab ZAO.||49aa023cbb48ec4ec65a28400102d556||<||||>
mbamgui.exe||1.46.0.0000||1.46.0.0000||Application||C:\Program Files (x86)\Malwarebytes' Anti-Malware\||427KB (437,584 bytes)||||2010/10/29 18:15:40||2010/04/29 15:39:32||2010/10/29 18:15:40||0||1||0||0||0||0||Malwarebytes' Anti-Malware||Malwarebytes' Anti-Malware||© Malwarebytes Corporation. All rights reserved.||5f0388038e7355982fe50b039d10315c||
CommandLine[:]"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
Priority[:]8
ProcessId[:]4232
ReadOperationCount[:]62
ReadTransferCount[:]243882
SessionId[:]1
ThreadCount[:]3
Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>comctl32.dll||6.10 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\||1.60MB (1,680,896 bytes)||||2010/10/29 16:06:18||2010/08/21 00:21:32||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Experience Controls Library||© Microsoft Corporation. All rights reserved.||4b8dd8541c0e26602005dd0137333615||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>
is360tray.exe||1.4.5.107||1.4.5.0||Application||C:\Program Files (x86)\IObit\IObit Security 360\||1.22MB (1,280,344 bytes)||||2010/10/30 17:00:36||2010/06/11 18:14:24||2010/10/30 17:00:36||0||1||0||0||0||0||IObit Security 360||IObit Security 360||||4126904e21735ef4c7fffe01ed795872||
CommandLine[:]"C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe" /autostart
Priority[:]8
ProcessId[:]4312
ReadOperationCount[:]2360
ReadTransferCount[:]13670053
SessionId[:]1
ThreadCount[:]6
Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>rtl120.bpl||12.0.3210.17555||12.0||BPL File||C:\Program Files (x86)\IObit\IObit Security 360\||1.04MB (1,095,168 bytes)||||2010/10/30 17:00:35||2008/10/02 03:01:00||2010/10/30 17:00:35||0||1||0||0||0||0||Borland Package Library||CodeGear Component Package||Copyright © 1997-2008 Embarcadero Technologies, Inc.||dd82eb68d97944b192c7803eb585b03c||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||>mpr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||62.5KB (64,000 bytes)||||2009/07/13 18:55:36||2009/07/13 20:15:41||2009/07/13 18:55:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multiple Provider Router DLL||© Microsoft Corporation. All rights reserved.||b9a8cbcfcd3ec9d2ea4740af347bf108||<||||>imagehlp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||151KB (154,624 bytes)||||2009/07/13 18:57:51||2009/07/13 20:15:31||2009/07/13 18:57:51||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT Image Helper||© Microsoft Corporation. All rights reserved.||61da1dd85f7a9a8f8dea8771931faaf6||<||||>wsock32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||15.0KB (15,360 bytes)||||2009/07/13 18:55:01||2009/07/13 20:16:20||2009/07/13 18:55:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 32-Bit DLL||© Microsoft Corporation. All rights reserved.||df13a51a5c591887d2ec6ae64ceed0fa||<||||>ws2_32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||202KB (206,336 bytes)||||2009/07/13 18:12:28||2009/07/13 20:16:20||2009/07/13 18:12:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 2.0 32-Bit DLL||© Microsoft Corporation. All rights reserved.||daae8a9b8c0acc7f858454132553c30d||<||||>nsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||8.50KB (8,704 bytes)||||2009/07/13 18:12:06||2009/07/13 20:16:11||2009/07/13 18:12:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||NSI User-mode interface DLL||© Microsoft Corporation. All rights reserved.||6377051c63d5552a311935c67e9fdfdc||<||||>oleacc.dll||7.0.0.0 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||228KB (233,472 bytes)||||2009/07/13 18:26:29||2009/07/13 20:16:12||2009/07/13 18:26:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Active Accessibility Core Component||© Microsoft Corporation. All rights reserved.||cbd010bfbed9657c3813400aad03cf8a||<||||>vcl120.bpl||12.0.3210.17555||12.0||BPL File||C:\Program Files (x86)\IObit\IObit Security 360\||1.90MB (1,995,776 bytes)||||2010/10/30 17:00:35||2008/11/20 10:10:28||2010/10/30 17:00:35||0||1||0||0||0||0||Borland Package Library||CodeGear Component Package||Copyright © 1997-2008 Embarcadero Technologies, Inc.||773ebd87010a6f644869a59d98792c9c||<||||>msimg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||4.50KB (4,608 bytes)||||2009/07/13 18:25:24||2009/07/13 20:15:44||2009/07/13 18:25:24||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDIEXT Client DLL||© Microsoft Corporation. All rights reserved.||18ab2e5a40064ed5f7791ac5946a90f3||<||||>comctl32.dll||6.10 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\||1.60MB (1,680,896 bytes)||||2010/10/29 16:06:18||2010/08/21 00:21:32||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Experience Controls Library||© Microsoft Corporation. All rights reserved.||4b8dd8541c0e26602005dd0137333615||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>comdlg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||476KB (486,912 bytes)||||2009/07/13 18:39:49||2009/07/13 20:15:07||2009/07/13 18:39:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||Common Dialogs DLL||© Microsoft Corporation. All rights reserved.||a223cf703e28cbd7e9e7982141fa403c||<||||>winspool.drv||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Device driver||C:\Windows\System32\||312KB (319,488 bytes)||||2009/07/13 19:18:30||2009/07/13 20:14:08||2009/07/13 19:18:30||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Spooler Driver||© Microsoft Corporation. All rights reserved.||61e02cc3184b63fafe0b83eac8b3b8ef||<||||>oledlg.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||101KB (103,424 bytes)||||2009/07/13 18:43:56||2009/07/13 20:16:12||2009/07/13 18:43:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||OLE User Interface Support||© Microsoft Corporation. All rights reserved.||936f728e04accf3f38801cffcf1e3f40||<||||>wintrust.dll||6.1.7600.16493 (win7_gdr.091228-1501)||6.1.7600.16493||Application extension||C:\Windows\SysWOW64\||168KB (172,032 bytes)||||2010/08/11 20:58:51||2010/08/11 20:58:51||2010/08/11 20:58:51||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Trust Verification APIs||© Microsoft Corporation. All rights reserved.||f8090992723d55f6a2a8238f0d152149||<||||>crypt32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.10MB (1,151,488 bytes)||||2009/07/13 18:34:18||2009/07/13 20:15:07||2009/07/13 18:34:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Crypto API32||© Microsoft Corporation. All rights reserved.||e6b5de86abf68d7d67e451c29287b5c5||<||||>msasn1.dll||6.1.7600.16415 (win7_gdr.090828-1615)||6.1.7600.16415||Application extension||C:\Windows\SysWOW64\||34.0KB (34,816 bytes)||||2010/08/11 20:54:49||2010/08/11 20:54:49||2010/08/11 20:54:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||ASN.1 Runtime APIs||© Microsoft Corporation. All rights reserved.||4c04900aa8c323f5d4c316a89e976849||<||||>maddisAsm_.bpl||||||BPL File||C:\Program Files (x86)\IObit\IObit Security 360\||43.0KB (44,032 bytes)||||2010/10/30 17:00:35||2009/02/12 15:26:20||2010/10/30 17:00:35||0||1||0||0||0||0||||||||155734ba4f8408328656f35269b9eb83||<||||>madbasic_.bpl||||||BPL File||C:\Program Files (x86)\IObit\IObit Security 360\||164KB (167,424 bytes)||||2010/10/30 17:00:35||2009/02/12 15:26:20||2010/10/30 17:00:35||0||1||0||0||0||0||||||||fb5200b314747963d1530d166755aa89||<||||>winmm.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||190KB (194,048 bytes)||||2009/07/13 19:03:43||2009/07/13 20:16:19||2009/07/13 19:03:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||MCI API DLL||© Microsoft Corporation. All rights reserved.||26a634b2e0fd87f23541ad13a503ca72||<||||>is360mon.dll||1.4.2.43||0,4,0, 0||Application extension||C:\Program Files (x86)\IObit\IObit Security 360\||228KB (232,960 bytes)||||2010/10/30 17:00:36||2010/07/30 10:18:26||2010/10/30 17:00:36||0||1||0||0||0||0||IObit Security 360||IObit Security 360||Copyright (C) 2009||93ce9bef3315648739b793151a972946||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>psapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||6.00KB (6,144 bytes)||||2009/07/13 18:15:50||2009/07/13 20:16:12||2009/07/13 18:15:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||Process Status Helper||© Microsoft Corporation. All rights reserved.||a543ac1f7138376d778d630a35fcbc4c||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>profapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||31.0KB (31,744 bytes)||||2009/07/13 18:12:02||2009/07/13 20:16:12||2009/07/13 18:12:02||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Profile Basic API||© Microsoft Corporation. All rights reserved.||c733d233b623b7ffce5031e4b756ee26||<||||>setupapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.59MB (1,668,608 bytes)||||2009/07/13 18:16:56||2009/07/13 20:16:14||2009/07/13 18:16:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Setup API||© Microsoft Corporation. All rights reserved.||41323ab614a2b66ad77b1121d24ac895||<||||>cfgmgr32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||143KB (145,920 bytes)||||2009/07/13 18:16:10||2009/07/13 20:15:02||2009/07/13 18:16:10||0||1||0||0||0||0||Microsoft® Windows® Operating System||Configuration Manager DLL||© Microsoft Corporation. All rights reserved.||15b94e4ac75c9295275bdc9a1d7054c3||<||||>devobj.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||63.0KB (64,512 bytes)||||2009/07/13 18:16:09||2009/07/13 20:15:11||2009/07/13 18:16:09||0||1||0||0||0||0||Microsoft® Windows® Operating System||Device Information Set DLL||© Microsoft Corporation. All rights reserved.||cc4ed8bea78b0dca6f217e014c3291a7||<||||>FWPUCLNT.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||212KB (216,576 bytes)||||2009/07/13 18:54:04||2009/07/13 20:15:21||2009/07/13 18:54:04||0||1||0||0||0||0||Microsoft® Windows® Operating System||FWP/IPsec User-Mode API||© Microsoft Corporation. All rights reserved.||158117f3cf278f01c6f24e89e2141e81||<||||>SPICtrl.dll||1, 0, 0, 1||1, 0, 0, 0||Application extension||C:\Program Files (x86)\IObit\Advanced SystemCare 3\||1.37MB (1,433,296 bytes)||||2010/10/29 19:31:28||2010/09/28 20:50:14||2010/10/29 19:31:28||0||1||0||0||0||0||SPICtrl Dynamic Link Library||SPICtrl Dynamic Link Library||Copyright(C) 2005-2009||c7868fd23610dc8077f5037d5c7fde47||<||||>mswsock.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||227KB (232,448 bytes)||||2009/07/13 18:12:34||2009/07/13 20:15:51||2009/07/13 18:12:34||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Sockets 2.0 Service Provider||© Microsoft Corporation. All rights reserved.||11a41f17527ed75d6b758fdd7f4fd00d||<||||>WSHTCPIP.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||9.00KB (9,216 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv4)||© Microsoft Corporation. All rights reserved.||ee5c8e27c37b79cb54a2fceeed2dc262||<||||>dnsapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||264KB (269,824 bytes)||||2009/07/13 18:12:41||2009/07/13 20:15:12||2009/07/13 18:12:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||DNS Client API DLL||© Microsoft Corporation. All rights reserved.||6d5a49d6479eb753c7879f73a4c35e0f||<||||>IPHLPAPI.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||102KB (103,936 bytes)||||2009/07/13 18:12:15||2009/07/13 20:15:33||2009/07/13 18:12:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||IP Helper API||© Microsoft Corporation. All rights reserved.||6095266caaf5e75f394cfd4844cc4c25||<||||>winnsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||16.5KB (16,896 bytes)||||2009/07/13 18:12:05||2009/07/13 20:16:19||2009/07/13 18:12:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Store Information RPC interface||© Microsoft Corporation. All rights reserved.||cff35b879d1618d42c86644c717ba947||<||||>rasadhlp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||11.5KB (11,776 bytes)||||2009/07/13 18:54:36||2009/07/13 20:16:12||2009/07/13 18:54:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Access AutoDial Helper||© Microsoft Corporation. All rights reserved.||ed6ee83d61ebc683c2cd8e899ea6febe||<||||>wship6.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||10.5KB (10,752 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv6)||© Microsoft Corporation. All rights reserved.||73e8667a19feedd856df2695e9e511d4||<||||>
SearchIndexer.exe||7.00.7600.16385 (win7_rtm.090713-1255)||7.00.7600.16385||Application||C:\Windows\System32\||418KB (428,032 bytes)||||2009/07/13 19:14:13||2009/07/13 20:14:35||2009/07/13 19:14:13||0||1||0||0||0||0||Windows® Search||Microsoft Windows Search Indexer||© Microsoft Corporation. All rights reserved.||622d95520182f6d3d05310d5810ca8b3||
CommandLine[:]
Priority[:]8
ProcessId[:]4288
ReadOperationCount[:]895
ReadTransferCount[:]8173942
SessionId[:]0
ThreadCount[:]14
SRSPremiumPanel_64.exe||1, 6, 16, 0||1.8.59.0||Application||C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\||1.70MB (1,787,696 bytes)||||2010/05/21 18:54:12||2010/05/21 18:54:12||2010/08/11 20:35:05||0||1||0||0||0||0||SRS APO Control Panel||SRS Premium Panel||Copyright (c) 2009-2010 SRS Labs, Inc.||a6ffc0707508af82cb73dd99ec062a73||
CommandLine[:]"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip /h
Priority[:]8
ProcessId[:]3800
ReadOperationCount[:]38745
ReadTransferCount[:]910001
SessionId[:]1
ThreadCount[:]6
CommandLine[:]
Priority[:]8
ProcessId[:]5000
ReadOperationCount[:]0
ReadTransferCount[:]0
SessionId[:]0
ThreadCount[:]3
WmiPrvSE.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\wbem\||249KB (254,976 bytes)||||2009/07/13 18:30:40||2009/07/13 20:14:47||2009/07/13 18:30:40||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI Provider Host||© Microsoft Corporation. All rights reserved.||203c3380a744ca5b9b1a9caeb57f7d57||
CommandLine[:]
Priority[:]8
ProcessId[:]1824
ReadOperationCount[:]0
ReadTransferCount[:]0
SessionId[:]0
ThreadCount[:]6
WmiPrvSE.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\wbem\||249KB (254,976 bytes)||||2009/07/13 18:30:40||2009/07/13 20:14:47||2009/07/13 18:30:40||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI Provider Host||© Microsoft Corporation. All rights reserved.||203c3380a744ca5b9b1a9caeb57f7d57||
CommandLine[:]
Priority[:]8
ProcessId[:]3052
ReadOperationCount[:]86
ReadTransferCount[:]305217
SessionId[:]0
ThreadCount[:]9
CommandLine[:]
Priority[:]8
ProcessId[:]2992
ReadOperationCount[:]0
ReadTransferCount[:]0
SessionId[:]1
ThreadCount[:]1
CommandLine[:]
Priority[:]8
ProcessId[:]4784
ReadOperationCount[:]1
ReadTransferCount[:]60
SessionId[:]1
ThreadCount[:]1
CommandLine[:]C:\Windows\system32\wbem\unsecapp.exe -Embedding
Priority[:]8
ProcessId[:]252
ReadOperationCount[:]0
ReadTransferCount[:]0
SessionId[:]1
ThreadCount[:]4
AsScrPro.exe||1, 0, 0, 9||1, 0, 0, 9||Application||C:\Windows\||2.92MB (3,058,304 bytes)||||2010/08/11 20:43:39||2010/08/11 20:43:39||2010/08/11 20:43:39||0||1||0||0||0||0||ASUS Screen Saver Protector||AsScrPro||Copyright (C) 2009||37deb76a2cf005841c4e45de2b94d84f||
CommandLine[:]"C:\Windows\AsScrPro.exe"
Priority[:]8
ProcessId[:]6064
ReadOperationCount[:]2
ReadTransferCount[:]32488
SessionId[:]1
ThreadCount[:]1
Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>powrprof.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||142KB (145,408 bytes)||||2009/07/13 18:16:37||2009/07/13 20:16:12||2009/07/13 18:16:37||0||1||0||0||0||0||Microsoft® Windows® Operating System||Power Profile Helper DLL||© Microsoft Corporation. All rights reserved.||08dfdbd2fd4ea951dc46b1c7661ed35a||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>setupapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.59MB (1,668,608 bytes)||||2009/07/13 18:16:56||2009/07/13 20:16:14||2009/07/13 18:16:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Setup API||© Microsoft Corporation. All rights reserved.||41323ab614a2b66ad77b1121d24ac895||<||||>cfgmgr32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||143KB (145,920 bytes)||||2009/07/13 18:16:10||2009/07/13 20:15:02||2009/07/13 18:16:10||0||1||0||0||0||0||Microsoft® Windows® Operating System||Configuration Manager DLL||© Microsoft Corporation. All rights reserved.||15b94e4ac75c9295275bdc9a1d7054c3||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>devobj.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||63.0KB (64,512 bytes)||||2009/07/13 18:16:09||2009/07/13 20:15:11||2009/07/13 18:16:09||0||1||0||0||0||0||Microsoft® Windows® Operating System||Device Information Set DLL||© Microsoft Corporation. All rights reserved.||cc4ed8bea78b0dca6f217e014c3291a7||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||>mfc42.dll||6.06.8063.0||6.06.400||Application extension||C:\Windows\System32\||1.08MB (1,136,640 bytes)||||2009/07/13 19:14:59||2009/07/13 20:15:39||2009/07/13 19:14:59||0||1||0||0||0||0||Microsoft (R) Visual C++||MFCDLL Shared Library - Retail Version||Copyright (C) Microsoft Corp. 1993-2002||2b9c29de5729e5872cfad16a69ccb5f7||<||||>odbc32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||552KB (565,248 bytes)||||2009/07/13 19:12:09||2009/07/13 20:16:11||2009/07/13 19:12:09||0||1||0||0||0||0||Microsoft® Windows® Operating System||ODBC Driver Manager||© Microsoft Corporation. All rights reserved.||466a832c2e56d0b55af8bb26fe3fe257||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>psapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||6.00KB (6,144 bytes)||||2009/07/13 18:15:50||2009/07/13 20:16:12||2009/07/13 18:15:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||Process Status Helper||© Microsoft Corporation. All rights reserved.||a543ac1f7138376d778d630a35fcbc4c||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>odbcint.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||224KB (229,376 bytes)||||2009/07/13 19:11:56||2009/07/13 20:09:14||2009/07/13 19:11:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||ODBC Resources||© Microsoft Corporation. All rights reserved.||aba457bfc7ec0b5e130b2f1e0f549dff||<||||>apphelp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||286KB (292,352 bytes)||||2009/07/13 18:14:31||2009/07/13 20:14:53||2009/07/13 18:14:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Application Compatibility Client Library||© Microsoft Corporation. All rights reserved.||c02e3ce20e7776c922b5c8938350b5f1||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>
RAVCpl64.exe||1, 0, 0, 518||1, 0, 0, 518||Application||C:\Program Files\Realtek\Audio\HDA\||10.3MB (10,810,912 bytes)||||2010/08/11 20:34:43||2010/05/13 04:58:27||2010/08/11 20:34:43||0||1||0||0||0||0||Realtek HD Audio Manager||Realtek HD Audio Manager||2010 (c) Realtek Semiconductor. All rights reserved.||adb6d64b711088e9d18bd3c64f203055||
CommandLine[:]"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
Priority[:]8
ProcessId[:]4568
ReadOperationCount[:]1
ReadTransferCount[:]34374
SessionId[:]1
ThreadCount[:]12
CommandLine[:]
Priority[:]6
ProcessId[:]5164
ReadOperationCount[:]78
ReadTransferCount[:]632864
SessionId[:]1
ThreadCount[:]9
CommandLine[:]
Priority[:]8
ProcessId[:]2212
ReadOperationCount[:]20
ReadTransferCount[:]616141
SessionId[:]0
ThreadCount[:]6
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]5948
ReadOperationCount[:]1
ReadTransferCount[:]20998
SessionId[:]0
ThreadCount[:]11
CommandLine[:]
Priority[:]8
ProcessId[:]4196
ReadOperationCount[:]29597
ReadTransferCount[:]8175818292
SessionId[:]0
ThreadCount[:]7
CommandLine[:]
Priority[:]8
ProcessId[:]5424
ReadOperationCount[:]3
ReadTransferCount[:]24680
SessionId[:]0
ThreadCount[:]13
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]8
ProcessId[:]1648
ReadOperationCount[:]3825
ReadTransferCount[:]57816641
SessionId[:]0
ThreadCount[:]13
CommandLine[:]"C:\Windows\system32\wuauclt.exe"
Priority[:]8
ProcessId[:]4600
ReadOperationCount[:]1
ReadTransferCount[:]26712
SessionId[:]1
ThreadCount[:]3
CommandLine[:]
Priority[:]8
ProcessId[:]2308
ReadOperationCount[:]5292
ReadTransferCount[:]367802909
SessionId[:]1
ThreadCount[:]10
SUPERAntiSpyware.exe||4, 45, 0, 1000||4, 45, 0, 1000||Application||C:\Program Files\SUPERAntiSpyware\||2.85MB (2,988,784 bytes)||||2010/10/25 13:47:46||2010/10/25 13:47:46||2010/10/25 13:47:46||0||1||0||0||0||0||SUPERAntiSpyware||SUPERAntiSpyware Application||Copyright (C) 2005-2010 by SUPERAntiSpyware.com and SUPERAdBlocker.com||221c7486bd1a61432cebba265069d65a||
CommandLine[:]"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
Priority[:]8
ProcessId[:]3736
ReadOperationCount[:]1114469
ReadTransferCount[:]73189931550
SessionId[:]1
ThreadCount[:]8
CommandLine[:]
Priority[:]8
ProcessId[:]5760
ReadOperationCount[:]148
ReadTransferCount[:]2277216
SessionId[:]1
ThreadCount[:]4
firefox.exe||1.9.2.12||3.6.12||Application||C:\Program Files (x86)\Mozilla Firefox\||891KB (912,344 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:00||2010/10/30 00:29:46||0||1||0||0||0||0||Firefox||Firefox||©Firefox and Mozilla Developers, according to the MPL 1.1/GPL 2.0/LGPL 2.1 licenses, as applicable.||e1ab298bafc8ecca8c322a29c5fdc68c||
CommandLine[:]"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
Priority[:]8
ProcessId[:]5704
ReadOperationCount[:]57901
ReadTransferCount[:]243676161
SessionId[:]1
ThreadCount[:]31
Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>xul.dll||1.9.2.12||1.9.2.12||Application extension||C:\Program Files (x86)\Mozilla Firefox\||11.2MB (11,744,216 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:17||2010/10/30 00:29:46||0||1||0||0||0||0||Firefox||||License: MPL 1.1/GPL 2.0/LGPL 2.1||e50d87ebbeb897bd57f61ac1deb51314||<||||>sqlite3.dll||3.7.1||3.7.1||Application extension||C:\Program Files (x86)\Mozilla Firefox\||481KB (492,504 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:13||2010/10/30 00:29:46||0||1||0||0||0||0||SQLite Database Library||SQLite Database Library||||2db606b9328881abcb38eba413548c63||<||||>mozcrt19.dll||8.00.0000||8.00.0000||Application extension||C:\Program Files (x86)\Mozilla Firefox\||703KB (719,832 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:03||2010/10/30 00:29:46||0||1||0||0||0||0||Mozilla Custom C Runtime||User-Generated Microsoft (R) C/C++ Runtime Library||Copyright (C) Microsoft Corporation.||820096a3593409ff16e2c54918815eab||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>js3250.dll||||||Application extension||C:\Program Files (x86)\Mozilla Firefox\||995KB (1,018,840 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:01||2010/10/30 00:29:46||0||1||0||0||0||0||||||||609f8d284d8a7118551f962a4b0fbd4f||<||||>nspr4.dll||4.8.6||4.8.6||Application extension||C:\Program Files (x86)\Mozilla Firefox\||199KB (203,736 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:04||2010/10/30 00:29:46||0||1||0||0||0||0||Netscape Portable Runtime||NSPR Library||||9fbdb2f801c4e18a51c2f97fa7e96d13||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>wsock32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||15.0KB (15,360 bytes)||||2009/07/13 18:55:01||2009/07/13 20:16:20||2009/07/13 18:55:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 32-Bit DLL||© Microsoft Corporation. All rights reserved.||df13a51a5c591887d2ec6ae64ceed0fa||<||||>ws2_32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||202KB (206,336 bytes)||||2009/07/13 18:12:28||2009/07/13 20:16:20||2009/07/13 18:12:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 2.0 32-Bit DLL||© Microsoft Corporation. All rights reserved.||daae8a9b8c0acc7f858454132553c30d||<||||>nsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||8.50KB (8,704 bytes)||||2009/07/13 18:12:06||2009/07/13 20:16:11||2009/07/13 18:12:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||NSI User-mode interface DLL||© Microsoft Corporation. All rights reserved.||6377051c63d5552a311935c67e9fdfdc||<||||>winmm.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||190KB (194,048 bytes)||||2009/07/13 19:03:43||2009/07/13 20:16:19||2009/07/13 19:03:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||MCI API DLL||© Microsoft Corporation. All rights reserved.||26a634b2e0fd87f23541ad13a503ca72||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>smime3.dll||3.12.8.0 Basic ECC||3.12.8.0 Basic ECC||Application extension||C:\Program Files (x86)\Mozilla Firefox\||103KB (105,432 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:11||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||NSS S/MIME Library||||a2117b6f1c32b37a4d5a31e73f4dbab6||<||||>nss3.dll||3.12.8.0 Basic ECC||3.12.8.0 Basic ECC||Application extension||C:\Program Files (x86)\Mozilla Firefox\||631KB (646,104 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:06||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||NSS Base Library||||778d26d6b1559145160c91e7d586ebcd||<||||>nssutil3.dll||3.12.8.0||3.12.8.0||Application extension||C:\Program Files (x86)\Mozilla Firefox\||87.0KB (89,048 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:08||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||NSS Utility Library||||cc2f149968f60a30523faad32e653197||<||||>plc4.dll||4.8.6||4.8.6||Application extension||C:\Program Files (x86)\Mozilla Firefox\||21.5KB (21,976 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:09||2010/10/30 00:29:46||0||1||0||0||0||0||Netscape Portable Runtime||PLC Library||||a65dde5d9c3b3a44d03f78176f7c4d82||<||||>plds4.dll||4.8.6||4.8.6||Application extension||C:\Program Files (x86)\Mozilla Firefox\||18.5KB (18,904 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:10||2010/10/30 00:29:46||0||1||0||0||0||0||Netscape Portable Runtime||PLDS Library||||1f0fe3b7090888701af24e7b073d3017||<||||>ssl3.dll||3.12.8.0 Basic ECC||3.12.8.0 Basic ECC||Application extension||C:\Program Files (x86)\Mozilla Firefox\||139KB (142,296 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:14||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||NSS SSL Library||||8099b09587a9ccc6ee441e7b4d674f0f||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||>winspool.drv||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Device driver||C:\Windows\System32\||312KB (319,488 bytes)||||2009/07/13 19:18:30||2009/07/13 20:14:08||2009/07/13 19:18:30||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Spooler Driver||© Microsoft Corporation. All rights reserved.||61e02cc3184b63fafe0b83eac8b3b8ef||<||||>comdlg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||476KB (486,912 bytes)||||2009/07/13 18:39:49||2009/07/13 20:15:07||2009/07/13 18:39:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||Common Dialogs DLL||© Microsoft Corporation. All rights reserved.||a223cf703e28cbd7e9e7982141fa403c||<||||>comctl32.dll||6.10 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\||1.60MB (1,680,896 bytes)||||2010/10/29 16:06:18||2010/08/21 00:21:32||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Experience Controls Library||© Microsoft Corporation. All rights reserved.||4b8dd8541c0e26602005dd0137333615||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>msimg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||4.50KB (4,608 bytes)||||2009/07/13 18:25:24||2009/07/13 20:15:44||2009/07/13 18:25:24||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDIEXT Client DLL||© Microsoft Corporation. All rights reserved.||18ab2e5a40064ed5f7791ac5946a90f3||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>mozcpp19.dll||8.00.0000||8.00.0000||Application extension||C:\Program Files (x86)\Mozilla Firefox\||703KB (719,832 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:02||2010/10/30 00:29:46||0||1||0||0||0||0||Mozilla Custom C++ Runtime||User-Generated Microsoft (R) C/C++ Runtime Library||Copyright (C) Microsoft Corporation.||217b9bd802dd5c6b2d5587c6d52ca3d0||<||||>xpcom.dll||1.9.2.12||1.9.2.12||Application extension||C:\Program Files (x86)\Mozilla Firefox\||19.0KB (19,416 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:16||2010/10/30 00:29:46||0||1||0||0||0||0||Firefox||||License: MPL 1.1/GPL 2.0/LGPL 2.1||a01f6ad65d164bbe0dc1254a9624de08||<||||>mzvkbd3.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||107KB (109,240 bytes)||||2010/07/01 21:35:18||2010/07/01 21:35:18||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||Mozilla 3 Virtual Keyboard||© 1997-2010 Kaspersky Lab ZAO.||63a1ec3adb728ac4015b6b0a03659037||<||||>psapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||6.00KB (6,144 bytes)||||2009/07/13 18:15:50||2009/07/13 20:16:12||2009/07/13 18:15:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||Process Status Helper||© Microsoft Corporation. All rights reserved.||a543ac1f7138376d778d630a35fcbc4c||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>dbghelp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||835KB (854,528 bytes)||||2009/07/13 18:58:16||2009/07/13 20:15:09||2009/07/13 18:58:16||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Image Helper||© Microsoft Corporation. All rights reserved.||79c7cfaea6879a8c1a1e8b5ffe8983aa||<||||>setupapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.59MB (1,668,608 bytes)||||2009/07/13 18:16:56||2009/07/13 20:16:14||2009/07/13 18:16:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Setup API||© Microsoft Corporation. All rights reserved.||41323ab614a2b66ad77b1121d24ac895||<||||>cfgmgr32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||143KB (145,920 bytes)||||2009/07/13 18:16:10||2009/07/13 20:15:02||2009/07/13 18:16:10||0||1||0||0||0||0||Microsoft® Windows® Operating System||Configuration Manager DLL||© Microsoft Corporation. All rights reserved.||15b94e4ac75c9295275bdc9a1d7054c3||<||||>devobj.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||63.0KB (64,512 bytes)||||2009/07/13 18:16:09||2009/07/13 20:15:11||2009/07/13 18:16:09||0||1||0||0||0||0||Microsoft® Windows® Operating System||Device Information Set DLL||© Microsoft Corporation. All rights reserved.||cc4ed8bea78b0dca6f217e014c3291a7||<||||>clbcatq.dll||2001.12.8530.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||510KB (522,240 bytes)||||2009/07/13 18:44:44||2009/07/13 20:15:03||2009/07/13 18:44:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||COM+ Configuration Catalog||© Microsoft Corporation. All rights reserved.||ff5688d309347f2720911d8796912834||<||||>propsys.dll||7.00.7600.16385 (win7_rtm.090713-1255)||7.00.7600.16385||Application extension||C:\Windows\System32\||965KB (988,160 bytes)||||2009/07/13 18:40:28||2009/07/13 20:16:12||2009/07/13 18:40:28||0||1||0||0||0||0||Windows® Search||Microsoft Property System||© Microsoft Corporation. All rights reserved.||26eaee08caf82aa7f03c5020f51da541||<||||>ntmarta.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||119KB (121,856 bytes)||||2009/07/13 18:34:20||2009/07/13 20:16:11||2009/07/13 18:34:20||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT MARTA provider||© Microsoft Corporation. All rights reserved.||3fd15b4611d9bda3f8013548c0ecaeca||<||||>Wldap32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||263KB (268,800 bytes)||||2009/07/13 18:38:45||2009/07/13 20:16:19||2009/07/13 18:38:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Win32 LDAP API DLL||© Microsoft Corporation. All rights reserved.||bfa70a99ad1434263f2dfbba103bdef8||<||||>browserdirprovider.dll||1.9.2.12||1.9.2.12||Application extension||C:\Program Files (x86)\Mozilla Firefox\components\||24.5KB (25,048 bytes)||||2010/10/30 00:29:47||2010/10/27 01:10:18||2010/10/30 00:29:47||0||1||0||0||0||0||Firefox||||License: MPL 1.1/GPL 2.0/LGPL 2.1||a021a2048ab7d82c78f6eba80caf9af8||<||||>mswsock.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||227KB (232,448 bytes)||||2009/07/13 18:12:34||2009/07/13 20:15:51||2009/07/13 18:12:34||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Sockets 2.0 Service Provider||© Microsoft Corporation. All rights reserved.||11a41f17527ed75d6b758fdd7f4fd00d||<||||>WSHTCPIP.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||9.00KB (9,216 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv4)||© Microsoft Corporation. All rights reserved.||ee5c8e27c37b79cb54a2fceeed2dc262||<||||>IPHLPAPI.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||102KB (103,936 bytes)||||2009/07/13 18:12:15||2009/07/13 20:15:33||2009/07/13 18:12:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||IP Helper API||© Microsoft Corporation. All rights reserved.||6095266caaf5e75f394cfd4844cc4c25||<||||>winnsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||16.5KB (16,896 bytes)||||2009/07/13 18:12:05||2009/07/13 20:16:19||2009/07/13 18:12:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Store Information RPC interface||© Microsoft Corporation. All rights reserved.||cff35b879d1618d42c86644c717ba947||<||||>nlaapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||50.5KB (51,712 bytes)||||2009/07/13 18:53:54||2009/07/13 20:16:03||2009/07/13 18:53:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Location Awareness 2||© Microsoft Corporation. All rights reserved.||045db4eab4fbd23210e85ecc3f464a2e||<||||>dnsapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||264KB (269,824 bytes)||||2009/07/13 18:12:41||2009/07/13 20:15:12||2009/07/13 18:12:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||DNS Client API DLL||© Microsoft Corporation. All rights reserved.||6d5a49d6479eb753c7879f73a4c35e0f||<||||>winrnr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:37:57||2009/07/13 20:16:19||2009/07/13 18:37:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||LDAP RnR Provider DLL||© Microsoft Corporation. All rights reserved.||5df5d8cfd9b9573fa3b2c89d9061a240||<||||>NapiNSP.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||51.0KB (52,224 bytes)||||2009/07/13 18:54:55||2009/07/13 20:16:02||2009/07/13 18:54:55||0||1||0||0||0||0||Microsoft® Windows® Operating System||E-mail Naming Shim Provider||© Microsoft Corporation. All rights reserved.||0b7e85364cb878e2ad531db7b601a9e5||<||||>pnrpnsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||63.5KB (65,024 bytes)||||2009/07/13 18:55:50||2009/07/13 20:16:12||2009/07/13 18:55:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||PNRP Name Space Provider||© Microsoft Corporation. All rights reserved.||5cf640eddb1e40a5ab1bb743bcdec610||<||||>t2embed.dll||6.1.7600.16663 (win7_gdr.100825-1506)||6.1.7600.16663||Application extension||C:\Windows\System32\||107KB (109,056 bytes)||||2010/10/29 16:06:55||2010/08/25 23:39:58||2010/10/29 16:06:55||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft T2Embed Font Embedding||© Microsoft Corporation. All rights reserved.||25819a6361f10c30905b5d0fdb8dca42||<||||>brwsrcmp.dll||1.9.2.12||1.9.2.12||Application extension||C:\Program Files (x86)\Mozilla Firefox\components\||137KB (140,248 bytes)||||2010/10/30 00:29:47||2010/10/27 01:10:20||2010/10/30 00:29:47||0||1||0||0||0||0||Firefox||||License: MPL 1.1/GPL 2.0/LGPL 2.1||b2c7d649752d8ee450cf2e6f2033e036||<||||>WindowsCodecs.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||988KB (1,011,200 bytes)||||2009/07/13 18:29:14||2009/07/13 20:16:18||2009/07/13 18:29:14||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Codecs Library||© Microsoft Corporation. All rights reserved.||691c8dfb208227f0cbb5c0897c742ace||<||||>apphelp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||286KB (292,352 bytes)||||2009/07/13 18:14:31||2009/07/13 20:14:53||2009/07/13 18:14:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Application Compatibility Client Library||© Microsoft Corporation. All rights reserved.||c02e3ce20e7776c922b5c8938350b5f1||<||||>EhStorShell.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||186KB (189,952 bytes)||||2009/07/13 18:45:42||2009/07/13 20:15:14||2009/07/13 18:45:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Enhanced Storage Shell Extension DLL||© Microsoft Corporation. All rights reserved.||846d0e4db261cfaf363902e41498e961||<||||>ntshrui.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||433KB (442,880 bytes)||||2009/07/13 18:41:55||2009/07/13 20:16:11||2009/07/13 18:41:55||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell extensions for sharing||© Microsoft Corporation. All rights reserved.||36333d345062e42e849c0af00cbefc97||<||||>srvcli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||88.0KB (90,112 bytes)||||2009/07/13 18:37:36||2009/07/13 20:16:15||2009/07/13 18:37:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Server Service Client DLL||© Microsoft Corporation. All rights reserved.||89d840773c9c4358a5031dcc860449ec||<||||>cscapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||34.0KB (34,816 bytes)||||2009/07/13 18:14:26||2009/07/13 20:15:07||2009/07/13 18:14:26||0||1||0||0||0||0||Microsoft® Windows® Operating System||Offline Files Win32 API||© Microsoft Corporation. All rights reserved.||add9d33d685dfaddfad5afb42cf31a70||<||||>slc.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||26.5KB (27,136 bytes)||||2009/07/13 18:35:27||2009/07/13 20:16:15||2009/07/13 18:35:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Software Licensing Client Dll||© Microsoft Corporation. All rights reserved.||8b74cec6980d4816b0037ae9a27e538f||<||||>cryptsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||77.0KB (78,848 bytes)||||2009/07/13 18:37:21||2009/07/13 20:15:07||2009/07/13 18:37:21||0||1||0||0||0||0||Microsoft® Windows® Operating System||Cryptographic Service Provider API||© Microsoft Corporation. All rights reserved.||7321f18d1f820612ed0e9f2d4b578a7e||<||||>rsaenh.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||237KB (242,936 bytes)||||2009/07/13 18:37:33||2009/07/13 20:17:54||2009/07/13 18:37:33||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Enhanced Cryptographic Provider||© Microsoft Corporation. All rights reserved.||ed8ec63f7522df4852147c84ec62c36a||<||||>RpcRtRemote.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||44.5KB (45,568 bytes)||||2009/07/13 18:43:48||2009/07/13 20:16:13||2009/07/13 18:43:48||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote RPC Extension||© Microsoft Corporation. All rights reserved.||6c0bd9d59c7e97dee2fb3407d17bf697||<||||>kavlinkfilter.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\||147KB (150,200 bytes)||||2010/10/29 17:09:04||2010/07/01 21:35:10||2010/10/29 17:09:04||0||1||0||0||0||0||Kaspersky Anti-Virus||WebToolBar component||© 1997-2010 Kaspersky Lab ZAO.||72c910e23ec6157f1304d18180b29412||<||||>klwtblc.dll||11.0.1.404||11.0.1.404||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||167KB (170,680 bytes)||||2010/07/27 20:18:52||2010/07/27 20:18:52||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||WebToolBar component||© 1997-2010 Kaspersky Lab ZAO.||4ea355efd11b94ed6f725d0f2dd8906e||<||||>msvcp80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||542KB (554,816 bytes)||||2009/07/13 15:46:11||2009/06/10 16:23:11||2009/07/13 15:46:11||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C++ Runtime Library||© Microsoft Corporation. All rights reserved.||cfc54225d1870fdbf6e9e75fb83a27cb||<||||>msvcr80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||618KB (632,656 bytes)||||2009/07/13 15:46:13||2009/06/10 16:23:11||2009/07/13 15:46:13||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C Runtime Library||© Microsoft Corporation. All rights reserved.||c4e9e285e1730d864dd4b35b73cdafdb||<||||>kltbar.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||131KB (133,816 bytes)||||2010/07/01 21:35:12||2010/07/01 21:35:12||2010/10/29 17:08:14||0||1||0||0||0||0||Kaspersky Anti-Virus||KL Toolbar support library||© 1997-2010 Kaspersky Lab ZAO.||9145c271d81ba001fe754884f9a30991||<||||>sxs.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||372KB (380,416 bytes)||||2009/07/13 18:16:17||2009/07/13 20:16:15||2009/07/13 18:16:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Fusion 2.5||© Microsoft Corporation. All rights reserved.||accba604d34842844133a731f8045b32||<||||>prremote.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||143KB (146,104 bytes)||||2010/07/01 21:35:20||2010/07/01 21:35:20||2010/10/29 17:08:16||0||1||0||0||0||0||Kaspersky Anti-Virus||PR_REMOTE||© 1997-2010 Kaspersky Lab ZAO.||734b1b0b9eba64026428bbbab2d92b58||<||||>prloader.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||247KB (252,600 bytes)||||2010/07/01 21:35:20||2010/07/01 21:35:20||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||Prague Loader||© 1997-2010 Kaspersky Lab ZAO.||1010dd531904fd62ec0ebc0d7610b858||<||||>userenv.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||77.5KB (79,360 bytes)||||2009/07/13 18:34:19||2009/07/13 20:16:17||2009/07/13 18:34:19||0||1||0||0||0||0||Microsoft® Windows® Operating System||Userenv||© Microsoft Corporation. All rights reserved.||9c0dc1daad14d443dd5a0d1ee78d775e||<||||>profapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||31.0KB (31,744 bytes)||||2009/07/13 18:12:02||2009/07/13 20:16:12||2009/07/13 18:12:02||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Profile Basic API||© Microsoft Corporation. All rights reserved.||c733d233b623b7ffce5031e4b756ee26||<||||>pxstub.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||38.7KB (39,608 bytes)||||2010/07/01 21:36:02||2010/07/01 21:36:02||2010/10/29 17:08:16||0||1||0||0||0||0||Kaspersky Anti-Virus||Proxy Stubs||© 1997-2010 Kaspersky Lab ZAO.||97b3cc546e4fd6c192d377784033f7d0||<||||>params.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||1.00MB (1,051,320 bytes)||||2010/07/01 21:35:56||2010/07/01 21:35:56||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||Structure Serializer||© 1997-2010 Kaspersky Lab ZAO.||1290f60e791d0a6198999215698d6b9a||<||||>WinReg.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||35.7KB (36,536 bytes)||||2010/07/01 21:36:20||2010/07/01 21:36:20||2010/10/29 17:08:27||0||1||0||0||0||0||Kaspersky Anti-Virus||WINREG||© 1997-2010 Kaspersky Lab ZAO.||6c000c2052c3fbcf37b34c852e7fb3c2||<||||>service.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||187KB (191,160 bytes)||||2010/07/01 21:35:20||2010/07/01 21:35:20||2010/10/29 17:08:17||0||1||0||0||0||0||Kaspersky Anti-Virus||Component service provider||© 1997-2010 Kaspersky Lab ZAO.||66fea468fca2d11cd31bbe04ab1f2964||<||||>eka_meta.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||459KB (469,688 bytes)||||2010/07/01 21:35:00||2010/07/01 21:35:00||2010/10/29 17:08:07||0||1||0||0||0||0||Kaspersky Anti-Virus||EKA_META||© 1997-2010 Kaspersky Lab ZAO.||8ac0b70dec4324863fa8c65319dfd305||<||||>abhelperxpcom.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\||107KB (109,240 bytes)||||2010/10/29 17:09:07||2010/07/01 21:34:52||2010/10/29 17:09:07||0||1||0||0||0||0||Kaspersky Anti-Virus||Anti-Banner component||© 1997-2010 Kaspersky Lab ZAO.||b35e9a55e52eee2b25d1acc98f27c444||<||||>abhelper.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||107KB (109,240 bytes)||||2010/07/01 21:34:50||2010/07/01 21:34:50||2010/10/29 17:07:52||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Anti-Banner helper component||© 1997-2010 Kaspersky Lab ZAO.||4a8683dc7c9316281f46af3e2403a25a||<||||>softokn3.dll||3.12.8.0 Basic ECC||3.12.8.0 Basic ECC||Application extension||C:\Program Files (x86)\Mozilla Firefox\||152KB (155,648 bytes)||||2010/10/29 16:09:15||2010/10/26 23:49:27||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||NSS PKCS #11 Library||||e776d886684937a140b1b68077760441||<||||>nssdbm3.dll||3.12.8.0 Basic ECC||3.12.8.0 Basic ECC||Application extension||C:\Program Files (x86)\Mozilla Firefox\||96.0KB (98,304 bytes)||||2010/10/29 16:09:15||2010/10/26 23:49:27||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||Legacy Database Driver||||4e9609521fc1e0687daf47541b2c0da1||<||||>freebl3.dll||3.12.8.0 Basic ECC||3.12.8.0 Basic ECC||Application extension||C:\Program Files (x86)\Mozilla Firefox\||244KB (249,856 bytes)||||2010/10/29 16:09:15||2010/10/26 23:49:27||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||NSS freebl Library||||c45acc127f6f735f2dab67ef0df763da||<||||>nssckbi.dll||1.80||1.80||Application extension||C:\Program Files (x86)\Mozilla Firefox\||335KB (343,000 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:07||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||NSS Builtin Trusted Root CAs||||2296401146ca41d15641513da3062dac||<||||>mscms.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||470KB (481,280 bytes)||||2009/07/13 18:26:17||2009/07/13 20:15:42||2009/07/13 18:26:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Color Matching System DLL||© Microsoft Corporation. All rights reserved.||205b7034b64de5a68deb96b47b7e889b||<||||>wship6.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||10.5KB (10,752 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv6)||© Microsoft Corporation. All rights reserved.||73e8667a19feedd856df2695e9e511d4||<||||>ExplorerFrame.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||1.43MB (1,495,040 bytes)||||2009/07/13 18:44:48||2009/07/13 20:15:19||2009/07/13 18:44:48||0||1||0||0||0||0||Microsoft® Windows® Operating System||ExplorerFrame||© Microsoft Corporation. All rights reserved.||fd13400115d3d0d70e087ab826df593a||<||||>duser.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||177KB (181,248 bytes)||||2009/07/13 18:26:41||2009/07/13 20:15:13||2009/07/13 18:26:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows DirectUser Engine||© Microsoft Corporation. All rights reserved.||6e1f8165c365d35c8e3c045af0cdd481||<||||>dui70.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||701KB (717,824 bytes)||||2009/07/13 18:28:18||2009/07/13 20:15:13||2009/07/13 18:28:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows DirectUI Engine||© Microsoft Corporation. All rights reserved.||ee06b85bc69f18826302348a2ad089e0||<||||>klwtbcl.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||66.7KB (68,280 bytes)||||2010/07/01 21:35:14||2010/07/01 21:35:14||2010/10/29 17:08:14||0||1||0||0||0||0||Kaspersky Anti-Virus||WebToolBar component||© 1997-2010 Kaspersky Lab ZAO.||98b06f38a351b6535a66f7f1bed96e14||<||||>shdocvw.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||176KB (179,712 bytes)||||2009/07/13 18:39:18||2009/07/13 20:16:14||2009/07/13 18:39:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Doc Object and Control Library||© Microsoft Corporation. All rights reserved.||e07b77c3bdc82a024e294fb67abfeda0||<||||>iertutil.dll||8.00.7600.16671 (win7_gdr.100907-1501)||8.00.7600.16671||Application extension||C:\Windows\SysWOW64\||1.96MB (2,058,752 bytes)||||2010/10/29 16:02:50||2010/09/07 23:28:01||2010/10/29 16:02:50||0||1||0||0||0||0||Windows® Internet Explorer||Run time utility for Internet Explorer||© Microsoft Corporation. All rights reserved.||de03c0797d592582317a0aa6cda3a0c4||<||||>dsound.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||443KB (453,632 bytes)||||2009/07/13 19:03:26||2009/07/13 20:15:13||2009/07/13 19:03:26||0||1||0||0||0||0||Microsoft® Windows® Operating System||DirectSound||© Microsoft Corporation. All rights reserved.||0e85c11f8850d524b02181c6e02ba9ae||<||||>powrprof.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||142KB (145,408 bytes)||||2009/07/13 18:16:37||2009/07/13 20:16:12||2009/07/13 18:16:37||0||1||0||0||0||0||Microsoft® Windows® Operating System||Power Profile Helper DLL||© Microsoft Corporation. All rights reserved.||08dfdbd2fd4ea951dc46b1c7661ed35a||<||||>tiptsf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Program Files (x86)\Common Files\microsoft shared\ink\||340KB (348,160 bytes)||||2009/07/13 18:47:01||2009/07/13 20:16:16||2009/07/13 18:47:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Tablet PC Input Panel Text Services Framework||© Microsoft Corporation. All rights reserved.||7896effdee215c172be724a64931ef1c||<||||>msls31.dll||3.10.349.0||3.10||Application extension||C:\Windows\System32\||154KB (157,184 bytes)||||2009/07/13 18:26:12||2009/07/13 20:15:45||2009/07/13 18:26:12||0||1||0||0||0||0||Microsoft® Line Services||Microsoft Line Services library file||Copyright © Microsoft Corp. 1996-1999||26025a46fb3fdb40ff06bbf1834093b5||<||||>xmllite.dll||1.3.1000.0||1.3.1000.0||Application extension||C:\Windows\System32\||176KB (180,224 bytes)||||2009/07/13 19:20:17||2009/07/13 20:16:21||2009/07/13 19:20:17||0||1||0||0||0||0||Microsoft XML Core Services||Microsoft XmlLite Library||Copyright (C) Microsoft Corporation. 2005||7bf5ea753d4cc056b9462a02ac51b160||<||||>StructuredQuery.dll||7.00.7600.16587 (win7_gdr.100504-1502)||7.00.7600.16587||Application extension||C:\Windows\System32\||355KB (363,520 bytes)||||2010/10/29 16:06:53||2010/05/05 01:46:55||2010/10/29 16:06:53||0||1||0||0||0||0||Windows® Search||Structured Query||© Microsoft Corporation. All rights reserved.||8d908f346eedd752005a32787a6dcafa||<||||>secur32.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\System32\||21.5KB (22,016 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||e73f21a566a81cd30cb63e8f006056be||<||||>actxprxy.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||302KB (309,248 bytes)||||2009/07/13 19:20:08||2009/07/13 20:14:52||2009/07/13 19:20:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||ActiveX Interface Marshaling Library||© Microsoft Corporation. All rights reserved.||b6c4063297c7d07cd0532bdc3350436c||<||||>ieproxy.dll||8.00.7600.16671 (win7_gdr.100907-1501)||8.00.7600.16671||Application extension||C:\Program Files (x86)\Internet Explorer\||160KB (163,328 bytes)||||2010/10/29 16:02:48||2010/09/07 23:28:01||2010/10/29 16:02:48||0||1||0||0||0||0||Windows® Internet Explorer||IE ActiveX Interface Marshaling Library||© Microsoft Corporation. All rights reserved.||5e2237957967e34adb5707268c018111||<||||>thumbcache.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||81.0KB (82,944 bytes)||||2009/07/13 18:40:15||2009/07/13 20:16:16||2009/07/13 18:40:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Thumbnail Cache||© Microsoft Corporation. All rights reserved.||dbe2aa52b5d67da319d33a175b8bb41e||<||||>ieframe.dll||8.00.7600.16385 (win7_rtm.090713-1255)||8.00.7600.16385||Application extension||C:\Windows\System32\||10.5MB (10,988,544 bytes)||||2010/10/29 16:02:51||2010/09/07 23:28:01||2010/10/29 16:02:51||0||1||0||0||0||0||Windows® Internet Explorer||Internet Browser||© Microsoft Corporation. All rights reserved.||583d81424160acf62377fc3c1f221f1b||<||||>oleacc.dll||7.0.0.0 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||228KB (233,472 bytes)||||2009/07/13 18:26:29||2009/07/13 20:16:12||2009/07/13 18:26:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Active Accessibility Core Component||© Microsoft Corporation. All rights reserved.||cbd010bfbed9657c3813400aad03cf8a||<||||>SearchFolder.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||628KB (643,072 bytes)||||2009/07/13 18:43:28||2009/07/13 20:16:13||2009/07/13 18:43:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||SearchFolder||© Microsoft Corporation. All rights reserved.||47098e5d669470801621ac09c7c77cc0||<||||>networkexplorer.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||1.58MB (1,661,440 bytes)||||2009/07/13 18:53:29||2009/07/13 20:16:03||2009/07/13 18:53:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Explorer||© Microsoft Corporation. All rights reserved.||4a056d7392f31eda3ae1975e7010d7e3||<||||>linkinfo.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.5KB (22,016 bytes)||||2009/07/13 18:39:26||2009/07/13 20:15:36||2009/07/13 18:39:26||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Volume Tracking||© Microsoft Corporation. All rights reserved.||5987ea8a82c53359bcd2c29d6588583e||<||||>samcli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||49.5KB (50,688 bytes)||||2009/07/13 18:37:32||2009/07/13 20:16:13||2009/07/13 18:37:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Accounts Manager Client DLL||© Microsoft Corporation. All rights reserved.||742aa02bd9fa3492c9e525bbd427d87d||<||||>samlib.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||59.5KB (60,928 bytes)||||2009/07/13 18:37:59||2009/07/13 20:16:13||2009/07/13 18:37:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||SAM Library DLL||© Microsoft Corporation. All rights reserved.||c30a3e5deeeba22e782ac54c5af5f352||<||||>netutils.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.5KB (22,016 bytes)||||2009/07/13 18:37:29||2009/07/13 20:16:03||2009/07/13 18:37:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Net Win32 API Helpers DLL||© Microsoft Corporation. All rights reserved.||c6bb27d9a8ac13d4a44486f528b5c884||<||||>urlmon.dll||8.00.7600.16385 (win7_rtm.090713-1255)||8.00.7600.16385||Application extension||C:\Windows\SysWOW64\||1.17MB (1,226,752 bytes)||||2010/10/29 16:02:49||2010/09/07 23:30:01||2010/10/29 16:02:49||0||1||0||0||0||0||Windows® Internet Explorer||OLE32 Extensions for Win32||© Microsoft Corporation. All rights reserved.||417ee5aa3d10c4f40e52a17c71dfb99a||<||||>crypt32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.10MB (1,151,488 bytes)||||2009/07/13 18:34:18||2009/07/13 20:15:07||2009/07/13 18:34:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Crypto API32||© Microsoft Corporation. All rights reserved.||e6b5de86abf68d7d67e451c29287b5c5||<||||>msasn1.dll||6.1.7600.16415 (win7_gdr.090828-1615)||6.1.7600.16415||Application extension||C:\Windows\SysWOW64\||34.0KB (34,816 bytes)||||2010/08/11 20:54:49||2010/08/11 20:54:49||2010/08/11 20:54:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||ASN.1 Runtime APIs||© Microsoft Corporation. All rights reserved.||4c04900aa8c323f5d4c316a89e976849||<||||>wininet.dll||8.00.7600.16385 (win7_rtm.090713-1255)||8.00.7600.16385||Application extension||C:\Windows\SysWOW64\||956KB (978,432 bytes)||||2010/10/29 16:02:49||2010/09/07 23:30:04||2010/10/29 16:02:49||0||1||0||0||0||0||Windows® Internet Explorer||Internet Extensions for Win32||© Microsoft Corporation. All rights reserved.||3d6aa6dd4d0f3bb41b804747eb489831||<||||>normaliz.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||2.00KB (2,048 bytes)||||2009/07/13 18:15:41||2009/07/13 20:09:00||2009/07/13 18:15:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Unicode Normalization DLL||© Microsoft Corporation. All rights reserved.||9c278785347bcc991f8ea2999d90f58d||<||||>rasapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||318KB (325,120 bytes)||||2009/07/13 18:55:16||2009/07/13 20:16:12||2009/07/13 18:55:16||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Access API||© Microsoft Corporation. All rights reserved.||839f96dbaafd3353e0b248a5e0bd2a51||<||||>rasman.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||75.0KB (76,800 bytes)||||2009/07/13 18:54:43||2009/07/13 20:16:12||2009/07/13 18:54:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Access Connection Manager||© Microsoft Corporation. All rights reserved.||ffa7172354b9256dbb2cdd75f16f33fe||<||||>rtutils.dll||6.1.7600.16617 (win7_gdr.100618-1621)||6.1.7600.16617||Application extension||C:\Windows\System32\||36.5KB (37,376 bytes)||||2010/10/29 16:06:38||2010/06/19 01:23:50||2010/10/29 16:06:38||0||1||0||0||0||0||Microsoft® Windows® Operating System||Routing Utilities||© Microsoft Corporation. All rights reserved.||406f7b9c71b99872670ee9a8d52e2fe5||<||||>SensApi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||10.5KB (10,752 bytes)||||2009/07/13 18:21:53||2009/07/13 20:16:13||2009/07/13 18:21:53||0||1||0||0||0||0||Microsoft® Windows® Operating System||SENS Connectivity API DLL||© Microsoft Corporation. All rights reserved.||6f8e3b7b70e1bba871212940c1fbdf60||<||||>Wpc.dll||1.0.0.1||1.0.0.1||Application extension||C:\Windows\System32\||302KB (308,736 bytes)||||2009/07/13 18:40:24||2009/07/13 20:16:20||2009/07/13 18:40:24||0||1||0||0||0||0||Windows||WPC Settings Library||(c) Microsoft Corporation. All rights reserved.||236360ce5e4c3f063ac110533747c0a8||<||||>wevtapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||256KB (262,144 bytes)||||2009/07/13 18:30:22||2009/07/13 20:16:18||2009/07/13 18:30:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Eventing Consumption and Configuration API||© Microsoft Corporation. All rights reserved.||82c089ea2a3eefadf3588ea71e8bdada||<||||>netprofm.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||352KB (360,448 bytes)||||2009/07/13 18:56:58||2009/07/13 20:16:03||2009/07/13 18:56:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network List Manager||© Microsoft Corporation. All rights reserved.||8c338238c16777a802d6a9211eb2ba50||<||||>npmproxy.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||16.5KB (16,896 bytes)||||2009/07/13 18:56:26||2009/07/13 20:16:11||2009/07/13 18:56:26||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network List Manager Proxy||© Microsoft Corporation. All rights reserved.||15e298b5ec5b89c5994a59863969d9ff||<||||>MpOAV.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Program Files (x86)\Windows Defender\||53.5KB (54,784 bytes)||||2009/07/13 18:37:22||2009/07/13 20:15:41||2009/07/13 18:37:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||IOfficeAntiVirus Module||© Microsoft Corporation. All rights reserved.||79e485e1361da3cbe01ff760867f1d26||<||||>wintrust.dll||6.1.7600.16493 (win7_gdr.091228-1501)||6.1.7600.16493||Application extension||C:\Windows\SysWOW64\||168KB (172,032 bytes)||||2010/08/11 20:58:51||2010/08/11 20:58:51||2010/08/11 20:58:51||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Trust Verification APIs||© Microsoft Corporation. All rights reserved.||f8090992723d55f6a2a8238f0d152149||<||||>imagehlp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||151KB (154,624 bytes)||||2009/07/13 18:57:51||2009/07/13 20:15:31||2009/07/13 18:57:51||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT Image Helper||© Microsoft Corporation. All rights reserved.||61da1dd85f7a9a8f8dea8771931faaf6||<||||>ncrypt.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||214KB (219,136 bytes)||||2009/07/13 18:33:05||2009/07/13 20:16:02||2009/07/13 18:33:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows cryptographic library||© Microsoft Corporation. All rights reserved.||c20ff1a17726c357461a7ac5b3bfc3ad||<||||>bcrypt.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||79.0KB (80,896 bytes)||||2009/07/13 18:32:57||2009/07/13 20:11:20||2009/07/13 18:32:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Cryptographic Primitives Library (Wow64)||© Microsoft Corporation. All rights reserved.||ce71b9119a258edd0a05b37d7b0f92e3||<||||>bcryptprimitives.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||244KB (249,680 bytes)||||2009/07/13 18:33:07||2009/07/13 20:17:54||2009/07/13 18:33:07||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Cryptographic Primitives Library||© Microsoft Corporation. All rights reserved.||e8449fe262d7406bcb2ac2a45c53ec5f||<||||>gpapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||78.0KB (79,872 bytes)||||2009/07/13 18:38:32||2009/07/13 20:15:22||2009/07/13 18:38:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Group Policy Client API||© Microsoft Corporation. All rights reserved.||1097f3035baf46ced8b332b3564c5108||<||||>cryptnet.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||101KB (103,424 bytes)||||2009/07/13 18:32:43||2009/07/13 20:15:07||2009/07/13 18:32:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||Crypto Network Related API||© Microsoft Corporation. All rights reserved.||04d16553664796613fe98d441a0c35d7||<||||>cabinet.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||71.0KB (72,704 bytes)||||2009/07/13 18:12:33||2009/07/13 20:15:00||2009/07/13 18:12:33||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft® Cabinet File API||© Microsoft Corporation. All rights reserved.||def30cbea881149c2affdf9a059fb759||<||||>devrtl.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||43.5KB (44,544 bytes)||||2009/07/13 18:16:06||2009/07/13 20:15:11||2009/07/13 18:16:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Device Management Run Time Library||© Microsoft Corporation. All rights reserved.||fd07f21e0a19c27ed4e1eec2b07452b3||<||||>mpr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||62.5KB (64,000 bytes)||||2009/07/13 18:55:36||2009/07/13 20:15:41||2009/07/13 18:55:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multiple Provider Router DLL||© Microsoft Corporation. All rights reserved.||b9a8cbcfcd3ec9d2ea4740af347bf108||<||||>zipfldr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||320KB (327,680 bytes)||||2009/07/13 18:40:36||2009/07/13 20:16:21||2009/07/13 18:40:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Compressed (zipped) Folders||© Microsoft Corporation. All rights reserved.||d5c88cb54e9e232deab8181cf04b5dcd||<||||>
klwtblfs.exe||11.0.1.400||11.0.1.400||Application||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\||167KB (170,680 bytes)||||2010/07/01 21:38:56||2010/07/01 21:38:56||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||WebToolBar component||© 1997-2010 Kaspersky Lab ZAO.||1e55d6711aded9f782a896b81da5f27a||
CommandLine[:]"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtblfs.exe" -Embedding
Priority[:]8
ProcessId[:]3220
ReadOperationCount[:]69
ReadTransferCount[:]22390
SessionId[:]1
ThreadCount[:]4
rundll32.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\SysWOW64\||43.5KB (44,544 bytes)||||2009/07/13 18:41:43||2009/07/13 20:14:31||2009/07/13 18:41:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows host process (Rundll32)||© Microsoft Corporation. All rights reserved.||51138beea3e2c21ec44d0932c71762a8||
CommandLine[:]C:\Windows\SysWOW64\rundll32.exe basegui.ppl,ShowHelp
Priority[:]8
ProcessId[:]468
ReadOperationCount[:]1
ReadTransferCount[:]69460
SessionId[:]1
ThreadCount[:]1
Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>imagehlp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||151KB (154,624 bytes)||||2009/07/13 18:57:51||2009/07/13 20:15:31||2009/07/13 18:57:51||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT Image Helper||© Microsoft Corporation. All rights reserved.||61da1dd85f7a9a8f8dea8771931faaf6||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>basegui.ppl||11.0.1.414||11.0.1.414||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||1.62MB (1,694,392 bytes)||||2010/07/27 20:19:06||2010/10/29 17:20:36||2010/10/29 17:20:36||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Anti-Virus GUI Windows part||© 1997-2010 Kaspersky Lab ZAO.||eb66085ecaca891b5c35f5b2f55cc55a||<||||>netapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||55.5KB (56,832 bytes)||||2009/07/13 18:37:53||2009/07/13 20:16:02||2009/07/13 18:37:53||0||1||0||0||0||0||Microsoft® Windows® Operating System||Net Win32 API DLL||© Microsoft Corporation. All rights reserved.||c3dbf7dff5a38136e26badb7ab4e2972||<||||>netutils.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||21.5KB (22,016 bytes)||||2009/07/13 18:37:29||2009/07/13 20:16:03||2009/07/13 18:37:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Net Win32 API Helpers DLL||© Microsoft Corporation. All rights reserved.||c6bb27d9a8ac13d4a44486f528b5c884||<||||>srvcli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||88.0KB (90,112 bytes)||||2009/07/13 18:37:36||2009/07/13 20:16:15||2009/07/13 18:37:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Server Service Client DLL||© Microsoft Corporation. All rights reserved.||89d840773c9c4358a5031dcc860449ec||<||||>wkscli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||46.0KB (47,104 bytes)||||2009/07/13 18:37:38||2009/07/13 20:16:19||2009/07/13 18:37:38||0||1||0||0||0||0||Microsoft® Windows® Operating System||Workstation Service Client DLL||© Microsoft Corporation. All rights reserved.||7ad12703039056d2a0815f85960e1fa1||<||||>samcli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||49.5KB (50,688 bytes)||||2009/07/13 18:37:32||2009/07/13 20:16:13||2009/07/13 18:37:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Accounts Manager Client DLL||© Microsoft Corporation. All rights reserved.||742aa02bd9fa3492c9e525bbd427d87d||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||>msimg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||4.50KB (4,608 bytes)||||2009/07/13 18:25:24||2009/07/13 20:15:44||2009/07/13 18:25:24||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDIEXT Client DLL||© Microsoft Corporation. All rights reserved.||18ab2e5a40064ed5f7791ac5946a90f3||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>msvcp80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||542KB (554,816 bytes)||||2009/07/13 15:46:11||2009/06/10 16:23:11||2009/07/13 15:46:11||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C++ Runtime Library||© Microsoft Corporation. All rights reserved.||cfc54225d1870fdbf6e9e75fb83a27cb||<||||>msvcr80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||618KB (632,656 bytes)||||2009/07/13 15:46:13||2009/06/10 16:23:11||2009/07/13 15:46:13||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C Runtime Library||© Microsoft Corporation. All rights reserved.||c4e9e285e1730d864dd4b35b73cdafdb||<||||>mpr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||62.5KB (64,000 bytes)||||2009/07/13 18:55:36||2009/07/13 20:15:41||2009/07/13 18:55:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multiple Provider Router DLL||© Microsoft Corporation. All rights reserved.||b9a8cbcfcd3ec9d2ea4740af347bf108||<||||>ws2_32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||202KB (206,336 bytes)||||2009/07/13 18:12:28||2009/07/13 20:16:20||2009/07/13 18:12:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 2.0 32-Bit DLL||© Microsoft Corporation. All rights reserved.||daae8a9b8c0acc7f858454132553c30d||<||||>nsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||8.50KB (8,704 bytes)||||2009/07/13 18:12:06||2009/07/13 20:16:11||2009/07/13 18:12:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||NSI User-mode interface DLL||© Microsoft Corporation. All rights reserved.||6377051c63d5552a311935c67e9fdfdc||<||||>comctl32.dll||6.10 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\||1.60MB (1,680,896 bytes)||||2010/10/29 16:06:18||2010/08/21 00:21:32||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Experience Controls Library||© Microsoft Corporation. All rights reserved.||4b8dd8541c0e26602005dd0137333615||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
CommandLine[:]
Priority[:]6
ProcessId[:]3524
ReadOperationCount[:]14
ReadTransferCount[:]136
SessionId[:]0
ThreadCount[:]4
SearchProtocolHost.exe||7.00.7600.16385 (win7_rtm.090713-1255)||7.00.7600.16385||Application||C:\Windows\System32\||161KB (164,352 bytes)||||2009/07/13 19:14:11||2009/07/13 20:14:35||2009/07/13 19:14:11||0||1||0||0||0||0||Windows® Search||Microsoft Windows Search Protocol Host||© Microsoft Corporation. All rights reserved.||89ed7c028a487340b7d93d5a38fdcb54||
CommandLine[:]
Priority[:]4
ProcessId[:]5228
ReadOperationCount[:]4
ReadTransferCount[:]16952
SessionId[:]0
ThreadCount[:]8
SearchFilterHost.exe||7.00.7600.16385 (win7_rtm.090713-1255)||7.00.7600.16385||Application||C:\Windows\System32\||84.5KB (86,528 bytes)||||2009/07/13 19:13:15||2009/07/13 20:14:35||2009/07/13 19:13:15||0||1||0||0||0||0||Windows® Search||Microsoft Windows Search Filter Host||© Microsoft Corporation. All rights reserved.||8a674f9ab20b4937357bf6f5a0938ebf||
CommandLine[:]
Priority[:]4
ProcessId[:]4444
ReadOperationCount[:]353
ReadTransferCount[:]26220
SessionId[:]0
ThreadCount[:]5
GetSystemInfo(3).exe||4.01.0243||4.01.0243||Application||C:\Users\Kevin\Downloads\||597KB (611,624 bytes)||||2010/11/02 03:45:32||2010/11/02 03:45:33||2010/11/02 03:45:28||0||1||0||0||0||0||GetSystemInfo||GetSystemInfo||Copyright © Kaspersky Lab 1997-2010.||9c722bb65596fd46ecbbe00d57901e46||
CommandLine[:]"C:\Users\Kevin\Downloads\GetSystemInfo(3).exe"
Priority[:]8
ProcessId[:]4580
ReadOperationCount[:]697
ReadTransferCount[:]55908
SessionId[:]1
ThreadCount[:]11
Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>msvbvm60.dll||6.00.9815||6.00.9815||Application extension||C:\Windows\System32\||1.32MB (1,386,496 bytes)||||2009/06/10 16:38:03||2009/07/13 20:15:50||2009/06/10 16:38:03||0||1||0||0||0||0||Visual Basic||Visual Basic Virtual Machine||Copyright © 1987-2000 Microsoft Corp.||5343a19c618bc515ceb1695586c6c137||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>sxs.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||372KB (380,416 bytes)||||2009/07/13 18:16:17||2009/07/13 20:16:15||2009/07/13 18:16:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Fusion 2.5||© Microsoft Corporation. All rights reserved.||accba604d34842844133a731f8045b32||<||||>clbcatq.dll||2001.12.8530.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||510KB (522,240 bytes)||||2009/07/13 18:44:44||2009/07/13 20:15:03||2009/07/13 18:44:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||COM+ Configuration Catalog||© Microsoft Corporation. All rights reserved.||ff5688d309347f2720911d8796912834||<||||>asycfilt.dll||6.1.7600.16544||6.1.7600.16544||Application extension||C:\Windows\System32\||66.0KB (67,584 bytes)||||2010/08/11 21:00:42||2010/08/11 21:00:42||2010/08/11 21:00:42||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||5b575ce99aa28c0d011918127e94ec88||<||||>cryptsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||77.0KB (78,848 bytes)||||2009/07/13 18:37:21||2009/07/13 20:15:07||2009/07/13 18:37:21||0||1||0||0||0||0||Microsoft® Windows® Operating System||Cryptographic Service Provider API||© Microsoft Corporation. All rights reserved.||7321f18d1f820612ed0e9f2d4b578a7e||<||||>rsaenh.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||237KB (242,936 bytes)||||2009/07/13 18:37:33||2009/07/13 20:17:54||2009/07/13 18:37:33||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Enhanced Cryptographic Provider||© Microsoft Corporation. All rights reserved.||ed8ec63f7522df4852147c84ec62c36a||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||>advpack.dll||8.00.7600.16385 (win7_rtm.090713-1255)||8.00.7600.16385||Application extension||C:\Windows\System32\||124KB (126,464 bytes)||||2009/07/13 18:42:47||2009/07/13 20:14:53||2009/07/13 18:42:47||0||1||0||0||0||0||Windows® Internet Explorer||ADVPACK||© Microsoft Corporation. All rights reserved.||4fe6aa4422bec5dc3995051c670ffb26||<||||>setupapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.59MB (1,668,608 bytes)||||2009/07/13 18:16:56||2009/07/13 20:16:14||2009/07/13 18:16:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Setup API||© Microsoft Corporation. All rights reserved.||41323ab614a2b66ad77b1121d24ac895||<||||>cfgmgr32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||143KB (145,920 bytes)||||2009/07/13 18:16:10||2009/07/13 20:15:02||2009/07/13 18:16:10||0||1||0||0||0||0||Microsoft® Windows® Operating System||Configuration Manager DLL||© Microsoft Corporation. All rights reserved.||15b94e4ac75c9295275bdc9a1d7054c3||<||||>devobj.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||63.0KB (64,512 bytes)||||2009/07/13 18:16:09||2009/07/13 20:15:11||2009/07/13 18:16:09||0||1||0||0||0||0||Microsoft® Windows® Operating System||Device Information Set DLL||© Microsoft Corporation. All rights reserved.||cc4ed8bea78b0dca6f217e014c3291a7||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>comctl32.dll||6.10 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\||1.60MB (1,680,896 bytes)||||2010/10/29 16:06:18||2010/08/21 00:21:32||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Experience Controls Library||© Microsoft Corporation. All rights reserved.||4b8dd8541c0e26602005dd0137333615||<||||>propsys.dll||7.00.7600.16385 (win7_rtm.090713-1255)||7.00.7600.16385||Application extension||C:\Windows\System32\||965KB (988,160 bytes)||||2009/07/13 18:40:28||2009/07/13 20:16:12||2009/07/13 18:40:28||0||1||0||0||0||0||Windows® Search||Microsoft Property System||© Microsoft Corporation. All rights reserved.||26eaee08caf82aa7f03c5020f51da541||<||||>ntmarta.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||119KB (121,856 bytes)||||2009/07/13 18:34:20||2009/07/13 20:16:11||2009/07/13 18:34:20||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT MARTA provider||© Microsoft Corporation. All rights reserved.||3fd15b4611d9bda3f8013548c0ecaeca||<||||>Wldap32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||263KB (268,800 bytes)||||2009/07/13 18:38:45||2009/07/13 20:16:19||2009/07/13 18:38:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Win32 LDAP API DLL||© Microsoft Corporation. All rights reserved.||bfa70a99ad1434263f2dfbba103bdef8||<||||>wininet.dll||8.00.7600.16385 (win7_rtm.090713-1255)||8.00.7600.16385||Application extension||C:\Windows\SysWOW64\||956KB (978,432 bytes)||||2010/10/29 16:02:49||2010/09/07 23:30:04||2010/10/29 16:02:49||0||1||0||0||0||0||Windows® Internet Explorer||Internet Extensions for Win32||© Microsoft Corporation. All rights reserved.||3d6aa6dd4d0f3bb41b804747eb489831||<||||>normaliz.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||2.00KB (2,048 bytes)||||2009/07/13 18:15:41||2009/07/13 20:09:00||2009/07/13 18:15:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Unicode Normalization DLL||© Microsoft Corporation. All rights reserved.||9c278785347bcc991f8ea2999d90f58d||<||||>urlmon.dll||8.00.7600.16385 (win7_rtm.090713-1255)||8.00.7600.16385||Application extension||C:\Windows\SysWOW64\||1.17MB (1,226,752 bytes)||||2010/10/29 16:02:49||2010/09/07 23:30:01||2010/10/29 16:02:49||0||1||0||0||0||0||Windows® Internet Explorer||OLE32 Extensions for Win32||© Microsoft Corporation. All rights reserved.||417ee5aa3d10c4f40e52a17c71dfb99a||<||||>crypt32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.10MB (1,151,488 bytes)||||2009/07/13 18:34:18||2009/07/13 20:15:07||2009/07/13 18:34:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Crypto API32||© Microsoft Corporation. All rights reserved.||e6b5de86abf68d7d67e451c29287b5c5||<||||>msasn1.dll||6.1.7600.16415 (win7_gdr.090828-1615)||6.1.7600.16415||Application extension||C:\Windows\SysWOW64\||34.0KB (34,816 bytes)||||2010/08/11 20:54:49||2010/08/11 20:54:49||2010/08/11 20:54:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||ASN.1 Runtime APIs||© Microsoft Corporation. All rights reserved.||4c04900aa8c323f5d4c316a89e976849||<||||>iertutil.dll||8.00.7600.16671 (win7_gdr.100907-1501)||8.00.7600.16671||Application extension||C:\Windows\SysWOW64\||1.96MB (2,058,752 bytes)||||2010/10/29 16:02:50||2010/09/07 23:28:01||2010/10/29 16:02:50||0||1||0||0||0||0||Windows® Internet Explorer||Run time utility for Internet Explorer||© Microsoft Corporation. All rights reserved.||de03c0797d592582317a0aa6cda3a0c4||<||||>profapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||31.0KB (31,744 bytes)||||2009/07/13 18:12:02||2009/07/13 20:16:12||2009/07/13 18:12:02||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Profile Basic API||© Microsoft Corporation. All rights reserved.||c733d233b623b7ffce5031e4b756ee26||<||||>ws2_32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||202KB (206,336 bytes)||||2009/07/13 18:12:28||2009/07/13 20:16:20||2009/07/13 18:12:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 2.0 32-Bit DLL||© Microsoft Corporation. All rights reserved.||daae8a9b8c0acc7f858454132553c30d||<||||>nsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||8.50KB (8,704 bytes)||||2009/07/13 18:12:06||2009/07/13 20:16:11||2009/07/13 18:12:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||NSI User-mode interface DLL||© Microsoft Corporation. All rights reserved.||6377051c63d5552a311935c67e9fdfdc||<||||>dnsapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||264KB (269,824 bytes)||||2009/07/13 18:12:41||2009/07/13 20:15:12||2009/07/13 18:12:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||DNS Client API DLL||© Microsoft Corporation. All rights reserved.||6d5a49d6479eb753c7879f73a4c35e0f||<||||>IPHLPAPI.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||102KB (103,936 bytes)||||2009/07/13 18:12:15||2009/07/13 20:15:33||2009/07/13 18:12:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||IP Helper API||© Microsoft Corporation. All rights reserved.||6095266caaf5e75f394cfd4844cc4c25||<||||>winnsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||16.5KB (16,896 bytes)||||2009/07/13 18:12:05||2009/07/13 20:16:19||2009/07/13 18:12:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Store Information RPC interface||© Microsoft Corporation. All rights reserved.||cff35b879d1618d42c86644c717ba947||<||||>rasapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||318KB (325,120 bytes)||||2009/07/13 18:55:16||2009/07/13 20:16:12||2009/07/13 18:55:16||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Access API||© Microsoft Corporation. All rights reserved.||839f96dbaafd3353e0b248a5e0bd2a51||<||||>rasman.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||75.0KB (76,800 bytes)||||2009/07/13 18:54:43||2009/07/13 20:16:12||2009/07/13 18:54:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Access Connection Manager||© Microsoft Corporation. All rights reserved.||ffa7172354b9256dbb2cdd75f16f33fe||<||||>rtutils.dll||6.1.7600.16617 (win7_gdr.100618-1621)||6.1.7600.16617||Application extension||C:\Windows\System32\||36.5KB (37,376 bytes)||||2010/10/29 16:06:38||2010/06/19 01:23:50||2010/10/29 16:06:38||0||1||0||0||0||0||Microsoft® Windows® Operating System||Routing Utilities||© Microsoft Corporation. All rights reserved.||406f7b9c71b99872670ee9a8d52e2fe5||<||||>SensApi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||10.5KB (10,752 bytes)||||2009/07/13 18:21:53||2009/07/13 20:16:13||2009/07/13 18:21:53||0||1||0||0||0||0||Microsoft® Windows® Operating System||SENS Connectivity API DLL||© Microsoft Corporation. All rights reserved.||6f8e3b7b70e1bba871212940c1fbdf60||<||||>mswsock.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||227KB (232,448 bytes)||||2009/07/13 18:12:34||2009/07/13 20:15:51||2009/07/13 18:12:34||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Sockets 2.0 Service Provider||© Microsoft Corporation. All rights reserved.||11a41f17527ed75d6b758fdd7f4fd00d||<||||>WSHTCPIP.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||9.00KB (9,216 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv4)||© Microsoft Corporation. All rights reserved.||ee5c8e27c37b79cb54a2fceeed2dc262||<||||>wship6.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||10.5KB (10,752 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv6)||© Microsoft Corporation. All rights reserved.||73e8667a19feedd856df2695e9e511d4||<||||>nlaapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||50.5KB (51,712 bytes)||||2009/07/13 18:53:54||2009/07/13 20:16:03||2009/07/13 18:53:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Location Awareness 2||© Microsoft Corporation. All rights reserved.||045db4eab4fbd23210e85ecc3f464a2e||<||||>winrnr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:37:57||2009/07/13 20:16:19||2009/07/13 18:37:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||LDAP RnR Provider DLL||© Microsoft Corporation. All rights reserved.||5df5d8cfd9b9573fa3b2c89d9061a240||<||||>NapiNSP.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||51.0KB (52,224 bytes)||||2009/07/13 18:54:55||2009/07/13 20:16:02||2009/07/13 18:54:55||0||1||0||0||0||0||Microsoft® Windows® Operating System||E-mail Naming Shim Provider||© Microsoft Corporation. All rights reserved.||0b7e85364cb878e2ad531db7b601a9e5||<||||>pnrpnsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||63.5KB (65,024 bytes)||||2009/07/13 18:55:50||2009/07/13 20:16:12||2009/07/13 18:55:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||PNRP Name Space Provider||© Microsoft Corporation. All rights reserved.||5cf640eddb1e40a5ab1bb743bcdec610||<||||>scrrun.dll||5.8.7600.16385||5.8.7600.16385||Application extension||C:\Windows\SysWOW64\||160KB (163,840 bytes)||||2009/07/13 18:42:38||2009/07/13 20:16:13||2009/07/13 18:42:38||0||1||0||0||0||0||Microsoft ® Script Runtime||Microsoft ® Script Runtime||© Microsoft Corporation. All rights reserved.||69a1d7c29cff256becbd4e39e2159636||<||||>wbemdisp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\wbem\||183KB (187,392 bytes)||||2009/07/13 18:31:02||2009/07/13 20:16:17||2009/07/13 18:31:02||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI Scripting||© Microsoft Corporation. All rights reserved.||244c6722289f4869068992fd7d8a8832||<||||>wbemcomn.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||354KB (362,496 bytes)||||2009/07/13 18:30:48||2009/07/13 20:16:17||2009/07/13 18:30:48||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI||© Microsoft Corporation. All rights reserved.||96f3f676b4d0df4da9c4081358c4662f||<||||>wbemprox.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\wbem\||28.5KB (29,184 bytes)||||2009/07/13 18:30:14||2009/07/13 20:16:17||2009/07/13 18:30:14||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI||© Microsoft Corporation. All rights reserved.||c5b0324db461559add070e632a6919fa||<||||>wmiutils.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\wbem\||83.5KB (85,504 bytes)||||2009/07/13 18:30:15||2009/07/13 20:16:19||2009/07/13 18:30:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI||© Microsoft Corporation. All rights reserved.||5610b0425518d185331cb8e968d060e6||<||||>RpcRtRemote.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||44.5KB (45,568 bytes)||||2009/07/13 18:43:48||2009/07/13 20:16:13||2009/07/13 18:43:48||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote RPC Extension||© Microsoft Corporation. All rights reserved.||6c0bd9d59c7e97dee2fb3407d17bf697||<||||>wbemsvc.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\wbem\||46.5KB (47,616 bytes)||||2009/07/13 18:30:07||2009/07/13 20:16:17||2009/07/13 18:30:07||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI||© Microsoft Corporation. All rights reserved.||776ae0564f8b1c282e331fd95a1bdc5f||<||||>fastprox.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\wbem\||592KB (605,696 bytes)||||2009/07/13 18:31:15||2009/07/13 20:15:20||2009/07/13 18:31:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI Custom Marshaller||© Microsoft Corporation. All rights reserved.||1cedfe91f527858caca1b08b04666bc0||<||||>ntdsapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||88.0KB (90,112 bytes)||||2009/07/13 18:38:21||2009/07/13 20:16:11||2009/07/13 18:38:21||0||1||0||0||0||0||Microsoft® Windows® Operating System||Active Directory Domain Services API||© Microsoft Corporation. All rights reserved.||e3e811471de781900ff21c1fd84e941e||<||||>WindowsCodecs.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||988KB (1,011,200 bytes)||||2009/07/13 18:29:14||2009/07/13 20:16:18||2009/07/13 18:29:14||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Codecs Library||© Microsoft Corporation. All rights reserved.||691c8dfb208227f0cbb5c0897c742ace||<||||>apphelp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||286KB (292,352 bytes)||||2009/07/13 18:14:31||2009/07/13 20:14:53||2009/07/13 18:14:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Application Compatibility Client Library||© Microsoft Corporation. All rights reserved.||c02e3ce20e7776c922b5c8938350b5f1||<||||>EhStorShell.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||186KB (189,952 bytes)||||2009/07/13 18:45:42||2009/07/13 20:15:14||2009/07/13 18:45:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Enhanced Storage Shell Extension DLL||© Microsoft Corporation. All rights reserved.||846d0e4db261cfaf363902e41498e961||<||||>comctl32.dll||5.82 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\||518KB (530,432 bytes)||||2010/10/29 16:06:18||2010/08/21 00:33:24||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Common Controls Library||© Microsoft Corporation. All rights reserved.||d3ead1cf16ba729a7f7c9a5d94aa7c05||<||||>ntshrui.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||433KB (442,880 bytes)||||2009/07/13 18:41:55||2009/07/13 20:16:11||2009/07/13 18:41:55||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell extensions for sharing||© Microsoft Corporation. All rights reserved.||36333d345062e42e849c0af00cbefc97||<||||>srvcli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||88.0KB (90,112 bytes)||||2009/07/13 18:37:36||2009/07/13 20:16:15||2009/07/13 18:37:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Server Service Client DLL||© Microsoft Corporation. All rights reserved.||89d840773c9c4358a5031dcc860449ec||<||||>cscapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||34.0KB (34,816 bytes)||||2009/07/13 18:14:26||2009/07/13 20:15:07||2009/07/13 18:14:26||0||1||0||0||0||0||Microsoft® Windows® Operating System||Offline Files Win32 API||© Microsoft Corporation. All rights reserved.||add9d33d685dfaddfad5afb42cf31a70||<||||>slc.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||26.5KB (27,136 bytes)||||2009/07/13 18:35:27||2009/07/13 20:16:15||2009/07/13 18:35:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Software Licensing Client Dll||© Microsoft Corporation. All rights reserved.||8b74cec6980d4816b0037ae9a27e538f||<||||>psapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||6.00KB (6,144 bytes)||||2009/07/13 18:15:50||2009/07/13 20:16:12||2009/07/13 18:15:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||Process Status Helper||© Microsoft Corporation. All rights reserved.||a543ac1f7138376d778d630a35fcbc4c||<||||>mscoree.dll||4.0.31106.0 (Main.031106-0000)||4.0.31106.0||Application extension||C:\Windows\SysWOW64\||291KB (297,808 bytes)||||2010/10/29 16:11:44||2009/11/25 12:47:34||2010/10/29 16:11:44||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Runtime Execution Engine||© Microsoft Corporation. All rights reserved.||128dd9af8640dbcc711940903c8b554f||<||||>mscoreei.dll||4.0.30319.1 (RTMRel.030319-0100)||4.0.30319.1||Application extension||C:\Windows\Microsoft.NET\Framework\v4.0.30319\||403KB (413,008 bytes)||||2010/03/18 13:16:28||2010/03/18 13:16:28||2010/10/29 17:02:50||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Runtime Execution Engine||© Microsoft Corporation. All rights reserved.||83ba5e873164a3711b44052f58c8fe9f||<||||>shfusion.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application extension||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||113KB (115,536 bytes)||||2009/07/13 15:46:31||2009/06/10 16:23:16||2009/07/13 15:46:31||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft COM Runtime Fusion Assembly Viewer||© Microsoft Corporation. All rights reserved.||28fad9308f927e7f100f10f68e5ba083||<||||>msvcr80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||618KB (632,656 bytes)||||2009/07/13 15:46:13||2009/06/10 16:23:11||2009/07/13 15:46:13||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C Runtime Library||© Microsoft Corporation. All rights reserved.||c4e9e285e1730d864dd4b35b73cdafdb||<||||>fusion.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application extension||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||15.3KB (15,680 bytes)||||2009/07/13 15:46:20||2009/06/10 16:22:53||2009/07/13 15:46:20||0||1||0||0||0||0||Microsoft® .NET Framework||Assembly manager||© Microsoft Corporation. All rights reserved.||d7064dba39d806503b812aed707c11ac||<||||>Culture.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application extension||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||23.3KB (23,872 bytes)||||2009/07/13 15:46:18||2009/06/10 16:22:50||2009/07/13 15:46:18||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft Globalization Support||© Microsoft Corporation. All rights reserved.||a0617b5753e31126ad29c03154f4f329||<||||>ShFusRes.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application extension||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||89.8KB (91,984 bytes)||||2009/07/13 15:46:31||2009/06/10 16:23:17||2009/07/13 15:46:31||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft COM Runtime Fusion Assembly Viewer Resources||© Microsoft Corporation. All rights reserved.||b9d947029a84b9731ae4311df035e136||<||||>wpdshext.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||2.20MB (2,311,168 bytes)||||2009/07/13 19:07:34||2009/07/13 20:16:20||2009/07/13 19:07:34||0||1||0||0||0||0||Microsoft® Windows® Operating System||Portable Devices Shell Extension||© Microsoft Corporation. All rights reserved.||baf10e9c4a0a20bbce6de4b5a1417351||<||||>winmm.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||190KB (194,048 bytes)||||2009/07/13 19:03:43||2009/07/13 20:16:19||2009/07/13 19:03:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||MCI API DLL||© Microsoft Corporation. All rights reserved.||26a634b2e0fd87f23541ad13a503ca72||<||||>GdiPlus.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\||1.55MB (1,624,576 bytes)||||2009/07/13 18:26:25||2009/07/13 20:03:50||2009/07/13 18:26:25||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft GDI+||© Microsoft Corporation. All rights reserved.||edb57065790b62ef83be117ad3edfde2||<||||>shdocvw.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||176KB (179,712 bytes)||||2009/07/13 18:39:18||2009/07/13 20:16:14||2009/07/13 18:39:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Doc Object and Control Library||© Microsoft Corporation. All rights reserved.||e07b77c3bdc82a024e294fb67abfeda0||<||||>ieframe.dll||8.00.7600.16385 (win7_rtm.090713-1255)||8.00.7600.16385||Application extension||C:\Windows\SysWOW64\||10.5MB (10,988,544 bytes)||||2010/10/29 16:02:51||2010/09/07 23:28:01||2010/10/29 16:02:51||0||1||0||0||0||0||Windows® Internet Explorer||Internet Browser||© Microsoft Corporation. All rights reserved.||583d81424160acf62377fc3c1f221f1b||<||||>oleacc.dll||7.0.0.0 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||228KB (233,472 bytes)||||2009/07/13 18:26:29||2009/07/13 20:16:12||2009/07/13 18:26:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Active Accessibility Core Component||© Microsoft Corporation. All rights reserved.||cbd010bfbed9657c3813400aad03cf8a||<||||>
SASCore64.exe||1, 0, 0, 1026||1, 0, 0, 1026||Application||C:\Program Files\SUPERAntiSpyware\||126KB (128,752 bytes)||||2010/06/29 12:49:27||2010/06/29 12:49:27||2010/06/29 12:49:27||0||1||0||0||0||0||Core Service||Core Service||Copyright (C) 2005-2010 by SUPERAntiSpyware.com and SUPERAdBlocker.com||a0709b82fa3b5afad1467e565b8b3ba0||
pathname[:]"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
Name[:]!SASCORE
ServiceType[:]Own Process
ProcessId[:]1744
AcceptPause[:]False
AcceptStop[:]True
Description[:]SUPERAntiSpyware Core Service
DisplayName[:]SAS Core Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k netsvcs
Name[:]AeLookupSvc
ServiceType[:]Share Process
ProcessId[:]484
AcceptPause[:]False
AcceptStop[:]True
Description[:]Processes application compatibility cache requests for applications as they are launched
DisplayName[:]Application Experience
Started[:]True
StartMode[:]Manual
StartName[:]localSystem
State[:]Running
Status[:]OK
pathname[:]"C:\Windows\system32\FBAgent.exe"
Name[:]AFBAgent
ServiceType[:]Own Process
ProcessId[:]1332
AcceptPause[:]False
AcceptStop[:]True
Description[:]
DisplayName[:]AFBAgent
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
pathname[:]C:\Windows\System32\alg.exe
Name[:]ALG
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides support for 3rd party protocol plug-ins for Internet Connection Sharing
DisplayName[:]Application Layer Gateway Service
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k apphost
Name[:]AppHostSvc
ServiceType[:]Share Process
ProcessId[:]1776
AcceptPause[:]True
AcceptStop[:]True
Description[:]Provides administrative services for IIS, for example configuration history and Application Pool account mapping. If this service is stopped, configuration history and locking down files or directories with Application Pool specific Access Control Entries will not work.
DisplayName[:]Application Host Helper Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Name[:]AppIDSvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Determines and verifies the identity of an application. Disabling this service will prevent AppLocker from being enforced.
DisplayName[:]Application Identity
Started[:]False
StartMode[:]Manual
StartName[:]NT Authority\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k netsvcs
Name[:]Appinfo
ServiceType[:]Share Process
ProcessId[:]484
AcceptPause[:]False
AcceptStop[:]True
Description[:]Facilitates the running of interactive applications with additional administrative privileges. If this service is stopped, users will be unable to launch applications with the additional administrative privileges they may require to perform desired user tasks.
DisplayName[:]Application Information
Started[:]True
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Running
Status[:]OK
||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0||||||||||
pathname[:]C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
Name[:]ASLDRService
ServiceType[:]Own Process
ProcessId[:]1472
AcceptPause[:]False
AcceptStop[:]True
Description[:]
DisplayName[:]ASLDR Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
aspnet_state.exe||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application||C:\Windows\Microsoft.NET\Framework64\v2.0.50727\||41.8KB (42,840 bytes)||||2009/07/13 15:37:13||2009/06/10 15:39:44||2009/07/13 15:37:13||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft ASP.NET State Server||© Microsoft Corporation. All rights reserved.||1838f16e9ce03b993fc500703b711dab||
pathname[:]C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe
Name[:]aspnet_state
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]ASP.NET State Service
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\NetworkService
State[:]Stopped
Status[:]OK
||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0||||||||||
pathname[:]C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
Name[:]ATKGFNEXSrv
ServiceType[:]Own Process
ProcessId[:]1528
AcceptPause[:]False
AcceptStop[:]True
Description[:]
DisplayName[:]ATKGFNEX Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Name[:]AudioEndpointBuilder
ServiceType[:]Share Process
ProcessId[:]368
AcceptPause[:]False
AcceptStop[:]True
Description[:]Manages audio devices for the Windows Audio service. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start
DisplayName[:]Windows Audio Endpoint Builder
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Name[:]AudioSrv
ServiceType[:]Share Process
ProcessId[:]972
AcceptPause[:]False
AcceptStop[:]True
Description[:]Manages audio for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start
DisplayName[:]Windows Audio
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\LocalService
State[:]Running
Status[:]OK
avp.exe||11.0.1.419||11.0.1.419||Application||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||345KB (352,976 bytes)||||2010/07/01 21:39:08||2010/10/29 17:20:36||2010/10/29 17:20:36||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Anti-Virus||© 1997-2010 Kaspersky Lab ZAO.||946d70667b0119f2beeae0849e1d46a2||
pathname[:]"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" -r
Name[:]AVP
ServiceType[:]Own Process
ProcessId[:]1796
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides computer protection against viruses, dangerous software, network attacks, internet fraud and spam.
DisplayName[:]Kaspersky Anti-Virus Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k AxInstSVGroup
Name[:]AxInstSV
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides User Account Control validation for the installation of ActiveX controls from the Internet and enables management of ActiveX control installation based on Group Policy settings. This service is started on demand and if disabled the installation of ActiveX controls will behave according to default browser settings.
DisplayName[:]ActiveX Installer (AxInstSV)
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k netsvcs
Name[:]BDESVC
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]BDESVC hosts the BitLocker Drive Encryption service. BitLocker Drive Encryption provides secure startup for the operating system, as well as full volume encryption for OS, fixed or removable volumes. This service allows BitLocker to prompt users for various actions related to their volumes when mounted, and unlocks volumes automatically without user interaction. Additionally, it stores recovery information to Active Directory, if available, and, if necessary, ensures the most recent recovery certificates are used. Stopping or disabling the service would prevent users from leveraging this functionality.
DisplayName[:]BitLocker Drive Encryption Service
Started[:]False
StartMode[:]Manual
StartName[:]localSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Name[:]BFE
ServiceType[:]Share Process
ProcessId[:]1628
AcceptPause[:]False
AcceptStop[:]True
Description[:]The Base Filtering Engine (BFE) is a service that manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Stopping or disabling the BFE service will significantly reduce the security of the system. It will also result in unpredictable behavior in IPsec management and firewall applications.
DisplayName[:]Base Filtering Engine
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\LocalService
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k netsvcs
Name[:]BITS
ServiceType[:]Share Process
ProcessId[:]484
AcceptPause[:]False
AcceptStop[:]True
Description[:]Transfers files in the background using idle network bandwidth. If the service is disabled, then any applications that depend on BITS, such as Windows Update or MSN Explorer, will be unable to automatically download programs and other information.
DisplayName[:]Background Intelligent Transfer Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k netsvcs
Name[:]Browser
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Computer Browser
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k bthsvcs
Name[:]bthserv
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]The Bluetooth service supports discovery and association of remote Bluetooth devices. Stopping or disabling this service may cause already installed Bluetooth devices to fail to operate properly and prevent new devices from being discovered or associated.
DisplayName[:]Bluetooth Support Service
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k netsvcs
Name[:]CertPropSvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Copies user certificates and root certificates from smart cards into the current user's certificate store, detects when a smart card is inserted into a smart card reader, and, if needed, installs the smart card Plug and Play minidriver.
DisplayName[:]Certificate Propagation
Started[:]False
StartMode[:]Disabled
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
pathname[:]C:\Windows\system32\CISVC.EXE
Name[:]CISVC
ServiceType[:]Share Process
ProcessId[:]1900
AcceptPause[:]True
AcceptStop[:]True
Description[:]Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language.
DisplayName[:]Indexing Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
mscorsvw.exe||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||64.8KB (66,384 bytes)||||2009/07/13 15:46:27||2009/06/10 16:23:09||2009/07/13 15:46:27||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Runtime Optimization Service||© Microsoft Corporation. All rights reserved.||d88040f816fda31c3b466f0fa0918f29||
pathname[:]C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Name[:]clr_optimization_v2.0.50727_32
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Microsoft .NET Framework NGEN
DisplayName[:]Microsoft .NET Framework NGEN v2.0.50727_X86
Started[:]False
StartMode[:]Disabled
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
mscorsvw.exe||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application||C:\Windows\Microsoft.NET\Framework64\v2.0.50727\||87.8KB (89,920 bytes)||||2009/07/13 15:37:21||2009/06/10 15:39:58||2009/07/13 15:37:21||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Runtime Optimization Service||© Microsoft Corporation. All rights reserved.||d1ceea2b47cb998321c579651ce3e4f8||
pathname[:]C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
Name[:]clr_optimization_v2.0.50727_64
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Microsoft .NET Framework NGEN
DisplayName[:]Microsoft .NET Framework NGEN v2.0.50727_X64
Started[:]False
StartMode[:]Disabled
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
mscorsvw.exe||4.0.30319.1 (RTMRel.030319-0100)||4.0.30319.1||Application||C:\Windows\Microsoft.NET\Framework\v4.0.30319\||127KB (130,384 bytes)||||2010/03/18 13:16:28||2010/03/18 13:16:28||2010/10/29 17:02:51||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Runtime Optimization Service||© Microsoft Corporation. All rights reserved.||c5a75eb48e2344abdc162bda79e16841||
pathname[:]C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
Name[:]clr_optimization_v4.0.30319_32
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Microsoft .NET Framework NGEN
DisplayName[:]Microsoft .NET Framework NGEN v4.0.30319_X86
Started[:]False
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
mscorsvw.exe||4.0.30319.1 (RTMRel.030319-0100)||4.0.30319.1||Application||C:\Windows\Microsoft.NET\Framework64\v4.0.30319\||135KB (138,576 bytes)||||2010/03/18 14:27:14||2010/03/18 14:27:14||2010/10/29 17:02:51||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Runtime Optimization Service||© Microsoft Corporation. All rights reserved.||c6f9af94dcd58122a4d7e89db6bed29d||
pathname[:]C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
Name[:]clr_optimization_v4.0.30319_64
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Microsoft .NET Framework NGEN
DisplayName[:]Microsoft .NET Framework NGEN v4.0.30319_X64
Started[:]False
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
dllhost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||7.00KB (7,168 bytes)||||2009/07/13 18:43:52||2009/07/13 20:14:18||2009/07/13 18:43:52||0||1||0||0||0||0||Microsoft® Windows® Operating System||COM Surrogate||© Microsoft Corporation. All rights reserved.||a63dc5c2ea944e6657203e0c8edeaf61||
pathname[:]C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Name[:]COMSysApp
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]COM+ System Application
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k NetworkService
Name[:]CryptSvc
ServiceType[:]Share Process
ProcessId[:]1152
AcceptPause[:]False
AcceptStop[:]True
Description[:]Provides four management services: Catalog Database Service, which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; Automatic Root Certificate Update Service, which retrieves root certificates from Windows Update and enable scenarios such as SSL; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Cryptographic Services
Started[:]True
StartMode[:]Auto
StartName[:]NT Authority\NetworkService
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k DcomLaunch
Name[:]DcomLaunch
ServiceType[:]Share Process
ProcessId[:]792
AcceptPause[:]False
AcceptStop[:]False
Description[:]The DCOMLAUNCH service launches COM and DCOM servers in response to object activation requests. If this service is stopped or disabled, programs using COM or DCOM will not function properly. It is strongly recommended that you have the DCOMLAUNCH service running.
DisplayName[:]DCOM Server Process Launcher
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k defragsvc
Name[:]defragsvc
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides Disk Defragmentation Capabilities.
DisplayName[:]Disk Defragmenter
Started[:]False
StartMode[:]Manual
StartName[:]localSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Name[:]Dhcp
ServiceType[:]Share Process
ProcessId[:]972
AcceptPause[:]False
AcceptStop[:]True
Description[:]Registers and updates IP addresses and DNS records for this computer. If this service is stopped, this computer will not receive dynamic IP addresses and DNS updates. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]DHCP Client
Started[:]True
StartMode[:]Auto
StartName[:]NT Authority\LocalService
State[:]Running
Status[:]OK
DMAgent.exe||2.0.0.2402||2.0.0.2402||Application||C:\Program Files\Intel\WiMAX\Bin\||399KB (408,576 bytes)||||2010/06/07 17:34:20||2010/06/07 17:34:20||2010/08/11 20:38:40||0||1||0||0||0||0||Wireless WiMAX Red Bend Device Management Service||Red Bend Device Management Service for Intel(R) PROSet/Wireless WiMAX Software||Copyright © 2008 Red Bend Ltd.||61458c120cddfe7514e2db125568ca59||
pathname[:]"C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe"
Name[:]DMAgent
ServiceType[:]Own Process
ProcessId[:]920
AcceptPause[:]False
AcceptStop[:]True
Description[:]Red Bend Device Management Service for Intel® PROSet/Wireless WiMAX Software.
DisplayName[:]Intel® PROSet/Wireless WiMAX Red Bend Device Management Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k NetworkService
Name[:]Dnscache
ServiceType[:]Share Process
ProcessId[:]1152
AcceptPause[:]False
AcceptStop[:]True
Description[:]The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer. If the service is stopped, DNS names will continue to be resolved. However, the results of DNS name queries will not be cached and the computer's name will not be registered. If the service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]DNS Client
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\NetworkService
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Name[:]dot3svc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]The Wired AutoConfig (DOT3SVC) service is responsible for performing IEEE 802.1X authentication on Ethernet interfaces. If your current wired network deployment enforces 802.1X authentication, the DOT3SVC service should be configured to run for establishing Layer 2 connectivity and/or providing access to network resources. Wired networks that do not enforce 802.1X authentication are unaffected by the DOT3SVC service.
DisplayName[:]Wired AutoConfig
Started[:]False
StartMode[:]Manual
StartName[:]localSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
Name[:]DPS
ServiceType[:]Share Process
ProcessId[:]1628
AcceptPause[:]False
AcceptStop[:]True
Description[:]The Diagnostic Policy Service enables problem detection, troubleshooting and resolution for Windows components. If this service is stopped, diagnostics will no longer function.
DisplayName[:]Diagnostic Policy Service
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\LocalService
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k netsvcs
Name[:]EapHost
ServiceType[:]Share Process
ProcessId[:]484
AcceptPause[:]False
AcceptStop[:]True
Description[:]The Extensible Authentication Protocol (EAP) service provides network authentication in such scenarios as 802.1x wired and wireless, VPN, and Network Access Protection (NAP). EAP also provides application programming interfaces (APIs) that are used by network access clients, including wireless and VPN clients, during the authentication process. If you disable this service, this computer is prevented from accessing networks that require EAP authentication.
DisplayName[:]Extensible Authentication Protocol
Started[:]True
StartMode[:]Manual
StartName[:]localSystem
State[:]Running
Status[:]OK
pathname[:]C:\Windows\System32\lsass.exe
Name[:]EFS
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides the core file encryption technology used to store encrypted files on NTFS file system volumes. If this service is stopped or disabled, applications will be unable to access encrypted files.
DisplayName[:]Encrypting File System (EFS)
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
ehrecvr.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\ehome\||680KB (696,320 bytes)||||2010/10/29 17:30:15||2010/08/04 02:05:58||2010/10/29 17:30:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Media Center Receiver Service||© Microsoft Corporation. All rights reserved.||47c071994c3f649f23d9cd075ac9304a||
pathname[:]C:\Windows\ehome\ehRecvr.exe
Name[:]ehRecvr
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Windows Media Center Service for TV and FM broadcast reception
DisplayName[:]Windows Media Center Receiver Service
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\networkService
State[:]Stopped
Status[:]OK
ehsched.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\ehome\||125KB (127,488 bytes)||||2009/07/13 19:24:23||2009/07/13 20:39:09||2009/07/13 19:24:23||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Media Center Scheduler Service||© Microsoft Corporation. All rights reserved.||4705e8ef9934482c5bb488ce28afc681||
pathname[:]C:\Windows\ehome\ehsched.exe
Name[:]ehSched
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Starts and stops recording of TV programs within Windows Media Center
DisplayName[:]Windows Media Center Scheduler Service
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\networkService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Name[:]eventlog
ServiceType[:]Share Process
ProcessId[:]972
AcceptPause[:]False
AcceptStop[:]True
Description[:]This service manages events and event logs. It supports logging events, querying events, subscribing to events, archiving event logs, and managing event metadata. It can display events in both XML and plain text format. Stopping this service may compromise security and reliability of the system.
DisplayName[:]Windows Event Log
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\LocalService
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalService
Name[:]EventSystem
ServiceType[:]Share Process
ProcessId[:]1044
AcceptPause[:]False
AcceptStop[:]True
Description[:]Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]COM+ Event System
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\LocalService
State[:]Running
Status[:]OK
||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0||||||||||
pathname[:]C:\Program Files\Intel\WiFi\bin\EvtEng.exe
Name[:]EvtEng
ServiceType[:]Own Process
ProcessId[:]4732
AcceptPause[:]False
AcceptStop[:]True
Description[:]Manages the event trace messages for all the Intel® PROSet/Wireless Software components.
DisplayName[:]Intel(R) PROSet/Wireless Event Log
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
pathname[:]C:\Windows\system32\fxssvc.exe
Name[:]Fax
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network.
DisplayName[:]Fax
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\NetworkService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalService
Name[:]fdPHost
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]The FDPHOST service hosts the Function Discovery (FD) network discovery providers. These FD providers supply network discovery services for the Simple Services Discovery Protocol (SSDP) and Web Services – Discovery (WS-D) protocol. Stopping or disabling the FDPHOST service will disable network discovery for these protocols when using FD. When this service is unavailable, network services using FD and relying on these discovery protocols will be unable to find network devices or resources.
DisplayName[:]Function Discovery Provider Host
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Name[:]FDResPub
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Publishes this computer and resources attached to this computer so they can be discovered over the network. If this service is stopped, network resources will no longer be published and they will not be discovered by other computers on the network.
DisplayName[:]Function Discovery Resource Publication
Started[:]False
StartMode[:]Auto
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Name[:]FontCache
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Optimizes performance of applications by caching commonly used font data. Applications will start this service if it is not already running. It can be disabled, though doing so will degrade application performance.
DisplayName[:]Windows Font Cache Service
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
PresentationFontCache.exe||3.0.6920.4902 built by: NetFXw7||3.0.6920.4902||Application||C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\||41.8KB (42,840 bytes)||||2009/07/13 20:01:23||2009/06/10 15:30:59||2009/07/13 20:01:23||0||1||0||0||0||0||Microsoft® .NET Framework||PresentationFontCache.exe||© Microsoft Corporation. All rights reserved.||8d89e3131c27fdd6932189cb785e1b7a||
pathname[:]C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
Name[:]FontCache3.0.0.0
ServiceType[:]Own Process
ProcessId[:]2212
AcceptPause[:]False
AcceptStop[:]True
Description[:]Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications.
DisplayName[:]Windows Presentation Foundation Font Cache 3.0.0.0
Started[:]True
StartMode[:]Manual
StartName[:]NT Authority\LocalService
State[:]Running
Status[:]OK
fsssvc.exe||14.0.8052.1208||14.0.8052.1208||Application||C:\Program Files (x86)\Windows Live\Family Safety\||521KB (533,344 bytes)||||2008/12/08 19:01:58||2008/12/08 19:01:58||2010/08/11 20:21:57||0||1||0||0||0||0||Family Safety Service||Family Safety Service||© Microsoft Corporation. All rights reserved.||f6717211c1ec2cddaa81b97b0727c2e9||
pathname[:]"C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe"
Name[:]fsssvc
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]This service enables Family Safety on the computer. If this service is not running, Family Safety will not work.
DisplayName[:]Windows Live Family Safety
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k ftpsvc
Name[:]ftpsvc
ServiceType[:]Share Process
ProcessId[:]1948
AcceptPause[:]True
AcceptStop[:]True
Description[:]Enables this server to be a File Transfer Protocol (FTP) server. If this service is stopped, the server cannot function as an FTP server. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Microsoft FTP Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k netsvcs
Name[:]gpsvc
ServiceType[:]Share Process
ProcessId[:]484
AcceptPause[:]False
AcceptStop[:]True
Description[:]The service is responsible for applying settings configured by administrators for the computer and users through the Group Policy component. If the service is stopped or disabled, the settings will not be applied and applications and components will not be manageable through Group Policy. Any components or applications that depend on the Group Policy component might not be functional if the service is stopped or disabled.
DisplayName[:]Group Policy Client
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Name[:]hidserv
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Human Interface Device Access
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k netsvcs
Name[:]hkmsvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides X.509 certificate and key management services for the Network Access Protection Agent (NAPAgent). Enforcement technologies that use X.509 certificates may not function properly without this service
DisplayName[:]Health Key and Certificate Management
Started[:]False
StartMode[:]Manual
StartName[:]localSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Name[:]HomeGroupProvider
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Performs networking tasks associated with configuration and maintenance of homegroups. If this service is stopped or disabled, your computer will be unable to detect other homegroups and your homegroup might not work properly. It is recommended that you keep this service running.
DisplayName[:]HomeGroup Provider
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
infocard.exe||3.0.4506.4926 (NetFXw7.030729-4900)||3.0.4506.4926||Application||C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\||836KB (856,384 bytes)||||2009/07/13 20:01:52||2009/06/10 15:30:45||2009/07/13 20:01:52||0||1||0||0||0||0||Microsoft® .NET Framework||Windows CardSpace||© Microsoft Corporation. All rights reserved.||2f2be70d3e02b6fa877921ab9516d43c||
pathname[:]"C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"
Name[:]idsvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Securely enables the creation, management, and disclosure of digital identities.
DisplayName[:]Windows CardSpace
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
pathname[:]C:\Windows\system32\inetsrv\inetinfo.exe
Name[:]IISADMIN
ServiceType[:]Share Process
ProcessId[:]1968
AcceptPause[:]False
AcceptStop[:]True
Description[:]Enables this server to administer the IIS metabase. The IIS metabase stores configuration for the SMTP and FTP services. If this service is stopped, the server will be unable to configure SMTP or FTP. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]IIS Admin Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k netsvcs
Name[:]IKEEXT
ServiceType[:]Share Process
ProcessId[:]484
AcceptPause[:]False
AcceptStop[:]True
Description[:]The IKEEXT service hosts the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules. These keying modules are used for authentication and key exchange in Internet Protocol security (IPsec). Stopping or disabling the IKEEXT service will disable IKE and AuthIP key exchange with peer computers. IPsec is typically configured to use IKE or AuthIP; therefore, stopping or disabling the IKEEXT service might result in an IPsec failure and might compromise the security of the system. It is strongly recommended that you have the IKEEXT service running.
DisplayName[:]IKE and AuthIP IPsec Keying Modules
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
i0barsvc.exe||1, 0, 0, 8||2, 3, 0, 0||Application||C:\Program Files (x86)\IObitBar\toolbar\1.bin\||28.1KB (28,766 bytes)||||2010/10/29 19:31:35||2010/10/29 19:31:35||2010/10/29 19:31:35||0||1||0||0||0||0||IObit Toolbar||IObit Toolbar||Copyright © 2009, 2010||9c426fd808ce0489153d8e52a57eb163||
pathname[:]C:\PROGRA~2\IObitBar\toolbar\1.bin\i0barsvc.exe
Name[:]IObitBarService
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]
DisplayName[:]IObit Toolbar Service
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Name[:]IPBusEnum
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]The PnP-X bus enumerator service manages the virtual network bus. It discovers network connected devices using the SSDP/WS discovery protocols and gives them presence in PnP. If this service is stopped or disabled, presence of NCD devices will not be maintained in PnP. All pnpx based scenarios will stop functioning.
DisplayName[:]PnP-X IP Bus Enumerator
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k NetSvcs
Name[:]iphlpsvc
ServiceType[:]Share Process
ProcessId[:]484
AcceptPause[:]False
AcceptStop[:]True
Description[:]Provides tunnel connectivity using IPv6 transition technologies (6to4, ISATAP, Port Proxy, and Teredo), and IP-HTTPS. If this service is stopped, the computer will not have the enhanced connectivity benefits that these technologies offer.
DisplayName[:]IP Helper
Started[:]True
StartMode[:]Disabled
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k ipripsvc
Name[:]iprip
ServiceType[:]Share Process
ProcessId[:]2004
AcceptPause[:]False
AcceptStop[:]True
Description[:]Listens for route updates sent by routers that use the Routing Information Protocol version 1 (RIPv1).
DisplayName[:]RIP Listener
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\LocalService
State[:]Running
Status[:]OK
||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0||||||||||
pathname[:]C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe
Name[:]IS360service
ServiceType[:]Own Process
ProcessId[:]464
AcceptPause[:]False
AcceptStop[:]True
Description[:]IObit Security 360 Service
DisplayName[:]IS360service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
pathname[:]C:\Windows\system32\lsass.exe
Name[:]KeyIso
ServiceType[:]Share Process
ProcessId[:]640
AcceptPause[:]False
AcceptStop[:]True
Description[:]The CNG key isolation service is hosted in the LSA process. The service provides key process isolation to private keys and associated cryptographic operations as required by the Common Criteria. The service stores and uses long-lived keys in a secure process complying with Common Criteria requirements.
DisplayName[:]CNG Key Isolation
Started[:]True
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation
Name[:]KtmRm
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Coordinates transactions between the Distributed Transaction Coordinator (MSDTC) and the Kernel Transaction Manager (KTM). If it is not needed, it is recommended that this service remain stopped. If it is needed, both MSDTC and KTM will start this service automatically. If this service is disabled, any MSDTC transaction interacting with a Kernel Resource Manager will fail and any services that explicitly depend on it will fail to start.
DisplayName[:]KtmRm for Distributed Transaction Coordinator
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\NetworkService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k netsvcs
Name[:]LanmanServer
ServiceType[:]Share Process
ProcessId[:]484
AcceptPause[:]True
AcceptStop[:]True
Description[:]Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Server
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k NetworkService
Name[:]LanmanWorkstation
ServiceType[:]Share Process
ProcessId[:]1152
AcceptPause[:]True
AcceptStop[:]True
Description[:]Creates and maintains client network connections to remote servers using the SMB protocol. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Workstation
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\NetworkService
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalService
Name[:]lltdsvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Creates a Network Map, consisting of PC and device topology (connectivity) information, and metadata describing each PC and device. If this service is disabled, the Network Map will not function properly.
DisplayName[:]Link-Layer Topology Discovery Mapper
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Name[:]lmhosts
ServiceType[:]Share Process
ProcessId[:]972
AcceptPause[:]False
AcceptStop[:]True
Description[:]Provides support for the NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution for clients on the network, therefore enabling users to share files, print, and log on to the network. If this service is stopped, these functions might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]TCP/IP NetBIOS Helper
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\LocalService
State[:]Running
Status[:]OK
||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0||||||||||
pathname[:]C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
Name[:]LMS
ServiceType[:]Own Process
ProcessId[:]2084
AcceptPause[:]False
AcceptStop[:]True
Description[:]Allows applications to access the local Intel(R) Management and Security Application using its locally-available selected network interfaces.
DisplayName[:]Intel(R) Management and Security Application Local Management Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LPDService
Name[:]LPDSVC
ServiceType[:]Share Process
ProcessId[:]2124
AcceptPause[:]True
AcceptStop[:]True
Description[:]Enables client computers to print to the Line Printer Daemon (LPD) service on this server using TCP/IP and the Line Printer Remote (LPR) protocol.
DisplayName[:]LPD Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
lxdiserv.exe||1.69.0.0||1.69.0.0||EXE File||\drivers\x64\3\||32.9KB (33,712 bytes)||||2007/06/11 10:15:00||2007/06/11 10:15:00||2007/06/11 10:15:00||0||1||0||0||0||0||Lexmark Connect||Lexmark Connect Service Executable||Copyright 2006-2007 Lexmark International, Inc. All rights reserved.||baa003617d899996cf282a3d92aee29b||
pathname[:]C:\Windows\system32\spool\DRIVERS\x64\3\\lxdiserv.exe
Name[:]lxdiCATSCustConnectService
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]
DisplayName[:]lxdiCATSCustConnectService
Started[:]False
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
lxdicoms.exe||1.0.27.0||1.0.27.0||Application||C:\Windows\System32\||505KB (517,040 bytes)||||2010/11/01 21:12:19||2007/06/11 10:14:52||2010/11/01 21:12:19||0||1||0||0||0||0||Printer Communication System||Printer Communication System|| ||7b09187a3611480ba6632f4e3c86ddc0||
pathname[:]C:\Windows\system32\lxdicoms.exe -service
Name[:]lxdi_device
ServiceType[:]Own Process
ProcessId[:]2528
AcceptPause[:]True
AcceptStop[:]True
Description[:]
DisplayName[:]lxdi_device
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
mbamservice.exe||1.46.0.0000||1.46.0.0000||Application||C:\Program Files (x86)\Malwarebytes' Anti-Malware\||297KB (304,464 bytes)||||2010/10/29 18:15:42||2010/04/29 15:39:34||2010/10/29 18:15:42||0||1||0||0||0||0||Malwarebytes' Anti-Malware||Malwarebytes' Anti-Malware||© Malwarebytes Corporation. All rights reserved.||47902a906ace88580b08ff58d4c0c205||
pathname[:]"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
Name[:]MBAMService
ServiceType[:]Own Process
ProcessId[:]4196
AcceptPause[:]False
AcceptStop[:]False
Description[:]Malwarebytes' Anti-Malware service
DisplayName[:]MBAMService
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Name[:]Mcx2Svc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Allows Media Center Extenders to locate and connect to the computer.
DisplayName[:]Media Center Extender Service
Started[:]False
StartMode[:]Disabled
StartName[:]NT Authority\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k netsvcs
Name[:]MMCSS
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables relative prioritization of work based on system-wide task priorities. This is intended mainly for multimedia applications. If this service is stopped, individual tasks resort to their default priority.
DisplayName[:]Multimedia Class Scheduler
Started[:]False
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Name[:]MpsSvc
ServiceType[:]Share Process
ProcessId[:]1628
AcceptPause[:]False
AcceptStop[:]True
Description[:]Windows Firewall helps protect your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network.
DisplayName[:]Windows Firewall
Started[:]True
StartMode[:]Auto
StartName[:]NT Authority\LocalService
State[:]Running
Status[:]OK
pathname[:]C:\Windows\System32\msdtc.exe
Name[:]MSDTC
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will fail. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Distributed Transaction Coordinator
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\NetworkService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k netsvcs
Name[:]MSiSCSI
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Manages Internet SCSI (iSCSI) sessions from this computer to remote iSCSI target devices. If this service is stopped, this computer will not be able to login or access iSCSI targets. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Microsoft iSCSI Initiator Service
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
msiexec.exe||5.0.7600.16385 (win7_rtm.090713-1255)||5.0.7600.16385||Application||C:\Windows\System32\||71.5KB (73,216 bytes)||||2009/07/13 18:31:52||2009/07/13 20:14:25||2009/07/13 18:31:52||0||1||0||0||0||0||Windows Installer - Unicode||Windows® installer||© Microsoft Corporation. All rights reserved.||a8492e3929e7b981da541286709c8479||
pathname[:]C:\Windows\system32\msiexec.exe /V
Name[:]msiserver
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Windows Installer
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
pathname[:]C:\Windows\system32\mqsvc.exe
Name[:]MSMQ
ServiceType[:]Own Process
ProcessId[:]2572
AcceptPause[:]False
AcceptStop[:]True
Description[:]Provides a messaging infrastructure and development tool for creating distributed messaging applications for Windows-based networks and programs. If this service is stopped, distributed messages will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Message Queuing
Started[:]True
StartMode[:]Auto
StartName[:]NT Authority\NetworkService
State[:]Running
Status[:]OK
pathname[:]C:\Windows\system32\mqtgsvc.exe
Name[:]MSMQTriggers
ServiceType[:]Own Process
ProcessId[:]4080
AcceptPause[:]True
AcceptStop[:]True
Description[:]Provides rule-based monitoring of messages arriving in a Message Queuing queue and, when the conditions of a rule are satisfied, invokes a COM component or a stand-alone executable program to process the message.
DisplayName[:]Message Queuing Triggers
Started[:]True
StartMode[:]Auto
StartName[:]NT Authority\NetworkService
State[:]Running
Status[:]OK
||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0||||||||||
pathname[:]C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
Name[:]MyWiFiDHCPDNS
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]
DisplayName[:]Wireless PAN DHCP Server
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k NetworkService
Name[:]napagent
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]The Network Access Protection (NAP) agent service collects and manages health information for client computers on a network. Information collected by NAP agent is used to make sure that the client computer has the required software and settings. If a client computer is not compliant with health policy, it can be provided with restricted network access until its configuration is updated. Depending on the configuration of health policy, client computers might be automatically updated so that users quickly regain full network access without having to manually update their computer.
DisplayName[:]Network Access Protection Agent
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\NetworkService
State[:]Stopped
Status[:]OK
pathname[:]C:\Windows\system32\lsass.exe
Name[:]Netlogon
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Maintains a secure channel between this computer and the domain controller for authenticating users and services. If this service is stopped, the computer may not authenticate users and services and the domain controller cannot register DNS records. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Netlogon
Started[:]False
StartMode[:]Disabled
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Name[:]Netman
ServiceType[:]Share Process
ProcessId[:]368
AcceptPause[:]False
AcceptStop[:]True
Description[:]Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
DisplayName[:]Network Connections
Started[:]True
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Running
Status[:]OK
SMSvcHost.exe||3.0.4506.4926 (NetFXw7.030729-4900)||3.0.4506.4926||Application||C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\||114KB (116,560 bytes)||||2009/07/13 20:01:53||2009/06/10 15:30:46||2009/07/13 20:01:53||0||1||0||0||0||0||Microsoft® .NET Framework||SMSvcHost.exe||© Microsoft Corporation. All rights reserved.||3e5a36127e201ddf663176b66828fafe||
pathname[:]"C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" -NetMsmqActivator
Name[:]NetMsmqActivator
ServiceType[:]Share Process
ProcessId[:]2144
AcceptPause[:]True
AcceptStop[:]True
Description[:]Receives activation requests over the net.msmq and msmq.formatname protocols and passes them to the Windows Process Activation Service.
DisplayName[:]Net.Msmq Listener Adapter
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\NetworkService
State[:]Running
Status[:]OK
SMSvcHost.exe||3.0.4506.4926 (NetFXw7.030729-4900)||3.0.4506.4926||Application||C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\||114KB (116,560 bytes)||||2009/07/13 20:01:53||2009/06/10 15:30:46||2009/07/13 20:01:53||0||1||0||0||0||0||Microsoft® .NET Framework||SMSvcHost.exe||© Microsoft Corporation. All rights reserved.||3e5a36127e201ddf663176b66828fafe||
pathname[:]"C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Name[:]NetPipeActivator
ServiceType[:]Share Process
ProcessId[:]2604
AcceptPause[:]True
AcceptStop[:]True
Description[:]Receives activation requests over the net.pipe protocol and passes them to the Windows Process Activation Service.
DisplayName[:]Net.Pipe Listener Adapter
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\LocalService
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalService
Name[:]netprofm
ServiceType[:]Share Process
ProcessId[:]1044
AcceptPause[:]False
AcceptStop[:]True
Description[:]Identifies the networks to which the computer has connected, collects and stores properties for these networks, and notifies applications when these properties change.
DisplayName[:]Network List Service
Started[:]True
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Running
Status[:]OK
SMSvcHost.exe||3.0.4506.4926 (NetFXw7.030729-4900)||3.0.4506.4926||Application||C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\||114KB (116,560 bytes)||||2009/07/13 20:01:53||2009/06/10 15:30:46||2009/07/13 20:01:53||0||1||0||0||0||0||Microsoft® .NET Framework||SMSvcHost.exe||© Microsoft Corporation. All rights reserved.||3e5a36127e201ddf663176b66828fafe||
pathname[:]"C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Name[:]NetTcpActivator
ServiceType[:]Share Process
ProcessId[:]2604
AcceptPause[:]True
AcceptStop[:]True
Description[:]Receives activation requests over the net.tcp protocol and passes them to the Windows Process Activation Service.
DisplayName[:]Net.Tcp Listener Adapter
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\LocalService
State[:]Running
Status[:]OK
SMSvcHost.exe||3.0.4506.4926 (NetFXw7.030729-4900)||3.0.4506.4926||Application||C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\||114KB (116,560 bytes)||||2009/07/13 20:01:53||2009/06/10 15:30:46||2009/07/13 20:01:53||0||1||0||0||0||0||Microsoft® .NET Framework||SMSvcHost.exe||© Microsoft Corporation. All rights reserved.||3e5a36127e201ddf663176b66828fafe||
pathname[:]"C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Name[:]NetTcpPortSharing
ServiceType[:]Share Process
ProcessId[:]2604
AcceptPause[:]True
AcceptStop[:]True
Description[:]Provides ability to share TCP ports over the net.tcp protocol.
DisplayName[:]Net.Tcp Port Sharing Service
Started[:]True
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k NetworkService
Name[:]NlaSvc
ServiceType[:]Share Process
ProcessId[:]1152
AcceptPause[:]False
AcceptStop[:]True
Description[:]Collects and stores configuration information for the network and notifies programs when this information is modified. If this service is stopped, configuration information might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Network Location Awareness
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\NetworkService
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalService
Name[:]nsi
ServiceType[:]Share Process
ProcessId[:]1044
AcceptPause[:]False
AcceptStop[:]True
Description[:]This service delivers network notifications (e.g. interface addition/deleting etc) to user mode clients. Stopping this service will cause loss of network connectivity. If this service is disabled, any other services that explicitly depend on this service will fail to start.
DisplayName[:]Network Store Interface Service
Started[:]True
StartMode[:]Auto
StartName[:]NT Authority\LocalService
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalServicePeerNet
Name[:]p2pimsvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides identity services for the Peer Name Resolution Protocol (PNRP) and Peer-to-Peer Grouping services. If disabled, the Peer Name Resolution Protocol (PNRP) and Peer-to-Peer Grouping services may not function, and some applications, such as HomeGroup and Remote Assistance, may not function correctly.
DisplayName[:]Peer Networking Identity Manager
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalServicePeerNet
Name[:]p2psvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables multi-party communication using Peer-to-Peer Grouping. If disabled, some applications, such as HomeGroup, may not function.
DisplayName[:]Peer Networking Grouping
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Name[:]PcaSvc
ServiceType[:]Share Process
ProcessId[:]368
AcceptPause[:]False
AcceptStop[:]True
Description[:]This service provides support for the Program Compatibility Assistant (PCA). PCA monitors programs installed and run by the user and detects known compatibility problems. If this service is stopped, PCA will not function properly.
DisplayName[:]Program Compatibility Assistant Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
perfhost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\SysWOW64\||20.5KB (20,992 bytes)||||2009/07/13 18:11:01||2009/07/13 20:14:28||2009/07/13 18:11:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||x86 Performance Counter Host||© Microsoft Corporation. All rights reserved.||e495e408c93141e8fc72dc0c6046ddfa||
pathname[:]C:\Windows\SysWow64\perfhost.exe
Name[:]PerfHost
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables remote users and 64-bit processes to query performance counters provided by 32-bit DLLs. If this service is stopped, only local users and 32-bit processes will be able to query performance counters provided by 32-bit DLLs.
DisplayName[:]Performance Counter DLL Host
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
Name[:]pla
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Performance Logs and Alerts Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Performance Logs & Alerts
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k DcomLaunch
Name[:]PlugPlay
ServiceType[:]Share Process
ProcessId[:]792
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
DisplayName[:]Plug and Play
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalServicePeerNet
Name[:]PNRPAutoReg
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]This service publishes a machine name using the Peer Name Resolution Protocol. Configuration is managed via the netsh context 'p2p pnrp peer'
DisplayName[:]PNRP Machine Name Publication Service
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalServicePeerNet
Name[:]PNRPsvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables serverless peer name resolution over the Internet using the Peer Name Resolution Protocol (PNRP). If disabled, some peer-to-peer and collaborative applications, such as Remote Assistance, may not function.
DisplayName[:]Peer Name Resolution Protocol
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
Name[:]PolicyAgent
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool "netsh ipsec". If you stop this service, you may experience network connectivity issues if your policy requires that connections use IPsec. Also,remote management of Windows Firewall is not available when this service is stopped.
DisplayName[:]IPsec Policy Agent
Started[:]False
StartMode[:]Manual
StartName[:]NT Authority\NetworkService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k DcomLaunch
Name[:]Power
ServiceType[:]Share Process
ProcessId[:]792
AcceptPause[:]False
AcceptStop[:]False
Description[:]Manages power policy and power policy notification delivery.
DisplayName[:]Power
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k netsvcs
Name[:]ProfSvc
ServiceType[:]Share Process
ProcessId[:]484
AcceptPause[:]False
AcceptStop[:]True
Description[:]This service is responsible for loading and unloading user profiles. If this service is stopped or disabled, users will no longer be able to successfully logon or logoff, applications may have problems getting to users' data, and components registered to receive profile event notifications will not receive them.
DisplayName[:]User Profile Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
pathname[:]C:\Windows\system32\lsass.exe
Name[:]ProtectedStorage
ServiceType[:]Share Process
ProcessId[:]640
AcceptPause[:]False
AcceptStop[:]True
Description[:]Provides protected storage for sensitive data, such as passwords, to prevent access by unauthorized services, processes, or users.
DisplayName[:]Protected Storage
Started[:]True
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Name[:]QWAVE
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Quality Windows Audio Video Experience (qWave) is a networking platform for Audio Video (AV) streaming applications on IP home networks. qWave enhances AV streaming performance and reliability by ensuring network quality-of-service (QoS) for AV applications. It provides mechanisms for admission control, run time monitoring and enforcement, application feedback, and traffic prioritization.
DisplayName[:]Quality Windows Audio Video Experience
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k netsvcs
Name[:]RasAuto
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
DisplayName[:]Remote Access Auto Connection Manager
Started[:]False
StartMode[:]Manual
StartName[:]localSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k netsvcs
Name[:]RasMan
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Manages dial-up and virtual private network (VPN) connections from this computer to the Internet or other remote networks. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Remote Access Connection Manager
Started[:]False
StartMode[:]Manual
StartName[:]localSystem
State[:]Stopped
Status[:]OK
||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0||||||||||
pathname[:]C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
Name[:]RegSrvc
ServiceType[:]Own Process
ProcessId[:]3056
AcceptPause[:]False
AcceptStop[:]True
Description[:]Provides registry access to all Intel® PROSet/Wireless Software components
DisplayName[:]Intel(R) PROSet/Wireless Registry Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k netsvcs
Name[:]RemoteAccess
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Offers routing services to businesses in local area and wide area network environments.
DisplayName[:]Routing and Remote Access
Started[:]False
StartMode[:]Disabled
StartName[:]localSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k regsvc
Name[:]RemoteRegistry
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Remote Registry
Started[:]False
StartMode[:]Disabled
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k RPCSS
Name[:]RpcEptMapper
ServiceType[:]Share Process
ProcessId[:]880
AcceptPause[:]False
AcceptStop[:]False
Description[:]Resolves RPC interfaces identifiers to transport endpoints. If this service is stopped or disabled, programs using Remote Procedure Call (RPC) services will not function properly.
DisplayName[:]RPC Endpoint Mapper
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\NetworkService
State[:]Running
Status[:]OK
pathname[:]C:\Windows\system32\locator.exe
Name[:]RpcLocator
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]In Windows 2003 and earlier versions of Windows, the Remote Procedure Call (RPC) Locator service manages the RPC name service database. In Windows Vista and later versions of Windows, this service does not provide any functionality and is present for application compatibility.
DisplayName[:]Remote Procedure Call (RPC) Locator
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\NetworkService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k rpcss
Name[:]RpcSs
ServiceType[:]Share Process
ProcessId[:]880
AcceptPause[:]False
AcceptStop[:]False
Description[:]The RPCSS service is the Service Control Manager for COM and DCOM servers. It performs object activations requests, object exporter resolutions and distributed garbage collection for COM and DCOM servers. If this service is stopped or disabled, programs using COM or DCOM will not function properly. It is strongly recommended that you have the RPCSS service running
DisplayName[:]Remote Procedure Call (RPC)
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\NetworkService
State[:]Running
Status[:]OK
pathname[:]C:\Windows\system32\lsass.exe
Name[:]SamSs
ServiceType[:]Share Process
ProcessId[:]640
AcceptPause[:]False
AcceptStop[:]False
Description[:]The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests. Disabling this service will prevent other services in the system from being notified when the SAM is ready, which may in turn cause those services to fail to start correctly. This service should not be disabled.
DisplayName[:]Security Accounts Manager
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Name[:]SCardSvr
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Smart Card
Started[:]False
StartMode[:]Disabled
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k netsvcs
Name[:]Schedule
ServiceType[:]Share Process
ProcessId[:]484
AcceptPause[:]False
AcceptStop[:]True
Description[:]Enables a user to configure and schedule automated tasks on this computer. The service also hosts multiple Windows system-critical tasks. If this service is stopped or disabled, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Task Scheduler
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k netsvcs
Name[:]SCPolicySvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Allows the system to be configured to lock the user desktop upon smart card removal.
DisplayName[:]Smart Card Removal Policy
Started[:]False
StartMode[:]Disabled
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k SDRSVC
Name[:]SDRSVC
ServiceType[:]Own Process
ProcessId[:]3524
AcceptPause[:]False
AcceptStop[:]True
Description[:]Provides Windows Backup and Restore capabilities.
DisplayName[:]Windows Backup
Started[:]True
StartMode[:]Manual
StartName[:]localSystem
State[:]Running
Status[:]OK
SeaPort.exe||1.2.121.0||1.2.121.0||Application||C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\||221KB (226,640 bytes)||||2008/12/04 18:03:00||2008/12/04 18:03:00||2010/08/11 20:21:31||0||1||0||0||0||0||Microsoft Search Enhancement Pack||Microsoft SeaPort Search Enhancement Broker||Copyright © 2008 Microsoft Corp.||58dc20eb15f071804c56fccc796417a2||
pathname[:]"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
Name[:]SeaPort
ServiceType[:]Own Process
ProcessId[:]2104
AcceptPause[:]False
AcceptStop[:]True
Description[:]Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly.
DisplayName[:]SeaPort
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k netsvcs
Name[:]seclogon
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Secondary Logon
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k netsvcs
Name[:]SENS
ServiceType[:]Share Process
ProcessId[:]484
AcceptPause[:]False
AcceptStop[:]True
Description[:]Monitors system events and notifies subscribers to COM+ Event System of these events.
DisplayName[:]System Event Notification Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Name[:]SensrSvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Monitors ambient light sensors to detect changes in ambient light and adjust the display brightness. If this service is stopped or disabled, the display brightness will not adapt to lighting conditions.
DisplayName[:]Adaptive Brightness
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k netsvcs
Name[:]SessionEnv
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Remote Desktop Configuration service (RDCS) is responsible for all Remote Desktop Services and Remote Desktop related configuration and session maintenance activities that require SYSTEM context. These include per-session temporary folders, RD themes, and RD certificates.
DisplayName[:]Remote Desktop Configuration
Started[:]False
StartMode[:]Manual
StartName[:]localSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k netsvcs
Name[:]SharedAccess
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
DisplayName[:]Internet Connection Sharing (ICS)
Started[:]False
StartMode[:]Disabled
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k netsvcs
Name[:]ShellHWDetection
ServiceType[:]Share Process
ProcessId[:]484
AcceptPause[:]False
AcceptStop[:]True
Description[:]Provides notifications for AutoPlay hardware events.
DisplayName[:]Shell Hardware Detection
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
TCPSVCS.EXE||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||9.00KB (9,216 bytes)||||2009/07/13 18:55:14||2009/07/13 20:14:42||2009/07/13 18:55:14||0||1||0||0||0||0||Microsoft® Windows® Operating System||TCP/IP Services Application||© Microsoft Corporation. All rights reserved.||f5aaa8cdda25b6387af590d676d25bad||
pathname[:]C:\Windows\System32\tcpsvcs.exe
Name[:]simptcp
ServiceType[:]Share Process
ProcessId[:]3196
AcceptPause[:]True
AcceptStop[:]True
Description[:]Supports the following TCP/IP services: Character Generator, Daytime, Discard, Echo, and Quote of the Day.
DisplayName[:]Simple TCP/IP Services
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\LocalService
State[:]Running
Status[:]OK
snmp.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||46.5KB (47,616 bytes)||||2009/07/13 18:55:05||2009/07/13 20:14:39||2009/07/13 18:55:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||SNMP Service||© Microsoft Corporation. All rights reserved.||007f394efb7bf80bf9999d9384cc272a||
pathname[:]C:\Windows\System32\snmp.exe
Name[:]SNMP
ServiceType[:]Own Process
ProcessId[:]3304
AcceptPause[:]False
AcceptStop[:]True
Description[:]Enables Simple Network Management Protocol (SNMP) requests to be processed by this computer. If this service is stopped, the computer will be unable to process SNMP requests. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]SNMP Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
pathname[:]C:\Windows\System32\snmptrap.exe
Name[:]SNMPTRAP
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Receives trap messages generated by local or remote Simple Network Management Protocol (SNMP) agents and forwards the messages to SNMP management programs running on this computer. If this service is stopped, SNMP-based programs on this computer will not receive SNMP trap messages. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]SNMP Trap
Started[:]False
StartMode[:]Disabled
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
pathname[:]C:\Windows\System32\spoolsv.exe
Name[:]Spooler
ServiceType[:]Own Process
ProcessId[:]1592
AcceptPause[:]False
AcceptStop[:]True
Description[:]Loads files to memory for later printing
DisplayName[:]Print Spooler
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
pathname[:]C:\Windows\system32\sppsvc.exe
Name[:]sppsvc
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables the download, installation and enforcement of digital licenses for Windows and Windows applications. If the service is disabled, the operating system and licensed applications may run in a notification mode. It is strongly recommended that you not disable the Software Protection service.
DisplayName[:]Software Protection
Started[:]False
StartMode[:]Auto
StartName[:]NT AUTHORITY\NetworkService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalService
Name[:]sppuinotify
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides Software Licensing activation and notification
DisplayName[:]SPP Notification Service
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Name[:]SSDPSRV
ServiceType[:]Share Process
ProcessId[:]5948
AcceptPause[:]False
AcceptStop[:]True
Description[:]Discovers networked devices and services that use the SSDP discovery protocol, such as UPnP devices. Also announces SSDP devices and services running on the local computer. If this service is stopped, SSDP-based devices will not be discovered. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]SSDP Discovery
Started[:]True
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalService
Name[:]SstpSvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides support for the Secure Socket Tunneling Protocol (SSTP) to connect to remote computers using VPN. If this service is disabled, users will not be able to use SSTP to access remote servers.
DisplayName[:]Secure Socket Tunneling Protocol Service
Started[:]False
StartMode[:]Manual
StartName[:]NT Authority\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k imgsvc
Name[:]stisvc
ServiceType[:]Own Process
ProcessId[:]3396
AcceptPause[:]True
AcceptStop[:]True
Description[:]Provides image acquisition services for scanners and cameras
DisplayName[:]Windows Image Acquisition (WIA)
Started[:]True
StartMode[:]Auto
StartName[:]NT Authority\LocalService
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k swprv
Name[:]swprv
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Microsoft Software Shadow Copy Provider
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Name[:]SysMain
ServiceType[:]Share Process
ProcessId[:]368
AcceptPause[:]False
AcceptStop[:]True
Description[:]Maintains and improves system performance over time.
DisplayName[:]Superfetch
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Name[:]TabletInputService
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables Tablet PC pen and ink functionality
DisplayName[:]Tablet PC Input Service
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k NetworkService
Name[:]TapiSrv
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides Telephony API (TAPI) support for programs that control telephony devices on the local computer and, through the LAN, on servers that are also running the service.
DisplayName[:]Telephony
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\NetworkService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
Name[:]TBS
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables access to the Trusted Platform Module (TPM), which provides hardware-based cryptographic services to system components and applications. If this service is stopped or disabled, applications will be unable to use keys protected by the TPM.
DisplayName[:]TPM Base Services
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k NetworkService
Name[:]TermService
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Allows users to connect interactively to a remote computer. Remote Desktop and Remote Desktop Session Host Server depend on this service. To prevent remote use of this computer, clear the checkboxes on the Remote tab of the System properties control panel item.
DisplayName[:]Remote Desktop Services
Started[:]False
StartMode[:]Manual
StartName[:]NT Authority\NetworkService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k netsvcs
Name[:]Themes
ServiceType[:]Share Process
ProcessId[:]484
AcceptPause[:]False
AcceptStop[:]True
Description[:]Provides user experience theme management.
DisplayName[:]Themes
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalService
Name[:]THREADORDER
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides ordered execution for a group of threads within a specific period of time.
DisplayName[:]Thread Ordering Server
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
pathname[:]C:\Windows\System32\tlntsvr.exe
Name[:]TlntSvr
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Telnet
Started[:]False
StartMode[:]Disabled
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Name[:]TrkWks
ServiceType[:]Share Process
ProcessId[:]368
AcceptPause[:]False
AcceptStop[:]True
Description[:]Maintains links between NTFS files within a computer or across computers in a network.
DisplayName[:]Distributed Link Tracking Client
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
TrustedInstaller.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\servicing\||190KB (194,048 bytes)||||2009/07/13 18:35:12||2009/07/13 20:39:48||2009/07/13 18:35:12||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Modules Installer||© Microsoft Corporation. All rights reserved.||840f7fb849f5887a49ba18c13b2da920||
pathname[:]C:\Windows\servicing\TrustedInstaller.exe
Name[:]TrustedInstaller
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables installation, modification, and removal of Windows updates and optional components. If this service is disabled, install or uninstall of Windows updates might fail for this computer.
DisplayName[:]Windows Modules Installer
Started[:]False
StartMode[:]Manual
StartName[:]localSystem
State[:]Stopped
Status[:]OK
TurboBoost.exe||1.0.115.11||1.0.115.11||Application||C:\Program Files\Intel\TurboBoost\||116KB (118,672 bytes)||||2009/08/06 16:17:46||2009/08/06 16:17:46||2010/08/11 20:41:13||0||1||0||0||0||0||Intel(R) Turbo Boost UI||Turbo Boost Monitor Service||Copyright(C) 2009 Intel Corporation. All Rights Reserved.||baef86ebeaece76573fa822dea256f6c||
pathname[:]"C:\Program Files\Intel\TurboBoost\TurboBoost.exe"
Name[:]TurboBoost
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]
DisplayName[:]TurboBoost
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
pathname[:]C:\Windows\system32\UI0Detect.exe
Name[:]UI0Detect
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables user notification of user input for interactive services, which enables access to dialogs created by interactive services when they appear. If this service is stopped, notifications of new interactive service dialogs will no longer function and there might not be access to interactive service dialogs. If this service is disabled, both notifications of and access to new interactive service dialogs will no longer function.
DisplayName[:]Interactive Services Detection
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
UNS.exe||6.0.0.1184||6.0.0.1184||Application||C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\||2.21MB (2,314,240 bytes)||||2010/08/11 20:31:10||2009/09/30 21:34:22||2010/08/11 20:31:10||0||1||0||0||0||0||Intel(R) Management & Security Application User Notification Service||User Notification Service||Copyright © 2006-2009, Intel Corporation. All rights reserved.||41118d920b2b268c0adc36421248cdcf||
pathname[:]"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
Name[:]UNS
ServiceType[:]Own Process
ProcessId[:]5424
AcceptPause[:]False
AcceptStop[:]True
Description[:]Intel(R) Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel(R) Management and Security Application Device.
DisplayName[:]Intel(R) Management & Security Application User Notification Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Name[:]upnphost
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Allows UPnP devices to be hosted on this computer. If this service is stopped, any hosted UPnP devices will stop functioning and no additional hosted devices can be added. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]UPnP Device Host
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Name[:]UxSms
ServiceType[:]Share Process
ProcessId[:]368
AcceptPause[:]False
AcceptStop[:]True
Description[:]Provides Desktop Window Manager startup and maintenance services
DisplayName[:]Desktop Window Manager Session Manager
Started[:]True
StartMode[:]Auto
StartName[:]localSystem
State[:]Running
Status[:]OK
pathname[:]C:\Windows\system32\lsass.exe
Name[:]VaultSvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides secure storage and retrieval of credentials to users, applications and security service packages.
DisplayName[:]Credential Manager
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
pathname[:]C:\Windows\System32\vds.exe
Name[:]vds
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides management services for disks, volumes, file systems, and storage arrays.
DisplayName[:]Virtual Disk
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
pathname[:]C:\Windows\system32\vssvc.exe
Name[:]VSS
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Volume Shadow Copy
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalService
Name[:]W32Time
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Windows Time
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k iissvcs
Name[:]W3SVC
ServiceType[:]Share Process
ProcessId[:]3492
AcceptPause[:]False
AcceptStop[:]True
Description[:]Provides Web connectivity and administration through the Internet Information Services Manager
DisplayName[:]World Wide Web Publishing Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k iissvcs
Name[:]WAS
ServiceType[:]Share Process
ProcessId[:]3492
AcceptPause[:]True
AcceptStop[:]True
Description[:]The Windows Process Activation Service (WAS) provides process activation, resource management and health management services for message-activated applications.
DisplayName[:]Windows Process Activation Service
Started[:]True
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Running
Status[:]OK
pathname[:]C:\Windows\system32\Wat\WatAdminSvc.exe
Name[:]WatAdminSvc
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Performs Windows 7 Validation.
DisplayName[:]Windows Activation Technologies Service
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
pathname[:]"C:\Windows\system32\wbengine.exe"
Name[:]wbengine
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]The WBENGINE service is used by Windows Backup to perform backup and recovery operations. If this service is stopped by a user, it may cause the currently running backup or recovery operation to fail. Disabling this service may disable backup and recovery operations using Windows Backup on this computer.
DisplayName[:]Block Level Backup Engine Service
Started[:]False
StartMode[:]Manual
StartName[:]localSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k WbioSvcGroup
Name[:]WbioSrvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]The Windows biometric service gives client applications the ability to capture, compare, manipulate, and store biometric data without gaining direct access to any biometric hardware or samples. The service is hosted in a privileged SVCHOST process.
DisplayName[:]Windows Biometric Service
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
Name[:]wcncsvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]WCNCSVC hosts the Windows Connect Now Configuration which is Microsoft's Implementation of Wi-Fi Protected Setup (WPS) protocol. This is used to configure Wireless LAN settings for an Access Point (AP) or a Wi-Fi Device. The service is started programmatically as needed.
DisplayName[:]Windows Connect Now - Config Registrar
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k wcssvc
Name[:]WcsPlugInService
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]The WcsPlugInService service hosts third-party Windows Color System color device model and gamut map model plug-in modules. These plug-in modules are vendor-specific extensions to the Windows Color System baseline color device and gamut map models. Stopping or disabling the WcsPlugInService service will disable this extensibility feature, and the Windows Color System will use its baseline model processing rather than the vendor's desired processing. This might result in inaccurate color rendering.
DisplayName[:]Windows Color System
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalService
Name[:]WdiServiceHost
ServiceType[:]Share Process
ProcessId[:]1044
AcceptPause[:]False
AcceptStop[:]True
Description[:]The Diagnostic Service Host is used by the Diagnostic Policy Service to host diagnostics that need to run in a Local Service context. If this service is stopped, any diagnostics that depend on it will no longer function.
DisplayName[:]Diagnostic Service Host
Started[:]True
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Name[:]WdiSystemHost
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]The Diagnostic System Host is used by the Diagnostic Policy Service to host diagnostics that need to run in a Local System context. If this service is stopped, any diagnostics that depend on it will no longer function.
DisplayName[:]Diagnostic System Host
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalService
Name[:]WebClient
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]WebClient
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k NetworkService
Name[:]Wecsvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]This service manages persistent subscriptions to events from remote sources that support WS-Management protocol. This includes Windows Vista event logs, hardware and IPMI-enabled event sources. The service stores forwarded events in a local Event Log. If this service is stopped or disabled event subscriptions cannot be created and forwarded events cannot be accepted.
DisplayName[:]Windows Event Collector
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\NetworkService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k netsvcs
Name[:]wercplsupport
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]This service provides support for viewing, sending and deletion of system-level problem reports for the Problem Reports and Solutions control panel.
DisplayName[:]Problem Reports and Solutions Control Panel Support
Started[:]False
StartMode[:]Manual
StartName[:]localSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k WerSvcGroup
Name[:]WerSvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Allows errors to be reported when programs stop working or responding and allows existing solutions to be delivered. Also allows logs to be generated for diagnostic and repair services. If this service is stopped, error reporting might not work correctly and results of diagnostic services and repairs might not be displayed.
DisplayName[:]Windows Error Reporting Service
Started[:]False
StartMode[:]Auto
StartName[:]localSystem
State[:]Stopped
Status[:]OK
AppSrv.exe||5, 30, 1007, 0||5, 30, 1007, 0||Application||C:\Program Files\Intel\WiMAX\Bin\||891KB (911,872 bytes)||||2010/06/07 17:39:40||2010/06/07 17:39:40||2010/08/11 20:38:40||0||1||0||0||0||0||Intel(R) PROSet/Wireless WiMAX Service||WiMAX SDK service for Intel(R) PROSet/Wireless WiMAX Software||Copyright (C) 2007||8686e96e13f41ac9806a79ca8004feee||
pathname[:]"C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe"
Name[:]WiMAXAppSrv
ServiceType[:]Own Process
ProcessId[:]3596
AcceptPause[:]False
AcceptStop[:]True
Description[:]WiMAX SDK Service for Intel® PROSet/Wireless WiMAX Software
DisplayName[:]Intel® PROSet/Wireless WiMAX Service
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k secsvcs
Name[:]WinDefend
ServiceType[:]Share Process
ProcessId[:]1648
AcceptPause[:]False
AcceptStop[:]True
Description[:]Protection against spyware and potentially unwanted software
DisplayName[:]Windows Defender
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalService
Name[:]WinHttpAutoProxySvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]WinHTTP implements the client HTTP stack and provides developers with a Win32 API and COM Automation component for sending HTTP requests and receiving responses. In addition, WinHTTP provides support for auto-discovering a proxy configuration via its implementation of the Web Proxy Auto-Discovery (WPAD) protocol.
DisplayName[:]WinHTTP Web Proxy Auto-Discovery Service
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k netsvcs
Name[:]Winmgmt
ServiceType[:]Share Process
ProcessId[:]484
AcceptPause[:]True
AcceptStop[:]True
Description[:]Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
DisplayName[:]Windows Management Instrumentation
Started[:]True
StartMode[:]Auto
StartName[:]localSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k NetworkService
Name[:]WinRM
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Windows Remote Management (WinRM) service implements the WS-Management protocol for remote management. WS-Management is a standard web services protocol used for remote software and hardware management. The WinRM service listens on the network for WS-Management requests and processes them. The WinRM Service needs to be configured with a listener using winrm.cmd command line tool or through Group Policy in order for it to listen over the network. The WinRM service provides access to WMI data and enables event collection. Event collection and subscription to events require that the service is running. WinRM messages use HTTP and HTTPS as transports. The WinRM service does not depend on IIS but is preconfigured to share a port with IIS on the same machine. The WinRM service reserves the /wsman URL prefix. To prevent conflicts with IIS, administrators should ensure that any websites hosted on IIS do not use the /wsman URL prefix.
DisplayName[:]Windows Remote Management (WS-Management)
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\NetworkService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Name[:]Wlansvc
ServiceType[:]Share Process
ProcessId[:]368
AcceptPause[:]False
AcceptStop[:]True
Description[:]The WLANSVC service provides the logic required to configure, discover, connect to, and disconnect from a wireless local area network (WLAN) as defined by IEEE 802.11 standards. It also contains the logic to turn your computer into a software access point so that other devices or computers can connect to your computer wirelessly using a WLAN adapter that can support this. Stopping or disabling the WLANSVC service will make all WLAN adapters on your computer inaccessible from the Windows networking UI. It is strongly recommended that you have the WLANSVC service running if your computer has a WLAN adapter.
DisplayName[:]WLAN AutoConfig
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
pathname[:]C:\Windows\system32\wbem\WmiApSrv.exe
Name[:]wmiApSrv
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Provides performance library information from Windows Management Instrumentation (WMI) providers to clients on the network. This service only runs when Performance Data Helper is activated.
DisplayName[:]WMI Performance Adapter
Started[:]False
StartMode[:]Manual
StartName[:]localSystem
State[:]Stopped
Status[:]OK
wmpnetwk.exe||12.0.7600.16385 (win7_rtm.090713-1255)||12.0.7600.16385||Application||C:\Program Files\Windows Media Player\||1.45MB (1,525,248 bytes)||||2009/07/13 19:24:40||2009/07/13 20:39:56||2009/07/13 19:24:40||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Media Player Network Sharing Service||© Microsoft Corporation. All rights reserved.||9bf014c20f91d97055532f2f5496e7bd||
pathname[:]"C:\Program Files\Windows Media Player\wmpnetwk.exe"
Name[:]WMPNetworkSvc
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play
DisplayName[:]Windows Media Player Network Sharing Service
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\NetworkService
State[:]Stopped
Status[:]OK
pathname[:]C:\Windows\system32\inetsrv\wmsvc.exe
Name[:]WMSVC
ServiceType[:]Own Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]The Web Management Service enables remote and delegated management capabilities for administrators to manage for the Web server, sites and applications present on this machine.
DisplayName[:]Web Management Service
Started[:]False
StartMode[:]Manual
StartName[:]NT AUTHORITY\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Name[:]WPCSvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]This service is a stub for Windows Parental Control functionality that existed in Vista. It is provided for backward compatibility only.
DisplayName[:]Parental Controls
Started[:]False
StartMode[:]Manual
StartName[:]NT Authority\LocalService
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Name[:]WPDBusEnum
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]Enforces group policy for removable mass-storage devices. Enables applications such as Windows Media Player and Image Import Wizard to transfer and synchronize content using removable mass-storage devices.
DisplayName[:]Portable Device Enumerator Service
Started[:]False
StartMode[:]Manual
StartName[:]LocalSystem
State[:]Stopped
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Name[:]wscsvc
ServiceType[:]Share Process
ProcessId[:]972
AcceptPause[:]False
AcceptStop[:]True
Description[:]The WSCSVC (Windows Security Center) service monitors and reports security health settings on the computer. The health settings include firewall (on/off), antivirus (on/off/out of date), antispyware (on/off/out of date), Windows Update (automatically/manually download and install updates), User Account Control (on/off), and Internet settings (recommended/not recommended). The service provides COM APIs for independent software vendors to register and record the state of their products to the Security Center service. The Action Center (AC) UI uses the service to provide systray alerts and a graphical view of the security health states in the AC control panel. Network Access Protection (NAP) uses the service to report the security health states of clients to the NAP Network Policy Server to make network quarantine decisions. The service also has a public API that allows external consumers to programmatically retrieve the aggregated security health state of the system.
DisplayName[:]Security Center
Started[:]True
StartMode[:]Auto
StartName[:]NT AUTHORITY\LocalService
State[:]Running
Status[:]OK
SearchIndexer.exe||7.00.7600.16385 (win7_rtm.090713-1255)||7.00.7600.16385||Application||C:\Windows\System32\||418KB (428,032 bytes)||||2009/07/13 19:14:13||2009/07/13 20:14:35||2009/07/13 19:14:13||0||1||0||0||0||0||Windows® Search||Microsoft Windows Search Indexer||© Microsoft Corporation. All rights reserved.||622d95520182f6d3d05310d5810ca8b3||
pathname[:]C:\Windows\system32\SearchIndexer.exe /Embedding
Name[:]WSearch
ServiceType[:]Own Process
ProcessId[:]4288
AcceptPause[:]False
AcceptStop[:]True
Description[:]Provides content indexing, property caching, and search results for files, e-mail, and other content.
DisplayName[:]Windows Search
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k netsvcs
Name[:]wuauserv
ServiceType[:]Share Process
ProcessId[:]484
AcceptPause[:]False
AcceptStop[:]True
Description[:]Enables the detection, download, and installation of updates for Windows and other programs. If this service is disabled, users of this computer will not be able to use Windows Update or its automatic updating feature, and programs will not be able to use the Windows Update Agent (WUA) API.
DisplayName[:]Windows Update
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Name[:]wudfsvc
ServiceType[:]Share Process
ProcessId[:]368
AcceptPause[:]False
AcceptStop[:]False
Description[:]Manages user-mode driver host processes.
DisplayName[:]Windows Driver Foundation - User-mode Driver Framework
Started[:]True
StartMode[:]Auto
StartName[:]LocalSystem
State[:]Running
Status[:]OK
svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866||
pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Name[:]WwanSvc
ServiceType[:]Share Process
ProcessId[:]0
AcceptPause[:]False
AcceptStop[:]False
Description[:]This service manages mobile broadband (GSM & CDMA) data card/embedded module adapters and connections by auto-configuring the networks. It is strongly recommended that this service be kept running for best user experience of mobile broadband devices.
DisplayName[:]WWAN AutoConfig
Started[:]False
StartMode[:]Manual
StartName[:]NT Authority\LocalService
State[:]Stopped
Status[:]OK
Name[:]Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Availability[:]3
AdapterType[:]Ethernet 802.3
ConfigManagerErrorCode[:]0
Installed[:]True
MACAddress[:]20:CF:30:35:6A:FA
Manufacturer[:]Atheros
NetConnectionID[:]Local Area Connection
NetConnectionStatus[:]2
Speed[:]100000000
Status[:]
TimeOfLastReset[:]20101102014546.109999-300
DefaultIPGateway[:]24.100.104.1
DHCPEnabled[:]True
DHCPLeaseExpires[:]20101103023610.000000-300
DHCPLeaseObtained[:]20101102023610.000000-300
DHCPServer[:]209.55.0.135
DNSDomain[:]
DNSDomainSuffixSearchOrder[:]
Name[:]Microsoft ISATAP Adapter
Availability[:]3
AdapterType[:]Tunnel
ConfigManagerErrorCode[:]0
Installed[:]True
MACAddress[:]
Manufacturer[:]Microsoft
NetConnectionID[:]
NetConnectionStatus[:]
Speed[:]100000
Status[:]
TimeOfLastReset[:]20101102014546.109999-300
DefaultIPGateway[:]
DHCPEnabled[:]False
DHCPLeaseExpires[:]
DHCPLeaseObtained[:]
DHCPServer[:]
DNSDomain[:]
DNSDomainSuffixSearchOrder[:]
DNSEnabledForWINSResolution[:]
DNSHostName[:]
DNSServerSearchOrder[:]
DomainDNSRegistrationEnabled[:]
IPAddress[:]
IPConnectionMetric[:]
IPEnabled[:]False
IPFilterSecurityEnabled[:]
IPPortSecurityEnabled[:]
IPSecPermitIPProtocols[:]
IPSecPermitTCPPorts[:]
IPSecPermitUDPPorts[:]
IPSubnet[:]
IPUseZeroBroadcast[:]
IPXAddress[:]
IPXEnabled[:]
IPXFrameType[:]
IPXMediaType[:]
IPXNetworkNumber[:]
IPXVirtualNetNumber[:]
KeepAliveInterval[:]
KeepAliveTime[:]
MACAddress[:]
MTU[:]
NumForwardPackets[:]
PMTUBHDetectEnabled[:]
PMTUDiscoveryEnabled[:]
TcpipNetbiosOptions[:]
TcpMaxConnectRetransmissions[:]
TcpMaxDataRetransmissions[:]
TcpNumConnections[:]
TcpUseRFC1122UrgentPointer[:]
TcpWindowSize[:]
WINSEnableLMHostsLookup[:]
WINSHostLookupFile[:]
WINSPrimaryServer[:]
WINSScopeID[:]
WINSSecondaryServer[:]
Name[:]Intel(R) Centrino(R) Advanced-N 6250 AGN
Availability[:]3
AdapterType[:]Ethernet 802.3
ConfigManagerErrorCode[:]0
Installed[:]True
MACAddress[:]00:23:15:1C:F5:44
Manufacturer[:]Intel Corporation
NetConnectionID[:]Wireless Network Connection
NetConnectionStatus[:]7
Speed[:]54000000
Status[:]
TimeOfLastReset[:]20101102014546.109999-300
DefaultIPGateway[:]
DHCPEnabled[:]True
DHCPLeaseExpires[:]
DHCPLeaseObtained[:]
DHCPServer[:]
DNSDomain[:]
DNSDomainSuffixSearchOrder[:]
DNSEnabledForWINSResolution[:]
DNSHostName[:]
DNSServerSearchOrder[:]
DomainDNSRegistrationEnabled[:]
IPAddress[:]
IPConnectionMetric[:]
IPEnabled[:]False
IPFilterSecurityEnabled[:]
IPPortSecurityEnabled[:]
IPSecPermitIPProtocols[:]
IPSecPermitTCPPorts[:]
IPSecPermitUDPPorts[:]
IPSubnet[:]
IPUseZeroBroadcast[:]
IPXAddress[:]
IPXEnabled[:]
IPXFrameType[:]
IPXMediaType[:]
IPXNetworkNumber[:]
IPXVirtualNetNumber[:]
KeepAliveInterval[:]
KeepAliveTime[:]
MACAddress[:]00:23:15:1C:F5:44
MTU[:]
NumForwardPackets[:]
PMTUBHDetectEnabled[:]
PMTUDiscoveryEnabled[:]
TcpipNetbiosOptions[:]
TcpMaxConnectRetransmissions[:]
TcpMaxDataRetransmissions[:]
TcpNumConnections[:]
TcpUseRFC1122UrgentPointer[:]
TcpWindowSize[:]
WINSEnableLMHostsLookup[:]
WINSHostLookupFile[:]
WINSPrimaryServer[:]
WINSScopeID[:]
WINSSecondaryServer[:]
Name[:]Microsoft 6to4 Adapter #2
Availability[:]3
AdapterType[:]Tunnel
ConfigManagerErrorCode[:]0
Installed[:]True
MACAddress[:]
Manufacturer[:]Microsoft
NetConnectionID[:]
NetConnectionStatus[:]
Speed[:]30000000
Status[:]
TimeOfLastReset[:]20101102014546.109999-300
DefaultIPGateway[:]
DHCPEnabled[:]False
DHCPLeaseExpires[:]
DHCPLeaseObtained[:]
DHCPServer[:]
DNSDomain[:]
DNSDomainSuffixSearchOrder[:]
DNSEnabledForWINSResolution[:]
DNSHostName[:]
DNSServerSearchOrder[:]
DomainDNSRegistrationEnabled[:]
IPAddress[:]
IPConnectionMetric[:]
IPEnabled[:]False
IPFilterSecurityEnabled[:]
IPPortSecurityEnabled[:]
IPSecPermitIPProtocols[:]
IPSecPermitTCPPorts[:]
IPSecPermitUDPPorts[:]
IPSubnet[:]
IPUseZeroBroadcast[:]
IPXAddress[:]
IPXEnabled[:]
IPXFrameType[:]
IPXMediaType[:]
IPXNetworkNumber[:]
IPXVirtualNetNumber[:]
KeepAliveInterval[:]
KeepAliveTime[:]
MACAddress[:]
MTU[:]
NumForwardPackets[:]
PMTUBHDetectEnabled[:]
PMTUDiscoveryEnabled[:]
TcpipNetbiosOptions[:]
TcpMaxConnectRetransmissions[:]
TcpMaxDataRetransmissions[:]
TcpNumConnections[:]
TcpUseRFC1122UrgentPointer[:]
TcpWindowSize[:]
WINSEnableLMHostsLookup[:]
WINSHostLookupFile[:]
WINSPrimaryServer[:]
WINSScopeID[:]
WINSSecondaryServer[:]
Name[:]Microsoft Virtual WiFi Miniport Adapter
Availability[:]3
AdapterType[:]Ethernet 802.3
ConfigManagerErrorCode[:]0
Installed[:]True
MACAddress[:]00:23:15:1C:F5:45
Manufacturer[:]Microsoft
NetConnectionID[:]Wireless Network Connection 2
NetConnectionStatus[:]7
Speed[:]9223372036854775807
Status[:]
TimeOfLastReset[:]20101102014546.109999-300
DefaultIPGateway[:]
DHCPEnabled[:]True
DHCPLeaseExpires[:]
DHCPLeaseObtained[:]
DHCPServer[:]
DNSDomain[:]
DNSDomainSuffixSearchOrder[:]
DNSEnabledForWINSResolution[:]
DNSHostName[:]
DNSServerSearchOrder[:]
DomainDNSRegistrationEnabled[:]
IPAddress[:]
IPConnectionMetric[:]
IPEnabled[:]False
IPFilterSecurityEnabled[:]
IPPortSecurityEnabled[:]
IPSecPermitIPProtocols[:]
IPSecPermitTCPPorts[:]
IPSecPermitUDPPorts[:]
IPSubnet[:]
IPUseZeroBroadcast[:]
IPXAddress[:]
IPXEnabled[:]
IPXFrameType[:]
IPXMediaType[:]
IPXNetworkNumber[:]
IPXVirtualNetNumber[:]
KeepAliveInterval[:]
KeepAliveTime[:]
MACAddress[:]00:23:15:1C:F5:45
MTU[:]
NumForwardPackets[:]
PMTUBHDetectEnabled[:]
PMTUDiscoveryEnabled[:]
TcpipNetbiosOptions[:]
TcpMaxConnectRetransmissions[:]
TcpMaxDataRetransmissions[:]
TcpNumConnections[:]
TcpUseRFC1122UrgentPointer[:]
TcpWindowSize[:]
WINSEnableLMHostsLookup[:]
WINSHostLookupFile[:]
WINSPrimaryServer[:]
WINSScopeID[:]
WINSSecondaryServer[:]
Name[:]Microsoft ISATAP Adapter #2
Availability[:]3
AdapterType[:]Tunnel
ConfigManagerErrorCode[:]0
Installed[:]True
MACAddress[:]
Manufacturer[:]Microsoft
NetConnectionID[:]
NetConnectionStatus[:]
Speed[:]100000
Status[:]
TimeOfLastReset[:]20101102014546.109999-300
DefaultIPGateway[:]
DHCPEnabled[:]False
DHCPLeaseExpires[:]
DHCPLeaseObtained[:]
DHCPServer[:]
DNSDomain[:]
DNSDomainSuffixSearchOrder[:]
DNSEnabledForWINSResolution[:]
DNSHostName[:]
DNSServerSearchOrder[:]
DomainDNSRegistrationEnabled[:]
IPAddress[:]
IPConnectionMetric[:]
IPEnabled[:]False
IPFilterSecurityEnabled[:]
IPPortSecurityEnabled[:]
IPSecPermitIPProtocols[:]
IPSecPermitTCPPorts[:]
IPSecPermitUDPPorts[:]
IPSubnet[:]
IPUseZeroBroadcast[:]
IPXAddress[:]
IPXEnabled[:]
IPXFrameType[:]
IPXMediaType[:]
IPXNetworkNumber[:]
IPXVirtualNetNumber[:]
KeepAliveInterval[:]
KeepAliveTime[:]
MACAddress[:]
MTU[:]
NumForwardPackets[:]
PMTUBHDetectEnabled[:]
PMTUDiscoveryEnabled[:]
TcpipNetbiosOptions[:]
TcpMaxConnectRetransmissions[:]
TcpMaxDataRetransmissions[:]
TcpNumConnections[:]
TcpUseRFC1122UrgentPointer[:]
TcpWindowSize[:]
WINSEnableLMHostsLookup[:]
WINSHostLookupFile[:]
WINSPrimaryServer[:]
WINSScopeID[:]
WINSSecondaryServer[:]
Name[:]Microsoft Virtual WiFi Miniport Adapter #2
Availability[:]3
AdapterType[:]Ethernet 802.3
ConfigManagerErrorCode[:]0
Installed[:]True
MACAddress[:]00:23:15:1C:F5:45
Manufacturer[:]Microsoft
NetConnectionID[:]Wireless Network Connection 3
NetConnectionStatus[:]7
Speed[:]9223372036854775807
Status[:]
TimeOfLastReset[:]20101102014546.109999-300
DefaultIPGateway[:]
DHCPEnabled[:]True
DHCPLeaseExpires[:]
DHCPLeaseObtained[:]
DHCPServer[:]
DNSDomain[:]
DNSDomainSuffixSearchOrder[:]
DNSEnabledForWINSResolution[:]
DNSHostName[:]
DNSServerSearchOrder[:]
DomainDNSRegistrationEnabled[:]
IPAddress[:]
IPConnectionMetric[:]
IPEnabled[:]False
IPFilterSecurityEnabled[:]
IPPortSecurityEnabled[:]
IPSecPermitIPProtocols[:]
IPSecPermitTCPPorts[:]
IPSecPermitUDPPorts[:]
IPSubnet[:]
IPUseZeroBroadcast[:]
IPXAddress[:]
IPXEnabled[:]
IPXFrameType[:]
IPXMediaType[:]
IPXNetworkNumber[:]
IPXVirtualNetNumber[:]
KeepAliveInterval[:]
KeepAliveTime[:]
MACAddress[:]00:23:15:1C:F5:45
MTU[:]
NumForwardPackets[:]
PMTUBHDetectEnabled[:]
PMTUDiscoveryEnabled[:]
TcpipNetbiosOptions[:]
TcpMaxConnectRetransmissions[:]
TcpMaxDataRetransmissions[:]
TcpNumConnections[:]
TcpUseRFC1122UrgentPointer[:]
TcpWindowSize[:]
WINSEnableLMHostsLookup[:]
WINSHostLookupFile[:]
WINSPrimaryServer[:]
WINSScopeID[:]
WINSSecondaryServer[:]
Name[:]Microsoft 6to4 Adapter
Availability[:]3
AdapterType[:]Tunnel
ConfigManagerErrorCode[:]0
Installed[:]True
MACAddress[:]
Manufacturer[:]Microsoft
NetConnectionID[:]
NetConnectionStatus[:]
Speed[:]100000
Status[:]
TimeOfLastReset[:]20101102014546.109999-300
DefaultIPGateway[:]
DHCPEnabled[:]False
DHCPLeaseExpires[:]
DHCPLeaseObtained[:]
DHCPServer[:]
DNSDomain[:]
DNSDomainSuffixSearchOrder[:]
DNSEnabledForWINSResolution[:]
DNSHostName[:]
DNSServerSearchOrder[:]
DomainDNSRegistrationEnabled[:]
IPAddress[:]
IPConnectionMetric[:]
IPEnabled[:]False
IPFilterSecurityEnabled[:]
IPPortSecurityEnabled[:]
IPSecPermitIPProtocols[:]
IPSecPermitTCPPorts[:]
IPSecPermitUDPPorts[:]
IPSubnet[:]
IPUseZeroBroadcast[:]
IPXAddress[:]
IPXEnabled[:]
IPXFrameType[:]
IPXMediaType[:]
IPXNetworkNumber[:]
IPXVirtualNetNumber[:]
KeepAliveInterval[:]
KeepAliveTime[:]
MACAddress[:]
MTU[:]
NumForwardPackets[:]
PMTUBHDetectEnabled[:]
PMTUDiscoveryEnabled[:]
TcpipNetbiosOptions[:]
TcpMaxConnectRetransmissions[:]
TcpMaxDataRetransmissions[:]
TcpNumConnections[:]
TcpUseRFC1122UrgentPointer[:]
TcpWindowSize[:]
WINSEnableLMHostsLookup[:]
WINSHostLookupFile[:]
WINSPrimaryServer[:]
WINSScopeID[:]
WINSSecondaryServer[:]
Name[:]Intel(R) Centrino(R) WiMAX 6250
Availability[:]3
AdapterType[:]Ethernet 802.3
ConfigManagerErrorCode[:]0
Installed[:]True
MACAddress[:]64:D4:DA:00:F4:F0
Manufacturer[:]Intel Corporation
NetConnectionID[:]Local Area Connection 2
NetConnectionStatus[:]7
Speed[:]0
Status[:]
TimeOfLastReset[:]20101102014546.109999-300
DefaultIPGateway[:]
DHCPEnabled[:]True
DHCPLeaseExpires[:]
DHCPLeaseObtained[:]
DHCPServer[:]
DNSDomain[:]
DNSDomainSuffixSearchOrder[:]
DNSEnabledForWINSResolution[:]
DNSHostName[:]
DNSServerSearchOrder[:]
DomainDNSRegistrationEnabled[:]
IPAddress[:]
IPConnectionMetric[:]
IPEnabled[:]False
IPFilterSecurityEnabled[:]
IPPortSecurityEnabled[:]
IPSecPermitIPProtocols[:]
IPSecPermitTCPPorts[:]
IPSecPermitUDPPorts[:]
IPSubnet[:]
IPUseZeroBroadcast[:]
IPXAddress[:]
IPXEnabled[:]
IPXFrameType[:]
IPXMediaType[:]
IPXNetworkNumber[:]
IPXVirtualNetNumber[:]
KeepAliveInterval[:]
KeepAliveTime[:]
MACAddress[:]64:D4:DA:00:F4:F0
MTU[:]
NumForwardPackets[:]
PMTUBHDetectEnabled[:]
PMTUDiscoveryEnabled[:]
TcpipNetbiosOptions[:]
TcpMaxConnectRetransmissions[:]
TcpMaxDataRetransmissions[:]
TcpNumConnections[:]
TcpUseRFC1122UrgentPointer[:]
TcpWindowSize[:]
WINSEnableLMHostsLookup[:]
WINSHostLookupFile[:]
WINSPrimaryServer[:]
WINSScopeID[:]
WINSSecondaryServer[:]
Name[:]Teredo Tunneling Pseudo-Interface
Availability[:]3
AdapterType[:]Tunnel
ConfigManagerErrorCode[:]0
Installed[:]True
MACAddress[:]
Manufacturer[:]Microsoft
NetConnectionID[:]
NetConnectionStatus[:]
Speed[:]100000
Status[:]
TimeOfLastReset[:]20101102014546.109999-300
DefaultIPGateway[:]
DHCPEnabled[:]False
DHCPLeaseExpires[:]
DHCPLeaseObtained[:]
DHCPServer[:]
DNSDomain[:]
DNSDomainSuffixSearchOrder[:]
DNSEnabledForWINSResolution[:]
DNSHostName[:]
DNSServerSearchOrder[:]
DomainDNSRegistrationEnabled[:]
IPAddress[:]
IPConnectionMetric[:]
IPEnabled[:]False
IPFilterSecurityEnabled[:]
IPPortSecurityEnabled[:]
IPSecPermitIPProtocols[:]
IPSecPermitTCPPorts[:]
IPSecPermitUDPPorts[:]
IPSubnet[:]
IPUseZeroBroadcast[:]
IPXAddress[:]
IPXEnabled[:]
IPXFrameType[:]
IPXMediaType[:]
IPXNetworkNumber[:]
IPXVirtualNetNumber[:]
KeepAliveInterval[:]
KeepAliveTime[:]
MACAddress[:]
MTU[:]
NumForwardPackets[:]
PMTUBHDetectEnabled[:]
PMTUDiscoveryEnabled[:]
TcpipNetbiosOptions[:]
TcpMaxConnectRetransmissions[:]
TcpMaxDataRetransmissions[:]
TcpNumConnections[:]
TcpUseRFC1122UrgentPointer[:]
TcpWindowSize[:]
WINSEnableLMHostsLookup[:]
WINSHostLookupFile[:]
WINSPrimaryServer[:]
WINSScopeID[:]
WINSSecondaryServer[:]
AcceptPause[:]False
AcceptStop[:]False
Caption[:]1394 OHCI Compliant Host Controller
Description[:]1394 OHCI Compliant Host Controller
Name[:]1394ohci
pathname[:]C:\Windows\system32\DRIVERS\1394ohci.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Microsoft ACPI Driver
Description[:]Microsoft ACPI Driver
Name[:]ACPI
pathname[:]C:\Windows\system32\DRIVERS\ACPI.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]ACPI Power Meter Driver
Description[:]ACPI Power Meter Driver
Name[:]AcpiPmi
pathname[:]C:\Windows\system32\DRIVERS\acpipmi.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]adp94xx
Description[:]adp94xx
Name[:]adp94xx
pathname[:]C:\Windows\system32\DRIVERS\adp94xx.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]adpahci
Description[:]adpahci
Name[:]adpahci
pathname[:]C:\Windows\system32\DRIVERS\adpahci.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]adpu320
Description[:]adpu320
Name[:]adpu320
pathname[:]C:\Windows\system32\DRIVERS\adpu320.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Ancillary Function Driver for Winsock
Description[:]Ancillary Function Driver for Winsock
Name[:]AFD
pathname[:]C:\Windows\system32\drivers\afd.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Intel AGP Bus Filter
Description[:]Intel AGP Bus Filter
Name[:]agp440
pathname[:]C:\Windows\system32\DRIVERS\agp440.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]aliide
Description[:]aliide
Name[:]aliide
pathname[:]C:\Windows\system32\DRIVERS\aliide.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]amdide
Description[:]amdide
Name[:]amdide
pathname[:]C:\Windows\system32\DRIVERS\amdide.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]AMD K8 Processor Driver
Description[:]AMD K8 Processor Driver
Name[:]AmdK8
pathname[:]C:\Windows\system32\DRIVERS\amdk8.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]AMD Processor Driver
Description[:]AMD Processor Driver
Name[:]AmdPPM
pathname[:]C:\Windows\system32\DRIVERS\amdppm.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]amdsata
Description[:]amdsata
Name[:]amdsata
pathname[:]C:\Windows\system32\DRIVERS\amdsata.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]amdsbs
Description[:]amdsbs
Name[:]amdsbs
pathname[:]C:\Windows\system32\DRIVERS\amdsbs.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]amdxata
Description[:]amdxata
Name[:]amdxata
pathname[:]C:\Windows\system32\DRIVERS\amdxata.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]AppID Driver
Description[:]AppID Driver
Name[:]AppID
pathname[:]C:\Windows\system32\drivers\appid.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]arc
Description[:]arc
Name[:]arc
pathname[:]C:\Windows\system32\DRIVERS\arc.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]arcsas
Description[:]arcsas
Name[:]arcsas
pathname[:]C:\Windows\system32\DRIVERS\arcsas.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]ASMMAP64
Description[:]ASMMAP64
Name[:]ASMMAP64
pathname[:]\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Auto
State[:]Running
Status[:]OK
ASMMAP64.sys||1, 0, 9, 1||1, 0, 9, 0||System file||C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\||15.1KB (15,416 bytes)||||2009/07/02 19:36:14||2009/07/02 19:36:14||2010/08/11 20:40:56||0||1||0||0||0||0||ATK Generic Function Service||Memory mapping Driver||Copyright (C) 2009||4c016fd76ed5c05e84ca8cab77993961||
AcceptPause[:]False
AcceptStop[:]False
Caption[:]RAS Asynchronous Media Driver
Description[:]RAS Asynchronous Media Driver
Name[:]AsyncMac
pathname[:]C:\Windows\system32\DRIVERS\asyncmac.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]IDE Channel
Description[:]IDE Channel
Name[:]atapi
pathname[:]C:\Windows\system32\DRIVERS\atapi.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Atheros Extensible Wireless LAN device driver
Description[:]Atheros Extensible Wireless LAN device driver
Name[:]athr
pathname[:]C:\Windows\system32\DRIVERS\athrx.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Broadcom NetXtreme II VBD
Description[:]Broadcom NetXtreme II VBD
Name[:]b06bdrv
pathname[:]C:\Windows\system32\DRIVERS\bxvbda.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0
Description[:]Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0
Name[:]b57nd60a
pathname[:]C:\Windows\system32\DRIVERS\b57nd60a.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Beep
Description[:]Beep
Name[:]Beep
pathname[:]C:\Windows\system32\drivers\Beep.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]blbdrive
Description[:]blbdrive
Name[:]blbdrive
pathname[:]C:\Windows\system32\DRIVERS\blbdrive.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Browser Support Driver
Description[:]Browser Support Driver
Name[:]bowser
pathname[:]C:\Windows\system32\DRIVERS\bowser.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]Manual
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]bpenum
Description[:]bpenum
Name[:]bpenum
pathname[:]C:\Windows\system32\DRIVERS\bpenum.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Intel(R) Centrino(R) WiMAX 6050 Series
Description[:]Intel(R) Centrino(R) WiMAX 6050 Series
Name[:]bpmp
pathname[:]C:\Windows\system32\DRIVERS\bpmp.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]bpusb
Description[:]bpusb
Name[:]bpusb
pathname[:]C:\Windows\system32\Drivers\bpusb.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Brother USB Mass-Storage Lower Filter Driver
Description[:]Brother USB Mass-Storage Lower Filter Driver
Name[:]BrFiltLo
pathname[:]C:\Windows\system32\DRIVERS\BrFiltLo.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Brother USB Mass-Storage Upper Filter Driver
Description[:]Brother USB Mass-Storage Upper Filter Driver
Name[:]BrFiltUp
pathname[:]C:\Windows\system32\DRIVERS\BrFiltUp.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Brother MFC Serial Port Interface Driver (WDM)
Description[:]Brother MFC Serial Port Interface Driver (WDM)
Name[:]Brserid
pathname[:]C:\Windows\system32\Drivers\Brserid.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Brother WDM Serial driver
Description[:]Brother WDM Serial driver
Name[:]BrSerWdm
pathname[:]C:\Windows\system32\Drivers\BrSerWdm.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Brother MFC USB Fax Only Modem
Description[:]Brother MFC USB Fax Only Modem
Name[:]BrUsbMdm
pathname[:]C:\Windows\system32\Drivers\BrUsbMdm.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Brother MFC USB Serial WDM Driver
Description[:]Brother MFC USB Serial WDM Driver
Name[:]BrUsbSer
pathname[:]C:\Windows\system32\Drivers\BrUsbSer.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Bluetooth Serial Communications Driver
Description[:]Bluetooth Serial Communications Driver
Name[:]BTHMODEM
pathname[:]C:\Windows\system32\DRIVERS\bthmodem.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]CD/DVD File System Reader
Description[:]CD/DVD File System Reader
Name[:]cdfs
pathname[:]C:\Windows\system32\DRIVERS\cdfs.sys
ServiceType[:]File System Driver
Started[:]False
StartMode[:]Disabled
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]CD-ROM Driver
Description[:]CD-ROM Driver
Name[:]cdrom
pathname[:]C:\Windows\system32\DRIVERS\cdrom.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Consumer IR Devices
Description[:]Consumer IR Devices
Name[:]circlass
pathname[:]C:\Windows\system32\DRIVERS\circlass.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Common Log (CLFS)
Description[:]Common Log (CLFS)
Name[:]CLFS
pathname[:]C:\Windows\system32\CLFS.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft ACPI Control Method Battery Driver
Description[:]Microsoft ACPI Control Method Battery Driver
Name[:]CmBatt
pathname[:]C:\Windows\system32\DRIVERS\CmBatt.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]cmdide
Description[:]cmdide
Name[:]cmdide
pathname[:]C:\Windows\system32\DRIVERS\cmdide.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]CNG
Description[:]CNG
Name[:]CNG
pathname[:]C:\Windows\system32\Drivers\cng.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Microsoft Composite Battery Driver
Description[:]Microsoft Composite Battery Driver
Name[:]Compbatt
pathname[:]C:\Windows\system32\DRIVERS\compbatt.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Composite Bus Enumerator Driver
Description[:]Composite Bus Enumerator Driver
Name[:]CompositeBus
pathname[:]C:\Windows\system32\DRIVERS\CompositeBus.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Crcdisk Filter Driver
Description[:]Crcdisk Filter Driver
Name[:]crcdisk
pathname[:]C:\Windows\system32\DRIVERS\crcdisk.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Disabled
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]DFS Namespace Client Driver
Description[:]DFS Namespace Client Driver
Name[:]DfsC
pathname[:]C:\Windows\system32\Drivers\dfsc.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]System Attribute Cache
Description[:]System Attribute Cache
Name[:]discache
pathname[:]C:\Windows\system32\drivers\discache.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Disk Driver
Description[:]Disk Driver
Name[:]Disk
pathname[:]C:\Windows\system32\DRIVERS\disk.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft Trusted Audio Drivers
Description[:]Microsoft Trusted Audio Drivers
Name[:]drmkaud
pathname[:]C:\Windows\system32\drivers\drmkaud.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]LDDM Graphics Subsystem
Description[:]LDDM Graphics Subsystem
Name[:]DXGKrnl
pathname[:]C:\Windows\system32\drivers\dxgkrnl.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Broadcom NetXtreme II 10 GigE VBD
Description[:]Broadcom NetXtreme II 10 GigE VBD
Name[:]ebdrv
pathname[:]C:\Windows\system32\DRIVERS\evbda.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]elxstor
Description[:]elxstor
Name[:]elxstor
pathname[:]C:\Windows\system32\DRIVERS\elxstor.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft Hardware Error Device Driver
Description[:]Microsoft Hardware Error Device Driver
Name[:]ErrDev
pathname[:]C:\Windows\system32\DRIVERS\errdev.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]ELAN PS/2 Port Input Device
Description[:]ELAN PS/2 Port Input Device
Name[:]ETD
pathname[:]C:\Windows\system32\DRIVERS\ETD.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]exFAT File System Driver
Description[:]exFAT File System Driver
Name[:]exfat
pathname[:]C:\Windows\system32\drivers\exfat.sys
ServiceType[:]File System Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]FAT12/16/32 File System Driver
Description[:]FAT12/16/32 File System Driver
Name[:]fastfat
pathname[:]C:\Windows\system32\drivers\fastfat.sys
ServiceType[:]File System Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Floppy Disk Controller Driver
Description[:]Floppy Disk Controller Driver
Name[:]fdc
pathname[:]C:\Windows\system32\DRIVERS\fdc.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]File Information FS MiniFilter
Description[:]File Information FS MiniFilter
Name[:]FileInfo
pathname[:]C:\Windows\system32\drivers\fileinfo.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Filetrace
Description[:]Filetrace
Name[:]Filetrace
pathname[:]C:\Windows\system32\drivers\filetrace.sys
ServiceType[:]File System Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Floppy Disk Driver
Description[:]Floppy Disk Driver
Name[:]flpydisk
pathname[:]C:\Windows\system32\DRIVERS\flpydisk.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]FltMgr
Description[:]FltMgr
Name[:]FltMgr
pathname[:]C:\Windows\system32\drivers\fltmgr.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]File System Dependency Minifilter
Description[:]File System Dependency Minifilter
Name[:]FsDepends
pathname[:]C:\Windows\system32\drivers\FsDepends.sys
ServiceType[:]File System Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]fssfltr
Description[:]fssfltr
Name[:]fssfltr
pathname[:]C:\Windows\system32\DRIVERS\fssfltr.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Bitlocker Drive Encryption Filter Driver
Description[:]Bitlocker Drive Encryption Filter Driver
Name[:]fvevol
pathname[:]C:\Windows\system32\DRIVERS\fvevol.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms
Description[:]Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms
Name[:]gagp30kx
pathname[:]C:\Windows\system32\DRIVERS\gagp30kx.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Hauppauge Consumer Infrared Receiver
Description[:]Hauppauge Consumer Infrared Receiver
Name[:]hcw85cir
pathname[:]C:\Windows\system32\drivers\hcw85cir.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft 1.1 UAA Function Driver for High Definition Audio Service
Description[:]Microsoft 1.1 UAA Function Driver for High Definition Audio Service
Name[:]HdAudAddService
pathname[:]C:\Windows\system32\drivers\HdAudio.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft UAA Bus Driver for High Definition Audio
Description[:]Microsoft UAA Bus Driver for High Definition Audio
Name[:]HDAudBus
pathname[:]C:\Windows\system32\DRIVERS\HDAudBus.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Intel(R) Management Engine Interface
Description[:]Intel(R) Management Engine Interface
Name[:]HECIx64
pathname[:]C:\Windows\system32\DRIVERS\HECIx64.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]HID UPS Battery Driver
Description[:]HID UPS Battery Driver
Name[:]HidBatt
pathname[:]C:\Windows\system32\DRIVERS\HidBatt.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft Bluetooth HID Miniport
Description[:]Microsoft Bluetooth HID Miniport
Name[:]HidBth
pathname[:]C:\Windows\system32\DRIVERS\hidbth.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft Infrared HID Driver
Description[:]Microsoft Infrared HID Driver
Name[:]HidIr
pathname[:]C:\Windows\system32\DRIVERS\hidir.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft HID Class Driver
Description[:]Microsoft HID Class Driver
Name[:]HidUsb
pathname[:]C:\Windows\system32\DRIVERS\hidusb.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]HpSAMD
Description[:]HpSAMD
Name[:]HpSAMD
pathname[:]C:\Windows\system32\DRIVERS\HpSAMD.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]HTTP
Description[:]HTTP
Name[:]HTTP
pathname[:]C:\Windows\system32\drivers\HTTP.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Manual
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Hardware Policy Driver
Description[:]Hardware Policy Driver
Name[:]hwpolicy
pathname[:]C:\Windows\system32\drivers\hwpolicy.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]i8042 Keyboard and PS/2 Mouse Port Driver
Description[:]i8042 Keyboard and PS/2 Mouse Port Driver
Name[:]i8042prt
pathname[:]C:\Windows\system32\DRIVERS\i8042prt.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Intel AHCI Controller
Description[:]Intel AHCI Controller
Name[:]iaStor
pathname[:]C:\Windows\system32\DRIVERS\iaStor.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]iaStorV
Description[:]iaStorV
Name[:]iaStorV
pathname[:]C:\Windows\system32\DRIVERS\iaStorV.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]igfx
Description[:]igfx
Name[:]igfx
pathname[:]C:\Windows\system32\DRIVERS\igdkmd64.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]iirsp
Description[:]iirsp
Name[:]iirsp
pathname[:]C:\Windows\system32\DRIVERS\iirsp.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Impcd
Description[:]Impcd
Name[:]Impcd
pathname[:]C:\Windows\system32\DRIVERS\Impcd.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Service for Realtek HD Audio (WDM)
Description[:]Service for Realtek HD Audio (WDM)
Name[:]IntcAzAudAddService
pathname[:]C:\Windows\system32\drivers\RTKVHD64.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Intel(R) Display Audio
Description[:]Intel(R) Display Audio
Name[:]IntcDAud
pathname[:]C:\Windows\system32\DRIVERS\IntcDAud.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]intelide
Description[:]intelide
Name[:]intelide
pathname[:]C:\Windows\system32\DRIVERS\intelide.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Intel Processor Driver
Description[:]Intel Processor Driver
Name[:]intelppm
pathname[:]C:\Windows\system32\DRIVERS\intelppm.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]IP Traffic Filter Driver
Description[:]IP Traffic Filter Driver
Name[:]IpFilterDriver
pathname[:]C:\Windows\system32\DRIVERS\ipfltdrv.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]IPMIDRV
Description[:]IPMIDRV
Name[:]IPMIDRV
pathname[:]C:\Windows\system32\DRIVERS\IPMIDrv.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]IP Network Address Translator
Description[:]IP Network Address Translator
Name[:]IPNAT
pathname[:]C:\Windows\system32\drivers\ipnat.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]IR Bus Enumerator
Description[:]IR Bus Enumerator
Name[:]IRENUM
pathname[:]C:\Windows\system32\drivers\irenum.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]isapnp
Description[:]isapnp
Name[:]isapnp
pathname[:]C:\Windows\system32\DRIVERS\isapnp.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]iScsiPort Driver
Description[:]iScsiPort Driver
Name[:]iScsiPrt
pathname[:]C:\Windows\system32\DRIVERS\msiscsi.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Keyboard Class Driver
Description[:]Keyboard Class Driver
Name[:]kbdclass
pathname[:]C:\Windows\system32\DRIVERS\kbdclass.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Keyboard HID Driver
Description[:]Keyboard HID Driver
Name[:]kbdhid
pathname[:]C:\Windows\system32\DRIVERS\kbdhid.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Keyboard Filter
Description[:]Keyboard Filter
Name[:]kbfiltr
pathname[:]C:\Windows\system32\DRIVERS\kbfiltr.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]KL1
Description[:]KL1
Name[:]KL1
pathname[:]C:\Windows\system32\DRIVERS\kl1.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]kl2
Description[:]kl2
Name[:]kl2
pathname[:]C:\Windows\system32\DRIVERS\kl2.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Kaspersky Lab Driver
Description[:]Kaspersky Lab Driver
Name[:]KLIF
pathname[:]C:\Windows\system32\DRIVERS\klif.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Kaspersky Anti-Virus NDIS 6 Filter
Description[:]Kaspersky Anti-Virus NDIS 6 Filter
Name[:]KLIM6
pathname[:]C:\Windows\system32\DRIVERS\klim6.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Kaspersky Lab KLMOUFLT
Description[:]Kaspersky Lab KLMOUFLT
Name[:]klmouflt
pathname[:]C:\Windows\system32\DRIVERS\klmouflt.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]KSecDD
Description[:]KSecDD
Name[:]KSecDD
pathname[:]C:\Windows\system32\Drivers\ksecdd.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]KSecPkg
Description[:]KSecPkg
Name[:]KSecPkg
pathname[:]C:\Windows\system32\Drivers\ksecpkg.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Kernel Streaming Thunks
Description[:]Kernel Streaming Thunks
Name[:]ksthunk
pathname[:]C:\Windows\system32\drivers\ksthunk.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller
Description[:]NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller
Name[:]L1C
pathname[:]C:\Windows\system32\DRIVERS\L1C62x64.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Link-Layer Topology Discovery Mapper I/O Driver
Description[:]Link-Layer Topology Discovery Mapper I/O Driver
Name[:]lltdio
pathname[:]C:\Windows\system32\DRIVERS\lltdio.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Auto
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]LSI_FC
Description[:]LSI_FC
Name[:]LSI_FC
pathname[:]C:\Windows\system32\DRIVERS\lsi_fc.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]LSI_SAS
Description[:]LSI_SAS
Name[:]LSI_SAS
pathname[:]C:\Windows\system32\DRIVERS\lsi_sas.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]LSI_SAS2
Description[:]LSI_SAS2
Name[:]LSI_SAS2
pathname[:]C:\Windows\system32\DRIVERS\lsi_sas2.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]LSI_SCSI
Description[:]LSI_SCSI
Name[:]LSI_SCSI
pathname[:]C:\Windows\system32\DRIVERS\lsi_scsi.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]UAC File Virtualization
Description[:]UAC File Virtualization
Name[:]luafv
pathname[:]C:\Windows\system32\drivers\luafv.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]Auto
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]MBAMProtector
Description[:]MBAMProtector
Name[:]MBAMProtector
pathname[:]\??\C:\Windows\system32\drivers\mbam.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]Manual
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]megasas
Description[:]megasas
Name[:]megasas
pathname[:]C:\Windows\system32\DRIVERS\megasas.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]MegaSR
Description[:]MegaSR
Name[:]MegaSR
pathname[:]C:\Windows\system32\DRIVERS\MegaSR.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Modem
Description[:]Modem
Name[:]Modem
pathname[:]C:\Windows\system32\drivers\modem.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft Monitor Class Function Driver Service
Description[:]Microsoft Monitor Class Function Driver Service
Name[:]monitor
pathname[:]C:\Windows\system32\DRIVERS\monitor.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Mouse Class Driver
Description[:]Mouse Class Driver
Name[:]mouclass
pathname[:]C:\Windows\system32\DRIVERS\mouclass.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Mouse HID Driver
Description[:]Mouse HID Driver
Name[:]mouhid
pathname[:]C:\Windows\system32\DRIVERS\mouhid.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Mount Point Manager
Description[:]Mount Point Manager
Name[:]mountmgr
pathname[:]C:\Windows\system32\drivers\mountmgr.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]mpio
Description[:]mpio
Name[:]mpio
pathname[:]C:\Windows\system32\DRIVERS\mpio.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Windows Firewall Authorization Driver
Description[:]Windows Firewall Authorization Driver
Name[:]mpsdrv
pathname[:]C:\Windows\system32\drivers\mpsdrv.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Manual
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Message Queuing Access Control
Description[:]Message Queuing Access Control
Name[:]MQAC
pathname[:]C:\Windows\system32\drivers\mqac.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Manual
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]WebDav Client Redirector Driver
Description[:]WebDav Client Redirector Driver
Name[:]MRxDAV
pathname[:]C:\Windows\system32\drivers\mrxdav.sys
ServiceType[:]File System Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]SMB MiniRedirector Wrapper and Engine
Description[:]SMB MiniRedirector Wrapper and Engine
Name[:]mrxsmb
pathname[:]C:\Windows\system32\DRIVERS\mrxsmb.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]Manual
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]SMB 1.x MiniRedirector
Description[:]SMB 1.x MiniRedirector
Name[:]mrxsmb10
pathname[:]C:\Windows\system32\DRIVERS\mrxsmb10.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]Manual
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]SMB 2.0 MiniRedirector
Description[:]SMB 2.0 MiniRedirector
Name[:]mrxsmb20
pathname[:]C:\Windows\system32\DRIVERS\mrxsmb20.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]Manual
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]msahci
Description[:]msahci
Name[:]msahci
pathname[:]C:\Windows\system32\DRIVERS\msahci.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]msdsm
Description[:]msdsm
Name[:]msdsm
pathname[:]C:\Windows\system32\DRIVERS\msdsm.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Msfs
Description[:]Msfs
Name[:]Msfs
pathname[:]C:\Windows\system32\drivers\Msfs.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Pass-through HID to KMDF Filter Driver
Description[:]Pass-through HID to KMDF Filter Driver
Name[:]mshidkmdf
pathname[:]C:\Windows\system32\drivers\mshidkmdf.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]msisadrv
Description[:]msisadrv
Name[:]msisadrv
pathname[:]C:\Windows\system32\DRIVERS\msisadrv.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft Streaming Service Proxy
Description[:]Microsoft Streaming Service Proxy
Name[:]MSKSSRV
pathname[:]C:\Windows\system32\drivers\MSKSSRV.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft Streaming Clock Proxy
Description[:]Microsoft Streaming Clock Proxy
Name[:]MSPCLOCK
pathname[:]C:\Windows\system32\drivers\MSPCLOCK.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft Streaming Quality Manager Proxy
Description[:]Microsoft Streaming Quality Manager Proxy
Name[:]MSPQM
pathname[:]C:\Windows\system32\drivers\MSPQM.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]MsRPC
Description[:]MsRPC
Name[:]MsRPC
pathname[:]C:\Windows\system32\drivers\MsRPC.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Microsoft System Management BIOS Driver
Description[:]Microsoft System Management BIOS Driver
Name[:]mssmbios
pathname[:]C:\Windows\system32\DRIVERS\mssmbios.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft Streaming Tee/Sink-to-Sink Converter
Description[:]Microsoft Streaming Tee/Sink-to-Sink Converter
Name[:]MSTEE
pathname[:]C:\Windows\system32\drivers\MSTEE.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft Input Configuration Driver
Description[:]Microsoft Input Configuration Driver
Name[:]MTConfig
pathname[:]C:\Windows\system32\DRIVERS\MTConfig.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]ATK0100 ACPI UTILITY
Description[:]ATK0100 ACPI UTILITY
Name[:]MTsensor
pathname[:]C:\Windows\system32\DRIVERS\ATK64AMD.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Mup
Description[:]Mup
Name[:]Mup
pathname[:]C:\Windows\system32\Drivers\mup.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]NativeWiFi Filter
Description[:]NativeWiFi Filter
Name[:]NativeWifiP
pathname[:]C:\Windows\system32\DRIVERS\nwifi.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Manual
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]NDIS System Driver
Description[:]NDIS System Driver
Name[:]NDIS
pathname[:]C:\Windows\system32\drivers\ndis.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]NDIS Capture LightWeight Filter
Description[:]NDIS Capture LightWeight Filter
Name[:]NdisCap
pathname[:]C:\Windows\system32\DRIVERS\ndiscap.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Remote Access NDIS TAPI Driver
Description[:]Remote Access NDIS TAPI Driver
Name[:]NdisTapi
pathname[:]C:\Windows\system32\DRIVERS\ndistapi.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]NDIS Usermode I/O Protocol
Description[:]NDIS Usermode I/O Protocol
Name[:]Ndisuio
pathname[:]C:\Windows\system32\DRIVERS\ndisuio.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Manual
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Remote Access NDIS WAN Driver
Description[:]Remote Access NDIS WAN Driver
Name[:]NdisWan
pathname[:]C:\Windows\system32\DRIVERS\ndiswan.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]NDIS Proxy
Description[:]NDIS Proxy
Name[:]NDProxy
pathname[:]C:\Windows\system32\drivers\NDProxy.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]NetBIOS Interface
Description[:]NetBIOS Interface
Name[:]NetBIOS
pathname[:]C:\Windows\system32\DRIVERS\netbios.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]NetBT
Description[:]NetBT
Name[:]NetBT
pathname[:]C:\Windows\system32\DRIVERS\netbt.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit
Description[:]Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit
Name[:]NETw5s64
pathname[:]C:\Windows\system32\DRIVERS\NETw5s64.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]nfrd960
Description[:]nfrd960
Name[:]nfrd960
pathname[:]C:\Windows\system32\DRIVERS\nfrd960.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Npfs
Description[:]Npfs
Name[:]Npfs
pathname[:]C:\Windows\system32\drivers\Npfs.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]NSI proxy service driver.
Description[:]NSI proxy service driver.
Name[:]nsiproxy
pathname[:]C:\Windows\system32\drivers\nsiproxy.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Ntfs
Description[:]Ntfs
Name[:]Ntfs
pathname[:]C:\Windows\system32\drivers\Ntfs.sys
ServiceType[:]File System Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Null
Description[:]Null
Name[:]Null
pathname[:]C:\Windows\system32\drivers\Null.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]nvraid
Description[:]nvraid
Name[:]nvraid
pathname[:]C:\Windows\system32\DRIVERS\nvraid.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]nvstor
Description[:]nvstor
Name[:]nvstor
pathname[:]C:\Windows\system32\DRIVERS\nvstor.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]NVIDIA nForce AGP Bus Filter
Description[:]NVIDIA nForce AGP Bus Filter
Name[:]nv_agp
pathname[:]C:\Windows\system32\DRIVERS\nv_agp.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]1394 OHCI Compliant Host Controller (Legacy)
Description[:]1394 OHCI Compliant Host Controller (Legacy)
Name[:]ohci1394
pathname[:]C:\Windows\system32\DRIVERS\ohci1394.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Parallel port driver
Description[:]Parallel port driver
Name[:]Parport
pathname[:]C:\Windows\system32\DRIVERS\parport.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Partition Manager
Description[:]Partition Manager
Name[:]partmgr
pathname[:]C:\Windows\system32\drivers\partmgr.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]PCI Bus Driver
Description[:]PCI Bus Driver
Name[:]pci
pathname[:]C:\Windows\system32\DRIVERS\pci.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]pciide
Description[:]pciide
Name[:]pciide
pathname[:]C:\Windows\system32\drivers\pciide.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]pcmcia
Description[:]pcmcia
Name[:]pcmcia
pathname[:]C:\Windows\system32\DRIVERS\pcmcia.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Performance Counters for Windows Driver
Description[:]Performance Counters for Windows Driver
Name[:]pcw
pathname[:]C:\Windows\system32\drivers\pcw.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]PEAUTH
Description[:]PEAUTH
Name[:]PEAUTH
pathname[:]C:\Windows\system32\drivers\peauth.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Auto
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]WAN Miniport (PPTP)
Description[:]WAN Miniport (PPTP)
Name[:]PptpMiniport
pathname[:]C:\Windows\system32\DRIVERS\raspptp.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Processor Driver
Description[:]Processor Driver
Name[:]Processor
pathname[:]C:\Windows\system32\DRIVERS\processr.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]QoS Packet Scheduler
Description[:]QoS Packet Scheduler
Name[:]Psched
pathname[:]C:\Windows\system32\DRIVERS\pacer.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]ql2300
Description[:]ql2300
Name[:]ql2300
pathname[:]C:\Windows\system32\DRIVERS\ql2300.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]ql40xx
Description[:]ql40xx
Name[:]ql40xx
pathname[:]C:\Windows\system32\DRIVERS\ql40xx.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]QWAVE driver
Description[:]QWAVE driver
Name[:]QWAVEdrv
pathname[:]C:\Windows\system32\drivers\qwavedrv.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Remote Access Auto Connection Driver
Description[:]Remote Access Auto Connection Driver
Name[:]RasAcd
pathname[:]C:\Windows\system32\DRIVERS\rasacd.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]WAN Miniport (IKEv2)
Description[:]WAN Miniport (IKEv2)
Name[:]RasAgileVpn
pathname[:]C:\Windows\system32\DRIVERS\AgileVpn.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]WAN Miniport (L2TP)
Description[:]WAN Miniport (L2TP)
Name[:]Rasl2tp
pathname[:]C:\Windows\system32\DRIVERS\rasl2tp.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Remote Access PPPOE Driver
Description[:]Remote Access PPPOE Driver
Name[:]RasPppoe
pathname[:]C:\Windows\system32\DRIVERS\raspppoe.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]WAN Miniport (SSTP)
Description[:]WAN Miniport (SSTP)
Name[:]RasSstp
pathname[:]C:\Windows\system32\DRIVERS\rassstp.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Redirected Buffering Sub Sysytem
Description[:]Redirected Buffering Sub Sysytem
Name[:]rdbss
pathname[:]C:\Windows\system32\DRIVERS\rdbss.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Remote Desktop Device Redirector Bus Driver
Description[:]Remote Desktop Device Redirector Bus Driver
Name[:]rdpbus
pathname[:]C:\Windows\system32\DRIVERS\rdpbus.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]RDPCDD
Description[:]RDPCDD
Name[:]RDPCDD
pathname[:]C:\Windows\system32\DRIVERS\RDPCDD.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]RDP Encoder Mirror Driver
Description[:]RDP Encoder Mirror Driver
Name[:]RDPENCDD
pathname[:]C:\Windows\system32\drivers\rdpencdd.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Reflector Display Driver used to gain access to graphics data
Description[:]Reflector Display Driver used to gain access to graphics data
Name[:]RDPREFMP
pathname[:]C:\Windows\system32\drivers\rdprefmp.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]RDP Winstation Driver
Description[:]RDP Winstation Driver
Name[:]RDPWD
pathname[:]C:\Windows\system32\drivers\RDPWD.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]ReadyBoost
Description[:]ReadyBoost
Name[:]rdyboost
pathname[:]C:\Windows\system32\drivers\rdyboost.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Reliable Multicast Protocol
Description[:]Reliable Multicast Protocol
Name[:]RMCAST
pathname[:]C:\Windows\system32\DRIVERS\RMCAST.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Auto
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Link-Layer Topology Discovery Responder
Description[:]Link-Layer Topology Discovery Responder
Name[:]rspndr
pathname[:]C:\Windows\system32\DRIVERS\rspndr.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Auto
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]SASDIFSV
Description[:]SASDIFSV
Name[:]SASDIFSV
pathname[:]\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
sasdifsv64.sys||1, 0, 0, 1010||4, 0, 0, 1000||System file||C:\Program Files\SUPERAntiSpyware\||14.6KB (14,920 bytes)||||2010/02/17 13:23:05||2010/02/17 13:23:05||2010/02/17 13:23:05||0||1||0||0||0||0||SUPERAntiSpyware||SASDIFSV64.SYS|| (c) Copyright 2006-2010 by SUPERAdBlocker.com and SUPERAntiSpyware.com||99df79c258b3342b6c8a5f802998de56||
AcceptPause[:]False
AcceptStop[:]True
Caption[:]SASKUTIL
Description[:]SASKUTIL
Name[:]SASKUTIL
pathname[:]\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
saskutil64.sys||1, 0, 0, 1014||1, 0, 0, 1014||System file||C:\Program Files\SUPERAntiSpyware\||12.1KB (12,360 bytes)||||2010/02/17 13:23:05||2010/02/17 13:23:05||2010/02/17 13:23:05||0||1||0||0||0||0||SUPERAntiSpyware||SASKUTIL64.SYS|| (c) Copyright 2006-2010 by SUPERAdBlocker.com and SUPERAntiSpyware.com||2859c35c0651e8eb0d86d48e740388f2||
AcceptPause[:]False
AcceptStop[:]False
Caption[:]sbp2port
Description[:]sbp2port
Name[:]sbp2port
pathname[:]C:\Windows\system32\DRIVERS\sbp2port.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Smart card PnP Class Filter Driver
Description[:]Smart card PnP Class Filter Driver
Name[:]scfilter
pathname[:]C:\Windows\system32\DRIVERS\scfilter.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Security Driver
Description[:]Security Driver
Name[:]secdrv
pathname[:]C:\Windows\system32\drivers\secdrv.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Auto
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Serenum Filter Driver
Description[:]Serenum Filter Driver
Name[:]Serenum
pathname[:]C:\Windows\system32\DRIVERS\serenum.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Serial
Description[:]Serial
Name[:]Serial
pathname[:]C:\Windows\system32\DRIVERS\serial.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Serial Mouse Driver
Description[:]Serial Mouse Driver
Name[:]sermouse
pathname[:]C:\Windows\system32\DRIVERS\sermouse.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]SFF Storage Class Driver
Description[:]SFF Storage Class Driver
Name[:]sffdisk
pathname[:]C:\Windows\system32\DRIVERS\sffdisk.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]SFF Storage Protocol Driver for MMC
Description[:]SFF Storage Protocol Driver for MMC
Name[:]sffp_mmc
pathname[:]C:\Windows\system32\DRIVERS\sffp_mmc.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]SFF Storage Protocol Driver for SDBus
Description[:]SFF Storage Protocol Driver for SDBus
Name[:]sffp_sd
pathname[:]C:\Windows\system32\DRIVERS\sffp_sd.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]High-Capacity Floppy Disk Drive
Description[:]High-Capacity Floppy Disk Drive
Name[:]sfloppy
pathname[:]C:\Windows\system32\DRIVERS\sfloppy.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]SiS191/SiS190 Ethernet Device NDIS 6.0 Driver
Description[:]SiS191/SiS190 Ethernet Device NDIS 6.0 Driver
Name[:]SiSGbeLH
pathname[:]C:\Windows\system32\DRIVERS\SiSG664.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]SiSRaid2
Description[:]SiSRaid2
Name[:]SiSRaid2
pathname[:]C:\Windows\system32\DRIVERS\SiSRaid2.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]SiSRaid4
Description[:]SiSRaid4
Name[:]SiSRaid4
pathname[:]C:\Windows\system32\DRIVERS\sisraid4.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
Description[:]Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
Name[:]Smb
pathname[:]C:\Windows\system32\DRIVERS\smb.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]USB2.0 PC Camera (SNP2UVC)
Description[:]USB2.0 PC Camera (SNP2UVC)
Name[:]SNP2UVC
pathname[:]C:\Windows\system32\DRIVERS\snp2uvc.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Security Processor Loader Driver
Description[:]Security Processor Loader Driver
Name[:]spldr
pathname[:]C:\Windows\system32\drivers\spldr.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Server SMB 1.xxx Driver
Description[:]Server SMB 1.xxx Driver
Name[:]srv
pathname[:]C:\Windows\system32\DRIVERS\srv.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]Manual
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Server SMB 2.xxx Driver
Description[:]Server SMB 2.xxx Driver
Name[:]srv2
pathname[:]C:\Windows\system32\DRIVERS\srv2.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]Manual
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]srvnet
Description[:]srvnet
Name[:]srvnet
pathname[:]C:\Windows\system32\DRIVERS\srvnet.sys
ServiceType[:]File System Driver
Started[:]True
StartMode[:]Manual
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]stexstor
Description[:]stexstor
Name[:]stexstor
pathname[:]C:\Windows\system32\DRIVERS\stexstor.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Software Bus Driver
Description[:]Software Bus Driver
Name[:]swenum
pathname[:]C:\Windows\system32\DRIVERS\swenum.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]TCP/IP Protocol Driver
Description[:]TCP/IP Protocol Driver
Name[:]Tcpip
pathname[:]C:\Windows\system32\drivers\tcpip.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft IPv6 Protocol Driver
Description[:]Microsoft IPv6 Protocol Driver
Name[:]TCPIP6
pathname[:]C:\Windows\system32\DRIVERS\tcpip.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]TCP/IP Registry Compatibility
Description[:]TCP/IP Registry Compatibility
Name[:]tcpipreg
pathname[:]C:\Windows\system32\drivers\tcpipreg.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Auto
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]TDPIPE
Description[:]TDPIPE
Name[:]TDPIPE
pathname[:]C:\Windows\system32\drivers\tdpipe.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]TDTCP
Description[:]TDTCP
Name[:]TDTCP
pathname[:]C:\Windows\system32\drivers\tdtcp.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]NetIO Legacy TDI Support Driver
Description[:]NetIO Legacy TDI Support Driver
Name[:]tdx
pathname[:]C:\Windows\system32\DRIVERS\tdx.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Terminal Device Driver
Description[:]Terminal Device Driver
Name[:]TermDD
pathname[:]C:\Windows\system32\DRIVERS\termdd.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Remote Desktop Services Security Filter Driver
Description[:]Remote Desktop Services Security Filter Driver
Name[:]tssecsrv
pathname[:]C:\Windows\system32\DRIVERS\tssecsrv.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft Tunnel Miniport Adapter Driver
Description[:]Microsoft Tunnel Miniport Adapter Driver
Name[:]tunnel
pathname[:]C:\Windows\system32\DRIVERS\tunnel.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Turbo Boost UI Monitor driver
Description[:]Turbo Boost UI Monitor driver
Name[:]TurboB
pathname[:]C:\Windows\system32\DRIVERS\TurboB.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Auto
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft AGPv3.5 Filter
Description[:]Microsoft AGPv3.5 Filter
Name[:]uagp35
pathname[:]C:\Windows\system32\DRIVERS\uagp35.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]udfs
Description[:]udfs
Name[:]udfs
pathname[:]C:\Windows\system32\DRIVERS\udfs.sys
ServiceType[:]File System Driver
Started[:]False
StartMode[:]Disabled
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Uli AGP Bus Filter
Description[:]Uli AGP Bus Filter
Name[:]uliagpkx
pathname[:]C:\Windows\system32\DRIVERS\uliagpkx.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]UMBus Enumerator Driver
Description[:]UMBus Enumerator Driver
Name[:]umbus
pathname[:]C:\Windows\system32\DRIVERS\umbus.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft UMPass Driver
Description[:]Microsoft UMPass Driver
Name[:]UmPass
pathname[:]C:\Windows\system32\DRIVERS\umpass.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft USB Generic Parent Driver
Description[:]Microsoft USB Generic Parent Driver
Name[:]usbccgp
pathname[:]C:\Windows\system32\DRIVERS\usbccgp.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]eHome Infrared Receiver (USBCIR)
Description[:]eHome Infrared Receiver (USBCIR)
Name[:]usbcir
pathname[:]C:\Windows\system32\DRIVERS\usbcir.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft USB 2.0 Enhanced Host Controller Miniport Driver
Description[:]Microsoft USB 2.0 Enhanced Host Controller Miniport Driver
Name[:]usbehci
pathname[:]C:\Windows\system32\DRIVERS\usbehci.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft USB Standard Hub Driver
Description[:]Microsoft USB Standard Hub Driver
Name[:]usbhub
pathname[:]C:\Windows\system32\DRIVERS\usbhub.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft USB Open Host Controller Miniport Driver
Description[:]Microsoft USB Open Host Controller Miniport Driver
Name[:]usbohci
pathname[:]C:\Windows\system32\DRIVERS\usbohci.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft USB PRINTER Class
Description[:]Microsoft USB PRINTER Class
Name[:]usbprint
pathname[:]C:\Windows\system32\DRIVERS\usbprint.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]USB Scanner Driver
Description[:]USB Scanner Driver
Name[:]usbscan
pathname[:]C:\Windows\system32\DRIVERS\usbscan.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]USB Mass Storage Driver
Description[:]USB Mass Storage Driver
Name[:]USBSTOR
pathname[:]C:\Windows\system32\DRIVERS\USBSTOR.SYS
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft USB Universal Host Controller Miniport Driver
Description[:]Microsoft USB Universal Host Controller Miniport Driver
Name[:]usbuhci
pathname[:]C:\Windows\system32\DRIVERS\usbuhci.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]USB Video Device (WDM)
Description[:]USB Video Device (WDM)
Name[:]usbvideo
pathname[:]C:\Windows\system32\Drivers\usbvideo.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Microsoft Virtual Drive Enumerator Driver
Description[:]Microsoft Virtual Drive Enumerator Driver
Name[:]vdrvroot
pathname[:]C:\Windows\system32\DRIVERS\vdrvroot.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]vga
Description[:]vga
Name[:]vga
pathname[:]C:\Windows\system32\DRIVERS\vgapnp.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]VgaSave
Description[:]VgaSave
Name[:]VgaSave
pathname[:]C:\Windows\system32\drivers\vga.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]vhdmp
Description[:]vhdmp
Name[:]vhdmp
pathname[:]C:\Windows\system32\DRIVERS\vhdmp.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]viaide
Description[:]viaide
Name[:]viaide
pathname[:]C:\Windows\system32\DRIVERS\viaide.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Volume Manager Driver
Description[:]Volume Manager Driver
Name[:]volmgr
pathname[:]C:\Windows\system32\DRIVERS\volmgr.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Dynamic Volume Manager
Description[:]Dynamic Volume Manager
Name[:]volmgrx
pathname[:]C:\Windows\system32\drivers\volmgrx.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Storage volumes
Description[:]Storage volumes
Name[:]volsnap
pathname[:]C:\Windows\system32\DRIVERS\volsnap.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]vsmraid
Description[:]vsmraid
Name[:]vsmraid
pathname[:]C:\Windows\system32\DRIVERS\vsmraid.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Virtual WiFi Bus Driver
Description[:]Virtual WiFi Bus Driver
Name[:]vwifibus
pathname[:]C:\Windows\system32\DRIVERS\vwifibus.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Virtual WiFi Filter Driver
Description[:]Virtual WiFi Filter Driver
Name[:]vwififlt
pathname[:]C:\Windows\system32\DRIVERS\vwififlt.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft Virtual WiFi Miniport Service
Description[:]Microsoft Virtual WiFi Miniport Service
Name[:]vwifimp
pathname[:]C:\Windows\system32\DRIVERS\vwifimp.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Wacom Serial Pen HID Driver
Description[:]Wacom Serial Pen HID Driver
Name[:]WacomPen
pathname[:]C:\Windows\system32\DRIVERS\wacompen.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Remote Access IP ARP Driver
Description[:]Remote Access IP ARP Driver
Name[:]WANARP
pathname[:]C:\Windows\system32\DRIVERS\wanarp.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Remote Access IPv6 ARP Driver
Description[:]Remote Access IPv6 ARP Driver
Name[:]Wanarpv6
pathname[:]C:\Windows\system32\DRIVERS\wanarp.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Wd
Description[:]Wd
Name[:]Wd
pathname[:]C:\Windows\system32\DRIVERS\wd.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Kernel Mode Driver Frameworks service
Description[:]Kernel Mode Driver Frameworks service
Name[:]Wdf01000
pathname[:]C:\Windows\system32\drivers\Wdf01000.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Boot
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Intel WiDi KMD
Description[:]Intel WiDi KMD
Name[:]wdkmd
pathname[:]C:\Windows\system32\DRIVERS\WDKMD.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]WFP Lightweight Filter
Description[:]WFP Lightweight Filter
Name[:]WfpLwf
pathname[:]C:\Windows\system32\DRIVERS\wfplwf.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]WimFltr
Description[:]WimFltr
Name[:]WimFltr
pathname[:]C:\Windows\system32\DRIVERS\wimfltr.sys
ServiceType[:]File System Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]WIMMount
Description[:]WIMMount
Name[:]WIMMount
pathname[:]C:\Windows\system32\drivers\wimmount.sys
ServiceType[:]File System Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
wimmount.sys||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||System file||C:\Windows\System32\drivers\||18.6KB (19,008 bytes)||||2009/07/13 18:17:57||2009/07/13 20:19:10||2009/07/13 18:17:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Wim file system Driver||© Microsoft Corporation. All rights reserved.||5cf95b35e59e2a38023836fff31be64c||
AcceptPause[:]False
AcceptStop[:]False
Caption[:]Microsoft Windows Management Interface for ACPI
Description[:]Microsoft Windows Management Interface for ACPI
Name[:]WmiAcpi
pathname[:]C:\Windows\system32\DRIVERS\wmiacpi.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]Windows Socket 2.0 Non-IFS Service Provider Support Environment
Description[:]Windows Socket 2.0 Non-IFS Service Provider Support Environment
Name[:]ws2ifsl
pathname[:]C:\Windows\system32\drivers\ws2ifsl.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]System
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]True
Caption[:]User Mode Driver Frameworks Platform Driver
Description[:]User Mode Driver Frameworks Platform Driver
Name[:]WudfPf
pathname[:]C:\Windows\system32\drivers\WudfPf.sys
ServiceType[:]Kernel Driver
Started[:]True
StartMode[:]Manual
State[:]Running
Status[:]OK
AcceptPause[:]False
AcceptStop[:]False
Caption[:]WUDFRd
Description[:]WUDFRd
Name[:]WUDFRd
pathname[:]C:\Windows\system32\DRIVERS\WUDFRd.sys
ServiceType[:]Kernel Driver
Started[:]False
StartMode[:]Manual
State[:]Stopped
Status[:]OK
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System[:]
ConsentPromptBehaviorAdmin[:]2
ConsentPromptBehaviorUser[:]3
EnableInstallerDetection[:]1
EnableLUA[:]1
EnableSecureUIAPaths[:]1
EnableUIADesktopToggle[:]0
EnableVirtualization[:]1
PromptOnSecureDesktop[:]1
ValidateAdminCodeSignatures[:]0
dontdisplaylastusername[:]0
legalnoticecaption[:]
legalnoticetext[:]
scforceoption[:]0
shutdownwithoutlogon[:]1
undockwithoutlogon[:]1
FilterAdministratorToken[:]0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run[:]
SUPERAntiSpyware[:]C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe<||||>SUPERAntiSpyware.exe||4, 45, 0, 1000||4, 45, 0, 1000||Application||C:\Program Files\SUPERAntiSpyware\||2.85MB (2,988,784 bytes)||||2010/10/25 13:47:46||2010/10/25 13:47:46||2010/10/25 13:47:46||0||1||0||0||0||0||SUPERAntiSpyware||SUPERAntiSpyware Application||Copyright (C) 2005-2010 by SUPERAntiSpyware.com and SUPERAdBlocker.com||221c7486bd1a61432cebba265069d65a||
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce[:]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run[:]
CLMLServer[:]C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe<||||>CLMLSvc.exe||2.1.1803.0||2.1.1803.0||Application||C:\Program Files (x86)\CyberLink\Power2Go\||101KB (103,720 bytes)||||2009/11/02 16:21:26||2009/11/02 16:21:26||2010/08/11 20:15:26||0||1||0||0||0||0||CyberLink MediaLibray Service||CyberLink MediaLibray Service||Copyright (C) 2005||57b4d34232852bfe4453be571df90d21||
AVP[:]C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe<||||>avp.exe||11.0.1.419||11.0.1.419||Application||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||345KB (352,976 bytes)||||2010/07/01 21:39:08||2010/10/29 17:20:36||2010/10/29 17:20:36||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Anti-Virus||© 1997-2010 Kaspersky Lab ZAO.||946d70667b0119f2beeae0849e1d46a2||
Malwarebytes' Anti-Malware[:]C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe<||||>mbamgui.exe||1.46.0.0000||1.46.0.0000||Application||C:\Program Files (x86)\Malwarebytes' Anti-Malware\||427KB (437,584 bytes)||||2010/10/29 18:15:40||2010/04/29 15:39:32||2010/10/29 18:15:40||0||1||0||0||0||0||Malwarebytes' Anti-Malware||Malwarebytes' Anti-Malware||© Malwarebytes Corporation. All rights reserved.||5f0388038e7355982fe50b039d10315c||
IObit Security 360[:]C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe<||||>is360tray.exe||1.4.5.107||1.4.5.0||Application||C:\Program Files (x86)\IObit\IObit Security 360\||1.22MB (1,280,344 bytes)||||2010/10/30 17:00:36||2010/06/11 18:14:24||2010/10/30 17:00:36||0||1||0||0||0||0||IObit Security 360||IObit Security 360||||4126904e21735ef4c7fffe01ed795872||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce[:]
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run[:]
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce[:]
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run[:]
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce[:]
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Command Processor[:]
CompletionChar[:]9
DefaultColor[:]0
EnableExtensions[:]1
PathCompletionChar[:]9
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Command Processor[:]
CompletionChar[:]9
DefaultColor[:]0
EnableExtensions[:]1
PathCompletionChar[:]9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad[:]
WebCheck[:]{E6FB5E20-DE35-11CF-9C87-00AA005127ED}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main[:]
Start Page[:]http://go.microsoft.com/fwlink/?LinkId=69157
{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}
[:]IEVkbdBHO Class
AppID[:]{A64D6457-AC29-41D2-937F-F09DE8569F93}
[:]C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll<||||>ievkbd.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||66.7KB (68,280 bytes)||||2010/07/01 21:35:08||2010/07/01 21:35:08||2010/10/29 17:08:07||0||1||0||0||0||0||Kaspersky Anti-Virus||IE Virtual Keyboard||© 1997-2010 Kaspersky Lab ZAO.||cc3ea6117d430710b501b5950394f077||
ThreadingModel[:]Apartment
{5C255C8A-E604-49b4-9D64-90988571CECB}
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}
[:]Search Helper
[:]C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll<||||>SearchHelper.dll||1.2.118.0||1.2.118.0||Application extension||C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\||90.3KB (92,504 bytes)||||2008/12/04 17:59:06||2008/12/04 17:59:06||2010/08/11 20:21:31||0||1||0||0||0||0||Microsoft Search Helper Extention||Microsoft Search Helper Extention||Copyright © 1995-2006 Microsoft Corp.||c5700cd3293e88be85c73eccce772e9e||
ThreadingModel[:]Apartment
{9030D464-4C02-4ABF-8ECC-5164760863C6}
[:]Windows Live Sign-in Helper
AppID[:]{062C56BD-B2FF-4405-88D9-93154F27D785}
[:]C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll<||||>WindowsLiveLogin.dll||5.000.818.6||5.000.818.6||Application extension||C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\||399KB (408,440 bytes)||||2009/02/17 16:11:04||2009/02/17 16:11:04||2010/10/29 16:15:09||0||1||0||0||0||0||Microsoft® Windows Live Login Helper||WindowsLiveLogin.dll||Copyright © 1995-2006 Microsoft Corporation.||1a82c1b9bb43385695efc3a84f6756a2||
ThreadingModel[:]Apartment
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}
{E33CF602-D945-461A-83F0-819F76A199F8}
[:]FilterBHO Class
[:]C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll<||||>klwtbbho.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||187KB (191,160 bytes)||||2010/07/01 21:35:14||2010/07/01 21:35:14||2010/10/29 17:08:14||0||1||0||0||0||0||Kaspersky Anti-Virus||WebToolBar component||© 1997-2010 Kaspersky Lab ZAO.||b028e719312d1a6106dbef76fa81d965||
ThreadingModel[:]Apartment
{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE}
[:]Toolbar BHO
[:]C:\Program Files (x86)\IObitBar\toolbar\1.bin\i0bar.dll
ThreadingModel[:]Apartment
DeviceClass[:]NET
DeviceName[:]Microsoft ISATAP Adapter
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]Microsoft ISATAP Adapter #2
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]NET
DeviceName[:]Microsoft ISATAP Adapter
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]NET
DeviceName[:]Intel(R) Centrino(R) WiMAX 6250
DriverDate[:]20100516000000.******+***
DriverProviderName[:]Intel Corporation
DriverVersion[:]5.30.1005.3
FriendlyName[:]
IsSigned[:]True
Location[:]BaxterPeak Enumerator 0
Manufacturer[:]Intel Corporation
Status[:]
DeviceClass[:]WIMAX
DeviceName[:]Intel(R) Centrino(R) WiMAX Enumerator
DriverDate[:]20100516000000.******+***
DriverProviderName[:]Intel Corporation
DriverVersion[:]5.30.1005.3
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Intel Corporation
Status[:]
DeviceClass[:]WIDI
DeviceName[:]WDKMD
DriverDate[:]20100604000000.******+***
DriverProviderName[:]Intel Corporation
DriverVersion[:]1.2.17.0
FriendlyName[:]
IsSigned[:]False
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Volume Manager
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Microsoft Virtual Drive Enumerator Driver
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]UMBus Enumerator
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]UMBus Root Bus Enumerator
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Plug and Play Software Device Enumerator
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Terminal Server Mouse Driver
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Terminal Server Keyboard Driver
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]NET
DeviceName[:]WAN Miniport (SSTP)
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]NET
DeviceName[:]WAN Miniport (PPTP)
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]NET
DeviceName[:]WAN Miniport (PPPOE)
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]NET
DeviceName[:]WAN Miniport (IPv6)
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]NET
DeviceName[:]WAN Miniport (IP)
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]NET
DeviceName[:]WAN Miniport (Network Monitor)
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]NET
DeviceName[:]WAN Miniport (L2TP)
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]NET
DeviceName[:]WAN Miniport (IKEv2)
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Microsoft System Management BIOS Driver
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]User Mode Driver Frameworks Platform Driver
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Windows Socket 2.0 Non-IFS Service Provider Support Environment
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]WFP Lightweight Filter
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Kernel Mode Driver Frameworks service
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Remote Access IPv6 ARP Driver
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Virtual WiFi Filter Driver
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Storage volumes
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Dynamic Volume Manager
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]VgaSave
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Turbo Boost UI Monitor driver
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]NetIO Legacy TDI Support Driver
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]TCP/IP Registry Compatibility
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]TCP/IP Protocol Driver
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Security Processor Loader Driver
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Security Driver
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]SASKUTIL
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]SASDIFSV
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Link-Layer Topology Discovery Responder
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Reliable Multicast Protocol
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Reflector Display Driver used to gain access to graphics data
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]RDP Encoder Mirror Driver
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]RDPCDD
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]QoS Packet Scheduler
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]PEAUTH
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Performance Counters for Windows Driver
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]pciide
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Null
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]NSI proxy service driver.
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]NETBT
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]NDProxy
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]NDIS Usermode I/O Protocol
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]NDIS System Driver
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]NativeWiFi Filter
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]msisadrv
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]msahci
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Message Queuing Access Control
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Windows Firewall Authorization Driver
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Mount Point Manager
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Link-Layer Topology Discovery Mapper I/O Driver
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]KSecPkg
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]KSecDD
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Kaspersky Anti-Virus NDIS 6 Filter
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]kl2
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]kl1
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Hardware Policy Driver
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]HTTP
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Bitlocker Drive Encryption Filter Driver
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]LDDM Graphics Subsystem
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]System Attribute Cache
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]CNG
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Common Log (CLFS)
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Beep
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]IDE Channel
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]ASMMAP64
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]LEGACYDRIVER
DeviceName[:]Ancillary Function Driver for Winsock
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]
Manufacturer[:]
Status[:]
DeviceClass[:]BATTERY
DeviceName[:]Microsoft Composite Battery
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Composite Bus Enumerator
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]File as Volume Driver
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]ACPI Fixed Feature Button
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Motherboard resources
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]ACPI Sleep Button
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]ACPI Lid
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]ACPI Thermal Zone
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]ATK0100 ACPI UTILITY
DriverDate[:]20090513000000.******+***
DriverProviderName[:]ASUS
DriverVersion[:]1043.2.15.75
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]ASUS
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Reserved - 2D13
DriverDate[:]20091028000000.******+***
DriverProviderName[:]Intel
DriverVersion[:]9.1.1.1022
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 255, device 2, function 3
Manufacturer[:]Intel
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Reserved - 2D12
DriverDate[:]20091028000000.******+***
DriverProviderName[:]Intel
DriverVersion[:]9.1.1.1022
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 255, device 2, function 2
Manufacturer[:]Intel
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]QPI Physical 0 - 2D11
DriverDate[:]20091028000000.******+***
DriverProviderName[:]Intel
DriverVersion[:]9.1.1.1022
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 255, device 2, function 1
Manufacturer[:]Intel
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]QPI Link 0 - 2D10
DriverDate[:]20091028000000.******+***
DriverProviderName[:]Intel
DriverVersion[:]9.1.1.1022
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 255, device 2, function 0
Manufacturer[:]Intel
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]QuickPath Architecture System Address Decoder - 2D01
DriverDate[:]20091028000000.******+***
DriverProviderName[:]Intel
DriverVersion[:]9.1.1.1022
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 255, device 0, function 1
Manufacturer[:]Intel
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]QuickPath Architecture Generic Non-core Registers - 2C62
DriverDate[:]20091028000000.******+***
DriverProviderName[:]Intel
DriverVersion[:]9.1.1.1022
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 255, device 0, function 0
Manufacturer[:]Intel
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]PCI bus
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]PROCESSOR
DeviceName[:]Intel Processor
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
IsSigned[:]True
Location[:]
Manufacturer[:]Intel
Status[:]
DeviceClass[:]PROCESSOR
DeviceName[:]Intel Processor
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
IsSigned[:]True
Location[:]
Manufacturer[:]Intel
Status[:]
DeviceClass[:]PROCESSOR
DeviceName[:]Intel Processor
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
IsSigned[:]True
Location[:]
Manufacturer[:]Intel
Status[:]
DeviceClass[:]PROCESSOR
DeviceName[:]Intel Processor
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
IsSigned[:]True
Location[:]
Manufacturer[:]Intel
Status[:]
DeviceClass[:]BATTERY
DeviceName[:]Microsoft ACPI-Compliant Control Method Battery
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]BATTERY
DeviceName[:]Microsoft AC Adapter
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Motherboard resources
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Intel(R) Turbo Boost Technology Driver
DriverDate[:]20100226000000.******+***
DriverProviderName[:]Intel
DriverVersion[:]1.2.0.1002
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 0, device 31, function 6
Manufacturer[:]Intel
Status[:]
DeviceClass[:]CDROM
DeviceName[:]CD-ROM Drive
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]MATSHITA DVD-RAM UJ890AS
IsSigned[:]True
Location[:]1
Manufacturer[:](Standard CD-ROM drives)
Status[:]
DeviceClass[:]DISKDRIVE
DeviceName[:]Disk drive
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]ST9640320AS
IsSigned[:]True
Location[:]0
Manufacturer[:](Standard disk drives)
Status[:]
DeviceClass[:]HDC
DeviceName[:]Intel(R) PCHM SATA AHCI Controller 4 Port
DriverDate[:]20090807000000.******+***
DriverProviderName[:]Intel
DriverVersion[:]8.9.2.1002
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 0, device 31, function 2
Manufacturer[:]Intel
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Microsoft ACPI-Compliant Embedded Controller
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]KEYBOARD
DeviceName[:]Keyboard Device Filter
DriverDate[:]20090720000000.******+***
DriverProviderName[:]ATK
DriverVersion[:]1.0.0.3
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Keyboard Device Filter
Status[:]
DeviceClass[:]MOUSE
DeviceName[:]ELAN PS/2 Port Smart-Pad
DriverDate[:]20100413000000.******+***
DriverProviderName[:]ELAN
DriverVersion[:]7.0.5.11
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]ELAN
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Motherboard resources
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]System timer
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]System CMOS/real time clock
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Motherboard resources
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Numeric data processor
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Programmable interrupt controller
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]High precision event timer
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Intel(R) 82802 Firmware Hub Device
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Intel
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Direct memory access controller
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Intel(R) HM55 Express Chipset LPC Interface Controller - 3B09
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 0, device 31, function 0
Manufacturer[:]Intel
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Intel(R) 82801 PCI Bridge - 2448
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 0, device 30, function 0
Manufacturer[:]Intel
Status[:]
DeviceClass[:]USB
DeviceName[:]Generic USB Hub
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]Port_#0001.Hub_#0002
Manufacturer[:](Generic USB Hub)
Status[:]
DeviceClass[:]USB
DeviceName[:]USB Root Hub
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard USB Host Controller)
Status[:]
DeviceClass[:]USB
DeviceName[:]Intel(R) 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B34
DriverDate[:]20090820000000.******+***
DriverProviderName[:]Intel
DriverVersion[:]9.1.1.1020
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 0, device 29, function 0
Manufacturer[:]Intel
Status[:]
DeviceClass[:]NET
DeviceName[:]Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
DriverDate[:]20100304000000.******+***
DriverProviderName[:]Atheros
DriverVersion[:]1.0.0.27
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 3, device 0, function 0
Manufacturer[:]Atheros
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Intel(R) 5 Series/3400 Series Chipset Family PCI Express Root Port 6 - 3B4C
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 0, device 28, function 5
Manufacturer[:]Intel
Status[:]
DeviceClass[:]NET
DeviceName[:]Microsoft Virtual WiFi Miniport Adapter
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]VWiFi Bus 0
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]NET
DeviceName[:]Microsoft Virtual WiFi Miniport Adapter
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]Microsoft Virtual WiFi Miniport Adapter #2
IsSigned[:]True
Location[:]VWiFi Bus 0
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]NET
DeviceName[:]Intel(R) Centrino(R) Advanced-N 6250 AGN
DriverDate[:]20100318000000.******+***
DriverProviderName[:]Intel
DriverVersion[:]13.2.0.30
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 2, device 0, function 0
Manufacturer[:]Intel Corporation
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Intel(R) 5 Series/3400 Series Chipset Family PCI Express Root Port 2 - 3B44
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 0, device 28, function 1
Manufacturer[:]Intel
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Intel(R) 5 Series/3400 Series Chipset Family PCI Express Root Port 1 - 3B42
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 0, device 28, function 0
Manufacturer[:]Intel
Status[:]
DeviceClass[:]MEDIA
DeviceName[:]Intel(R) Display Audio
DriverDate[:]20100203000000.******+***
DriverProviderName[:]Intel(R) Corporation
DriverVersion[:]6.12.0.3047
FriendlyName[:]
IsSigned[:]True
Location[:]Internal High Definition Audio Bus
Manufacturer[:]Intel(R) Corporation
Status[:]
DeviceClass[:]MEDIA
DeviceName[:]Realtek High Definition Audio
DriverDate[:]20100513000000.******+***
DriverProviderName[:]Realtek Semiconductor Corp.
DriverVersion[:]6.0.1.6110
FriendlyName[:]
IsSigned[:]True
Location[:]Internal High Definition Audio Bus
Manufacturer[:]Realtek
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]High Definition Audio Controller
DriverDate[:]20090713000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 0, device 27, function 0
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]IMAGE
DeviceName[:]USB 2.0 VGA UVC WebCam
DriverDate[:]20091022000000.******+***
DriverProviderName[:]Sonix
DriverVersion[:]61.5.200.280
FriendlyName[:]USB 2.0 VGA UVC WebCam
IsSigned[:]True
Location[:]0000.001a.0000.001.002.000.000.000.000
Manufacturer[:]Chicony, (Sonix260)
Status[:]
DeviceClass[:]USB
DeviceName[:]USB Composite Device
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]Port_#0002.Hub_#0003
Manufacturer[:](Standard USB Host Controller)
Status[:]
DeviceClass[:]WIMAX
DeviceName[:]Intel(R) Centrino(R) WiMAX 6250 Function Driver
DriverDate[:]20100516000000.******+***
DriverProviderName[:]Intel Corporation
DriverVersion[:]5.30.1005.3
FriendlyName[:]
IsSigned[:]True
Location[:]Port_#0001.Hub_#0003
Manufacturer[:]Intel Corporation
Status[:]
DeviceClass[:]USB
DeviceName[:]Generic USB Hub
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]Port_#0001.Hub_#0001
Manufacturer[:](Generic USB Hub)
Status[:]
DeviceClass[:]USB
DeviceName[:]USB Root Hub
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard USB Host Controller)
Status[:]
DeviceClass[:]USB
DeviceName[:]Intel(R) 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C
DriverDate[:]20090820000000.******+***
DriverProviderName[:]Intel
DriverVersion[:]9.1.1.1020
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 0, device 26, function 0
Manufacturer[:]Intel
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Intel(R) Management Engine Interface
DriverDate[:]
DriverProviderName[:]
DriverVersion[:]
FriendlyName[:]
IsSigned[:]
Location[:]PCI bus 0, device 22, function 0
Manufacturer[:]Intel
Status[:]
DeviceClass[:]MONITOR
DeviceName[:]Generic PnP Monitor
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard monitor types)
Status[:]
DeviceClass[:]DISPLAY
DeviceName[:]Intel(R) HD Graphics
DriverDate[:]20100825000000.******+***
DriverProviderName[:]Intel Corporation
DriverVersion[:]8.15.10.2202
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 0, device 2, function 0
Manufacturer[:]Intel Corporation
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Intel(R) processor DRAM Controller - 0044
DriverDate[:]20091028000000.******+***
DriverProviderName[:]Intel
DriverVersion[:]9.1.1.1022
FriendlyName[:]
IsSigned[:]True
Location[:]PCI bus 0, device 0, function 0
Manufacturer[:]Intel
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]PCI bus
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard system devices)
Status[:]
DeviceClass[:]SYSTEM
DeviceName[:]Microsoft ACPI-Compliant System
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]COMPUTER
DeviceName[:]ACPI x64-based PC
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:](Standard computers)
Status[:]
DeviceClass[:]NET
DeviceName[:]Microsoft Teredo Tunneling Adapter
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]Teredo Tunneling Pseudo-Interface
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]NET
DeviceName[:]Microsoft 6to4 Adapter
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]Microsoft 6to4 Adapter #2
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
DeviceClass[:]NET
DeviceName[:]Microsoft 6to4 Adapter
DriverDate[:]20060621000000.******+***
DriverProviderName[:]Microsoft
DriverVersion[:]6.1.7600.16385
FriendlyName[:]
IsSigned[:]True
Location[:]
Manufacturer[:]Microsoft
Status[:]
Name[:]ADMIN$
Path[:]C:\Windows
Description[:]Remote Admin
AllowMaximum[:]True
Status[:]OK
Name[:]C$
Path[:]C:\
Description[:]Default share
AllowMaximum[:]True
Status[:]OK
Name[:]IPC$
Path[:]
Description[:]Remote IPC
AllowMaximum[:]True
Status[:]OK
TCP<||||><||||>0.0.0.0<||||>7<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>9<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>13<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>17<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>19<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>80<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>135<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>445<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>515<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>1110<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>2103<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>2105<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>2107<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>10065<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>38191<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>49152<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>49153<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>49154<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>49155<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>49156<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>49182<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>0.0.0.0<||||>49189<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>24.100.107.20<||||>139<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>24.100.107.20<||||>50817<||||>209.85.225.100<||||>80<||||>LAST_ACK
TCP<||||><||||>24.100.107.20<||||>50819<||||>209.85.225.100<||||>80<||||>LAST_ACK
TCP<||||><||||>24.100.107.20<||||>50821<||||>209.85.225.100<||||>80<||||>LAST_ACK
TCP<||||><||||>24.100.107.20<||||>50823<||||>209.85.225.100<||||>80<||||>LAST_ACK
TCP<||||><||||>24.100.107.20<||||>50825<||||>209.85.225.100<||||>80<||||>LAST_ACK
TCP<||||><||||>24.100.107.20<||||>50827<||||>209.85.225.100<||||>80<||||>LAST_ACK
TCP<||||><||||>24.100.107.20<||||>50829<||||>209.85.225.105<||||>80<||||>SYN_RCVD
TCP<||||><||||>24.100.107.20<||||>50833<||||>74.125.95.100<||||>80<||||>SYN_RCVD
TCP<||||><||||>24.100.107.20<||||>50845<||||>93.104.193.173<||||>80<||||>LAST_ACK
TCP<||||><||||>24.100.107.20<||||>50847<||||>209.85.225.138<||||>80<||||>SYN_RCVD
TCP<||||><||||>24.100.107.20<||||>50848<||||>38.113.165.77<||||>443<||||>LAST_ACK
TCP<||||><||||>24.100.107.20<||||>50850<||||>93.104.193.173<||||>80<||||>LAST_ACK
TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50810<||||>LAST_ACK
TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50812<||||>LAST_ACK
TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50813<||||>LAST_ACK
TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50828<||||>SYN_RCVD
TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50830<||||>LAST_ACK
TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50832<||||>SYN_RCVD
TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50834<||||>LAST_ACK
TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50836<||||>LAST_ACK
TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50838<||||>LAST_ACK
TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50840<||||>LAST_ACK
TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50842<||||>LAST_ACK
TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50846<||||>SYN_RCVD
TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50851<||||>LAST_ACK
TCP<||||><||||>127.0.0.1<||||>1801<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>127.0.0.1<||||>49262<||||>0.0.0.0<||||>0<||||>CLOSED
TCP<||||><||||>127.0.0.1<||||>49873<||||>127.0.0.1<||||>49874<||||>SYN_RCVD
TCP<||||><||||>127.0.0.1<||||>49874<||||>127.0.0.1<||||>49873<||||>SYN_RCVD
TCP<||||><||||>127.0.0.1<||||>49875<||||>127.0.0.1<||||>49876<||||>SYN_RCVD
TCP<||||><||||>127.0.0.1<||||>49876<||||>127.0.0.1<||||>49875<||||>SYN_RCVD
TCP<||||><||||>127.0.0.1<||||>50828<||||>127.0.0.1<||||>1110<||||>SYN_RCVD
TCP<||||><||||>127.0.0.1<||||>50832<||||>127.0.0.1<||||>1110<||||>SYN_RCVD
TCP<||||><||||>127.0.0.1<||||>50844<||||>127.0.0.1<||||>1110<||||>LAST_ACK
TCP<||||><||||>127.0.0.1<||||>50846<||||>127.0.0.1<||||>1110<||||>SYN_RCVD
TCP<||||><||||>127.0.0.1<||||>50849<||||>127.0.0.1<||||>1110<||||>LAST_ACK
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
Path[:]C:\Windows\downloaded program files\
Files[:]
Path[:]C:\Users\Kevin\AppData\Local\Temp\
Files[:]
Sub[:]VerifyColumn -> NetworkAdapterConfiguration
Error[:]13
Description[:]Type mismatch
Source[:]GetSystemInfo
HelpFile[:]
Sub[:]FindExecutableInFolder -> C:\Windows\Temp\(True)
Error[:]52
Description[:]Bad file name or number
Source[:]GetSystemInfo
HelpFile[:]
42edce6a57e5724a79a3d9500ebacec9