GetSystemInfo version 4.0.1.243: BuildNumber[:] InstallDate[:] Manufacturer[:]American Megatrends Inc. Name[:]BIOS Date: 10/30/09 15:13:23 Ver: 08.00.10 PrimaryBIOS[:]True ReleaseDate[:]20100721000000.000000+000 SerialNumber[:]A8N0AS22432533 SMBIOSBIOSVersion[:]U52F.208 SMBIOSMajorVersion[:]2 SMBIOSMinorVersion[:]6 SMBIOSPresent[:]True SoftwareElementID[:]BIOS Date: 10/30/09 15:13:23 Ver: 08.00.10 SoftwareElementState[:]3 Status[:]OK TargetOperatingSystem[:]0 version[:]_ASUS_ - 6222004 AddressWidth[:]64 Architecture[:]9 Availability[:]3 Caption[:]Intel64 Family 6 Model 37 Stepping 5 CpuStatus[:]1 CurrentClockSpeed[:]2534 CurrentVoltage[:]0 DataWidth[:]64 Description[:]Intel64 Family 6 Model 37 Stepping 5 DeviceID[:]CPU0 Family[:]191 LastErrorCode[:] Level[:]6 LoadPercentage[:]7 Manufacturer[:]GenuineIntel MaxClockSpeed[:]2534 Name[:]Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz NumberOfCores[:] NumberOfLogicalProcessors[:] ProcessorType[:]3 Role[:]CPU SocketDesignation[:]Socket 989 Status[:]OK StatusInfo[:]3 Stepping[:] SystemName[:]KEVIN-PC UpgradeMethod[:]1 version[:] VoltageCaps[:] BootDevice[:]\Device\HarddiskVolume2 BuildNumber[:]7600 BuildType[:]Multiprocessor Free Caption[:]Microsoft Windows 7 Home Premium CountryCode[:]1 CSDVersion[:] Description[:] FreePhysicalMemory[:]2367624 FreeSpaceInPagingFiles[:]3591860 FreeVirtualMemory[:]5783320 InstallDate[:]20101028190214.000000-300 LastBootUpTime[:]20101102014546.109999-300 LocalDateTime[:]20101102034602.015000-300 Manufacturer[:]Microsoft Corporation MUILanguages[:]en-US NumberOfProcesses[:]96 NumberOfUsers[:]2 OSArchitecture[:]64-bit OSLanguage[:]1033 ServicePackMajorVersion[:]0 ServicePackMinorVersion[:]0 SizeStoredInPagingFiles[:]3977776 SystemDevice[:]\Device\HarddiskVolume2 SystemDirectory[:]C:\Windows\system32 TotalVirtualMemorySize[:]7953652 TotalVisibleMemorySize[:]3977776 version[:]6.1.7600 WindowsDirectory[:]C:\Windows BootupState[:]Normal boot DNSHostName[:]Kevin-PC Domain[:]WORKGROUP DomainRole[:]0 Manufacturer[:]ASUSTeK Computer Inc. Model[:]U52F NetworkServerModeEnabled[:]True PartOfDomain[:]False PCSystemType[:]2 Status[:]OK SupportContactDescription[:] SystemType[:]x64-based PC UserName[:]Kevin-PC\Kevin Workgroup[:]WORKGROUP [][:]ComSpec => %SystemRoot%\system32\cmd.exe [][:]FP_NO_HOST_CHECK => NO [][:]OS => Windows_NT [][:]Path => %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [][:]PATHEXT => .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC [][:]PROCESSOR_ARCHITECTURE => AMD64 [][:]TEMP => %SystemRoot%\TEMP [][:]TMP => %SystemRoot%\TEMP [][:]USERNAME => SYSTEM [][:]windir => %SystemRoot% [][:]PSModulePath => %SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ [][:]NUMBER_OF_PROCESSORS => 4 [][:]PROCESSOR_LEVEL => 6 [][:]PROCESSOR_IDENTIFIER => Intel64 Family 6 Model 37 Stepping 5, GenuineIntel [][:]PROCESSOR_REVISION => 2505 [][:]configsetroot => %SystemRoot%\ConfigSetRoot [NT AUTHORITY\SYSTEM][:]TEMP => %USERPROFILE%\AppData\Local\Temp [NT AUTHORITY\SYSTEM][:]TMP => %USERPROFILE%\AppData\Local\Temp [Kevin-PC\Kevin][:]TEMP => %USERPROFILE%\AppData\Local\Temp [Kevin-PC\Kevin][:]TMP => %USERPROFILE%\AppData\Local\Temp Name[:]Microsoft XPS Document Writer Default[:]False HorizontalResolution[:]600 JobCountSinceLastReset[:]0 Local[:]True Network[:]False PortName[:]XPSPort: PrinterState[:]0 PrintProcessor[:]winprint Priority[:]1 Published[:]False Queued[:]False RawOnly[:]False ServerName[:] Shared[:]False ShareName[:] SpoolEnabled[:]True Status[:]Unknown VerticalResolution[:]600 WorkOffline[:]False Name[:]Lexmark 3500-4500 Series Default[:]True HorizontalResolution[:]600 JobCountSinceLastReset[:]0 Local[:]True Network[:]False PortName[:]USB001 PrinterState[:]0 PrintProcessor[:]Lexmark 3500-4500 Series Print Processor Priority[:]1 Published[:]False Queued[:]False RawOnly[:]False ServerName[:] Shared[:]False ShareName[:] SpoolEnabled[:]True Status[:]Unknown VerticalResolution[:]600 WorkOffline[:]True Name[:]Fax Default[:]False HorizontalResolution[:]200 JobCountSinceLastReset[:]0 Local[:]True Network[:]False PortName[:]SHRFAX: PrinterState[:]0 PrintProcessor[:]winprint Priority[:]1 Published[:]False Queued[:]False RawOnly[:]False ServerName[:] Shared[:]False ShareName[:] SpoolEnabled[:]True Status[:]Unknown VerticalResolution[:]200 WorkOffline[:]False AdapterCompatibility[:]Intel Corporation AdapterDACType[:]Internal AdapterRAM[:]1801740288 Availability[:]3 ConfigManagerErrorCode[:]0 ConfigManagerUserConfig[:]False CurrentBitsPerPixel[:]32 CurrentHorizontalResolution[:]1366 CurrentNumberOfColors[:]4294967296 CurrentRefreshRate[:]60 CurrentScanMode[:]4 CurrentVerticalResolution[:]768 DriverDate[:]20100825000000.000000-000 DriverVersion[:]8.15.10.2202 InfFilename[:]oem25.inf InfSection[:]iILKM0 InstalledDisplayDrivers[:]igdumd64.dll,igd10umd64.dll,igdumdx32,igd10umd32 MaxRefreshRate[:]60 MinRefreshRate[:]False Name[:]Intel(R) HD Graphics Status[:]OK VideoArchitecture[:]5 VideoMemoryType[:]2 VideoProcessor[:]Intel(R) HD Graphics (Core i5) ConfigManagerErrorCode[:]0 DeviceID[:]DesktopMonitor1 MonitorManufacturer[:](Standard monitor types) MonitorType[:]Generic PnP Monitor Name[:]Generic PnP Monitor PixelsPerXLogicalInch[:]96 ScreenHeight[:]768 ScreenWidth[:]1366 Status[:]OK ConfigManagerErrorCode[:]0 DeviceID[:]HDAUDIO\FUNC_01&VEN_10EC&DEV_0269&SUBSYS_10431283&REV_1001\4&10FD7A8D&0&0001 Manufacturer[:]Realtek Name[:]Realtek High Definition Audio ProductName[:]Realtek High Definition Audio Status[:]OK StatusInfo[:]3 ConfigManagerErrorCode[:]0 DeviceID[:]HDAUDIO\FUNC_01&VEN_8086&DEV_2804&SUBSYS_80860101&REV_1000\4&10FD7A8D&0&0301 Manufacturer[:]Intel(R) Corporation Name[:]Intel(R) Display Audio ProductName[:]Intel(R) Display Audio Status[:]OK StatusInfo[:]3 Category[:]0 CategoryString[:] EventCode[:]903 EventIdentifier[:]1073742727 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has stopped. RecordNumber[:]3454 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101102065332.000000-000 TimeWritten[:]20101102065332.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]902 EventIdentifier[:]1073742726 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has started. 6.1.7600.16385 RecordNumber[:]3450 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101102064832.000000-000 TimeWritten[:]20101102064832.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]3439 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101102064634.000000-000 TimeWritten[:]20101102064634.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]3432 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101102064620.000000-000 TimeWritten[:]20101102064620.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1 EventIdentifier[:]-2147483647 EventType[:]2 Logfile[:]Application Message[:]LMS Service cannot connect to Intel(R) MEI driver RecordNumber[:]3426 SourceName[:]LMS TimeGenerated[:]20101102064605.000000-000 TimeWritten[:]20101102064605.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]1530 EventIdentifier[:]1530 EventType[:]2 Logfile[:]Application Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000: Process 1372 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1372 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 RecordNumber[:]3420 SourceName[:]Microsoft-Windows-User Profiles Service TimeGenerated[:]20101102064356.812025-000 TimeWritten[:]20101102064356.812025-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]903 EventIdentifier[:]1073742727 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has stopped. RecordNumber[:]3417 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101102062500.000000-000 TimeWritten[:]20101102062500.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]902 EventIdentifier[:]1073742726 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has started. 6.1.7600.16385 RecordNumber[:]3414 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101102062000.000000-000 TimeWritten[:]20101102062000.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]3403 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101102061801.000000-000 TimeWritten[:]20101102061801.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]3394 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101102061743.000000-000 TimeWritten[:]20101102061743.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1 EventIdentifier[:]-2147483647 EventType[:]2 Logfile[:]Application Message[:]LMS Service cannot connect to Intel(R) MEI driver RecordNumber[:]3391 SourceName[:]LMS TimeGenerated[:]20101102061736.000000-000 TimeWritten[:]20101102061736.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]1530 EventIdentifier[:]1530 EventType[:]2 Logfile[:]Application Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 17 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000: Process 1312 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1312 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\trust Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\TrustedPeople Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Root Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\My Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\CA Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\SmartCardRoot Process 1828 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Disallowed RecordNumber[:]3384 SourceName[:]Microsoft-Windows-User Profiles Service TimeGenerated[:]20101102061506.433805-000 TimeWritten[:]20101102061506.433805-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]100 CategoryString[:]Application Crashing Events EventCode[:]1000 EventIdentifier[:]1000 EventType[:]1 Logfile[:]Application Message[:]Faulting application name: lxdicoms.exe, version: 1.0.27.0, time stamp: 0x464c71be Faulting module name: lxdicoms.exe, version: 1.0.27.0, time stamp: 0x464c71be Exception code: 0xc0000005 Fault offset: 0x000000000002cf3c Faulting process id: 0x1764 Faulting application start time: 0x01cb7a335aeec1ae Faulting application path: C:\Windows\system32\lxdicoms.exe Faulting module path: C:\Windows\system32\lxdicoms.exe Report Id: cdc2dbc6-e626-11df-bde2-20cf30356afa RecordNumber[:]3349 SourceName[:]Application Error TimeGenerated[:]20101102021338.000000-000 TimeWritten[:]20101102021338.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]903 EventIdentifier[:]1073742727 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has stopped. RecordNumber[:]3344 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101102020908.000000-000 TimeWritten[:]20101102020908.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]902 EventIdentifier[:]1073742726 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has started. 6.1.7600.16385 RecordNumber[:]3340 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101102020408.000000-000 TimeWritten[:]20101102020408.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]3324 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101102020203.000000-000 TimeWritten[:]20101102020203.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]3322 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101102020202.000000-000 TimeWritten[:]20101102020202.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1 EventIdentifier[:]-2147483647 EventType[:]2 Logfile[:]Application Message[:]LMS Service cannot connect to Intel(R) MEI driver RecordNumber[:]3316 SourceName[:]LMS TimeGenerated[:]20101102020141.000000-000 TimeWritten[:]20101102020141.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]6000 EventIdentifier[:]-2147477648 EventType[:]2 Logfile[:]Application Message[:]The winlogon notification subscriber was unavailable to handle a notification event. RecordNumber[:]3310 SourceName[:]Microsoft-Windows-Winlogon TimeGenerated[:]20101102015931.000000-000 TimeWritten[:]20101102015931.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]6000 EventIdentifier[:]-2147477648 EventType[:]2 Logfile[:]Application Message[:]The winlogon notification subscriber was unavailable to handle a notification event. RecordNumber[:]3307 SourceName[:]Microsoft-Windows-Winlogon TimeGenerated[:]20101102015930.000000-000 TimeWritten[:]20101102015930.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]6000 EventIdentifier[:]-2147477648 EventType[:]2 Logfile[:]Application Message[:]The winlogon notification subscriber was unavailable to handle a notification event. RecordNumber[:]3299 SourceName[:]Microsoft-Windows-Winlogon TimeGenerated[:]20101102005404.000000-000 TimeWritten[:]20101102005404.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]3296 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101102005345.000000-000 TimeWritten[:]20101102005345.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]3294 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101102005344.000000-000 TimeWritten[:]20101102005344.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]6000 EventIdentifier[:]-2147477648 EventType[:]2 Logfile[:]Application Message[:]The winlogon notification subscriber was unavailable to handle a notification event. RecordNumber[:]3291 SourceName[:]Microsoft-Windows-Winlogon TimeGenerated[:]20101102005136.000000-000 TimeWritten[:]20101102005136.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]6000 EventIdentifier[:]-2147477648 EventType[:]2 Logfile[:]Application Message[:]The winlogon notification subscriber was unavailable to handle a notification event. RecordNumber[:]3288 SourceName[:]Microsoft-Windows-Winlogon TimeGenerated[:]20101102005135.000000-000 TimeWritten[:]20101102005135.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]1015 EventIdentifier[:]1015 EventType[:]2 Logfile[:]Application Message[:]Failed to connect to server. Error: 0x8007043C RecordNumber[:]3287 SourceName[:]MsiInstaller TimeGenerated[:]20101102004945.000000-000 TimeWritten[:]20101102004945.000000-000 Type[:]Warning User[:]Kevin-PC\Administrator Category[:]0 CategoryString[:] EventCode[:]6000 EventIdentifier[:]-2147477648 EventType[:]2 Logfile[:]Application Message[:]The winlogon notification subscriber was unavailable to handle a notification event. RecordNumber[:]3285 SourceName[:]Microsoft-Windows-Winlogon TimeGenerated[:]20101102004832.000000-000 TimeWritten[:]20101102004832.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]3282 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101102004823.000000-000 TimeWritten[:]20101102004823.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]3280 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101102004823.000000-000 TimeWritten[:]20101102004823.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]6000 EventIdentifier[:]-2147477648 EventType[:]2 Logfile[:]Application Message[:]The winlogon notification subscriber was unavailable to handle a notification event. RecordNumber[:]3277 SourceName[:]Microsoft-Windows-Winlogon TimeGenerated[:]20101102004625.000000-000 TimeWritten[:]20101102004625.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]6000 EventIdentifier[:]-2147477648 EventType[:]2 Logfile[:]Application Message[:]The winlogon notification subscriber was unavailable to handle a notification event. RecordNumber[:]3274 SourceName[:]Microsoft-Windows-Winlogon TimeGenerated[:]20101102004624.000000-000 TimeWritten[:]20101102004624.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]6000 EventIdentifier[:]-2147477648 EventType[:]2 Logfile[:]Application Message[:]The winlogon notification subscriber was unavailable to handle a notification event. RecordNumber[:]3272 SourceName[:]Microsoft-Windows-Winlogon TimeGenerated[:]20101102004213.000000-000 TimeWritten[:]20101102004213.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]3269 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101102004208.000000-000 TimeWritten[:]20101102004208.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]3267 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101102004208.000000-000 TimeWritten[:]20101102004208.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1530 EventIdentifier[:]1530 EventType[:]2 Logfile[:]Application Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 5 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-500: Process 1404 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500 Process 1404 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500 Process 1404 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500 Process 1404 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500\Software\Microsoft\Windows\CurrentVersion\Explorer Process 1404 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts RecordNumber[:]3264 SourceName[:]Microsoft-Windows-User Profiles Service TimeGenerated[:]20101102004016.606330-000 TimeWritten[:]20101102004016.606330-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]258 EventIdentifier[:]258 EventType[:]0 Logfile[:]Application Message[:]The disk defragmenter successfully completed boot optimization on OS (C:) RecordNumber[:]3258 SourceName[:]Microsoft-Windows-Defrag TimeGenerated[:]20101101212859.000000-000 TimeWritten[:]20101101212859.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]258 EventIdentifier[:]258 EventType[:]0 Logfile[:]Application Message[:]The disk defragmenter successfully completed defragmentation on OS (C:) RecordNumber[:]3257 SourceName[:]Microsoft-Windows-Defrag TimeGenerated[:]20101101204904.000000-000 TimeWritten[:]20101101204904.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]903 EventIdentifier[:]1073742727 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has stopped. RecordNumber[:]3255 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101101204444.000000-000 TimeWritten[:]20101101204444.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]8208 EventIdentifier[:]-1073733616 EventType[:]1 Logfile[:]Application Message[:]Acquisition of genuine ticket failed (hr=0x80072EE7) for template Id 66c92734-d682-4d71-983e-d6ec3f16059f RecordNumber[:]3251 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101101203944.000000-000 TimeWritten[:]20101101203944.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]8200 EventIdentifier[:]-1073733624 EventType[:]1 Logfile[:]Application Message[:]License acquisition failure details. hr=0x80072EE7 RecordNumber[:]3250 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101101203944.000000-000 TimeWritten[:]20101101203944.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]59 EventIdentifier[:]-1056899013 EventType[:]1 Logfile[:]Application Message[:]Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll" on line 2. Invalid Xml syntax. RecordNumber[:]3249 SourceName[:]SideBySide TimeGenerated[:]20101101203935.000000-000 TimeWritten[:]20101101203935.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]902 EventIdentifier[:]1073742726 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has started. 6.1.7600.16385 RecordNumber[:]3246 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101101203852.000000-000 TimeWritten[:]20101101203852.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]258 EventIdentifier[:]258 EventType[:]0 Logfile[:]Application Message[:]The disk defragmenter successfully completed defragmentation on OS (C:) RecordNumber[:]3239 SourceName[:]Microsoft-Windows-Defrag TimeGenerated[:]20101101200952.000000-000 TimeWritten[:]20101101200952.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]903 EventIdentifier[:]1073742727 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has stopped. RecordNumber[:]3238 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101101195557.000000-000 TimeWritten[:]20101101195557.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]258 EventIdentifier[:]258 EventType[:]0 Logfile[:]Application Message[:]The disk defragmenter successfully completed analysis on OS (C:) RecordNumber[:]3236 SourceName[:]Microsoft-Windows-Defrag TimeGenerated[:]20101101195430.000000-000 TimeWritten[:]20101101195430.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]902 EventIdentifier[:]1073742726 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has started. 6.1.7600.16385 RecordNumber[:]3234 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101101195056.000000-000 TimeWritten[:]20101101195056.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]2019 EventIdentifier[:]-1073739805 EventType[:]1 Logfile[:]Application Message[:]SNMP Event Log Extension Agent did not initialize correctly. RecordNumber[:]3219 SourceName[:]EvntAgnt TimeGenerated[:]20101101194852.000000-000 TimeWritten[:]20101101194852.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1020 EventIdentifier[:]-1073740804 EventType[:]1 Logfile[:]Application Message[:]Error processing registry parameters. Extension agent terminating. RecordNumber[:]3218 SourceName[:]EvntAgnt TimeGenerated[:]20101101194852.000000-000 TimeWritten[:]20101101194852.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]2019 EventIdentifier[:]-1073739805 EventType[:]1 Logfile[:]Application Message[:]SNMP Event Log Extension Agent did not initialize correctly. RecordNumber[:]3217 SourceName[:]EvntAgnt TimeGenerated[:]20101101194852.000000-000 TimeWritten[:]20101101194852.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]3001 EventIdentifier[:]-2147480647 EventType[:]2 Logfile[:]Application Message[:]Log file not positioned at end. RecordNumber[:]3216 SourceName[:]EvntAgnt TimeGenerated[:]20101101194852.000000-000 TimeWritten[:]20101101194852.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]3001 EventIdentifier[:]-2147480647 EventType[:]2 Logfile[:]Application Message[:]Log file not positioned at end. RecordNumber[:]3215 SourceName[:]EvntAgnt TimeGenerated[:]20101101194852.000000-000 TimeWritten[:]20101101194852.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]3006 EventIdentifier[:]-2147480642 EventType[:]2 Logfile[:]Application Message[:]Error reading log event record. Handle specified is 22675496. Return code from ReadEventLog is 122. RecordNumber[:]3214 SourceName[:]EvntAgnt TimeGenerated[:]20101101194852.000000-000 TimeWritten[:]20101101194852.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]3211 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101101194850.000000-000 TimeWritten[:]20101101194850.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]3205 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101101194849.000000-000 TimeWritten[:]20101101194849.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1 EventIdentifier[:]-2147483647 EventType[:]2 Logfile[:]Application Message[:]LMS Service cannot connect to Intel(R) MEI driver RecordNumber[:]3202 SourceName[:]LMS TimeGenerated[:]20101101194849.000000-000 TimeWritten[:]20101101194849.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]1530 EventIdentifier[:]1530 EventType[:]2 Logfile[:]Application Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 18 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000: Process 1340 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1340 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\trust Process 756 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\TrustedPeople Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Root Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\My Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\CA Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\SmartCardRoot Process 1816 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Disallowed RecordNumber[:]3196 SourceName[:]Microsoft-Windows-User Profiles Service TimeGenerated[:]20101101194739.633550-000 TimeWritten[:]20101101194739.633550-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]903 EventIdentifier[:]1073742727 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has stopped. RecordNumber[:]3184 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101101183847.000000-000 TimeWritten[:]20101101183847.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]902 EventIdentifier[:]1073742726 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has started. 6.1.7600.16385 RecordNumber[:]3183 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101101183347.000000-000 TimeWritten[:]20101101183347.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]3165 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101101183104.000000-000 TimeWritten[:]20101101183104.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]3163 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101101183104.000000-000 TimeWritten[:]20101101183104.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1 EventIdentifier[:]-2147483647 EventType[:]2 Logfile[:]Application Message[:]LMS Service cannot connect to Intel(R) MEI driver RecordNumber[:]3159 SourceName[:]LMS TimeGenerated[:]20101101183044.000000-000 TimeWritten[:]20101101183044.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]3149 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101031000007.000000-000 TimeWritten[:]20101031000007.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]2019 EventIdentifier[:]-1073739805 EventType[:]1 Logfile[:]Application Message[:]SNMP Event Log Extension Agent did not initialize correctly. RecordNumber[:]3146 SourceName[:]EvntAgnt TimeGenerated[:]20101031000001.000000-000 TimeWritten[:]20101031000001.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1020 EventIdentifier[:]-1073740804 EventType[:]1 Logfile[:]Application Message[:]Error processing registry parameters. Extension agent terminating. RecordNumber[:]3145 SourceName[:]EvntAgnt TimeGenerated[:]20101031000001.000000-000 TimeWritten[:]20101031000001.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]2019 EventIdentifier[:]-1073739805 EventType[:]1 Logfile[:]Application Message[:]SNMP Event Log Extension Agent did not initialize correctly. RecordNumber[:]3144 SourceName[:]EvntAgnt TimeGenerated[:]20101031000001.000000-000 TimeWritten[:]20101031000001.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]3001 EventIdentifier[:]-2147480647 EventType[:]2 Logfile[:]Application Message[:]Log file not positioned at end. RecordNumber[:]3143 SourceName[:]EvntAgnt TimeGenerated[:]20101031000001.000000-000 TimeWritten[:]20101031000001.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]3001 EventIdentifier[:]-2147480647 EventType[:]2 Logfile[:]Application Message[:]Log file not positioned at end. RecordNumber[:]3142 SourceName[:]EvntAgnt TimeGenerated[:]20101031000001.000000-000 TimeWritten[:]20101031000001.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]3006 EventIdentifier[:]-2147480642 EventType[:]2 Logfile[:]Application Message[:]Error reading log event record. Handle specified is 24248360. Return code from ReadEventLog is 122. RecordNumber[:]3141 SourceName[:]EvntAgnt TimeGenerated[:]20101031000001.000000-000 TimeWritten[:]20101031000001.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]3139 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030235958.000000-000 TimeWritten[:]20101030235958.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1 EventIdentifier[:]-2147483647 EventType[:]2 Logfile[:]Application Message[:]LMS Service cannot connect to Intel(R) MEI driver RecordNumber[:]3135 SourceName[:]LMS TimeGenerated[:]20101030235940.000000-000 TimeWritten[:]20101030235940.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]1530 EventIdentifier[:]1530 EventType[:]2 Logfile[:]Application Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 20 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000: Process 1356 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1356 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1356 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\trust Process 1356 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\TrustedPeople Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Root Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\My Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\CA Process 1356 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\Windows\CurrentVersion\Explorer Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\SmartCardRoot Process 1836 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Disallowed RecordNumber[:]3130 SourceName[:]Microsoft-Windows-User Profiles Service TimeGenerated[:]20101030235853.988312-000 TimeWritten[:]20101030235853.988312-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]903 EventIdentifier[:]1073742727 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has stopped. RecordNumber[:]3126 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101030213737.000000-000 TimeWritten[:]20101030213737.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]902 EventIdentifier[:]1073742726 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has started. 6.1.7600.16385 RecordNumber[:]3124 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101030213237.000000-000 TimeWritten[:]20101030213237.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]3108 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030213019.000000-000 TimeWritten[:]20101030213019.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]3106 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030213019.000000-000 TimeWritten[:]20101030213019.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1 EventIdentifier[:]-2147483647 EventType[:]2 Logfile[:]Application Message[:]LMS Service cannot connect to Intel(R) MEI driver RecordNumber[:]3100 SourceName[:]LMS TimeGenerated[:]20101030212953.000000-000 TimeWritten[:]20101030212953.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]3089 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030121752.000000-000 TimeWritten[:]20101030121752.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]3087 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030121752.000000-000 TimeWritten[:]20101030121752.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1 EventIdentifier[:]-2147483647 EventType[:]2 Logfile[:]Application Message[:]LMS Service cannot connect to Intel(R) MEI driver RecordNumber[:]3083 SourceName[:]LMS TimeGenerated[:]20101030121731.000000-000 TimeWritten[:]20101030121731.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]1530 EventIdentifier[:]1530 EventType[:]2 Logfile[:]Application Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000: Process 1352 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1352 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 RecordNumber[:]3077 SourceName[:]Microsoft-Windows-User Profiles Service TimeGenerated[:]20101030121230.197185-000 TimeWritten[:]20101030121230.197185-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]902 EventIdentifier[:]1073742726 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has started. 6.1.7600.16385 RecordNumber[:]3066 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101030120755.000000-000 TimeWritten[:]20101030120755.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]3056 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030120548.000000-000 TimeWritten[:]20101030120548.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]3054 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030120548.000000-000 TimeWritten[:]20101030120548.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1 EventIdentifier[:]-2147483647 EventType[:]2 Logfile[:]Application Message[:]LMS Service cannot connect to Intel(R) MEI driver RecordNumber[:]3050 SourceName[:]LMS TimeGenerated[:]20101030120524.000000-000 TimeWritten[:]20101030120524.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]1530 EventIdentifier[:]1530 EventType[:]2 Logfile[:]Application Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000: Process 1372 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1372 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 RecordNumber[:]3044 SourceName[:]Microsoft-Windows-User Profiles Service TimeGenerated[:]20101030114910.408863-000 TimeWritten[:]20101030114910.408863-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]903 EventIdentifier[:]1073742727 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has stopped. RecordNumber[:]3041 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101030111240.000000-000 TimeWritten[:]20101030111240.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]902 EventIdentifier[:]1073742726 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has started. 6.1.7600.16385 RecordNumber[:]3040 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101030110740.000000-000 TimeWritten[:]20101030110740.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]3024 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030110528.000000-000 TimeWritten[:]20101030110528.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]3022 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030110527.000000-000 TimeWritten[:]20101030110527.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1 EventIdentifier[:]-2147483647 EventType[:]2 Logfile[:]Application Message[:]LMS Service cannot connect to Intel(R) MEI driver RecordNumber[:]3016 SourceName[:]LMS TimeGenerated[:]20101030110453.000000-000 TimeWritten[:]20101030110453.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]1530 EventIdentifier[:]1530 EventType[:]2 Logfile[:]Application Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000: Process 1348 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1348 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 RecordNumber[:]3009 SourceName[:]Microsoft-Windows-User Profiles Service TimeGenerated[:]20101030110408.278284-000 TimeWritten[:]20101030110408.278284-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]2999 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030110222.000000-000 TimeWritten[:]20101030110222.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]2992 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030110220.000000-000 TimeWritten[:]20101030110220.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1 EventIdentifier[:]-2147483647 EventType[:]2 Logfile[:]Application Message[:]LMS Service cannot connect to Intel(R) MEI driver RecordNumber[:]2988 SourceName[:]LMS TimeGenerated[:]20101030110151.000000-000 TimeWritten[:]20101030110151.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]1530 EventIdentifier[:]1530 EventType[:]2 Logfile[:]Application Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-500: Process 1348 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500 Process 1348 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500 RecordNumber[:]2982 SourceName[:]Microsoft-Windows-User Profiles Service TimeGenerated[:]20101030103512.522184-000 TimeWritten[:]20101030103512.522184-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]902 EventIdentifier[:]1073742726 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has started. 6.1.7600.16385 RecordNumber[:]2979 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101030103252.000000-000 TimeWritten[:]20101030103252.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]2960 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030103025.000000-000 TimeWritten[:]20101030103025.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]2957 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030103020.000000-000 TimeWritten[:]20101030103020.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1 EventIdentifier[:]-2147483647 EventType[:]2 Logfile[:]Application Message[:]LMS Service cannot connect to Intel(R) MEI driver RecordNumber[:]2953 SourceName[:]LMS TimeGenerated[:]20101030103005.000000-000 TimeWritten[:]20101030103005.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]1530 EventIdentifier[:]1530 EventType[:]2 Logfile[:]Application Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-500: Process 1384 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500 Process 1384 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-500 RecordNumber[:]2947 SourceName[:]Microsoft-Windows-User Profiles Service TimeGenerated[:]20101030102913.818736-000 TimeWritten[:]20101030102913.818736-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]63 EventIdentifier[:]-2147483585 EventType[:]2 Logfile[:]Application Message[:]A provider, WebAdministrationProvider, has been registered in the Windows Management Instrumentation namespace Root\WebAdministration to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. RecordNumber[:]2927 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030102700.000000-000 TimeWritten[:]20101030102700.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]63 EventIdentifier[:]-2147483585 EventType[:]2 Logfile[:]Application Message[:]A provider, WebAdministrationProvider, has been registered in the Windows Management Instrumentation namespace Root\WebAdministration to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. RecordNumber[:]2926 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030102700.000000-000 TimeWritten[:]20101030102700.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]63 EventIdentifier[:]-2147483585 EventType[:]2 Logfile[:]Application Message[:]A provider, WebAdministrationProvider, has been registered in the Windows Management Instrumentation namespace Root\WebAdministration to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. RecordNumber[:]2925 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030102700.000000-000 TimeWritten[:]20101030102700.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]902 EventIdentifier[:]1073742726 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has started. 6.1.7600.16385 RecordNumber[:]2923 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101030102511.000000-000 TimeWritten[:]20101030102511.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]2909 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030102254.000000-000 TimeWritten[:]20101030102254.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]2906 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030102247.000000-000 TimeWritten[:]20101030102247.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1 EventIdentifier[:]-2147483647 EventType[:]2 Logfile[:]Application Message[:]LMS Service cannot connect to Intel(R) MEI driver RecordNumber[:]2903 SourceName[:]LMS TimeGenerated[:]20101030102242.000000-000 TimeWritten[:]20101030102242.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]1530 EventIdentifier[:]1530 EventType[:]2 Logfile[:]Application Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000: Process 1428 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1428 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 RecordNumber[:]2897 SourceName[:]Microsoft-Windows-User Profiles Service TimeGenerated[:]20101030102151.876039-000 TimeWritten[:]20101030102151.876039-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]902 EventIdentifier[:]1073742726 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has started. 6.1.7600.16385 RecordNumber[:]2894 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101030102111.000000-000 TimeWritten[:]20101030102111.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]2019 EventIdentifier[:]-1073739805 EventType[:]1 Logfile[:]Application Message[:]SNMP Event Log Extension Agent did not initialize correctly. RecordNumber[:]2881 SourceName[:]EvntAgnt TimeGenerated[:]20101030101840.000000-000 TimeWritten[:]20101030101840.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1020 EventIdentifier[:]-1073740804 EventType[:]1 Logfile[:]Application Message[:]Error processing registry parameters. Extension agent terminating. RecordNumber[:]2880 SourceName[:]EvntAgnt TimeGenerated[:]20101030101840.000000-000 TimeWritten[:]20101030101840.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]2019 EventIdentifier[:]-1073739805 EventType[:]1 Logfile[:]Application Message[:]SNMP Event Log Extension Agent did not initialize correctly. RecordNumber[:]2879 SourceName[:]EvntAgnt TimeGenerated[:]20101030101840.000000-000 TimeWritten[:]20101030101840.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]3001 EventIdentifier[:]-2147480647 EventType[:]2 Logfile[:]Application Message[:]Log file not positioned at end. RecordNumber[:]2878 SourceName[:]EvntAgnt TimeGenerated[:]20101030101840.000000-000 TimeWritten[:]20101030101840.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]3001 EventIdentifier[:]-2147480647 EventType[:]2 Logfile[:]Application Message[:]Log file not positioned at end. RecordNumber[:]2877 SourceName[:]EvntAgnt TimeGenerated[:]20101030101840.000000-000 TimeWritten[:]20101030101840.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]3006 EventIdentifier[:]-2147480642 EventType[:]2 Logfile[:]Application Message[:]Error reading log event record. Handle specified is 25296920. Return code from ReadEventLog is 122. RecordNumber[:]2876 SourceName[:]EvntAgnt TimeGenerated[:]20101030101840.000000-000 TimeWritten[:]20101030101840.000000-000 Type[:]Warning User[:] Category[:]0 CategoryString[:] EventCode[:]5617 EventIdentifier[:]-1073736207 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service subsystems initialized successfully RecordNumber[:]2874 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030101833.000000-000 TimeWritten[:]20101030101833.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]5615 EventIdentifier[:]-1073736209 EventType[:]0 Logfile[:]Application Message[:]Windows Management Instrumentation Service started sucessfully RecordNumber[:]2873 SourceName[:]Microsoft-Windows-WMI TimeGenerated[:]20101030101833.000000-000 TimeWritten[:]20101030101833.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1 EventIdentifier[:]-2147483647 EventType[:]2 Logfile[:]Application Message[:]LMS Service cannot connect to Intel(R) MEI driver RecordNumber[:]2867 SourceName[:]LMS TimeGenerated[:]20101030101816.000000-000 TimeWritten[:]20101030101816.000000-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]13 EventIdentifier[:]13 EventType[:]1 Logfile[:]Application Message[:]Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070013, The media is write protected. ] RecordNumber[:]2861 SourceName[:]VSS TimeGenerated[:]20101030101726.000000-000 TimeWritten[:]20101030101726.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1530 EventIdentifier[:]1530 EventType[:]2 Logfile[:]Application Message[:]Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 22 user registry handles leaked from \Registry\User\S-1-5-21-3891854576-2668885147-1037204798-1000: Process 1352 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 1352 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000 Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\SystemCertificates Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\trust Process 1056 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\TrustedPeople Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Root Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\My Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\CA Process 1056 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings Process 1056 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings Process 1056 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies Process 1056 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\SmartCardRoot Process 4260 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\SystemCertificates\Disallowed RecordNumber[:]2860 SourceName[:]Microsoft-Windows-User Profiles Service TimeGenerated[:]20101030101716.418814-000 TimeWritten[:]20101030101716.418814-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]903 EventIdentifier[:]1073742727 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has stopped. RecordNumber[:]2857 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101030101422.000000-000 TimeWritten[:]20101030101422.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]902 EventIdentifier[:]1073742726 EventType[:]0 Logfile[:]Application Message[:]The Software Protection service has started. 6.1.7600.16385 RecordNumber[:]2855 SourceName[:]Microsoft-Windows-Security-SPP TimeGenerated[:]20101030100826.000000-000 TimeWritten[:]20101030100826.000000-000 Type[:]Information User[:] Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]12397 SourceName[:]SNMP TimeGenerated[:]20101102064619.000000-000 TimeWritten[:]20101102064619.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7000 EventIdentifier[:]-1073734824 EventType[:]1 Logfile[:]System Message[:]The lxdiCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. RecordNumber[:]12386 SourceName[:]Service Control Manager TimeGenerated[:]20101102064609.710439-000 TimeWritten[:]20101102064609.710439-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7009 EventIdentifier[:]-1073734815 EventType[:]1 Logfile[:]System Message[:]A timeout was reached (30000 milliseconds) while waiting for the lxdiCATSCustConnectService service to connect. RecordNumber[:]12385 SourceName[:]Service Control Manager TimeGenerated[:]20101102064609.710439-000 TimeWritten[:]20101102064609.710439-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]12384 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101102064607.978836-000 TimeWritten[:]20101102064607.978836-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]12333 SourceName[:]volmgr TimeGenerated[:]20101102064555.735216-000 TimeWritten[:]20101102064555.735216-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]12324 SourceName[:]volmgr TimeGenerated[:]20101102064550.680807-000 TimeWritten[:]20101102064550.680807-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]4001 EventIdentifier[:]4001 EventType[:]2 Logfile[:]System Message[:]WLAN AutoConfig service has successfully stopped. RecordNumber[:]12320 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101102064443.627708-000 TimeWritten[:]20101102064443.627708-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]10003 EventIdentifier[:]10003 EventType[:]1 Logfile[:]System Message[:]WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll RecordNumber[:]12319 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101102064443.612108-000 TimeWritten[:]20101102064443.612108-000 Type[:]Error User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]7034 EventIdentifier[:]-1073734790 EventType[:]1 Logfile[:]System Message[:]The ASLDR Service service terminated unexpectedly. It has done this 1 time(s). RecordNumber[:]12262 SourceName[:]Service Control Manager TimeGenerated[:]20101102064337.991192-000 TimeWritten[:]20101102064337.991192-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]12190 SourceName[:]SNMP TimeGenerated[:]20101102061742.000000-000 TimeWritten[:]20101102061742.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7000 EventIdentifier[:]-1073734824 EventType[:]1 Logfile[:]System Message[:]The lxdiCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. RecordNumber[:]12180 SourceName[:]Service Control Manager TimeGenerated[:]20101102061735.426847-000 TimeWritten[:]20101102061735.426847-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7009 EventIdentifier[:]-1073734815 EventType[:]1 Logfile[:]System Message[:]A timeout was reached (30000 milliseconds) while waiting for the lxdiCATSCustConnectService service to connect. RecordNumber[:]12179 SourceName[:]Service Control Manager TimeGenerated[:]20101102061735.426847-000 TimeWritten[:]20101102061735.426847-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]12129 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101102061730.199638-000 TimeWritten[:]20101102061730.199638-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]12128 SourceName[:]volmgr TimeGenerated[:]20101102061717.969216-000 TimeWritten[:]20101102061717.969216-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]12119 SourceName[:]volmgr TimeGenerated[:]20101102061713.164408-000 TimeWritten[:]20101102061713.164408-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]4001 EventIdentifier[:]4001 EventType[:]2 Logfile[:]System Message[:]WLAN AutoConfig service has successfully stopped. RecordNumber[:]12115 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101102061602.999504-000 TimeWritten[:]20101102061602.999504-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]10003 EventIdentifier[:]10003 EventType[:]1 Logfile[:]System Message[:]WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll RecordNumber[:]12114 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101102061602.999504-000 TimeWritten[:]20101102061602.999504-000 Type[:]Error User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]7034 EventIdentifier[:]-1073734790 EventType[:]1 Logfile[:]System Message[:]The ASLDR Service service terminated unexpectedly. It has done this 1 time(s). RecordNumber[:]12058 SourceName[:]Service Control Manager TimeGenerated[:]20101102061437.452953-000 TimeWritten[:]20101102061437.452953-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1014 EventIdentifier[:]1014 EventType[:]2 Logfile[:]System Message[:]Name resolution for the name www.doctus.net timed out after none of the configured DNS servers responded. RecordNumber[:]12002 SourceName[:]Microsoft-Windows-DNS-Client TimeGenerated[:]20101102024952.304529-000 TimeWritten[:]20101102024952.304529-000 Type[:]Warning User[:]NT AUTHORITY\NETWORK SERVICE Category[:]0 CategoryString[:] EventCode[:]7034 EventIdentifier[:]-1073734790 EventType[:]1 Logfile[:]System Message[:]The lxdi_device service terminated unexpectedly. It has done this 1 time(s). RecordNumber[:]11979 SourceName[:]Service Control Manager TimeGenerated[:]20101102021340.364027-000 TimeWritten[:]20101102021340.364027-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7030 EventIdentifier[:]-1073734794 EventType[:]1 Logfile[:]System Message[:]The lxdi_device service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. RecordNumber[:]11968 SourceName[:]Service Control Manager TimeGenerated[:]20101102021209.719843-000 TimeWritten[:]20101102021209.719843-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]11899 SourceName[:]SNMP TimeGenerated[:]20101102020202.000000-000 TimeWritten[:]20101102020202.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]11892 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101102020145.203638-000 TimeWritten[:]20101102020145.203638-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]11840 SourceName[:]volmgr TimeGenerated[:]20101102020134.324820-000 TimeWritten[:]20101102020134.324820-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]11831 SourceName[:]volmgr TimeGenerated[:]20101102020126.961607-000 TimeWritten[:]20101102020126.961607-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]4001 EventIdentifier[:]4001 EventType[:]2 Logfile[:]System Message[:]WLAN AutoConfig service has successfully stopped. RecordNumber[:]11823 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101102015940.669380-000 TimeWritten[:]20101102015940.669380-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11789 SourceName[:]Service Control Manager TimeGenerated[:]20101102011429.135017-000 TimeWritten[:]20101102011429.135017-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11787 SourceName[:]Service Control Manager TimeGenerated[:]20101102011429.135017-000 TimeWritten[:]20101102011429.135017-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11785 SourceName[:]Service Control Manager TimeGenerated[:]20101102011429.135017-000 TimeWritten[:]20101102011429.135017-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11784 SourceName[:]Service Control Manager TimeGenerated[:]20101102011049.127831-000 TimeWritten[:]20101102011049.127831-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11783 SourceName[:]Service Control Manager TimeGenerated[:]20101102011049.127831-000 TimeWritten[:]20101102011049.127831-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11782 SourceName[:]Service Control Manager TimeGenerated[:]20101102011049.127831-000 TimeWritten[:]20101102011049.127831-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11779 SourceName[:]Service Control Manager TimeGenerated[:]20101102005413.128481-000 TimeWritten[:]20101102005413.128481-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11778 SourceName[:]Service Control Manager TimeGenerated[:]20101102005413.128481-000 TimeWritten[:]20101102005413.128481-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11777 SourceName[:]Service Control Manager TimeGenerated[:]20101102005413.128481-000 TimeWritten[:]20101102005413.128481-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]10005 EventIdentifier[:]-1073731819 EventType[:]1 Logfile[:]System Message[:]DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} RecordNumber[:]11774 SourceName[:]Microsoft-Windows-DistributedCOM TimeGenerated[:]20101102005411.000000-000 TimeWritten[:]20101102005411.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]10005 EventIdentifier[:]-1073731819 EventType[:]1 Logfile[:]System Message[:]DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} RecordNumber[:]11773 SourceName[:]Microsoft-Windows-DistributedCOM TimeGenerated[:]20101102005411.000000-000 TimeWritten[:]20101102005411.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]10005 EventIdentifier[:]-1073731819 EventType[:]1 Logfile[:]System Message[:]DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} RecordNumber[:]11772 SourceName[:]Microsoft-Windows-DistributedCOM TimeGenerated[:]20101102005410.000000-000 TimeWritten[:]20101102005410.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]10005 EventIdentifier[:]-1073731819 EventType[:]1 Logfile[:]System Message[:]DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} RecordNumber[:]11771 SourceName[:]Microsoft-Windows-DistributedCOM TimeGenerated[:]20101102005405.000000-000 TimeWritten[:]20101102005405.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]10000 EventIdentifier[:]10000 EventType[:]1 Logfile[:]System Message[:]WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21 RecordNumber[:]11769 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101102005401.506461-000 TimeWritten[:]20101102005401.506461-000 Type[:]Error User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]11768 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101102005347.669237-000 TimeWritten[:]20101102005347.669237-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11766 SourceName[:]Service Control Manager TimeGenerated[:]20101102005345.329233-000 TimeWritten[:]20101102005345.329233-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11765 SourceName[:]Service Control Manager TimeGenerated[:]20101102005345.329233-000 TimeWritten[:]20101102005345.329233-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11764 SourceName[:]Service Control Manager TimeGenerated[:]20101102005345.329233-000 TimeWritten[:]20101102005345.329233-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11763 SourceName[:]Service Control Manager TimeGenerated[:]20101102005345.313633-000 TimeWritten[:]20101102005345.313633-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11762 SourceName[:]Service Control Manager TimeGenerated[:]20101102005345.313633-000 TimeWritten[:]20101102005345.313633-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11761 SourceName[:]Service Control Manager TimeGenerated[:]20101102005345.313633-000 TimeWritten[:]20101102005345.313633-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7026 EventIdentifier[:]-1073734798 EventType[:]1 Logfile[:]System Message[:]The following boot-start or system-start driver(s) failed to load: discache KLIF SASDIFSV SASKUTIL spldr Wanarpv6 RecordNumber[:]11760 SourceName[:]Service Control Manager TimeGenerated[:]20101102005345.298033-000 TimeWritten[:]20101102005345.298033-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Net.Msmq Listener Adapter service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11754 SourceName[:]Service Control Manager TimeGenerated[:]20101102005343.972030-000 TimeWritten[:]20101102005343.972030-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Message Queuing Triggers service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11753 SourceName[:]Service Control Manager TimeGenerated[:]20101102005343.972030-000 TimeWritten[:]20101102005343.972030-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The LPD Service service depends on the Print Spooler service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11752 SourceName[:]Service Control Manager TimeGenerated[:]20101102005343.972030-000 TimeWritten[:]20101102005343.972030-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]11728 SourceName[:]volmgr TimeGenerated[:]20101102005337.139218-000 TimeWritten[:]20101102005337.139218-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]11725 SourceName[:]volmgr TimeGenerated[:]20101102005330.462407-000 TimeWritten[:]20101102005330.462407-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]4001 EventIdentifier[:]4001 EventType[:]2 Logfile[:]System Message[:]WLAN AutoConfig service has successfully stopped. RecordNumber[:]11718 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101102005137.097173-000 TimeWritten[:]20101102005137.097173-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11697 SourceName[:]Service Control Manager TimeGenerated[:]20101102005134.179968-000 TimeWritten[:]20101102005134.179968-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11696 SourceName[:]Service Control Manager TimeGenerated[:]20101102005134.179968-000 TimeWritten[:]20101102005134.179968-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11695 SourceName[:]Service Control Manager TimeGenerated[:]20101102005134.179968-000 TimeWritten[:]20101102005134.179968-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11692 SourceName[:]Service Control Manager TimeGenerated[:]20101102005120.139943-000 TimeWritten[:]20101102005120.139943-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11691 SourceName[:]Service Control Manager TimeGenerated[:]20101102005120.139943-000 TimeWritten[:]20101102005120.139943-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11690 SourceName[:]Service Control Manager TimeGenerated[:]20101102005120.139943-000 TimeWritten[:]20101102005120.139943-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]10005 EventIdentifier[:]-1073731819 EventType[:]1 Logfile[:]System Message[:]DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} RecordNumber[:]11687 SourceName[:]Microsoft-Windows-DistributedCOM TimeGenerated[:]20101102004945.000000-000 TimeWritten[:]20101102004945.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11686 SourceName[:]Service Control Manager TimeGenerated[:]20101102004840.380063-000 TimeWritten[:]20101102004840.380063-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11685 SourceName[:]Service Control Manager TimeGenerated[:]20101102004840.380063-000 TimeWritten[:]20101102004840.380063-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11684 SourceName[:]Service Control Manager TimeGenerated[:]20101102004840.380063-000 TimeWritten[:]20101102004840.380063-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]10000 EventIdentifier[:]10000 EventType[:]1 Logfile[:]System Message[:]WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21 RecordNumber[:]11683 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101102004840.130462-000 TimeWritten[:]20101102004840.130462-000 Type[:]Error User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]10005 EventIdentifier[:]-1073731819 EventType[:]1 Logfile[:]System Message[:]DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} RecordNumber[:]11680 SourceName[:]Microsoft-Windows-DistributedCOM TimeGenerated[:]20101102004839.000000-000 TimeWritten[:]20101102004839.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]10005 EventIdentifier[:]-1073731819 EventType[:]1 Logfile[:]System Message[:]DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} RecordNumber[:]11679 SourceName[:]Microsoft-Windows-DistributedCOM TimeGenerated[:]20101102004839.000000-000 TimeWritten[:]20101102004839.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]10005 EventIdentifier[:]-1073731819 EventType[:]1 Logfile[:]System Message[:]DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} RecordNumber[:]11678 SourceName[:]Microsoft-Windows-DistributedCOM TimeGenerated[:]20101102004838.000000-000 TimeWritten[:]20101102004838.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]10005 EventIdentifier[:]-1073731819 EventType[:]1 Logfile[:]System Message[:]DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} RecordNumber[:]11677 SourceName[:]Microsoft-Windows-DistributedCOM TimeGenerated[:]20101102004833.000000-000 TimeWritten[:]20101102004833.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]11675 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101102004826.308838-000 TimeWritten[:]20101102004826.308838-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11673 SourceName[:]Service Control Manager TimeGenerated[:]20101102004823.922034-000 TimeWritten[:]20101102004823.922034-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11672 SourceName[:]Service Control Manager TimeGenerated[:]20101102004823.922034-000 TimeWritten[:]20101102004823.922034-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11671 SourceName[:]Service Control Manager TimeGenerated[:]20101102004823.922034-000 TimeWritten[:]20101102004823.922034-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11670 SourceName[:]Service Control Manager TimeGenerated[:]20101102004823.922034-000 TimeWritten[:]20101102004823.922034-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11669 SourceName[:]Service Control Manager TimeGenerated[:]20101102004823.922034-000 TimeWritten[:]20101102004823.922034-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11668 SourceName[:]Service Control Manager TimeGenerated[:]20101102004823.922034-000 TimeWritten[:]20101102004823.922034-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7026 EventIdentifier[:]-1073734798 EventType[:]1 Logfile[:]System Message[:]The following boot-start or system-start driver(s) failed to load: discache KLIF SASDIFSV SASKUTIL spldr Wanarpv6 RecordNumber[:]11667 SourceName[:]Service Control Manager TimeGenerated[:]20101102004823.906434-000 TimeWritten[:]20101102004823.906434-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Net.Msmq Listener Adapter service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11661 SourceName[:]Service Control Manager TimeGenerated[:]20101102004822.549231-000 TimeWritten[:]20101102004822.549231-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Message Queuing Triggers service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11660 SourceName[:]Service Control Manager TimeGenerated[:]20101102004822.549231-000 TimeWritten[:]20101102004822.549231-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The LPD Service service depends on the Print Spooler service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11659 SourceName[:]Service Control Manager TimeGenerated[:]20101102004822.549231-000 TimeWritten[:]20101102004822.549231-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]11636 SourceName[:]volmgr TimeGenerated[:]20101102004815.841219-000 TimeWritten[:]20101102004815.841219-000 Type[:]Error User[:] Category[:]63 CategoryString[:] EventCode[:]41 EventIdentifier[:]41 EventType[:]1 Logfile[:]System Message[:]The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly. RecordNumber[:]11633 SourceName[:]Microsoft-Windows-Kernel-Power TimeGenerated[:]20101102004811.738412-000 TimeWritten[:]20101102004811.738412-000 Type[:]Critical User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]11631 SourceName[:]volmgr TimeGenerated[:]20101102004811.036411-000 TimeWritten[:]20101102004811.036411-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]4001 EventIdentifier[:]4001 EventType[:]2 Logfile[:]System Message[:]WLAN AutoConfig service has successfully stopped. RecordNumber[:]11624 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101102004626.119087-000 TimeWritten[:]20101102004626.119087-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11604 SourceName[:]Service Control Manager TimeGenerated[:]20101102004618.506274-000 TimeWritten[:]20101102004618.506274-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11603 SourceName[:]Service Control Manager TimeGenerated[:]20101102004618.506274-000 TimeWritten[:]20101102004618.506274-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11602 SourceName[:]Service Control Manager TimeGenerated[:]20101102004618.506274-000 TimeWritten[:]20101102004618.506274-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11598 SourceName[:]Service Control Manager TimeGenerated[:]20101102004244.504098-000 TimeWritten[:]20101102004244.504098-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11597 SourceName[:]Service Control Manager TimeGenerated[:]20101102004244.504098-000 TimeWritten[:]20101102004244.504098-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11596 SourceName[:]Service Control Manager TimeGenerated[:]20101102004244.504098-000 TimeWritten[:]20101102004244.504098-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]10000 EventIdentifier[:]10000 EventType[:]1 Logfile[:]System Message[:]WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21 RecordNumber[:]11595 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101102004225.144464-000 TimeWritten[:]20101102004225.144464-000 Type[:]Error User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11594 SourceName[:]Service Control Manager TimeGenerated[:]20101102004222.508059-000 TimeWritten[:]20101102004222.508059-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11593 SourceName[:]Service Control Manager TimeGenerated[:]20101102004222.508059-000 TimeWritten[:]20101102004222.508059-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11592 SourceName[:]Service Control Manager TimeGenerated[:]20101102004222.508059-000 TimeWritten[:]20101102004222.508059-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]10005 EventIdentifier[:]-1073731819 EventType[:]1 Logfile[:]System Message[:]DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} RecordNumber[:]11589 SourceName[:]Microsoft-Windows-DistributedCOM TimeGenerated[:]20101102004220.000000-000 TimeWritten[:]20101102004220.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]10005 EventIdentifier[:]-1073731819 EventType[:]1 Logfile[:]System Message[:]DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} RecordNumber[:]11588 SourceName[:]Microsoft-Windows-DistributedCOM TimeGenerated[:]20101102004220.000000-000 TimeWritten[:]20101102004220.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]10005 EventIdentifier[:]-1073731819 EventType[:]1 Logfile[:]System Message[:]DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} RecordNumber[:]11587 SourceName[:]Microsoft-Windows-DistributedCOM TimeGenerated[:]20101102004219.000000-000 TimeWritten[:]20101102004219.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]10005 EventIdentifier[:]-1073731819 EventType[:]1 Logfile[:]System Message[:]DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} RecordNumber[:]11585 SourceName[:]Microsoft-Windows-DistributedCOM TimeGenerated[:]20101102004214.000000-000 TimeWritten[:]20101102004214.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]11584 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101102004211.198039-000 TimeWritten[:]20101102004211.198039-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11582 SourceName[:]Service Control Manager TimeGenerated[:]20101102004209.279236-000 TimeWritten[:]20101102004209.279236-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11581 SourceName[:]Service Control Manager TimeGenerated[:]20101102004209.279236-000 TimeWritten[:]20101102004209.279236-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11580 SourceName[:]Service Control Manager TimeGenerated[:]20101102004209.279236-000 TimeWritten[:]20101102004209.279236-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11579 SourceName[:]Service Control Manager TimeGenerated[:]20101102004209.279236-000 TimeWritten[:]20101102004209.279236-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11578 SourceName[:]Service Control Manager TimeGenerated[:]20101102004209.279236-000 TimeWritten[:]20101102004209.279236-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11577 SourceName[:]Service Control Manager TimeGenerated[:]20101102004209.263636-000 TimeWritten[:]20101102004209.263636-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7026 EventIdentifier[:]-1073734798 EventType[:]1 Logfile[:]System Message[:]The following boot-start or system-start driver(s) failed to load: discache KLIF SASDIFSV SASKUTIL spldr Wanarpv6 RecordNumber[:]11576 SourceName[:]Service Control Manager TimeGenerated[:]20101102004209.263636-000 TimeWritten[:]20101102004209.263636-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Net.Msmq Listener Adapter service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11570 SourceName[:]Service Control Manager TimeGenerated[:]20101102004207.859634-000 TimeWritten[:]20101102004207.859634-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The Message Queuing Triggers service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11569 SourceName[:]Service Control Manager TimeGenerated[:]20101102004207.859634-000 TimeWritten[:]20101102004207.859634-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7001 EventIdentifier[:]-1073734823 EventType[:]1 Logfile[:]System Message[:]The LPD Service service depends on the Print Spooler service which failed to start because of the following error: The dependency service or group failed to start. RecordNumber[:]11568 SourceName[:]Service Control Manager TimeGenerated[:]20101102004207.859634-000 TimeWritten[:]20101102004207.859634-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]11544 SourceName[:]volmgr TimeGenerated[:]20101102004159.919220-000 TimeWritten[:]20101102004159.919220-000 Type[:]Error User[:] Category[:]63 CategoryString[:] EventCode[:]41 EventIdentifier[:]41 EventType[:]1 Logfile[:]System Message[:]The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly. RecordNumber[:]11541 SourceName[:]Microsoft-Windows-Kernel-Power TimeGenerated[:]20101102004156.502814-000 TimeWritten[:]20101102004156.502814-000 Type[:]Critical User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]11540 SourceName[:]volmgr TimeGenerated[:]20101102004156.066013-000 TimeWritten[:]20101102004156.066013-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]4001 EventIdentifier[:]4001 EventType[:]2 Logfile[:]System Message[:]WLAN AutoConfig service has successfully stopped. RecordNumber[:]11536 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101102004102.954011-000 TimeWritten[:]20101102004102.954011-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]10003 EventIdentifier[:]10003 EventType[:]1 Logfile[:]System Message[:]WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll RecordNumber[:]11535 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101102004102.954011-000 TimeWritten[:]20101102004102.954011-000 Type[:]Error User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]11356 SourceName[:]SNMP TimeGenerated[:]20101101194849.000000-000 TimeWritten[:]20101101194849.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]11309 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101101194829.900041-000 TimeWritten[:]20101101194829.900041-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]11308 SourceName[:]volmgr TimeGenerated[:]20101101194817.201618-000 TimeWritten[:]20101101194817.201618-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]11299 SourceName[:]volmgr TimeGenerated[:]20101101194811.554408-000 TimeWritten[:]20101101194811.554408-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]4001 EventIdentifier[:]4001 EventType[:]2 Logfile[:]System Message[:]WLAN AutoConfig service has successfully stopped. RecordNumber[:]11295 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101101194752.612772-000 TimeWritten[:]20101101194752.612772-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]10003 EventIdentifier[:]10003 EventType[:]1 Logfile[:]System Message[:]WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll RecordNumber[:]11294 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101101194752.565972-000 TimeWritten[:]20101101194752.565972-000 Type[:]Error User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]11148 SourceName[:]SNMP TimeGenerated[:]20101101183102.000000-000 TimeWritten[:]20101101183102.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]11140 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101101183043.328438-000 TimeWritten[:]20101101183043.328438-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]11093 SourceName[:]volmgr TimeGenerated[:]20101101183031.326419-000 TimeWritten[:]20101101183031.326419-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]11084 SourceName[:]volmgr TimeGenerated[:]20101101183025.414008-000 TimeWritten[:]20101101183025.414008-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]11015 SourceName[:]SNMP TimeGenerated[:]20101030235958.000000-000 TimeWritten[:]20101030235958.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]11001 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101030235940.504040-000 TimeWritten[:]20101030235940.504040-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]10951 SourceName[:]volmgr TimeGenerated[:]20101030235927.466819-000 TimeWritten[:]20101030235927.466819-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]10943 SourceName[:]volmgr TimeGenerated[:]20101030235921.554408-000 TimeWritten[:]20101030235921.554408-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]7034 EventIdentifier[:]-1073734790 EventType[:]1 Logfile[:]System Message[:]The ASLDR Service service terminated unexpectedly. It has done this 1 time(s). RecordNumber[:]10929 SourceName[:]Service Control Manager TimeGenerated[:]20101030235823.669059-000 TimeWritten[:]20101030235823.669059-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]10826 SourceName[:]SNMP TimeGenerated[:]20101030213019.000000-000 TimeWritten[:]20101030213019.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]10816 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101030212955.250438-000 TimeWritten[:]20101030212955.250438-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]10767 SourceName[:]volmgr TimeGenerated[:]20101030212943.310819-000 TimeWritten[:]20101030212943.310819-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]10758 SourceName[:]volmgr TimeGenerated[:]20101030212937.523208-000 TimeWritten[:]20101030212937.523208-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]10689 SourceName[:]SNMP TimeGenerated[:]20101030121752.000000-000 TimeWritten[:]20101030121752.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]10680 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101030121733.654441-000 TimeWritten[:]20101030121733.654441-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]10630 SourceName[:]volmgr TimeGenerated[:]20101030121722.838023-000 TimeWritten[:]20101030121722.838023-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]10621 SourceName[:]volmgr TimeGenerated[:]20101030121714.492008-000 TimeWritten[:]20101030121714.492008-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]4001 EventIdentifier[:]4001 EventType[:]2 Logfile[:]System Message[:]WLAN AutoConfig service has successfully stopped. RecordNumber[:]10613 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101030121239.120401-000 TimeWritten[:]20101030121239.120401-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]10002 EventIdentifier[:]10002 EventType[:]2 Logfile[:]System Message[:]WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll RecordNumber[:]10612 SourceName[:]Microsoft-Windows-WLAN-AutoConfig TimeGenerated[:]20101030121239.104801-000 TimeWritten[:]20101030121239.104801-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]10510 SourceName[:]SNMP TimeGenerated[:]20101030120547.000000-000 TimeWritten[:]20101030120547.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]10499 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101030120526.139640-000 TimeWritten[:]20101030120526.139640-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]10451 SourceName[:]volmgr TimeGenerated[:]20101030120513.794419-000 TimeWritten[:]20101030120513.794419-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]10442 SourceName[:]volmgr TimeGenerated[:]20101030120508.303210-000 TimeWritten[:]20101030120508.303210-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1014 EventIdentifier[:]1014 EventType[:]2 Logfile[:]System Message[:]Name resolution for the name api.flattr.com timed out after none of the configured DNS servers responded. RecordNumber[:]10352 SourceName[:]Microsoft-Windows-DNS-Client TimeGenerated[:]20101030110645.766434-000 TimeWritten[:]20101030110645.766434-000 Type[:]Warning User[:]NT AUTHORITY\NETWORK SERVICE Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]10323 SourceName[:]SNMP TimeGenerated[:]20101030110526.000000-000 TimeWritten[:]20101030110526.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]10309 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101030110454.593639-000 TimeWritten[:]20101030110454.593639-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]10261 SourceName[:]volmgr TimeGenerated[:]20101030110442.310819-000 TimeWritten[:]20101030110442.310819-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]10252 SourceName[:]volmgr TimeGenerated[:]20101030110436.523208-000 TimeWritten[:]20101030110436.523208-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]10172 SourceName[:]SNMP TimeGenerated[:]20101030110220.000000-000 TimeWritten[:]20101030110220.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]10160 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101030110151.980443-000 TimeWritten[:]20101030110151.980443-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]10113 SourceName[:]volmgr TimeGenerated[:]20101030110139.354422-000 TimeWritten[:]20101030110139.354422-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]10104 SourceName[:]volmgr TimeGenerated[:]20101030110131.882009-000 TimeWritten[:]20101030110131.882009-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]9990 SourceName[:]SNMP TimeGenerated[:]20101030103020.000000-000 TimeWritten[:]20101030103020.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]9981 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101030103004.616042-000 TimeWritten[:]20101030103004.616042-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]9936 SourceName[:]volmgr TimeGenerated[:]20101030102952.104822-000 TimeWritten[:]20101030102952.104822-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]9927 SourceName[:]volmgr TimeGenerated[:]20101030102945.599610-000 TimeWritten[:]20101030102945.599610-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]9824 SourceName[:]SNMP TimeGenerated[:]20101030102659.000000-000 TimeWritten[:]20101030102659.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]9771 SourceName[:]SNMP TimeGenerated[:]20101030102247.000000-000 TimeWritten[:]20101030102247.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]9768 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101030102240.458043-000 TimeWritten[:]20101030102240.458043-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]9722 SourceName[:]volmgr TimeGenerated[:]20101030102227.995622-000 TimeWritten[:]20101030102227.995622-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]9713 SourceName[:]volmgr TimeGenerated[:]20101030102220.850809-000 TimeWritten[:]20101030102220.850809-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]9600 SourceName[:]SNMP TimeGenerated[:]20101030101834.000000-000 TimeWritten[:]20101030101834.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]11 EventIdentifier[:]11 EventType[:]2 Logfile[:]System Message[:]Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. RecordNumber[:]9540 SourceName[:]Microsoft-Windows-Wininit TimeGenerated[:]20101030101807.101243-000 TimeWritten[:]20101030101807.101243-000 Type[:]Warning User[:]NT AUTHORITY\SYSTEM Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]9539 SourceName[:]volmgr TimeGenerated[:]20101030101755.541622-000 TimeWritten[:]20101030101755.541622-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]46 EventIdentifier[:]-1073479634 EventType[:]1 Logfile[:]System Message[:]Crash dump initialization failed! RecordNumber[:]9530 SourceName[:]volmgr TimeGenerated[:]20101030101747.913209-000 TimeWritten[:]20101030101747.913209-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]1500 EventIdentifier[:]-1057028644 EventType[:]1 Logfile[:]System Message[:]The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. RecordNumber[:]9471 SourceName[:]SNMP TimeGenerated[:]20101030100827.000000-000 TimeWritten[:]20101030100827.000000-000 Type[:]Error User[:] Category[:]0 CategoryString[:] EventCode[:]134 EventIdentifier[:]134 EventType[:]2 Logfile[:]System Message[:]NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC) RecordNumber[:]9426 SourceName[:]Microsoft-Windows-Time-Service TimeGenerated[:]20101030095537.515128-000 TimeWritten[:]20101030095537.515128-000 Type[:]Warning User[:]NT AUTHORITY\LOCAL SERVICE Caption[:]C: CreationClassName[:]Win32_LogicalDisk Description[:]Local Fixed Disk DeviceID[:]C: DriveType[:]3 FileSystem[:]NTFS FreeSpace[:]593050951680 MediaType[:]12 Name[:]C: SIZE[:]619159515136 VolumeName[:]OS VolumeSerialNumber[:]EA27DC2E Caption[:]E: CreationClassName[:]Win32_LogicalDisk Description[:]CD-ROM Disc DeviceID[:]E: DriveType[:]5 FileSystem[:] FreeSpace[:] MediaType[:]11 Name[:]E: SIZE[:] VolumeName[:] VolumeSerialNumber[:] Name[:]Adobe Flash Player 10 Plugin Uninstall[:]C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin Vendor[:]Adobe Systems Incorporated Version[:]10.1.85.3 InstallDate[:] InstallLocation[:] Language[:] Name[:]Advanced SystemCare 3 Uninstall[:]"C:\Program Files (x86)\IObit\Advanced SystemCare 3\unins000.exe" Vendor[:]IObit Version[:]3.7.2 InstallDate[:]20101029 InstallLocation[:]C:\Program Files (x86)\IObit\Advanced SystemCare 3\ Language[:] Name[:]ASUS_Screensaver Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u Vendor[:] Version[:] InstallDate[:] InstallLocation[:] Language[:] Name[:]ASUS_Screensaver Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u Vendor[:] Version[:] InstallDate[:] InstallLocation[:] Language[:] Name[:]ASUS_Screensaver Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u Vendor[:] Version[:] InstallDate[:] InstallLocation[:] Language[:] Name[:]ASUS_Screensaver Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u Vendor[:] Version[:] InstallDate[:] InstallLocation[:] Language[:] Name[:]ASUS_Screensaver Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u Vendor[:] Version[:] InstallDate[:] InstallLocation[:] Language[:] Name[:]ASUS_Screensaver Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u Vendor[:] Version[:] InstallDate[:] InstallLocation[:] Language[:] Name[:]ASUS_Screensaver Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u Vendor[:] Version[:] InstallDate[:] InstallLocation[:] Language[:] Name[:]ASUS_Screensaver Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u Vendor[:] Version[:] InstallDate[:] InstallLocation[:] Language[:] Name[:]ASUS_Screensaver Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u Vendor[:] Version[:] InstallDate[:] InstallLocation[:] Language[:] Name[:]ASUS_Screensaver Uninstall[:]C:\Windows\system32\ASUS_Screensaver.scr /u Vendor[:] Version[:] InstallDate[:] InstallLocation[:] Language[:] Name[:]CyberLink Power2Go Uninstall[:]"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall Vendor[:]CyberLink Corp. Version[:]6.1.3602c InstallDate[:]20100811 InstallLocation[:]C:\Program Files (x86)\Cyberlink\Power2Go\ Language[:]0 Name[:]CyberLink LabelPrint Uninstall[:]"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall Vendor[:]CyberLink Corp. Version[:]2.5.1908 InstallDate[:]20100811 InstallLocation[:]C:\Program Files (x86)\CyberLink\LabelPrint\ Language[:]0 Name[:]Alcor Micro USB Card Reader Uninstall[:]C:\Program Files (x86)\InstallShield Installation Information\{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}\Setup.exe -runfromtemp -l0x0409 Vendor[:]Alcor Micro Corp. Version[:]1.5.17.25482 InstallDate[:]20100811 InstallLocation[:]C:\Program Files (x86)\AmIcoSingLun\ Language[:]0 Name[:]Kaspersky Internet Security 2011 Uninstall[:] Vendor[:]Kaspersky Lab Version[:]11.0.1.400 InstallDate[:] InstallLocation[:] Language[:] Name[:]IObit Security 360 Uninstall[:]"C:\Program Files (x86)\IObit\IObit Security 360\unins000.exe" Vendor[:]IObit Version[:]1.0 InstallDate[:]20101030 InstallLocation[:]C:\Program Files (x86)\IObit\IObit Security 360\ Language[:] Name[:]IObit Toolbar Uninstall[:]rundll32 C:\PROGRA~2\IObitBar\toolbar\1.bin\i0Bar.dll,O Vendor[:]IObit Version[:] InstallDate[:] InstallLocation[:] Language[:] Name[:]Malwarebytes' Anti-Malware Uninstall[:]"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Vendor[:]Malwarebytes Corporation Version[:] InstallDate[:]20101029 InstallLocation[:]C:\Program Files (x86)\Malwarebytes' Anti-Malware\ Language[:] Name[:]Malwarebytes' Anti-Malware Uninstall[:]"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Vendor[:]Malwarebytes Corporation Version[:] InstallDate[:]20101029 InstallLocation[:]C:\Program Files (x86)\Malwarebytes' Anti-Malware\ Language[:] Name[:]Mozilla Firefox (3.6.12) Uninstall[:]C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe Vendor[:]Mozilla Version[:]3.6.12 (en-US) InstallDate[:] InstallLocation[:]C:\Program Files (x86)\Mozilla Firefox Language[:] Name[:]Revo Uninstaller 1.90 Uninstall[:]C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe Vendor[:]VS Revo Group Version[:]1.90 InstallDate[:] InstallLocation[:]C:\Program Files (x86)\VS Revo Group\Revo Uninstaller Language[:]1033 Name[:]Revo Uninstaller 1.90 Uninstall[:]C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe Vendor[:]VS Revo Group Version[:]1.90 InstallDate[:] InstallLocation[:]C:\Program Files (x86)\VS Revo Group\Revo Uninstaller Language[:]1033 Name[:]Revo Uninstaller 1.90 Uninstall[:]C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe Vendor[:]VS Revo Group Version[:]1.90 InstallDate[:] InstallLocation[:]C:\Program Files (x86)\VS Revo Group\Revo Uninstaller Language[:]1033 Name[:]Windows Live Essentials Uninstall[:]C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Vendor[:]Microsoft Corporation Version[:]14.0.8050.1202 InstallDate[:] InstallLocation[:]C:\Program Files (x86)\Windows Live\ Language[:]9 Name[:]Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Uninstall[:]MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Vendor[:]Microsoft Corporation Version[:]9.0.30729.4148 InstallDate[:]20101029 InstallLocation[:] Language[:]1033 Name[:]Windows Live Call Uninstall[:]MsiExec.exe /I{020D8396-D6D9-4B53-A9A1-83C47E2E27AA} Vendor[:]Microsoft Corporation Version[:]14.0.8050.1202 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]ASUS AI Recovery Uninstall[:]MsiExec.exe /I{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0} Vendor[:]ASUS Version[:]1.0.10 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]ASUS Splendid Video Enhancement Technology Uninstall[:]MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D} Vendor[:]ASUS Version[:]1.02.0028 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]Windows Live Messenger Uninstall[:]MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C} Vendor[:]Microsoft Corporation Version[:]14.0.8050.1202 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]ASUS LifeFrame3 Uninstall[:]MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158} Vendor[:]ASUS Version[:]3.0.20 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]Windows Live Upload Tool Uninstall[:]MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Vendor[:]Microsoft Corporation Version[:]14.0.8014.1029 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]Wireless Console 3 Uninstall[:]MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2} Vendor[:]ASUS Version[:]3.0.17 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]MSVCRT Uninstall[:]MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Vendor[:]Microsoft Version[:]14.0.1468.721 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]Microsoft Search Enhancement Pack Uninstall[:]MsiExec.exe /I{299CF645-48C7-4FA1-8BCD-5CE200CF180D} Vendor[:]Microsoft Corporation Version[:]1.2.121.0 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]Windows Live Toolbar Uninstall[:]MsiExec.exe /X{2B4C7E1E-E446-4740-ADB5-9842E742EE8A} Vendor[:]Microsoft Corporation Version[:]14.0.8052.1208 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]CyberLink Power2Go Uninstall[:]"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall Vendor[:]CyberLink Corp. Version[:]6.1.3602c InstallDate[:]20100811 InstallLocation[:]C:\Program Files (x86)\Cyberlink\Power2Go\ Language[:]0 Name[:]Junk Mail filter update Uninstall[:]MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A} Vendor[:]Microsoft Corporation Version[:]14.0.8050.1202 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]ControlDeck Uninstall[:]MsiExec.exe /I{5B65EF64-1DFA-414A-8C94-7BB726158E21} Vendor[:]ASUS Version[:]1.0.8 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]Windows Live Mail Uninstall[:]MsiExec.exe /I{63C1109E-D977-49ED-BCE3-D00D0BF187D6} Vendor[:]Microsoft Corporation Version[:]14.0.8050.1202 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]ASUS SmartLogon Uninstall[:]MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5} Vendor[:]ASUS Version[:]1.0.0008 InstallDate[:]20100811 InstallLocation[:]C:\Program Files (x86)\ASUS\SmartLogon\ Language[:]1033 Name[:]Intel(R) Management Engine Components Uninstall[:]C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall Vendor[:]Intel Corporation Version[:]6.0.0.1179 InstallDate[:] InstallLocation[:]C:\Program Files (x86)\Intel\Intel(R) Management Engine Components Language[:] Name[:]Kaspersky Internet Security 2011 Uninstall[:] Vendor[:]Kaspersky Lab Version[:]11.0.1.400 InstallDate[:]20101029 InstallLocation[:]C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ Language[:]1033 Name[:]Windows Live Writer Uninstall[:]MsiExec.exe /X{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2} Vendor[:]Microsoft Corporation Version[:]14.0.8050.1202 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]MSXML 4.0 SP3 Parser (KB973685) Uninstall[:]MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44} Vendor[:]Microsoft Corporation Version[:]4.30.2107.0 InstallDate[:]20100811 InstallLocation[:]C:\Windows\SysWOW64\ Language[:]1033 Name[:]Microsoft Silverlight Uninstall[:]MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Vendor[:]Microsoft Corporation Version[:]4.0.50917.0 InstallDate[:]20101029 InstallLocation[:]c:\Program Files (x86)\Microsoft Silverlight\ Language[:]1033 Name[:]Microsoft Sync Framework Runtime Native v1.0 (x86) Uninstall[:]MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Vendor[:]Microsoft Corporation Version[:]1.0.1215.0 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]WinFlash Uninstall[:]MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D} Vendor[:]ASUS Version[:]2.30.3 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]Choice Guard Uninstall[:]MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Vendor[:]Microsoft Corporation Version[:]1.2.87.0 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]Windows Live Sign-in Assistant Uninstall[:]MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00} Vendor[:]Microsoft Corporation Version[:]5.000.818.6 InstallDate[:]20101029 InstallLocation[:] Language[:]1033 Name[:]Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Uninstall[:]MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Vendor[:]Microsoft Corporation Version[:]9.0.30729 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]ASUS MultiFrame Uninstall[:]RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9 Vendor[:]ASUS Version[:]1.0.0021 InstallDate[:]8-11-2010 InstallLocation[:] Language[:] Name[:]ATK Package Uninstall[:]MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE} Vendor[:]ASUS Version[:]1.0.0004 InstallDate[:]20100811 InstallLocation[:]C:\Program Files (x86)\ASUS\ATK Package\ Language[:]1033 Name[:]Express Gate Uninstall[:]MsiExec.exe /X{B5A5627C-0173-4DB2-ADA8-740479370F67} Vendor[:]DeviceVM, Inc. Version[:]1.4.10.2 InstallDate[:]20100811 InstallLocation[:]C:\temp\Splashtop_temp_folder\ASUS.SYS\ Language[:]0 Name[:]Microsoft Sync Framework Services Native v1.0 (x86) Uninstall[:]MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Vendor[:]Microsoft Corporation Version[:]1.0.1215.0 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]CyberLink LabelPrint Uninstall[:]"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall Vendor[:]CyberLink Corp. Version[:]2.5.1908 InstallDate[:]20100811 InstallLocation[:]C:\Program Files (x86)\CyberLink\LabelPrint\ Language[:]0 Name[:]Windows Live Essentials Uninstall[:]MsiExec.exe /I{D9D754A1-EAC5-406C-A28B-C49B1E846711} Vendor[:]Microsoft Corporation Version[:]14.0.8050.1202 InstallDate[:]20100811 InstallLocation[:] Language[:]9 Name[:]ASUS Live Update Uninstall[:]RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9 Vendor[:]ASUS Version[:]2.5.9 InstallDate[:]8-11-2010 InstallLocation[:] Language[:] Name[:]ASUS Virtual Camera Uninstall[:]MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1} Vendor[:]asus Version[:]1.0.19 InstallDate[:]20100811 InstallLocation[:] Language[:]0 Name[:]Microsoft SQL Server 2005 Compact Edition [ENU] Uninstall[:]MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Vendor[:]Microsoft Corporation Version[:]3.1.0000 InstallDate[:]20100811 InstallLocation[:]C:\Program Files (x86)\Microsoft SQL Server Compact Edition\ Language[:]1033 Name[:]Intel(R) Graphics Media Accelerator Driver Uninstall[:]C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall Vendor[:]Intel Corporation Version[:]8.15.10.2125 InstallDate[:] InstallLocation[:]C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver Language[:] Name[:]Realtek High Definition Audio Driver Uninstall[:]RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly Vendor[:]Realtek Semiconductor Corp. Version[:]6.0.1.6110 InstallDate[:]20100811 InstallLocation[:]C:\Program Files\Realtek\Audio\HDA Language[:]9 Name[:]Alcor Micro USB Card Reader Uninstall[:] Vendor[:]Alcor Micro Corp. Version[:]1.5.17.25482 InstallDate[:]20100811 InstallLocation[:]C:\Program Files (x86)\AmIcoSingLun\ Language[:]0 Name[:]Alcor Micro USB Card Reader Uninstall[:] Vendor[:]Alcor Micro Corp. Version[:]1.5.17.25482 InstallDate[:]20100811 InstallLocation[:]C:\Program Files (x86)\AmIcoSingLun\ Language[:]0 Name[:]Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Uninstall[:]c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client Vendor[:]Microsoft Corporation Version[:]1 InstallDate[:] InstallLocation[:] Language[:] Name[:]Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Uninstall[:]c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client Vendor[:]Microsoft Corporation Version[:]1 InstallDate[:] InstallLocation[:] Language[:] Name[:]Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Uninstall[:]c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client Vendor[:]Microsoft Corporation Version[:]1 InstallDate[:] InstallLocation[:] Language[:] Name[:]Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Uninstall[:]c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client Vendor[:]Microsoft Corporation Version[:]1 InstallDate[:] InstallLocation[:] Language[:] Name[:]Windows Live Communications Platform Uninstall[:]MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B} Vendor[:]Microsoft Corporation Version[:]14.0.8050.1202 InstallDate[:]20100811 InstallLocation[:] Language[:]0 Name[:]Windows Live Photo Gallery Uninstall[:]MsiExec.exe /X{F73A5B18-EB75-4B2C-B32D-9457576E2417} Vendor[:]Microsoft Corporation Version[:]14.0.8051.1204 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 Name[:]Intel(R) Control Center Uninstall[:]C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm Vendor[:]Intel Corporation Version[:]1.2.1.1007 InstallDate[:] InstallLocation[:]C:\Program Files (x86)\Intel\Intel Control Center Language[:] Name[:]Intel(R) Control Center Uninstall[:]C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm Vendor[:]Intel Corporation Version[:]1.2.1.1007 InstallDate[:] InstallLocation[:]C:\Program Files (x86)\Intel\Intel Control Center Language[:] Name[:]Windows Live Sync Uninstall[:]MsiExec.exe /X{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF} Vendor[:]Microsoft Corporation Version[:]14.0.8050.1202 InstallDate[:]20100811 InstallLocation[:] Language[:]1033 CommandLine[:] Priority[:]0 ProcessId[:]0 ReadOperationCount[:]0 ReadTransferCount[:]0 SessionId[:]0 ThreadCount[:]4 ||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0|||||||||| CommandLine[:] Priority[:]8 ProcessId[:]4 ReadOperationCount[:]8467 ReadTransferCount[:]88258521 SessionId[:]0 ThreadCount[:]127 CommandLine[:] Priority[:]11 ProcessId[:]336 ReadOperationCount[:]12 ReadTransferCount[:]37406 SessionId[:]0 ThreadCount[:]2 CommandLine[:] Priority[:]13 ProcessId[:]452 ReadOperationCount[:]956 ReadTransferCount[:]637049 SessionId[:]0 ThreadCount[:]11 wininit.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||94.0KB (96,256 bytes)||||2009/07/13 18:36:49||2009/07/13 20:14:45||2009/07/13 18:36:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Start-Up Application||© Microsoft Corporation. All rights reserved.||b5c5dcad3899512020d135600129d665|| CommandLine[:] Priority[:]13 ProcessId[:]516 ReadOperationCount[:]1 ReadTransferCount[:]6656 SessionId[:]0 ThreadCount[:]3 CommandLine[:] Priority[:]13 ProcessId[:]540 ReadOperationCount[:]149531 ReadTransferCount[:]4453431 SessionId[:]1 ThreadCount[:]12 CommandLine[:] Priority[:]9 ProcessId[:]592 ReadOperationCount[:]111 ReadTransferCount[:]486540 SessionId[:]0 ThreadCount[:]9 CommandLine[:] Priority[:]13 ProcessId[:]624 ReadOperationCount[:]3 ReadTransferCount[:]6800 SessionId[:]1 ThreadCount[:]3 CommandLine[:] Priority[:]9 ProcessId[:]640 ReadOperationCount[:]1298 ReadTransferCount[:]87269 SessionId[:]0 ThreadCount[:]7 CommandLine[:] Priority[:]8 ProcessId[:]652 ReadOperationCount[:]0 ReadTransferCount[:]0 SessionId[:]0 ThreadCount[:]11 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]792 ReadOperationCount[:]0 ReadTransferCount[:]0 SessionId[:]0 ThreadCount[:]11 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]880 ReadOperationCount[:]0 ReadTransferCount[:]0 SessionId[:]0 ThreadCount[:]8 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]972 ReadOperationCount[:]3191 ReadTransferCount[:]16433372 SessionId[:]0 ThreadCount[:]22 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]368 ReadOperationCount[:]1114 ReadTransferCount[:]55103452 SessionId[:]0 ThreadCount[:]18 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]484 ReadOperationCount[:]4779 ReadTransferCount[:]40890925 SessionId[:]0 ThreadCount[:]39 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]1044 ReadOperationCount[:]33 ReadTransferCount[:]674 SessionId[:]0 ThreadCount[:]12 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]1152 ReadOperationCount[:]786 ReadTransferCount[:]631884 SessionId[:]0 ThreadCount[:]18 CommandLine[:] Priority[:]8 ProcessId[:]1332 ReadOperationCount[:]80 ReadTransferCount[:]1833659 SessionId[:]0 ThreadCount[:]8 wlanext.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||75.5KB (77,312 bytes)||||2009/07/13 18:51:56||2009/07/13 20:14:46||2009/07/13 18:51:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Wireless LAN 802.11 Extensibility Framework||© Microsoft Corporation. All rights reserved.||6f44f5c0bc6b210fe5f5a1c8d899ad0a|| CommandLine[:] Priority[:]8 ProcessId[:]1340 ReadOperationCount[:]16 ReadTransferCount[:]1604 SessionId[:]0 ThreadCount[:]13 CommandLine[:] Priority[:]8 ProcessId[:]1348 ReadOperationCount[:]0 ReadTransferCount[:]0 SessionId[:]0 ThreadCount[:]1 CommandLine[:] Priority[:]8 ProcessId[:]1472 ReadOperationCount[:]0 ReadTransferCount[:]0 SessionId[:]0 ThreadCount[:]4 CommandLine[:] Priority[:]8 ProcessId[:]1528 ReadOperationCount[:]15 ReadTransferCount[:]16608 SessionId[:]0 ThreadCount[:]4 CommandLine[:] Priority[:]8 ProcessId[:]1592 ReadOperationCount[:]5 ReadTransferCount[:]8030 SessionId[:]0 ThreadCount[:]16 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]1628 ReadOperationCount[:]14700 ReadTransferCount[:]268871202 SessionId[:]0 ThreadCount[:]18 CommandLine[:] Priority[:]8 ProcessId[:]1744 ReadOperationCount[:]1114971 ReadTransferCount[:]45943506196 SessionId[:]0 ThreadCount[:]5 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]1776 ReadOperationCount[:]141 ReadTransferCount[:]540195 SessionId[:]0 ThreadCount[:]10 CommandLine[:] Priority[:]8 ProcessId[:]1796 ReadOperationCount[:]732465 ReadTransferCount[:]1843911929 SessionId[:]0 ThreadCount[:]93 CommandLine[:] Priority[:]8 ProcessId[:]1900 ReadOperationCount[:]0 ReadTransferCount[:]0 SessionId[:]0 ThreadCount[:]3 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]1948 ReadOperationCount[:]88 ReadTransferCount[:]329079 SessionId[:]0 ThreadCount[:]15 CommandLine[:] Priority[:]8 ProcessId[:]1968 ReadOperationCount[:]15 ReadTransferCount[:]574640 SessionId[:]0 ThreadCount[:]6 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]2004 ReadOperationCount[:]0 ReadTransferCount[:]0 SessionId[:]0 ThreadCount[:]5 CommandLine[:] Priority[:]8 ProcessId[:]464 ReadOperationCount[:]3 ReadTransferCount[:]2222 SessionId[:]0 ThreadCount[:]10 CommandLine[:] Priority[:]8 ProcessId[:]2084 ReadOperationCount[:]0 ReadTransferCount[:]0 SessionId[:]0 ThreadCount[:]4 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]2124 ReadOperationCount[:]4 ReadTransferCount[:]16384 SessionId[:]0 ThreadCount[:]6 lxdicoms.exe||1.0.27.0||1.0.27.0||Application||C:\Windows\System32\||505KB (517,040 bytes)||||2010/11/01 21:12:19||2007/06/11 10:14:52||2010/11/01 21:12:19||0||1||0||0||0||0||Printer Communication System||Printer Communication System|| ||7b09187a3611480ba6632f4e3c86ddc0|| CommandLine[:] Priority[:]8 ProcessId[:]2528 ReadOperationCount[:]2906 ReadTransferCount[:]0 SessionId[:]0 ThreadCount[:]9 CommandLine[:] Priority[:]8 ProcessId[:]2572 ReadOperationCount[:]114 ReadTransferCount[:]136703 SessionId[:]0 ThreadCount[:]22 CommandLine[:] Priority[:]8 ProcessId[:]2604 ReadOperationCount[:]36 ReadTransferCount[:]79613 SessionId[:]0 ThreadCount[:]9 RegSrvc.exe||13, 2, 0, 0||13, 2, 0, 0||Application||C:\Program Files\Common Files\Intel\WirelessCommon\||812KB (831,760 bytes)||||2010/03/05 12:06:22||2010/03/05 12:06:22||2010/08/11 20:35:46||0||1||0||0||0||0||Intel(R) PROSet/Wireless||Intel(R) PROSet/Wireless Registry Service||Copyright (c) Intel Corporation 1999-2010||0aa473966357c4a41b5eb19649eb6e5e|| CommandLine[:] Priority[:]8 ProcessId[:]3056 ReadOperationCount[:]5981 ReadTransferCount[:]126470 SessionId[:]0 ThreadCount[:]4 CommandLine[:]"taskhost.exe" Priority[:]8 ProcessId[:]120 ReadOperationCount[:]10 ReadTransferCount[:]1742248 SessionId[:]1 ThreadCount[:]8 taskeng.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||186KB (190,464 bytes)||||2009/07/13 18:30:45||2009/07/13 20:14:42||2009/07/13 18:30:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Task Scheduler Engine||© Microsoft Corporation. All rights reserved.||de5dacebd4c89834ec6d2c41c8643cda|| CommandLine[:] Priority[:]8 ProcessId[:]2868 ReadOperationCount[:]12 ReadTransferCount[:]17912 SessionId[:]1 ThreadCount[:]9 CommandLine[:]"C:\Windows\system32\Dwm.exe" Priority[:]13 ProcessId[:]1360 ReadOperationCount[:]1 ReadTransferCount[:]60 SessionId[:]1 ThreadCount[:]5 explorer.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\||2.74MB (2,870,272 bytes)||||2010/08/11 20:57:39||2010/08/11 20:57:39||2010/08/11 20:57:39||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Explorer||© Microsoft Corporation. All rights reserved.||9aaaec8dac27aa17b053e6352ad233ae|| CommandLine[:]C:\Windows\Explorer.EXE Priority[:]8 ProcessId[:]2932 ReadOperationCount[:]2548 ReadTransferCount[:]6940240 SessionId[:]1 ThreadCount[:]27 CommandLine[:] Priority[:]8 ProcessId[:]2104 ReadOperationCount[:]539 ReadTransferCount[:]2531861 SessionId[:]0 ThreadCount[:]13 TCPSVCS.EXE||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||9.00KB (9,216 bytes)||||2009/07/13 18:55:14||2009/07/13 20:14:42||2009/07/13 18:55:14||0||1||0||0||0||0||Microsoft® Windows® Operating System||TCP/IP Services Application||© Microsoft Corporation. All rights reserved.||f5aaa8cdda25b6387af590d676d25bad|| CommandLine[:] Priority[:]8 ProcessId[:]3196 ReadOperationCount[:]10 ReadTransferCount[:]40960 SessionId[:]0 ThreadCount[:]4 CommandLine[:] Priority[:]6 ProcessId[:]3264 ReadOperationCount[:]67 ReadTransferCount[:]3056 SessionId[:]1 ThreadCount[:]5 CommandLine[:] Priority[:]6 ProcessId[:]3296 ReadOperationCount[:]65 ReadTransferCount[:]110208 SessionId[:]1 ThreadCount[:]6 snmp.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||46.5KB (47,616 bytes)||||2009/07/13 18:55:05||2009/07/13 20:14:39||2009/07/13 18:55:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||SNMP Service||© Microsoft Corporation. All rights reserved.||007f394efb7bf80bf9999d9384cc272a|| CommandLine[:] Priority[:]8 ProcessId[:]3304 ReadOperationCount[:]4 ReadTransferCount[:]293940 SessionId[:]0 ThreadCount[:]7 CommandLine[:] Priority[:]6 ProcessId[:]3344 ReadOperationCount[:]17 ReadTransferCount[:]53248 SessionId[:]1 ThreadCount[:]3 CommandLine[:] Priority[:]6 ProcessId[:]3384 ReadOperationCount[:]0 ReadTransferCount[:]0 SessionId[:]1 ThreadCount[:]3 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]3396 ReadOperationCount[:]2 ReadTransferCount[:]17 SessionId[:]0 ThreadCount[:]9 ACEngSvr.exe||1.0.0.4||1, 0, 0, 4||Application||C:\Windows\System32\||179KB (183,296 bytes)||||2010/08/11 20:42:56||2006/10/09 21:07:56||2010/08/11 20:42:56||0||1||0||0||0||0||ACEngSvr Module||ACEngSvr Module||Copyright (c) 2005 ASUSTeK Computer Inc.||41a5048e49372f091b2ae5a5b705b72d|| CommandLine[:] Priority[:]8 ProcessId[:]3460 ReadOperationCount[:]66 ReadTransferCount[:]3595 SessionId[:]1 ThreadCount[:]3 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]3492 ReadOperationCount[:]118 ReadTransferCount[:]542066 SessionId[:]0 ThreadCount[:]16 CommandLine[:] Priority[:]8 ProcessId[:]3596 ReadOperationCount[:]619 ReadTransferCount[:]670775 SessionId[:]0 ThreadCount[:]13 CommandLine[:] Priority[:]8 ProcessId[:]3688 ReadOperationCount[:]1 ReadTransferCount[:]60 SessionId[:]1 ThreadCount[:]7 AmIcoSinglun64.exe||1, 1, 0, 9||1, 1, 0, 9||Application||C:\Program Files (x86)\AmIcoSingLun\||316KB (323,584 bytes)||||2009/09/01 02:10:27||2009/09/01 02:10:27||2010/08/11 20:35:17||0||1||0||0||0||0||IconUtility||Single LUN Icon Utility for VID 058F PID 6366||AlcorMicro Co., Ltd. All rights reserved.||dfac78508defe8841da4cdd1fa472c1a|| CommandLine[:]"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" Priority[:]8 ProcessId[:]3804 ReadOperationCount[:]1 ReadTransferCount[:]60 SessionId[:]1 ThreadCount[:]1 iFrmewrk.exe||13, 2, 0, 0||13, 2, 0, 0||Application||C:\Program Files\Common Files\Intel\WirelessCommon\||1.84MB (1,928,976 bytes)||||2010/03/05 12:09:02||2010/03/05 12:09:02||2010/08/11 20:35:47||0||1||0||0||0||0||Intel(R) PROSet/Wireless||Intel(R) PROSet/Wireless Framework||Copyright (c) Intel Corporation 1999-2010||f2c49a7aa03fc231be87a65e50d0b6f6|| CommandLine[:]"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray Priority[:]8 ProcessId[:]3820 ReadOperationCount[:]6206 ReadTransferCount[:]174891 SessionId[:]1 ThreadCount[:]6 CommandLine[:]"C:\Windows\System32\igfxtray.exe" Priority[:]8 ProcessId[:]3828 ReadOperationCount[:]0 ReadTransferCount[:]0 SessionId[:]1 ThreadCount[:]3 CommandLine[:]"C:\Windows\System32\hkcmd.exe" Priority[:]8 ProcessId[:]3852 ReadOperationCount[:]10 ReadTransferCount[:]119166 SessionId[:]1 ThreadCount[:]3 CommandLine[:]"C:\Windows\System32\igfxpers.exe" Priority[:]8 ProcessId[:]3900 ReadOperationCount[:]2 ReadTransferCount[:]398 SessionId[:]1 ThreadCount[:]3 lxdimon.exe||0.1.25.0||||Application||C:\Program Files (x86)\Lexmark 3500-4500 Series\||425KB (434,856 bytes)||||2010/11/01 21:12:24||2009/04/27 13:30:52||2010/11/01 21:12:24||0||1||0||0||0||0||||Device Monitor||||78c697c80328080200c5d6935f23aad2|| CommandLine[:]"C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe" Priority[:]8 ProcessId[:]3992 ReadOperationCount[:]1 ReadTransferCount[:]28666 SessionId[:]1 ThreadCount[:]7 Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>winspool.drv||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Device driver||C:\Windows\System32\||312KB (319,488 bytes)||||2009/07/13 19:18:30||2009/07/13 20:14:08||2009/07/13 19:18:30||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Spooler Driver||© Microsoft Corporation. All rights reserved.||61e02cc3184b63fafe0b83eac8b3b8ef||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>lxdiscw.dll||||||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||272KB (278,528 bytes)||||2010/11/01 21:12:24||2007/03/23 15:41:44||2010/11/01 21:12:24||0||1||0||0||0||0||||||||3900c249757bf8208ddcedddaf53fdd6||<||||>lxdicfg.dll||1, 0, 0, 1||1, 0, 0, 1||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||76.1KB (77,906 bytes)||||2010/11/01 21:12:24||2007/11/07 12:28:18||2010/11/01 21:12:24||0||1||0||0||0||0||Lexmark International config||config||||6c6d57dd53e3c8ad074cf97fc27e4b35||<||||>lxdidatr.dll||99.99.99.99||99.99.99.99||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||576KB (589,824 bytes)||||2010/11/01 21:12:21||2007/03/05 10:45:26||2010/11/01 21:12:21||0||1||0||0||0||0||||Data Recorder||||7ed76fc8b1cf5c11b50a5e71024bc0d9||<||||>lxdicats.dll||1, 0, 0, 1||1, 0, 0, 1||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||72.0KB (73,728 bytes)||||2010/11/01 21:12:21||2006/12/28 11:47:42||2010/11/01 21:12:21||0||1||0||0||0||0||cats||cats||Copyright © 2003||0ed29e08b136aa11f6fbd4dea0a11c54||<||||>lxdimonr.dll||0.1.25.0||||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||76.0KB (77,824 bytes)||||2010/11/01 21:12:24||2007/01/23 19:22:10||2010/11/01 21:12:24||0||1||0||0||0||0||||||Copyright © 2005||e3f05c710a5c269fc67e642c31f031b8||<||||>ws2_32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||202KB (206,336 bytes)||||2009/07/13 18:12:28||2009/07/13 20:16:20||2009/07/13 18:12:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 2.0 32-Bit DLL||© Microsoft Corporation. All rights reserved.||daae8a9b8c0acc7f858454132553c30d||<||||>nsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||8.50KB (8,704 bytes)||||2009/07/13 18:12:06||2009/07/13 20:16:11||2009/07/13 18:12:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||NSI User-mode interface DLL||© Microsoft Corporation. All rights reserved.||6377051c63d5552a311935c67e9fdfdc||<||||>mswsock.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||227KB (232,448 bytes)||||2009/07/13 18:12:34||2009/07/13 20:15:51||2009/07/13 18:12:34||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Sockets 2.0 Service Provider||© Microsoft Corporation. All rights reserved.||11a41f17527ed75d6b758fdd7f4fd00d||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>lxdicomc.dll||1.0.27.0||1.0.27.0||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||748KB (765,952 bytes)||||2010/11/01 21:12:24||2007/05/17 10:58:12||2010/11/01 21:12:24||0||1||0||0||0||0||Printer Communication System||Printer Communication System|| ||b781f15ba5c19760ba046c59d5edaf4b||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>SPICtrl.dll||1, 0, 0, 1||1, 0, 0, 0||Application extension||C:\Program Files (x86)\IObit\Advanced SystemCare 3\||1.37MB (1,433,296 bytes)||||2010/10/29 19:31:28||2010/09/28 20:50:14||2010/10/29 19:31:28||0||1||0||0||0||0||SPICtrl Dynamic Link Library||SPICtrl Dynamic Link Library||Copyright(C) 2005-2009||c7868fd23610dc8077f5037d5c7fde47||<||||>comdlg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||476KB (486,912 bytes)||||2009/07/13 18:39:49||2009/07/13 20:15:07||2009/07/13 18:39:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||Common Dialogs DLL||© Microsoft Corporation. All rights reserved.||a223cf703e28cbd7e9e7982141fa403c||<||||>comctl32.dll||5.82 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\||518KB (530,432 bytes)||||2010/10/29 16:06:18||2010/08/21 00:33:24||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Common Controls Library||© Microsoft Corporation. All rights reserved.||d3ead1cf16ba729a7f7c9a5d94aa7c05||<||||>WSHTCPIP.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||9.00KB (9,216 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv4)||© Microsoft Corporation. All rights reserved.||ee5c8e27c37b79cb54a2fceeed2dc262||<||||> CommandLine[:] Priority[:]8 ProcessId[:]4080 ReadOperationCount[:]1 ReadTransferCount[:]21768 SessionId[:]0 ThreadCount[:]11 CommandLine[:] Priority[:]8 ProcessId[:]2144 ReadOperationCount[:]36 ReadTransferCount[:]79613 SessionId[:]0 ThreadCount[:]8 CommandLine[:] Priority[:]8 ProcessId[:]920 ReadOperationCount[:]632 ReadTransferCount[:]769760 SessionId[:]0 ThreadCount[:]10 lxdiamon.exe||1.0.2676.13196||1.0.2676.13196||Application||C:\Program Files (x86)\Lexmark 3500-4500 Series\||24.7KB (25,256 bytes)||||2010/11/01 21:12:25||2009/04/27 13:30:54||2010/11/01 21:12:25||0||1||0||0||0||0||||Device Monitor Application|| ||c498ba6ce31d62d27718c70bd6221940|| CommandLine[:]"C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe" Priority[:]8 ProcessId[:]4112 ReadOperationCount[:]46 ReadTransferCount[:]698081 SessionId[:]1 ThreadCount[:]7 Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>mscoree.dll||4.0.31106.0 (Main.031106-0000)||4.0.31106.0||Application extension||C:\Windows\System32\||291KB (297,808 bytes)||||2010/10/29 16:11:44||2009/11/25 12:47:34||2010/10/29 16:11:44||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Runtime Execution Engine||© Microsoft Corporation. All rights reserved.||128dd9af8640dbcc711940903c8b554f||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>mscoreei.dll||4.0.30319.1 (RTMRel.030319-0100)||4.0.30319.1||Application extension||C:\Windows\Microsoft.NET\Framework\v4.0.30319\||403KB (413,008 bytes)||||2010/03/18 13:16:28||2010/03/18 13:16:28||2010/10/29 17:02:50||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Runtime Execution Engine||© Microsoft Corporation. All rights reserved.||83ba5e873164a3711b44052f58c8fe9f||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>mscorwks.dll||2.0.50727.4952 (win7RTMGDR.050727-4900)||2.0.50727.4952||Application extension||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||5.55MB (5,816,656 bytes)||||2010/10/29 16:06:50||2010/05/20 17:49:18||2010/10/29 16:06:50||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Runtime Common Language Runtime - WorkStation||© Microsoft Corporation. All rights reserved.||2d10eb6c6a8701c8609892b90b3abf2d||<||||>msvcr80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||618KB (632,656 bytes)||||2009/07/13 15:46:13||2009/06/10 16:23:11||2009/07/13 15:46:13||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C Runtime Library||© Microsoft Corporation. All rights reserved.||c4e9e285e1730d864dd4b35b73cdafdb||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>profapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||31.0KB (31,744 bytes)||||2009/07/13 18:12:02||2009/07/13 20:16:12||2009/07/13 18:12:02||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Profile Basic API||© Microsoft Corporation. All rights reserved.||c733d233b623b7ffce5031e4b756ee26||<||||>mscorlib.ni.dll||2.0.50727.4952 (win7RTMGDR.050727-4900)||2.0.50727.4952||DLL File||C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f58ab951b57c8526430486dcf7ee38fd\||11.0MB (11,490,304 bytes)||||2010/10/29 16:26:48||2010/10/29 16:26:48||2010/10/29 16:26:48||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft Common Language Runtime Class Library||© Microsoft Corporation. All rights reserved.||6b3569b08cf6aa9023281b09426e9ad2||<||||>mscorsec.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application extension||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||72.3KB (74,064 bytes)||||2009/07/13 15:46:26||2009/06/10 16:23:08||2009/07/13 15:46:26||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Security module||© Microsoft Corporation. All rights reserved.||6e9e439517d89edc9a6cb1e94489620a||<||||>wintrust.dll||6.1.7600.16493 (win7_gdr.091228-1501)||6.1.7600.16493||Application extension||C:\Windows\SysWOW64\||168KB (172,032 bytes)||||2010/08/11 20:58:51||2010/08/11 20:58:51||2010/08/11 20:58:51||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Trust Verification APIs||© Microsoft Corporation. All rights reserved.||f8090992723d55f6a2a8238f0d152149||<||||>crypt32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.10MB (1,151,488 bytes)||||2009/07/13 18:34:18||2009/07/13 20:15:07||2009/07/13 18:34:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Crypto API32||© Microsoft Corporation. All rights reserved.||e6b5de86abf68d7d67e451c29287b5c5||<||||>msasn1.dll||6.1.7600.16415 (win7_gdr.090828-1615)||6.1.7600.16415||Application extension||C:\Windows\SysWOW64\||34.0KB (34,816 bytes)||||2010/08/11 20:54:49||2010/08/11 20:54:49||2010/08/11 20:54:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||ASN.1 Runtime APIs||© Microsoft Corporation. All rights reserved.||4c04900aa8c323f5d4c316a89e976849||<||||>comctl32.dll||5.82 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\||518KB (530,432 bytes)||||2010/10/29 16:06:18||2010/08/21 00:33:24||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Common Controls Library||© Microsoft Corporation. All rights reserved.||d3ead1cf16ba729a7f7c9a5d94aa7c05||<||||>cryptsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||77.0KB (78,848 bytes)||||2009/07/13 18:37:21||2009/07/13 20:15:07||2009/07/13 18:37:21||0||1||0||0||0||0||Microsoft® Windows® Operating System||Cryptographic Service Provider API||© Microsoft Corporation. All rights reserved.||7321f18d1f820612ed0e9f2d4b578a7e||<||||>rsaenh.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||237KB (242,936 bytes)||||2009/07/13 18:37:33||2009/07/13 20:17:54||2009/07/13 18:37:33||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Enhanced Cryptographic Provider||© Microsoft Corporation. All rights reserved.||ed8ec63f7522df4852147c84ec62c36a||<||||>imagehlp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||151KB (154,624 bytes)||||2009/07/13 18:57:51||2009/07/13 20:15:31||2009/07/13 18:57:51||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT Image Helper||© Microsoft Corporation. All rights reserved.||61da1dd85f7a9a8f8dea8771931faaf6||<||||>ncrypt.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||214KB (219,136 bytes)||||2009/07/13 18:33:05||2009/07/13 20:16:02||2009/07/13 18:33:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows cryptographic library||© Microsoft Corporation. All rights reserved.||c20ff1a17726c357461a7ac5b3bfc3ad||<||||>bcrypt.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||79.0KB (80,896 bytes)||||2009/07/13 18:32:57||2009/07/13 20:11:20||2009/07/13 18:32:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Cryptographic Primitives Library (Wow64)||© Microsoft Corporation. All rights reserved.||ce71b9119a258edd0a05b37d7b0f92e3||<||||>bcryptprimitives.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||244KB (249,680 bytes)||||2009/07/13 18:33:07||2009/07/13 20:17:54||2009/07/13 18:33:07||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Cryptographic Primitives Library||© Microsoft Corporation. All rights reserved.||e8449fe262d7406bcb2ac2a45c53ec5f||<||||>userenv.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||77.5KB (79,360 bytes)||||2009/07/13 18:34:19||2009/07/13 20:16:17||2009/07/13 18:34:19||0||1||0||0||0||0||Microsoft® Windows® Operating System||Userenv||© Microsoft Corporation. All rights reserved.||9c0dc1daad14d443dd5a0d1ee78d775e||<||||>gpapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||78.0KB (79,872 bytes)||||2009/07/13 18:38:32||2009/07/13 20:15:22||2009/07/13 18:38:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Group Policy Client API||© Microsoft Corporation. All rights reserved.||1097f3035baf46ced8b332b3564c5108||<||||>cryptnet.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||101KB (103,424 bytes)||||2009/07/13 18:32:43||2009/07/13 20:15:07||2009/07/13 18:32:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||Crypto Network Related API||© Microsoft Corporation. All rights reserved.||04d16553664796613fe98d441a0c35d7||<||||>Wldap32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||263KB (268,800 bytes)||||2009/07/13 18:38:45||2009/07/13 20:16:19||2009/07/13 18:38:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Win32 LDAP API DLL||© Microsoft Corporation. All rights reserved.||bfa70a99ad1434263f2dfbba103bdef8||<||||>SensApi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||10.5KB (10,752 bytes)||||2009/07/13 18:21:53||2009/07/13 20:16:13||2009/07/13 18:21:53||0||1||0||0||0||0||Microsoft® Windows® Operating System||SENS Connectivity API DLL||© Microsoft Corporation. All rights reserved.||6f8e3b7b70e1bba871212940c1fbdf60||<||||>cabinet.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||71.0KB (72,704 bytes)||||2009/07/13 18:12:33||2009/07/13 20:15:00||2009/07/13 18:12:33||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft® Cabinet File API||© Microsoft Corporation. All rights reserved.||def30cbea881149c2affdf9a059fb759||<||||>devrtl.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||43.5KB (44,544 bytes)||||2009/07/13 18:16:06||2009/07/13 20:15:11||2009/07/13 18:16:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Device Management Run Time Library||© Microsoft Corporation. All rights reserved.||fd07f21e0a19c27ed4e1eec2b07452b3||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>mscorjit.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application extension||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||355KB (363,856 bytes)||||2009/07/13 15:46:24||2009/06/10 16:23:05||2009/07/13 15:46:24||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Runtime Just-In-Time Compiler||© Microsoft Corporation. All rights reserved.||07f4fcc206ccd2b95e842bb127609c1c||<||||>RpcRtRemote.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||44.5KB (45,568 bytes)||||2009/07/13 18:43:48||2009/07/13 20:16:13||2009/07/13 18:43:48||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote RPC Extension||© Microsoft Corporation. All rights reserved.||6c0bd9d59c7e97dee2fb3407d17bf697||<||||>App4R.Monitor.Core.dll||1.0.2676.13195||1.0.2676.13195||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||40.0KB (40,960 bytes)||||2010/11/01 21:12:25||2007/05/02 05:11:56||2010/11/01 21:12:25||0||1||0||0||0||0|||| || ||5068e451bd71967a0d67ec2e3c1a6d6e||<||||>App4R.Monitor.Common.dll||1.0.2676.13193||1.0.2676.13193||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||28.0KB (28,672 bytes)||||2010/11/01 21:12:25||2007/05/02 05:11:56||2010/11/01 21:12:25||0||1||0||0||0||0|||| || ||2b1a2ce30b65e75746c7c753697bcb92||<||||>System.ni.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||DLL File||C:\Windows\assembly\NativeImages_v2.0.50727_32\System\500ddd904b1099f95552a81b54223b7f\||7.58MB (7,949,312 bytes)||||2010/10/29 16:26:52||2010/10/29 16:26:52||2010/10/29 16:26:52||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Framework||© Microsoft Corporation. All rights reserved.||306f368dceeccd7b856814ca9adafb63||<||||>System.Drawing.ni.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||DLL File||C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\fdeec42fa02f3d789c42be2e33b130eb\||1.51MB (1,586,688 bytes)||||2010/10/29 16:27:11||2010/10/29 16:27:11||2010/10/29 16:27:11||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Framework||© Microsoft Corporation. All rights reserved.||0e8deab79bf37617c41783c99684190e||<||||>System.Windows.Forms.ni.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||DLL File||C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f92c882fd4e7005c005e208daa04c28d\||11.9MB (12,430,848 bytes)||||2010/10/29 16:27:16||2010/10/29 16:27:16||2010/10/29 16:27:16||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Framework||© Microsoft Corporation. All rights reserved.||1383868bf3724167026f8db984718b6d||<||||>System.Configuration.ni.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||DLL File||C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4be2653d1c9804d2ff6e6b66d22764e1\||949KB (971,264 bytes)||||2010/10/29 16:26:53||2010/10/29 16:26:53||2010/10/29 16:26:53||0||1||0||0||0||0||Microsoft® .NET Framework||System.Configuration.dll||© Microsoft Corporation. All rights reserved.||d689e8f39bbbb41b8f2704f85220590a||<||||>System.Xml.ni.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||DLL File||C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3060dfcdecbeb8ee65077fb29b217c3d\||5.20MB (5,452,800 bytes)||||2010/10/29 16:26:56||2010/10/29 16:26:56||2010/10/29 16:26:56||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Framework||© Microsoft Corporation. All rights reserved.||f55e3a708c1b6db16a64c40c3d8bfb88||<||||>App4R.DevMons.MCMDevMon.dll||1.0.2676.13194||1.0.2676.13194||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||56.0KB (57,344 bytes)||||2010/11/01 21:12:25||2007/05/02 05:10:58||2010/11/01 21:12:25||0||1||0||0||0||0|||| || ||65b0522086ef3d0ab4e01f5601041701||<||||>App4R.DevMons.NetworkCardDevMon.dll||1.0.2676.13193||1.0.2676.13193||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||20.0KB (20,480 bytes)||||2010/11/01 21:12:25||2007/04/30 08:19:48||2010/11/01 21:12:25||0||1||0||0||0||0||NetworkCardDevMon||NetworkCardDevMon|| ||c7093a310b2dd6cfb0436938711ba409||<||||>App4R.DevMons.ScanDevMon.dll||1.0.2676.13195||1.0.2676.13195||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||20.0KB (20,480 bytes)||||2010/11/01 21:12:25||2007/04/30 08:19:52||2010/11/01 21:12:25||0||1||0||0||0||0|||| || ||a8efd009143c7ab1731235524b54341d||<||||>winspool.drv||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Device driver||C:\Windows\System32\||312KB (319,488 bytes)||||2009/07/13 19:18:30||2009/07/13 20:14:08||2009/07/13 19:18:30||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Spooler Driver||© Microsoft Corporation. All rights reserved.||61e02cc3184b63fafe0b83eac8b3b8ef||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>comctl32.dll||6.10 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\||1.60MB (1,680,896 bytes)||||2010/10/29 16:06:18||2010/08/21 00:21:32||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Experience Controls Library||© Microsoft Corporation. All rights reserved.||4b8dd8541c0e26602005dd0137333615||<||||>App4R.DevMons.MCMDevMon.AutoPlayUtil.dll||||||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||11.5KB (11,776 bytes)||||2010/11/01 21:12:25||2007/04/30 08:20:26||2010/11/01 21:12:25||0||1||0||0||0||0||||||||82696f34a604b65b4102ca96da153ef1||<||||>mfc71.dll||7.10.3077.0||7.10.3077.0||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||1.01MB (1,060,864 bytes)||||2010/11/01 21:12:25||2007/01/19 04:10:14||2010/11/01 21:12:25||0||1||0||0||0||0||Microsoft® Visual Studio .NET||MFCDLL Shared Library - Retail Version||© Microsoft Corporation. All rights reserved.||f35a584e947a5b401feb0fe01db4a0d7||<||||>msvcr71.dll||7.10.3052.4||7.10.3052.4||Application extension||C:\Program Files (x86)\Lexmark 3500-4500 Series\||340KB (348,160 bytes)||||2010/11/01 21:12:25||2007/01/19 04:10:14||2010/11/01 21:12:25||0||1||0||0||0||0||Microsoft® Visual Studio .NET||Microsoft® C Runtime Library||© Microsoft Corporation. All rights reserved.||86f1895ae8c5e8b17d99ece768a70732||<||||>System.Runtime.Remoting.ni.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||DLL File||C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\6afe3a43d112ed5356d73468c5c44045\||754KB (771,584 bytes)||||2010/10/29 16:27:38||2010/10/29 16:27:38||2010/10/29 16:27:38||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Runtime Object Remoting||© Microsoft Corporation. All rights reserved.||e84a99eae286881d9b7057ec2ab34e0b||<||||>ws2_32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||202KB (206,336 bytes)||||2009/07/13 18:12:28||2009/07/13 20:16:20||2009/07/13 18:12:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 2.0 32-Bit DLL||© Microsoft Corporation. All rights reserved.||daae8a9b8c0acc7f858454132553c30d||<||||>nsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||8.50KB (8,704 bytes)||||2009/07/13 18:12:06||2009/07/13 20:16:11||2009/07/13 18:12:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||NSI User-mode interface DLL||© Microsoft Corporation. All rights reserved.||6377051c63d5552a311935c67e9fdfdc||<||||>SPICtrl.dll||1, 0, 0, 1||1, 0, 0, 0||Application extension||C:\Program Files (x86)\IObit\Advanced SystemCare 3\||1.37MB (1,433,296 bytes)||||2010/10/29 19:31:28||2010/09/28 20:50:14||2010/10/29 19:31:28||0||1||0||0||0||0||SPICtrl Dynamic Link Library||SPICtrl Dynamic Link Library||Copyright(C) 2005-2009||c7868fd23610dc8077f5037d5c7fde47||<||||>comdlg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||476KB (486,912 bytes)||||2009/07/13 18:39:49||2009/07/13 20:15:07||2009/07/13 18:39:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||Common Dialogs DLL||© Microsoft Corporation. All rights reserved.||a223cf703e28cbd7e9e7982141fa403c||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>mswsock.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||227KB (232,448 bytes)||||2009/07/13 18:12:34||2009/07/13 20:15:51||2009/07/13 18:12:34||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Sockets 2.0 Service Provider||© Microsoft Corporation. All rights reserved.||11a41f17527ed75d6b758fdd7f4fd00d||<||||>WSHTCPIP.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||9.00KB (9,216 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv4)||© Microsoft Corporation. All rights reserved.||ee5c8e27c37b79cb54a2fceeed2dc262||<||||>wship6.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||10.5KB (10,752 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv6)||© Microsoft Corporation. All rights reserved.||73e8667a19feedd856df2695e9e511d4||<||||>nlaapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||50.5KB (51,712 bytes)||||2009/07/13 18:53:54||2009/07/13 20:16:03||2009/07/13 18:53:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Location Awareness 2||© Microsoft Corporation. All rights reserved.||045db4eab4fbd23210e85ecc3f464a2e||<||||>dnsapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||264KB (269,824 bytes)||||2009/07/13 18:12:41||2009/07/13 20:15:12||2009/07/13 18:12:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||DNS Client API DLL||© Microsoft Corporation. All rights reserved.||6d5a49d6479eb753c7879f73a4c35e0f||<||||>winrnr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:37:57||2009/07/13 20:16:19||2009/07/13 18:37:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||LDAP RnR Provider DLL||© Microsoft Corporation. All rights reserved.||5df5d8cfd9b9573fa3b2c89d9061a240||<||||>NapiNSP.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||51.0KB (52,224 bytes)||||2009/07/13 18:54:55||2009/07/13 20:16:02||2009/07/13 18:54:55||0||1||0||0||0||0||Microsoft® Windows® Operating System||E-mail Naming Shim Provider||© Microsoft Corporation. All rights reserved.||0b7e85364cb878e2ad531db7b601a9e5||<||||>pnrpnsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||63.5KB (65,024 bytes)||||2009/07/13 18:55:50||2009/07/13 20:16:12||2009/07/13 18:55:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||PNRP Name Space Provider||© Microsoft Corporation. All rights reserved.||5cf640eddb1e40a5ab1bb743bcdec610||<||||>IPHLPAPI.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||102KB (103,936 bytes)||||2009/07/13 18:12:15||2009/07/13 20:15:33||2009/07/13 18:12:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||IP Helper API||© Microsoft Corporation. All rights reserved.||6095266caaf5e75f394cfd4844cc4c25||<||||>winnsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||16.5KB (16,896 bytes)||||2009/07/13 18:12:05||2009/07/13 20:16:19||2009/07/13 18:12:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Store Information RPC interface||© Microsoft Corporation. All rights reserved.||cff35b879d1618d42c86644c717ba947||<||||>rasadhlp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||11.5KB (11,776 bytes)||||2009/07/13 18:54:36||2009/07/13 20:16:12||2009/07/13 18:54:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Access AutoDial Helper||© Microsoft Corporation. All rights reserved.||ed6ee83d61ebc683c2cd8e899ea6febe||<||||>FWPUCLNT.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||212KB (216,576 bytes)||||2009/07/13 18:54:04||2009/07/13 20:15:21||2009/07/13 18:54:04||0||1||0||0||0||0||Microsoft® Windows® Operating System||FWP/IPsec User-Mode API||© Microsoft Corporation. All rights reserved.||158117f3cf278f01c6f24e89e2141e81||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||> EvtEng.exe||13, 2, 0, 3||13, 2, 0, 0||Application||C:\Program Files\Intel\WiFi\bin\||1.36MB (1,425,168 bytes)||||2010/03/05 12:26:38||2010/03/05 12:26:38||2010/08/11 20:35:45||0||1||0||0||0||0||Intel(R) PROSet/Wireless||Intel(R) PROSet/Wireless Event Log Service||Copyright (c) Intel Corporation 1999-2010||b56d9602db5fe1c116b1ca5efd8e2e50|| CommandLine[:] Priority[:]8 ProcessId[:]4732 ReadOperationCount[:]213 ReadTransferCount[:]56794 SessionId[:]0 ThreadCount[:]20 CLMLSvc.exe||2.1.1803.0||2.1.1803.0||Application||C:\Program Files (x86)\CyberLink\Power2Go\||101KB (103,720 bytes)||||2009/11/02 16:21:26||2009/11/02 16:21:26||2010/08/11 20:15:26||0||1||0||0||0||0||CyberLink MediaLibray Service||CyberLink MediaLibray Service||Copyright (C) 2005||57b4d34232852bfe4453be571df90d21|| CommandLine[:]"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" Priority[:]8 ProcessId[:]5064 ReadOperationCount[:]44 ReadTransferCount[:]35157 SessionId[:]1 ThreadCount[:]6 Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>msvcp71.dll||7.10.4301.0||7.10.4301.0||Application extension||C:\Program Files (x86)\CyberLink\Power2Go\||497KB (509,224 bytes)||||2009/11/02 16:17:54||2009/11/02 16:17:54||2010/08/11 20:15:27||0||1||0||0||0||0||Microsoft® Visual Studio .NET||Microsoft® C++ Runtime Library||© Microsoft Corporation. All rights reserved.||c3a5ffd57c2563204cd9351f0c7a0dea||<||||>msvcr71.dll||7.10.6014.4||7.10.6014.4||Application extension||C:\Program Files (x86)\CyberLink\Power2Go\||345KB (353,576 bytes)||||2009/11/02 16:17:42||2009/11/02 16:17:42||2010/08/11 20:15:27||0||1||0||0||0||0||Microsoft® Visual Studio .NET||Microsoft® C Runtime Library||© Microsoft Corporation. All rights reserved.||a1a6fc56a1d0dadc164637fe43c40605||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>clbcatq.dll||2001.12.8530.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||510KB (522,240 bytes)||||2009/07/13 18:44:44||2009/07/13 20:15:03||2009/07/13 18:44:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||COM+ Configuration Catalog||© Microsoft Corporation. All rights reserved.||ff5688d309347f2720911d8796912834||<||||>cryptsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||77.0KB (78,848 bytes)||||2009/07/13 18:37:21||2009/07/13 20:15:07||2009/07/13 18:37:21||0||1||0||0||0||0||Microsoft® Windows® Operating System||Cryptographic Service Provider API||© Microsoft Corporation. All rights reserved.||7321f18d1f820612ed0e9f2d4b578a7e||<||||>rsaenh.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||237KB (242,936 bytes)||||2009/07/13 18:37:33||2009/07/13 20:17:54||2009/07/13 18:37:33||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Enhanced Cryptographic Provider||© Microsoft Corporation. All rights reserved.||ed8ec63f7522df4852147c84ec62c36a||<||||>RpcRtRemote.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||44.5KB (45,568 bytes)||||2009/07/13 18:43:48||2009/07/13 20:16:13||2009/07/13 18:43:48||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote RPC Extension||© Microsoft Corporation. All rights reserved.||6c0bd9d59c7e97dee2fb3407d17bf697||<||||>profapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||31.0KB (31,744 bytes)||||2009/07/13 18:12:02||2009/07/13 20:16:12||2009/07/13 18:12:02||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Profile Basic API||© Microsoft Corporation. All rights reserved.||c733d233b623b7ffce5031e4b756ee26||<||||>CLMediaLibrary.dll||3.10.1803.0||3.10.1803.0||Application extension||C:\Program Files (x86)\CyberLink\Power2Go\||605KB (619,816 bytes)||||2009/11/02 16:20:10||2009/11/02 16:20:10||2010/08/11 20:15:26||0||1||0||0||0||0|| CLMediaLibrary Dynamic Link Library||CLMediaLibrary Dynamic Link Library||Copyright (C) 2006||6a5d0ed8f280ab8e312a4252472a14a4||<||||>GdiPlus.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\||1.55MB (1,624,576 bytes)||||2009/07/13 18:26:25||2009/07/13 20:03:50||2009/07/13 18:26:25||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft GDI+||© Microsoft Corporation. All rights reserved.||edb57065790b62ef83be117ad3edfde2||<||||>ntmarta.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||119KB (121,856 bytes)||||2009/07/13 18:34:20||2009/07/13 20:16:11||2009/07/13 18:34:20||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT MARTA provider||© Microsoft Corporation. All rights reserved.||3fd15b4611d9bda3f8013548c0ecaeca||<||||>Wldap32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||263KB (268,800 bytes)||||2009/07/13 18:38:45||2009/07/13 20:16:19||2009/07/13 18:38:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Win32 LDAP API DLL||© Microsoft Corporation. All rights reserved.||bfa70a99ad1434263f2dfbba103bdef8||<||||>wmp.dll||12.0.7600.16667 (win7_gdr.100831-1503)||12.0.7600.16667||Application extension||C:\Windows\System32\||10.9MB (11,406,848 bytes)||||2010/10/29 16:02:24||2010/08/31 23:29:28||2010/10/29 16:02:24||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Media Player||© Microsoft Corporation. All rights reserved.||9967bce6cf289223adc2fbf311c6a78f||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>wmploc.DLL||12.0.7600.16385 (win7_rtm.090713-1255)||12.0.7600.16385||Application extension||C:\Windows\System32\||12.0MB (12,625,408 bytes)||||2010/10/29 16:02:22||2010/08/31 23:23:49||2010/10/29 16:02:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Media Player Resources||© Microsoft Corporation. All rights reserved.||fa05241c7bc7ebcc36af78299d0d37fe||<||||>CLMLSvcPS.dll||1, 0, 0, 1||1, 0, 0, 1||Application extension||C:\Program Files (x86)\CyberLink\Power2Go\||12.8KB (13,096 bytes)||||2009/11/02 16:23:36||2009/11/02 16:23:36||2010/08/11 20:15:31||0||1||0||0||0||0|| CLMLSvc Dynamic Link Library||CLMLSvc Dynamic Link Library||Copyright (C) 2005||2168e61b9e3b06eeb8b3eacdfdc4699b||<||||> avp.exe||11.0.1.419||11.0.1.419||Application||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||345KB (352,976 bytes)||||2010/07/01 21:39:08||2010/10/29 17:20:36||2010/10/29 17:20:36||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Anti-Virus||© 1997-2010 Kaspersky Lab ZAO.||946d70667b0119f2beeae0849e1d46a2|| CommandLine[:]"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" Priority[:]8 ProcessId[:]5104 ReadOperationCount[:]1198 ReadTransferCount[:]4971744 SessionId[:]1 ThreadCount[:]20 Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>msvcr80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||618KB (632,656 bytes)||||2009/07/13 15:46:13||2009/06/10 16:23:11||2009/07/13 15:46:13||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C Runtime Library||© Microsoft Corporation. All rights reserved.||c4e9e285e1730d864dd4b35b73cdafdb||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>fssync.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||86.7KB (88,760 bytes)||||2010/07/01 21:35:02||2010/07/01 21:35:02||2010/10/29 17:08:07||0||1||0||0||0||0||Kaspersky Anti-Virus||FSSYNC.DLL||© 1997-2010 Kaspersky Lab ZAO.||a39c30993dcbd6e6979cd775dc9d07f8||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>fltLib.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||14.5KB (14,848 bytes)||||2009/07/13 18:14:03||2009/07/13 20:15:21||2009/07/13 18:14:03||0||1||0||0||0||0||Microsoft® Windows® Operating System||Filter Library||© Microsoft Corporation. All rights reserved.||1ebe9524683c7c4eed8b8bc93fb6fbcc||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>psapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||6.00KB (6,144 bytes)||||2009/07/13 18:15:50||2009/07/13 20:16:12||2009/07/13 18:15:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||Process Status Helper||© Microsoft Corporation. All rights reserved.||a543ac1f7138376d778d630a35fcbc4c||<||||>dumpwriter.dll||11.0.1.416||11.0.1.416||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||115KB (117,432 bytes)||||2010/07/01 21:35:00||2010/10/29 17:20:36||2010/10/29 17:20:36||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Dump Writer DLL||© 1997-2010 Kaspersky Lab ZAO.||8a2440aaf3809a325dfb30ea98f0810d||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>msvcp80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||542KB (554,816 bytes)||||2009/07/13 15:46:11||2009/06/10 16:23:11||2009/07/13 15:46:11||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C++ Runtime Library||© Microsoft Corporation. All rights reserved.||cfc54225d1870fdbf6e9e75fb83a27cb||<||||>memmng.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||16.2KB (16,568 bytes)||||2010/07/01 21:35:16||2010/07/01 21:35:16||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||Memmng module||© 1997-2010 Kaspersky Lab ZAO.||3623c04d8f6eaafa918b797ede0f6c90||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>wtsapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||39.0KB (39,936 bytes)||||2009/07/13 19:02:18||2009/07/13 20:16:20||2009/07/13 19:02:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Remote Desktop Session Host Server SDK APIs||© Microsoft Corporation. All rights reserved.||e30e5bb0dba49efe5bbbafea440cfbd9||<||||>winsta.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||153KB (156,160 bytes)||||2009/07/13 19:02:29||2009/07/13 20:16:19||2009/07/13 19:02:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winstation Library||© Microsoft Corporation. All rights reserved.||ae5ff948400a51b040f999bf04290373||<||||>ushata.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||54.7KB (55,992 bytes)||||2010/07/01 21:35:24||2010/07/01 21:35:24||2010/10/29 17:08:27||0||1||0||0||0||0||Kaspersky Anti-Virus||Ushata module||© 1997-2010 Kaspersky Lab ZAO.||d44925e16d98bf4089dd0e624791536c||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||>clldr.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||17.7KB (18,104 bytes)||||2010/07/01 21:34:56||2010/07/01 21:34:56||2010/10/29 17:08:06||0||1||0||0||0||0||Kaspersky Anti-Virus||CLLDR||© 1997-2010 Kaspersky Lab ZAO.||9f61b1b7b715409fd4d57c2b2a97af79||<||||>prremote.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||143KB (146,104 bytes)||||2010/07/01 21:35:20||2010/07/01 21:35:20||2010/10/29 17:08:16||0||1||0||0||0||0||Kaspersky Anti-Virus||PR_REMOTE||© 1997-2010 Kaspersky Lab ZAO.||734b1b0b9eba64026428bbbab2d92b58||<||||>prloader.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||247KB (252,600 bytes)||||2010/07/01 21:35:20||2010/07/01 21:35:20||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||Prague Loader||© 1997-2010 Kaspersky Lab ZAO.||1010dd531904fd62ec0ebc0d7610b858||<||||>userenv.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||77.5KB (79,360 bytes)||||2009/07/13 18:34:19||2009/07/13 20:16:17||2009/07/13 18:34:19||0||1||0||0||0||0||Microsoft® Windows® Operating System||Userenv||© Microsoft Corporation. All rights reserved.||9c0dc1daad14d443dd5a0d1ee78d775e||<||||>profapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||31.0KB (31,744 bytes)||||2009/07/13 18:12:02||2009/07/13 20:16:12||2009/07/13 18:12:02||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Profile Basic API||© Microsoft Corporation. All rights reserved.||c733d233b623b7ffce5031e4b756ee26||<||||>pxstub.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||38.7KB (39,608 bytes)||||2010/07/01 21:36:02||2010/07/01 21:36:02||2010/10/29 17:08:16||0||1||0||0||0||0||Kaspersky Anti-Virus||Proxy Stubs||© 1997-2010 Kaspersky Lab ZAO.||97b3cc546e4fd6c192d377784033f7d0||<||||>params.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||1.00MB (1,051,320 bytes)||||2010/07/01 21:35:56||2010/07/01 21:35:56||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||Structure Serializer||© 1997-2010 Kaspersky Lab ZAO.||1290f60e791d0a6198999215698d6b9a||<||||>WinReg.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||35.7KB (36,536 bytes)||||2010/07/01 21:36:20||2010/07/01 21:36:20||2010/10/29 17:08:27||0||1||0||0||0||0||Kaspersky Anti-Virus||WINREG||© 1997-2010 Kaspersky Lab ZAO.||6c000c2052c3fbcf37b34c852e7fb3c2||<||||>HASHMD5.PPL||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||15.2KB (15,544 bytes)||||2010/07/01 21:35:44||2010/07/01 21:35:44||2010/10/29 17:08:07||0||1||0||0||0||0||Kaspersky Anti-Virus||HASHMD5||© 1997-2010 Kaspersky Lab ZAO.||902876ab7186e64e6a5ffd1d594aa913||<||||>nfio.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||111KB (113,336 bytes)||||2010/07/01 21:35:54||2010/07/01 21:35:54||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||NFIO||© 1997-2010 Kaspersky Lab ZAO.||482d226b656be4a773768b6adec0809c||<||||>mpr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||62.5KB (64,000 bytes)||||2009/07/13 18:55:36||2009/07/13 20:15:41||2009/07/13 18:55:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multiple Provider Router DLL||© Microsoft Corporation. All rights reserved.||b9a8cbcfcd3ec9d2ea4740af347bf108||<||||>FsDrvPlg.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||18.7KB (19,128 bytes)||||2010/07/01 21:35:44||2010/07/01 21:35:44||2010/10/29 17:08:07||0||1||0||0||0||0||Kaspersky Anti-Virus||Plugin for FSDrv||© 1997-2010 Kaspersky Lab ZAO.||920e9b09a52bd402fca78cef9efb6015||<||||>RpcRtRemote.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||44.5KB (45,568 bytes)||||2009/07/13 18:43:48||2009/07/13 20:16:13||2009/07/13 18:43:48||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote RPC Extension||© Microsoft Corporation. All rights reserved.||6c0bd9d59c7e97dee2fb3407d17bf697||<||||>avpgui.ppl||11.0.1.416||11.0.1.416||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||1.28MB (1,346,232 bytes)||||2010/08/04 12:56:08||2010/10/29 17:20:36||2010/10/29 17:20:36||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Anti-Virus GUI Logic||© 1997-2010 Kaspersky Lab ZAO.||ff89b53d9e3dbd734bf1380201d91a7b||<||||>service.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||187KB (191,160 bytes)||||2010/07/01 21:35:20||2010/07/01 21:35:20||2010/10/29 17:08:17||0||1||0||0||0||0||Kaspersky Anti-Virus||Component service provider||© 1997-2010 Kaspersky Lab ZAO.||66fea468fca2d11cd31bbe04ab1f2964||<||||>eka_meta.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||459KB (469,688 bytes)||||2010/07/01 21:35:00||2010/07/01 21:35:00||2010/10/29 17:08:07||0||1||0||0||0||0||Kaspersky Anti-Virus||EKA_META||© 1997-2010 Kaspersky Lab ZAO.||8ac0b70dec4324863fa8c65319dfd305||<||||>esmgr.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||263KB (268,984 bytes)||||2010/07/01 21:35:02||2010/07/01 21:35:02||2010/10/29 17:08:07||0||1||0||0||0||0||Kaspersky Anti-Virus||ESMgr||© 1997-2010 Kaspersky Lab ZAO.||aaf5eea8ec73d2d73055c09ee2545382||<||||>basegui.ppl||11.0.1.414||11.0.1.414||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||1.62MB (1,694,392 bytes)||||2010/07/27 20:19:06||2010/10/29 17:20:36||2010/10/29 17:20:36||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Anti-Virus GUI Windows part||© 1997-2010 Kaspersky Lab ZAO.||eb66085ecaca891b5c35f5b2f55cc55a||<||||>netapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||55.5KB (56,832 bytes)||||2009/07/13 18:37:53||2009/07/13 20:16:02||2009/07/13 18:37:53||0||1||0||0||0||0||Microsoft® Windows® Operating System||Net Win32 API DLL||© Microsoft Corporation. All rights reserved.||c3dbf7dff5a38136e26badb7ab4e2972||<||||>netutils.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||21.5KB (22,016 bytes)||||2009/07/13 18:37:29||2009/07/13 20:16:03||2009/07/13 18:37:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Net Win32 API Helpers DLL||© Microsoft Corporation. All rights reserved.||c6bb27d9a8ac13d4a44486f528b5c884||<||||>srvcli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||88.0KB (90,112 bytes)||||2009/07/13 18:37:36||2009/07/13 20:16:15||2009/07/13 18:37:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Server Service Client DLL||© Microsoft Corporation. All rights reserved.||89d840773c9c4358a5031dcc860449ec||<||||>wkscli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||46.0KB (47,104 bytes)||||2009/07/13 18:37:38||2009/07/13 20:16:19||2009/07/13 18:37:38||0||1||0||0||0||0||Microsoft® Windows® Operating System||Workstation Service Client DLL||© Microsoft Corporation. All rights reserved.||7ad12703039056d2a0815f85960e1fa1||<||||>samcli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||49.5KB (50,688 bytes)||||2009/07/13 18:37:32||2009/07/13 20:16:13||2009/07/13 18:37:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Accounts Manager Client DLL||© Microsoft Corporation. All rights reserved.||742aa02bd9fa3492c9e525bbd427d87d||<||||>msimg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||4.50KB (4,608 bytes)||||2009/07/13 18:25:24||2009/07/13 20:15:44||2009/07/13 18:25:24||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDIEXT Client DLL||© Microsoft Corporation. All rights reserved.||18ab2e5a40064ed5f7791ac5946a90f3||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>ws2_32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||202KB (206,336 bytes)||||2009/07/13 18:12:28||2009/07/13 20:16:20||2009/07/13 18:12:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 2.0 32-Bit DLL||© Microsoft Corporation. All rights reserved.||daae8a9b8c0acc7f858454132553c30d||<||||>nsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||8.50KB (8,704 bytes)||||2009/07/13 18:12:06||2009/07/13 20:16:11||2009/07/13 18:12:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||NSI User-mode interface DLL||© Microsoft Corporation. All rights reserved.||6377051c63d5552a311935c67e9fdfdc||<||||>comctl32.dll||6.10 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\||1.60MB (1,680,896 bytes)||||2010/10/29 16:06:18||2010/08/21 00:21:32||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Experience Controls Library||© Microsoft Corporation. All rights reserved.||4b8dd8541c0e26602005dd0137333615||<||||>clbcatq.dll||2001.12.8530.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||510KB (522,240 bytes)||||2009/07/13 18:44:44||2009/07/13 20:15:03||2009/07/13 18:44:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||COM+ Configuration Catalog||© Microsoft Corporation. All rights reserved.||ff5688d309347f2720911d8796912834||<||||>cryptsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||77.0KB (78,848 bytes)||||2009/07/13 18:37:21||2009/07/13 20:15:07||2009/07/13 18:37:21||0||1||0||0||0||0||Microsoft® Windows® Operating System||Cryptographic Service Provider API||© Microsoft Corporation. All rights reserved.||7321f18d1f820612ed0e9f2d4b578a7e||<||||>rsaenh.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||237KB (242,936 bytes)||||2009/07/13 18:37:33||2009/07/13 20:17:54||2009/07/13 18:37:33||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Enhanced Cryptographic Provider||© Microsoft Corporation. All rights reserved.||ed8ec63f7522df4852147c84ec62c36a||<||||>thpimpl.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||38.7KB (39,608 bytes)||||2010/07/01 21:36:12||2010/07/01 21:36:12||2010/10/29 17:08:26||0||1||0||0||0||0||Kaspersky Anti-Virus||Thread Pool||© 1997-2010 Kaspersky Lab ZAO.||2af329701a3368d2d66546b3a90ceeac||<||||>riched20.dll||5.31.23.1229||3.1||Application extension||C:\Windows\SysWOW64\||463KB (473,600 bytes)||||2009/07/13 18:26:19||2009/07/13 20:16:13||2009/07/13 18:26:19||0||1||0||0||0||0||Microsoft RichEdit Control, version 3.1||Rich Text Edit Control, v3.1||Copyright © Microsoft Corp. 1997-2008.||6ec594ab7efa45eacde65fd4040f53d9||<||||>setupapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.59MB (1,668,608 bytes)||||2009/07/13 18:16:56||2009/07/13 20:16:14||2009/07/13 18:16:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Setup API||© Microsoft Corporation. All rights reserved.||41323ab614a2b66ad77b1121d24ac895||<||||>cfgmgr32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||143KB (145,920 bytes)||||2009/07/13 18:16:10||2009/07/13 20:15:02||2009/07/13 18:16:10||0||1||0||0||0||0||Microsoft® Windows® Operating System||Configuration Manager DLL||© Microsoft Corporation. All rights reserved.||15b94e4ac75c9295275bdc9a1d7054c3||<||||>devobj.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||63.0KB (64,512 bytes)||||2009/07/13 18:16:09||2009/07/13 20:15:11||2009/07/13 18:16:09||0||1||0||0||0||0||Microsoft® Windows® Operating System||Device Information Set DLL||© Microsoft Corporation. All rights reserved.||cc4ed8bea78b0dca6f217e014c3291a7||<||||>propsys.dll||7.00.7600.16385 (win7_rtm.090713-1255)||7.00.7600.16385||Application extension||C:\Windows\SysWOW64\||965KB (988,160 bytes)||||2009/07/13 18:40:28||2009/07/13 20:16:12||2009/07/13 18:40:28||0||1||0||0||0||0||Windows® Search||Microsoft Property System||© Microsoft Corporation. All rights reserved.||26eaee08caf82aa7f03c5020f51da541||<||||>ntmarta.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||119KB (121,856 bytes)||||2009/07/13 18:34:20||2009/07/13 20:16:11||2009/07/13 18:34:20||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT MARTA provider||© Microsoft Corporation. All rights reserved.||3fd15b4611d9bda3f8013548c0ecaeca||<||||>Wldap32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||263KB (268,800 bytes)||||2009/07/13 18:38:45||2009/07/13 20:16:19||2009/07/13 18:38:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Win32 LDAP API DLL||© Microsoft Corporation. All rights reserved.||bfa70a99ad1434263f2dfbba103bdef8||<||||>WindowsCodecs.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||988KB (1,011,200 bytes)||||2009/07/13 18:29:14||2009/07/13 20:16:18||2009/07/13 18:29:14||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Codecs Library||© Microsoft Corporation. All rights reserved.||691c8dfb208227f0cbb5c0897c742ace||<||||>apphelp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||286KB (292,352 bytes)||||2009/07/13 18:14:31||2009/07/13 20:14:53||2009/07/13 18:14:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Application Compatibility Client Library||© Microsoft Corporation. All rights reserved.||c02e3ce20e7776c922b5c8938350b5f1||<||||>EhStorShell.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||186KB (189,952 bytes)||||2009/07/13 18:45:42||2009/07/13 20:15:14||2009/07/13 18:45:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Enhanced Storage Shell Extension DLL||© Microsoft Corporation. All rights reserved.||846d0e4db261cfaf363902e41498e961||<||||>ntshrui.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||433KB (442,880 bytes)||||2009/07/13 18:41:55||2009/07/13 20:16:11||2009/07/13 18:41:55||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell extensions for sharing||© Microsoft Corporation. All rights reserved.||36333d345062e42e849c0af00cbefc97||<||||>cscapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||34.0KB (34,816 bytes)||||2009/07/13 18:14:26||2009/07/13 20:15:07||2009/07/13 18:14:26||0||1||0||0||0||0||Microsoft® Windows® Operating System||Offline Files Win32 API||© Microsoft Corporation. All rights reserved.||add9d33d685dfaddfad5afb42cf31a70||<||||>slc.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||26.5KB (27,136 bytes)||||2009/07/13 18:35:27||2009/07/13 20:16:15||2009/07/13 18:35:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Software Licensing Client Dll||© Microsoft Corporation. All rights reserved.||8b74cec6980d4816b0037ae9a27e538f||<||||>winlibhlpr.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||42.7KB (43,704 bytes)||||2010/07/01 21:36:18||2010/07/01 21:36:18||2010/10/29 17:08:27||0||1||0||0||0||0||Kaspersky Anti-Virus||WINLIBHLPR||© 1997-2010 Kaspersky Lab ZAO.||ec182cad18aaee605d72c759a91de3fe||<||||>shdocvw.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||176KB (179,712 bytes)||||2009/07/13 18:39:18||2009/07/13 20:16:14||2009/07/13 18:39:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Doc Object and Control Library||© Microsoft Corporation. All rights reserved.||e07b77c3bdc82a024e294fb67abfeda0||<||||>sandbox.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||239KB (244,408 bytes)||||2010/07/01 21:36:06||2010/07/01 21:36:06||2010/10/29 17:08:16||0||1||0||0||0||0||Kaspersky Anti-Virus||Virtual environment for executing applications||© 1997-2010 Kaspersky Lab ZAO.||49aa023cbb48ec4ec65a28400102d556||<||||> mbamgui.exe||1.46.0.0000||1.46.0.0000||Application||C:\Program Files (x86)\Malwarebytes' Anti-Malware\||427KB (437,584 bytes)||||2010/10/29 18:15:40||2010/04/29 15:39:32||2010/10/29 18:15:40||0||1||0||0||0||0||Malwarebytes' Anti-Malware||Malwarebytes' Anti-Malware||© Malwarebytes Corporation. All rights reserved.||5f0388038e7355982fe50b039d10315c|| CommandLine[:]"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray Priority[:]8 ProcessId[:]4232 ReadOperationCount[:]62 ReadTransferCount[:]243882 SessionId[:]1 ThreadCount[:]3 Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>comctl32.dll||6.10 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\||1.60MB (1,680,896 bytes)||||2010/10/29 16:06:18||2010/08/21 00:21:32||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Experience Controls Library||© Microsoft Corporation. All rights reserved.||4b8dd8541c0e26602005dd0137333615||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||> is360tray.exe||1.4.5.107||1.4.5.0||Application||C:\Program Files (x86)\IObit\IObit Security 360\||1.22MB (1,280,344 bytes)||||2010/10/30 17:00:36||2010/06/11 18:14:24||2010/10/30 17:00:36||0||1||0||0||0||0||IObit Security 360||IObit Security 360||||4126904e21735ef4c7fffe01ed795872|| CommandLine[:]"C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe" /autostart Priority[:]8 ProcessId[:]4312 ReadOperationCount[:]2360 ReadTransferCount[:]13670053 SessionId[:]1 ThreadCount[:]6 Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>rtl120.bpl||12.0.3210.17555||12.0||BPL File||C:\Program Files (x86)\IObit\IObit Security 360\||1.04MB (1,095,168 bytes)||||2010/10/30 17:00:35||2008/10/02 03:01:00||2010/10/30 17:00:35||0||1||0||0||0||0||Borland Package Library||CodeGear Component Package||Copyright © 1997-2008 Embarcadero Technologies, Inc.||dd82eb68d97944b192c7803eb585b03c||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||>mpr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||62.5KB (64,000 bytes)||||2009/07/13 18:55:36||2009/07/13 20:15:41||2009/07/13 18:55:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multiple Provider Router DLL||© Microsoft Corporation. All rights reserved.||b9a8cbcfcd3ec9d2ea4740af347bf108||<||||>imagehlp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||151KB (154,624 bytes)||||2009/07/13 18:57:51||2009/07/13 20:15:31||2009/07/13 18:57:51||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT Image Helper||© Microsoft Corporation. All rights reserved.||61da1dd85f7a9a8f8dea8771931faaf6||<||||>wsock32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||15.0KB (15,360 bytes)||||2009/07/13 18:55:01||2009/07/13 20:16:20||2009/07/13 18:55:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 32-Bit DLL||© Microsoft Corporation. All rights reserved.||df13a51a5c591887d2ec6ae64ceed0fa||<||||>ws2_32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||202KB (206,336 bytes)||||2009/07/13 18:12:28||2009/07/13 20:16:20||2009/07/13 18:12:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 2.0 32-Bit DLL||© Microsoft Corporation. All rights reserved.||daae8a9b8c0acc7f858454132553c30d||<||||>nsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||8.50KB (8,704 bytes)||||2009/07/13 18:12:06||2009/07/13 20:16:11||2009/07/13 18:12:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||NSI User-mode interface DLL||© Microsoft Corporation. All rights reserved.||6377051c63d5552a311935c67e9fdfdc||<||||>oleacc.dll||7.0.0.0 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||228KB (233,472 bytes)||||2009/07/13 18:26:29||2009/07/13 20:16:12||2009/07/13 18:26:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Active Accessibility Core Component||© Microsoft Corporation. All rights reserved.||cbd010bfbed9657c3813400aad03cf8a||<||||>vcl120.bpl||12.0.3210.17555||12.0||BPL File||C:\Program Files (x86)\IObit\IObit Security 360\||1.90MB (1,995,776 bytes)||||2010/10/30 17:00:35||2008/11/20 10:10:28||2010/10/30 17:00:35||0||1||0||0||0||0||Borland Package Library||CodeGear Component Package||Copyright © 1997-2008 Embarcadero Technologies, Inc.||773ebd87010a6f644869a59d98792c9c||<||||>msimg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||4.50KB (4,608 bytes)||||2009/07/13 18:25:24||2009/07/13 20:15:44||2009/07/13 18:25:24||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDIEXT Client DLL||© Microsoft Corporation. All rights reserved.||18ab2e5a40064ed5f7791ac5946a90f3||<||||>comctl32.dll||6.10 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\||1.60MB (1,680,896 bytes)||||2010/10/29 16:06:18||2010/08/21 00:21:32||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Experience Controls Library||© Microsoft Corporation. All rights reserved.||4b8dd8541c0e26602005dd0137333615||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>comdlg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||476KB (486,912 bytes)||||2009/07/13 18:39:49||2009/07/13 20:15:07||2009/07/13 18:39:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||Common Dialogs DLL||© Microsoft Corporation. All rights reserved.||a223cf703e28cbd7e9e7982141fa403c||<||||>winspool.drv||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Device driver||C:\Windows\System32\||312KB (319,488 bytes)||||2009/07/13 19:18:30||2009/07/13 20:14:08||2009/07/13 19:18:30||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Spooler Driver||© Microsoft Corporation. All rights reserved.||61e02cc3184b63fafe0b83eac8b3b8ef||<||||>oledlg.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||101KB (103,424 bytes)||||2009/07/13 18:43:56||2009/07/13 20:16:12||2009/07/13 18:43:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||OLE User Interface Support||© Microsoft Corporation. All rights reserved.||936f728e04accf3f38801cffcf1e3f40||<||||>wintrust.dll||6.1.7600.16493 (win7_gdr.091228-1501)||6.1.7600.16493||Application extension||C:\Windows\SysWOW64\||168KB (172,032 bytes)||||2010/08/11 20:58:51||2010/08/11 20:58:51||2010/08/11 20:58:51||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Trust Verification APIs||© Microsoft Corporation. All rights reserved.||f8090992723d55f6a2a8238f0d152149||<||||>crypt32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.10MB (1,151,488 bytes)||||2009/07/13 18:34:18||2009/07/13 20:15:07||2009/07/13 18:34:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Crypto API32||© Microsoft Corporation. All rights reserved.||e6b5de86abf68d7d67e451c29287b5c5||<||||>msasn1.dll||6.1.7600.16415 (win7_gdr.090828-1615)||6.1.7600.16415||Application extension||C:\Windows\SysWOW64\||34.0KB (34,816 bytes)||||2010/08/11 20:54:49||2010/08/11 20:54:49||2010/08/11 20:54:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||ASN.1 Runtime APIs||© Microsoft Corporation. All rights reserved.||4c04900aa8c323f5d4c316a89e976849||<||||>maddisAsm_.bpl||||||BPL File||C:\Program Files (x86)\IObit\IObit Security 360\||43.0KB (44,032 bytes)||||2010/10/30 17:00:35||2009/02/12 15:26:20||2010/10/30 17:00:35||0||1||0||0||0||0||||||||155734ba4f8408328656f35269b9eb83||<||||>madbasic_.bpl||||||BPL File||C:\Program Files (x86)\IObit\IObit Security 360\||164KB (167,424 bytes)||||2010/10/30 17:00:35||2009/02/12 15:26:20||2010/10/30 17:00:35||0||1||0||0||0||0||||||||fb5200b314747963d1530d166755aa89||<||||>winmm.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||190KB (194,048 bytes)||||2009/07/13 19:03:43||2009/07/13 20:16:19||2009/07/13 19:03:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||MCI API DLL||© Microsoft Corporation. All rights reserved.||26a634b2e0fd87f23541ad13a503ca72||<||||>is360mon.dll||1.4.2.43||0,4,0, 0||Application extension||C:\Program Files (x86)\IObit\IObit Security 360\||228KB (232,960 bytes)||||2010/10/30 17:00:36||2010/07/30 10:18:26||2010/10/30 17:00:36||0||1||0||0||0||0||IObit Security 360||IObit Security 360||Copyright (C) 2009||93ce9bef3315648739b793151a972946||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>psapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||6.00KB (6,144 bytes)||||2009/07/13 18:15:50||2009/07/13 20:16:12||2009/07/13 18:15:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||Process Status Helper||© Microsoft Corporation. All rights reserved.||a543ac1f7138376d778d630a35fcbc4c||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>profapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||31.0KB (31,744 bytes)||||2009/07/13 18:12:02||2009/07/13 20:16:12||2009/07/13 18:12:02||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Profile Basic API||© Microsoft Corporation. All rights reserved.||c733d233b623b7ffce5031e4b756ee26||<||||>setupapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.59MB (1,668,608 bytes)||||2009/07/13 18:16:56||2009/07/13 20:16:14||2009/07/13 18:16:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Setup API||© Microsoft Corporation. All rights reserved.||41323ab614a2b66ad77b1121d24ac895||<||||>cfgmgr32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||143KB (145,920 bytes)||||2009/07/13 18:16:10||2009/07/13 20:15:02||2009/07/13 18:16:10||0||1||0||0||0||0||Microsoft® Windows® Operating System||Configuration Manager DLL||© Microsoft Corporation. All rights reserved.||15b94e4ac75c9295275bdc9a1d7054c3||<||||>devobj.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||63.0KB (64,512 bytes)||||2009/07/13 18:16:09||2009/07/13 20:15:11||2009/07/13 18:16:09||0||1||0||0||0||0||Microsoft® Windows® Operating System||Device Information Set DLL||© Microsoft Corporation. All rights reserved.||cc4ed8bea78b0dca6f217e014c3291a7||<||||>FWPUCLNT.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||212KB (216,576 bytes)||||2009/07/13 18:54:04||2009/07/13 20:15:21||2009/07/13 18:54:04||0||1||0||0||0||0||Microsoft® Windows® Operating System||FWP/IPsec User-Mode API||© Microsoft Corporation. All rights reserved.||158117f3cf278f01c6f24e89e2141e81||<||||>SPICtrl.dll||1, 0, 0, 1||1, 0, 0, 0||Application extension||C:\Program Files (x86)\IObit\Advanced SystemCare 3\||1.37MB (1,433,296 bytes)||||2010/10/29 19:31:28||2010/09/28 20:50:14||2010/10/29 19:31:28||0||1||0||0||0||0||SPICtrl Dynamic Link Library||SPICtrl Dynamic Link Library||Copyright(C) 2005-2009||c7868fd23610dc8077f5037d5c7fde47||<||||>mswsock.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||227KB (232,448 bytes)||||2009/07/13 18:12:34||2009/07/13 20:15:51||2009/07/13 18:12:34||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Sockets 2.0 Service Provider||© Microsoft Corporation. All rights reserved.||11a41f17527ed75d6b758fdd7f4fd00d||<||||>WSHTCPIP.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||9.00KB (9,216 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv4)||© Microsoft Corporation. All rights reserved.||ee5c8e27c37b79cb54a2fceeed2dc262||<||||>dnsapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||264KB (269,824 bytes)||||2009/07/13 18:12:41||2009/07/13 20:15:12||2009/07/13 18:12:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||DNS Client API DLL||© Microsoft Corporation. All rights reserved.||6d5a49d6479eb753c7879f73a4c35e0f||<||||>IPHLPAPI.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||102KB (103,936 bytes)||||2009/07/13 18:12:15||2009/07/13 20:15:33||2009/07/13 18:12:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||IP Helper API||© Microsoft Corporation. All rights reserved.||6095266caaf5e75f394cfd4844cc4c25||<||||>winnsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||16.5KB (16,896 bytes)||||2009/07/13 18:12:05||2009/07/13 20:16:19||2009/07/13 18:12:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Store Information RPC interface||© Microsoft Corporation. All rights reserved.||cff35b879d1618d42c86644c717ba947||<||||>rasadhlp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||11.5KB (11,776 bytes)||||2009/07/13 18:54:36||2009/07/13 20:16:12||2009/07/13 18:54:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Access AutoDial Helper||© Microsoft Corporation. All rights reserved.||ed6ee83d61ebc683c2cd8e899ea6febe||<||||>wship6.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||10.5KB (10,752 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv6)||© Microsoft Corporation. All rights reserved.||73e8667a19feedd856df2695e9e511d4||<||||> SearchIndexer.exe||7.00.7600.16385 (win7_rtm.090713-1255)||7.00.7600.16385||Application||C:\Windows\System32\||418KB (428,032 bytes)||||2009/07/13 19:14:13||2009/07/13 20:14:35||2009/07/13 19:14:13||0||1||0||0||0||0||Windows® Search||Microsoft Windows Search Indexer||© Microsoft Corporation. All rights reserved.||622d95520182f6d3d05310d5810ca8b3|| CommandLine[:] Priority[:]8 ProcessId[:]4288 ReadOperationCount[:]895 ReadTransferCount[:]8173942 SessionId[:]0 ThreadCount[:]14 SRSPremiumPanel_64.exe||1, 6, 16, 0||1.8.59.0||Application||C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\||1.70MB (1,787,696 bytes)||||2010/05/21 18:54:12||2010/05/21 18:54:12||2010/08/11 20:35:05||0||1||0||0||0||0||SRS APO Control Panel||SRS Premium Panel||Copyright (c) 2009-2010 SRS Labs, Inc.||a6ffc0707508af82cb73dd99ec062a73|| CommandLine[:]"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip /h Priority[:]8 ProcessId[:]3800 ReadOperationCount[:]38745 ReadTransferCount[:]910001 SessionId[:]1 ThreadCount[:]6 CommandLine[:] Priority[:]8 ProcessId[:]5000 ReadOperationCount[:]0 ReadTransferCount[:]0 SessionId[:]0 ThreadCount[:]3 WmiPrvSE.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\wbem\||249KB (254,976 bytes)||||2009/07/13 18:30:40||2009/07/13 20:14:47||2009/07/13 18:30:40||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI Provider Host||© Microsoft Corporation. All rights reserved.||203c3380a744ca5b9b1a9caeb57f7d57|| CommandLine[:] Priority[:]8 ProcessId[:]1824 ReadOperationCount[:]0 ReadTransferCount[:]0 SessionId[:]0 ThreadCount[:]6 WmiPrvSE.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\wbem\||249KB (254,976 bytes)||||2009/07/13 18:30:40||2009/07/13 20:14:47||2009/07/13 18:30:40||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI Provider Host||© Microsoft Corporation. All rights reserved.||203c3380a744ca5b9b1a9caeb57f7d57|| CommandLine[:] Priority[:]8 ProcessId[:]3052 ReadOperationCount[:]86 ReadTransferCount[:]305217 SessionId[:]0 ThreadCount[:]9 CommandLine[:] Priority[:]8 ProcessId[:]2992 ReadOperationCount[:]0 ReadTransferCount[:]0 SessionId[:]1 ThreadCount[:]1 CommandLine[:] Priority[:]8 ProcessId[:]4784 ReadOperationCount[:]1 ReadTransferCount[:]60 SessionId[:]1 ThreadCount[:]1 CommandLine[:]C:\Windows\system32\wbem\unsecapp.exe -Embedding Priority[:]8 ProcessId[:]252 ReadOperationCount[:]0 ReadTransferCount[:]0 SessionId[:]1 ThreadCount[:]4 AsScrPro.exe||1, 0, 0, 9||1, 0, 0, 9||Application||C:\Windows\||2.92MB (3,058,304 bytes)||||2010/08/11 20:43:39||2010/08/11 20:43:39||2010/08/11 20:43:39||0||1||0||0||0||0||ASUS Screen Saver Protector||AsScrPro||Copyright (C) 2009||37deb76a2cf005841c4e45de2b94d84f|| CommandLine[:]"C:\Windows\AsScrPro.exe" Priority[:]8 ProcessId[:]6064 ReadOperationCount[:]2 ReadTransferCount[:]32488 SessionId[:]1 ThreadCount[:]1 Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>powrprof.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||142KB (145,408 bytes)||||2009/07/13 18:16:37||2009/07/13 20:16:12||2009/07/13 18:16:37||0||1||0||0||0||0||Microsoft® Windows® Operating System||Power Profile Helper DLL||© Microsoft Corporation. All rights reserved.||08dfdbd2fd4ea951dc46b1c7661ed35a||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>setupapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.59MB (1,668,608 bytes)||||2009/07/13 18:16:56||2009/07/13 20:16:14||2009/07/13 18:16:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Setup API||© Microsoft Corporation. All rights reserved.||41323ab614a2b66ad77b1121d24ac895||<||||>cfgmgr32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||143KB (145,920 bytes)||||2009/07/13 18:16:10||2009/07/13 20:15:02||2009/07/13 18:16:10||0||1||0||0||0||0||Microsoft® Windows® Operating System||Configuration Manager DLL||© Microsoft Corporation. All rights reserved.||15b94e4ac75c9295275bdc9a1d7054c3||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>devobj.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||63.0KB (64,512 bytes)||||2009/07/13 18:16:09||2009/07/13 20:15:11||2009/07/13 18:16:09||0||1||0||0||0||0||Microsoft® Windows® Operating System||Device Information Set DLL||© Microsoft Corporation. All rights reserved.||cc4ed8bea78b0dca6f217e014c3291a7||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||>mfc42.dll||6.06.8063.0||6.06.400||Application extension||C:\Windows\System32\||1.08MB (1,136,640 bytes)||||2009/07/13 19:14:59||2009/07/13 20:15:39||2009/07/13 19:14:59||0||1||0||0||0||0||Microsoft (R) Visual C++||MFCDLL Shared Library - Retail Version||Copyright (C) Microsoft Corp. 1993-2002||2b9c29de5729e5872cfad16a69ccb5f7||<||||>odbc32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||552KB (565,248 bytes)||||2009/07/13 19:12:09||2009/07/13 20:16:11||2009/07/13 19:12:09||0||1||0||0||0||0||Microsoft® Windows® Operating System||ODBC Driver Manager||© Microsoft Corporation. All rights reserved.||466a832c2e56d0b55af8bb26fe3fe257||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>psapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||6.00KB (6,144 bytes)||||2009/07/13 18:15:50||2009/07/13 20:16:12||2009/07/13 18:15:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||Process Status Helper||© Microsoft Corporation. All rights reserved.||a543ac1f7138376d778d630a35fcbc4c||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>odbcint.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||224KB (229,376 bytes)||||2009/07/13 19:11:56||2009/07/13 20:09:14||2009/07/13 19:11:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||ODBC Resources||© Microsoft Corporation. All rights reserved.||aba457bfc7ec0b5e130b2f1e0f549dff||<||||>apphelp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||286KB (292,352 bytes)||||2009/07/13 18:14:31||2009/07/13 20:14:53||2009/07/13 18:14:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Application Compatibility Client Library||© Microsoft Corporation. All rights reserved.||c02e3ce20e7776c922b5c8938350b5f1||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||> RAVCpl64.exe||1, 0, 0, 518||1, 0, 0, 518||Application||C:\Program Files\Realtek\Audio\HDA\||10.3MB (10,810,912 bytes)||||2010/08/11 20:34:43||2010/05/13 04:58:27||2010/08/11 20:34:43||0||1||0||0||0||0||Realtek HD Audio Manager||Realtek HD Audio Manager||2010 (c) Realtek Semiconductor. All rights reserved.||adb6d64b711088e9d18bd3c64f203055|| CommandLine[:]"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s Priority[:]8 ProcessId[:]4568 ReadOperationCount[:]1 ReadTransferCount[:]34374 SessionId[:]1 ThreadCount[:]12 CommandLine[:] Priority[:]6 ProcessId[:]5164 ReadOperationCount[:]78 ReadTransferCount[:]632864 SessionId[:]1 ThreadCount[:]9 CommandLine[:] Priority[:]8 ProcessId[:]2212 ReadOperationCount[:]20 ReadTransferCount[:]616141 SessionId[:]0 ThreadCount[:]6 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]5948 ReadOperationCount[:]1 ReadTransferCount[:]20998 SessionId[:]0 ThreadCount[:]11 CommandLine[:] Priority[:]8 ProcessId[:]4196 ReadOperationCount[:]29597 ReadTransferCount[:]8175818292 SessionId[:]0 ThreadCount[:]7 CommandLine[:] Priority[:]8 ProcessId[:]5424 ReadOperationCount[:]3 ReadTransferCount[:]24680 SessionId[:]0 ThreadCount[:]13 svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]8 ProcessId[:]1648 ReadOperationCount[:]3825 ReadTransferCount[:]57816641 SessionId[:]0 ThreadCount[:]13 CommandLine[:]"C:\Windows\system32\wuauclt.exe" Priority[:]8 ProcessId[:]4600 ReadOperationCount[:]1 ReadTransferCount[:]26712 SessionId[:]1 ThreadCount[:]3 CommandLine[:] Priority[:]8 ProcessId[:]2308 ReadOperationCount[:]5292 ReadTransferCount[:]367802909 SessionId[:]1 ThreadCount[:]10 SUPERAntiSpyware.exe||4, 45, 0, 1000||4, 45, 0, 1000||Application||C:\Program Files\SUPERAntiSpyware\||2.85MB (2,988,784 bytes)||||2010/10/25 13:47:46||2010/10/25 13:47:46||2010/10/25 13:47:46||0||1||0||0||0||0||SUPERAntiSpyware||SUPERAntiSpyware Application||Copyright (C) 2005-2010 by SUPERAntiSpyware.com and SUPERAdBlocker.com||221c7486bd1a61432cebba265069d65a|| CommandLine[:]"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" Priority[:]8 ProcessId[:]3736 ReadOperationCount[:]1114469 ReadTransferCount[:]73189931550 SessionId[:]1 ThreadCount[:]8 CommandLine[:] Priority[:]8 ProcessId[:]5760 ReadOperationCount[:]148 ReadTransferCount[:]2277216 SessionId[:]1 ThreadCount[:]4 firefox.exe||1.9.2.12||3.6.12||Application||C:\Program Files (x86)\Mozilla Firefox\||891KB (912,344 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:00||2010/10/30 00:29:46||0||1||0||0||0||0||Firefox||Firefox||©Firefox and Mozilla Developers, according to the MPL 1.1/GPL 2.0/LGPL 2.1 licenses, as applicable.||e1ab298bafc8ecca8c322a29c5fdc68c|| CommandLine[:]"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" Priority[:]8 ProcessId[:]5704 ReadOperationCount[:]57901 ReadTransferCount[:]243676161 SessionId[:]1 ThreadCount[:]31 Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>xul.dll||1.9.2.12||1.9.2.12||Application extension||C:\Program Files (x86)\Mozilla Firefox\||11.2MB (11,744,216 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:17||2010/10/30 00:29:46||0||1||0||0||0||0||Firefox||||License: MPL 1.1/GPL 2.0/LGPL 2.1||e50d87ebbeb897bd57f61ac1deb51314||<||||>sqlite3.dll||3.7.1||3.7.1||Application extension||C:\Program Files (x86)\Mozilla Firefox\||481KB (492,504 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:13||2010/10/30 00:29:46||0||1||0||0||0||0||SQLite Database Library||SQLite Database Library||||2db606b9328881abcb38eba413548c63||<||||>mozcrt19.dll||8.00.0000||8.00.0000||Application extension||C:\Program Files (x86)\Mozilla Firefox\||703KB (719,832 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:03||2010/10/30 00:29:46||0||1||0||0||0||0||Mozilla Custom C Runtime||User-Generated Microsoft (R) C/C++ Runtime Library||Copyright (C) Microsoft Corporation.||820096a3593409ff16e2c54918815eab||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>js3250.dll||||||Application extension||C:\Program Files (x86)\Mozilla Firefox\||995KB (1,018,840 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:01||2010/10/30 00:29:46||0||1||0||0||0||0||||||||609f8d284d8a7118551f962a4b0fbd4f||<||||>nspr4.dll||4.8.6||4.8.6||Application extension||C:\Program Files (x86)\Mozilla Firefox\||199KB (203,736 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:04||2010/10/30 00:29:46||0||1||0||0||0||0||Netscape Portable Runtime||NSPR Library||||9fbdb2f801c4e18a51c2f97fa7e96d13||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>wsock32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||15.0KB (15,360 bytes)||||2009/07/13 18:55:01||2009/07/13 20:16:20||2009/07/13 18:55:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 32-Bit DLL||© Microsoft Corporation. All rights reserved.||df13a51a5c591887d2ec6ae64ceed0fa||<||||>ws2_32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||202KB (206,336 bytes)||||2009/07/13 18:12:28||2009/07/13 20:16:20||2009/07/13 18:12:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 2.0 32-Bit DLL||© Microsoft Corporation. All rights reserved.||daae8a9b8c0acc7f858454132553c30d||<||||>nsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||8.50KB (8,704 bytes)||||2009/07/13 18:12:06||2009/07/13 20:16:11||2009/07/13 18:12:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||NSI User-mode interface DLL||© Microsoft Corporation. All rights reserved.||6377051c63d5552a311935c67e9fdfdc||<||||>winmm.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||190KB (194,048 bytes)||||2009/07/13 19:03:43||2009/07/13 20:16:19||2009/07/13 19:03:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||MCI API DLL||© Microsoft Corporation. All rights reserved.||26a634b2e0fd87f23541ad13a503ca72||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>smime3.dll||3.12.8.0 Basic ECC||3.12.8.0 Basic ECC||Application extension||C:\Program Files (x86)\Mozilla Firefox\||103KB (105,432 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:11||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||NSS S/MIME Library||||a2117b6f1c32b37a4d5a31e73f4dbab6||<||||>nss3.dll||3.12.8.0 Basic ECC||3.12.8.0 Basic ECC||Application extension||C:\Program Files (x86)\Mozilla Firefox\||631KB (646,104 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:06||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||NSS Base Library||||778d26d6b1559145160c91e7d586ebcd||<||||>nssutil3.dll||3.12.8.0||3.12.8.0||Application extension||C:\Program Files (x86)\Mozilla Firefox\||87.0KB (89,048 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:08||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||NSS Utility Library||||cc2f149968f60a30523faad32e653197||<||||>plc4.dll||4.8.6||4.8.6||Application extension||C:\Program Files (x86)\Mozilla Firefox\||21.5KB (21,976 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:09||2010/10/30 00:29:46||0||1||0||0||0||0||Netscape Portable Runtime||PLC Library||||a65dde5d9c3b3a44d03f78176f7c4d82||<||||>plds4.dll||4.8.6||4.8.6||Application extension||C:\Program Files (x86)\Mozilla Firefox\||18.5KB (18,904 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:10||2010/10/30 00:29:46||0||1||0||0||0||0||Netscape Portable Runtime||PLDS Library||||1f0fe3b7090888701af24e7b073d3017||<||||>ssl3.dll||3.12.8.0 Basic ECC||3.12.8.0 Basic ECC||Application extension||C:\Program Files (x86)\Mozilla Firefox\||139KB (142,296 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:14||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||NSS SSL Library||||8099b09587a9ccc6ee441e7b4d674f0f||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||>winspool.drv||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Device driver||C:\Windows\System32\||312KB (319,488 bytes)||||2009/07/13 19:18:30||2009/07/13 20:14:08||2009/07/13 19:18:30||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Spooler Driver||© Microsoft Corporation. All rights reserved.||61e02cc3184b63fafe0b83eac8b3b8ef||<||||>comdlg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||476KB (486,912 bytes)||||2009/07/13 18:39:49||2009/07/13 20:15:07||2009/07/13 18:39:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||Common Dialogs DLL||© Microsoft Corporation. All rights reserved.||a223cf703e28cbd7e9e7982141fa403c||<||||>comctl32.dll||6.10 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\||1.60MB (1,680,896 bytes)||||2010/10/29 16:06:18||2010/08/21 00:21:32||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Experience Controls Library||© Microsoft Corporation. All rights reserved.||4b8dd8541c0e26602005dd0137333615||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>msimg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||4.50KB (4,608 bytes)||||2009/07/13 18:25:24||2009/07/13 20:15:44||2009/07/13 18:25:24||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDIEXT Client DLL||© Microsoft Corporation. All rights reserved.||18ab2e5a40064ed5f7791ac5946a90f3||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>mozcpp19.dll||8.00.0000||8.00.0000||Application extension||C:\Program Files (x86)\Mozilla Firefox\||703KB (719,832 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:02||2010/10/30 00:29:46||0||1||0||0||0||0||Mozilla Custom C++ Runtime||User-Generated Microsoft (R) C/C++ Runtime Library||Copyright (C) Microsoft Corporation.||217b9bd802dd5c6b2d5587c6d52ca3d0||<||||>xpcom.dll||1.9.2.12||1.9.2.12||Application extension||C:\Program Files (x86)\Mozilla Firefox\||19.0KB (19,416 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:16||2010/10/30 00:29:46||0||1||0||0||0||0||Firefox||||License: MPL 1.1/GPL 2.0/LGPL 2.1||a01f6ad65d164bbe0dc1254a9624de08||<||||>mzvkbd3.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||107KB (109,240 bytes)||||2010/07/01 21:35:18||2010/07/01 21:35:18||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||Mozilla 3 Virtual Keyboard||© 1997-2010 Kaspersky Lab ZAO.||63a1ec3adb728ac4015b6b0a03659037||<||||>psapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||6.00KB (6,144 bytes)||||2009/07/13 18:15:50||2009/07/13 20:16:12||2009/07/13 18:15:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||Process Status Helper||© Microsoft Corporation. All rights reserved.||a543ac1f7138376d778d630a35fcbc4c||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>dbghelp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||835KB (854,528 bytes)||||2009/07/13 18:58:16||2009/07/13 20:15:09||2009/07/13 18:58:16||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Image Helper||© Microsoft Corporation. All rights reserved.||79c7cfaea6879a8c1a1e8b5ffe8983aa||<||||>setupapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.59MB (1,668,608 bytes)||||2009/07/13 18:16:56||2009/07/13 20:16:14||2009/07/13 18:16:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Setup API||© Microsoft Corporation. All rights reserved.||41323ab614a2b66ad77b1121d24ac895||<||||>cfgmgr32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||143KB (145,920 bytes)||||2009/07/13 18:16:10||2009/07/13 20:15:02||2009/07/13 18:16:10||0||1||0||0||0||0||Microsoft® Windows® Operating System||Configuration Manager DLL||© Microsoft Corporation. All rights reserved.||15b94e4ac75c9295275bdc9a1d7054c3||<||||>devobj.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||63.0KB (64,512 bytes)||||2009/07/13 18:16:09||2009/07/13 20:15:11||2009/07/13 18:16:09||0||1||0||0||0||0||Microsoft® Windows® Operating System||Device Information Set DLL||© Microsoft Corporation. All rights reserved.||cc4ed8bea78b0dca6f217e014c3291a7||<||||>clbcatq.dll||2001.12.8530.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||510KB (522,240 bytes)||||2009/07/13 18:44:44||2009/07/13 20:15:03||2009/07/13 18:44:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||COM+ Configuration Catalog||© Microsoft Corporation. All rights reserved.||ff5688d309347f2720911d8796912834||<||||>propsys.dll||7.00.7600.16385 (win7_rtm.090713-1255)||7.00.7600.16385||Application extension||C:\Windows\System32\||965KB (988,160 bytes)||||2009/07/13 18:40:28||2009/07/13 20:16:12||2009/07/13 18:40:28||0||1||0||0||0||0||Windows® Search||Microsoft Property System||© Microsoft Corporation. All rights reserved.||26eaee08caf82aa7f03c5020f51da541||<||||>ntmarta.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||119KB (121,856 bytes)||||2009/07/13 18:34:20||2009/07/13 20:16:11||2009/07/13 18:34:20||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT MARTA provider||© Microsoft Corporation. All rights reserved.||3fd15b4611d9bda3f8013548c0ecaeca||<||||>Wldap32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||263KB (268,800 bytes)||||2009/07/13 18:38:45||2009/07/13 20:16:19||2009/07/13 18:38:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Win32 LDAP API DLL||© Microsoft Corporation. All rights reserved.||bfa70a99ad1434263f2dfbba103bdef8||<||||>browserdirprovider.dll||1.9.2.12||1.9.2.12||Application extension||C:\Program Files (x86)\Mozilla Firefox\components\||24.5KB (25,048 bytes)||||2010/10/30 00:29:47||2010/10/27 01:10:18||2010/10/30 00:29:47||0||1||0||0||0||0||Firefox||||License: MPL 1.1/GPL 2.0/LGPL 2.1||a021a2048ab7d82c78f6eba80caf9af8||<||||>mswsock.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||227KB (232,448 bytes)||||2009/07/13 18:12:34||2009/07/13 20:15:51||2009/07/13 18:12:34||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Sockets 2.0 Service Provider||© Microsoft Corporation. All rights reserved.||11a41f17527ed75d6b758fdd7f4fd00d||<||||>WSHTCPIP.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||9.00KB (9,216 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv4)||© Microsoft Corporation. All rights reserved.||ee5c8e27c37b79cb54a2fceeed2dc262||<||||>IPHLPAPI.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||102KB (103,936 bytes)||||2009/07/13 18:12:15||2009/07/13 20:15:33||2009/07/13 18:12:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||IP Helper API||© Microsoft Corporation. All rights reserved.||6095266caaf5e75f394cfd4844cc4c25||<||||>winnsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||16.5KB (16,896 bytes)||||2009/07/13 18:12:05||2009/07/13 20:16:19||2009/07/13 18:12:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Store Information RPC interface||© Microsoft Corporation. All rights reserved.||cff35b879d1618d42c86644c717ba947||<||||>nlaapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||50.5KB (51,712 bytes)||||2009/07/13 18:53:54||2009/07/13 20:16:03||2009/07/13 18:53:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Location Awareness 2||© Microsoft Corporation. All rights reserved.||045db4eab4fbd23210e85ecc3f464a2e||<||||>dnsapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||264KB (269,824 bytes)||||2009/07/13 18:12:41||2009/07/13 20:15:12||2009/07/13 18:12:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||DNS Client API DLL||© Microsoft Corporation. All rights reserved.||6d5a49d6479eb753c7879f73a4c35e0f||<||||>winrnr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:37:57||2009/07/13 20:16:19||2009/07/13 18:37:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||LDAP RnR Provider DLL||© Microsoft Corporation. All rights reserved.||5df5d8cfd9b9573fa3b2c89d9061a240||<||||>NapiNSP.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||51.0KB (52,224 bytes)||||2009/07/13 18:54:55||2009/07/13 20:16:02||2009/07/13 18:54:55||0||1||0||0||0||0||Microsoft® Windows® Operating System||E-mail Naming Shim Provider||© Microsoft Corporation. All rights reserved.||0b7e85364cb878e2ad531db7b601a9e5||<||||>pnrpnsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||63.5KB (65,024 bytes)||||2009/07/13 18:55:50||2009/07/13 20:16:12||2009/07/13 18:55:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||PNRP Name Space Provider||© Microsoft Corporation. All rights reserved.||5cf640eddb1e40a5ab1bb743bcdec610||<||||>t2embed.dll||6.1.7600.16663 (win7_gdr.100825-1506)||6.1.7600.16663||Application extension||C:\Windows\System32\||107KB (109,056 bytes)||||2010/10/29 16:06:55||2010/08/25 23:39:58||2010/10/29 16:06:55||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft T2Embed Font Embedding||© Microsoft Corporation. All rights reserved.||25819a6361f10c30905b5d0fdb8dca42||<||||>brwsrcmp.dll||1.9.2.12||1.9.2.12||Application extension||C:\Program Files (x86)\Mozilla Firefox\components\||137KB (140,248 bytes)||||2010/10/30 00:29:47||2010/10/27 01:10:20||2010/10/30 00:29:47||0||1||0||0||0||0||Firefox||||License: MPL 1.1/GPL 2.0/LGPL 2.1||b2c7d649752d8ee450cf2e6f2033e036||<||||>WindowsCodecs.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||988KB (1,011,200 bytes)||||2009/07/13 18:29:14||2009/07/13 20:16:18||2009/07/13 18:29:14||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Codecs Library||© Microsoft Corporation. All rights reserved.||691c8dfb208227f0cbb5c0897c742ace||<||||>apphelp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||286KB (292,352 bytes)||||2009/07/13 18:14:31||2009/07/13 20:14:53||2009/07/13 18:14:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Application Compatibility Client Library||© Microsoft Corporation. All rights reserved.||c02e3ce20e7776c922b5c8938350b5f1||<||||>EhStorShell.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||186KB (189,952 bytes)||||2009/07/13 18:45:42||2009/07/13 20:15:14||2009/07/13 18:45:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Enhanced Storage Shell Extension DLL||© Microsoft Corporation. All rights reserved.||846d0e4db261cfaf363902e41498e961||<||||>ntshrui.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||433KB (442,880 bytes)||||2009/07/13 18:41:55||2009/07/13 20:16:11||2009/07/13 18:41:55||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell extensions for sharing||© Microsoft Corporation. All rights reserved.||36333d345062e42e849c0af00cbefc97||<||||>srvcli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||88.0KB (90,112 bytes)||||2009/07/13 18:37:36||2009/07/13 20:16:15||2009/07/13 18:37:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Server Service Client DLL||© Microsoft Corporation. All rights reserved.||89d840773c9c4358a5031dcc860449ec||<||||>cscapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||34.0KB (34,816 bytes)||||2009/07/13 18:14:26||2009/07/13 20:15:07||2009/07/13 18:14:26||0||1||0||0||0||0||Microsoft® Windows® Operating System||Offline Files Win32 API||© Microsoft Corporation. All rights reserved.||add9d33d685dfaddfad5afb42cf31a70||<||||>slc.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||26.5KB (27,136 bytes)||||2009/07/13 18:35:27||2009/07/13 20:16:15||2009/07/13 18:35:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Software Licensing Client Dll||© Microsoft Corporation. All rights reserved.||8b74cec6980d4816b0037ae9a27e538f||<||||>cryptsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||77.0KB (78,848 bytes)||||2009/07/13 18:37:21||2009/07/13 20:15:07||2009/07/13 18:37:21||0||1||0||0||0||0||Microsoft® Windows® Operating System||Cryptographic Service Provider API||© Microsoft Corporation. All rights reserved.||7321f18d1f820612ed0e9f2d4b578a7e||<||||>rsaenh.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||237KB (242,936 bytes)||||2009/07/13 18:37:33||2009/07/13 20:17:54||2009/07/13 18:37:33||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Enhanced Cryptographic Provider||© Microsoft Corporation. All rights reserved.||ed8ec63f7522df4852147c84ec62c36a||<||||>RpcRtRemote.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||44.5KB (45,568 bytes)||||2009/07/13 18:43:48||2009/07/13 20:16:13||2009/07/13 18:43:48||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote RPC Extension||© Microsoft Corporation. All rights reserved.||6c0bd9d59c7e97dee2fb3407d17bf697||<||||>kavlinkfilter.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\||147KB (150,200 bytes)||||2010/10/29 17:09:04||2010/07/01 21:35:10||2010/10/29 17:09:04||0||1||0||0||0||0||Kaspersky Anti-Virus||WebToolBar component||© 1997-2010 Kaspersky Lab ZAO.||72c910e23ec6157f1304d18180b29412||<||||>klwtblc.dll||11.0.1.404||11.0.1.404||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||167KB (170,680 bytes)||||2010/07/27 20:18:52||2010/07/27 20:18:52||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||WebToolBar component||© 1997-2010 Kaspersky Lab ZAO.||4ea355efd11b94ed6f725d0f2dd8906e||<||||>msvcp80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||542KB (554,816 bytes)||||2009/07/13 15:46:11||2009/06/10 16:23:11||2009/07/13 15:46:11||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C++ Runtime Library||© Microsoft Corporation. All rights reserved.||cfc54225d1870fdbf6e9e75fb83a27cb||<||||>msvcr80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||618KB (632,656 bytes)||||2009/07/13 15:46:13||2009/06/10 16:23:11||2009/07/13 15:46:13||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C Runtime Library||© Microsoft Corporation. All rights reserved.||c4e9e285e1730d864dd4b35b73cdafdb||<||||>kltbar.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||131KB (133,816 bytes)||||2010/07/01 21:35:12||2010/07/01 21:35:12||2010/10/29 17:08:14||0||1||0||0||0||0||Kaspersky Anti-Virus||KL Toolbar support library||© 1997-2010 Kaspersky Lab ZAO.||9145c271d81ba001fe754884f9a30991||<||||>sxs.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||372KB (380,416 bytes)||||2009/07/13 18:16:17||2009/07/13 20:16:15||2009/07/13 18:16:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Fusion 2.5||© Microsoft Corporation. All rights reserved.||accba604d34842844133a731f8045b32||<||||>prremote.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||143KB (146,104 bytes)||||2010/07/01 21:35:20||2010/07/01 21:35:20||2010/10/29 17:08:16||0||1||0||0||0||0||Kaspersky Anti-Virus||PR_REMOTE||© 1997-2010 Kaspersky Lab ZAO.||734b1b0b9eba64026428bbbab2d92b58||<||||>prloader.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||247KB (252,600 bytes)||||2010/07/01 21:35:20||2010/07/01 21:35:20||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||Prague Loader||© 1997-2010 Kaspersky Lab ZAO.||1010dd531904fd62ec0ebc0d7610b858||<||||>userenv.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||77.5KB (79,360 bytes)||||2009/07/13 18:34:19||2009/07/13 20:16:17||2009/07/13 18:34:19||0||1||0||0||0||0||Microsoft® Windows® Operating System||Userenv||© Microsoft Corporation. All rights reserved.||9c0dc1daad14d443dd5a0d1ee78d775e||<||||>profapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||31.0KB (31,744 bytes)||||2009/07/13 18:12:02||2009/07/13 20:16:12||2009/07/13 18:12:02||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Profile Basic API||© Microsoft Corporation. All rights reserved.||c733d233b623b7ffce5031e4b756ee26||<||||>pxstub.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||38.7KB (39,608 bytes)||||2010/07/01 21:36:02||2010/07/01 21:36:02||2010/10/29 17:08:16||0||1||0||0||0||0||Kaspersky Anti-Virus||Proxy Stubs||© 1997-2010 Kaspersky Lab ZAO.||97b3cc546e4fd6c192d377784033f7d0||<||||>params.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||1.00MB (1,051,320 bytes)||||2010/07/01 21:35:56||2010/07/01 21:35:56||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||Structure Serializer||© 1997-2010 Kaspersky Lab ZAO.||1290f60e791d0a6198999215698d6b9a||<||||>WinReg.ppl||11.0.1.400||11.0.1.400||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||35.7KB (36,536 bytes)||||2010/07/01 21:36:20||2010/07/01 21:36:20||2010/10/29 17:08:27||0||1||0||0||0||0||Kaspersky Anti-Virus||WINREG||© 1997-2010 Kaspersky Lab ZAO.||6c000c2052c3fbcf37b34c852e7fb3c2||<||||>service.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||187KB (191,160 bytes)||||2010/07/01 21:35:20||2010/07/01 21:35:20||2010/10/29 17:08:17||0||1||0||0||0||0||Kaspersky Anti-Virus||Component service provider||© 1997-2010 Kaspersky Lab ZAO.||66fea468fca2d11cd31bbe04ab1f2964||<||||>eka_meta.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||459KB (469,688 bytes)||||2010/07/01 21:35:00||2010/07/01 21:35:00||2010/10/29 17:08:07||0||1||0||0||0||0||Kaspersky Anti-Virus||EKA_META||© 1997-2010 Kaspersky Lab ZAO.||8ac0b70dec4324863fa8c65319dfd305||<||||>abhelperxpcom.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\||107KB (109,240 bytes)||||2010/10/29 17:09:07||2010/07/01 21:34:52||2010/10/29 17:09:07||0||1||0||0||0||0||Kaspersky Anti-Virus||Anti-Banner component||© 1997-2010 Kaspersky Lab ZAO.||b35e9a55e52eee2b25d1acc98f27c444||<||||>abhelper.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||107KB (109,240 bytes)||||2010/07/01 21:34:50||2010/07/01 21:34:50||2010/10/29 17:07:52||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Anti-Banner helper component||© 1997-2010 Kaspersky Lab ZAO.||4a8683dc7c9316281f46af3e2403a25a||<||||>softokn3.dll||3.12.8.0 Basic ECC||3.12.8.0 Basic ECC||Application extension||C:\Program Files (x86)\Mozilla Firefox\||152KB (155,648 bytes)||||2010/10/29 16:09:15||2010/10/26 23:49:27||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||NSS PKCS #11 Library||||e776d886684937a140b1b68077760441||<||||>nssdbm3.dll||3.12.8.0 Basic ECC||3.12.8.0 Basic ECC||Application extension||C:\Program Files (x86)\Mozilla Firefox\||96.0KB (98,304 bytes)||||2010/10/29 16:09:15||2010/10/26 23:49:27||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||Legacy Database Driver||||4e9609521fc1e0687daf47541b2c0da1||<||||>freebl3.dll||3.12.8.0 Basic ECC||3.12.8.0 Basic ECC||Application extension||C:\Program Files (x86)\Mozilla Firefox\||244KB (249,856 bytes)||||2010/10/29 16:09:15||2010/10/26 23:49:27||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||NSS freebl Library||||c45acc127f6f735f2dab67ef0df763da||<||||>nssckbi.dll||1.80||1.80||Application extension||C:\Program Files (x86)\Mozilla Firefox\||335KB (343,000 bytes)||||2010/10/29 16:09:15||2010/10/27 01:10:07||2010/10/30 00:29:46||0||1||0||0||0||0||Network Security Services||NSS Builtin Trusted Root CAs||||2296401146ca41d15641513da3062dac||<||||>mscms.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||470KB (481,280 bytes)||||2009/07/13 18:26:17||2009/07/13 20:15:42||2009/07/13 18:26:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Color Matching System DLL||© Microsoft Corporation. All rights reserved.||205b7034b64de5a68deb96b47b7e889b||<||||>wship6.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||10.5KB (10,752 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv6)||© Microsoft Corporation. All rights reserved.||73e8667a19feedd856df2695e9e511d4||<||||>ExplorerFrame.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||1.43MB (1,495,040 bytes)||||2009/07/13 18:44:48||2009/07/13 20:15:19||2009/07/13 18:44:48||0||1||0||0||0||0||Microsoft® Windows® Operating System||ExplorerFrame||© Microsoft Corporation. All rights reserved.||fd13400115d3d0d70e087ab826df593a||<||||>duser.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||177KB (181,248 bytes)||||2009/07/13 18:26:41||2009/07/13 20:15:13||2009/07/13 18:26:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows DirectUser Engine||© Microsoft Corporation. All rights reserved.||6e1f8165c365d35c8e3c045af0cdd481||<||||>dui70.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||701KB (717,824 bytes)||||2009/07/13 18:28:18||2009/07/13 20:15:13||2009/07/13 18:28:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows DirectUI Engine||© Microsoft Corporation. All rights reserved.||ee06b85bc69f18826302348a2ad089e0||<||||>klwtbcl.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||66.7KB (68,280 bytes)||||2010/07/01 21:35:14||2010/07/01 21:35:14||2010/10/29 17:08:14||0||1||0||0||0||0||Kaspersky Anti-Virus||WebToolBar component||© 1997-2010 Kaspersky Lab ZAO.||98b06f38a351b6535a66f7f1bed96e14||<||||>shdocvw.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||176KB (179,712 bytes)||||2009/07/13 18:39:18||2009/07/13 20:16:14||2009/07/13 18:39:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Doc Object and Control Library||© Microsoft Corporation. All rights reserved.||e07b77c3bdc82a024e294fb67abfeda0||<||||>iertutil.dll||8.00.7600.16671 (win7_gdr.100907-1501)||8.00.7600.16671||Application extension||C:\Windows\SysWOW64\||1.96MB (2,058,752 bytes)||||2010/10/29 16:02:50||2010/09/07 23:28:01||2010/10/29 16:02:50||0||1||0||0||0||0||Windows® Internet Explorer||Run time utility for Internet Explorer||© Microsoft Corporation. All rights reserved.||de03c0797d592582317a0aa6cda3a0c4||<||||>dsound.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||443KB (453,632 bytes)||||2009/07/13 19:03:26||2009/07/13 20:15:13||2009/07/13 19:03:26||0||1||0||0||0||0||Microsoft® Windows® Operating System||DirectSound||© Microsoft Corporation. All rights reserved.||0e85c11f8850d524b02181c6e02ba9ae||<||||>powrprof.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||142KB (145,408 bytes)||||2009/07/13 18:16:37||2009/07/13 20:16:12||2009/07/13 18:16:37||0||1||0||0||0||0||Microsoft® Windows® Operating System||Power Profile Helper DLL||© Microsoft Corporation. All rights reserved.||08dfdbd2fd4ea951dc46b1c7661ed35a||<||||>tiptsf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Program Files (x86)\Common Files\microsoft shared\ink\||340KB (348,160 bytes)||||2009/07/13 18:47:01||2009/07/13 20:16:16||2009/07/13 18:47:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Tablet PC Input Panel Text Services Framework||© Microsoft Corporation. All rights reserved.||7896effdee215c172be724a64931ef1c||<||||>msls31.dll||3.10.349.0||3.10||Application extension||C:\Windows\System32\||154KB (157,184 bytes)||||2009/07/13 18:26:12||2009/07/13 20:15:45||2009/07/13 18:26:12||0||1||0||0||0||0||Microsoft® Line Services||Microsoft Line Services library file||Copyright © Microsoft Corp. 1996-1999||26025a46fb3fdb40ff06bbf1834093b5||<||||>xmllite.dll||1.3.1000.0||1.3.1000.0||Application extension||C:\Windows\System32\||176KB (180,224 bytes)||||2009/07/13 19:20:17||2009/07/13 20:16:21||2009/07/13 19:20:17||0||1||0||0||0||0||Microsoft XML Core Services||Microsoft XmlLite Library||Copyright (C) Microsoft Corporation. 2005||7bf5ea753d4cc056b9462a02ac51b160||<||||>StructuredQuery.dll||7.00.7600.16587 (win7_gdr.100504-1502)||7.00.7600.16587||Application extension||C:\Windows\System32\||355KB (363,520 bytes)||||2010/10/29 16:06:53||2010/05/05 01:46:55||2010/10/29 16:06:53||0||1||0||0||0||0||Windows® Search||Structured Query||© Microsoft Corporation. All rights reserved.||8d908f346eedd752005a32787a6dcafa||<||||>secur32.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\System32\||21.5KB (22,016 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||e73f21a566a81cd30cb63e8f006056be||<||||>actxprxy.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||302KB (309,248 bytes)||||2009/07/13 19:20:08||2009/07/13 20:14:52||2009/07/13 19:20:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||ActiveX Interface Marshaling Library||© Microsoft Corporation. All rights reserved.||b6c4063297c7d07cd0532bdc3350436c||<||||>ieproxy.dll||8.00.7600.16671 (win7_gdr.100907-1501)||8.00.7600.16671||Application extension||C:\Program Files (x86)\Internet Explorer\||160KB (163,328 bytes)||||2010/10/29 16:02:48||2010/09/07 23:28:01||2010/10/29 16:02:48||0||1||0||0||0||0||Windows® Internet Explorer||IE ActiveX Interface Marshaling Library||© Microsoft Corporation. All rights reserved.||5e2237957967e34adb5707268c018111||<||||>thumbcache.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||81.0KB (82,944 bytes)||||2009/07/13 18:40:15||2009/07/13 20:16:16||2009/07/13 18:40:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Thumbnail Cache||© Microsoft Corporation. All rights reserved.||dbe2aa52b5d67da319d33a175b8bb41e||<||||>ieframe.dll||8.00.7600.16385 (win7_rtm.090713-1255)||8.00.7600.16385||Application extension||C:\Windows\System32\||10.5MB (10,988,544 bytes)||||2010/10/29 16:02:51||2010/09/07 23:28:01||2010/10/29 16:02:51||0||1||0||0||0||0||Windows® Internet Explorer||Internet Browser||© Microsoft Corporation. All rights reserved.||583d81424160acf62377fc3c1f221f1b||<||||>oleacc.dll||7.0.0.0 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||228KB (233,472 bytes)||||2009/07/13 18:26:29||2009/07/13 20:16:12||2009/07/13 18:26:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Active Accessibility Core Component||© Microsoft Corporation. All rights reserved.||cbd010bfbed9657c3813400aad03cf8a||<||||>SearchFolder.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||628KB (643,072 bytes)||||2009/07/13 18:43:28||2009/07/13 20:16:13||2009/07/13 18:43:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||SearchFolder||© Microsoft Corporation. All rights reserved.||47098e5d669470801621ac09c7c77cc0||<||||>networkexplorer.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||1.58MB (1,661,440 bytes)||||2009/07/13 18:53:29||2009/07/13 20:16:03||2009/07/13 18:53:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Explorer||© Microsoft Corporation. All rights reserved.||4a056d7392f31eda3ae1975e7010d7e3||<||||>linkinfo.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.5KB (22,016 bytes)||||2009/07/13 18:39:26||2009/07/13 20:15:36||2009/07/13 18:39:26||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Volume Tracking||© Microsoft Corporation. All rights reserved.||5987ea8a82c53359bcd2c29d6588583e||<||||>samcli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||49.5KB (50,688 bytes)||||2009/07/13 18:37:32||2009/07/13 20:16:13||2009/07/13 18:37:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Accounts Manager Client DLL||© Microsoft Corporation. All rights reserved.||742aa02bd9fa3492c9e525bbd427d87d||<||||>samlib.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||59.5KB (60,928 bytes)||||2009/07/13 18:37:59||2009/07/13 20:16:13||2009/07/13 18:37:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||SAM Library DLL||© Microsoft Corporation. All rights reserved.||c30a3e5deeeba22e782ac54c5af5f352||<||||>netutils.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.5KB (22,016 bytes)||||2009/07/13 18:37:29||2009/07/13 20:16:03||2009/07/13 18:37:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Net Win32 API Helpers DLL||© Microsoft Corporation. All rights reserved.||c6bb27d9a8ac13d4a44486f528b5c884||<||||>urlmon.dll||8.00.7600.16385 (win7_rtm.090713-1255)||8.00.7600.16385||Application extension||C:\Windows\SysWOW64\||1.17MB (1,226,752 bytes)||||2010/10/29 16:02:49||2010/09/07 23:30:01||2010/10/29 16:02:49||0||1||0||0||0||0||Windows® Internet Explorer||OLE32 Extensions for Win32||© Microsoft Corporation. All rights reserved.||417ee5aa3d10c4f40e52a17c71dfb99a||<||||>crypt32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.10MB (1,151,488 bytes)||||2009/07/13 18:34:18||2009/07/13 20:15:07||2009/07/13 18:34:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Crypto API32||© Microsoft Corporation. All rights reserved.||e6b5de86abf68d7d67e451c29287b5c5||<||||>msasn1.dll||6.1.7600.16415 (win7_gdr.090828-1615)||6.1.7600.16415||Application extension||C:\Windows\SysWOW64\||34.0KB (34,816 bytes)||||2010/08/11 20:54:49||2010/08/11 20:54:49||2010/08/11 20:54:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||ASN.1 Runtime APIs||© Microsoft Corporation. All rights reserved.||4c04900aa8c323f5d4c316a89e976849||<||||>wininet.dll||8.00.7600.16385 (win7_rtm.090713-1255)||8.00.7600.16385||Application extension||C:\Windows\SysWOW64\||956KB (978,432 bytes)||||2010/10/29 16:02:49||2010/09/07 23:30:04||2010/10/29 16:02:49||0||1||0||0||0||0||Windows® Internet Explorer||Internet Extensions for Win32||© Microsoft Corporation. All rights reserved.||3d6aa6dd4d0f3bb41b804747eb489831||<||||>normaliz.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||2.00KB (2,048 bytes)||||2009/07/13 18:15:41||2009/07/13 20:09:00||2009/07/13 18:15:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Unicode Normalization DLL||© Microsoft Corporation. All rights reserved.||9c278785347bcc991f8ea2999d90f58d||<||||>rasapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||318KB (325,120 bytes)||||2009/07/13 18:55:16||2009/07/13 20:16:12||2009/07/13 18:55:16||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Access API||© Microsoft Corporation. All rights reserved.||839f96dbaafd3353e0b248a5e0bd2a51||<||||>rasman.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||75.0KB (76,800 bytes)||||2009/07/13 18:54:43||2009/07/13 20:16:12||2009/07/13 18:54:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Access Connection Manager||© Microsoft Corporation. All rights reserved.||ffa7172354b9256dbb2cdd75f16f33fe||<||||>rtutils.dll||6.1.7600.16617 (win7_gdr.100618-1621)||6.1.7600.16617||Application extension||C:\Windows\System32\||36.5KB (37,376 bytes)||||2010/10/29 16:06:38||2010/06/19 01:23:50||2010/10/29 16:06:38||0||1||0||0||0||0||Microsoft® Windows® Operating System||Routing Utilities||© Microsoft Corporation. All rights reserved.||406f7b9c71b99872670ee9a8d52e2fe5||<||||>SensApi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||10.5KB (10,752 bytes)||||2009/07/13 18:21:53||2009/07/13 20:16:13||2009/07/13 18:21:53||0||1||0||0||0||0||Microsoft® Windows® Operating System||SENS Connectivity API DLL||© Microsoft Corporation. All rights reserved.||6f8e3b7b70e1bba871212940c1fbdf60||<||||>Wpc.dll||1.0.0.1||1.0.0.1||Application extension||C:\Windows\System32\||302KB (308,736 bytes)||||2009/07/13 18:40:24||2009/07/13 20:16:20||2009/07/13 18:40:24||0||1||0||0||0||0||Windows||WPC Settings Library||(c) Microsoft Corporation. All rights reserved.||236360ce5e4c3f063ac110533747c0a8||<||||>wevtapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||256KB (262,144 bytes)||||2009/07/13 18:30:22||2009/07/13 20:16:18||2009/07/13 18:30:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Eventing Consumption and Configuration API||© Microsoft Corporation. All rights reserved.||82c089ea2a3eefadf3588ea71e8bdada||<||||>netprofm.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||352KB (360,448 bytes)||||2009/07/13 18:56:58||2009/07/13 20:16:03||2009/07/13 18:56:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network List Manager||© Microsoft Corporation. All rights reserved.||8c338238c16777a802d6a9211eb2ba50||<||||>npmproxy.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||16.5KB (16,896 bytes)||||2009/07/13 18:56:26||2009/07/13 20:16:11||2009/07/13 18:56:26||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network List Manager Proxy||© Microsoft Corporation. All rights reserved.||15e298b5ec5b89c5994a59863969d9ff||<||||>MpOAV.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Program Files (x86)\Windows Defender\||53.5KB (54,784 bytes)||||2009/07/13 18:37:22||2009/07/13 20:15:41||2009/07/13 18:37:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||IOfficeAntiVirus Module||© Microsoft Corporation. All rights reserved.||79e485e1361da3cbe01ff760867f1d26||<||||>wintrust.dll||6.1.7600.16493 (win7_gdr.091228-1501)||6.1.7600.16493||Application extension||C:\Windows\SysWOW64\||168KB (172,032 bytes)||||2010/08/11 20:58:51||2010/08/11 20:58:51||2010/08/11 20:58:51||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Trust Verification APIs||© Microsoft Corporation. All rights reserved.||f8090992723d55f6a2a8238f0d152149||<||||>imagehlp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||151KB (154,624 bytes)||||2009/07/13 18:57:51||2009/07/13 20:15:31||2009/07/13 18:57:51||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT Image Helper||© Microsoft Corporation. All rights reserved.||61da1dd85f7a9a8f8dea8771931faaf6||<||||>ncrypt.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||214KB (219,136 bytes)||||2009/07/13 18:33:05||2009/07/13 20:16:02||2009/07/13 18:33:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows cryptographic library||© Microsoft Corporation. All rights reserved.||c20ff1a17726c357461a7ac5b3bfc3ad||<||||>bcrypt.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||79.0KB (80,896 bytes)||||2009/07/13 18:32:57||2009/07/13 20:11:20||2009/07/13 18:32:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Cryptographic Primitives Library (Wow64)||© Microsoft Corporation. All rights reserved.||ce71b9119a258edd0a05b37d7b0f92e3||<||||>bcryptprimitives.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||244KB (249,680 bytes)||||2009/07/13 18:33:07||2009/07/13 20:17:54||2009/07/13 18:33:07||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Cryptographic Primitives Library||© Microsoft Corporation. All rights reserved.||e8449fe262d7406bcb2ac2a45c53ec5f||<||||>gpapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||78.0KB (79,872 bytes)||||2009/07/13 18:38:32||2009/07/13 20:15:22||2009/07/13 18:38:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Group Policy Client API||© Microsoft Corporation. All rights reserved.||1097f3035baf46ced8b332b3564c5108||<||||>cryptnet.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||101KB (103,424 bytes)||||2009/07/13 18:32:43||2009/07/13 20:15:07||2009/07/13 18:32:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||Crypto Network Related API||© Microsoft Corporation. All rights reserved.||04d16553664796613fe98d441a0c35d7||<||||>cabinet.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||71.0KB (72,704 bytes)||||2009/07/13 18:12:33||2009/07/13 20:15:00||2009/07/13 18:12:33||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft® Cabinet File API||© Microsoft Corporation. All rights reserved.||def30cbea881149c2affdf9a059fb759||<||||>devrtl.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||43.5KB (44,544 bytes)||||2009/07/13 18:16:06||2009/07/13 20:15:11||2009/07/13 18:16:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Device Management Run Time Library||© Microsoft Corporation. All rights reserved.||fd07f21e0a19c27ed4e1eec2b07452b3||<||||>mpr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||62.5KB (64,000 bytes)||||2009/07/13 18:55:36||2009/07/13 20:15:41||2009/07/13 18:55:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multiple Provider Router DLL||© Microsoft Corporation. All rights reserved.||b9a8cbcfcd3ec9d2ea4740af347bf108||<||||>zipfldr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||320KB (327,680 bytes)||||2009/07/13 18:40:36||2009/07/13 20:16:21||2009/07/13 18:40:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Compressed (zipped) Folders||© Microsoft Corporation. All rights reserved.||d5c88cb54e9e232deab8181cf04b5dcd||<||||> klwtblfs.exe||11.0.1.400||11.0.1.400||Application||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\||167KB (170,680 bytes)||||2010/07/01 21:38:56||2010/07/01 21:38:56||2010/10/29 17:08:15||0||1||0||0||0||0||Kaspersky Anti-Virus||WebToolBar component||© 1997-2010 Kaspersky Lab ZAO.||1e55d6711aded9f782a896b81da5f27a|| CommandLine[:]"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtblfs.exe" -Embedding Priority[:]8 ProcessId[:]3220 ReadOperationCount[:]69 ReadTransferCount[:]22390 SessionId[:]1 ThreadCount[:]4 rundll32.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\SysWOW64\||43.5KB (44,544 bytes)||||2009/07/13 18:41:43||2009/07/13 20:14:31||2009/07/13 18:41:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows host process (Rundll32)||© Microsoft Corporation. All rights reserved.||51138beea3e2c21ec44d0932c71762a8|| CommandLine[:]C:\Windows\SysWOW64\rundll32.exe basegui.ppl,ShowHelp Priority[:]8 ProcessId[:]468 ReadOperationCount[:]1 ReadTransferCount[:]69460 SessionId[:]1 ThreadCount[:]1 Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>imagehlp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||151KB (154,624 bytes)||||2009/07/13 18:57:51||2009/07/13 20:15:31||2009/07/13 18:57:51||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT Image Helper||© Microsoft Corporation. All rights reserved.||61da1dd85f7a9a8f8dea8771931faaf6||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>basegui.ppl||11.0.1.414||11.0.1.414||PPL File||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||1.62MB (1,694,392 bytes)||||2010/07/27 20:19:06||2010/10/29 17:20:36||2010/10/29 17:20:36||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Anti-Virus GUI Windows part||© 1997-2010 Kaspersky Lab ZAO.||eb66085ecaca891b5c35f5b2f55cc55a||<||||>netapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||55.5KB (56,832 bytes)||||2009/07/13 18:37:53||2009/07/13 20:16:02||2009/07/13 18:37:53||0||1||0||0||0||0||Microsoft® Windows® Operating System||Net Win32 API DLL||© Microsoft Corporation. All rights reserved.||c3dbf7dff5a38136e26badb7ab4e2972||<||||>netutils.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||21.5KB (22,016 bytes)||||2009/07/13 18:37:29||2009/07/13 20:16:03||2009/07/13 18:37:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Net Win32 API Helpers DLL||© Microsoft Corporation. All rights reserved.||c6bb27d9a8ac13d4a44486f528b5c884||<||||>srvcli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||88.0KB (90,112 bytes)||||2009/07/13 18:37:36||2009/07/13 20:16:15||2009/07/13 18:37:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Server Service Client DLL||© Microsoft Corporation. All rights reserved.||89d840773c9c4358a5031dcc860449ec||<||||>wkscli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||46.0KB (47,104 bytes)||||2009/07/13 18:37:38||2009/07/13 20:16:19||2009/07/13 18:37:38||0||1||0||0||0||0||Microsoft® Windows® Operating System||Workstation Service Client DLL||© Microsoft Corporation. All rights reserved.||7ad12703039056d2a0815f85960e1fa1||<||||>samcli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||49.5KB (50,688 bytes)||||2009/07/13 18:37:32||2009/07/13 20:16:13||2009/07/13 18:37:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Accounts Manager Client DLL||© Microsoft Corporation. All rights reserved.||742aa02bd9fa3492c9e525bbd427d87d||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||>msimg32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||4.50KB (4,608 bytes)||||2009/07/13 18:25:24||2009/07/13 20:15:44||2009/07/13 18:25:24||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDIEXT Client DLL||© Microsoft Corporation. All rights reserved.||18ab2e5a40064ed5f7791ac5946a90f3||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>msvcp80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||542KB (554,816 bytes)||||2009/07/13 15:46:11||2009/06/10 16:23:11||2009/07/13 15:46:11||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C++ Runtime Library||© Microsoft Corporation. All rights reserved.||cfc54225d1870fdbf6e9e75fb83a27cb||<||||>msvcr80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||618KB (632,656 bytes)||||2009/07/13 15:46:13||2009/06/10 16:23:11||2009/07/13 15:46:13||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C Runtime Library||© Microsoft Corporation. All rights reserved.||c4e9e285e1730d864dd4b35b73cdafdb||<||||>mpr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||62.5KB (64,000 bytes)||||2009/07/13 18:55:36||2009/07/13 20:15:41||2009/07/13 18:55:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multiple Provider Router DLL||© Microsoft Corporation. All rights reserved.||b9a8cbcfcd3ec9d2ea4740af347bf108||<||||>ws2_32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||202KB (206,336 bytes)||||2009/07/13 18:12:28||2009/07/13 20:16:20||2009/07/13 18:12:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 2.0 32-Bit DLL||© Microsoft Corporation. All rights reserved.||daae8a9b8c0acc7f858454132553c30d||<||||>nsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||8.50KB (8,704 bytes)||||2009/07/13 18:12:06||2009/07/13 20:16:11||2009/07/13 18:12:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||NSI User-mode interface DLL||© Microsoft Corporation. All rights reserved.||6377051c63d5552a311935c67e9fdfdc||<||||>comctl32.dll||6.10 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\||1.60MB (1,680,896 bytes)||||2010/10/29 16:06:18||2010/08/21 00:21:32||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Experience Controls Library||© Microsoft Corporation. All rights reserved.||4b8dd8541c0e26602005dd0137333615||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||> svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| CommandLine[:] Priority[:]6 ProcessId[:]3524 ReadOperationCount[:]14 ReadTransferCount[:]136 SessionId[:]0 ThreadCount[:]4 SearchProtocolHost.exe||7.00.7600.16385 (win7_rtm.090713-1255)||7.00.7600.16385||Application||C:\Windows\System32\||161KB (164,352 bytes)||||2009/07/13 19:14:11||2009/07/13 20:14:35||2009/07/13 19:14:11||0||1||0||0||0||0||Windows® Search||Microsoft Windows Search Protocol Host||© Microsoft Corporation. All rights reserved.||89ed7c028a487340b7d93d5a38fdcb54|| CommandLine[:] Priority[:]4 ProcessId[:]5228 ReadOperationCount[:]4 ReadTransferCount[:]16952 SessionId[:]0 ThreadCount[:]8 SearchFilterHost.exe||7.00.7600.16385 (win7_rtm.090713-1255)||7.00.7600.16385||Application||C:\Windows\System32\||84.5KB (86,528 bytes)||||2009/07/13 19:13:15||2009/07/13 20:14:35||2009/07/13 19:13:15||0||1||0||0||0||0||Windows® Search||Microsoft Windows Search Filter Host||© Microsoft Corporation. All rights reserved.||8a674f9ab20b4937357bf6f5a0938ebf|| CommandLine[:] Priority[:]4 ProcessId[:]4444 ReadOperationCount[:]353 ReadTransferCount[:]26220 SessionId[:]0 ThreadCount[:]5 GetSystemInfo(3).exe||4.01.0243||4.01.0243||Application||C:\Users\Kevin\Downloads\||597KB (611,624 bytes)||||2010/11/02 03:45:32||2010/11/02 03:45:33||2010/11/02 03:45:28||0||1||0||0||0||0||GetSystemInfo||GetSystemInfo||Copyright © Kaspersky Lab 1997-2010.||9c722bb65596fd46ecbbe00d57901e46|| CommandLine[:]"C:\Users\Kevin\Downloads\GetSystemInfo(3).exe" Priority[:]8 ProcessId[:]4580 ReadOperationCount[:]697 ReadTransferCount[:]55908 SessionId[:]1 ThreadCount[:]11 Modules[:]ntdll.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.23MB (1,289,528 bytes)||||2010/10/29 17:01:27||2010/03/24 01:37:04||2010/10/29 17:01:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||NT Layer DLL||© Microsoft Corporation. All rights reserved.||e4f1f370395b5e8e58191896d64129c4||<||||>kernel32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||817KB (836,608 bytes)||||2009/07/13 18:16:42||2009/07/13 20:11:23||2009/07/13 18:16:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||606ecb76a424cc535407e7a24e2a34bc||<||||>KernelBase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||264KB (269,824 bytes)||||2009/07/13 18:11:06||2009/07/13 20:11:23||2009/07/13 18:11:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT BASE API Client DLL||© Microsoft Corporation. All rights reserved.||e553135c97982edacdecde48d3e38458||<||||>msvbvm60.dll||6.00.9815||6.00.9815||Application extension||C:\Windows\System32\||1.32MB (1,386,496 bytes)||||2009/06/10 16:38:03||2009/07/13 20:15:50||2009/06/10 16:38:03||0||1||0||0||0||0||Visual Basic||Visual Basic Virtual Machine||Copyright © 1987-2000 Microsoft Corp.||5343a19c618bc515ceb1695586c6c137||<||||>user32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||814KB (833,024 bytes)||||2009/07/13 18:24:58||2009/07/13 20:11:24||2009/07/13 18:24:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows USER API Client DLL||© Microsoft Corporation. All rights reserved.||e8b0ffc209e504cb7e79fc24e6c085f0||<||||>gdi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||304KB (310,784 bytes)||||2009/07/13 18:25:44||2009/07/13 20:11:21||2009/07/13 18:25:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||GDI Client DLL||© Microsoft Corporation. All rights reserved.||fbe1e0b9ef53b5bb7c36763aa6a685cf||<||||>lpk.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||25.0KB (25,600 bytes)||||2009/07/13 18:25:31||2009/07/13 20:11:23||2009/07/13 18:25:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Language Pack||© Microsoft Corporation. All rights reserved.||384721ef4024890092625e20cadfaf85||<||||>usp10.dll||1.0626.7600.16385 (win7_rtm.090713-1255)||1.0626.7600.16385||Application extension||C:\Windows\SysWOW64\||613KB (627,200 bytes)||||2009/07/13 18:25:41||2009/07/13 20:16:17||2009/07/13 18:25:41||0||1||0||0||0||0||Microsoft(R) Uniscribe Unicode script processor||Uniscribe Unicode script processor||© Microsoft Corporation. All rights reserved.||0ba19f3198c40ac4e8cc66ee02eda6c6||<||||>msvcrt.dll||7.0.7600.16385 (win7_rtm.090713-1255)||7.0.7600.16385||Application extension||C:\Windows\SysWOW64\||675KB (690,688 bytes)||||2009/07/13 18:12:58||2009/07/13 20:15:50||2009/07/13 18:12:58||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT CRT DLL||© Microsoft Corporation. All rights reserved.||e46d48a7fe961401f1cbf85531cdf05d||<||||>advapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||625KB (640,000 bytes)||||2009/07/13 19:20:27||2009/07/13 20:14:53||2009/07/13 19:20:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Advanced Windows 32 Base API||© Microsoft Corporation. All rights reserved.||0c65fa8214d6f8378d1d3ba1ca46af0a||<||||>sechost.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||90.0KB (92,160 bytes)||||2009/07/13 18:11:59||2009/07/13 20:16:13||2009/07/13 18:11:59||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host for SCM/SDDL/LSA Lookup APIs||© Microsoft Corporation. All rights reserved.||cfc97f07904067a1e5fae195d534da3a||<||||>rpcrt4.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||647KB (662,528 bytes)||||2009/07/13 18:12:54||2009/07/13 20:11:23||2009/07/13 18:12:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Procedure Call Runtime||© Microsoft Corporation. All rights reserved.||90385551b6b3793e949df310a11d64e7||<||||>sspicli.dll||6.1.7600.16484 (win7_gdr.091210-1534)||6.1.7600.16484||Application extension||C:\Windows\SysWOW64\||94.5KB (96,768 bytes)||||2010/08/11 21:00:27||2010/08/11 21:00:27||2010/08/11 21:00:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Security Support Provider Interface||© Microsoft Corporation. All rights reserved.||bfb4db4681256116f69209c8d05032e0||<||||>cryptbase.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||36.0KB (36,864 bytes)||||2009/07/13 18:12:01||2009/07/13 20:15:07||2009/07/13 18:12:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||Base cryptographic API DLL||© Microsoft Corporation. All rights reserved.||f08f6fcd09f9be94c37acc1b344685ff||<||||>ole32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.35MB (1,413,632 bytes)||||2010/10/29 16:06:57||2010/06/29 00:02:02||2010/10/29 16:06:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft OLE for Windows||© Microsoft Corporation. All rights reserved.||e2c2d8c982316c8abf800c6ce3f28fab||<||||>oleaut32.dll||6.1.7600.16567||6.1.7600.16567||Application extension||C:\Windows\SysWOW64\||559KB (571,904 bytes)||||2010/10/29 17:01:26||2010/04/07 02:10:36||2010/10/29 17:01:26||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||a07da8434b12b2cd0ad2994f05d1129e||<||||>imm32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||117KB (119,808 bytes)||||2009/07/13 18:25:22||2009/07/13 20:11:21||2009/07/13 18:25:22||0||1||0||0||0||0||Microsoft® Windows® Operating System||Multi-User Windows IMM32 API Client DLL||© Microsoft Corporation. All rights reserved.||0de3069d6e09ba262856ef31c941befe||<||||>msctf.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||810KB (828,928 bytes)||||2009/07/13 18:28:05||2009/07/13 20:15:43||2009/07/13 18:28:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||MSCTF Server DLL||© Microsoft Corporation. All rights reserved.||c9618bc9b2b0fd7c1138d8774795a79b||<||||>uxtheme.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||240KB (245,760 bytes)||||2009/07/13 18:39:11||2009/07/13 20:11:24||2009/07/13 18:39:11||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft UxTheme Library||© Microsoft Corporation. All rights reserved.||43964fa89ccf97ba6be34d69455ac65f||<||||>sxs.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||372KB (380,416 bytes)||||2009/07/13 18:16:17||2009/07/13 20:16:15||2009/07/13 18:16:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Fusion 2.5||© Microsoft Corporation. All rights reserved.||accba604d34842844133a731f8045b32||<||||>clbcatq.dll||2001.12.8530.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||510KB (522,240 bytes)||||2009/07/13 18:44:44||2009/07/13 20:15:03||2009/07/13 18:44:44||0||1||0||0||0||0||Microsoft® Windows® Operating System||COM+ Configuration Catalog||© Microsoft Corporation. All rights reserved.||ff5688d309347f2720911d8796912834||<||||>asycfilt.dll||6.1.7600.16544||6.1.7600.16544||Application extension||C:\Windows\System32\||66.0KB (67,584 bytes)||||2010/08/11 21:00:42||2010/08/11 21:00:42||2010/08/11 21:00:42||0||1||0||0||0||0||||||© Microsoft Corporation. All rights reserved.||5b575ce99aa28c0d011918127e94ec88||<||||>cryptsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||77.0KB (78,848 bytes)||||2009/07/13 18:37:21||2009/07/13 20:15:07||2009/07/13 18:37:21||0||1||0||0||0||0||Microsoft® Windows® Operating System||Cryptographic Service Provider API||© Microsoft Corporation. All rights reserved.||7321f18d1f820612ed0e9f2d4b578a7e||<||||>rsaenh.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||237KB (242,936 bytes)||||2009/07/13 18:37:33||2009/07/13 20:17:54||2009/07/13 18:37:33||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Enhanced Cryptographic Provider||© Microsoft Corporation. All rights reserved.||ed8ec63f7522df4852147c84ec62c36a||<||||>dwmapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||65.5KB (67,072 bytes)||||2009/07/13 18:24:17||2009/07/13 20:15:13||2009/07/13 18:24:17||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Desktop Window Manager API||© Microsoft Corporation. All rights reserved.||39c5f32747b3414d1bb216fdb1defc58||<||||>version.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||21.0KB (21,504 bytes)||||2009/07/13 18:41:45||2009/07/13 20:16:17||2009/07/13 18:41:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Version Checking and File Installation Libraries||© Microsoft Corporation. All rights reserved.||702254574e7e52052de39408457b7149||<||||>advpack.dll||8.00.7600.16385 (win7_rtm.090713-1255)||8.00.7600.16385||Application extension||C:\Windows\System32\||124KB (126,464 bytes)||||2009/07/13 18:42:47||2009/07/13 20:14:53||2009/07/13 18:42:47||0||1||0||0||0||0||Windows® Internet Explorer||ADVPACK||© Microsoft Corporation. All rights reserved.||4fe6aa4422bec5dc3995051c670ffb26||<||||>setupapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.59MB (1,668,608 bytes)||||2009/07/13 18:16:56||2009/07/13 20:16:14||2009/07/13 18:16:56||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Setup API||© Microsoft Corporation. All rights reserved.||41323ab614a2b66ad77b1121d24ac895||<||||>cfgmgr32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||143KB (145,920 bytes)||||2009/07/13 18:16:10||2009/07/13 20:15:02||2009/07/13 18:16:10||0||1||0||0||0||0||Microsoft® Windows® Operating System||Configuration Manager DLL||© Microsoft Corporation. All rights reserved.||15b94e4ac75c9295275bdc9a1d7054c3||<||||>devobj.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||63.0KB (64,512 bytes)||||2009/07/13 18:16:09||2009/07/13 20:15:11||2009/07/13 18:16:09||0||1||0||0||0||0||Microsoft® Windows® Operating System||Device Information Set DLL||© Microsoft Corporation. All rights reserved.||cc4ed8bea78b0dca6f217e014c3291a7||<||||>shlwapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||342KB (350,208 bytes)||||2009/07/13 18:39:32||2009/07/13 20:16:14||2009/07/13 18:39:32||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Light-weight Utility Library||© Microsoft Corporation. All rights reserved.||f037db14cf6165c62f4a64d12a25b07c||<||||>shell32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||12.3MB (12,867,584 bytes)||||2010/10/29 16:06:41||2010/07/27 09:03:24||2010/10/29 16:06:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Shell Common Dll||© Microsoft Corporation. All rights reserved.||8679917a54a08ce5b923a2d0a511babd||<||||>comctl32.dll||6.10 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\||1.60MB (1,680,896 bytes)||||2010/10/29 16:06:18||2010/08/21 00:21:32||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Experience Controls Library||© Microsoft Corporation. All rights reserved.||4b8dd8541c0e26602005dd0137333615||<||||>propsys.dll||7.00.7600.16385 (win7_rtm.090713-1255)||7.00.7600.16385||Application extension||C:\Windows\System32\||965KB (988,160 bytes)||||2009/07/13 18:40:28||2009/07/13 20:16:12||2009/07/13 18:40:28||0||1||0||0||0||0||Windows® Search||Microsoft Property System||© Microsoft Corporation. All rights reserved.||26eaee08caf82aa7f03c5020f51da541||<||||>ntmarta.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||119KB (121,856 bytes)||||2009/07/13 18:34:20||2009/07/13 20:16:11||2009/07/13 18:34:20||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows NT MARTA provider||© Microsoft Corporation. All rights reserved.||3fd15b4611d9bda3f8013548c0ecaeca||<||||>Wldap32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||263KB (268,800 bytes)||||2009/07/13 18:38:45||2009/07/13 20:16:19||2009/07/13 18:38:45||0||1||0||0||0||0||Microsoft® Windows® Operating System||Win32 LDAP API DLL||© Microsoft Corporation. All rights reserved.||bfa70a99ad1434263f2dfbba103bdef8||<||||>wininet.dll||8.00.7600.16385 (win7_rtm.090713-1255)||8.00.7600.16385||Application extension||C:\Windows\SysWOW64\||956KB (978,432 bytes)||||2010/10/29 16:02:49||2010/09/07 23:30:04||2010/10/29 16:02:49||0||1||0||0||0||0||Windows® Internet Explorer||Internet Extensions for Win32||© Microsoft Corporation. All rights reserved.||3d6aa6dd4d0f3bb41b804747eb489831||<||||>normaliz.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||2.00KB (2,048 bytes)||||2009/07/13 18:15:41||2009/07/13 20:09:00||2009/07/13 18:15:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||Unicode Normalization DLL||© Microsoft Corporation. All rights reserved.||9c278785347bcc991f8ea2999d90f58d||<||||>urlmon.dll||8.00.7600.16385 (win7_rtm.090713-1255)||8.00.7600.16385||Application extension||C:\Windows\SysWOW64\||1.17MB (1,226,752 bytes)||||2010/10/29 16:02:49||2010/09/07 23:30:01||2010/10/29 16:02:49||0||1||0||0||0||0||Windows® Internet Explorer||OLE32 Extensions for Win32||© Microsoft Corporation. All rights reserved.||417ee5aa3d10c4f40e52a17c71dfb99a||<||||>crypt32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||1.10MB (1,151,488 bytes)||||2009/07/13 18:34:18||2009/07/13 20:15:07||2009/07/13 18:34:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Crypto API32||© Microsoft Corporation. All rights reserved.||e6b5de86abf68d7d67e451c29287b5c5||<||||>msasn1.dll||6.1.7600.16415 (win7_gdr.090828-1615)||6.1.7600.16415||Application extension||C:\Windows\SysWOW64\||34.0KB (34,816 bytes)||||2010/08/11 20:54:49||2010/08/11 20:54:49||2010/08/11 20:54:49||0||1||0||0||0||0||Microsoft® Windows® Operating System||ASN.1 Runtime APIs||© Microsoft Corporation. All rights reserved.||4c04900aa8c323f5d4c316a89e976849||<||||>iertutil.dll||8.00.7600.16671 (win7_gdr.100907-1501)||8.00.7600.16671||Application extension||C:\Windows\SysWOW64\||1.96MB (2,058,752 bytes)||||2010/10/29 16:02:50||2010/09/07 23:28:01||2010/10/29 16:02:50||0||1||0||0||0||0||Windows® Internet Explorer||Run time utility for Internet Explorer||© Microsoft Corporation. All rights reserved.||de03c0797d592582317a0aa6cda3a0c4||<||||>profapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||31.0KB (31,744 bytes)||||2009/07/13 18:12:02||2009/07/13 20:16:12||2009/07/13 18:12:02||0||1||0||0||0||0||Microsoft® Windows® Operating System||User Profile Basic API||© Microsoft Corporation. All rights reserved.||c733d233b623b7ffce5031e4b756ee26||<||||>ws2_32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||202KB (206,336 bytes)||||2009/07/13 18:12:28||2009/07/13 20:16:20||2009/07/13 18:12:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Socket 2.0 32-Bit DLL||© Microsoft Corporation. All rights reserved.||daae8a9b8c0acc7f858454132553c30d||<||||>nsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||8.50KB (8,704 bytes)||||2009/07/13 18:12:06||2009/07/13 20:16:11||2009/07/13 18:12:06||0||1||0||0||0||0||Microsoft® Windows® Operating System||NSI User-mode interface DLL||© Microsoft Corporation. All rights reserved.||6377051c63d5552a311935c67e9fdfdc||<||||>dnsapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||264KB (269,824 bytes)||||2009/07/13 18:12:41||2009/07/13 20:15:12||2009/07/13 18:12:41||0||1||0||0||0||0||Microsoft® Windows® Operating System||DNS Client API DLL||© Microsoft Corporation. All rights reserved.||6d5a49d6479eb753c7879f73a4c35e0f||<||||>IPHLPAPI.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||102KB (103,936 bytes)||||2009/07/13 18:12:15||2009/07/13 20:15:33||2009/07/13 18:12:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||IP Helper API||© Microsoft Corporation. All rights reserved.||6095266caaf5e75f394cfd4844cc4c25||<||||>winnsi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||16.5KB (16,896 bytes)||||2009/07/13 18:12:05||2009/07/13 20:16:19||2009/07/13 18:12:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Store Information RPC interface||© Microsoft Corporation. All rights reserved.||cff35b879d1618d42c86644c717ba947||<||||>rasapi32.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||318KB (325,120 bytes)||||2009/07/13 18:55:16||2009/07/13 20:16:12||2009/07/13 18:55:16||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Access API||© Microsoft Corporation. All rights reserved.||839f96dbaafd3353e0b248a5e0bd2a51||<||||>rasman.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||75.0KB (76,800 bytes)||||2009/07/13 18:54:43||2009/07/13 20:16:12||2009/07/13 18:54:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote Access Connection Manager||© Microsoft Corporation. All rights reserved.||ffa7172354b9256dbb2cdd75f16f33fe||<||||>rtutils.dll||6.1.7600.16617 (win7_gdr.100618-1621)||6.1.7600.16617||Application extension||C:\Windows\System32\||36.5KB (37,376 bytes)||||2010/10/29 16:06:38||2010/06/19 01:23:50||2010/10/29 16:06:38||0||1||0||0||0||0||Microsoft® Windows® Operating System||Routing Utilities||© Microsoft Corporation. All rights reserved.||406f7b9c71b99872670ee9a8d52e2fe5||<||||>SensApi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||10.5KB (10,752 bytes)||||2009/07/13 18:21:53||2009/07/13 20:16:13||2009/07/13 18:21:53||0||1||0||0||0||0||Microsoft® Windows® Operating System||SENS Connectivity API DLL||© Microsoft Corporation. All rights reserved.||6f8e3b7b70e1bba871212940c1fbdf60||<||||>mswsock.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||227KB (232,448 bytes)||||2009/07/13 18:12:34||2009/07/13 20:15:51||2009/07/13 18:12:34||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Sockets 2.0 Service Provider||© Microsoft Corporation. All rights reserved.||11a41f17527ed75d6b758fdd7f4fd00d||<||||>WSHTCPIP.DLL||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||9.00KB (9,216 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv4)||© Microsoft Corporation. All rights reserved.||ee5c8e27c37b79cb54a2fceeed2dc262||<||||>wship6.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||10.5KB (10,752 bytes)||||2009/07/13 18:12:08||2009/07/13 20:16:20||2009/07/13 18:12:08||0||1||0||0||0||0||Microsoft® Windows® Operating System||Winsock2 Helper DLL (TL/IPv6)||© Microsoft Corporation. All rights reserved.||73e8667a19feedd856df2695e9e511d4||<||||>nlaapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||50.5KB (51,712 bytes)||||2009/07/13 18:53:54||2009/07/13 20:16:03||2009/07/13 18:53:54||0||1||0||0||0||0||Microsoft® Windows® Operating System||Network Location Awareness 2||© Microsoft Corporation. All rights reserved.||045db4eab4fbd23210e85ecc3f464a2e||<||||>winrnr.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:37:57||2009/07/13 20:16:19||2009/07/13 18:37:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||LDAP RnR Provider DLL||© Microsoft Corporation. All rights reserved.||5df5d8cfd9b9573fa3b2c89d9061a240||<||||>NapiNSP.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||51.0KB (52,224 bytes)||||2009/07/13 18:54:55||2009/07/13 20:16:02||2009/07/13 18:54:55||0||1||0||0||0||0||Microsoft® Windows® Operating System||E-mail Naming Shim Provider||© Microsoft Corporation. All rights reserved.||0b7e85364cb878e2ad531db7b601a9e5||<||||>pnrpnsp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||63.5KB (65,024 bytes)||||2009/07/13 18:55:50||2009/07/13 20:16:12||2009/07/13 18:55:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||PNRP Name Space Provider||© Microsoft Corporation. All rights reserved.||5cf640eddb1e40a5ab1bb743bcdec610||<||||>scrrun.dll||5.8.7600.16385||5.8.7600.16385||Application extension||C:\Windows\SysWOW64\||160KB (163,840 bytes)||||2009/07/13 18:42:38||2009/07/13 20:16:13||2009/07/13 18:42:38||0||1||0||0||0||0||Microsoft ® Script Runtime||Microsoft ® Script Runtime||© Microsoft Corporation. All rights reserved.||69a1d7c29cff256becbd4e39e2159636||<||||>wbemdisp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\wbem\||183KB (187,392 bytes)||||2009/07/13 18:31:02||2009/07/13 20:16:17||2009/07/13 18:31:02||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI Scripting||© Microsoft Corporation. All rights reserved.||244c6722289f4869068992fd7d8a8832||<||||>wbemcomn.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||354KB (362,496 bytes)||||2009/07/13 18:30:48||2009/07/13 20:16:17||2009/07/13 18:30:48||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI||© Microsoft Corporation. All rights reserved.||96f3f676b4d0df4da9c4081358c4662f||<||||>wbemprox.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\wbem\||28.5KB (29,184 bytes)||||2009/07/13 18:30:14||2009/07/13 20:16:17||2009/07/13 18:30:14||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI||© Microsoft Corporation. All rights reserved.||c5b0324db461559add070e632a6919fa||<||||>wmiutils.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\wbem\||83.5KB (85,504 bytes)||||2009/07/13 18:30:15||2009/07/13 20:16:19||2009/07/13 18:30:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI||© Microsoft Corporation. All rights reserved.||5610b0425518d185331cb8e968d060e6||<||||>RpcRtRemote.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||44.5KB (45,568 bytes)||||2009/07/13 18:43:48||2009/07/13 20:16:13||2009/07/13 18:43:48||0||1||0||0||0||0||Microsoft® Windows® Operating System||Remote RPC Extension||© Microsoft Corporation. All rights reserved.||6c0bd9d59c7e97dee2fb3407d17bf697||<||||>wbemsvc.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\wbem\||46.5KB (47,616 bytes)||||2009/07/13 18:30:07||2009/07/13 20:16:17||2009/07/13 18:30:07||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI||© Microsoft Corporation. All rights reserved.||776ae0564f8b1c282e331fd95a1bdc5f||<||||>fastprox.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\wbem\||592KB (605,696 bytes)||||2009/07/13 18:31:15||2009/07/13 20:15:20||2009/07/13 18:31:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||WMI Custom Marshaller||© Microsoft Corporation. All rights reserved.||1cedfe91f527858caca1b08b04666bc0||<||||>ntdsapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||88.0KB (90,112 bytes)||||2009/07/13 18:38:21||2009/07/13 20:16:11||2009/07/13 18:38:21||0||1||0||0||0||0||Microsoft® Windows® Operating System||Active Directory Domain Services API||© Microsoft Corporation. All rights reserved.||e3e811471de781900ff21c1fd84e941e||<||||>WindowsCodecs.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||988KB (1,011,200 bytes)||||2009/07/13 18:29:14||2009/07/13 20:16:18||2009/07/13 18:29:14||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft Windows Codecs Library||© Microsoft Corporation. All rights reserved.||691c8dfb208227f0cbb5c0897c742ace||<||||>apphelp.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||286KB (292,352 bytes)||||2009/07/13 18:14:31||2009/07/13 20:14:53||2009/07/13 18:14:31||0||1||0||0||0||0||Microsoft® Windows® Operating System||Application Compatibility Client Library||© Microsoft Corporation. All rights reserved.||c02e3ce20e7776c922b5c8938350b5f1||<||||>EhStorShell.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||186KB (189,952 bytes)||||2009/07/13 18:45:42||2009/07/13 20:15:14||2009/07/13 18:45:42||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Enhanced Storage Shell Extension DLL||© Microsoft Corporation. All rights reserved.||846d0e4db261cfaf363902e41498e961||<||||>comctl32.dll||5.82 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\||518KB (530,432 bytes)||||2010/10/29 16:06:18||2010/08/21 00:33:24||2010/10/29 16:06:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Common Controls Library||© Microsoft Corporation. All rights reserved.||d3ead1cf16ba729a7f7c9a5d94aa7c05||<||||>ntshrui.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||433KB (442,880 bytes)||||2009/07/13 18:41:55||2009/07/13 20:16:11||2009/07/13 18:41:55||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell extensions for sharing||© Microsoft Corporation. All rights reserved.||36333d345062e42e849c0af00cbefc97||<||||>srvcli.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||88.0KB (90,112 bytes)||||2009/07/13 18:37:36||2009/07/13 20:16:15||2009/07/13 18:37:36||0||1||0||0||0||0||Microsoft® Windows® Operating System||Server Service Client DLL||© Microsoft Corporation. All rights reserved.||89d840773c9c4358a5031dcc860449ec||<||||>cscapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||34.0KB (34,816 bytes)||||2009/07/13 18:14:26||2009/07/13 20:15:07||2009/07/13 18:14:26||0||1||0||0||0||0||Microsoft® Windows® Operating System||Offline Files Win32 API||© Microsoft Corporation. All rights reserved.||add9d33d685dfaddfad5afb42cf31a70||<||||>slc.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||26.5KB (27,136 bytes)||||2009/07/13 18:35:27||2009/07/13 20:16:15||2009/07/13 18:35:27||0||1||0||0||0||0||Microsoft® Windows® Operating System||Software Licensing Client Dll||© Microsoft Corporation. All rights reserved.||8b74cec6980d4816b0037ae9a27e538f||<||||>psapi.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||6.00KB (6,144 bytes)||||2009/07/13 18:15:50||2009/07/13 20:16:12||2009/07/13 18:15:50||0||1||0||0||0||0||Microsoft® Windows® Operating System||Process Status Helper||© Microsoft Corporation. All rights reserved.||a543ac1f7138376d778d630a35fcbc4c||<||||>mscoree.dll||4.0.31106.0 (Main.031106-0000)||4.0.31106.0||Application extension||C:\Windows\SysWOW64\||291KB (297,808 bytes)||||2010/10/29 16:11:44||2009/11/25 12:47:34||2010/10/29 16:11:44||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Runtime Execution Engine||© Microsoft Corporation. All rights reserved.||128dd9af8640dbcc711940903c8b554f||<||||>mscoreei.dll||4.0.30319.1 (RTMRel.030319-0100)||4.0.30319.1||Application extension||C:\Windows\Microsoft.NET\Framework\v4.0.30319\||403KB (413,008 bytes)||||2010/03/18 13:16:28||2010/03/18 13:16:28||2010/10/29 17:02:50||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft .NET Runtime Execution Engine||© Microsoft Corporation. All rights reserved.||83ba5e873164a3711b44052f58c8fe9f||<||||>shfusion.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application extension||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||113KB (115,536 bytes)||||2009/07/13 15:46:31||2009/06/10 16:23:16||2009/07/13 15:46:31||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft COM Runtime Fusion Assembly Viewer||© Microsoft Corporation. All rights reserved.||28fad9308f927e7f100f10f68e5ba083||<||||>msvcr80.dll||8.00.50727.4927||8.00.50727.4927||Application extension||C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\||618KB (632,656 bytes)||||2009/07/13 15:46:13||2009/06/10 16:23:11||2009/07/13 15:46:13||0||1||0||0||0||0||Microsoft® Visual Studio® 2005||Microsoft® C Runtime Library||© Microsoft Corporation. All rights reserved.||c4e9e285e1730d864dd4b35b73cdafdb||<||||>fusion.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application extension||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||15.3KB (15,680 bytes)||||2009/07/13 15:46:20||2009/06/10 16:22:53||2009/07/13 15:46:20||0||1||0||0||0||0||Microsoft® .NET Framework||Assembly manager||© Microsoft Corporation. All rights reserved.||d7064dba39d806503b812aed707c11ac||<||||>Culture.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application extension||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||23.3KB (23,872 bytes)||||2009/07/13 15:46:18||2009/06/10 16:22:50||2009/07/13 15:46:18||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft Globalization Support||© Microsoft Corporation. All rights reserved.||a0617b5753e31126ad29c03154f4f329||<||||>ShFusRes.dll||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application extension||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||89.8KB (91,984 bytes)||||2009/07/13 15:46:31||2009/06/10 16:23:17||2009/07/13 15:46:31||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft COM Runtime Fusion Assembly Viewer Resources||© Microsoft Corporation. All rights reserved.||b9d947029a84b9731ae4311df035e136||<||||>wpdshext.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||2.20MB (2,311,168 bytes)||||2009/07/13 19:07:34||2009/07/13 20:16:20||2009/07/13 19:07:34||0||1||0||0||0||0||Microsoft® Windows® Operating System||Portable Devices Shell Extension||© Microsoft Corporation. All rights reserved.||baf10e9c4a0a20bbce6de4b5a1417351||<||||>winmm.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||190KB (194,048 bytes)||||2009/07/13 19:03:43||2009/07/13 20:16:19||2009/07/13 19:03:43||0||1||0||0||0||0||Microsoft® Windows® Operating System||MCI API DLL||© Microsoft Corporation. All rights reserved.||26a634b2e0fd87f23541ad13a503ca72||<||||>GdiPlus.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\||1.55MB (1,624,576 bytes)||||2009/07/13 18:26:25||2009/07/13 20:03:50||2009/07/13 18:26:25||0||1||0||0||0||0||Microsoft® Windows® Operating System||Microsoft GDI+||© Microsoft Corporation. All rights reserved.||edb57065790b62ef83be117ad3edfde2||<||||>shdocvw.dll||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\System32\||176KB (179,712 bytes)||||2009/07/13 18:39:18||2009/07/13 20:16:14||2009/07/13 18:39:18||0||1||0||0||0||0||Microsoft® Windows® Operating System||Shell Doc Object and Control Library||© Microsoft Corporation. All rights reserved.||e07b77c3bdc82a024e294fb67abfeda0||<||||>ieframe.dll||8.00.7600.16385 (win7_rtm.090713-1255)||8.00.7600.16385||Application extension||C:\Windows\SysWOW64\||10.5MB (10,988,544 bytes)||||2010/10/29 16:02:51||2010/09/07 23:28:01||2010/10/29 16:02:51||0||1||0||0||0||0||Windows® Internet Explorer||Internet Browser||© Microsoft Corporation. All rights reserved.||583d81424160acf62377fc3c1f221f1b||<||||>oleacc.dll||7.0.0.0 (win7_rtm.090713-1255)||6.1.7600.16385||Application extension||C:\Windows\SysWOW64\||228KB (233,472 bytes)||||2009/07/13 18:26:29||2009/07/13 20:16:12||2009/07/13 18:26:29||0||1||0||0||0||0||Microsoft® Windows® Operating System||Active Accessibility Core Component||© Microsoft Corporation. All rights reserved.||cbd010bfbed9657c3813400aad03cf8a||<||||> SASCore64.exe||1, 0, 0, 1026||1, 0, 0, 1026||Application||C:\Program Files\SUPERAntiSpyware\||126KB (128,752 bytes)||||2010/06/29 12:49:27||2010/06/29 12:49:27||2010/06/29 12:49:27||0||1||0||0||0||0||Core Service||Core Service||Copyright (C) 2005-2010 by SUPERAntiSpyware.com and SUPERAdBlocker.com||a0709b82fa3b5afad1467e565b8b3ba0|| pathname[:]"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" Name[:]!SASCORE ServiceType[:]Own Process ProcessId[:]1744 AcceptPause[:]False AcceptStop[:]True Description[:]SUPERAntiSpyware Core Service DisplayName[:]SAS Core Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k netsvcs Name[:]AeLookupSvc ServiceType[:]Share Process ProcessId[:]484 AcceptPause[:]False AcceptStop[:]True Description[:]Processes application compatibility cache requests for applications as they are launched DisplayName[:]Application Experience Started[:]True StartMode[:]Manual StartName[:]localSystem State[:]Running Status[:]OK pathname[:]"C:\Windows\system32\FBAgent.exe" Name[:]AFBAgent ServiceType[:]Own Process ProcessId[:]1332 AcceptPause[:]False AcceptStop[:]True Description[:] DisplayName[:]AFBAgent Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK pathname[:]C:\Windows\System32\alg.exe Name[:]ALG ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Provides support for 3rd party protocol plug-ins for Internet Connection Sharing DisplayName[:]Application Layer Gateway Service Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k apphost Name[:]AppHostSvc ServiceType[:]Share Process ProcessId[:]1776 AcceptPause[:]True AcceptStop[:]True Description[:]Provides administrative services for IIS, for example configuration history and Application Pool account mapping. If this service is stopped, configuration history and locking down files or directories with Application Pool specific Access Control Entries will not work. DisplayName[:]Application Host Helper Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation Name[:]AppIDSvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Determines and verifies the identity of an application. Disabling this service will prevent AppLocker from being enforced. DisplayName[:]Application Identity Started[:]False StartMode[:]Manual StartName[:]NT Authority\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k netsvcs Name[:]Appinfo ServiceType[:]Share Process ProcessId[:]484 AcceptPause[:]False AcceptStop[:]True Description[:]Facilitates the running of interactive applications with additional administrative privileges. If this service is stopped, users will be unable to launch applications with the additional administrative privileges they may require to perform desired user tasks. DisplayName[:]Application Information Started[:]True StartMode[:]Manual StartName[:]LocalSystem State[:]Running Status[:]OK ||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0|||||||||| pathname[:]C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe Name[:]ASLDRService ServiceType[:]Own Process ProcessId[:]1472 AcceptPause[:]False AcceptStop[:]True Description[:] DisplayName[:]ASLDR Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK aspnet_state.exe||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application||C:\Windows\Microsoft.NET\Framework64\v2.0.50727\||41.8KB (42,840 bytes)||||2009/07/13 15:37:13||2009/06/10 15:39:44||2009/07/13 15:37:13||0||1||0||0||0||0||Microsoft® .NET Framework||Microsoft ASP.NET State Server||© Microsoft Corporation. All rights reserved.||1838f16e9ce03b993fc500703b711dab|| pathname[:]C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe Name[:]aspnet_state ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]ASP.NET State Service Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\NetworkService State[:]Stopped Status[:]OK ||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0|||||||||| pathname[:]C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe Name[:]ATKGFNEXSrv ServiceType[:]Own Process ProcessId[:]1528 AcceptPause[:]False AcceptStop[:]True Description[:] DisplayName[:]ATKGFNEX Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted Name[:]AudioEndpointBuilder ServiceType[:]Share Process ProcessId[:]368 AcceptPause[:]False AcceptStop[:]True Description[:]Manages audio devices for the Windows Audio service. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start DisplayName[:]Windows Audio Endpoint Builder Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted Name[:]AudioSrv ServiceType[:]Share Process ProcessId[:]972 AcceptPause[:]False AcceptStop[:]True Description[:]Manages audio for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start DisplayName[:]Windows Audio Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\LocalService State[:]Running Status[:]OK avp.exe||11.0.1.419||11.0.1.419||Application||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||345KB (352,976 bytes)||||2010/07/01 21:39:08||2010/10/29 17:20:36||2010/10/29 17:20:36||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Anti-Virus||© 1997-2010 Kaspersky Lab ZAO.||946d70667b0119f2beeae0849e1d46a2|| pathname[:]"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" -r Name[:]AVP ServiceType[:]Own Process ProcessId[:]1796 AcceptPause[:]False AcceptStop[:]False Description[:]Provides computer protection against viruses, dangerous software, network attacks, internet fraud and spam. DisplayName[:]Kaspersky Anti-Virus Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k AxInstSVGroup Name[:]AxInstSV ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Provides User Account Control validation for the installation of ActiveX controls from the Internet and enables management of ActiveX control installation based on Group Policy settings. This service is started on demand and if disabled the installation of ActiveX controls will behave according to default browser settings. DisplayName[:]ActiveX Installer (AxInstSV) Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k netsvcs Name[:]BDESVC ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]BDESVC hosts the BitLocker Drive Encryption service. BitLocker Drive Encryption provides secure startup for the operating system, as well as full volume encryption for OS, fixed or removable volumes. This service allows BitLocker to prompt users for various actions related to their volumes when mounted, and unlocks volumes automatically without user interaction. Additionally, it stores recovery information to Active Directory, if available, and, if necessary, ensures the most recent recovery certificates are used. Stopping or disabling the service would prevent users from leveraging this functionality. DisplayName[:]BitLocker Drive Encryption Service Started[:]False StartMode[:]Manual StartName[:]localSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork Name[:]BFE ServiceType[:]Share Process ProcessId[:]1628 AcceptPause[:]False AcceptStop[:]True Description[:]The Base Filtering Engine (BFE) is a service that manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Stopping or disabling the BFE service will significantly reduce the security of the system. It will also result in unpredictable behavior in IPsec management and firewall applications. DisplayName[:]Base Filtering Engine Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\LocalService State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k netsvcs Name[:]BITS ServiceType[:]Share Process ProcessId[:]484 AcceptPause[:]False AcceptStop[:]True Description[:]Transfers files in the background using idle network bandwidth. If the service is disabled, then any applications that depend on BITS, such as Windows Update or MSN Explorer, will be unable to automatically download programs and other information. DisplayName[:]Background Intelligent Transfer Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k netsvcs Name[:]Browser ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Computer Browser Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k bthsvcs Name[:]bthserv ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]The Bluetooth service supports discovery and association of remote Bluetooth devices. Stopping or disabling this service may cause already installed Bluetooth devices to fail to operate properly and prevent new devices from being discovered or associated. DisplayName[:]Bluetooth Support Service Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k netsvcs Name[:]CertPropSvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Copies user certificates and root certificates from smart cards into the current user's certificate store, detects when a smart card is inserted into a smart card reader, and, if needed, installs the smart card Plug and Play minidriver. DisplayName[:]Certificate Propagation Started[:]False StartMode[:]Disabled StartName[:]LocalSystem State[:]Stopped Status[:]OK pathname[:]C:\Windows\system32\CISVC.EXE Name[:]CISVC ServiceType[:]Share Process ProcessId[:]1900 AcceptPause[:]True AcceptStop[:]True Description[:]Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language. DisplayName[:]Indexing Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK mscorsvw.exe||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application||C:\Windows\Microsoft.NET\Framework\v2.0.50727\||64.8KB (66,384 bytes)||||2009/07/13 15:46:27||2009/06/10 16:23:09||2009/07/13 15:46:27||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Runtime Optimization Service||© Microsoft Corporation. All rights reserved.||d88040f816fda31c3b466f0fa0918f29|| pathname[:]C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe Name[:]clr_optimization_v2.0.50727_32 ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Microsoft .NET Framework NGEN DisplayName[:]Microsoft .NET Framework NGEN v2.0.50727_X86 Started[:]False StartMode[:]Disabled StartName[:]LocalSystem State[:]Stopped Status[:]OK mscorsvw.exe||2.0.50727.4927 (NetFXspW7.050727-4900)||2.0.50727.4927||Application||C:\Windows\Microsoft.NET\Framework64\v2.0.50727\||87.8KB (89,920 bytes)||||2009/07/13 15:37:21||2009/06/10 15:39:58||2009/07/13 15:37:21||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Runtime Optimization Service||© Microsoft Corporation. All rights reserved.||d1ceea2b47cb998321c579651ce3e4f8|| pathname[:]C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe Name[:]clr_optimization_v2.0.50727_64 ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Microsoft .NET Framework NGEN DisplayName[:]Microsoft .NET Framework NGEN v2.0.50727_X64 Started[:]False StartMode[:]Disabled StartName[:]LocalSystem State[:]Stopped Status[:]OK mscorsvw.exe||4.0.30319.1 (RTMRel.030319-0100)||4.0.30319.1||Application||C:\Windows\Microsoft.NET\Framework\v4.0.30319\||127KB (130,384 bytes)||||2010/03/18 13:16:28||2010/03/18 13:16:28||2010/10/29 17:02:51||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Runtime Optimization Service||© Microsoft Corporation. All rights reserved.||c5a75eb48e2344abdc162bda79e16841|| pathname[:]C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe Name[:]clr_optimization_v4.0.30319_32 ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Microsoft .NET Framework NGEN DisplayName[:]Microsoft .NET Framework NGEN v4.0.30319_X86 Started[:]False StartMode[:]Auto StartName[:]LocalSystem State[:]Stopped Status[:]OK mscorsvw.exe||4.0.30319.1 (RTMRel.030319-0100)||4.0.30319.1||Application||C:\Windows\Microsoft.NET\Framework64\v4.0.30319\||135KB (138,576 bytes)||||2010/03/18 14:27:14||2010/03/18 14:27:14||2010/10/29 17:02:51||0||1||0||0||0||0||Microsoft® .NET Framework||.NET Runtime Optimization Service||© Microsoft Corporation. All rights reserved.||c6f9af94dcd58122a4d7e89db6bed29d|| pathname[:]C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe Name[:]clr_optimization_v4.0.30319_64 ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Microsoft .NET Framework NGEN DisplayName[:]Microsoft .NET Framework NGEN v4.0.30319_X64 Started[:]False StartMode[:]Auto StartName[:]LocalSystem State[:]Stopped Status[:]OK dllhost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||7.00KB (7,168 bytes)||||2009/07/13 18:43:52||2009/07/13 20:14:18||2009/07/13 18:43:52||0||1||0||0||0||0||Microsoft® Windows® Operating System||COM Surrogate||© Microsoft Corporation. All rights reserved.||a63dc5c2ea944e6657203e0c8edeaf61|| pathname[:]C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} Name[:]COMSysApp ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]COM+ System Application Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k NetworkService Name[:]CryptSvc ServiceType[:]Share Process ProcessId[:]1152 AcceptPause[:]False AcceptStop[:]True Description[:]Provides four management services: Catalog Database Service, which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; Automatic Root Certificate Update Service, which retrieves root certificates from Windows Update and enable scenarios such as SSL; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Cryptographic Services Started[:]True StartMode[:]Auto StartName[:]NT Authority\NetworkService State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k DcomLaunch Name[:]DcomLaunch ServiceType[:]Share Process ProcessId[:]792 AcceptPause[:]False AcceptStop[:]False Description[:]The DCOMLAUNCH service launches COM and DCOM servers in response to object activation requests. If this service is stopped or disabled, programs using COM or DCOM will not function properly. It is strongly recommended that you have the DCOMLAUNCH service running. DisplayName[:]DCOM Server Process Launcher Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k defragsvc Name[:]defragsvc ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Provides Disk Defragmentation Capabilities. DisplayName[:]Disk Defragmenter Started[:]False StartMode[:]Manual StartName[:]localSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted Name[:]Dhcp ServiceType[:]Share Process ProcessId[:]972 AcceptPause[:]False AcceptStop[:]True Description[:]Registers and updates IP addresses and DNS records for this computer. If this service is stopped, this computer will not receive dynamic IP addresses and DNS updates. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]DHCP Client Started[:]True StartMode[:]Auto StartName[:]NT Authority\LocalService State[:]Running Status[:]OK DMAgent.exe||2.0.0.2402||2.0.0.2402||Application||C:\Program Files\Intel\WiMAX\Bin\||399KB (408,576 bytes)||||2010/06/07 17:34:20||2010/06/07 17:34:20||2010/08/11 20:38:40||0||1||0||0||0||0||Wireless WiMAX Red Bend Device Management Service||Red Bend Device Management Service for Intel(R) PROSet/Wireless WiMAX Software||Copyright © 2008 Red Bend Ltd.||61458c120cddfe7514e2db125568ca59|| pathname[:]"C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe" Name[:]DMAgent ServiceType[:]Own Process ProcessId[:]920 AcceptPause[:]False AcceptStop[:]True Description[:]Red Bend Device Management Service for Intel® PROSet/Wireless WiMAX Software. DisplayName[:]Intel® PROSet/Wireless WiMAX Red Bend Device Management Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k NetworkService Name[:]Dnscache ServiceType[:]Share Process ProcessId[:]1152 AcceptPause[:]False AcceptStop[:]True Description[:]The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer. If the service is stopped, DNS names will continue to be resolved. However, the results of DNS name queries will not be cached and the computer's name will not be registered. If the service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]DNS Client Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\NetworkService State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted Name[:]dot3svc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]The Wired AutoConfig (DOT3SVC) service is responsible for performing IEEE 802.1X authentication on Ethernet interfaces. If your current wired network deployment enforces 802.1X authentication, the DOT3SVC service should be configured to run for establishing Layer 2 connectivity and/or providing access to network resources. Wired networks that do not enforce 802.1X authentication are unaffected by the DOT3SVC service. DisplayName[:]Wired AutoConfig Started[:]False StartMode[:]Manual StartName[:]localSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork Name[:]DPS ServiceType[:]Share Process ProcessId[:]1628 AcceptPause[:]False AcceptStop[:]True Description[:]The Diagnostic Policy Service enables problem detection, troubleshooting and resolution for Windows components. If this service is stopped, diagnostics will no longer function. DisplayName[:]Diagnostic Policy Service Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\LocalService State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k netsvcs Name[:]EapHost ServiceType[:]Share Process ProcessId[:]484 AcceptPause[:]False AcceptStop[:]True Description[:]The Extensible Authentication Protocol (EAP) service provides network authentication in such scenarios as 802.1x wired and wireless, VPN, and Network Access Protection (NAP). EAP also provides application programming interfaces (APIs) that are used by network access clients, including wireless and VPN clients, during the authentication process. If you disable this service, this computer is prevented from accessing networks that require EAP authentication. DisplayName[:]Extensible Authentication Protocol Started[:]True StartMode[:]Manual StartName[:]localSystem State[:]Running Status[:]OK pathname[:]C:\Windows\System32\lsass.exe Name[:]EFS ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Provides the core file encryption technology used to store encrypted files on NTFS file system volumes. If this service is stopped or disabled, applications will be unable to access encrypted files. DisplayName[:]Encrypting File System (EFS) Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK ehrecvr.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\ehome\||680KB (696,320 bytes)||||2010/10/29 17:30:15||2010/08/04 02:05:58||2010/10/29 17:30:15||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Media Center Receiver Service||© Microsoft Corporation. All rights reserved.||47c071994c3f649f23d9cd075ac9304a|| pathname[:]C:\Windows\ehome\ehRecvr.exe Name[:]ehRecvr ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Windows Media Center Service for TV and FM broadcast reception DisplayName[:]Windows Media Center Receiver Service Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\networkService State[:]Stopped Status[:]OK ehsched.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\ehome\||125KB (127,488 bytes)||||2009/07/13 19:24:23||2009/07/13 20:39:09||2009/07/13 19:24:23||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Media Center Scheduler Service||© Microsoft Corporation. All rights reserved.||4705e8ef9934482c5bb488ce28afc681|| pathname[:]C:\Windows\ehome\ehsched.exe Name[:]ehSched ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Starts and stops recording of TV programs within Windows Media Center DisplayName[:]Windows Media Center Scheduler Service Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\networkService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted Name[:]eventlog ServiceType[:]Share Process ProcessId[:]972 AcceptPause[:]False AcceptStop[:]True Description[:]This service manages events and event logs. It supports logging events, querying events, subscribing to events, archiving event logs, and managing event metadata. It can display events in both XML and plain text format. Stopping this service may compromise security and reliability of the system. DisplayName[:]Windows Event Log Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\LocalService State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalService Name[:]EventSystem ServiceType[:]Share Process ProcessId[:]1044 AcceptPause[:]False AcceptStop[:]True Description[:]Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]COM+ Event System Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\LocalService State[:]Running Status[:]OK ||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0|||||||||| pathname[:]C:\Program Files\Intel\WiFi\bin\EvtEng.exe Name[:]EvtEng ServiceType[:]Own Process ProcessId[:]4732 AcceptPause[:]False AcceptStop[:]True Description[:]Manages the event trace messages for all the Intel® PROSet/Wireless Software components. DisplayName[:]Intel(R) PROSet/Wireless Event Log Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK pathname[:]C:\Windows\system32\fxssvc.exe Name[:]Fax ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network. DisplayName[:]Fax Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\NetworkService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalService Name[:]fdPHost ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]The FDPHOST service hosts the Function Discovery (FD) network discovery providers. These FD providers supply network discovery services for the Simple Services Discovery Protocol (SSDP) and Web Services – Discovery (WS-D) protocol. Stopping or disabling the FDPHOST service will disable network discovery for these protocols when using FD. When this service is unavailable, network services using FD and relying on these discovery protocols will be unable to find network devices or resources. DisplayName[:]Function Discovery Provider Host Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation Name[:]FDResPub ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Publishes this computer and resources attached to this computer so they can be discovered over the network. If this service is stopped, network resources will no longer be published and they will not be discovered by other computers on the network. DisplayName[:]Function Discovery Resource Publication Started[:]False StartMode[:]Auto StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation Name[:]FontCache ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Optimizes performance of applications by caching commonly used font data. Applications will start this service if it is not already running. It can be disabled, though doing so will degrade application performance. DisplayName[:]Windows Font Cache Service Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK PresentationFontCache.exe||3.0.6920.4902 built by: NetFXw7||3.0.6920.4902||Application||C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\||41.8KB (42,840 bytes)||||2009/07/13 20:01:23||2009/06/10 15:30:59||2009/07/13 20:01:23||0||1||0||0||0||0||Microsoft® .NET Framework||PresentationFontCache.exe||© Microsoft Corporation. All rights reserved.||8d89e3131c27fdd6932189cb785e1b7a|| pathname[:]C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe Name[:]FontCache3.0.0.0 ServiceType[:]Own Process ProcessId[:]2212 AcceptPause[:]False AcceptStop[:]True Description[:]Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications. DisplayName[:]Windows Presentation Foundation Font Cache 3.0.0.0 Started[:]True StartMode[:]Manual StartName[:]NT Authority\LocalService State[:]Running Status[:]OK fsssvc.exe||14.0.8052.1208||14.0.8052.1208||Application||C:\Program Files (x86)\Windows Live\Family Safety\||521KB (533,344 bytes)||||2008/12/08 19:01:58||2008/12/08 19:01:58||2010/08/11 20:21:57||0||1||0||0||0||0||Family Safety Service||Family Safety Service||© Microsoft Corporation. All rights reserved.||f6717211c1ec2cddaa81b97b0727c2e9|| pathname[:]"C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" Name[:]fsssvc ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]This service enables Family Safety on the computer. If this service is not running, Family Safety will not work. DisplayName[:]Windows Live Family Safety Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k ftpsvc Name[:]ftpsvc ServiceType[:]Share Process ProcessId[:]1948 AcceptPause[:]True AcceptStop[:]True Description[:]Enables this server to be a File Transfer Protocol (FTP) server. If this service is stopped, the server cannot function as an FTP server. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Microsoft FTP Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k netsvcs Name[:]gpsvc ServiceType[:]Share Process ProcessId[:]484 AcceptPause[:]False AcceptStop[:]True Description[:]The service is responsible for applying settings configured by administrators for the computer and users through the Group Policy component. If the service is stopped or disabled, the settings will not be applied and applications and components will not be manageable through Group Policy. Any components or applications that depend on the Group Policy component might not be functional if the service is stopped or disabled. DisplayName[:]Group Policy Client Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted Name[:]hidserv ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Human Interface Device Access Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k netsvcs Name[:]hkmsvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Provides X.509 certificate and key management services for the Network Access Protection Agent (NAPAgent). Enforcement technologies that use X.509 certificates may not function properly without this service DisplayName[:]Health Key and Certificate Management Started[:]False StartMode[:]Manual StartName[:]localSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted Name[:]HomeGroupProvider ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Performs networking tasks associated with configuration and maintenance of homegroups. If this service is stopped or disabled, your computer will be unable to detect other homegroups and your homegroup might not work properly. It is recommended that you keep this service running. DisplayName[:]HomeGroup Provider Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK infocard.exe||3.0.4506.4926 (NetFXw7.030729-4900)||3.0.4506.4926||Application||C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\||836KB (856,384 bytes)||||2009/07/13 20:01:52||2009/06/10 15:30:45||2009/07/13 20:01:52||0||1||0||0||0||0||Microsoft® .NET Framework||Windows CardSpace||© Microsoft Corporation. All rights reserved.||2f2be70d3e02b6fa877921ab9516d43c|| pathname[:]"C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" Name[:]idsvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Securely enables the creation, management, and disclosure of digital identities. DisplayName[:]Windows CardSpace Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK pathname[:]C:\Windows\system32\inetsrv\inetinfo.exe Name[:]IISADMIN ServiceType[:]Share Process ProcessId[:]1968 AcceptPause[:]False AcceptStop[:]True Description[:]Enables this server to administer the IIS metabase. The IIS metabase stores configuration for the SMTP and FTP services. If this service is stopped, the server will be unable to configure SMTP or FTP. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]IIS Admin Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k netsvcs Name[:]IKEEXT ServiceType[:]Share Process ProcessId[:]484 AcceptPause[:]False AcceptStop[:]True Description[:]The IKEEXT service hosts the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules. These keying modules are used for authentication and key exchange in Internet Protocol security (IPsec). Stopping or disabling the IKEEXT service will disable IKE and AuthIP key exchange with peer computers. IPsec is typically configured to use IKE or AuthIP; therefore, stopping or disabling the IKEEXT service might result in an IPsec failure and might compromise the security of the system. It is strongly recommended that you have the IKEEXT service running. DisplayName[:]IKE and AuthIP IPsec Keying Modules Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK i0barsvc.exe||1, 0, 0, 8||2, 3, 0, 0||Application||C:\Program Files (x86)\IObitBar\toolbar\1.bin\||28.1KB (28,766 bytes)||||2010/10/29 19:31:35||2010/10/29 19:31:35||2010/10/29 19:31:35||0||1||0||0||0||0||IObit Toolbar||IObit Toolbar||Copyright © 2009, 2010||9c426fd808ce0489153d8e52a57eb163|| pathname[:]C:\PROGRA~2\IObitBar\toolbar\1.bin\i0barsvc.exe Name[:]IObitBarService ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:] DisplayName[:]IObit Toolbar Service Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted Name[:]IPBusEnum ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]The PnP-X bus enumerator service manages the virtual network bus. It discovers network connected devices using the SSDP/WS discovery protocols and gives them presence in PnP. If this service is stopped or disabled, presence of NCD devices will not be maintained in PnP. All pnpx based scenarios will stop functioning. DisplayName[:]PnP-X IP Bus Enumerator Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k NetSvcs Name[:]iphlpsvc ServiceType[:]Share Process ProcessId[:]484 AcceptPause[:]False AcceptStop[:]True Description[:]Provides tunnel connectivity using IPv6 transition technologies (6to4, ISATAP, Port Proxy, and Teredo), and IP-HTTPS. If this service is stopped, the computer will not have the enhanced connectivity benefits that these technologies offer. DisplayName[:]IP Helper Started[:]True StartMode[:]Disabled StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k ipripsvc Name[:]iprip ServiceType[:]Share Process ProcessId[:]2004 AcceptPause[:]False AcceptStop[:]True Description[:]Listens for route updates sent by routers that use the Routing Information Protocol version 1 (RIPv1). DisplayName[:]RIP Listener Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\LocalService State[:]Running Status[:]OK ||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0|||||||||| pathname[:]C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe Name[:]IS360service ServiceType[:]Own Process ProcessId[:]464 AcceptPause[:]False AcceptStop[:]True Description[:]IObit Security 360 Service DisplayName[:]IS360service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK pathname[:]C:\Windows\system32\lsass.exe Name[:]KeyIso ServiceType[:]Share Process ProcessId[:]640 AcceptPause[:]False AcceptStop[:]True Description[:]The CNG key isolation service is hosted in the LSA process. The service provides key process isolation to private keys and associated cryptographic operations as required by the Common Criteria. The service stores and uses long-lived keys in a secure process complying with Common Criteria requirements. DisplayName[:]CNG Key Isolation Started[:]True StartMode[:]Manual StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation Name[:]KtmRm ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Coordinates transactions between the Distributed Transaction Coordinator (MSDTC) and the Kernel Transaction Manager (KTM). If it is not needed, it is recommended that this service remain stopped. If it is needed, both MSDTC and KTM will start this service automatically. If this service is disabled, any MSDTC transaction interacting with a Kernel Resource Manager will fail and any services that explicitly depend on it will fail to start. DisplayName[:]KtmRm for Distributed Transaction Coordinator Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\NetworkService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k netsvcs Name[:]LanmanServer ServiceType[:]Share Process ProcessId[:]484 AcceptPause[:]True AcceptStop[:]True Description[:]Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Server Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k NetworkService Name[:]LanmanWorkstation ServiceType[:]Share Process ProcessId[:]1152 AcceptPause[:]True AcceptStop[:]True Description[:]Creates and maintains client network connections to remote servers using the SMB protocol. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Workstation Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\NetworkService State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalService Name[:]lltdsvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Creates a Network Map, consisting of PC and device topology (connectivity) information, and metadata describing each PC and device. If this service is disabled, the Network Map will not function properly. DisplayName[:]Link-Layer Topology Discovery Mapper Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted Name[:]lmhosts ServiceType[:]Share Process ProcessId[:]972 AcceptPause[:]False AcceptStop[:]True Description[:]Provides support for the NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution for clients on the network, therefore enabling users to share files, print, and log on to the network. If this service is stopped, these functions might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]TCP/IP NetBIOS Helper Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\LocalService State[:]Running Status[:]OK ||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0|||||||||| pathname[:]C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe Name[:]LMS ServiceType[:]Own Process ProcessId[:]2084 AcceptPause[:]False AcceptStop[:]True Description[:]Allows applications to access the local Intel(R) Management and Security Application using its locally-available selected network interfaces. DisplayName[:]Intel(R) Management and Security Application Local Management Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LPDService Name[:]LPDSVC ServiceType[:]Share Process ProcessId[:]2124 AcceptPause[:]True AcceptStop[:]True Description[:]Enables client computers to print to the Line Printer Daemon (LPD) service on this server using TCP/IP and the Line Printer Remote (LPR) protocol. DisplayName[:]LPD Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK lxdiserv.exe||1.69.0.0||1.69.0.0||EXE File||\drivers\x64\3\||32.9KB (33,712 bytes)||||2007/06/11 10:15:00||2007/06/11 10:15:00||2007/06/11 10:15:00||0||1||0||0||0||0||Lexmark Connect||Lexmark Connect Service Executable||Copyright 2006-2007 Lexmark International, Inc. All rights reserved.||baa003617d899996cf282a3d92aee29b|| pathname[:]C:\Windows\system32\spool\DRIVERS\x64\3\\lxdiserv.exe Name[:]lxdiCATSCustConnectService ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:] DisplayName[:]lxdiCATSCustConnectService Started[:]False StartMode[:]Auto StartName[:]LocalSystem State[:]Stopped Status[:]OK lxdicoms.exe||1.0.27.0||1.0.27.0||Application||C:\Windows\System32\||505KB (517,040 bytes)||||2010/11/01 21:12:19||2007/06/11 10:14:52||2010/11/01 21:12:19||0||1||0||0||0||0||Printer Communication System||Printer Communication System|| ||7b09187a3611480ba6632f4e3c86ddc0|| pathname[:]C:\Windows\system32\lxdicoms.exe -service Name[:]lxdi_device ServiceType[:]Own Process ProcessId[:]2528 AcceptPause[:]True AcceptStop[:]True Description[:] DisplayName[:]lxdi_device Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK mbamservice.exe||1.46.0.0000||1.46.0.0000||Application||C:\Program Files (x86)\Malwarebytes' Anti-Malware\||297KB (304,464 bytes)||||2010/10/29 18:15:42||2010/04/29 15:39:34||2010/10/29 18:15:42||0||1||0||0||0||0||Malwarebytes' Anti-Malware||Malwarebytes' Anti-Malware||© Malwarebytes Corporation. All rights reserved.||47902a906ace88580b08ff58d4c0c205|| pathname[:]"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" Name[:]MBAMService ServiceType[:]Own Process ProcessId[:]4196 AcceptPause[:]False AcceptStop[:]False Description[:]Malwarebytes' Anti-Malware service DisplayName[:]MBAMService Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation Name[:]Mcx2Svc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Allows Media Center Extenders to locate and connect to the computer. DisplayName[:]Media Center Extender Service Started[:]False StartMode[:]Disabled StartName[:]NT Authority\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k netsvcs Name[:]MMCSS ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enables relative prioritization of work based on system-wide task priorities. This is intended mainly for multimedia applications. If this service is stopped, individual tasks resort to their default priority. DisplayName[:]Multimedia Class Scheduler Started[:]False StartMode[:]Auto StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork Name[:]MpsSvc ServiceType[:]Share Process ProcessId[:]1628 AcceptPause[:]False AcceptStop[:]True Description[:]Windows Firewall helps protect your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network. DisplayName[:]Windows Firewall Started[:]True StartMode[:]Auto StartName[:]NT Authority\LocalService State[:]Running Status[:]OK pathname[:]C:\Windows\System32\msdtc.exe Name[:]MSDTC ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will fail. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Distributed Transaction Coordinator Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\NetworkService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k netsvcs Name[:]MSiSCSI ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Manages Internet SCSI (iSCSI) sessions from this computer to remote iSCSI target devices. If this service is stopped, this computer will not be able to login or access iSCSI targets. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Microsoft iSCSI Initiator Service Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK msiexec.exe||5.0.7600.16385 (win7_rtm.090713-1255)||5.0.7600.16385||Application||C:\Windows\System32\||71.5KB (73,216 bytes)||||2009/07/13 18:31:52||2009/07/13 20:14:25||2009/07/13 18:31:52||0||1||0||0||0||0||Windows Installer - Unicode||Windows® installer||© Microsoft Corporation. All rights reserved.||a8492e3929e7b981da541286709c8479|| pathname[:]C:\Windows\system32\msiexec.exe /V Name[:]msiserver ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Windows Installer Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK pathname[:]C:\Windows\system32\mqsvc.exe Name[:]MSMQ ServiceType[:]Own Process ProcessId[:]2572 AcceptPause[:]False AcceptStop[:]True Description[:]Provides a messaging infrastructure and development tool for creating distributed messaging applications for Windows-based networks and programs. If this service is stopped, distributed messages will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Message Queuing Started[:]True StartMode[:]Auto StartName[:]NT Authority\NetworkService State[:]Running Status[:]OK pathname[:]C:\Windows\system32\mqtgsvc.exe Name[:]MSMQTriggers ServiceType[:]Own Process ProcessId[:]4080 AcceptPause[:]True AcceptStop[:]True Description[:]Provides rule-based monitoring of messages arriving in a Message Queuing queue and, when the conditions of a rule are satisfied, invokes a COM component or a stand-alone executable program to process the message. DisplayName[:]Message Queuing Triggers Started[:]True StartMode[:]Auto StartName[:]NT Authority\NetworkService State[:]Running Status[:]OK ||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0|||||||||| pathname[:]C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe Name[:]MyWiFiDHCPDNS ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:] DisplayName[:]Wireless PAN DHCP Server Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k NetworkService Name[:]napagent ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]The Network Access Protection (NAP) agent service collects and manages health information for client computers on a network. Information collected by NAP agent is used to make sure that the client computer has the required software and settings. If a client computer is not compliant with health policy, it can be provided with restricted network access until its configuration is updated. Depending on the configuration of health policy, client computers might be automatically updated so that users quickly regain full network access without having to manually update their computer. DisplayName[:]Network Access Protection Agent Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\NetworkService State[:]Stopped Status[:]OK pathname[:]C:\Windows\system32\lsass.exe Name[:]Netlogon ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Maintains a secure channel between this computer and the domain controller for authenticating users and services. If this service is stopped, the computer may not authenticate users and services and the domain controller cannot register DNS records. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Netlogon Started[:]False StartMode[:]Disabled StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted Name[:]Netman ServiceType[:]Share Process ProcessId[:]368 AcceptPause[:]False AcceptStop[:]True Description[:]Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections. DisplayName[:]Network Connections Started[:]True StartMode[:]Manual StartName[:]LocalSystem State[:]Running Status[:]OK SMSvcHost.exe||3.0.4506.4926 (NetFXw7.030729-4900)||3.0.4506.4926||Application||C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\||114KB (116,560 bytes)||||2009/07/13 20:01:53||2009/06/10 15:30:46||2009/07/13 20:01:53||0||1||0||0||0||0||Microsoft® .NET Framework||SMSvcHost.exe||© Microsoft Corporation. All rights reserved.||3e5a36127e201ddf663176b66828fafe|| pathname[:]"C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" -NetMsmqActivator Name[:]NetMsmqActivator ServiceType[:]Share Process ProcessId[:]2144 AcceptPause[:]True AcceptStop[:]True Description[:]Receives activation requests over the net.msmq and msmq.formatname protocols and passes them to the Windows Process Activation Service. DisplayName[:]Net.Msmq Listener Adapter Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\NetworkService State[:]Running Status[:]OK SMSvcHost.exe||3.0.4506.4926 (NetFXw7.030729-4900)||3.0.4506.4926||Application||C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\||114KB (116,560 bytes)||||2009/07/13 20:01:53||2009/06/10 15:30:46||2009/07/13 20:01:53||0||1||0||0||0||0||Microsoft® .NET Framework||SMSvcHost.exe||© Microsoft Corporation. All rights reserved.||3e5a36127e201ddf663176b66828fafe|| pathname[:]"C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" Name[:]NetPipeActivator ServiceType[:]Share Process ProcessId[:]2604 AcceptPause[:]True AcceptStop[:]True Description[:]Receives activation requests over the net.pipe protocol and passes them to the Windows Process Activation Service. DisplayName[:]Net.Pipe Listener Adapter Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\LocalService State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalService Name[:]netprofm ServiceType[:]Share Process ProcessId[:]1044 AcceptPause[:]False AcceptStop[:]True Description[:]Identifies the networks to which the computer has connected, collects and stores properties for these networks, and notifies applications when these properties change. DisplayName[:]Network List Service Started[:]True StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Running Status[:]OK SMSvcHost.exe||3.0.4506.4926 (NetFXw7.030729-4900)||3.0.4506.4926||Application||C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\||114KB (116,560 bytes)||||2009/07/13 20:01:53||2009/06/10 15:30:46||2009/07/13 20:01:53||0||1||0||0||0||0||Microsoft® .NET Framework||SMSvcHost.exe||© Microsoft Corporation. All rights reserved.||3e5a36127e201ddf663176b66828fafe|| pathname[:]"C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" Name[:]NetTcpActivator ServiceType[:]Share Process ProcessId[:]2604 AcceptPause[:]True AcceptStop[:]True Description[:]Receives activation requests over the net.tcp protocol and passes them to the Windows Process Activation Service. DisplayName[:]Net.Tcp Listener Adapter Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\LocalService State[:]Running Status[:]OK SMSvcHost.exe||3.0.4506.4926 (NetFXw7.030729-4900)||3.0.4506.4926||Application||C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\||114KB (116,560 bytes)||||2009/07/13 20:01:53||2009/06/10 15:30:46||2009/07/13 20:01:53||0||1||0||0||0||0||Microsoft® .NET Framework||SMSvcHost.exe||© Microsoft Corporation. All rights reserved.||3e5a36127e201ddf663176b66828fafe|| pathname[:]"C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" Name[:]NetTcpPortSharing ServiceType[:]Share Process ProcessId[:]2604 AcceptPause[:]True AcceptStop[:]True Description[:]Provides ability to share TCP ports over the net.tcp protocol. DisplayName[:]Net.Tcp Port Sharing Service Started[:]True StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k NetworkService Name[:]NlaSvc ServiceType[:]Share Process ProcessId[:]1152 AcceptPause[:]False AcceptStop[:]True Description[:]Collects and stores configuration information for the network and notifies programs when this information is modified. If this service is stopped, configuration information might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Network Location Awareness Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\NetworkService State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalService Name[:]nsi ServiceType[:]Share Process ProcessId[:]1044 AcceptPause[:]False AcceptStop[:]True Description[:]This service delivers network notifications (e.g. interface addition/deleting etc) to user mode clients. Stopping this service will cause loss of network connectivity. If this service is disabled, any other services that explicitly depend on this service will fail to start. DisplayName[:]Network Store Interface Service Started[:]True StartMode[:]Auto StartName[:]NT Authority\LocalService State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalServicePeerNet Name[:]p2pimsvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Provides identity services for the Peer Name Resolution Protocol (PNRP) and Peer-to-Peer Grouping services. If disabled, the Peer Name Resolution Protocol (PNRP) and Peer-to-Peer Grouping services may not function, and some applications, such as HomeGroup and Remote Assistance, may not function correctly. DisplayName[:]Peer Networking Identity Manager Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalServicePeerNet Name[:]p2psvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enables multi-party communication using Peer-to-Peer Grouping. If disabled, some applications, such as HomeGroup, may not function. DisplayName[:]Peer Networking Grouping Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted Name[:]PcaSvc ServiceType[:]Share Process ProcessId[:]368 AcceptPause[:]False AcceptStop[:]True Description[:]This service provides support for the Program Compatibility Assistant (PCA). PCA monitors programs installed and run by the user and detects known compatibility problems. If this service is stopped, PCA will not function properly. DisplayName[:]Program Compatibility Assistant Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK perfhost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\SysWOW64\||20.5KB (20,992 bytes)||||2009/07/13 18:11:01||2009/07/13 20:14:28||2009/07/13 18:11:01||0||1||0||0||0||0||Microsoft® Windows® Operating System||x86 Performance Counter Host||© Microsoft Corporation. All rights reserved.||e495e408c93141e8fc72dc0c6046ddfa|| pathname[:]C:\Windows\SysWow64\perfhost.exe Name[:]PerfHost ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enables remote users and 64-bit processes to query performance counters provided by 32-bit DLLs. If this service is stopped, only local users and 32-bit processes will be able to query performance counters provided by 32-bit DLLs. DisplayName[:]Performance Counter DLL Host Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork Name[:]pla ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Performance Logs and Alerts Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Performance Logs & Alerts Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k DcomLaunch Name[:]PlugPlay ServiceType[:]Share Process ProcessId[:]792 AcceptPause[:]False AcceptStop[:]False Description[:]Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability. DisplayName[:]Plug and Play Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalServicePeerNet Name[:]PNRPAutoReg ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]This service publishes a machine name using the Peer Name Resolution Protocol. Configuration is managed via the netsh context 'p2p pnrp peer' DisplayName[:]PNRP Machine Name Publication Service Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalServicePeerNet Name[:]PNRPsvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enables serverless peer name resolution over the Internet using the Peer Name Resolution Protocol (PNRP). If disabled, some peer-to-peer and collaborative applications, such as Remote Assistance, may not function. DisplayName[:]Peer Name Resolution Protocol Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted Name[:]PolicyAgent ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool "netsh ipsec". If you stop this service, you may experience network connectivity issues if your policy requires that connections use IPsec. Also,remote management of Windows Firewall is not available when this service is stopped. DisplayName[:]IPsec Policy Agent Started[:]False StartMode[:]Manual StartName[:]NT Authority\NetworkService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k DcomLaunch Name[:]Power ServiceType[:]Share Process ProcessId[:]792 AcceptPause[:]False AcceptStop[:]False Description[:]Manages power policy and power policy notification delivery. DisplayName[:]Power Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k netsvcs Name[:]ProfSvc ServiceType[:]Share Process ProcessId[:]484 AcceptPause[:]False AcceptStop[:]True Description[:]This service is responsible for loading and unloading user profiles. If this service is stopped or disabled, users will no longer be able to successfully logon or logoff, applications may have problems getting to users' data, and components registered to receive profile event notifications will not receive them. DisplayName[:]User Profile Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK pathname[:]C:\Windows\system32\lsass.exe Name[:]ProtectedStorage ServiceType[:]Share Process ProcessId[:]640 AcceptPause[:]False AcceptStop[:]True Description[:]Provides protected storage for sensitive data, such as passwords, to prevent access by unauthorized services, processes, or users. DisplayName[:]Protected Storage Started[:]True StartMode[:]Manual StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation Name[:]QWAVE ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Quality Windows Audio Video Experience (qWave) is a networking platform for Audio Video (AV) streaming applications on IP home networks. qWave enhances AV streaming performance and reliability by ensuring network quality-of-service (QoS) for AV applications. It provides mechanisms for admission control, run time monitoring and enforcement, application feedback, and traffic prioritization. DisplayName[:]Quality Windows Audio Video Experience Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k netsvcs Name[:]RasAuto ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address. DisplayName[:]Remote Access Auto Connection Manager Started[:]False StartMode[:]Manual StartName[:]localSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k netsvcs Name[:]RasMan ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Manages dial-up and virtual private network (VPN) connections from this computer to the Internet or other remote networks. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Remote Access Connection Manager Started[:]False StartMode[:]Manual StartName[:]localSystem State[:]Stopped Status[:]OK ||||||||||0 bytes||||1899/12/30 00:00:00||1899/12/30 00:00:00||1899/12/30 00:00:00||0||0||0||0||0||0|||||||||| pathname[:]C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe Name[:]RegSrvc ServiceType[:]Own Process ProcessId[:]3056 AcceptPause[:]False AcceptStop[:]True Description[:]Provides registry access to all Intel® PROSet/Wireless Software components DisplayName[:]Intel(R) PROSet/Wireless Registry Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k netsvcs Name[:]RemoteAccess ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Offers routing services to businesses in local area and wide area network environments. DisplayName[:]Routing and Remote Access Started[:]False StartMode[:]Disabled StartName[:]localSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k regsvc Name[:]RemoteRegistry ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Remote Registry Started[:]False StartMode[:]Disabled StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k RPCSS Name[:]RpcEptMapper ServiceType[:]Share Process ProcessId[:]880 AcceptPause[:]False AcceptStop[:]False Description[:]Resolves RPC interfaces identifiers to transport endpoints. If this service is stopped or disabled, programs using Remote Procedure Call (RPC) services will not function properly. DisplayName[:]RPC Endpoint Mapper Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\NetworkService State[:]Running Status[:]OK pathname[:]C:\Windows\system32\locator.exe Name[:]RpcLocator ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]In Windows 2003 and earlier versions of Windows, the Remote Procedure Call (RPC) Locator service manages the RPC name service database. In Windows Vista and later versions of Windows, this service does not provide any functionality and is present for application compatibility. DisplayName[:]Remote Procedure Call (RPC) Locator Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\NetworkService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k rpcss Name[:]RpcSs ServiceType[:]Share Process ProcessId[:]880 AcceptPause[:]False AcceptStop[:]False Description[:]The RPCSS service is the Service Control Manager for COM and DCOM servers. It performs object activations requests, object exporter resolutions and distributed garbage collection for COM and DCOM servers. If this service is stopped or disabled, programs using COM or DCOM will not function properly. It is strongly recommended that you have the RPCSS service running DisplayName[:]Remote Procedure Call (RPC) Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\NetworkService State[:]Running Status[:]OK pathname[:]C:\Windows\system32\lsass.exe Name[:]SamSs ServiceType[:]Share Process ProcessId[:]640 AcceptPause[:]False AcceptStop[:]False Description[:]The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests. Disabling this service will prevent other services in the system from being notified when the SAM is ready, which may in turn cause those services to fail to start correctly. This service should not be disabled. DisplayName[:]Security Accounts Manager Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation Name[:]SCardSvr ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Smart Card Started[:]False StartMode[:]Disabled StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k netsvcs Name[:]Schedule ServiceType[:]Share Process ProcessId[:]484 AcceptPause[:]False AcceptStop[:]True Description[:]Enables a user to configure and schedule automated tasks on this computer. The service also hosts multiple Windows system-critical tasks. If this service is stopped or disabled, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Task Scheduler Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k netsvcs Name[:]SCPolicySvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Allows the system to be configured to lock the user desktop upon smart card removal. DisplayName[:]Smart Card Removal Policy Started[:]False StartMode[:]Disabled StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k SDRSVC Name[:]SDRSVC ServiceType[:]Own Process ProcessId[:]3524 AcceptPause[:]False AcceptStop[:]True Description[:]Provides Windows Backup and Restore capabilities. DisplayName[:]Windows Backup Started[:]True StartMode[:]Manual StartName[:]localSystem State[:]Running Status[:]OK SeaPort.exe||1.2.121.0||1.2.121.0||Application||C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\||221KB (226,640 bytes)||||2008/12/04 18:03:00||2008/12/04 18:03:00||2010/08/11 20:21:31||0||1||0||0||0||0||Microsoft Search Enhancement Pack||Microsoft SeaPort Search Enhancement Broker||Copyright © 2008 Microsoft Corp.||58dc20eb15f071804c56fccc796417a2|| pathname[:]"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" Name[:]SeaPort ServiceType[:]Own Process ProcessId[:]2104 AcceptPause[:]False AcceptStop[:]True Description[:]Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly. DisplayName[:]SeaPort Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k netsvcs Name[:]seclogon ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Secondary Logon Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k netsvcs Name[:]SENS ServiceType[:]Share Process ProcessId[:]484 AcceptPause[:]False AcceptStop[:]True Description[:]Monitors system events and notifies subscribers to COM+ Event System of these events. DisplayName[:]System Event Notification Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation Name[:]SensrSvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Monitors ambient light sensors to detect changes in ambient light and adjust the display brightness. If this service is stopped or disabled, the display brightness will not adapt to lighting conditions. DisplayName[:]Adaptive Brightness Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k netsvcs Name[:]SessionEnv ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Remote Desktop Configuration service (RDCS) is responsible for all Remote Desktop Services and Remote Desktop related configuration and session maintenance activities that require SYSTEM context. These include per-session temporary folders, RD themes, and RD certificates. DisplayName[:]Remote Desktop Configuration Started[:]False StartMode[:]Manual StartName[:]localSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k netsvcs Name[:]SharedAccess ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. DisplayName[:]Internet Connection Sharing (ICS) Started[:]False StartMode[:]Disabled StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k netsvcs Name[:]ShellHWDetection ServiceType[:]Share Process ProcessId[:]484 AcceptPause[:]False AcceptStop[:]True Description[:]Provides notifications for AutoPlay hardware events. DisplayName[:]Shell Hardware Detection Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK TCPSVCS.EXE||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||9.00KB (9,216 bytes)||||2009/07/13 18:55:14||2009/07/13 20:14:42||2009/07/13 18:55:14||0||1||0||0||0||0||Microsoft® Windows® Operating System||TCP/IP Services Application||© Microsoft Corporation. All rights reserved.||f5aaa8cdda25b6387af590d676d25bad|| pathname[:]C:\Windows\System32\tcpsvcs.exe Name[:]simptcp ServiceType[:]Share Process ProcessId[:]3196 AcceptPause[:]True AcceptStop[:]True Description[:]Supports the following TCP/IP services: Character Generator, Daytime, Discard, Echo, and Quote of the Day. DisplayName[:]Simple TCP/IP Services Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\LocalService State[:]Running Status[:]OK snmp.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||46.5KB (47,616 bytes)||||2009/07/13 18:55:05||2009/07/13 20:14:39||2009/07/13 18:55:05||0||1||0||0||0||0||Microsoft® Windows® Operating System||SNMP Service||© Microsoft Corporation. All rights reserved.||007f394efb7bf80bf9999d9384cc272a|| pathname[:]C:\Windows\System32\snmp.exe Name[:]SNMP ServiceType[:]Own Process ProcessId[:]3304 AcceptPause[:]False AcceptStop[:]True Description[:]Enables Simple Network Management Protocol (SNMP) requests to be processed by this computer. If this service is stopped, the computer will be unable to process SNMP requests. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]SNMP Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK pathname[:]C:\Windows\System32\snmptrap.exe Name[:]SNMPTRAP ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Receives trap messages generated by local or remote Simple Network Management Protocol (SNMP) agents and forwards the messages to SNMP management programs running on this computer. If this service is stopped, SNMP-based programs on this computer will not receive SNMP trap messages. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]SNMP Trap Started[:]False StartMode[:]Disabled StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK pathname[:]C:\Windows\System32\spoolsv.exe Name[:]Spooler ServiceType[:]Own Process ProcessId[:]1592 AcceptPause[:]False AcceptStop[:]True Description[:]Loads files to memory for later printing DisplayName[:]Print Spooler Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK pathname[:]C:\Windows\system32\sppsvc.exe Name[:]sppsvc ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enables the download, installation and enforcement of digital licenses for Windows and Windows applications. If the service is disabled, the operating system and licensed applications may run in a notification mode. It is strongly recommended that you not disable the Software Protection service. DisplayName[:]Software Protection Started[:]False StartMode[:]Auto StartName[:]NT AUTHORITY\NetworkService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalService Name[:]sppuinotify ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Provides Software Licensing activation and notification DisplayName[:]SPP Notification Service Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation Name[:]SSDPSRV ServiceType[:]Share Process ProcessId[:]5948 AcceptPause[:]False AcceptStop[:]True Description[:]Discovers networked devices and services that use the SSDP discovery protocol, such as UPnP devices. Also announces SSDP devices and services running on the local computer. If this service is stopped, SSDP-based devices will not be discovered. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]SSDP Discovery Started[:]True StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalService Name[:]SstpSvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Provides support for the Secure Socket Tunneling Protocol (SSTP) to connect to remote computers using VPN. If this service is disabled, users will not be able to use SSTP to access remote servers. DisplayName[:]Secure Socket Tunneling Protocol Service Started[:]False StartMode[:]Manual StartName[:]NT Authority\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k imgsvc Name[:]stisvc ServiceType[:]Own Process ProcessId[:]3396 AcceptPause[:]True AcceptStop[:]True Description[:]Provides image acquisition services for scanners and cameras DisplayName[:]Windows Image Acquisition (WIA) Started[:]True StartMode[:]Auto StartName[:]NT Authority\LocalService State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k swprv Name[:]swprv ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Microsoft Software Shadow Copy Provider Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted Name[:]SysMain ServiceType[:]Share Process ProcessId[:]368 AcceptPause[:]False AcceptStop[:]True Description[:]Maintains and improves system performance over time. DisplayName[:]Superfetch Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted Name[:]TabletInputService ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enables Tablet PC pen and ink functionality DisplayName[:]Tablet PC Input Service Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k NetworkService Name[:]TapiSrv ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Provides Telephony API (TAPI) support for programs that control telephony devices on the local computer and, through the LAN, on servers that are also running the service. DisplayName[:]Telephony Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\NetworkService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation Name[:]TBS ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enables access to the Trusted Platform Module (TPM), which provides hardware-based cryptographic services to system components and applications. If this service is stopped or disabled, applications will be unable to use keys protected by the TPM. DisplayName[:]TPM Base Services Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k NetworkService Name[:]TermService ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Allows users to connect interactively to a remote computer. Remote Desktop and Remote Desktop Session Host Server depend on this service. To prevent remote use of this computer, clear the checkboxes on the Remote tab of the System properties control panel item. DisplayName[:]Remote Desktop Services Started[:]False StartMode[:]Manual StartName[:]NT Authority\NetworkService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k netsvcs Name[:]Themes ServiceType[:]Share Process ProcessId[:]484 AcceptPause[:]False AcceptStop[:]True Description[:]Provides user experience theme management. DisplayName[:]Themes Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalService Name[:]THREADORDER ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Provides ordered execution for a group of threads within a specific period of time. DisplayName[:]Thread Ordering Server Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK pathname[:]C:\Windows\System32\tlntsvr.exe Name[:]TlntSvr ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Telnet Started[:]False StartMode[:]Disabled StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted Name[:]TrkWks ServiceType[:]Share Process ProcessId[:]368 AcceptPause[:]False AcceptStop[:]True Description[:]Maintains links between NTFS files within a computer or across computers in a network. DisplayName[:]Distributed Link Tracking Client Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK TrustedInstaller.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\servicing\||190KB (194,048 bytes)||||2009/07/13 18:35:12||2009/07/13 20:39:48||2009/07/13 18:35:12||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Modules Installer||© Microsoft Corporation. All rights reserved.||840f7fb849f5887a49ba18c13b2da920|| pathname[:]C:\Windows\servicing\TrustedInstaller.exe Name[:]TrustedInstaller ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enables installation, modification, and removal of Windows updates and optional components. If this service is disabled, install or uninstall of Windows updates might fail for this computer. DisplayName[:]Windows Modules Installer Started[:]False StartMode[:]Manual StartName[:]localSystem State[:]Stopped Status[:]OK TurboBoost.exe||1.0.115.11||1.0.115.11||Application||C:\Program Files\Intel\TurboBoost\||116KB (118,672 bytes)||||2009/08/06 16:17:46||2009/08/06 16:17:46||2010/08/11 20:41:13||0||1||0||0||0||0||Intel(R) Turbo Boost UI||Turbo Boost Monitor Service||Copyright(C) 2009 Intel Corporation. All Rights Reserved.||baef86ebeaece76573fa822dea256f6c|| pathname[:]"C:\Program Files\Intel\TurboBoost\TurboBoost.exe" Name[:]TurboBoost ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:] DisplayName[:]TurboBoost Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK pathname[:]C:\Windows\system32\UI0Detect.exe Name[:]UI0Detect ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enables user notification of user input for interactive services, which enables access to dialogs created by interactive services when they appear. If this service is stopped, notifications of new interactive service dialogs will no longer function and there might not be access to interactive service dialogs. If this service is disabled, both notifications of and access to new interactive service dialogs will no longer function. DisplayName[:]Interactive Services Detection Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK UNS.exe||6.0.0.1184||6.0.0.1184||Application||C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\||2.21MB (2,314,240 bytes)||||2010/08/11 20:31:10||2009/09/30 21:34:22||2010/08/11 20:31:10||0||1||0||0||0||0||Intel(R) Management & Security Application User Notification Service||User Notification Service||Copyright © 2006-2009, Intel Corporation. All rights reserved.||41118d920b2b268c0adc36421248cdcf|| pathname[:]"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" Name[:]UNS ServiceType[:]Own Process ProcessId[:]5424 AcceptPause[:]False AcceptStop[:]True Description[:]Intel(R) Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel(R) Management and Security Application Device. DisplayName[:]Intel(R) Management & Security Application User Notification Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation Name[:]upnphost ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Allows UPnP devices to be hosted on this computer. If this service is stopped, any hosted UPnP devices will stop functioning and no additional hosted devices can be added. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]UPnP Device Host Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted Name[:]UxSms ServiceType[:]Share Process ProcessId[:]368 AcceptPause[:]False AcceptStop[:]True Description[:]Provides Desktop Window Manager startup and maintenance services DisplayName[:]Desktop Window Manager Session Manager Started[:]True StartMode[:]Auto StartName[:]localSystem State[:]Running Status[:]OK pathname[:]C:\Windows\system32\lsass.exe Name[:]VaultSvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Provides secure storage and retrieval of credentials to users, applications and security service packages. DisplayName[:]Credential Manager Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK pathname[:]C:\Windows\System32\vds.exe Name[:]vds ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Provides management services for disks, volumes, file systems, and storage arrays. DisplayName[:]Virtual Disk Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK pathname[:]C:\Windows\system32\vssvc.exe Name[:]VSS ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Volume Shadow Copy Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalService Name[:]W32Time ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Windows Time Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k iissvcs Name[:]W3SVC ServiceType[:]Share Process ProcessId[:]3492 AcceptPause[:]False AcceptStop[:]True Description[:]Provides Web connectivity and administration through the Internet Information Services Manager DisplayName[:]World Wide Web Publishing Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k iissvcs Name[:]WAS ServiceType[:]Share Process ProcessId[:]3492 AcceptPause[:]True AcceptStop[:]True Description[:]The Windows Process Activation Service (WAS) provides process activation, resource management and health management services for message-activated applications. DisplayName[:]Windows Process Activation Service Started[:]True StartMode[:]Manual StartName[:]LocalSystem State[:]Running Status[:]OK pathname[:]C:\Windows\system32\Wat\WatAdminSvc.exe Name[:]WatAdminSvc ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Performs Windows 7 Validation. DisplayName[:]Windows Activation Technologies Service Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK pathname[:]"C:\Windows\system32\wbengine.exe" Name[:]wbengine ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]The WBENGINE service is used by Windows Backup to perform backup and recovery operations. If this service is stopped by a user, it may cause the currently running backup or recovery operation to fail. Disabling this service may disable backup and recovery operations using Windows Backup on this computer. DisplayName[:]Block Level Backup Engine Service Started[:]False StartMode[:]Manual StartName[:]localSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k WbioSvcGroup Name[:]WbioSrvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]The Windows biometric service gives client applications the ability to capture, compare, manipulate, and store biometric data without gaining direct access to any biometric hardware or samples. The service is hosted in a privileged SVCHOST process. DisplayName[:]Windows Biometric Service Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation Name[:]wcncsvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]WCNCSVC hosts the Windows Connect Now Configuration which is Microsoft's Implementation of Wi-Fi Protected Setup (WPS) protocol. This is used to configure Wireless LAN settings for an Access Point (AP) or a Wi-Fi Device. The service is started programmatically as needed. DisplayName[:]Windows Connect Now - Config Registrar Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k wcssvc Name[:]WcsPlugInService ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]The WcsPlugInService service hosts third-party Windows Color System color device model and gamut map model plug-in modules. These plug-in modules are vendor-specific extensions to the Windows Color System baseline color device and gamut map models. Stopping or disabling the WcsPlugInService service will disable this extensibility feature, and the Windows Color System will use its baseline model processing rather than the vendor's desired processing. This might result in inaccurate color rendering. DisplayName[:]Windows Color System Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalService Name[:]WdiServiceHost ServiceType[:]Share Process ProcessId[:]1044 AcceptPause[:]False AcceptStop[:]True Description[:]The Diagnostic Service Host is used by the Diagnostic Policy Service to host diagnostics that need to run in a Local Service context. If this service is stopped, any diagnostics that depend on it will no longer function. DisplayName[:]Diagnostic Service Host Started[:]True StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted Name[:]WdiSystemHost ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]The Diagnostic System Host is used by the Diagnostic Policy Service to host diagnostics that need to run in a Local System context. If this service is stopped, any diagnostics that depend on it will no longer function. DisplayName[:]Diagnostic System Host Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalService Name[:]WebClient ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]WebClient Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k NetworkService Name[:]Wecsvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]This service manages persistent subscriptions to events from remote sources that support WS-Management protocol. This includes Windows Vista event logs, hardware and IPMI-enabled event sources. The service stores forwarded events in a local Event Log. If this service is stopped or disabled event subscriptions cannot be created and forwarded events cannot be accepted. DisplayName[:]Windows Event Collector Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\NetworkService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k netsvcs Name[:]wercplsupport ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]This service provides support for viewing, sending and deletion of system-level problem reports for the Problem Reports and Solutions control panel. DisplayName[:]Problem Reports and Solutions Control Panel Support Started[:]False StartMode[:]Manual StartName[:]localSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k WerSvcGroup Name[:]WerSvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Allows errors to be reported when programs stop working or responding and allows existing solutions to be delivered. Also allows logs to be generated for diagnostic and repair services. If this service is stopped, error reporting might not work correctly and results of diagnostic services and repairs might not be displayed. DisplayName[:]Windows Error Reporting Service Started[:]False StartMode[:]Auto StartName[:]localSystem State[:]Stopped Status[:]OK AppSrv.exe||5, 30, 1007, 0||5, 30, 1007, 0||Application||C:\Program Files\Intel\WiMAX\Bin\||891KB (911,872 bytes)||||2010/06/07 17:39:40||2010/06/07 17:39:40||2010/08/11 20:38:40||0||1||0||0||0||0||Intel(R) PROSet/Wireless WiMAX Service||WiMAX SDK service for Intel(R) PROSet/Wireless WiMAX Software||Copyright (C) 2007||8686e96e13f41ac9806a79ca8004feee|| pathname[:]"C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe" Name[:]WiMAXAppSrv ServiceType[:]Own Process ProcessId[:]3596 AcceptPause[:]False AcceptStop[:]True Description[:]WiMAX SDK Service for Intel® PROSet/Wireless WiMAX Software DisplayName[:]Intel® PROSet/Wireless WiMAX Service Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k secsvcs Name[:]WinDefend ServiceType[:]Share Process ProcessId[:]1648 AcceptPause[:]False AcceptStop[:]True Description[:]Protection against spyware and potentially unwanted software DisplayName[:]Windows Defender Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalService Name[:]WinHttpAutoProxySvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]WinHTTP implements the client HTTP stack and provides developers with a Win32 API and COM Automation component for sending HTTP requests and receiving responses. In addition, WinHTTP provides support for auto-discovering a proxy configuration via its implementation of the Web Proxy Auto-Discovery (WPAD) protocol. DisplayName[:]WinHTTP Web Proxy Auto-Discovery Service Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k netsvcs Name[:]Winmgmt ServiceType[:]Share Process ProcessId[:]484 AcceptPause[:]True AcceptStop[:]True Description[:]Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. DisplayName[:]Windows Management Instrumentation Started[:]True StartMode[:]Auto StartName[:]localSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k NetworkService Name[:]WinRM ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Windows Remote Management (WinRM) service implements the WS-Management protocol for remote management. WS-Management is a standard web services protocol used for remote software and hardware management. The WinRM service listens on the network for WS-Management requests and processes them. The WinRM Service needs to be configured with a listener using winrm.cmd command line tool or through Group Policy in order for it to listen over the network. The WinRM service provides access to WMI data and enables event collection. Event collection and subscription to events require that the service is running. WinRM messages use HTTP and HTTPS as transports. The WinRM service does not depend on IIS but is preconfigured to share a port with IIS on the same machine. The WinRM service reserves the /wsman URL prefix. To prevent conflicts with IIS, administrators should ensure that any websites hosted on IIS do not use the /wsman URL prefix. DisplayName[:]Windows Remote Management (WS-Management) Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\NetworkService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted Name[:]Wlansvc ServiceType[:]Share Process ProcessId[:]368 AcceptPause[:]False AcceptStop[:]True Description[:]The WLANSVC service provides the logic required to configure, discover, connect to, and disconnect from a wireless local area network (WLAN) as defined by IEEE 802.11 standards. It also contains the logic to turn your computer into a software access point so that other devices or computers can connect to your computer wirelessly using a WLAN adapter that can support this. Stopping or disabling the WLANSVC service will make all WLAN adapters on your computer inaccessible from the Windows networking UI. It is strongly recommended that you have the WLANSVC service running if your computer has a WLAN adapter. DisplayName[:]WLAN AutoConfig Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK pathname[:]C:\Windows\system32\wbem\WmiApSrv.exe Name[:]wmiApSrv ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Provides performance library information from Windows Management Instrumentation (WMI) providers to clients on the network. This service only runs when Performance Data Helper is activated. DisplayName[:]WMI Performance Adapter Started[:]False StartMode[:]Manual StartName[:]localSystem State[:]Stopped Status[:]OK wmpnetwk.exe||12.0.7600.16385 (win7_rtm.090713-1255)||12.0.7600.16385||Application||C:\Program Files\Windows Media Player\||1.45MB (1,525,248 bytes)||||2009/07/13 19:24:40||2009/07/13 20:39:56||2009/07/13 19:24:40||0||1||0||0||0||0||Microsoft® Windows® Operating System||Windows Media Player Network Sharing Service||© Microsoft Corporation. All rights reserved.||9bf014c20f91d97055532f2f5496e7bd|| pathname[:]"C:\Program Files\Windows Media Player\wmpnetwk.exe" Name[:]WMPNetworkSvc ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play DisplayName[:]Windows Media Player Network Sharing Service Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\NetworkService State[:]Stopped Status[:]OK pathname[:]C:\Windows\system32\inetsrv\wmsvc.exe Name[:]WMSVC ServiceType[:]Own Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]The Web Management Service enables remote and delegated management capabilities for administrators to manage for the Web server, sites and applications present on this machine. DisplayName[:]Web Management Service Started[:]False StartMode[:]Manual StartName[:]NT AUTHORITY\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted Name[:]WPCSvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]This service is a stub for Windows Parental Control functionality that existed in Vista. It is provided for backward compatibility only. DisplayName[:]Parental Controls Started[:]False StartMode[:]Manual StartName[:]NT Authority\LocalService State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted Name[:]WPDBusEnum ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]Enforces group policy for removable mass-storage devices. Enables applications such as Windows Media Player and Image Import Wizard to transfer and synchronize content using removable mass-storage devices. DisplayName[:]Portable Device Enumerator Service Started[:]False StartMode[:]Manual StartName[:]LocalSystem State[:]Stopped Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted Name[:]wscsvc ServiceType[:]Share Process ProcessId[:]972 AcceptPause[:]False AcceptStop[:]True Description[:]The WSCSVC (Windows Security Center) service monitors and reports security health settings on the computer. The health settings include firewall (on/off), antivirus (on/off/out of date), antispyware (on/off/out of date), Windows Update (automatically/manually download and install updates), User Account Control (on/off), and Internet settings (recommended/not recommended). The service provides COM APIs for independent software vendors to register and record the state of their products to the Security Center service. The Action Center (AC) UI uses the service to provide systray alerts and a graphical view of the security health states in the AC control panel. Network Access Protection (NAP) uses the service to report the security health states of clients to the NAP Network Policy Server to make network quarantine decisions. The service also has a public API that allows external consumers to programmatically retrieve the aggregated security health state of the system. DisplayName[:]Security Center Started[:]True StartMode[:]Auto StartName[:]NT AUTHORITY\LocalService State[:]Running Status[:]OK SearchIndexer.exe||7.00.7600.16385 (win7_rtm.090713-1255)||7.00.7600.16385||Application||C:\Windows\System32\||418KB (428,032 bytes)||||2009/07/13 19:14:13||2009/07/13 20:14:35||2009/07/13 19:14:13||0||1||0||0||0||0||Windows® Search||Microsoft Windows Search Indexer||© Microsoft Corporation. All rights reserved.||622d95520182f6d3d05310d5810ca8b3|| pathname[:]C:\Windows\system32\SearchIndexer.exe /Embedding Name[:]WSearch ServiceType[:]Own Process ProcessId[:]4288 AcceptPause[:]False AcceptStop[:]True Description[:]Provides content indexing, property caching, and search results for files, e-mail, and other content. DisplayName[:]Windows Search Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k netsvcs Name[:]wuauserv ServiceType[:]Share Process ProcessId[:]484 AcceptPause[:]False AcceptStop[:]True Description[:]Enables the detection, download, and installation of updates for Windows and other programs. If this service is disabled, users of this computer will not be able to use Windows Update or its automatic updating feature, and programs will not be able to use the Windows Update Agent (WUA) API. DisplayName[:]Windows Update Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted Name[:]wudfsvc ServiceType[:]Share Process ProcessId[:]368 AcceptPause[:]False AcceptStop[:]False Description[:]Manages user-mode driver host processes. DisplayName[:]Windows Driver Foundation - User-mode Driver Framework Started[:]True StartMode[:]Auto StartName[:]LocalSystem State[:]Running Status[:]OK svchost.exe||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||Application||C:\Windows\System32\||20.5KB (20,992 bytes)||||2009/07/13 18:19:28||2009/07/13 20:14:41||2009/07/13 18:19:28||0||1||0||0||0||0||Microsoft® Windows® Operating System||Host Process for Windows Services||© Microsoft Corporation. All rights reserved.||54a47f6b5e09a77e61649109c6a08866|| pathname[:]C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork Name[:]WwanSvc ServiceType[:]Share Process ProcessId[:]0 AcceptPause[:]False AcceptStop[:]False Description[:]This service manages mobile broadband (GSM & CDMA) data card/embedded module adapters and connections by auto-configuring the networks. It is strongly recommended that this service be kept running for best user experience of mobile broadband devices. DisplayName[:]WWAN AutoConfig Started[:]False StartMode[:]Manual StartName[:]NT Authority\LocalService State[:]Stopped Status[:]OK Name[:]Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Availability[:]3 AdapterType[:]Ethernet 802.3 ConfigManagerErrorCode[:]0 Installed[:]True MACAddress[:]20:CF:30:35:6A:FA Manufacturer[:]Atheros NetConnectionID[:]Local Area Connection NetConnectionStatus[:]2 Speed[:]100000000 Status[:] TimeOfLastReset[:]20101102014546.109999-300 DefaultIPGateway[:]24.100.104.1 DHCPEnabled[:]True DHCPLeaseExpires[:]20101103023610.000000-300 DHCPLeaseObtained[:]20101102023610.000000-300 DHCPServer[:]209.55.0.135 DNSDomain[:] DNSDomainSuffixSearchOrder[:] Name[:]Microsoft ISATAP Adapter Availability[:]3 AdapterType[:]Tunnel ConfigManagerErrorCode[:]0 Installed[:]True MACAddress[:] Manufacturer[:]Microsoft NetConnectionID[:] NetConnectionStatus[:] Speed[:]100000 Status[:] TimeOfLastReset[:]20101102014546.109999-300 DefaultIPGateway[:] DHCPEnabled[:]False DHCPLeaseExpires[:] DHCPLeaseObtained[:] DHCPServer[:] DNSDomain[:] DNSDomainSuffixSearchOrder[:] DNSEnabledForWINSResolution[:] DNSHostName[:] DNSServerSearchOrder[:] DomainDNSRegistrationEnabled[:] IPAddress[:] IPConnectionMetric[:] IPEnabled[:]False IPFilterSecurityEnabled[:] IPPortSecurityEnabled[:] IPSecPermitIPProtocols[:] IPSecPermitTCPPorts[:] IPSecPermitUDPPorts[:] IPSubnet[:] IPUseZeroBroadcast[:] IPXAddress[:] IPXEnabled[:] IPXFrameType[:] IPXMediaType[:] IPXNetworkNumber[:] IPXVirtualNetNumber[:] KeepAliveInterval[:] KeepAliveTime[:] MACAddress[:] MTU[:] NumForwardPackets[:] PMTUBHDetectEnabled[:] PMTUDiscoveryEnabled[:] TcpipNetbiosOptions[:] TcpMaxConnectRetransmissions[:] TcpMaxDataRetransmissions[:] TcpNumConnections[:] TcpUseRFC1122UrgentPointer[:] TcpWindowSize[:] WINSEnableLMHostsLookup[:] WINSHostLookupFile[:] WINSPrimaryServer[:] WINSScopeID[:] WINSSecondaryServer[:] Name[:]Intel(R) Centrino(R) Advanced-N 6250 AGN Availability[:]3 AdapterType[:]Ethernet 802.3 ConfigManagerErrorCode[:]0 Installed[:]True MACAddress[:]00:23:15:1C:F5:44 Manufacturer[:]Intel Corporation NetConnectionID[:]Wireless Network Connection NetConnectionStatus[:]7 Speed[:]54000000 Status[:] TimeOfLastReset[:]20101102014546.109999-300 DefaultIPGateway[:] DHCPEnabled[:]True DHCPLeaseExpires[:] DHCPLeaseObtained[:] DHCPServer[:] DNSDomain[:] DNSDomainSuffixSearchOrder[:] DNSEnabledForWINSResolution[:] DNSHostName[:] DNSServerSearchOrder[:] DomainDNSRegistrationEnabled[:] IPAddress[:] IPConnectionMetric[:] IPEnabled[:]False IPFilterSecurityEnabled[:] IPPortSecurityEnabled[:] IPSecPermitIPProtocols[:] IPSecPermitTCPPorts[:] IPSecPermitUDPPorts[:] IPSubnet[:] IPUseZeroBroadcast[:] IPXAddress[:] IPXEnabled[:] IPXFrameType[:] IPXMediaType[:] IPXNetworkNumber[:] IPXVirtualNetNumber[:] KeepAliveInterval[:] KeepAliveTime[:] MACAddress[:]00:23:15:1C:F5:44 MTU[:] NumForwardPackets[:] PMTUBHDetectEnabled[:] PMTUDiscoveryEnabled[:] TcpipNetbiosOptions[:] TcpMaxConnectRetransmissions[:] TcpMaxDataRetransmissions[:] TcpNumConnections[:] TcpUseRFC1122UrgentPointer[:] TcpWindowSize[:] WINSEnableLMHostsLookup[:] WINSHostLookupFile[:] WINSPrimaryServer[:] WINSScopeID[:] WINSSecondaryServer[:] Name[:]Microsoft 6to4 Adapter #2 Availability[:]3 AdapterType[:]Tunnel ConfigManagerErrorCode[:]0 Installed[:]True MACAddress[:] Manufacturer[:]Microsoft NetConnectionID[:] NetConnectionStatus[:] Speed[:]30000000 Status[:] TimeOfLastReset[:]20101102014546.109999-300 DefaultIPGateway[:] DHCPEnabled[:]False DHCPLeaseExpires[:] DHCPLeaseObtained[:] DHCPServer[:] DNSDomain[:] DNSDomainSuffixSearchOrder[:] DNSEnabledForWINSResolution[:] DNSHostName[:] DNSServerSearchOrder[:] DomainDNSRegistrationEnabled[:] IPAddress[:] IPConnectionMetric[:] IPEnabled[:]False IPFilterSecurityEnabled[:] IPPortSecurityEnabled[:] IPSecPermitIPProtocols[:] IPSecPermitTCPPorts[:] IPSecPermitUDPPorts[:] IPSubnet[:] IPUseZeroBroadcast[:] IPXAddress[:] IPXEnabled[:] IPXFrameType[:] IPXMediaType[:] IPXNetworkNumber[:] IPXVirtualNetNumber[:] KeepAliveInterval[:] KeepAliveTime[:] MACAddress[:] MTU[:] NumForwardPackets[:] PMTUBHDetectEnabled[:] PMTUDiscoveryEnabled[:] TcpipNetbiosOptions[:] TcpMaxConnectRetransmissions[:] TcpMaxDataRetransmissions[:] TcpNumConnections[:] TcpUseRFC1122UrgentPointer[:] TcpWindowSize[:] WINSEnableLMHostsLookup[:] WINSHostLookupFile[:] WINSPrimaryServer[:] WINSScopeID[:] WINSSecondaryServer[:] Name[:]Microsoft Virtual WiFi Miniport Adapter Availability[:]3 AdapterType[:]Ethernet 802.3 ConfigManagerErrorCode[:]0 Installed[:]True MACAddress[:]00:23:15:1C:F5:45 Manufacturer[:]Microsoft NetConnectionID[:]Wireless Network Connection 2 NetConnectionStatus[:]7 Speed[:]9223372036854775807 Status[:] TimeOfLastReset[:]20101102014546.109999-300 DefaultIPGateway[:] DHCPEnabled[:]True DHCPLeaseExpires[:] DHCPLeaseObtained[:] DHCPServer[:] DNSDomain[:] DNSDomainSuffixSearchOrder[:] DNSEnabledForWINSResolution[:] DNSHostName[:] DNSServerSearchOrder[:] DomainDNSRegistrationEnabled[:] IPAddress[:] IPConnectionMetric[:] IPEnabled[:]False IPFilterSecurityEnabled[:] IPPortSecurityEnabled[:] IPSecPermitIPProtocols[:] IPSecPermitTCPPorts[:] IPSecPermitUDPPorts[:] IPSubnet[:] IPUseZeroBroadcast[:] IPXAddress[:] IPXEnabled[:] IPXFrameType[:] IPXMediaType[:] IPXNetworkNumber[:] IPXVirtualNetNumber[:] KeepAliveInterval[:] KeepAliveTime[:] MACAddress[:]00:23:15:1C:F5:45 MTU[:] NumForwardPackets[:] PMTUBHDetectEnabled[:] PMTUDiscoveryEnabled[:] TcpipNetbiosOptions[:] TcpMaxConnectRetransmissions[:] TcpMaxDataRetransmissions[:] TcpNumConnections[:] TcpUseRFC1122UrgentPointer[:] TcpWindowSize[:] WINSEnableLMHostsLookup[:] WINSHostLookupFile[:] WINSPrimaryServer[:] WINSScopeID[:] WINSSecondaryServer[:] Name[:]Microsoft ISATAP Adapter #2 Availability[:]3 AdapterType[:]Tunnel ConfigManagerErrorCode[:]0 Installed[:]True MACAddress[:] Manufacturer[:]Microsoft NetConnectionID[:] NetConnectionStatus[:] Speed[:]100000 Status[:] TimeOfLastReset[:]20101102014546.109999-300 DefaultIPGateway[:] DHCPEnabled[:]False DHCPLeaseExpires[:] DHCPLeaseObtained[:] DHCPServer[:] DNSDomain[:] DNSDomainSuffixSearchOrder[:] DNSEnabledForWINSResolution[:] DNSHostName[:] DNSServerSearchOrder[:] DomainDNSRegistrationEnabled[:] IPAddress[:] IPConnectionMetric[:] IPEnabled[:]False IPFilterSecurityEnabled[:] IPPortSecurityEnabled[:] IPSecPermitIPProtocols[:] IPSecPermitTCPPorts[:] IPSecPermitUDPPorts[:] IPSubnet[:] IPUseZeroBroadcast[:] IPXAddress[:] IPXEnabled[:] IPXFrameType[:] IPXMediaType[:] IPXNetworkNumber[:] IPXVirtualNetNumber[:] KeepAliveInterval[:] KeepAliveTime[:] MACAddress[:] MTU[:] NumForwardPackets[:] PMTUBHDetectEnabled[:] PMTUDiscoveryEnabled[:] TcpipNetbiosOptions[:] TcpMaxConnectRetransmissions[:] TcpMaxDataRetransmissions[:] TcpNumConnections[:] TcpUseRFC1122UrgentPointer[:] TcpWindowSize[:] WINSEnableLMHostsLookup[:] WINSHostLookupFile[:] WINSPrimaryServer[:] WINSScopeID[:] WINSSecondaryServer[:] Name[:]Microsoft Virtual WiFi Miniport Adapter #2 Availability[:]3 AdapterType[:]Ethernet 802.3 ConfigManagerErrorCode[:]0 Installed[:]True MACAddress[:]00:23:15:1C:F5:45 Manufacturer[:]Microsoft NetConnectionID[:]Wireless Network Connection 3 NetConnectionStatus[:]7 Speed[:]9223372036854775807 Status[:] TimeOfLastReset[:]20101102014546.109999-300 DefaultIPGateway[:] DHCPEnabled[:]True DHCPLeaseExpires[:] DHCPLeaseObtained[:] DHCPServer[:] DNSDomain[:] DNSDomainSuffixSearchOrder[:] DNSEnabledForWINSResolution[:] DNSHostName[:] DNSServerSearchOrder[:] DomainDNSRegistrationEnabled[:] IPAddress[:] IPConnectionMetric[:] IPEnabled[:]False IPFilterSecurityEnabled[:] IPPortSecurityEnabled[:] IPSecPermitIPProtocols[:] IPSecPermitTCPPorts[:] IPSecPermitUDPPorts[:] IPSubnet[:] IPUseZeroBroadcast[:] IPXAddress[:] IPXEnabled[:] IPXFrameType[:] IPXMediaType[:] IPXNetworkNumber[:] IPXVirtualNetNumber[:] KeepAliveInterval[:] KeepAliveTime[:] MACAddress[:]00:23:15:1C:F5:45 MTU[:] NumForwardPackets[:] PMTUBHDetectEnabled[:] PMTUDiscoveryEnabled[:] TcpipNetbiosOptions[:] TcpMaxConnectRetransmissions[:] TcpMaxDataRetransmissions[:] TcpNumConnections[:] TcpUseRFC1122UrgentPointer[:] TcpWindowSize[:] WINSEnableLMHostsLookup[:] WINSHostLookupFile[:] WINSPrimaryServer[:] WINSScopeID[:] WINSSecondaryServer[:] Name[:]Microsoft 6to4 Adapter Availability[:]3 AdapterType[:]Tunnel ConfigManagerErrorCode[:]0 Installed[:]True MACAddress[:] Manufacturer[:]Microsoft NetConnectionID[:] NetConnectionStatus[:] Speed[:]100000 Status[:] TimeOfLastReset[:]20101102014546.109999-300 DefaultIPGateway[:] DHCPEnabled[:]False DHCPLeaseExpires[:] DHCPLeaseObtained[:] DHCPServer[:] DNSDomain[:] DNSDomainSuffixSearchOrder[:] DNSEnabledForWINSResolution[:] DNSHostName[:] DNSServerSearchOrder[:] DomainDNSRegistrationEnabled[:] IPAddress[:] IPConnectionMetric[:] IPEnabled[:]False IPFilterSecurityEnabled[:] IPPortSecurityEnabled[:] IPSecPermitIPProtocols[:] IPSecPermitTCPPorts[:] IPSecPermitUDPPorts[:] IPSubnet[:] IPUseZeroBroadcast[:] IPXAddress[:] IPXEnabled[:] IPXFrameType[:] IPXMediaType[:] IPXNetworkNumber[:] IPXVirtualNetNumber[:] KeepAliveInterval[:] KeepAliveTime[:] MACAddress[:] MTU[:] NumForwardPackets[:] PMTUBHDetectEnabled[:] PMTUDiscoveryEnabled[:] TcpipNetbiosOptions[:] TcpMaxConnectRetransmissions[:] TcpMaxDataRetransmissions[:] TcpNumConnections[:] TcpUseRFC1122UrgentPointer[:] TcpWindowSize[:] WINSEnableLMHostsLookup[:] WINSHostLookupFile[:] WINSPrimaryServer[:] WINSScopeID[:] WINSSecondaryServer[:] Name[:]Intel(R) Centrino(R) WiMAX 6250 Availability[:]3 AdapterType[:]Ethernet 802.3 ConfigManagerErrorCode[:]0 Installed[:]True MACAddress[:]64:D4:DA:00:F4:F0 Manufacturer[:]Intel Corporation NetConnectionID[:]Local Area Connection 2 NetConnectionStatus[:]7 Speed[:]0 Status[:] TimeOfLastReset[:]20101102014546.109999-300 DefaultIPGateway[:] DHCPEnabled[:]True DHCPLeaseExpires[:] DHCPLeaseObtained[:] DHCPServer[:] DNSDomain[:] DNSDomainSuffixSearchOrder[:] DNSEnabledForWINSResolution[:] DNSHostName[:] DNSServerSearchOrder[:] DomainDNSRegistrationEnabled[:] IPAddress[:] IPConnectionMetric[:] IPEnabled[:]False IPFilterSecurityEnabled[:] IPPortSecurityEnabled[:] IPSecPermitIPProtocols[:] IPSecPermitTCPPorts[:] IPSecPermitUDPPorts[:] IPSubnet[:] IPUseZeroBroadcast[:] IPXAddress[:] IPXEnabled[:] IPXFrameType[:] IPXMediaType[:] IPXNetworkNumber[:] IPXVirtualNetNumber[:] KeepAliveInterval[:] KeepAliveTime[:] MACAddress[:]64:D4:DA:00:F4:F0 MTU[:] NumForwardPackets[:] PMTUBHDetectEnabled[:] PMTUDiscoveryEnabled[:] TcpipNetbiosOptions[:] TcpMaxConnectRetransmissions[:] TcpMaxDataRetransmissions[:] TcpNumConnections[:] TcpUseRFC1122UrgentPointer[:] TcpWindowSize[:] WINSEnableLMHostsLookup[:] WINSHostLookupFile[:] WINSPrimaryServer[:] WINSScopeID[:] WINSSecondaryServer[:] Name[:]Teredo Tunneling Pseudo-Interface Availability[:]3 AdapterType[:]Tunnel ConfigManagerErrorCode[:]0 Installed[:]True MACAddress[:] Manufacturer[:]Microsoft NetConnectionID[:] NetConnectionStatus[:] Speed[:]100000 Status[:] TimeOfLastReset[:]20101102014546.109999-300 DefaultIPGateway[:] DHCPEnabled[:]False DHCPLeaseExpires[:] DHCPLeaseObtained[:] DHCPServer[:] DNSDomain[:] DNSDomainSuffixSearchOrder[:] DNSEnabledForWINSResolution[:] DNSHostName[:] DNSServerSearchOrder[:] DomainDNSRegistrationEnabled[:] IPAddress[:] IPConnectionMetric[:] IPEnabled[:]False IPFilterSecurityEnabled[:] IPPortSecurityEnabled[:] IPSecPermitIPProtocols[:] IPSecPermitTCPPorts[:] IPSecPermitUDPPorts[:] IPSubnet[:] IPUseZeroBroadcast[:] IPXAddress[:] IPXEnabled[:] IPXFrameType[:] IPXMediaType[:] IPXNetworkNumber[:] IPXVirtualNetNumber[:] KeepAliveInterval[:] KeepAliveTime[:] MACAddress[:] MTU[:] NumForwardPackets[:] PMTUBHDetectEnabled[:] PMTUDiscoveryEnabled[:] TcpipNetbiosOptions[:] TcpMaxConnectRetransmissions[:] TcpMaxDataRetransmissions[:] TcpNumConnections[:] TcpUseRFC1122UrgentPointer[:] TcpWindowSize[:] WINSEnableLMHostsLookup[:] WINSHostLookupFile[:] WINSPrimaryServer[:] WINSScopeID[:] WINSSecondaryServer[:] AcceptPause[:]False AcceptStop[:]False Caption[:]1394 OHCI Compliant Host Controller Description[:]1394 OHCI Compliant Host Controller Name[:]1394ohci pathname[:]C:\Windows\system32\DRIVERS\1394ohci.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Microsoft ACPI Driver Description[:]Microsoft ACPI Driver Name[:]ACPI pathname[:]C:\Windows\system32\DRIVERS\ACPI.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]ACPI Power Meter Driver Description[:]ACPI Power Meter Driver Name[:]AcpiPmi pathname[:]C:\Windows\system32\DRIVERS\acpipmi.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]adp94xx Description[:]adp94xx Name[:]adp94xx pathname[:]C:\Windows\system32\DRIVERS\adp94xx.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]adpahci Description[:]adpahci Name[:]adpahci pathname[:]C:\Windows\system32\DRIVERS\adpahci.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]adpu320 Description[:]adpu320 Name[:]adpu320 pathname[:]C:\Windows\system32\DRIVERS\adpu320.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Ancillary Function Driver for Winsock Description[:]Ancillary Function Driver for Winsock Name[:]AFD pathname[:]C:\Windows\system32\drivers\afd.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Intel AGP Bus Filter Description[:]Intel AGP Bus Filter Name[:]agp440 pathname[:]C:\Windows\system32\DRIVERS\agp440.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]aliide Description[:]aliide Name[:]aliide pathname[:]C:\Windows\system32\DRIVERS\aliide.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]amdide Description[:]amdide Name[:]amdide pathname[:]C:\Windows\system32\DRIVERS\amdide.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]AMD K8 Processor Driver Description[:]AMD K8 Processor Driver Name[:]AmdK8 pathname[:]C:\Windows\system32\DRIVERS\amdk8.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]AMD Processor Driver Description[:]AMD Processor Driver Name[:]AmdPPM pathname[:]C:\Windows\system32\DRIVERS\amdppm.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]amdsata Description[:]amdsata Name[:]amdsata pathname[:]C:\Windows\system32\DRIVERS\amdsata.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]amdsbs Description[:]amdsbs Name[:]amdsbs pathname[:]C:\Windows\system32\DRIVERS\amdsbs.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]amdxata Description[:]amdxata Name[:]amdxata pathname[:]C:\Windows\system32\DRIVERS\amdxata.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]AppID Driver Description[:]AppID Driver Name[:]AppID pathname[:]C:\Windows\system32\drivers\appid.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]arc Description[:]arc Name[:]arc pathname[:]C:\Windows\system32\DRIVERS\arc.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]arcsas Description[:]arcsas Name[:]arcsas pathname[:]C:\Windows\system32\DRIVERS\arcsas.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]ASMMAP64 Description[:]ASMMAP64 Name[:]ASMMAP64 pathname[:]\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Auto State[:]Running Status[:]OK ASMMAP64.sys||1, 0, 9, 1||1, 0, 9, 0||System file||C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\||15.1KB (15,416 bytes)||||2009/07/02 19:36:14||2009/07/02 19:36:14||2010/08/11 20:40:56||0||1||0||0||0||0||ATK Generic Function Service||Memory mapping Driver||Copyright (C) 2009||4c016fd76ed5c05e84ca8cab77993961|| AcceptPause[:]False AcceptStop[:]False Caption[:]RAS Asynchronous Media Driver Description[:]RAS Asynchronous Media Driver Name[:]AsyncMac pathname[:]C:\Windows\system32\DRIVERS\asyncmac.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]IDE Channel Description[:]IDE Channel Name[:]atapi pathname[:]C:\Windows\system32\DRIVERS\atapi.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Atheros Extensible Wireless LAN device driver Description[:]Atheros Extensible Wireless LAN device driver Name[:]athr pathname[:]C:\Windows\system32\DRIVERS\athrx.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Broadcom NetXtreme II VBD Description[:]Broadcom NetXtreme II VBD Name[:]b06bdrv pathname[:]C:\Windows\system32\DRIVERS\bxvbda.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 Description[:]Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 Name[:]b57nd60a pathname[:]C:\Windows\system32\DRIVERS\b57nd60a.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Beep Description[:]Beep Name[:]Beep pathname[:]C:\Windows\system32\drivers\Beep.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]blbdrive Description[:]blbdrive Name[:]blbdrive pathname[:]C:\Windows\system32\DRIVERS\blbdrive.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Browser Support Driver Description[:]Browser Support Driver Name[:]bowser pathname[:]C:\Windows\system32\DRIVERS\bowser.sys ServiceType[:]File System Driver Started[:]True StartMode[:]Manual State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]bpenum Description[:]bpenum Name[:]bpenum pathname[:]C:\Windows\system32\DRIVERS\bpenum.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Intel(R) Centrino(R) WiMAX 6050 Series Description[:]Intel(R) Centrino(R) WiMAX 6050 Series Name[:]bpmp pathname[:]C:\Windows\system32\DRIVERS\bpmp.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]bpusb Description[:]bpusb Name[:]bpusb pathname[:]C:\Windows\system32\Drivers\bpusb.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Brother USB Mass-Storage Lower Filter Driver Description[:]Brother USB Mass-Storage Lower Filter Driver Name[:]BrFiltLo pathname[:]C:\Windows\system32\DRIVERS\BrFiltLo.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Brother USB Mass-Storage Upper Filter Driver Description[:]Brother USB Mass-Storage Upper Filter Driver Name[:]BrFiltUp pathname[:]C:\Windows\system32\DRIVERS\BrFiltUp.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Brother MFC Serial Port Interface Driver (WDM) Description[:]Brother MFC Serial Port Interface Driver (WDM) Name[:]Brserid pathname[:]C:\Windows\system32\Drivers\Brserid.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Brother WDM Serial driver Description[:]Brother WDM Serial driver Name[:]BrSerWdm pathname[:]C:\Windows\system32\Drivers\BrSerWdm.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Brother MFC USB Fax Only Modem Description[:]Brother MFC USB Fax Only Modem Name[:]BrUsbMdm pathname[:]C:\Windows\system32\Drivers\BrUsbMdm.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Brother MFC USB Serial WDM Driver Description[:]Brother MFC USB Serial WDM Driver Name[:]BrUsbSer pathname[:]C:\Windows\system32\Drivers\BrUsbSer.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Bluetooth Serial Communications Driver Description[:]Bluetooth Serial Communications Driver Name[:]BTHMODEM pathname[:]C:\Windows\system32\DRIVERS\bthmodem.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]CD/DVD File System Reader Description[:]CD/DVD File System Reader Name[:]cdfs pathname[:]C:\Windows\system32\DRIVERS\cdfs.sys ServiceType[:]File System Driver Started[:]False StartMode[:]Disabled State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]CD-ROM Driver Description[:]CD-ROM Driver Name[:]cdrom pathname[:]C:\Windows\system32\DRIVERS\cdrom.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Consumer IR Devices Description[:]Consumer IR Devices Name[:]circlass pathname[:]C:\Windows\system32\DRIVERS\circlass.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Common Log (CLFS) Description[:]Common Log (CLFS) Name[:]CLFS pathname[:]C:\Windows\system32\CLFS.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft ACPI Control Method Battery Driver Description[:]Microsoft ACPI Control Method Battery Driver Name[:]CmBatt pathname[:]C:\Windows\system32\DRIVERS\CmBatt.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]cmdide Description[:]cmdide Name[:]cmdide pathname[:]C:\Windows\system32\DRIVERS\cmdide.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]CNG Description[:]CNG Name[:]CNG pathname[:]C:\Windows\system32\Drivers\cng.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Microsoft Composite Battery Driver Description[:]Microsoft Composite Battery Driver Name[:]Compbatt pathname[:]C:\Windows\system32\DRIVERS\compbatt.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Composite Bus Enumerator Driver Description[:]Composite Bus Enumerator Driver Name[:]CompositeBus pathname[:]C:\Windows\system32\DRIVERS\CompositeBus.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Crcdisk Filter Driver Description[:]Crcdisk Filter Driver Name[:]crcdisk pathname[:]C:\Windows\system32\DRIVERS\crcdisk.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Disabled State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]DFS Namespace Client Driver Description[:]DFS Namespace Client Driver Name[:]DfsC pathname[:]C:\Windows\system32\Drivers\dfsc.sys ServiceType[:]File System Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]System Attribute Cache Description[:]System Attribute Cache Name[:]discache pathname[:]C:\Windows\system32\drivers\discache.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Disk Driver Description[:]Disk Driver Name[:]Disk pathname[:]C:\Windows\system32\DRIVERS\disk.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft Trusted Audio Drivers Description[:]Microsoft Trusted Audio Drivers Name[:]drmkaud pathname[:]C:\Windows\system32\drivers\drmkaud.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]LDDM Graphics Subsystem Description[:]LDDM Graphics Subsystem Name[:]DXGKrnl pathname[:]C:\Windows\system32\drivers\dxgkrnl.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Broadcom NetXtreme II 10 GigE VBD Description[:]Broadcom NetXtreme II 10 GigE VBD Name[:]ebdrv pathname[:]C:\Windows\system32\DRIVERS\evbda.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]elxstor Description[:]elxstor Name[:]elxstor pathname[:]C:\Windows\system32\DRIVERS\elxstor.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft Hardware Error Device Driver Description[:]Microsoft Hardware Error Device Driver Name[:]ErrDev pathname[:]C:\Windows\system32\DRIVERS\errdev.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]ELAN PS/2 Port Input Device Description[:]ELAN PS/2 Port Input Device Name[:]ETD pathname[:]C:\Windows\system32\DRIVERS\ETD.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]exFAT File System Driver Description[:]exFAT File System Driver Name[:]exfat pathname[:]C:\Windows\system32\drivers\exfat.sys ServiceType[:]File System Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]FAT12/16/32 File System Driver Description[:]FAT12/16/32 File System Driver Name[:]fastfat pathname[:]C:\Windows\system32\drivers\fastfat.sys ServiceType[:]File System Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Floppy Disk Controller Driver Description[:]Floppy Disk Controller Driver Name[:]fdc pathname[:]C:\Windows\system32\DRIVERS\fdc.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]File Information FS MiniFilter Description[:]File Information FS MiniFilter Name[:]FileInfo pathname[:]C:\Windows\system32\drivers\fileinfo.sys ServiceType[:]File System Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Filetrace Description[:]Filetrace Name[:]Filetrace pathname[:]C:\Windows\system32\drivers\filetrace.sys ServiceType[:]File System Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Floppy Disk Driver Description[:]Floppy Disk Driver Name[:]flpydisk pathname[:]C:\Windows\system32\DRIVERS\flpydisk.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]FltMgr Description[:]FltMgr Name[:]FltMgr pathname[:]C:\Windows\system32\drivers\fltmgr.sys ServiceType[:]File System Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]File System Dependency Minifilter Description[:]File System Dependency Minifilter Name[:]FsDepends pathname[:]C:\Windows\system32\drivers\FsDepends.sys ServiceType[:]File System Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]fssfltr Description[:]fssfltr Name[:]fssfltr pathname[:]C:\Windows\system32\DRIVERS\fssfltr.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Bitlocker Drive Encryption Filter Driver Description[:]Bitlocker Drive Encryption Filter Driver Name[:]fvevol pathname[:]C:\Windows\system32\DRIVERS\fvevol.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms Description[:]Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms Name[:]gagp30kx pathname[:]C:\Windows\system32\DRIVERS\gagp30kx.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Hauppauge Consumer Infrared Receiver Description[:]Hauppauge Consumer Infrared Receiver Name[:]hcw85cir pathname[:]C:\Windows\system32\drivers\hcw85cir.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft 1.1 UAA Function Driver for High Definition Audio Service Description[:]Microsoft 1.1 UAA Function Driver for High Definition Audio Service Name[:]HdAudAddService pathname[:]C:\Windows\system32\drivers\HdAudio.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft UAA Bus Driver for High Definition Audio Description[:]Microsoft UAA Bus Driver for High Definition Audio Name[:]HDAudBus pathname[:]C:\Windows\system32\DRIVERS\HDAudBus.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Intel(R) Management Engine Interface Description[:]Intel(R) Management Engine Interface Name[:]HECIx64 pathname[:]C:\Windows\system32\DRIVERS\HECIx64.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]HID UPS Battery Driver Description[:]HID UPS Battery Driver Name[:]HidBatt pathname[:]C:\Windows\system32\DRIVERS\HidBatt.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft Bluetooth HID Miniport Description[:]Microsoft Bluetooth HID Miniport Name[:]HidBth pathname[:]C:\Windows\system32\DRIVERS\hidbth.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft Infrared HID Driver Description[:]Microsoft Infrared HID Driver Name[:]HidIr pathname[:]C:\Windows\system32\DRIVERS\hidir.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft HID Class Driver Description[:]Microsoft HID Class Driver Name[:]HidUsb pathname[:]C:\Windows\system32\DRIVERS\hidusb.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]HpSAMD Description[:]HpSAMD Name[:]HpSAMD pathname[:]C:\Windows\system32\DRIVERS\HpSAMD.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]HTTP Description[:]HTTP Name[:]HTTP pathname[:]C:\Windows\system32\drivers\HTTP.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Manual State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Hardware Policy Driver Description[:]Hardware Policy Driver Name[:]hwpolicy pathname[:]C:\Windows\system32\drivers\hwpolicy.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]i8042 Keyboard and PS/2 Mouse Port Driver Description[:]i8042 Keyboard and PS/2 Mouse Port Driver Name[:]i8042prt pathname[:]C:\Windows\system32\DRIVERS\i8042prt.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Intel AHCI Controller Description[:]Intel AHCI Controller Name[:]iaStor pathname[:]C:\Windows\system32\DRIVERS\iaStor.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]iaStorV Description[:]iaStorV Name[:]iaStorV pathname[:]C:\Windows\system32\DRIVERS\iaStorV.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]igfx Description[:]igfx Name[:]igfx pathname[:]C:\Windows\system32\DRIVERS\igdkmd64.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]iirsp Description[:]iirsp Name[:]iirsp pathname[:]C:\Windows\system32\DRIVERS\iirsp.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Impcd Description[:]Impcd Name[:]Impcd pathname[:]C:\Windows\system32\DRIVERS\Impcd.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Service for Realtek HD Audio (WDM) Description[:]Service for Realtek HD Audio (WDM) Name[:]IntcAzAudAddService pathname[:]C:\Windows\system32\drivers\RTKVHD64.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Intel(R) Display Audio Description[:]Intel(R) Display Audio Name[:]IntcDAud pathname[:]C:\Windows\system32\DRIVERS\IntcDAud.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]intelide Description[:]intelide Name[:]intelide pathname[:]C:\Windows\system32\DRIVERS\intelide.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Intel Processor Driver Description[:]Intel Processor Driver Name[:]intelppm pathname[:]C:\Windows\system32\DRIVERS\intelppm.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]IP Traffic Filter Driver Description[:]IP Traffic Filter Driver Name[:]IpFilterDriver pathname[:]C:\Windows\system32\DRIVERS\ipfltdrv.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]IPMIDRV Description[:]IPMIDRV Name[:]IPMIDRV pathname[:]C:\Windows\system32\DRIVERS\IPMIDrv.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]IP Network Address Translator Description[:]IP Network Address Translator Name[:]IPNAT pathname[:]C:\Windows\system32\drivers\ipnat.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]IR Bus Enumerator Description[:]IR Bus Enumerator Name[:]IRENUM pathname[:]C:\Windows\system32\drivers\irenum.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]isapnp Description[:]isapnp Name[:]isapnp pathname[:]C:\Windows\system32\DRIVERS\isapnp.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]iScsiPort Driver Description[:]iScsiPort Driver Name[:]iScsiPrt pathname[:]C:\Windows\system32\DRIVERS\msiscsi.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Keyboard Class Driver Description[:]Keyboard Class Driver Name[:]kbdclass pathname[:]C:\Windows\system32\DRIVERS\kbdclass.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Keyboard HID Driver Description[:]Keyboard HID Driver Name[:]kbdhid pathname[:]C:\Windows\system32\DRIVERS\kbdhid.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Keyboard Filter Description[:]Keyboard Filter Name[:]kbfiltr pathname[:]C:\Windows\system32\DRIVERS\kbfiltr.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]KL1 Description[:]KL1 Name[:]KL1 pathname[:]C:\Windows\system32\DRIVERS\kl1.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]kl2 Description[:]kl2 Name[:]kl2 pathname[:]C:\Windows\system32\DRIVERS\kl2.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Kaspersky Lab Driver Description[:]Kaspersky Lab Driver Name[:]KLIF pathname[:]C:\Windows\system32\DRIVERS\klif.sys ServiceType[:]File System Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Kaspersky Anti-Virus NDIS 6 Filter Description[:]Kaspersky Anti-Virus NDIS 6 Filter Name[:]KLIM6 pathname[:]C:\Windows\system32\DRIVERS\klim6.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Kaspersky Lab KLMOUFLT Description[:]Kaspersky Lab KLMOUFLT Name[:]klmouflt pathname[:]C:\Windows\system32\DRIVERS\klmouflt.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]KSecDD Description[:]KSecDD Name[:]KSecDD pathname[:]C:\Windows\system32\Drivers\ksecdd.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]KSecPkg Description[:]KSecPkg Name[:]KSecPkg pathname[:]C:\Windows\system32\Drivers\ksecpkg.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Kernel Streaming Thunks Description[:]Kernel Streaming Thunks Name[:]ksthunk pathname[:]C:\Windows\system32\drivers\ksthunk.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller Description[:]NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller Name[:]L1C pathname[:]C:\Windows\system32\DRIVERS\L1C62x64.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Link-Layer Topology Discovery Mapper I/O Driver Description[:]Link-Layer Topology Discovery Mapper I/O Driver Name[:]lltdio pathname[:]C:\Windows\system32\DRIVERS\lltdio.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Auto State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]LSI_FC Description[:]LSI_FC Name[:]LSI_FC pathname[:]C:\Windows\system32\DRIVERS\lsi_fc.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]LSI_SAS Description[:]LSI_SAS Name[:]LSI_SAS pathname[:]C:\Windows\system32\DRIVERS\lsi_sas.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]LSI_SAS2 Description[:]LSI_SAS2 Name[:]LSI_SAS2 pathname[:]C:\Windows\system32\DRIVERS\lsi_sas2.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]LSI_SCSI Description[:]LSI_SCSI Name[:]LSI_SCSI pathname[:]C:\Windows\system32\DRIVERS\lsi_scsi.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]UAC File Virtualization Description[:]UAC File Virtualization Name[:]luafv pathname[:]C:\Windows\system32\drivers\luafv.sys ServiceType[:]File System Driver Started[:]True StartMode[:]Auto State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]MBAMProtector Description[:]MBAMProtector Name[:]MBAMProtector pathname[:]\??\C:\Windows\system32\drivers\mbam.sys ServiceType[:]File System Driver Started[:]True StartMode[:]Manual State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]megasas Description[:]megasas Name[:]megasas pathname[:]C:\Windows\system32\DRIVERS\megasas.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]MegaSR Description[:]MegaSR Name[:]MegaSR pathname[:]C:\Windows\system32\DRIVERS\MegaSR.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Modem Description[:]Modem Name[:]Modem pathname[:]C:\Windows\system32\drivers\modem.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft Monitor Class Function Driver Service Description[:]Microsoft Monitor Class Function Driver Service Name[:]monitor pathname[:]C:\Windows\system32\DRIVERS\monitor.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Mouse Class Driver Description[:]Mouse Class Driver Name[:]mouclass pathname[:]C:\Windows\system32\DRIVERS\mouclass.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Mouse HID Driver Description[:]Mouse HID Driver Name[:]mouhid pathname[:]C:\Windows\system32\DRIVERS\mouhid.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Mount Point Manager Description[:]Mount Point Manager Name[:]mountmgr pathname[:]C:\Windows\system32\drivers\mountmgr.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]mpio Description[:]mpio Name[:]mpio pathname[:]C:\Windows\system32\DRIVERS\mpio.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Windows Firewall Authorization Driver Description[:]Windows Firewall Authorization Driver Name[:]mpsdrv pathname[:]C:\Windows\system32\drivers\mpsdrv.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Manual State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Message Queuing Access Control Description[:]Message Queuing Access Control Name[:]MQAC pathname[:]C:\Windows\system32\drivers\mqac.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Manual State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]WebDav Client Redirector Driver Description[:]WebDav Client Redirector Driver Name[:]MRxDAV pathname[:]C:\Windows\system32\drivers\mrxdav.sys ServiceType[:]File System Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]SMB MiniRedirector Wrapper and Engine Description[:]SMB MiniRedirector Wrapper and Engine Name[:]mrxsmb pathname[:]C:\Windows\system32\DRIVERS\mrxsmb.sys ServiceType[:]File System Driver Started[:]True StartMode[:]Manual State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]SMB 1.x MiniRedirector Description[:]SMB 1.x MiniRedirector Name[:]mrxsmb10 pathname[:]C:\Windows\system32\DRIVERS\mrxsmb10.sys ServiceType[:]File System Driver Started[:]True StartMode[:]Manual State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]SMB 2.0 MiniRedirector Description[:]SMB 2.0 MiniRedirector Name[:]mrxsmb20 pathname[:]C:\Windows\system32\DRIVERS\mrxsmb20.sys ServiceType[:]File System Driver Started[:]True StartMode[:]Manual State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]msahci Description[:]msahci Name[:]msahci pathname[:]C:\Windows\system32\DRIVERS\msahci.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]msdsm Description[:]msdsm Name[:]msdsm pathname[:]C:\Windows\system32\DRIVERS\msdsm.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Msfs Description[:]Msfs Name[:]Msfs pathname[:]C:\Windows\system32\drivers\Msfs.sys ServiceType[:]File System Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Pass-through HID to KMDF Filter Driver Description[:]Pass-through HID to KMDF Filter Driver Name[:]mshidkmdf pathname[:]C:\Windows\system32\drivers\mshidkmdf.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]msisadrv Description[:]msisadrv Name[:]msisadrv pathname[:]C:\Windows\system32\DRIVERS\msisadrv.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft Streaming Service Proxy Description[:]Microsoft Streaming Service Proxy Name[:]MSKSSRV pathname[:]C:\Windows\system32\drivers\MSKSSRV.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft Streaming Clock Proxy Description[:]Microsoft Streaming Clock Proxy Name[:]MSPCLOCK pathname[:]C:\Windows\system32\drivers\MSPCLOCK.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft Streaming Quality Manager Proxy Description[:]Microsoft Streaming Quality Manager Proxy Name[:]MSPQM pathname[:]C:\Windows\system32\drivers\MSPQM.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]MsRPC Description[:]MsRPC Name[:]MsRPC pathname[:]C:\Windows\system32\drivers\MsRPC.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Microsoft System Management BIOS Driver Description[:]Microsoft System Management BIOS Driver Name[:]mssmbios pathname[:]C:\Windows\system32\DRIVERS\mssmbios.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft Streaming Tee/Sink-to-Sink Converter Description[:]Microsoft Streaming Tee/Sink-to-Sink Converter Name[:]MSTEE pathname[:]C:\Windows\system32\drivers\MSTEE.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft Input Configuration Driver Description[:]Microsoft Input Configuration Driver Name[:]MTConfig pathname[:]C:\Windows\system32\DRIVERS\MTConfig.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]ATK0100 ACPI UTILITY Description[:]ATK0100 ACPI UTILITY Name[:]MTsensor pathname[:]C:\Windows\system32\DRIVERS\ATK64AMD.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Mup Description[:]Mup Name[:]Mup pathname[:]C:\Windows\system32\Drivers\mup.sys ServiceType[:]File System Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]NativeWiFi Filter Description[:]NativeWiFi Filter Name[:]NativeWifiP pathname[:]C:\Windows\system32\DRIVERS\nwifi.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Manual State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]NDIS System Driver Description[:]NDIS System Driver Name[:]NDIS pathname[:]C:\Windows\system32\drivers\ndis.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]NDIS Capture LightWeight Filter Description[:]NDIS Capture LightWeight Filter Name[:]NdisCap pathname[:]C:\Windows\system32\DRIVERS\ndiscap.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Remote Access NDIS TAPI Driver Description[:]Remote Access NDIS TAPI Driver Name[:]NdisTapi pathname[:]C:\Windows\system32\DRIVERS\ndistapi.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]NDIS Usermode I/O Protocol Description[:]NDIS Usermode I/O Protocol Name[:]Ndisuio pathname[:]C:\Windows\system32\DRIVERS\ndisuio.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Manual State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Remote Access NDIS WAN Driver Description[:]Remote Access NDIS WAN Driver Name[:]NdisWan pathname[:]C:\Windows\system32\DRIVERS\ndiswan.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]NDIS Proxy Description[:]NDIS Proxy Name[:]NDProxy pathname[:]C:\Windows\system32\drivers\NDProxy.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]NetBIOS Interface Description[:]NetBIOS Interface Name[:]NetBIOS pathname[:]C:\Windows\system32\DRIVERS\netbios.sys ServiceType[:]File System Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]NetBT Description[:]NetBT Name[:]NetBT pathname[:]C:\Windows\system32\DRIVERS\netbt.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit Description[:]Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit Name[:]NETw5s64 pathname[:]C:\Windows\system32\DRIVERS\NETw5s64.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]nfrd960 Description[:]nfrd960 Name[:]nfrd960 pathname[:]C:\Windows\system32\DRIVERS\nfrd960.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Npfs Description[:]Npfs Name[:]Npfs pathname[:]C:\Windows\system32\drivers\Npfs.sys ServiceType[:]File System Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]NSI proxy service driver. Description[:]NSI proxy service driver. Name[:]nsiproxy pathname[:]C:\Windows\system32\drivers\nsiproxy.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Ntfs Description[:]Ntfs Name[:]Ntfs pathname[:]C:\Windows\system32\drivers\Ntfs.sys ServiceType[:]File System Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Null Description[:]Null Name[:]Null pathname[:]C:\Windows\system32\drivers\Null.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]nvraid Description[:]nvraid Name[:]nvraid pathname[:]C:\Windows\system32\DRIVERS\nvraid.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]nvstor Description[:]nvstor Name[:]nvstor pathname[:]C:\Windows\system32\DRIVERS\nvstor.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]NVIDIA nForce AGP Bus Filter Description[:]NVIDIA nForce AGP Bus Filter Name[:]nv_agp pathname[:]C:\Windows\system32\DRIVERS\nv_agp.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]1394 OHCI Compliant Host Controller (Legacy) Description[:]1394 OHCI Compliant Host Controller (Legacy) Name[:]ohci1394 pathname[:]C:\Windows\system32\DRIVERS\ohci1394.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Parallel port driver Description[:]Parallel port driver Name[:]Parport pathname[:]C:\Windows\system32\DRIVERS\parport.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Partition Manager Description[:]Partition Manager Name[:]partmgr pathname[:]C:\Windows\system32\drivers\partmgr.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]PCI Bus Driver Description[:]PCI Bus Driver Name[:]pci pathname[:]C:\Windows\system32\DRIVERS\pci.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]pciide Description[:]pciide Name[:]pciide pathname[:]C:\Windows\system32\drivers\pciide.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]pcmcia Description[:]pcmcia Name[:]pcmcia pathname[:]C:\Windows\system32\DRIVERS\pcmcia.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Performance Counters for Windows Driver Description[:]Performance Counters for Windows Driver Name[:]pcw pathname[:]C:\Windows\system32\drivers\pcw.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]PEAUTH Description[:]PEAUTH Name[:]PEAUTH pathname[:]C:\Windows\system32\drivers\peauth.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Auto State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]WAN Miniport (PPTP) Description[:]WAN Miniport (PPTP) Name[:]PptpMiniport pathname[:]C:\Windows\system32\DRIVERS\raspptp.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Processor Driver Description[:]Processor Driver Name[:]Processor pathname[:]C:\Windows\system32\DRIVERS\processr.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]QoS Packet Scheduler Description[:]QoS Packet Scheduler Name[:]Psched pathname[:]C:\Windows\system32\DRIVERS\pacer.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]ql2300 Description[:]ql2300 Name[:]ql2300 pathname[:]C:\Windows\system32\DRIVERS\ql2300.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]ql40xx Description[:]ql40xx Name[:]ql40xx pathname[:]C:\Windows\system32\DRIVERS\ql40xx.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]QWAVE driver Description[:]QWAVE driver Name[:]QWAVEdrv pathname[:]C:\Windows\system32\drivers\qwavedrv.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Remote Access Auto Connection Driver Description[:]Remote Access Auto Connection Driver Name[:]RasAcd pathname[:]C:\Windows\system32\DRIVERS\rasacd.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]WAN Miniport (IKEv2) Description[:]WAN Miniport (IKEv2) Name[:]RasAgileVpn pathname[:]C:\Windows\system32\DRIVERS\AgileVpn.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]WAN Miniport (L2TP) Description[:]WAN Miniport (L2TP) Name[:]Rasl2tp pathname[:]C:\Windows\system32\DRIVERS\rasl2tp.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Remote Access PPPOE Driver Description[:]Remote Access PPPOE Driver Name[:]RasPppoe pathname[:]C:\Windows\system32\DRIVERS\raspppoe.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]WAN Miniport (SSTP) Description[:]WAN Miniport (SSTP) Name[:]RasSstp pathname[:]C:\Windows\system32\DRIVERS\rassstp.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Redirected Buffering Sub Sysytem Description[:]Redirected Buffering Sub Sysytem Name[:]rdbss pathname[:]C:\Windows\system32\DRIVERS\rdbss.sys ServiceType[:]File System Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Remote Desktop Device Redirector Bus Driver Description[:]Remote Desktop Device Redirector Bus Driver Name[:]rdpbus pathname[:]C:\Windows\system32\DRIVERS\rdpbus.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]RDPCDD Description[:]RDPCDD Name[:]RDPCDD pathname[:]C:\Windows\system32\DRIVERS\RDPCDD.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]RDP Encoder Mirror Driver Description[:]RDP Encoder Mirror Driver Name[:]RDPENCDD pathname[:]C:\Windows\system32\drivers\rdpencdd.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Reflector Display Driver used to gain access to graphics data Description[:]Reflector Display Driver used to gain access to graphics data Name[:]RDPREFMP pathname[:]C:\Windows\system32\drivers\rdprefmp.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]RDP Winstation Driver Description[:]RDP Winstation Driver Name[:]RDPWD pathname[:]C:\Windows\system32\drivers\RDPWD.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]ReadyBoost Description[:]ReadyBoost Name[:]rdyboost pathname[:]C:\Windows\system32\drivers\rdyboost.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Reliable Multicast Protocol Description[:]Reliable Multicast Protocol Name[:]RMCAST pathname[:]C:\Windows\system32\DRIVERS\RMCAST.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Auto State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Link-Layer Topology Discovery Responder Description[:]Link-Layer Topology Discovery Responder Name[:]rspndr pathname[:]C:\Windows\system32\DRIVERS\rspndr.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Auto State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]SASDIFSV Description[:]SASDIFSV Name[:]SASDIFSV pathname[:]\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK sasdifsv64.sys||1, 0, 0, 1010||4, 0, 0, 1000||System file||C:\Program Files\SUPERAntiSpyware\||14.6KB (14,920 bytes)||||2010/02/17 13:23:05||2010/02/17 13:23:05||2010/02/17 13:23:05||0||1||0||0||0||0||SUPERAntiSpyware||SASDIFSV64.SYS|| (c) Copyright 2006-2010 by SUPERAdBlocker.com and SUPERAntiSpyware.com||99df79c258b3342b6c8a5f802998de56|| AcceptPause[:]False AcceptStop[:]True Caption[:]SASKUTIL Description[:]SASKUTIL Name[:]SASKUTIL pathname[:]\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK saskutil64.sys||1, 0, 0, 1014||1, 0, 0, 1014||System file||C:\Program Files\SUPERAntiSpyware\||12.1KB (12,360 bytes)||||2010/02/17 13:23:05||2010/02/17 13:23:05||2010/02/17 13:23:05||0||1||0||0||0||0||SUPERAntiSpyware||SASKUTIL64.SYS|| (c) Copyright 2006-2010 by SUPERAdBlocker.com and SUPERAntiSpyware.com||2859c35c0651e8eb0d86d48e740388f2|| AcceptPause[:]False AcceptStop[:]False Caption[:]sbp2port Description[:]sbp2port Name[:]sbp2port pathname[:]C:\Windows\system32\DRIVERS\sbp2port.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Smart card PnP Class Filter Driver Description[:]Smart card PnP Class Filter Driver Name[:]scfilter pathname[:]C:\Windows\system32\DRIVERS\scfilter.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Security Driver Description[:]Security Driver Name[:]secdrv pathname[:]C:\Windows\system32\drivers\secdrv.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Auto State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Serenum Filter Driver Description[:]Serenum Filter Driver Name[:]Serenum pathname[:]C:\Windows\system32\DRIVERS\serenum.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Serial Description[:]Serial Name[:]Serial pathname[:]C:\Windows\system32\DRIVERS\serial.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Serial Mouse Driver Description[:]Serial Mouse Driver Name[:]sermouse pathname[:]C:\Windows\system32\DRIVERS\sermouse.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]SFF Storage Class Driver Description[:]SFF Storage Class Driver Name[:]sffdisk pathname[:]C:\Windows\system32\DRIVERS\sffdisk.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]SFF Storage Protocol Driver for MMC Description[:]SFF Storage Protocol Driver for MMC Name[:]sffp_mmc pathname[:]C:\Windows\system32\DRIVERS\sffp_mmc.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]SFF Storage Protocol Driver for SDBus Description[:]SFF Storage Protocol Driver for SDBus Name[:]sffp_sd pathname[:]C:\Windows\system32\DRIVERS\sffp_sd.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]High-Capacity Floppy Disk Drive Description[:]High-Capacity Floppy Disk Drive Name[:]sfloppy pathname[:]C:\Windows\system32\DRIVERS\sfloppy.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]SiS191/SiS190 Ethernet Device NDIS 6.0 Driver Description[:]SiS191/SiS190 Ethernet Device NDIS 6.0 Driver Name[:]SiSGbeLH pathname[:]C:\Windows\system32\DRIVERS\SiSG664.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]SiSRaid2 Description[:]SiSRaid2 Name[:]SiSRaid2 pathname[:]C:\Windows\system32\DRIVERS\SiSRaid2.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]SiSRaid4 Description[:]SiSRaid4 Name[:]SiSRaid4 pathname[:]C:\Windows\system32\DRIVERS\sisraid4.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session) Description[:]Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session) Name[:]Smb pathname[:]C:\Windows\system32\DRIVERS\smb.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]USB2.0 PC Camera (SNP2UVC) Description[:]USB2.0 PC Camera (SNP2UVC) Name[:]SNP2UVC pathname[:]C:\Windows\system32\DRIVERS\snp2uvc.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Security Processor Loader Driver Description[:]Security Processor Loader Driver Name[:]spldr pathname[:]C:\Windows\system32\drivers\spldr.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Server SMB 1.xxx Driver Description[:]Server SMB 1.xxx Driver Name[:]srv pathname[:]C:\Windows\system32\DRIVERS\srv.sys ServiceType[:]File System Driver Started[:]True StartMode[:]Manual State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Server SMB 2.xxx Driver Description[:]Server SMB 2.xxx Driver Name[:]srv2 pathname[:]C:\Windows\system32\DRIVERS\srv2.sys ServiceType[:]File System Driver Started[:]True StartMode[:]Manual State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]srvnet Description[:]srvnet Name[:]srvnet pathname[:]C:\Windows\system32\DRIVERS\srvnet.sys ServiceType[:]File System Driver Started[:]True StartMode[:]Manual State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]stexstor Description[:]stexstor Name[:]stexstor pathname[:]C:\Windows\system32\DRIVERS\stexstor.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Software Bus Driver Description[:]Software Bus Driver Name[:]swenum pathname[:]C:\Windows\system32\DRIVERS\swenum.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]TCP/IP Protocol Driver Description[:]TCP/IP Protocol Driver Name[:]Tcpip pathname[:]C:\Windows\system32\drivers\tcpip.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft IPv6 Protocol Driver Description[:]Microsoft IPv6 Protocol Driver Name[:]TCPIP6 pathname[:]C:\Windows\system32\DRIVERS\tcpip.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]TCP/IP Registry Compatibility Description[:]TCP/IP Registry Compatibility Name[:]tcpipreg pathname[:]C:\Windows\system32\drivers\tcpipreg.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Auto State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]TDPIPE Description[:]TDPIPE Name[:]TDPIPE pathname[:]C:\Windows\system32\drivers\tdpipe.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]TDTCP Description[:]TDTCP Name[:]TDTCP pathname[:]C:\Windows\system32\drivers\tdtcp.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]NetIO Legacy TDI Support Driver Description[:]NetIO Legacy TDI Support Driver Name[:]tdx pathname[:]C:\Windows\system32\DRIVERS\tdx.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Terminal Device Driver Description[:]Terminal Device Driver Name[:]TermDD pathname[:]C:\Windows\system32\DRIVERS\termdd.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Remote Desktop Services Security Filter Driver Description[:]Remote Desktop Services Security Filter Driver Name[:]tssecsrv pathname[:]C:\Windows\system32\DRIVERS\tssecsrv.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft Tunnel Miniport Adapter Driver Description[:]Microsoft Tunnel Miniport Adapter Driver Name[:]tunnel pathname[:]C:\Windows\system32\DRIVERS\tunnel.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Turbo Boost UI Monitor driver Description[:]Turbo Boost UI Monitor driver Name[:]TurboB pathname[:]C:\Windows\system32\DRIVERS\TurboB.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Auto State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft AGPv3.5 Filter Description[:]Microsoft AGPv3.5 Filter Name[:]uagp35 pathname[:]C:\Windows\system32\DRIVERS\uagp35.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]udfs Description[:]udfs Name[:]udfs pathname[:]C:\Windows\system32\DRIVERS\udfs.sys ServiceType[:]File System Driver Started[:]False StartMode[:]Disabled State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Uli AGP Bus Filter Description[:]Uli AGP Bus Filter Name[:]uliagpkx pathname[:]C:\Windows\system32\DRIVERS\uliagpkx.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]UMBus Enumerator Driver Description[:]UMBus Enumerator Driver Name[:]umbus pathname[:]C:\Windows\system32\DRIVERS\umbus.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft UMPass Driver Description[:]Microsoft UMPass Driver Name[:]UmPass pathname[:]C:\Windows\system32\DRIVERS\umpass.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft USB Generic Parent Driver Description[:]Microsoft USB Generic Parent Driver Name[:]usbccgp pathname[:]C:\Windows\system32\DRIVERS\usbccgp.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]eHome Infrared Receiver (USBCIR) Description[:]eHome Infrared Receiver (USBCIR) Name[:]usbcir pathname[:]C:\Windows\system32\DRIVERS\usbcir.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft USB 2.0 Enhanced Host Controller Miniport Driver Description[:]Microsoft USB 2.0 Enhanced Host Controller Miniport Driver Name[:]usbehci pathname[:]C:\Windows\system32\DRIVERS\usbehci.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft USB Standard Hub Driver Description[:]Microsoft USB Standard Hub Driver Name[:]usbhub pathname[:]C:\Windows\system32\DRIVERS\usbhub.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft USB Open Host Controller Miniport Driver Description[:]Microsoft USB Open Host Controller Miniport Driver Name[:]usbohci pathname[:]C:\Windows\system32\DRIVERS\usbohci.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft USB PRINTER Class Description[:]Microsoft USB PRINTER Class Name[:]usbprint pathname[:]C:\Windows\system32\DRIVERS\usbprint.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]USB Scanner Driver Description[:]USB Scanner Driver Name[:]usbscan pathname[:]C:\Windows\system32\DRIVERS\usbscan.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]USB Mass Storage Driver Description[:]USB Mass Storage Driver Name[:]USBSTOR pathname[:]C:\Windows\system32\DRIVERS\USBSTOR.SYS ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft USB Universal Host Controller Miniport Driver Description[:]Microsoft USB Universal Host Controller Miniport Driver Name[:]usbuhci pathname[:]C:\Windows\system32\DRIVERS\usbuhci.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]USB Video Device (WDM) Description[:]USB Video Device (WDM) Name[:]usbvideo pathname[:]C:\Windows\system32\Drivers\usbvideo.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Microsoft Virtual Drive Enumerator Driver Description[:]Microsoft Virtual Drive Enumerator Driver Name[:]vdrvroot pathname[:]C:\Windows\system32\DRIVERS\vdrvroot.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]vga Description[:]vga Name[:]vga pathname[:]C:\Windows\system32\DRIVERS\vgapnp.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]VgaSave Description[:]VgaSave Name[:]VgaSave pathname[:]C:\Windows\system32\drivers\vga.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]vhdmp Description[:]vhdmp Name[:]vhdmp pathname[:]C:\Windows\system32\DRIVERS\vhdmp.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]viaide Description[:]viaide Name[:]viaide pathname[:]C:\Windows\system32\DRIVERS\viaide.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Volume Manager Driver Description[:]Volume Manager Driver Name[:]volmgr pathname[:]C:\Windows\system32\DRIVERS\volmgr.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Dynamic Volume Manager Description[:]Dynamic Volume Manager Name[:]volmgrx pathname[:]C:\Windows\system32\drivers\volmgrx.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Storage volumes Description[:]Storage volumes Name[:]volsnap pathname[:]C:\Windows\system32\DRIVERS\volsnap.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]vsmraid Description[:]vsmraid Name[:]vsmraid pathname[:]C:\Windows\system32\DRIVERS\vsmraid.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Virtual WiFi Bus Driver Description[:]Virtual WiFi Bus Driver Name[:]vwifibus pathname[:]C:\Windows\system32\DRIVERS\vwifibus.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Virtual WiFi Filter Driver Description[:]Virtual WiFi Filter Driver Name[:]vwififlt pathname[:]C:\Windows\system32\DRIVERS\vwififlt.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft Virtual WiFi Miniport Service Description[:]Microsoft Virtual WiFi Miniport Service Name[:]vwifimp pathname[:]C:\Windows\system32\DRIVERS\vwifimp.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Wacom Serial Pen HID Driver Description[:]Wacom Serial Pen HID Driver Name[:]WacomPen pathname[:]C:\Windows\system32\DRIVERS\wacompen.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Remote Access IP ARP Driver Description[:]Remote Access IP ARP Driver Name[:]WANARP pathname[:]C:\Windows\system32\DRIVERS\wanarp.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Remote Access IPv6 ARP Driver Description[:]Remote Access IPv6 ARP Driver Name[:]Wanarpv6 pathname[:]C:\Windows\system32\DRIVERS\wanarp.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Wd Description[:]Wd Name[:]Wd pathname[:]C:\Windows\system32\DRIVERS\wd.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Kernel Mode Driver Frameworks service Description[:]Kernel Mode Driver Frameworks service Name[:]Wdf01000 pathname[:]C:\Windows\system32\drivers\Wdf01000.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Boot State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]Intel WiDi KMD Description[:]Intel WiDi KMD Name[:]wdkmd pathname[:]C:\Windows\system32\DRIVERS\WDKMD.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]WFP Lightweight Filter Description[:]WFP Lightweight Filter Name[:]WfpLwf pathname[:]C:\Windows\system32\DRIVERS\wfplwf.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]WimFltr Description[:]WimFltr Name[:]WimFltr pathname[:]C:\Windows\system32\DRIVERS\wimfltr.sys ServiceType[:]File System Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]WIMMount Description[:]WIMMount Name[:]WIMMount pathname[:]C:\Windows\system32\drivers\wimmount.sys ServiceType[:]File System Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK wimmount.sys||6.1.7600.16385 (win7_rtm.090713-1255)||6.1.7600.16385||System file||C:\Windows\System32\drivers\||18.6KB (19,008 bytes)||||2009/07/13 18:17:57||2009/07/13 20:19:10||2009/07/13 18:17:57||0||1||0||0||0||0||Microsoft® Windows® Operating System||Wim file system Driver||© Microsoft Corporation. All rights reserved.||5cf95b35e59e2a38023836fff31be64c|| AcceptPause[:]False AcceptStop[:]False Caption[:]Microsoft Windows Management Interface for ACPI Description[:]Microsoft Windows Management Interface for ACPI Name[:]WmiAcpi pathname[:]C:\Windows\system32\DRIVERS\wmiacpi.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]Windows Socket 2.0 Non-IFS Service Provider Support Environment Description[:]Windows Socket 2.0 Non-IFS Service Provider Support Environment Name[:]ws2ifsl pathname[:]C:\Windows\system32\drivers\ws2ifsl.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]System State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]True Caption[:]User Mode Driver Frameworks Platform Driver Description[:]User Mode Driver Frameworks Platform Driver Name[:]WudfPf pathname[:]C:\Windows\system32\drivers\WudfPf.sys ServiceType[:]Kernel Driver Started[:]True StartMode[:]Manual State[:]Running Status[:]OK AcceptPause[:]False AcceptStop[:]False Caption[:]WUDFRd Description[:]WUDFRd Name[:]WUDFRd pathname[:]C:\Windows\system32\DRIVERS\WUDFRd.sys ServiceType[:]Kernel Driver Started[:]False StartMode[:]Manual State[:]Stopped Status[:]OK HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System[:] ConsentPromptBehaviorAdmin[:]2 ConsentPromptBehaviorUser[:]3 EnableInstallerDetection[:]1 EnableLUA[:]1 EnableSecureUIAPaths[:]1 EnableUIADesktopToggle[:]0 EnableVirtualization[:]1 PromptOnSecureDesktop[:]1 ValidateAdminCodeSignatures[:]0 dontdisplaylastusername[:]0 legalnoticecaption[:] legalnoticetext[:] scforceoption[:]0 shutdownwithoutlogon[:]1 undockwithoutlogon[:]1 FilterAdministratorToken[:]0 HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run[:] SUPERAntiSpyware[:]C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe<||||>SUPERAntiSpyware.exe||4, 45, 0, 1000||4, 45, 0, 1000||Application||C:\Program Files\SUPERAntiSpyware\||2.85MB (2,988,784 bytes)||||2010/10/25 13:47:46||2010/10/25 13:47:46||2010/10/25 13:47:46||0||1||0||0||0||0||SUPERAntiSpyware||SUPERAntiSpyware Application||Copyright (C) 2005-2010 by SUPERAntiSpyware.com and SUPERAdBlocker.com||221c7486bd1a61432cebba265069d65a|| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce[:] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run[:] CLMLServer[:]C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe<||||>CLMLSvc.exe||2.1.1803.0||2.1.1803.0||Application||C:\Program Files (x86)\CyberLink\Power2Go\||101KB (103,720 bytes)||||2009/11/02 16:21:26||2009/11/02 16:21:26||2010/08/11 20:15:26||0||1||0||0||0||0||CyberLink MediaLibray Service||CyberLink MediaLibray Service||Copyright (C) 2005||57b4d34232852bfe4453be571df90d21|| AVP[:]C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe<||||>avp.exe||11.0.1.419||11.0.1.419||Application||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||345KB (352,976 bytes)||||2010/07/01 21:39:08||2010/10/29 17:20:36||2010/10/29 17:20:36||0||1||0||0||0||0||Kaspersky Anti-Virus||Kaspersky Anti-Virus||© 1997-2010 Kaspersky Lab ZAO.||946d70667b0119f2beeae0849e1d46a2|| Malwarebytes' Anti-Malware[:]C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe<||||>mbamgui.exe||1.46.0.0000||1.46.0.0000||Application||C:\Program Files (x86)\Malwarebytes' Anti-Malware\||427KB (437,584 bytes)||||2010/10/29 18:15:40||2010/04/29 15:39:32||2010/10/29 18:15:40||0||1||0||0||0||0||Malwarebytes' Anti-Malware||Malwarebytes' Anti-Malware||© Malwarebytes Corporation. All rights reserved.||5f0388038e7355982fe50b039d10315c|| IObit Security 360[:]C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe<||||>is360tray.exe||1.4.5.107||1.4.5.0||Application||C:\Program Files (x86)\IObit\IObit Security 360\||1.22MB (1,280,344 bytes)||||2010/10/30 17:00:36||2010/06/11 18:14:24||2010/10/30 17:00:36||0||1||0||0||0||0||IObit Security 360||IObit Security 360||||4126904e21735ef4c7fffe01ed795872|| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce[:] HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run[:] HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce[:] HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run[:] HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce[:] HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Command Processor[:] CompletionChar[:]9 DefaultColor[:]0 EnableExtensions[:]1 PathCompletionChar[:]9 HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Command Processor[:] CompletionChar[:]9 DefaultColor[:]0 EnableExtensions[:]1 PathCompletionChar[:]9 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad[:] WebCheck[:]{E6FB5E20-DE35-11CF-9C87-00AA005127ED} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main[:] Start Page[:]http://go.microsoft.com/fwlink/?LinkId=69157 {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} [:]IEVkbdBHO Class AppID[:]{A64D6457-AC29-41D2-937F-F09DE8569F93} [:]C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll<||||>ievkbd.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||66.7KB (68,280 bytes)||||2010/07/01 21:35:08||2010/07/01 21:35:08||2010/10/29 17:08:07||0||1||0||0||0||0||Kaspersky Anti-Virus||IE Virtual Keyboard||© 1997-2010 Kaspersky Lab ZAO.||cc3ea6117d430710b501b5950394f077|| ThreadingModel[:]Apartment {5C255C8A-E604-49b4-9D64-90988571CECB} {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} [:]Search Helper [:]C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll<||||>SearchHelper.dll||1.2.118.0||1.2.118.0||Application extension||C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\||90.3KB (92,504 bytes)||||2008/12/04 17:59:06||2008/12/04 17:59:06||2010/08/11 20:21:31||0||1||0||0||0||0||Microsoft Search Helper Extention||Microsoft Search Helper Extention||Copyright © 1995-2006 Microsoft Corp.||c5700cd3293e88be85c73eccce772e9e|| ThreadingModel[:]Apartment {9030D464-4C02-4ABF-8ECC-5164760863C6} [:]Windows Live Sign-in Helper AppID[:]{062C56BD-B2FF-4405-88D9-93154F27D785} [:]C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll<||||>WindowsLiveLogin.dll||5.000.818.6||5.000.818.6||Application extension||C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\||399KB (408,440 bytes)||||2009/02/17 16:11:04||2009/02/17 16:11:04||2010/10/29 16:15:09||0||1||0||0||0||0||Microsoft® Windows Live Login Helper||WindowsLiveLogin.dll||Copyright © 1995-2006 Microsoft Corporation.||1a82c1b9bb43385695efc3a84f6756a2|| ThreadingModel[:]Apartment {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} {E33CF602-D945-461A-83F0-819F76A199F8} [:]FilterBHO Class [:]C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll<||||>klwtbbho.dll||11.0.1.400||11.0.1.400||Application extension||C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\||187KB (191,160 bytes)||||2010/07/01 21:35:14||2010/07/01 21:35:14||2010/10/29 17:08:14||0||1||0||0||0||0||Kaspersky Anti-Virus||WebToolBar component||© 1997-2010 Kaspersky Lab ZAO.||b028e719312d1a6106dbef76fa81d965|| ThreadingModel[:]Apartment {EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} [:]Toolbar BHO [:]C:\Program Files (x86)\IObitBar\toolbar\1.bin\i0bar.dll ThreadingModel[:]Apartment DeviceClass[:]NET DeviceName[:]Microsoft ISATAP Adapter DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:]Microsoft ISATAP Adapter #2 IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]NET DeviceName[:]Microsoft ISATAP Adapter DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]NET DeviceName[:]Intel(R) Centrino(R) WiMAX 6250 DriverDate[:]20100516000000.******+*** DriverProviderName[:]Intel Corporation DriverVersion[:]5.30.1005.3 FriendlyName[:] IsSigned[:]True Location[:]BaxterPeak Enumerator 0 Manufacturer[:]Intel Corporation Status[:] DeviceClass[:]WIMAX DeviceName[:]Intel(R) Centrino(R) WiMAX Enumerator DriverDate[:]20100516000000.******+*** DriverProviderName[:]Intel Corporation DriverVersion[:]5.30.1005.3 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Intel Corporation Status[:] DeviceClass[:]WIDI DeviceName[:]WDKMD DriverDate[:]20100604000000.******+*** DriverProviderName[:]Intel Corporation DriverVersion[:]1.2.17.0 FriendlyName[:] IsSigned[:]False Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]Volume Manager DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]Microsoft Virtual Drive Enumerator Driver DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]UMBus Enumerator DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]SYSTEM DeviceName[:]UMBus Root Bus Enumerator DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]SYSTEM DeviceName[:]Plug and Play Software Device Enumerator DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]Terminal Server Mouse Driver DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]Terminal Server Keyboard Driver DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]NET DeviceName[:]WAN Miniport (SSTP) DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]NET DeviceName[:]WAN Miniport (PPTP) DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]NET DeviceName[:]WAN Miniport (PPPOE) DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]NET DeviceName[:]WAN Miniport (IPv6) DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]NET DeviceName[:]WAN Miniport (IP) DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]NET DeviceName[:]WAN Miniport (Network Monitor) DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]NET DeviceName[:]WAN Miniport (L2TP) DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]NET DeviceName[:]WAN Miniport (IKEv2) DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]SYSTEM DeviceName[:]Microsoft System Management BIOS Driver DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]User Mode Driver Frameworks Platform Driver DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Windows Socket 2.0 Non-IFS Service Provider Support Environment DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]WFP Lightweight Filter DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Kernel Mode Driver Frameworks service DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Remote Access IPv6 ARP Driver DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Virtual WiFi Filter Driver DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Storage volumes DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Dynamic Volume Manager DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]VgaSave DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Turbo Boost UI Monitor driver DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]NetIO Legacy TDI Support Driver DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]TCP/IP Registry Compatibility DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]TCP/IP Protocol Driver DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Security Processor Loader Driver DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Security Driver DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]SASKUTIL DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]SASDIFSV DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Link-Layer Topology Discovery Responder DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Reliable Multicast Protocol DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Reflector Display Driver used to gain access to graphics data DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]RDP Encoder Mirror Driver DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]RDPCDD DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]QoS Packet Scheduler DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]PEAUTH DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Performance Counters for Windows Driver DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]pciide DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Null DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]NSI proxy service driver. DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]NETBT DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]NDProxy DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]NDIS Usermode I/O Protocol DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]NDIS System Driver DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]NativeWiFi Filter DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]msisadrv DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]msahci DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Message Queuing Access Control DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Windows Firewall Authorization Driver DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Mount Point Manager DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Link-Layer Topology Discovery Mapper I/O Driver DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]KSecPkg DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]KSecDD DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Kaspersky Anti-Virus NDIS 6 Filter DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]kl2 DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]kl1 DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Hardware Policy Driver DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]HTTP DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Bitlocker Drive Encryption Filter Driver DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]LDDM Graphics Subsystem DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]System Attribute Cache DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]CNG DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Common Log (CLFS) DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Beep DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]IDE Channel DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]ASMMAP64 DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]LEGACYDRIVER DeviceName[:]Ancillary Function Driver for Winsock DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:] Manufacturer[:] Status[:] DeviceClass[:]BATTERY DeviceName[:]Microsoft Composite Battery DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]SYSTEM DeviceName[:]Composite Bus Enumerator DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]SYSTEM DeviceName[:]File as Volume Driver DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]SYSTEM DeviceName[:]ACPI Fixed Feature Button DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]Motherboard resources DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]ACPI Sleep Button DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]ACPI Lid DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]ACPI Thermal Zone DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]ATK0100 ACPI UTILITY DriverDate[:]20090513000000.******+*** DriverProviderName[:]ASUS DriverVersion[:]1043.2.15.75 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]ASUS Status[:] DeviceClass[:]SYSTEM DeviceName[:]Reserved - 2D13 DriverDate[:]20091028000000.******+*** DriverProviderName[:]Intel DriverVersion[:]9.1.1.1022 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 255, device 2, function 3 Manufacturer[:]Intel Status[:] DeviceClass[:]SYSTEM DeviceName[:]Reserved - 2D12 DriverDate[:]20091028000000.******+*** DriverProviderName[:]Intel DriverVersion[:]9.1.1.1022 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 255, device 2, function 2 Manufacturer[:]Intel Status[:] DeviceClass[:]SYSTEM DeviceName[:]QPI Physical 0 - 2D11 DriverDate[:]20091028000000.******+*** DriverProviderName[:]Intel DriverVersion[:]9.1.1.1022 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 255, device 2, function 1 Manufacturer[:]Intel Status[:] DeviceClass[:]SYSTEM DeviceName[:]QPI Link 0 - 2D10 DriverDate[:]20091028000000.******+*** DriverProviderName[:]Intel DriverVersion[:]9.1.1.1022 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 255, device 2, function 0 Manufacturer[:]Intel Status[:] DeviceClass[:]SYSTEM DeviceName[:]QuickPath Architecture System Address Decoder - 2D01 DriverDate[:]20091028000000.******+*** DriverProviderName[:]Intel DriverVersion[:]9.1.1.1022 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 255, device 0, function 1 Manufacturer[:]Intel Status[:] DeviceClass[:]SYSTEM DeviceName[:]QuickPath Architecture Generic Non-core Registers - 2C62 DriverDate[:]20091028000000.******+*** DriverProviderName[:]Intel DriverVersion[:]9.1.1.1022 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 255, device 0, function 0 Manufacturer[:]Intel Status[:] DeviceClass[:]SYSTEM DeviceName[:]PCI bus DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]PROCESSOR DeviceName[:]Intel Processor DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:]Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz IsSigned[:]True Location[:] Manufacturer[:]Intel Status[:] DeviceClass[:]PROCESSOR DeviceName[:]Intel Processor DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:]Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz IsSigned[:]True Location[:] Manufacturer[:]Intel Status[:] DeviceClass[:]PROCESSOR DeviceName[:]Intel Processor DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:]Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz IsSigned[:]True Location[:] Manufacturer[:]Intel Status[:] DeviceClass[:]PROCESSOR DeviceName[:]Intel Processor DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:]Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz IsSigned[:]True Location[:] Manufacturer[:]Intel Status[:] DeviceClass[:]BATTERY DeviceName[:]Microsoft ACPI-Compliant Control Method Battery DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]BATTERY DeviceName[:]Microsoft AC Adapter DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]SYSTEM DeviceName[:]Motherboard resources DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]Intel(R) Turbo Boost Technology Driver DriverDate[:]20100226000000.******+*** DriverProviderName[:]Intel DriverVersion[:]1.2.0.1002 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 0, device 31, function 6 Manufacturer[:]Intel Status[:] DeviceClass[:]CDROM DeviceName[:]CD-ROM Drive DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:]MATSHITA DVD-RAM UJ890AS IsSigned[:]True Location[:]1 Manufacturer[:](Standard CD-ROM drives) Status[:] DeviceClass[:]DISKDRIVE DeviceName[:]Disk drive DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:]ST9640320AS IsSigned[:]True Location[:]0 Manufacturer[:](Standard disk drives) Status[:] DeviceClass[:]HDC DeviceName[:]Intel(R) PCHM SATA AHCI Controller 4 Port DriverDate[:]20090807000000.******+*** DriverProviderName[:]Intel DriverVersion[:]8.9.2.1002 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 0, device 31, function 2 Manufacturer[:]Intel Status[:] DeviceClass[:]SYSTEM DeviceName[:]Microsoft ACPI-Compliant Embedded Controller DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]KEYBOARD DeviceName[:]Keyboard Device Filter DriverDate[:]20090720000000.******+*** DriverProviderName[:]ATK DriverVersion[:]1.0.0.3 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Keyboard Device Filter Status[:] DeviceClass[:]MOUSE DeviceName[:]ELAN PS/2 Port Smart-Pad DriverDate[:]20100413000000.******+*** DriverProviderName[:]ELAN DriverVersion[:]7.0.5.11 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]ELAN Status[:] DeviceClass[:]SYSTEM DeviceName[:]Motherboard resources DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]System timer DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]System CMOS/real time clock DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]Motherboard resources DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]Numeric data processor DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]Programmable interrupt controller DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]High precision event timer DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]Intel(R) 82802 Firmware Hub Device DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Intel Status[:] DeviceClass[:]SYSTEM DeviceName[:]Direct memory access controller DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]Intel(R) HM55 Express Chipset LPC Interface Controller - 3B09 DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 0, device 31, function 0 Manufacturer[:]Intel Status[:] DeviceClass[:]SYSTEM DeviceName[:]Intel(R) 82801 PCI Bridge - 2448 DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 0, device 30, function 0 Manufacturer[:]Intel Status[:] DeviceClass[:]USB DeviceName[:]Generic USB Hub DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:]Port_#0001.Hub_#0002 Manufacturer[:](Generic USB Hub) Status[:] DeviceClass[:]USB DeviceName[:]USB Root Hub DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard USB Host Controller) Status[:] DeviceClass[:]USB DeviceName[:]Intel(R) 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B34 DriverDate[:]20090820000000.******+*** DriverProviderName[:]Intel DriverVersion[:]9.1.1.1020 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 0, device 29, function 0 Manufacturer[:]Intel Status[:] DeviceClass[:]NET DeviceName[:]Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) DriverDate[:]20100304000000.******+*** DriverProviderName[:]Atheros DriverVersion[:]1.0.0.27 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 3, device 0, function 0 Manufacturer[:]Atheros Status[:] DeviceClass[:]SYSTEM DeviceName[:]Intel(R) 5 Series/3400 Series Chipset Family PCI Express Root Port 6 - 3B4C DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 0, device 28, function 5 Manufacturer[:]Intel Status[:] DeviceClass[:]NET DeviceName[:]Microsoft Virtual WiFi Miniport Adapter DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:]VWiFi Bus 0 Manufacturer[:]Microsoft Status[:] DeviceClass[:]NET DeviceName[:]Microsoft Virtual WiFi Miniport Adapter DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:]Microsoft Virtual WiFi Miniport Adapter #2 IsSigned[:]True Location[:]VWiFi Bus 0 Manufacturer[:]Microsoft Status[:] DeviceClass[:]NET DeviceName[:]Intel(R) Centrino(R) Advanced-N 6250 AGN DriverDate[:]20100318000000.******+*** DriverProviderName[:]Intel DriverVersion[:]13.2.0.30 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 2, device 0, function 0 Manufacturer[:]Intel Corporation Status[:] DeviceClass[:]SYSTEM DeviceName[:]Intel(R) 5 Series/3400 Series Chipset Family PCI Express Root Port 2 - 3B44 DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 0, device 28, function 1 Manufacturer[:]Intel Status[:] DeviceClass[:]SYSTEM DeviceName[:]Intel(R) 5 Series/3400 Series Chipset Family PCI Express Root Port 1 - 3B42 DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 0, device 28, function 0 Manufacturer[:]Intel Status[:] DeviceClass[:]MEDIA DeviceName[:]Intel(R) Display Audio DriverDate[:]20100203000000.******+*** DriverProviderName[:]Intel(R) Corporation DriverVersion[:]6.12.0.3047 FriendlyName[:] IsSigned[:]True Location[:]Internal High Definition Audio Bus Manufacturer[:]Intel(R) Corporation Status[:] DeviceClass[:]MEDIA DeviceName[:]Realtek High Definition Audio DriverDate[:]20100513000000.******+*** DriverProviderName[:]Realtek Semiconductor Corp. DriverVersion[:]6.0.1.6110 FriendlyName[:] IsSigned[:]True Location[:]Internal High Definition Audio Bus Manufacturer[:]Realtek Status[:] DeviceClass[:]SYSTEM DeviceName[:]High Definition Audio Controller DriverDate[:]20090713000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 0, device 27, function 0 Manufacturer[:]Microsoft Status[:] DeviceClass[:]IMAGE DeviceName[:]USB 2.0 VGA UVC WebCam DriverDate[:]20091022000000.******+*** DriverProviderName[:]Sonix DriverVersion[:]61.5.200.280 FriendlyName[:]USB 2.0 VGA UVC WebCam IsSigned[:]True Location[:]0000.001a.0000.001.002.000.000.000.000 Manufacturer[:]Chicony, (Sonix260) Status[:] DeviceClass[:]USB DeviceName[:]USB Composite Device DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:]Port_#0002.Hub_#0003 Manufacturer[:](Standard USB Host Controller) Status[:] DeviceClass[:]WIMAX DeviceName[:]Intel(R) Centrino(R) WiMAX 6250 Function Driver DriverDate[:]20100516000000.******+*** DriverProviderName[:]Intel Corporation DriverVersion[:]5.30.1005.3 FriendlyName[:] IsSigned[:]True Location[:]Port_#0001.Hub_#0003 Manufacturer[:]Intel Corporation Status[:] DeviceClass[:]USB DeviceName[:]Generic USB Hub DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:]Port_#0001.Hub_#0001 Manufacturer[:](Generic USB Hub) Status[:] DeviceClass[:]USB DeviceName[:]USB Root Hub DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard USB Host Controller) Status[:] DeviceClass[:]USB DeviceName[:]Intel(R) 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C DriverDate[:]20090820000000.******+*** DriverProviderName[:]Intel DriverVersion[:]9.1.1.1020 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 0, device 26, function 0 Manufacturer[:]Intel Status[:] DeviceClass[:]SYSTEM DeviceName[:]Intel(R) Management Engine Interface DriverDate[:] DriverProviderName[:] DriverVersion[:] FriendlyName[:] IsSigned[:] Location[:]PCI bus 0, device 22, function 0 Manufacturer[:]Intel Status[:] DeviceClass[:]MONITOR DeviceName[:]Generic PnP Monitor DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard monitor types) Status[:] DeviceClass[:]DISPLAY DeviceName[:]Intel(R) HD Graphics DriverDate[:]20100825000000.******+*** DriverProviderName[:]Intel Corporation DriverVersion[:]8.15.10.2202 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 0, device 2, function 0 Manufacturer[:]Intel Corporation Status[:] DeviceClass[:]SYSTEM DeviceName[:]Intel(R) processor DRAM Controller - 0044 DriverDate[:]20091028000000.******+*** DriverProviderName[:]Intel DriverVersion[:]9.1.1.1022 FriendlyName[:] IsSigned[:]True Location[:]PCI bus 0, device 0, function 0 Manufacturer[:]Intel Status[:] DeviceClass[:]SYSTEM DeviceName[:]PCI bus DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard system devices) Status[:] DeviceClass[:]SYSTEM DeviceName[:]Microsoft ACPI-Compliant System DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]COMPUTER DeviceName[:]ACPI x64-based PC DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:](Standard computers) Status[:] DeviceClass[:]NET DeviceName[:]Microsoft Teredo Tunneling Adapter DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:]Teredo Tunneling Pseudo-Interface IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]NET DeviceName[:]Microsoft 6to4 Adapter DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:]Microsoft 6to4 Adapter #2 IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] DeviceClass[:]NET DeviceName[:]Microsoft 6to4 Adapter DriverDate[:]20060621000000.******+*** DriverProviderName[:]Microsoft DriverVersion[:]6.1.7600.16385 FriendlyName[:] IsSigned[:]True Location[:] Manufacturer[:]Microsoft Status[:] Name[:]ADMIN$ Path[:]C:\Windows Description[:]Remote Admin AllowMaximum[:]True Status[:]OK Name[:]C$ Path[:]C:\ Description[:]Default share AllowMaximum[:]True Status[:]OK Name[:]IPC$ Path[:] Description[:]Remote IPC AllowMaximum[:]True Status[:]OK TCP<||||><||||>0.0.0.0<||||>7<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>9<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>13<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>17<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>19<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>80<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>135<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>445<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>515<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>1110<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>2103<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>2105<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>2107<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>10065<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>38191<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>49152<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>49153<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>49154<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>49155<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>49156<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>49182<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>0.0.0.0<||||>49189<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>24.100.107.20<||||>139<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>24.100.107.20<||||>50817<||||>209.85.225.100<||||>80<||||>LAST_ACK TCP<||||><||||>24.100.107.20<||||>50819<||||>209.85.225.100<||||>80<||||>LAST_ACK TCP<||||><||||>24.100.107.20<||||>50821<||||>209.85.225.100<||||>80<||||>LAST_ACK TCP<||||><||||>24.100.107.20<||||>50823<||||>209.85.225.100<||||>80<||||>LAST_ACK TCP<||||><||||>24.100.107.20<||||>50825<||||>209.85.225.100<||||>80<||||>LAST_ACK TCP<||||><||||>24.100.107.20<||||>50827<||||>209.85.225.100<||||>80<||||>LAST_ACK TCP<||||><||||>24.100.107.20<||||>50829<||||>209.85.225.105<||||>80<||||>SYN_RCVD TCP<||||><||||>24.100.107.20<||||>50833<||||>74.125.95.100<||||>80<||||>SYN_RCVD TCP<||||><||||>24.100.107.20<||||>50845<||||>93.104.193.173<||||>80<||||>LAST_ACK TCP<||||><||||>24.100.107.20<||||>50847<||||>209.85.225.138<||||>80<||||>SYN_RCVD TCP<||||><||||>24.100.107.20<||||>50848<||||>38.113.165.77<||||>443<||||>LAST_ACK TCP<||||><||||>24.100.107.20<||||>50850<||||>93.104.193.173<||||>80<||||>LAST_ACK TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50810<||||>LAST_ACK TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50812<||||>LAST_ACK TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50813<||||>LAST_ACK TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50828<||||>SYN_RCVD TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50830<||||>LAST_ACK TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50832<||||>SYN_RCVD TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50834<||||>LAST_ACK TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50836<||||>LAST_ACK TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50838<||||>LAST_ACK TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50840<||||>LAST_ACK TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50842<||||>LAST_ACK TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50846<||||>SYN_RCVD TCP<||||><||||>127.0.0.1<||||>1110<||||>127.0.0.1<||||>50851<||||>LAST_ACK TCP<||||><||||>127.0.0.1<||||>1801<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>127.0.0.1<||||>49262<||||>0.0.0.0<||||>0<||||>CLOSED TCP<||||><||||>127.0.0.1<||||>49873<||||>127.0.0.1<||||>49874<||||>SYN_RCVD TCP<||||><||||>127.0.0.1<||||>49874<||||>127.0.0.1<||||>49873<||||>SYN_RCVD TCP<||||><||||>127.0.0.1<||||>49875<||||>127.0.0.1<||||>49876<||||>SYN_RCVD TCP<||||><||||>127.0.0.1<||||>49876<||||>127.0.0.1<||||>49875<||||>SYN_RCVD TCP<||||><||||>127.0.0.1<||||>50828<||||>127.0.0.1<||||>1110<||||>SYN_RCVD TCP<||||><||||>127.0.0.1<||||>50832<||||>127.0.0.1<||||>1110<||||>SYN_RCVD TCP<||||><||||>127.0.0.1<||||>50844<||||>127.0.0.1<||||>1110<||||>LAST_ACK TCP<||||><||||>127.0.0.1<||||>50846<||||>127.0.0.1<||||>1110<||||>SYN_RCVD TCP<||||><||||>127.0.0.1<||||>50849<||||>127.0.0.1<||||>1110<||||>LAST_ACK # Copyright (c) 1993-2009 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. # 127.0.0.1 localhost # ::1 localhost Path[:]C:\Windows\downloaded program files\ Files[:] Path[:]C:\Users\Kevin\AppData\Local\Temp\ Files[:] Sub[:]VerifyColumn -> NetworkAdapterConfiguration Error[:]13 Description[:]Type mismatch Source[:]GetSystemInfo HelpFile[:] Sub[:]FindExecutableInFolder -> C:\Windows\Temp\(True) Error[:]52 Description[:]Bad file name or number Source[:]GetSystemInfo HelpFile[:] 42edce6a57e5724a79a3d9500ebacec9