StartupList report, 6/9/2014, 5:47:00 PM
StartupList version 2.02.0
Started from: C:\Users\RobertL\AppData\Local\Temp\Temp1_startuplist.zip\StartupList.EXE
Detected: Windows Vista SP1 (WinNT 6.01.7601)
Logged on as 'RobertL' to 'L00015'
* Using default options (see end of log for possible options)
==================================================

Running processes (12):

[C:\Program Files (x86)\AVG\AVG2014\avgui.exe (72)]
C:\Program Files (x86)\AVG\AVG2014\avgapps.dll
C:\Program Files (x86)\AVG\AVG2014\avgcfgx.dll
C:\Program Files (x86)\AVG\AVG2014\avgclitx.dll
C:\Program Files (x86)\AVG\AVG2014\avgcmlx.dll
C:\Program Files (x86)\AVG\AVG2014\avgcommx.dll
C:\Program Files (x86)\AVG\AVG2014\avgdecider.dll
C:\Program Files (x86)\AVG\AVG2014\avgfilevaultx.dll
C:\Program Files (x86)\AVG\AVG2014\avgidpmx.dll
C:\Program Files (x86)\AVG\AVG2014\avgkrnlapix.dll
C:\Program Files (x86)\AVG\AVG2014\avglngx.dll
C:\Program Files (x86)\AVG\AVG2014\avglogx.dll
C:\Program Files (x86)\AVG\AVG2014\avgntopensslx.dll
C:\Program Files (x86)\AVG\AVG2014\avgsysx.dll
C:\Program Files (x86)\AVG\AVG2014\avguires.dll
C:\Windows\system32\apphelp.dll
C:\Windows\system32\CRYPTSP.dll
C:\Windows\system32\cscapi.dll
C:\Windows\system32\dhcpcsvc.DLL
C:\Windows\system32\dhcpcsvc6.DLL
C:\Windows\system32\DNSAPI.dll
C:\Windows\system32\dwmapi.dll
C:\Windows\system32\LINKINFO.dll
C:\Windows\system32\mfc110u.dll
C:\Windows\system32\MPR.dll
C:\Windows\system32\MSIMG32.dll
C:\Windows\system32\MSVCP110.dll
C:\Windows\system32\MSVCR110.dll
C:\Windows\system32\ntmarta.dll
C:\Windows\system32\ntshrui.dll
C:\Windows\system32\profapi.dll
C:\Windows\system32\PROPSYS.dll
C:\Windows\system32\RpcRtRemote.dll
C:\Windows\system32\rsaenh.dll
C:\Windows\system32\slc.dll
C:\Windows\system32\srvcli.dll
C:\Windows\system32\SXS.DLL
C:\Windows\system32\UxTheme.dll
C:\Windows\system32\VERSION.dll
C:\Windows\system32\WINSTA.dll
C:\Windows\syswow64\ADVAPI32.dll
C:\Windows\syswow64\CFGMGR32.dll
C:\Windows\syswow64\CLBCatQ.DLL
C:\Windows\syswow64\CRYPTBASE.dll
C:\Windows\syswow64\DEVOBJ.dll
C:\Windows\syswow64\GDI32.dll
C:\Windows\syswow64\IMM32.dll
C:\Windows\SysWOW64\iphlpapi.dll
C:\Windows\SysWOW64\jscript.dll
C:\Windows\syswow64\kernel32.dll
C:\Windows\syswow64\KERNELBASE.dll
C:\Windows\syswow64\LPK.dll
C:\Windows\syswow64\MSCTF.dll
C:\Windows\syswow64\msvcrt.dll
C:\Windows\syswow64\NSI.dll
C:\Windows\SysWOW64\ntdll.dll
C:\Windows\syswow64\ole32.dll
C:\Windows\syswow64\OLEAUT32.dll
C:\Windows\syswow64\PSAPI.DLL
C:\Windows\syswow64\RPCRT4.dll
C:\Windows\SysWOW64\sechost.dll
C:\Windows\syswow64\SETUPAPI.dll
C:\Windows\syswow64\SHELL32.dll
C:\Windows\syswow64\SHLWAPI.dll
C:\Windows\syswow64\SspiCli.dll
C:\Windows\syswow64\USER32.dll
C:\Windows\syswow64\USP10.dll
C:\Windows\SysWOW64\WINNSI.DLL
C:\Windows\syswow64\WLDAP32.dll
C:\Windows\syswow64\WS2_32.dll
C:\Windows\SysWOW64\wtsapi32.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\COMCTL32.dll
C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll

[C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (73)]
C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
C:\Windows\system32\apphelp.dll
C:\Windows\system32\bcrypt.dll
C:\Windows\system32\credssp.dll
C:\Windows\system32\cryptnet.dll
C:\Windows\system32\CRYPTSP.dll
C:\Windows\system32\dhcpcsvc.DLL
C:\Windows\system32\dhcpcsvc6.DLL
C:\Windows\system32\DNSAPI.dll
C:\Windows\system32\dwmapi.dll
C:\Windows\system32\GPAPI.dll
C:\Windows\system32\IMM32.DLL
C:\Windows\system32\IPHLPAPI.DLL
C:\Windows\system32\msi.dll
C:\Windows\system32\mswsock.dll
C:\Windows\system32\ncrypt.dll
C:\Windows\system32\ntmarta.dll
C:\Windows\system32\profapi.dll
C:\Windows\system32\PROPSYS.dll
C:\Windows\system32\rasadhlp.dll
C:\Windows\system32\RpcRtRemote.dll
C:\Windows\system32\rsaenh.dll
C:\Windows\system32\Secur32.dll
C:\Windows\system32\SensApi.dll
C:\Windows\system32\USERENV.dll
C:\Windows\system32\uxtheme.dll
C:\Windows\system32\VERSION.dll
C:\Windows\system32\webio.dll
C:\Windows\system32\WINHTTP.dll
C:\Windows\system32\WINNSI.DLL
C:\Windows\system32\WINSPOOL.DRV
C:\Windows\syswow64\ADVAPI32.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\SysWOW64\bcryptprimitives.dll
C:\Windows\syswow64\CFGMGR32.dll
C:\Windows\syswow64\CLBCatQ.DLL
C:\Windows\syswow64\COMDLG32.dll
C:\Windows\syswow64\CRYPT32.dll
C:\Windows\syswow64\CRYPTBASE.dll
C:\Windows\syswow64\DEVOBJ.dll
C:\Windows\syswow64\GDI32.dll
C:\Windows\syswow64\iertutil.dll
C:\Windows\syswow64\kernel32.dll
C:\Windows\syswow64\KERNELBASE.dll
C:\Windows\syswow64\LPK.dll
C:\Windows\syswow64\MSASN1.dll
C:\Windows\syswow64\MSCTF.dll
C:\Windows\syswow64\msvcrt.dll
C:\Windows\syswow64\normaliz.DLL
C:\Windows\syswow64\NSI.dll
C:\Windows\SysWOW64\ntdll.dll
C:\Windows\syswow64\ole32.dll
C:\Windows\syswow64\OLEAUT32.dll
C:\Windows\syswow64\PSAPI.DLL
C:\Windows\syswow64\RPCRT4.dll
C:\Windows\SysWOW64\sechost.dll
C:\Windows\syswow64\SETUPAPI.dll
C:\Windows\syswow64\SHELL32.dll
C:\Windows\syswow64\SHLWAPI.dll
C:\Windows\syswow64\SspiCli.dll
C:\Windows\syswow64\urlmon.dll
C:\Windows\syswow64\USER32.dll
C:\Windows\syswow64\USP10.dll
C:\Windows\syswow64\WININET.dll
C:\Windows\syswow64\WINTRUST.dll
C:\Windows\syswow64\WLDAP32.dll
C:\Windows\syswow64\WS2_32.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\COMCTL32.dll

[C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (113)]
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome.dll
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome_elf.dll
C:\Program Files (x86)\Windows Defender\MpOav.dll
C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
C:\Windows\system32\apphelp.dll
C:\Windows\system32\audioses.dll
C:\Windows\system32\bcrypt.dll
C:\Windows\system32\credssp.dll
C:\Windows\system32\credui.dll
C:\Windows\system32\cryptnet.dll
C:\Windows\system32\CRYPTSP.dll
C:\Windows\system32\cscapi.dll
C:\Windows\system32\dbghelp.dll
C:\Windows\system32\dhcpcsvc.DLL
C:\Windows\system32\dhcpcsvc6.DLL
C:\Windows\system32\DNSAPI.dll
C:\Windows\system32\DUI70.dll
C:\Windows\system32\DUser.dll
C:\Windows\system32\dwmapi.dll
C:\Windows\system32\EhStorShell.dll
C:\Windows\system32\explorerframe.dll
C:\Windows\System32\fwpuclnt.dll
C:\Windows\system32\GPAPI.dll
C:\Windows\system32\HID.DLL
C:\Windows\system32\IMM32.DLL
C:\Windows\system32\IPHLPAPI.DLL
C:\Windows\system32\LINKINFO.dll
C:\Windows\system32\logoncli.dll
C:\Windows\system32\MMDevAPI.DLL
C:\Windows\system32\mscms.dll
C:\Windows\system32\msdmo.dll
C:\Windows\system32\mssprxy.dll
C:\Windows\system32\mswsock.dll
C:\Windows\system32\ncrypt.dll
C:\Windows\system32\NETAPI32.dll
C:\Windows\System32\netprofm.dll
C:\Windows\system32\netutils.dll
C:\Windows\system32\NLAapi.dll
C:\Windows\System32\npmproxy.dll
C:\Windows\system32\NTDSAPI.dll
C:\Windows\system32\ntmarta.dll
C:\Windows\system32\ntshrui.dll
C:\Windows\system32\OLEACC.dll
C:\Windows\system32\profapi.dll
C:\Windows\system32\PROPSYS.dll
C:\Windows\system32\rasadhlp.dll
C:\Windows\system32\RpcRtRemote.dll
C:\Windows\system32\rsaenh.dll
C:\Windows\system32\SAMCLI.DLL
C:\Windows\system32\SAMLIB.dll
C:\Windows\system32\Secur32.dll
C:\Windows\system32\shdocvw.dll
C:\Windows\system32\slc.dll
C:\Windows\system32\srvcli.dll
C:\Windows\system32\USERENV.dll
C:\Windows\system32\uxtheme.dll
C:\Windows\system32\VERSION.dll
C:\Windows\system32\webio.dll
C:\Windows\System32\wevtapi.dll
C:\Windows\system32\WindowsCodecs.dll
C:\Windows\system32\WINHTTP.dll
C:\Windows\system32\WINMM.dll
C:\Windows\system32\WINNSI.DLL
C:\Windows\system32\WINSTA.dll
C:\Windows\system32\wkscli.dll
C:\Windows\System32\Wpc.dll
C:\Windows\System32\wship6.dll
C:\Windows\System32\wshtcpip.dll
C:\Windows\system32\WTSAPI32.dll
C:\Windows\syswow64\ADVAPI32.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\SysWOW64\bcryptprimitives.dll
C:\Windows\syswow64\CFGMGR32.dll
C:\Windows\syswow64\CLBCatQ.DLL
C:\Windows\syswow64\CRYPT32.dll
C:\Windows\syswow64\CRYPTBASE.dll
C:\Windows\SysWOW64\devenum.dll
C:\Windows\syswow64\DEVOBJ.dll
C:\Windows\syswow64\GDI32.dll
C:\Windows\syswow64\iertutil.dll
C:\Windows\syswow64\kernel32.dll
C:\Windows\syswow64\KERNELBASE.dll
C:\Windows\syswow64\LPK.dll
C:\Windows\syswow64\MSASN1.dll
C:\Windows\syswow64\MSCTF.dll
C:\Windows\syswow64\msvcrt.dll
C:\Windows\syswow64\normaliz.DLL
C:\Windows\syswow64\NSI.dll
C:\Windows\SysWOW64\ntdll.dll
C:\Windows\syswow64\ole32.dll
C:\Windows\syswow64\OLEAUT32.dll
C:\Windows\syswow64\PSAPI.DLL
C:\Windows\SysWOW64\qmgrprxy.dll
C:\Windows\syswow64\RPCRT4.dll
C:\Windows\SysWOW64\sechost.dll
C:\Windows\syswow64\SETUPAPI.dll
C:\Windows\syswow64\SHELL32.dll
C:\Windows\syswow64\SHLWAPI.dll
C:\Windows\syswow64\SspiCli.dll
C:\Windows\SysWOW64\urlmon.dll
C:\Windows\syswow64\USER32.dll
C:\Windows\syswow64\USP10.dll
C:\Windows\syswow64\WININET.dll
C:\Windows\syswow64\WINTRUST.dll
C:\Windows\syswow64\WLDAP32.dll
C:\Windows\syswow64\WS2_32.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\COMCTL32.dll

[C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (50)]
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome_child.dll
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome_elf.dll
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libpeerconnection.dll
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
C:\Windows\system32\dbghelp.dll
C:\Windows\system32\IMM32.DLL
C:\Windows\system32\IPHLPAPI.DLL
C:\Windows\system32\profapi.dll
C:\Windows\system32\Secur32.dll
C:\Windows\system32\USERENV.dll
C:\Windows\system32\uxtheme.dll
C:\Windows\system32\VERSION.dll
C:\Windows\system32\WINMM.dll
C:\Windows\system32\WINNSI.DLL
C:\Windows\system32\WINSPOOL.DRV
C:\Windows\system32\WTSAPI32.dll
C:\Windows\syswow64\ADVAPI32.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\syswow64\CRYPT32.dll
C:\Windows\syswow64\CRYPTBASE.dll
C:\Windows\syswow64\GDI32.dll
C:\Windows\syswow64\iertutil.dll
C:\Windows\syswow64\kernel32.dll
C:\Windows\syswow64\KERNELBASE.dll
C:\Windows\syswow64\LPK.dll
C:\Windows\syswow64\MSASN1.dll
C:\Windows\syswow64\MSCTF.dll
C:\Windows\syswow64\msvcrt.dll
C:\Windows\syswow64\normaliz.DLL
C:\Windows\syswow64\NSI.dll
C:\Windows\SysWOW64\ntdll.dll
C:\Windows\syswow64\ole32.dll
C:\Windows\syswow64\OLEAUT32.dll
C:\Windows\syswow64\PSAPI.DLL
C:\Windows\syswow64\RPCRT4.dll
C:\Windows\SysWOW64\sechost.dll
C:\Windows\syswow64\SHELL32.dll
C:\Windows\syswow64\SHLWAPI.dll
C:\Windows\syswow64\SspiCli.dll
C:\Windows\syswow64\USER32.dll
C:\Windows\syswow64\USP10.dll
C:\Windows\syswow64\WININET.dll
C:\Windows\syswow64\WS2_32.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

[C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (50)]
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome_child.dll
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome_elf.dll
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
C:\Windows\system32\dbghelp.dll
C:\Windows\system32\dxva2.dll
C:\Windows\system32\IMM32.DLL
C:\Windows\system32\IPHLPAPI.DLL
C:\Windows\system32\profapi.dll
C:\Windows\system32\Secur32.dll
C:\Windows\system32\USERENV.dll
C:\Windows\system32\uxtheme.dll
C:\Windows\system32\VERSION.dll
C:\Windows\system32\WINMM.dll
C:\Windows\system32\WINNSI.DLL
C:\Windows\system32\WINSPOOL.DRV
C:\Windows\system32\WTSAPI32.dll
C:\Windows\syswow64\ADVAPI32.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\syswow64\CRYPT32.dll
C:\Windows\syswow64\CRYPTBASE.dll
C:\Windows\syswow64\GDI32.dll
C:\Windows\syswow64\iertutil.dll
C:\Windows\syswow64\kernel32.dll
C:\Windows\syswow64\KERNELBASE.dll
C:\Windows\syswow64\LPK.dll
C:\Windows\syswow64\MSASN1.dll
C:\Windows\syswow64\MSCTF.dll
C:\Windows\syswow64\msvcrt.dll
C:\Windows\syswow64\normaliz.DLL
C:\Windows\syswow64\NSI.dll
C:\Windows\SysWOW64\ntdll.dll
C:\Windows\syswow64\ole32.dll
C:\Windows\syswow64\OLEAUT32.dll
C:\Windows\syswow64\PSAPI.DLL
C:\Windows\syswow64\RPCRT4.dll
C:\Windows\SysWOW64\sechost.dll
C:\Windows\syswow64\SHELL32.dll
C:\Windows\syswow64\SHLWAPI.dll
C:\Windows\syswow64\SspiCli.dll
C:\Windows\syswow64\USER32.dll
C:\Windows\syswow64\USP10.dll
C:\Windows\syswow64\WININET.dll
C:\Windows\syswow64\WS2_32.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll

[C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (58)]
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome_child.dll
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome_elf.dll
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\D3DCompiler_46.dll
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
C:\Windows\system32\d3d8thk.dll
C:\Windows\system32\d3d9.dll
C:\Windows\system32\dbghelp.dll
C:\Windows\system32\dwmapi.dll
C:\Windows\system32\igdumd32.dll
C:\Windows\system32\igdumdx32.dll
C:\Windows\system32\IMM32.DLL
C:\Windows\system32\IPHLPAPI.DLL
C:\Windows\system32\PowrProf.dll
C:\Windows\system32\profapi.dll
C:\Windows\system32\Secur32.dll
C:\Windows\system32\USERENV.dll
C:\Windows\system32\uxtheme.dll
C:\Windows\system32\VERSION.dll
C:\Windows\system32\WINMM.dll
C:\Windows\system32\WINNSI.DLL
C:\Windows\system32\WINSPOOL.DRV
C:\Windows\system32\WTSAPI32.dll
C:\Windows\syswow64\ADVAPI32.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\syswow64\CFGMGR32.dll
C:\Windows\syswow64\CRYPT32.dll
C:\Windows\syswow64\CRYPTBASE.dll
C:\Windows\syswow64\DEVOBJ.dll
C:\Windows\syswow64\GDI32.dll
C:\Windows\syswow64\iertutil.dll
C:\Windows\syswow64\kernel32.dll
C:\Windows\syswow64\KERNELBASE.dll
C:\Windows\syswow64\LPK.dll
C:\Windows\syswow64\MSASN1.dll
C:\Windows\syswow64\MSCTF.dll
C:\Windows\syswow64\msvcrt.dll
C:\Windows\syswow64\normaliz.DLL
C:\Windows\syswow64\NSI.dll
C:\Windows\SysWOW64\ntdll.dll
C:\Windows\syswow64\ole32.dll
C:\Windows\syswow64\OLEAUT32.dll
C:\Windows\syswow64\PSAPI.DLL
C:\Windows\syswow64\RPCRT4.dll
C:\Windows\SysWOW64\sechost.dll
C:\Windows\syswow64\SETUPAPI.dll
C:\Windows\syswow64\SHELL32.dll
C:\Windows\syswow64\SHLWAPI.dll
C:\Windows\syswow64\SspiCli.dll
C:\Windows\syswow64\USER32.dll
C:\Windows\syswow64\USP10.dll
C:\Windows\syswow64\WININET.dll
C:\Windows\syswow64\WS2_32.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

[C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (75)]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\gtn.dll
C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
C:\Windows\system32\bcrypt.dll
C:\Windows\system32\CRYPTSP.dll
C:\Windows\system32\dhcpcsvc.DLL
C:\Windows\system32\dhcpcsvc6.DLL
C:\Windows\system32\DNSAPI.dll
C:\Windows\system32\dwmapi.dll
C:\Windows\System32\fwpuclnt.dll
C:\Windows\system32\IMM32.DLL
C:\Windows\system32\IPHLPAPI.DLL
C:\Windows\system32\mswsock.dll
C:\Windows\system32\ncrypt.dll
C:\Windows\System32\netprofm.dll
C:\Windows\System32\nlaapi.dll
C:\Windows\System32\npmproxy.dll
C:\Windows\system32\ntmarta.dll
C:\Windows\system32\profapi.dll
C:\Windows\system32\rasadhlp.dll
C:\Windows\system32\RASAPI32.dll
C:\Windows\system32\rasman.dll
C:\Windows\system32\RpcRtRemote.dll
C:\Windows\system32\rsaenh.dll
C:\Windows\system32\rtutils.dll
C:\Windows\system32\Secur32.dll
C:\Windows\system32\SXS.DLL
C:\Windows\system32\uxtheme.dll
C:\Windows\system32\version.DLL
C:\Windows\system32\WINNSI.DLL
C:\Windows\System32\wship6.dll
C:\Windows\System32\wshtcpip.dll
C:\Windows\syswow64\ADVAPI32.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\SysWOW64\bcryptprimitives.dll
C:\Windows\syswow64\CFGMGR32.dll
C:\Windows\syswow64\CLBCatQ.DLL
C:\Windows\syswow64\CRYPT32.dll
C:\Windows\syswow64\CRYPTBASE.dll
C:\Windows\syswow64\DEVOBJ.dll
C:\Windows\syswow64\GDI32.dll
C:\Windows\syswow64\iertutil.dll
C:\Windows\syswow64\imagehlp.dll
C:\Windows\syswow64\kernel32.dll
C:\Windows\syswow64\KERNELBASE.dll
C:\Windows\syswow64\LPK.dll
C:\Windows\syswow64\MSASN1.dll
C:\Windows\syswow64\MSCTF.dll
C:\Windows\syswow64\msvcrt.dll
C:\Windows\syswow64\normaliz.DLL
C:\Windows\syswow64\NSI.dll
C:\Windows\SysWOW64\ntdll.dll
C:\Windows\syswow64\ole32.dll
C:\Windows\syswow64\OLEAUT32.dll
C:\Windows\syswow64\PSAPI.DLL
C:\Windows\syswow64\RPCRT4.dll
C:\Windows\SysWOW64\sechost.dll
C:\Windows\syswow64\SETUPAPI.dll
C:\Windows\syswow64\SHELL32.dll
C:\Windows\syswow64\shlwapi.DLL
C:\Windows\syswow64\SspiCli.dll
C:\Windows\syswow64\urlmon.dll
C:\Windows\syswow64\USER32.dll
C:\Windows\syswow64\USP10.dll
C:\Windows\syswow64\WININET.dll
C:\Windows\syswow64\WINTRUST.dll
C:\Windows\syswow64\WLDAP32.dll
C:\Windows\syswow64\WS2_32.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

[C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (19)]
C:\Windows\system32\dwmapi.dll
C:\Windows\system32\IMM32.DLL
C:\Windows\system32\uxtheme.dll
C:\Windows\syswow64\ADVAPI32.dll
C:\Windows\syswow64\CRYPTBASE.dll
C:\Windows\syswow64\GDI32.dll
C:\Windows\syswow64\kernel32.dll
C:\Windows\syswow64\KERNELBASE.dll
C:\Windows\syswow64\LPK.dll
C:\Windows\syswow64\MSCTF.dll
C:\Windows\syswow64\msvcrt.dll
C:\Windows\SysWOW64\ntdll.dll
C:\Windows\syswow64\RPCRT4.dll
C:\Windows\SysWOW64\sechost.dll
C:\Windows\syswow64\SHELL32.dll
C:\Windows\syswow64\SHLWAPI.dll
C:\Windows\syswow64\SspiCli.dll
C:\Windows\syswow64\USER32.dll
C:\Windows\syswow64\USP10.dll

[C:\Program Files (x86)\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe (92)]
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll
C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
C:\Windows\system32\apphelp.dll
C:\Windows\system32\AUDIOSES.DLL
C:\Windows\system32\credssp.dll
C:\Windows\system32\CRYPTSP.dll
C:\Windows\system32\cscapi.dll
C:\Windows\system32\dbghelp.dll
C:\Windows\system32\dhcpcsvc.DLL
C:\Windows\system32\dhcpcsvc6.DLL
C:\Windows\system32\DINPUT8.dll
C:\Windows\system32\DNSAPI.dll
C:\Windows\system32\DSOUND.dll
C:\Windows\system32\dwmapi.dll
C:\Windows\system32\EhStorShell.dll
C:\Windows\System32\fwpuclnt.dll
C:\Windows\system32\IMM32.DLL
C:\Windows\system32\IPHLPAPI.DLL
C:\Windows\system32\LINKINFO.dll
C:\Windows\system32\mlang.dll
C:\Windows\System32\MMDevApi.dll
C:\Windows\system32\mscms.dll
C:\Windows\system32\msi.dll
C:\Windows\system32\MSIMG32.dll
C:\Windows\system32\mswsock.dll
C:\Windows\System32\netprofm.dll
C:\Windows\System32\nlaapi.dll
C:\Windows\System32\npmproxy.dll
C:\Windows\system32\ntmarta.dll
C:\Windows\system32\ntshrui.dll
C:\Windows\system32\OLEACC.dll
C:\Windows\system32\POWRPROF.dll
C:\Windows\system32\profapi.dll
C:\Windows\system32\PROPSYS.dll
C:\Windows\system32\rasadhlp.dll
C:\Windows\system32\RpcRtRemote.dll
C:\Windows\system32\rsaenh.dll
C:\Windows\system32\Secur32.dll
C:\Windows\system32\slc.dll
C:\Windows\system32\srvcli.dll
C:\Windows\system32\USERENV.dll
C:\Windows\system32\uxtheme.dll
C:\Windows\system32\VERSION.dll
C:\Windows\system32\WindowsCodecs.dll
C:\Windows\system32\WINMM.dll
C:\Windows\system32\WINNSI.DLL
C:\Windows\system32\WINSPOOL.DRV
C:\Windows\System32\wship6.dll
C:\Windows\System32\wshtcpip.dll
C:\Windows\syswow64\ADVAPI32.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\syswow64\CFGMGR32.dll
C:\Windows\syswow64\CLBCatQ.DLL
C:\Windows\syswow64\COMDLG32.dll
C:\Windows\syswow64\CRYPT32.dll
C:\Windows\syswow64\CRYPTBASE.dll
C:\Windows\syswow64\DEVOBJ.dll
C:\Windows\syswow64\GDI32.dll
C:\Windows\syswow64\iertutil.dll
C:\Windows\syswow64\kernel32.dll
C:\Windows\syswow64\KERNELBASE.dll
C:\Windows\syswow64\LPK.dll
C:\Windows\syswow64\MSASN1.dll
C:\Windows\syswow64\MSCTF.dll
C:\Windows\syswow64\msvcrt.dll
C:\Windows\syswow64\normaliz.DLL
C:\Windows\syswow64\NSI.dll
C:\Windows\SysWOW64\ntdll.dll
C:\Windows\syswow64\ole32.dll
C:\Windows\syswow64\OLEAUT32.dll
C:\Windows\syswow64\RPCRT4.dll
C:\Windows\SysWOW64\schannel.dll
C:\Windows\SysWOW64\sechost.dll
C:\Windows\syswow64\SETUPAPI.dll
C:\Windows\syswow64\SHELL32.dll
C:\Windows\syswow64\SHLWAPI.dll
C:\Windows\syswow64\SspiCli.dll
C:\Windows\syswow64\urlmon.dll
C:\Windows\syswow64\USER32.dll
C:\Windows\syswow64\USP10.dll
C:\Windows\syswow64\WININET.dll
C:\Windows\syswow64\WLDAP32.dll
C:\Windows\syswow64\WS2_32.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

[C:\Program Files (x86)\Skype\Phone\Skype.exe (114)]
C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
C:\Windows\system32\apphelp.dll
C:\Windows\system32\avrt.dll
C:\Windows\system32\CRYPTSP.dll
C:\Windows\system32\cryptui.dll
C:\Windows\system32\cscapi.dll
C:\Windows\system32\d2d1.dll
C:\Windows\system32\D3D10Warp.dll
C:\Windows\system32\d3d11.dll
C:\Windows\system32\d3d8thk.dll
C:\Windows\system32\d3d9.dll
C:\Windows\system32\dhcpcsvc.DLL
C:\Windows\system32\dhcpcsvc6.DLL
C:\Windows\system32\DNSAPI.dll
C:\Windows\system32\DUI70.dll
C:\Windows\system32\DUser.dll
C:\Windows\system32\dwmapi.dll
C:\Windows\system32\DWrite.dll
C:\Windows\system32\dxgi.dll
C:\Windows\system32\EhStorShell.dll
C:\Windows\system32\explorerframe.dll
C:\Windows\System32\fwpuclnt.dll
C:\Windows\system32\igdumd32.dll
C:\Windows\system32\igdumdx32.dll
C:\Windows\system32\IMM32.DLL
C:\Windows\system32\Iphlpapi.dll
C:\Windows\system32\LINKINFO.dll
C:\Windows\system32\mapi32.dll
C:\Windows\system32\MLANG.dll
C:\Windows\System32\MMDevApi.dll
C:\Windows\system32\MSACM32.dll
C:\Windows\system32\msimg32.dll
C:\Windows\system32\msimtf.dll
C:\Windows\system32\msls31.dll
C:\Windows\system32\mswsock.dll
C:\Windows\System32\msxml3.dll
C:\Windows\System32\netprofm.dll
C:\Windows\System32\nlaapi.dll
C:\Windows\System32\npmproxy.dll
C:\Windows\system32\ntmarta.dll
C:\Windows\system32\ntshrui.dll
C:\Windows\system32\oleacc.dll
C:\Windows\system32\olepro32.dll
C:\Windows\system32\POWRPROF.dll
C:\Windows\system32\profapi.dll
C:\Windows\system32\propsys.dll
C:\Windows\system32\rasadhlp.dll
C:\Windows\system32\RpcRtRemote.dll
C:\Windows\system32\rsaenh.dll
C:\Windows\system32\Secur32.dll
C:\Windows\System32\shdocvw.dll
C:\Windows\system32\SHFolder.dll
C:\Windows\system32\slc.dll
C:\Windows\system32\srvcli.dll
C:\Windows\system32\SXS.DLL
C:\Windows\system32\USERENV.dll
C:\Windows\system32\uxtheme.dll
C:\Windows\system32\version.dll
C:\Windows\system32\WindowsCodecs.dll
C:\Windows\system32\winmm.dll
C:\Windows\system32\WINNSI.DLL
C:\Windows\system32\winspool.drv
C:\Windows\system32\wlanapi.dll
C:\Windows\system32\wlanutil.dll
C:\Windows\System32\wship6.dll
C:\Windows\System32\wshtcpip.dll
C:\Windows\system32\wtsapi32.dll
C:\Windows\syswow64\ADVAPI32.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll
C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\syswow64\CFGMGR32.dll
C:\Windows\syswow64\CLBCatQ.DLL
C:\Windows\syswow64\comdlg32.dll
C:\Windows\syswow64\CRYPT32.dll
C:\Windows\syswow64\CRYPTBASE.dll
C:\Windows\syswow64\DEVOBJ.dll
C:\Windows\syswow64\GDI32.dll
C:\Windows\SysWOW64\ieframe.dll
C:\Windows\syswow64\iertutil.dll
C:\Windows\SysWOW64\jscript.dll
C:\Windows\SysWOW64\jscript9.dll
C:\Windows\syswow64\kernel32.dll
C:\Windows\syswow64\KERNELBASE.dll
C:\Windows\syswow64\LPK.dll
C:\Windows\syswow64\MSASN1.dll
C:\Windows\syswow64\MSCTF.dll
C:\Windows\SysWOW64\mshtml.dll
C:\Windows\syswow64\msvcrt.dll
C:\Windows\syswow64\normaliz.DLL
C:\Windows\syswow64\NSI.dll
C:\Windows\SysWOW64\ntdll.dll
C:\Windows\syswow64\ole32.dll
C:\Windows\syswow64\oleaut32.dll
C:\Windows\syswow64\RPCRT4.dll
C:\Windows\SysWOW64\sechost.dll
C:\Windows\syswow64\SETUPAPI.dll
C:\Windows\syswow64\shell32.dll
C:\Windows\syswow64\SHLWAPI.dll
C:\Windows\syswow64\SspiCli.dll
C:\Windows\syswow64\URLMON.DLL
C:\Windows\syswow64\USER32.dll
C:\Windows\syswow64\USP10.dll
C:\Windows\syswow64\WININET.dll
C:\Windows\syswow64\wintrust.dll
C:\Windows\syswow64\WLDAP32.dll
C:\Windows\syswow64\WS2_32.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll

[C:\Users\RobertL\AppData\Local\Temp\Temp1_startuplist.zip\StartupList.exe (47)]
C:\Windows\system32\asycfilt.dll
C:\Windows\system32\CRYPTSP.dll
C:\Windows\system32\dwmapi.dll
C:\Windows\system32\IMM32.DLL
C:\Windows\system32\msi.dll
C:\Windows\system32\msiltcfg.dll
C:\Windows\system32\MSVBVM60.DLL
C:\Windows\system32\NTDSAPI.dll
C:\Windows\system32\RpcRtRemote.dll
C:\Windows\system32\rsaenh.dll
C:\Windows\system32\sfc_os.DLL
C:\Windows\system32\SXS.DLL
C:\Windows\system32\uxtheme.dll
C:\Windows\system32\VERSION.dll
C:\Windows\system32\wbem\fastprox.dll
C:\Windows\system32\wbem\wbemdisp.dll
C:\Windows\system32\wbem\wbemprox.dll
C:\Windows\system32\wbem\wbemsvc.dll
C:\Windows\system32\wbem\wmiutils.dll
C:\Windows\system32\wbemcomn.dll
C:\Windows\syswow64\ADVAPI32.dll
C:\Windows\syswow64\CLBCatQ.DLL
C:\Windows\syswow64\comdlg32.dll
C:\Windows\syswow64\CRYPTBASE.dll
C:\Windows\syswow64\GDI32.dll
C:\Windows\syswow64\kernel32.dll
C:\Windows\syswow64\KERNELBASE.dll
C:\Windows\syswow64\LPK.dll
C:\Windows\SysWOW64\MSCOMCTL.OCX
C:\Windows\syswow64\MSCTF.dll
C:\Windows\syswow64\msvcrt.dll
C:\Windows\syswow64\NSI.dll
C:\Windows\SysWOW64\ntdll.dll
C:\Windows\syswow64\ole32.dll
C:\Windows\syswow64\OLEAUT32.dll
C:\Windows\syswow64\PSAPI.DLL
C:\Windows\syswow64\RPCRT4.dll
C:\Windows\SysWOW64\sechost.dll
C:\Windows\SysWOW64\SFC.DLL
C:\Windows\syswow64\SHELL32.dll
C:\Windows\syswow64\SHLWAPI.dll
C:\Windows\syswow64\SspiCli.dll
C:\Windows\syswow64\USER32.dll
C:\Windows\syswow64\USP10.dll
C:\Windows\syswow64\WS2_32.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.DLL

[C:\Windows\SysWOW64\ctfmon.exe (22)]
C:\Windows\system32\MsCtfMonitor.DLL
C:\Windows\system32\MSUTB.dll
C:\Windows\system32\uxtheme.dll
C:\Windows\system32\WINSTA.dll
C:\Windows\system32\WTSAPI32.dll
C:\Windows\syswow64\ADVAPI32.dll
C:\Windows\syswow64\CRYPTBASE.dll
C:\Windows\SysWOW64\dwmapi.dll
C:\Windows\syswow64\GDI32.dll
C:\Windows\syswow64\IMM32.dll
C:\Windows\syswow64\kernel32.dll
C:\Windows\syswow64\KERNELBASE.dll
C:\Windows\syswow64\LPK.dll
C:\Windows\syswow64\MSCTF.dll
C:\Windows\syswow64\msvcrt.dll
C:\Windows\SysWOW64\ntdll.dll
C:\Windows\syswow64\ole32.dll
C:\Windows\syswow64\RPCRT4.dll
C:\Windows\SysWOW64\sechost.dll
C:\Windows\syswow64\SspiCli.dll
C:\Windows\syswow64\USER32.dll
C:\Windows\syswow64\USP10.dll

--------------------

Autostart folders:

[Startup (2)]
desktop.ini
HughesNetStatusMeter.lnk

[User Startup (2)]
desktop.ini
HughesNetStatusMeter.lnk

[Common Startup (1)]
desktop.ini

[User Common Startup (1)]
desktop.ini

--------------------

Task Scheduler jobs (5):

0414bUpdateInfo.job
Adobe Flash Player Updater.job
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
HP Photo Creations Messager.job

--------------------

IniMapping values:

System NT shell = explorer.exe

--------------------

On-reboot actions:

BootExecute = autocheck autochk *

[PendingFileRenameOperations]
C:\Program Files\Trend Micro\AMSP\Resource\pattern\c3t1073741840l-1p-1r-1o-1\1515\ssapiptn.da6.cfg.1402350016.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Resource\pattern\c3t1082130432l-1p-1r-1o-1\139200\139200.txt.cfg.1402350016.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Resource\pattern\c3t1082130432l-1p-1r-1o-1\139200\tmwlchk.ptn.cfg.1402350016.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Resource\pattern\c3t1207959808l-1p-1r-1o-1\101482\Ctx01482.001.cfg.1402350016.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Resource\pattern\c3t4l-1p-1r-1o-1\1085150\lpt$vpn.851.cfg.1402350016.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Resource\pattern\c3t524288l-1p1r-1o-1\144\tmvamain.ptn.cfg.1402350016.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Resource\pattern\c3t536870944l-1p-1r-1o-1\98700\tmwhite.987.cfg.1402350016.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Resource\pattern\c3t536871936l-1p-1r-1o-1\151500\ssaptn.515.cfg.1402350016.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Resource\pattern\c3t536903680l-1p5889r-1o-1\27\tmva64.ptn.cfg.1402350016.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10000\1.6.1146\9.750.1005\lpt$vpn.851.1402350017.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10000\1.6.1146\9.750.1005\ssaptn.515.1402350017.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10000\1.6.1146\9.750.1005\tmwhite.987.1402350017.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10001\1.6.1106\6.2.1029\ssapiptn.da6.1402350017.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10002\1.6.1106\7.1.1047\tmvamain.ptn.1402350017.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10002\1.6.1106\7.1.1047\tmva64.ptn.1402350017.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10004\1.6.1166\3.60.1055\update\139200.txt.1402350017.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10004\1.6.1166\3.60.1055\update\tmwlchk.ptn.1402350017.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10005\1.6.1106\3.5.1037\Ctx01482.001.1402350017.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10000\1.6.1146\9.750.1005\BPMNT.dll.1402350088.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10000\1.6.1146\9.750.1005\vsapi64.dll.1402350088.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10000\1.6.1146\9.750.1005\lpt$vpn.815.1402350088.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10000\1.6.1146\9.750.1005\ssaptn.511.1402350088.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10000\1.6.1146\9.750.1005\tmblack.179.1402350088.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10000\1.6.1146\9.750.1005\tmwhite.983.1402350088.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10001\1.6.1106\6.2.1029\Ssapi64.dll.1402350088.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10001\1.6.1106\6.2.1029\ssapiptn.da6.1402350088.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10002\1.6.1106\7.1.1047\tscdll64.dll.1402350088.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10002\1.6.1106\7.1.1047\tsc.ptn.1402350088.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10002\1.6.1106\7.1.1047\tmvamain.ptn.1402350088.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10002\1.6.1106\7.1.1047\tmva64.ptn.1402350088.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10004\1.6.1166\3.60.1055\TmAegis.dll.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10004\1.6.1166\3.60.1055\tmtap.dll.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10004\1.6.1166\3.60.1055\tmwlchk.dll.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10004\1.6.1166\3.60.1055\TMPEM.dll.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10004\1.6.1166\3.60.1055\update\138564.txt.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10004\1.6.1166\3.60.1055\update\tmtd64.ptn.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10004\1.6.1166\3.60.1055\update\tmpolicy.ptn.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10004\1.6.1166\3.60.1055\update\139000.txt.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10004\1.6.1166\3.60.1055\update\tmwlchk.ptn.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10004\1.6.1166\3.60.1055\update\123300.txt.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10004\1.6.1166\3.60.1055\update\tmbmcfg.ptn.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10004\1.6.1166\3.60.1055\update\tmplcinf.xml.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10004\1.6.1166\3.60.1055\update\tml01000.ptn.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10005\1.6.1106\3.5.1037\tmufeng.dll.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10005\1.6.1106\3.5.1037\Ctx01471.001.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10007\1.6.1123\2.5.1037\tmfbeng.dll.1402350089.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20001\1.6.1170\3.60.1080\TmSysEvt.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\firefoxextension\chrome\locale\en-US\URLfAlt_s.htm.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\firefoxextension\chrome\locale\en-US\URLFCredLevel_s.htm.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\firefoxextension\chrome\locale\en-US\URLFCredScore_s.htm.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\firefoxextension\chrome\locale\en-US\UrlFDnsS_s.htm.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\firefoxextension\chrome\locale\en-US\UrlFErr_s.htm.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\firefoxextension\chrome\locale\en-US\UrlFPhis_s.htm.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\firefoxextension\chrome\locale\en-US\url_block.js.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\firefoxextension\chrome.manifest.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\firefoxextension\components\ITmFFExt.xpt.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\firefoxextension\components\TmFFExt.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\firefoxextension\install.rdf.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\HCSAlt.htm.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\HosFAlt.htm.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\HosFErr.htm.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\HosFList.dat.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\L10nTmpx.ini.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\PDPAlt.htm.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\PDPCfg.dat.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\tmcfscan.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmExtIns.exe.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmExtIns32.exe.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmIEPlg.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmIEPlg32.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmNewML.txt.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmNscDbg.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmpeASpm.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmpeEvts.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmpeHosF.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmpePDP.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmpeSAL.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmpeUrlF.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmpeVS.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmphAim.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmphHttp.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmphIcq.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmphMsn.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmphPop3.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmphSMTP.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmphYmsg.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmPlgAdp.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmProxy.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmProxy.ini.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmProxy.REG.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmProxy32.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmpxCfg.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmpxCtl.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmsmHttp.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmsmIm.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmsmMail.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmSpyML.txt.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\tmtdi.dll.1402350090.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmWarn.txt.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\URLAList.dat.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\URLA_Cat.dat.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\URLA_WTP.dat.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\URLBList.dat.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\URLCateg.dat.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\URLfAlt.htm.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\URLfAlt_s.htm.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\URLFCredScore.htm.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\URLFCredScore_s.htm.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\UrlFDnsS.htm.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\UrlFDnsS_s.htm.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\UrlFErr.htm.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\UrlFErr_s.htm.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\UrlFPhis.htm.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\UrlFPhis_s.htm.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\URLGroup.dat.1402350091.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmMsg\TmMsg.dll.1402350092.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10009\2.5.1539\2.5.1539\TMLCE64.dll.1402350092.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10009\2.5.1539\2.5.1539\tmlce.ptn.1402350092.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10010\2.5.1539\2.5.1539\TMLES64.dll.1402350092.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10010\2.5.1539\2.5.1539\tmles.ptn.1402350092.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10011\1.0.1275\1.0.1275\RankData\bf_db_100k.1402350092.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10011\1.0.1275\1.0.1275\RankData\hash_db_100.1402350092.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10011\1.0.1275\1.0.1275\RankData\hash_db_1000.1402350092.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10011\1.0.1275\1.0.1275\RankData\hash_db_10k.1402350092.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10011\1.0.1275\1.0.1275\tmsa64.dll.1402350092.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10011\1.0.1275\1.0.1275\ha.ptn.1402350092.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10011\1.0.1275\1.0.1275\sa.ptn.1402350092.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\10011\1.0.1275\1.0.1275\tmsa.cfg.1402350092.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\40003\1.6.1106\1.6.1106\update\excpGlbTM.ptn.1402350092.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\40003\1.6.1106\1.6.1106\update\excpGlbOEM.ptn.1402350092.tmp -> NULL
C:\Program Files\Trend Micro\AMSP\Module\40003\1.6.1106\1.6.1106\update\excpLocOEM.ptn.1402350092.tmp -> NULL

--------------------

Shell commands:

.bat - Windows Batch File - "%1" %*
.cmd - Windows Command Script - "%1" %*
.com - MS-DOS Application - "%1" %*
.exe - Application - "%1" %*
.hta - HTML Application - C:\Windows\SysWOW64\mshta.exe "%1" %*
.js - JavaScript File - C:\Windows\System32\WScript.exe "%1" %*
.jse - JScript Encoded File - C:\Windows\System32\WScript.exe "%1" %*
.pif - Shortcut to MS-DOS Program - "%1" %*
.scr - Screen saver - "%1" /S
.txt - Text Document - C:\Windows\system32\NOTEPAD.EXE %1
.vbe - VBScript Encoded File - "C:\Windows\System32\WScript.exe" "%1" %*
.vbs - VBScript Script File - "C:\Windows\System32\WScript.exe" "%1" %*
.wsf - Windows Script File - "C:\Windows\System32\WScript.exe" "%1" %*
.wsh - Windows Script Host Settings File - "C:\Windows\System32\WScript.exe" "%1" %*

--------------------

Services:

[NT Services (59)]
@%SystemRoot%\system32\audiosrv.dll,-200 = C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
@%SystemRoot%\system32\audiosrv.dll,-204 = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\system32\bfe.dll,-1001 = C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
@%SystemRoot%\system32\cryptsvc.dll,-1001 = C:\Windows\system32\svchost.exe -k NetworkService
@%systemroot%\system32\cscsvc.dll,-200 = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\system32\dhcpcore.dll,-100 = C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
@%SystemRoot%\System32\dnsapi.dll,-101 = C:\Windows\system32\svchost.exe -k NetworkService
@%systemroot%\system32\dps.dll,-500 = C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
@%SystemRoot%\system32\dwm.exe,-2000 = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\system32\FirewallAPI.dll,-23090 = C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
@%systemroot%\system32\FntCache.dll,-100 = C:\Windows\system32\svchost.exe -k LocalService
@%SystemRoot%\system32\ikeext.dll,-501 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\system32\iphlpsvc.dll,-500 = C:\Windows\System32\svchost.exe -k NetSvcs
@%SystemRoot%\system32\lmhsvc.dll,-101 = C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
@%systemroot%\system32\mmcss.dll,-100 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\System32\netlogon.dll,-102 = C:\Windows\system32\lsass.exe
@%SystemRoot%\System32\nlasvc.dll,-1 = C:\Windows\System32\svchost.exe -k NetworkService
@%SystemRoot%\system32\nsisvc.dll,-200 = C:\Windows\system32\svchost.exe -k LocalService
@%SystemRoot%\system32\pcasvc.dll,-1 = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
@%systemroot%\system32\profsvc.dll,-300 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\system32\samsrv.dll,-1 = C:\Windows\system32\lsass.exe
@%SystemRoot%\system32\schedsvc.dll,-100 = C:\Windows\system32\svchost.exe -k netsvcs
@%systemroot%\system32\SearchIndexer.exe,-103 = C:\Windows\system32\SearchIndexer.exe /Embedding
@%SystemRoot%\system32\Sens.dll,-200 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\System32\shsvcs.dll,-12288 = C:\Windows\System32\svchost.exe -k netsvcs
@%systemroot%\system32\spoolsv.exe,-1 = C:\Windows\System32\spoolsv.exe
@%SystemRoot%\system32\sppsvc.exe,-101 = C:\Windows\system32\sppsvc.exe
@%systemroot%\system32\srvsvc.dll,-100 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\system32\sysmain.dll,-1000 = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\System32\themeservice.dll,-8192 = C:\Windows\System32\svchost.exe -k netsvcs
@%SystemRoot%\system32\trkwks.dll,-1 = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\system32\umpnpmgr.dll,-100 = C:\Windows\system32\svchost.exe -k DcomLaunch
@%SystemRoot%\system32\umpo.dll,-100 = C:\Windows\system32\svchost.exe -k DcomLaunch
@%Systemroot%\system32\wbem\wmisvc.dll,-205 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\system32\wevtsvc.dll,-200 = C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
@%SystemRoot%\system32\wiaservc.dll,-9 = C:\Windows\system32\svchost.exe -k imgsvc
@%systemroot%\system32\wkssvc.dll,-100 = C:\Windows\System32\svchost.exe -k NetworkService
@%SystemRoot%\System32\wlansvc.dll,-257 = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\System32\wscsvc.dll,-200 = C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
@%systemroot%\system32\wuaueng.dll,-105 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\system32\wudfsvc.dll,-1000 = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
@%windir%\system32\RpcEpMap.dll,-1001 = C:\Windows\system32\svchost.exe -k RPCSS
@comres.dll,-2450 = C:\Windows\system32\svchost.exe -k LocalService
@gpapi.dll,-112 = C:\Windows\system32\svchost.exe -k netsvcs
@oleres.dll,-5010 = C:\Windows\system32\svchost.exe -k rpcss
@oleres.dll,-5012 = C:\Windows\system32\svchost.exe -k DcomLaunch
Adobe Acrobat Update Service = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
AVG WatchDog = "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
AVGIDSAgent = "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
BingBar Service = "C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe"
Google Update Service (gupdate) = "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
Microsoft .NET Framework NGEN v4.0.30319_X64 = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
Microsoft .NET Framework NGEN v4.0.30319_X86 = C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
Microsoft Online Services Sign-in Assistant = "C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE"
SAS Core Service = "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
Skype Click to Call PNR Service = "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
Skype Click to Call Updater = "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
Skype Updater = "C:\Program Files (x86)\Skype\Updater\Updater.exe"
Trend Micro Solution Platform = "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=qb -dt=60000

[SafeBoot services (Minimal boot)]
* CD-ROM Drive *
{4D36E965-E325-11CE-BFC1-08002BE10318}

* DiskDrive *
{4D36E967-E325-11CE-BFC1-08002BE10318}

* Driver *
sermouse.sys
vga.sys
vgasave.sys
volmgr.sys
volmgrx.sys
WudfPf
WudfRd

* Driver Group *
Base
Boot Bus Extender
Boot file system
File system
Filter
PCI Configuration
PNP Filter
Primary disk
SCSI Class
System Bus Extender

* Floppy disk drive *
{4D36E980-E325-11CE-BFC1-08002BE10318}

* Hdc *
{4D36E96A-E325-11CE-BFC1-08002BE10318}

* Human Interface Devices *
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}

* IEEE 1394 Bus host controllers *
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}

* Keyboard *
{4D36E96B-E325-11CE-BFC1-08002BE10318}

* Mouse *
{4D36E96F-E325-11CE-BFC1-08002BE10318}

* PCMCIA Adapters *
{4D36E977-E325-11CE-BFC1-08002BE10318}

* SBP2 IEEE 1394 Devices *
{D48179BE-EC20-11D1-B6B8-00C04FA372A7}

* SCSIAdapter *
{4D36E97B-E325-11CE-BFC1-08002BE10318}

* SecurityDevices *
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}

* Service *
AppInfo
AppMgmt
CryptSvc
DcomLaunch
EFS
EventLog
HelpSvc
KeyIso
Netlogon
NTDS
PlugPlay
Power
ProfSvc
RpcEptMapper
RpcSs
sacsvr
SWPRV
TabletInputService
TBS
TrustedInstaller
VDS
vmms
WinDefend
WinMgmt
WudfSvc

* Standard floppy disk controller *
{4D36E969-E325-11CE-BFC1-08002BE10318}

* System *
{4D36E97D-E325-11CE-BFC1-08002BE10318}

* Universal Serial Bus controllers *
{36FC9E60-C465-11CF-8056-444553540000}

* Volume *
{71A27CDD-812A-11D0-BEC7-08002BE2092F}

* Volume shadow copy *
{533C5B84-EC70-11D2-9505-00C04F79DEAF}


[SafeBoot services (Minimal boot + network support)]
* CD-ROM Drive *
{4D36E965-E325-11CE-BFC1-08002BE10318}

* DiskDrive *
{4D36E967-E325-11CE-BFC1-08002BE10318}

* Driver *
bowser
dfsc
ipnat.sys
MPSDrv
mrxsmb
mrxsmb10
mrxsmb20
ndiscap
nsiproxy.sys
rdbss
rdpencdd.sys
sermouse.sys
vga.sys
vgasave.sys
volmgr.sys
volmgrx.sys
WudfPf
WudfRd
WudfUsbccidDriver

* Driver Group *
Base
Boot Bus Extender
Boot file system
File system
Filter
NDIS
NDIS Wrapper
NetBIOSGroup
NetDDEGroup
Network
NetworkProvider
PCI Configuration
PNP Filter
PNP_TDI
Primary disk
SCSI Class
Streams Drivers
System Bus Extender
TDI

* Floppy disk drive *
{4D36E980-E325-11CE-BFC1-08002BE10318}

* Hdc *
{4D36E96A-E325-11CE-BFC1-08002BE10318}

* Human Interface Devices *
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}

* IEEE 1394 Bus host controllers *
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}

* Keyboard *
{4D36E96B-E325-11CE-BFC1-08002BE10318}

* Mouse *
{4D36E96F-E325-11CE-BFC1-08002BE10318}

* Net *
{4D36E972-E325-11CE-BFC1-08002BE10318}

* NetClient *
{4D36E973-E325-11CE-BFC1-08002BE10318}

* NetService *
{4D36E974-E325-11CE-BFC1-08002BE10318}

* NetTrans *
{4D36E975-E325-11CE-BFC1-08002BE10318}

* PCMCIA Adapters *
{4D36E977-E325-11CE-BFC1-08002BE10318}

* SBP2 IEEE 1394 Devices *
{D48179BE-EC20-11D1-B6B8-00C04FA372A7}

* SCSIAdapter *
{4D36E97B-E325-11CE-BFC1-08002BE10318}

* SecurityDevices *
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}

* Service *
AFD
AppInfo
AppMgmt
BFE
Browser
CryptSvc
DcomLaunch
Dhcp
DnsCache
Dot3Svc
Eaphost
EFS
EventLog
HelpSvc
IKEEXT
KeyIso
LanmanServer
LanmanWorkstation
LmHosts
Messenger
MPSSvc
NativeWifiP
Ndisuio
NetBIOS
NetBT
Netlogon
NetMan
netprofm
NlaSvc
Nsi
NTDS
PlugPlay
PolicyAgent
Power
ProfSvc
rdsessmgr
RpcEptMapper
RpcSs
sacsvr
SCardSvr
SharedAccess
SWPRV
TabletInputService
TBS
Tcpip
TrustedInstaller
VaultSvc
VDS
vmms
WinDefend
WinMgmt
Wlansvc
WudfSvc

* Smart card readers *
{50DD5230-BA8A-11D1-BF5D-0000F805F530}

* Standard floppy disk controller *
{4D36E969-E325-11CE-BFC1-08002BE10318}

* System *
{4D36E97D-E325-11CE-BFC1-08002BE10318}

* Universal Serial Bus controllers *
{36FC9E60-C465-11CF-8056-444553540000}

* Volume *
{71A27CDD-812A-11D0-BEC7-08002BE2092F}

* Volume shadow copy *
{533C5B84-EC70-11D2-9505-00C04F79DEAF}


[SafeBoot: Alternate shell]
cmd.exe (not enabled)

--------------------

Driver filters:

[Class filters]
* Disk drives *
- Upper filters
PartMgr.sys

* Imaging devices *
- Upper filters
ksthunk.sys

* Infrared devices *
- Upper filters
IRENUM.sys

* Keyboards *
- Upper filters
kbdclass.sys

* Mice and other pointing devices *
- Upper filters
mouclass.sys

* Smart card readers *
- Upper filters
scfilter.sys

* Sound, video and game controllers *
- Upper filters
ksthunk.sys

* Storage Volumes *
- Lower filters
fvevol.sys
rdyboost.sys



[Device filters]
* @machine.inf,%rdp_kbd.devicedesc%;Terminal Server Keyboard Driver *
- Upper filters
kbdclass.sys

* @machine.inf,%rdp_mou.devicedesc%;Terminal Server Mouse Driver *
- Upper filters
mouclass.sys

* @msports.inf,%*pnp0501.devicedesc%;Communications Port *
- Upper filters
serenum.sys

* @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor) *
- Lower filters
NdisTapi.sys

* @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP) *
- Lower filters
NdisTapi.sys

* @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6) *
- Lower filters
NdisTapi.sys

* @oem5.inf,%bcm1397hmg_devicedesc%;Dell Wireless 1397 WLAN Mini-Card *
- Upper filters
vwifibus.sys

* @pcmcia.inf,%pci\ven_1180&dev_0476.devicedesc%;Ricoh R/RL/5C476(II) or Compatible CardBus Controller *
- Upper filters
pcmcia.sys



--------------------

Print monitors (12):

CutePDF Writer Monitor - cpwmon64.dll
DELS3 Langmon - DELS3L6.DLL
HP 5D12 Status Monitor - hpinksts5D12LM.dll
HP A511 Status Monitor - hpinkstsA511LM.dll
HP Discovery Port Monitor (HP Officejet 6600) - HPDiscoPM5D12.dll
HP Discovery Port Monitor (HP Photosmart 6510 series) - HPDiscoPMA511.dll
LIDIL hpzllw71 - hpzllw71.dll
Local Port - localspl.dll
Microsoft Shared Fax Monitor - FXSMON.DLL
Standard TCP/IP Port - tcpmon.dll
USB Monitor - usbmon.dll
WSD Port - WSDMon.dll

--------------------

WinLogon autoruns:

UserInit = userinit.exe,
VmApplet = SystemPropertiesPerformance.exe /pagefile

[Group policy extensions (40)]
Wireless Group Policy = wlgpclnt.dll
Group Policy Environment = gpprefcl.dll
Group Policy Local Users and Groups = gpprefcl.dll
Group Policy Device Settings = gpprefcl.dll
Folder Redirection = fdeploy.dll
Microsoft Disk Quota = %SystemRoot%\System32\dskquota.dll
Group Policy Network Options = gpprefcl.dll
QoS Packet Scheduler = gptext.dll
Scripts = gpscript.dll
Internet Explorer Zonemapping = C:\Windows\SysWOW64\iedkcs32.dll
Group Policy Drive Maps = gpprefcl.dll
Group Policy Folders = gpprefcl.dll
Group Policy Network Shares = gpprefcl.dll
Group Policy Files = gpprefcl.dll
Group Policy Data Sources = gpprefcl.dll
Group Policy Ini Files = gpprefcl.dll
Windows Search Group Policy Extension = %SystemRoot%\System32\srchadmin.dll
Internet Explorer User Accelerators = C:\Windows\SysWOW64\iedkcs32.dll
Security = scecli.dll
Deployed Printer Connections = %systemroot%\system32\gpprnext.dll
Group Policy Services = gpprefcl.dll
Internet Explorer Branding = C:\Windows\SysWOW64\iedkcs32.dll
Group Policy Folder Options = gpprefcl.dll
Group Policy Scheduled Tasks = gpprefcl.dll
Group Policy Registry = gpprefcl.dll
802.3 Group Policy = dot3gpclnt.dll
Group Policy Printers = gpprefcl.dll
Group Policy Shortcuts = gpprefcl.dll
Microsoft Offline Files = %SystemRoot%\System32\cscobj.dll
Software Installation = appmgmts.dll
TCPIP = gptext.dll
Internet Explorer Machine Accelerators = C:\Windows\SysWOW64\iedkcs32.dll
IP Security = %SystemRoot%\System32\polstore.dll
Group Policy Internet Settings = gpprefcl.dll
Group Policy Start Menu Settings = gpprefcl.dll
Group Policy Regional Options = gpprefcl.dll
Group Policy Power Options = gpprefcl.dll
Group Policy Applications = gpprefcl.dll
Enterprise QoS = gptext.dll
CP = gptext.dll

--------------------

Policies:

[This user]
* Primary policies *
- Software\Policies\Microsoft\Internet Connection Wizard (1)
DisableICW = dword: 1

- Software\Policies\Microsoft\Internet Explorer\Main (1)
NoUpdateCheck = dword: 1

- Software\Policies\Microsoft\Internet Explorer\Restrictions (1)
NoExternalBranding = dword: 1

- Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Cache (1)
Persistent = dword: 0

* Alternate policies *
- Software\Microsoft\Windows\CurrentVersion\policies\Explorer (1)
NoDriveTypeAutoRun = dword: 145



[All users]
* Primary policies *
- Software\Policies\Adobe\Acrobat Reader\10.0\FeatureLockDown\cDefaultExecMenuItems (78)
tWhiteList = Close
GeneralInfo
Quit
FirstPage
PrevPage
NextPage
LastPage
ActualSize
FitPage
FitWidth
FitHeight
SinglePage
OneColumn
TwoPages
TwoColumns
ZoomViewIn
ZoomViewOut
ShowHideBookmarks
ShowHideThumbnails
Print
GoToPage
ZoomTo
GeneralPrefs
SaveAs
FullScreenMode
OpenOrganizer
Scan
Web2PDF:OpnURL
AcroSendMail:SendMail
Spelling:Check Spelling
PageSetup
Find
FindSearch
GoBack
GoForward
FitVisible
ShowHideArticles
ShowHideFileAttachment
ShowHideAnnotManager
ShowHideFields
ShowHideOptCont
ShowHideModelTree
ShowHideSignatures
InsertPages
ExtractPages
ReplacePages
DeletePages
CropPages
RotatePages
AddFileAttachment
FindCurrentBookmark
BookmarkShowLocation
GoBackDoc
GoForwardDoc
DocHelpUserGuide
HelpReader
rolReadPage
HandMenuItem
ZoomDragMenuItem
CollectionPreview
CollectionHome
CollectionDetails
CollectionShowRoot
&Pages
Co&ntent
&Forms
Action &Wizard
Recognize &Text
P&rotection
&Sign && Certify
Doc&ument Processing
Print Pro&duction
Ja&vaScript
&Accessibility
Analy&ze
&Annotations
D&rawing Markups
Revie&w

- Software\Policies\Adobe\Acrobat Reader\10.0\FeatureLockDown\cDefaultLaunchAttachmentPerms (105)
tBuiltInPermList = version:1
.ade:3
.adp:3
.app:3
.arc:3
.arj:3
.asp:3
.bas:3
.bat:3
.bz:3
.bz2:3
.cab:3
.chm:3
.class:3
.cmd:3
.com:3
.command:3
.cpl:3
.crt:3
.csh:3
.desktop:3
.dll:3
.exe:3
.fxp:3
.gz:3
.hex:3
.hlp:3
.hqx:3
.hta:3
.inf:3
.ini:3
.ins:3
.isp:3
.its:3
.job:3
.js:3
.jse:3
.ksh:3
.lnk:3
.lzh:3
.mad:3
.maf:3
.mag:3
.mam:3
.maq:3
.mar:3
.mas:3
.mat:3
.mau:3
.mav:3
.maw:3
.mda:3
.mdb:3
.mde:3
.mdt:3
.mdw:3
.mdz:3
.msc:3
.msi:3
.msp:3
.mst:3
.ocx:3
.ops:3
.pcd:3
.pi:3
.pif:3
.prf:3
.prg:3
.pst:3
.rar:3
.reg:3
.scf:3
.scr:3
.sct:3
.sea:3
.shb:3
.shs:3
.sit:3
.tar:3
.taz:3
.tgz:3
.tmp:3
.url:3
.vb:3
.vbe:3
.vbs:3
.vsmacros:3
.vss:3
.vst:3
.vsw:3
.webloc:3
.ws:3
.wsc:3
.wsf:3
.wsh:3
.z:3
.zip:3
.zlo:3
.zoo:3
.pdf:2
.fdf:2
.jar:3
.pkg:3
.tool:3
.term:3

- Software\Policies\Adobe\Acrobat Reader\10.0\FeatureLockDown\cDefaultLaunchURLPerms (32)
tFlashContentSchemeWhiteList = http
https
ftp
rtmp
rtmpe
rtmpt
rtmpte
rtmps
mailto
tSponsoredContentSchemeWhiteList = http
https
tSchemePerms = version:2
shell:3
hcp:3
ms-help:3
ms-its:3
ms-itss:3
its:3
mk:3
mhtml:3
help:3
disk:3
afp:3
disks:3
telnet:3
ssh:3
acrobat:2
mailto:2
file:1
rlogin:3
javascript:4
data:3

- Software\Policies\Microsoft\Internet Explorer\Main (1)
DisableFirstRunCustomize = dword: 1

- Software\Policies\Microsoft\Internet Explorer\SQM (1)
DisableCustomerImprovementProgram = dword: 0

- Software\Policies\Microsoft\Peernet (1)
Disabled = dword: 0

- Software\Policies\Microsoft\Windows\Network Connections (1)
NC_PersonalFirewallConfig = dword: 0

- Software\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator (1)
@ = 

- Software\Policies\Microsoft\Windows\safer\codeidentifiers (1)
authenticodeenabled = dword: 0

- Software\Policies\Microsoft\Windows\WindowsUpdate (3)
ElevateNonAdmins = dword: 0
WUServer = http://adidyn01:8530
WUStatusServer = http://adidyn01:8530

- Software\Policies\Microsoft\Windows\WindowsUpdate\AU (12)
NoAUShutdownOption = dword: 1
AUPowerManagement = dword: 1
NoAutoUpdate = dword: 0
AUOptions = dword: 4
ScheduledInstallDay = dword: 3
ScheduledInstallTime = dword: 5
AutoInstallMinorUpdates = dword: 1
IncludeRecommendedUpdates = dword: 1
UseWUServer = dword: 1
NoAutoRebootWithLoggedOnUsers = dword: 1
RebootRelaunchTimeoutEnabled = dword: 1
RebootRelaunchTimeout = dword: 15

- Software\Policies\Microsoft\Windows NT\Terminal Services (1)
fEnableTimeZoneRedirection = dword: 1

- Software\Policies\Microsoft\Windows NT\Terminal Services\Client (3)
fEnableUsbNoAckIsochWriteToDevice = dword: 80
fEnableUsbBlockDeviceBySetupClass = dword: 1
fEnableUsbSelectDeviceByInterface = dword: 1

- Software\Policies\Microsoft\Windows NT\Terminal Services\Client\UsbBlockDeviceBySetupClasses (1)
1000 = {3376f4ce-ff8d-40a2-a80f-bb4359d1415c}

- Software\Policies\Microsoft\Windows NT\Terminal Services\Client\UsbSelectDeviceByInterfaces (1)
1000 = {6bdd1fc6-810f-11d0-bec7-08002be2092f}

- Software\Policies\Microsoft\Windows NT\Windows File Protection (1)
KnownDllList = nlhtml.dll

- Software\Policies\Microsoft\WindowsFirewall\DomainProfile (1)
EnableFirewall = dword: 0

- Software\Policies\Microsoft\WindowsFirewall\StandardProfile (1)
EnableFirewall = dword: 0

* Alternate policies *
- Software\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop (2)
NoAddingComponents = dword: 1
NoComponents = dword: 1

- Software\Microsoft\Windows\CurrentVersion\policies\Attachments (1)
ScanWithAntiVirus = dword: 3

- Software\Microsoft\Windows\CurrentVersion\policies\Explorer (3)
NoActiveDesktop = dword: 1
NoActiveDesktopChanges = dword: 1
ForceActiveDesktopOn = dword: 0

- Software\Microsoft\Windows\CurrentVersion\policies\NonEnum (3)
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} = dword: 1
{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} = dword: 1073741857
{0DF44EAA-FF21-4412-828E-260A8728E7F1} = dword: 32

- Software\Microsoft\Windows\CurrentVersion\policies\System (16)
ConsentPromptBehaviorAdmin = dword: 5
ConsentPromptBehaviorUser = dword: 3
EnableInstallerDetection = dword: 1
EnableLUA = dword: 1
EnableSecureUIAPaths = dword: 1
EnableUIADesktopToggle = dword: 0
EnableVirtualization = dword: 1
PromptOnSecureDesktop = dword: 1
ValidateAdminCodeSignatures = dword: 0
dontdisplaylastusername = dword: 0
legalnoticecaption = 
legalnoticetext = 
scforceoption = dword: 0
shutdownwithoutlogon = dword: 1
undockwithoutlogon = dword: 1
FilterAdministratorToken = dword: 0

- Software\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats (7)
CF_TEXT = dword: 1
CF_BITMAP = dword: 2
CF_OEMTEXT = dword: 7
CF_DIB = dword: 8
CF_PALETTE = dword: 9
CF_UNICODETEXT = dword: 13
CF_DIBV5 = dword: 17



--------------------

Browser Helper Objects (4):

Bing Bar Helper = {d2ce3e00-f94a-4740-988e-03dc2f38c34f} = C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
Google Toolbar Helper = {AA58ED58-01DD-4d91-8333-CF10577473F7} = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
SkypeIEPluginBHO = {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Trend Micro NSC BHO = {1CA1377B-DC1D-4A52-9585-6E06050FAC53} = C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmIEPlg32.dll

--------------------

ActiveX objects (10):

(no name) - {05EAC1D1-FE6A-4bff-BBDC-B024D4BE33B0} - msiexec.exe /qb /fpu "C:\Program Files (x86)\SoftTech\SendToQuickBase\SendToQuickBaseAddinSetup.msi"
(no name) - {4a0880d1-29ed-4247-a9a5-d5563dba430f} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
(no name) - {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ClearIconCache - {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
DOTNETFRAMEWORKS - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
IE4_SHELLID - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
MailNews - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
Theme Component - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\system32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\system32\themeui.dll
WMPACCESS - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

--------------------

Internet Explorer toolbars:

[All users (1)]
Bing - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll

[This user]
* ShellBrowser (1) *
(no name) - ITBar7Layout - (no file)

* WebBrowser (1) *
Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll


--------------------

Internet Explorer buttons/tools (3):

HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Research - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL

--------------------

Internet Explorer Bands (4):

IE Search Band - {30D02401-6A81-11d0-8274-00C04FD5AE38} - C:\Windows\SysWOW64\ieframe.dll
&Discuss - {BDEADE7F-C265-11D0-BCED-00A0C90AB50F} - shdocvw.dll
 - {EFA24E64-B078-11D0-89E4-00C04FC9E26E} - 
&Research - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL

--------------------

Downloaded Program Files (4):

PCPitstop Utility - {0E5F0222-96B9-11D3-8997-00104BD12D94} - C:\Windows\Downloaded Program Files\PCPitStop.dll - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
Jetnet Registration Control - {317D68ED-6970-4BCB-9A79-B1B36B1BEDB7} - C:\Windows\Downloaded Program Files\JetNetRegistrationCtrl.dll - http://www.jetnet.com/jetnetweb/JetnetRegisterControl.CAB
Evolution_Report_Viewer.ReportViewer - {AB73C4A6-5859-42F5-8968-D61E1E86F1A9} - C:\Windows\Downloaded Program Files\ReportViewer.ocx - http://www.jetnetevo.com/ReportViewer.CAB
Shockwave Flash Object - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\SysWOW64\Macromed\Flash\Flash32_13_0_0_214.ocx - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

--------------------

URL search hooks:

[This user (1)]
Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll

--------------------

Explorer clones:

C:\Windows\explorer.exe
C:\Windows\system32\explorer.exe

--------------------

ContextMenuHandlers:

[* (7)]
AVG Shell Extension = {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files (x86)\AVG\AVG2014\avgse.dll
BriefcaseMenu = {85BBD920-42A0-1069-A2E4-08002B30309D} = C:\Windows\system32\syncui.dll
Open With = {09799AFB-AD67-11d1-ABCD-00C04FC30936} = C:\Windows\system32\shell32.dll
Open With EncryptionMenu = {A470F8CF-A1E8-4f65-8335-227475AA5C46} = C:\Windows\system32\shell32.dll
Sharing = {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = C:\Windows\system32\ntshrui.dll
Start Menu Pin = {a2a9545d-a0c2-42b4-9708-a0b2badd77c8} = C:\Windows\system32\shell32.dll
Taskband Pin = {90AA3A4E-1CBA-4233-B8BB-535773D48449} = C:\Windows\system32\shell32.dll

[Drive (6)]
Disk Copy Extension = {59099400-57FF-11CE-BD94-0020AF85B590} = C:\Windows\system32\diskcopy.dll
EnhancedStorageShell = {2854F705-3548-414C-A113-93E27C808C85} = C:\Windows\system32\EhStorShell.dll
Portable Devices Menu = {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} = C:\Windows\system32\wpdshext.dll
Previous Versions Property Page = {596AB062-B4D2-4215-9F74-E9109B0A8153} = C:\Windows\system32\twext.dll
Sharing = {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = C:\Windows\system32\ntshrui.dll
ShellFolder for CD Burning = {fbeb8a05-beee-4442-804e-409d6c4515e9} = C:\Windows\system32\shell32.dll

[Folder (3)]
AVG Shell Extension = {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files (x86)\AVG\AVG2014\avgse.dll
BriefcaseMenu = {85BBD920-42A0-1069-A2E4-08002B30309D} = C:\Windows\system32\syncui.dll
Library Location = {3dad6c5d-2167-4cae-9914-f99e41c12cfa} = C:\Windows\system32\shell32.dll

[CompressedFolder (1)]
Compressed (zipped) Folder Context Menu = {b8cdcb65-b1bf-4b42-9428-1dfdb7ee92af} = C:\Windows\system32\zipfldr.dll

[Directory (3)]
EncryptionMenu = {A470F8CF-A1E8-4f65-8335-227475AA5C46} = C:\Windows\system32\shell32.dll
Previous Versions Property Page = {596AB062-B4D2-4215-9F74-E9109B0A8153} = C:\Windows\system32\twext.dll
Sharing = {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = C:\Windows\system32\ntshrui.dll

[Directory\Background (3)]
Gadgets = {6B9228DA-9C15-419e-856C-19E768A13BDC} = %ProgramFiles%\Windows Sidebar\sbdrop.dll
New = {D969A300-E7FF-11d0-A93B-00A0C90F2719} = C:\Windows\system32\shell32.dll
Sharing = {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = C:\Windows\system32\ntshrui.dll

[InternetShortcut (1)]
Internet Shortcut = {FBF23B40-E3F0-101B-8488-00AA003E56F8} = C:\Windows\SysWOW64\ieframe.dll

[AllFileSystemObjects (3)]
CopyAsPathMenu = {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} = C:\Windows\system32\shell32.dll
Previous Versions Property Page = {596AB062-B4D2-4215-9F74-E9109B0A8153} = C:\Windows\system32\twext.dll
SendTo = {7BA4C740-9E81-11CF-99D3-00AA004AE837} = C:\Windows\system32\shell32.dll

--------------------

ColumnHandlers (1):

PDF Shell Extension - {F9DB5320-233E-11D1-9F84-707F02C10627} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll

--------------------

Approved Shell Extensions:

[All users (15)]
 - {00C6D95F-329C-409a-81D7-C46C66EA7F33} - C:\Windows\System32\shdocvw.dll
AVG Find Extension - {9F97547E-460A-42C5-AE0C-81C61FFAEBC3} - 
AVG Shell Extension - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} - C:\Program Files (x86)\AVG\AVG2014\avgse.dll
Code Download Agent - {7D559C10-9FE9-11d0-93F7-00AA0059CE02} - C:\Windows\SysWOW64\webcheck.dll
MF ADTS Property Handler - {80009818-f38f-4af1-87b5-eadab9433e58} - C:\Windows\System32\mf.dll
Microsoft Office HTML Icon Handler - {42042206-2D85-11D3-8CFF-005004838597} - C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll
Microsoft Office Metadata Handler - {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
Microsoft Office Outlook Custom Icon Handler - {0006F045-0000-0000-C000-000000000046} - C:\PROGRA~2\MICROS~3\Office12\OLKFSTUB.DLL
Microsoft Office Outlook Desktop Icon Handler - {00020D75-0000-0000-C000-000000000046} - C:\PROGRA~2\MICROS~3\Office12\MLSHEXT.DLL
Microsoft Office Thumbnail Handler - {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
Subscription Folder - {F5175861-2688-11d0-9C5E-00AA00A45957} - C:\Windows\SysWOW64\webcheck.dll
Subscription Mgr - {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} - C:\Windows\SysWOW64\webcheck.dll
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - 
WebCheck SyncMgr Handler - {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} - C:\Windows\SysWOW64\webcheck.dll
WebCheckWebCrawler - {08165EA0-E946-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll

--------------------

Registry 'Run' keys:

[User Run]
HP Officejet 6600 (NET) = "C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe" -deviceID "CN2BP5QKD705RN:NW" -scfn "HP Officejet 6600 (NET)" -AutoStart 1
Skype = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
SUPERAntiSpyware = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
swg = "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

[System Run]
@ = 
Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
AVG_UI = "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
HP Software Update = C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

--------------------

Protocols:

[Pluggable MIME filters (4)]
application/octet-stream = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} = mscoree.dll
application/x-complus = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} = mscoree.dll
application/x-msdownload = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} = mscoree.dll
text/xml = {807563E5-5146-11D5-A672-00B0D022E945} = C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

[Protocol handlers (22)]
about = {3050F406-98B5-11CF-BB82-00AA00BDCE0B} = C:\Windows\SysWOW64\mshtml.dll
cdl = {3dd53d40-7b8b-11D0-b013-00aa0059ce02} = C:\Windows\SysWOW64\urlmon.dll
dvd = {12D51199-0DB5-46FE-A120-47A3D7D937CC} = C:\Windows\SysWOW64\msvidctl.dll
file = {79eac9e7-baf9-11ce-8c82-00aa004ba90b} = C:\Windows\SysWOW64\urlmon.dll
ftp = {79eac9e3-baf9-11ce-8c82-00aa004ba90b} = C:\Windows\SysWOW64\urlmon.dll
http = {79eac9e2-baf9-11ce-8c82-00aa004ba90b} = C:\Windows\SysWOW64\urlmon.dll
https = {79eac9e5-baf9-11ce-8c82-00aa004ba90b} = C:\Windows\SysWOW64\urlmon.dll
its = {9D148291-B9C8-11D0-A4CC-0000F80149F6} = C:\Windows\System32\itss.dll
javascript = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} = C:\Windows\SysWOW64\mshtml.dll
local = {79eac9e7-baf9-11ce-8c82-00aa004ba90b} = C:\Windows\SysWOW64\urlmon.dll
mailto = {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} = C:\Windows\SysWOW64\mshtml.dll
mhtml = {05300401-BCBC-11d0-85E3-00C04FD85AB4} = C:\Windows\system32\inetcomm.dll
mk = {79eac9e6-baf9-11ce-8c82-00aa004ba90b} = C:\Windows\SysWOW64\urlmon.dll
ms-help = {314111c7-a502-11d2-bbca-00c04f8ec294} = C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
ms-its = {9D148291-B9C8-11D0-A4CC-0000F80149F6} = C:\Windows\System32\itss.dll
res = {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} = C:\Windows\SysWOW64\mshtml.dll
skype-ie-addon-data = {91774881-D725-4E58-B298-07617B9B86A8} = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
skype4com = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} = C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
tmpx = {0E526CB5-7446-41D1-A403-19BFE95E8C23} = C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmIEPlg32.dll
tmtbim = {0B37915C-8B98-4B9E-80D4-464D2C830D10} = C:\Program Files\Trend Micro\Client Server Security Agent\UIFramework\ProToolbarIMRatingActiveX.dll
tv = {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} = C:\Windows\SysWOW64\msvidctl.dll
vbscript = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} = C:\Windows\SysWOW64\mshtml.dll

--------------------

WOW compatibility:

[KnownDlls (32-bit) (28)]
advapi32.dll
clbcatq.dll
COMDLG32.dll
difxapi.dll
gdi32.dll
IERTUTIL.dll
IMAGEHLP.dll
IMM32.dll
kernel32.dll
LPK.dll
MSCTF.dll
MSVCRT.dll
NORMALIZ.dll
NSI.dll
ole32.dll
OLEAUT32.dll
PSAPI.DLL
rpcrt4.dll
sechost.dll
Setupapi.dll
SHELL32.dll
SHLWAPI.dll
URLMON.dll
user32.dll
USP10.dll
WININET.dll
WLDAP32.dll
WS2_32.dll

--------------------

Winsock LSP:

[Protocols (8)]
MSAFD Tcpip [TCP/IP] - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} - C:\Windows\system32\mswsock.dll
MSAFD Tcpip [UDP/IP] - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} - C:\Windows\system32\mswsock.dll
MSAFD Tcpip [TCP/IPv6] - {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4} - C:\Windows\system32\mswsock.dll
MSAFD Tcpip [UDP/IPv6] - {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4} - C:\Windows\system32\mswsock.dll
RSVP TCPv6 Service Provider - {9D60A9E0-337A-11D0-BD88-0000C082E69A} - C:\Windows\system32\mswsock.dll
RSVP TCP Service Provider - {9D60A9E0-337A-11D0-BD88-0000C082E69A} - C:\Windows\system32\mswsock.dll
RSVP UDPv6 Service Provider - {9D60A9E0-337A-11D0-BD88-0000C082E69A} - C:\Windows\system32\mswsock.dll
RSVP UDP Service Provider - {9D60A9E0-337A-11D0-BD88-0000C082E69A} - C:\Windows\system32\mswsock.dll

[Namespace Providers (6)]
Network Location Awareness Legacy (NLAv1) Namespace - {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83} - 
E-mail Naming Shim Provider - {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE} - 
PNRP Cloud Namespace Provider - {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D} - 
PNRP Name Namespace Provider - {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D} - 
Tcpip - {22059D40-7E9E-11CF-AE5A-00AA00A7112B} - 
NTDS - {3B2637EE-E580-11CF-A555-00C04FD8D4AC} - C:\Windows\System32\winrnr.dll

--------------------

Hijack points:

[Reset web settings URLs]
SearchAssistant = 
CustomizeSearch = 
START_PAGE_URL = 
SEARCH_PAGE_URL = 
MS_START_PAGE_URL = 

[Internet Explorer URLs]
* This user *
- Internet Explorer\Main (4)
Local Page = C:\Windows\system32\blank.htm
Search Bar = Preserve
Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
Start Page = http://www.msn.com/?ocid=UP74DHP&pc=UP74&dt=022813

* All users *
- Internet Explorer\Main (5)
Default_Page_Url = http://go.microsoft.com/fwlink/p/?LinkId=255141
Default_Search_Url = http://go.microsoft.com/fwlink/?LinkId=54896
Local Page = C:\Windows\SysWOW64\blank.htm
Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

- Internet Explorer\AboutURLs (6)
blank = res://mshtml.dll/blank.htm
DesktopItemNavigationFailure = res://ieframe.dll/navcancl.htm
NavigationCanceled = res://ieframe.dll/navcancl.htm
NavigationFailure = res://ieframe.dll/navcancl.htm
OfflineInformation = res://ieframe.dll/offcancl.htm
PostNotCached = res://ieframe.dll/repost.htm



[Default URL prefixes]
default = http://
ftp = ftp://
home = http://
mosaic = http://
www = http://

[Hosts file location]
DatabasePath = C:\Windows\System32\drivers\etc\hosts

--------------------

Protection & disabled items:

[ActiveX killbits (201)]
&Address - {01E04581-4EEE-11d0-BFE9-00AA005B4383} - C:\Windows\system32\explorerframe.dll
(no name) - {35cec8a3-2be6-11d2-8773-92e220524153} - C:\Windows\system32\stobject.dll
(no name) - {53C74826-AB99-4D33-ACA4-3117F51D3788} - C:\Windows\system32\shell32.dll
(no name) - {b4b3aecb-dfd6-11d1-9daa-00805f85cfe3} - C:\Windows\system32\clbcatq.dll
(no name) - {e846f0a0-d367-11d1-8286-00a0c9231c29} - C:\Windows\system32\catsrvut.dll
(no name) - {FEF10FA2-355E-4E06-9381-9B24D7F7CC88} - C:\Windows\system32\shell32.dll
ACM Class Manager - {33d9a761-90c8-11d0-bd43-00a0c911ce86} - C:\Windows\SysWOW64\devenum.dll
ActiveMovie Filter Class Manager - {083863F1-70DE-11d0-BD40-00A0C911CE86} - C:\Windows\SysWOW64\devenum.dll
ADODB.Stream - {00000566-0000-0010-8000-00AA006D2EA4} - %CommonProgramFiles(x86)%\System\ado\msado15.dll
Analog Audio Component Type - {28AB0005-E845-4FFA-AA9B-F4665236141C} - C:\Windows\SysWOW64\msvidctl.dll
ATSC Tune Request Location Information - {8872FF1B-98FA-4D7A-8D93-C9F1055F85BB} - C:\Windows\SysWOW64\msvidctl.dll
Audio Renderers Collection Class - {C5702CCF-9B79-11D3-B654-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
BDA Data Services Feature Segment - {334125C0-77E5-11d3-B653-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuner Device Segment - {A2E3074E-6C3D-11D3-B653-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model Analog Locator - {49638B91-48AB-48B7-A47A-7D0E75A08EDE} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model Analog Radio Tuning Space - {8A674B4C-1F63-11D3-B64C-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model Analog TV Tuning Space - {8A674B4D-1F63-11D3-B64C-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model ATSC Channel Tune Request - {0369B4E6-45B6-11D3-B650-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model ATSC Component Type Class (Broadcast Substream Type) - {A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model ATSC Tuning Space - {A2E30750-6C3D-11D3-B653-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model Auxiliary Inputs Tuning Space - {F9769A06-7ACA-4E39-9CFB-97BB35F0E77E} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model Channel ID Tune Request - {3A9428A7-31A4-45E9-9EFB-E055BF7BB3DB} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model Channel ID Tuning Space - {CC829A2F-3365-463F-AF13-81DBB6F3A555} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model Channel Tune Request - {0369B4E5-45B6-11D3-B650-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model Component Class(Broadcast Substream) - {59DC47A8-116C-11D3-9D8E-00C04F72D980} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model Component Type Class (Broadcast Substream Type) - {823535A0-0318-11D3-9D8E-00C04F72D980} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model Digital Cable Locator - {03C06416-D127-407A-AB4C-FDD279ABBE5D} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model Digital Cable Tune Request - {26EC0B63-AA90-458A-8DF4-5659F2C8A18A} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model Digital Cable Tuning Space - {D9BB4CEE-B87A-47F1-AC92-B08D9C7813FC} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model DVB Cable Locator - {C531D9FD-9685-4028-8B68-6E1232079F1E} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model DVB Satellite Locator - {1DF7D126-4050-47F0-A7CF-4C4CA9241333} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model DVB Terrestrial Locator - {9CD64701-BDF3-4D14-8E03-F12983D86664} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model DVB Tune Request - {15D6504A-5494-499C-886C-973C9E53B9F1} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model DVB Tuning Space - {C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model DVB-Satellite Tuning Space - {B64016F3-C9A2-4066-96F0-BD9563314726} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model Language Component Type Class (Broadcast Substream Type) - {1BE49F30-0E1B-11D3-9D8E-00C04F72D980} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model MPEG2 Component Class (Broadcast Substream) - {055CB2D7-2969-45CD-914B-76890722F112} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model MPEG2 Component Type Class (Broadcast Substream Type) - {418008F3-CF67-4668-9628-10DC52BE1D08} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model MPEG2 Tune Request - {0955AC62-BF2E-4CBA-A2B9-A63F772D46CF} - C:\Windows\SysWOW64\msvidctl.dll
BDA Tuning Model MPEG2 Tune Request Factory - {2C63E4EB-4CEA-41B8-919C-E947EA19A77C} - C:\Windows\SysWOW64\msvidctl.dll
Briefcase - {85bbd920-42a0-1069-a2e4-08002b30309d} - C:\Windows\system32\syncui.dll
cfw Class - {ECABAFC0-7F19-11D2-978E-0000F8757E2A} - C:\Windows\system32\comsvcs.dll
Closed Captions Analysis Feature Segment - {86151827-E47B-45EE-8421-D10E6E690979} - C:\Windows\SysWOW64\msvidctl.dll
ColleagueImportAddIn Class - {EFEF7FDB-0CED-4FB6-B3BB-3C50D39F4120} - C:\PROGRA~2\MICROS~3\Office12\ADDINS\COLLEA~1.DLL
Collection of all the available BDA Tuning Model Tuning Space objects on this system - {D02AAC50-027E-11D3-9D8E-00C04F72D980} - C:\Windows\SysWOW64\msvidctl.dll
Collection of BDA Tuning Model Component Types(Broadcast Substream Types) - {A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980} - C:\Windows\SysWOW64\msvidctl.dll
Collection of BDA Tuning Model Components(Broadcast Substreams) - {809B6661-94C4-49E6-B6EC-3F0F862215AA} - C:\Windows\SysWOW64\msvidctl.dll
Custom Composition Segment from Data Services to Time Shift Sink - {38F03426-E83B-4E68-B65B-DCAE73304838} - C:\Windows\SysWOW64\msvidctl.dll
Custom Composition Segment from Encoder to Time Shift Sink - {A0B9B497-AFBC-45AD-A8A6-9B077C40D4F2} - C:\Windows\SysWOW64\msvidctl.dll
Custom Composition Segment from iTV to Stream Buffer Source - {92B94828-1AF7-4E6E-9EBF-770657F77AF5} - C:\Windows\SysWOW64\msvidctl.dll
Custom Composition Segment from Legacy Analog Tv Tuner Device Segment to Data Services Feature Segment - {C5702CD6-9B79-11D3-B654-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
Custom Composition Segment from Legacy Analog Tv Tuner Device Segment to Standard Video Renderer Device Segment - {E18AF75A-08AF-11D3-B64A-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
Custom Composition Segment from WebDVD Device Segment to Standard Video Renderer Device Segment - {267DB0B3-55E3-4902-949B-DF8F5CEC0191} - C:\Windows\SysWOW64\msvidctl.dll
Developer Tools - {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll
Developer Tools - {8FE85D00-4647-40B9-87E4-5EB8A52F4759} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll
DigitalCable Class - {ABBA001B-3075-11D6-88A4-00B0D0200F88} - C:\Windows\SysWOW64\psisdecd.dll
DirectX Transform Wrapper Property Page - {1B544C24-FD0B-11CE-8C63-00AA0044B520} - C:\Windows\SysWOW64\qedit.dll
Encoder Feature Segment - {BB530C63-D9DF-4B49-9439-63453962E598} - C:\Windows\SysWOW64\msvidctl.dll
Features Collection Class - {C5702CD0-9B79-11D3-B654-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
File Playback Device Segment - {37B0353C-A4C8-11D2-B634-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
Generic Graph Composition Segment - {2764BCE5-CC39-11D2-B639-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
Generic Sink Segment - {4A5869CF-929D-4040-AE03-FCAFC5B9CD42} - C:\Windows\SysWOW64\msvidctl.dll
Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
HHCtrl Object - {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} - C:\Windows\System32\hhctrl.ocx
HHCtrl Object - {ADB880A6-D8FF-11CF-9377-00AA003B7A11} - C:\Windows\System32\hhctrl.ocx
HPDevice Class - {60178279-6D62-43AF-A336-77925651A4C6} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPDeviceUtil Class - {DC4F9DA0-DB05-4BB0-8FB2-03A80FE98772} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPFileUtil Class - {CDAF9CEC-F3EC-4B22-ABA3-9726713560F8} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPIniFileUtil Class - {93441C07-E57E-4086-B912-F323D741A9D8} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPLogicalDriveInfo Class - {17E67D4A-23A1-40D8-A049-EE34C0AF756A} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPOperatingSystem Class - {784F2933-6BDD-4E5F-B1BA-A8D99B603649} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPPDriverRead Class - {4774922A-8983-4ECC-94FD-7235F06F53A1} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPPDriversCollection Class - {DE233AFF-8BD5-457E-B7F0-702DBEA5A828} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPPJobRead Class - {E12DA4F2-BDFB-4EAD-B12F-2725251FA6B0} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPPJobsCollection Class - {B9C13CD0-5A97-4C6B-8A50-7638020E2462} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPPMonitorRead Class - {C94188F6-0F9F-46B3-8B78-D71907BD8B77} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPPMonitorsCollection Class - {AB049B11-607B-46C8-BBF7-F4D6AF301046} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPPPortRead Class - {6470DE80-1635-4B5D-93A3-3701CE148A79} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPPPortsCollection Class - {910E7ADE-7F75-402D-A4A6-BB1A82362FCA} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPPProcessorsCollection Class - {42C68651-1700-4750-A81F-A1F5110E0F66} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPPrinterRead Class - {BF931895-AF82-467A-8819-917C6EE2D1F3} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPPrintersCollection Class - {C70D0641-DDE1-4FD7-A4D4-DA187B80741D} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPRegUtil Class - {0C378864-D5C4-4D9C-854C-432E3BEC9CCB} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPSpoolerEnum Class - {CF6866F9-B67C-4B24-9957-F91E91E788DC} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPSpoolerRead Class - {A95845D8-8463-4605-B5FB-4F8CFBAC5C47} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
HPSystemBoardInfo Class - {AB237044-8A3B-42BB-9EE1-9BFA6721D9ED} - C:\Program Files (x86)\Hp\Common\HPeDiag.dll
IAVIStream & IAVIFile Proxy - {0002000D-0000-0000-C000-000000000046} - C:\Windows\System32\avifil32.dll
ICM Class Manager - {33d9a760-90c8-11d0-bd43-00a0c911ce86} - C:\Windows\SysWOW64\devenum.dll
IndexServer Simple Command Creator - {c7b6c04a-cbb5-11d0-bb4c-00c04fc2f410} - C:\Windows\system32\query.dll
Input Devices Collection Class - {C5702CCC-9B79-11D3-B654-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
iTV Capture Feature Segment - {5740A302-EF0B-45CE-BF3B-4470A14A8980} - C:\Windows\SysWOW64\msvidctl.dll
iTV Playback Feature Segment - {9E797ED0-5253-4243-A9B7-BD06C58F8EF3} - C:\Windows\SysWOW64\msvidctl.dll
Legacy Analog TV Tuner Device Segment - {1C15D484-911D-11D2-B632-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
LexRefBilingualTextContext Class - {75C11604-5C51-48B2-B786-DF5E51D10EC9} - C:\Program Files (x86)\Common Files\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.DLL
LexRefStEsObject Class - {4CFB5280-800B-4367-848F-5A13EBF27F1D} - C:\Program Files (x86)\Common Files\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.DLL
LexRefStFrObject Class - {B3E0E785-BD78-4366-9560-B7DABE2723BE} - C:\Program Files (x86)\Common Files\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.DLL
LW Identities - {A9AE6C91-1D1B-11D2-B21A-00C04FA357FA} - C:\Windows\system32\msident.dll
Media Streaming Dynamic Terminal - {AED6483F-3304-11D2-86F1-006008B0E5D2} - C:\Windows\SysWOW64\termmgr.dll
MessageMover Class - {ecabb0bf-7f19-11d2-978e-0000f8757e2a} - C:\Windows\system32\comsvcs.dll
Microsoft Common Browser Architecture - {AF604EFE-8897-11D1-B944-00A0C90312E1} - C:\Windows\system32\explorerframe.dll
Microsoft DocHost User Interface Handler - {7057e952-bd1b-11d1-8919-00c04fc2c836} - C:\Windows\SysWOW64\ieframe.dll
Microsoft HTA Document 6.0 - {3050F5C8-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Microsoft Html Document for Popup Window - {3050F67D-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Microsoft Html Popup Window - {3050f667-98b5-11cf-bb82-00aa00bdce0b} - C:\Windows\SysWOW64\mshtml.dll
Microsoft HTML Window Security Proxy - {3050F391-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Microsoft ImageComboBox Control, version 6.0 - {DD9DA666-8594-11D1-B16A-00C0F0283628} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft ImageList Control, version 6.0 - {2C247F23-8591-11D1-B16A-00C0F0283628} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft ImageList Control, version 6.0 - {F91CAF91-225B-43A7-BB9E-472F991FC402} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft ListView Control 6.0 (SP6) - {979127D3-7D01-4FDE-AF65-A698091468AF} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft ListView Control, version 6.0 - {996BF5E0-8044-4650-ADEB-0B013914E99C} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft ListView Control, version 6.0 - {BDD1F04B-858B-11D1-B16A-00C0F0283628} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft Office Outlook View Control - {0006F063-0000-0000-C000-000000000046} - C:\Program Files (x86)\Microsoft Office\Office12\OUTLCTL.DLL
Microsoft ProgressBar Control, version 6.0 - {35053A22-8589-11D1-B16A-00C0F0283628} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft RDP Client Control (redistributable) - version 3 - {9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} - C:\Windows\system32\mstscax.dll
Microsoft RDP Client Control (redistributable) - version 4 - {7584c670-2274-4efb-b00b-d6aaba6d3850} - C:\Windows\system32\mstscax.dll
Microsoft RDP Client Control (redistributable) - version 5 - {4EDCB26C-D24C-4e72-AF07-B576699AC0DE} - C:\Windows\system32\mstscax.dll
Microsoft Slider Control, version 6.0 - {F08DF954-8592-11D1-B16A-00C0F0283628} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft StatusBar Control, version 6.0 - {627C8B79-918A-4C5C-9E19-20F66BF30B86} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft StatusBar Control, version 6.0 - {8E3867A3-8586-11D1-B16A-00C0F0283628} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft TabStrip Control, version 6.0 - {1EFB6596-857C-11D1-B16A-00C0F0283628} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft TabStrip Control, version 6.0 - {24B224E0-9545-4A2F-ABD5-86AA8A849385} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft Toolbar Control, version 6.0 - {66833FE6-8583-11D1-B16A-00C0F0283628} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft Toolbar Control, version 6.0 - {7DC6F291-BF55-4E50-B619-EF672D9DCC58} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft TreeView Control, version 6.0 - {9181DC5F-E07D-418A-ACA6-8EEA1ECB8E9E} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft TreeView Control, version 6.0 - {C74190B6-8589-11D1-B16A-00C0F0283628} - C:\Windows\SysWOW64\MSCOMCTL.OCX
Microsoft Visio Document - {279D6C9A-652E-4833-BEFC-312CA8887857} - C:\PROGRA~2\MICROS~3\Office12\VVIEWER.DLL
MidiOut Class Manager - {4efe2452-168a-11d1-bc76-00c04fb9453b} - C:\Windows\SysWOW64\devenum.dll
MMStream Class - {49C47CE5-9BA4-11D0-8212-00C04FC32C45} - C:\Windows\SysWOW64\amstream.dll
MS TV Video Control - {B0EDF163-910A-11D2-B632-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
MS Video Control Closed Captioning Feature Segment - {7F9CB14D-48E4-43B6-9346-1AEBC39C64D3} - C:\Windows\SysWOW64\msvidctl.dll
MS Video Control Closed Captioning SI Feature Segment - {92ED88BF-879E-448F-B6B6-A385BCEB846D} - C:\Windows\SysWOW64\msvidctl.dll
MSP Class - {4DDB6D36-3BC1-11D2-86F2-006008B0E5D2} - C:\Windows\SysWOW64\wavemsp.dll
MSVidCtl Analog Capture to Encoder Composition Segment - {28953661-0231-41DB-8986-21FF4388EE9B} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl Analog Capture to XDS Composition Segment - {3540D440-5B1D-49CB-821A-E84B8CF065A7} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl Analog TV to StreamBufferSource Composition Segment - {9F50E8B1-9530-4DDC-825E-1AF81D47AED6} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl CC to Audio Renderer Composition Segment - {D76334CA-D89E-4BAF-86AB-DDB59372AFC2} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl CC to Video Renderer Composition Segment - {C4BF2784-AE00-41BA-9828-9C953BD3C54A} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl Digital TV to CCA Composition Segment - {73D14237-B9DB-4EFA-A6DD-84350421FB2F} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl Digital TV to iTV Composition Segment - {5D8E73F7-4989-4AC8-8A98-39BA0D325302} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl Digital TV to StreamBufferSource Composition Segment - {ABE40035-27C3-4A2F-8153-6624471608AF} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl DVD to Audio Renderer Composition Segment - {8D04238E-9FD1-41C6-8DE3-9E1EE309E935} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl Enhanced Video Renderer(DX10) Segment - {C45268A2-FA81-4E19-B1E3-72EDBD60AEDA} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl FilePlayback to Audio Renderer Composition Segment - {CC23F537-18D4-4ECE-93BD-207A84726979} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl FilePlayback to Video Renderer Composition Segment - {B401C5EB-8457-427F-84EA-A4D2363364B0} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl MPEG2 Decoder to Closed Captioning Composition Segment - {6AD28EE1-5002-4E71-AAF7-BD077907B1A4} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl SBE Source to Closed Caption Composition Segment - {9193A8F9-0CBA-400E-AA97-EB4709164576} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl SBE Source to iTV Composition Segment - {2291478C-5EE3-4BEF-AB5D-B5FF2CF58352} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl SBE Source to Video Mixing Renderer Composition Segment - {3C4708DC-B181-46A8-8DA8-4AB0371758CD} - C:\Windows\SysWOW64\msvidctl.dll
MSVidCtl Stream Buffer Source To Generic Sink Composition segment - {991DA7E5-953F-435B-BE5E-B92A05EDFC42} - C:\Windows\SysWOW64\msvidctl.dll
MTSEvents Class - {ECABB0AB-7F19-11D2-978E-0000F8757E2A} - C:\Windows\system32\comsvcs.dll
Network Connections - {7007acc7-3202-11d1-aad2-00805fc1270e} - C:\Windows\System32\netshell.dll
Network Connections - {992cffa0-f557-101a-88ec-00dd010ccc48} - C:\Windows\System32\netshell.dll
Network Connections Tray - {7007ACCF-3202-11D1-AAD2-00805FC1270E} - C:\Windows\System32\netshell.dll
Old FieldListCtrl.1 Object - {53230327-172B-11D0-AD40-00A0C90DC8D9} - C:\PROGRA~2\MICROS~3\Office12\ACCWIZ.DLL
Old ImexGridCtrl.1 Object - {53230322-172B-11D0-AD40-00A0C90DC8D9} - C:\PROGRA~2\MICROS~3\Office12\ACCWIZ.DLL
Outlook Progress Ctl - {0006F071-0000-0000-C000-000000000046} - C:\PROGRA~2\MICROS~3\Office12\OUTLOOK.EXE
Output Devices Collection Class - {C5702CCD-9B79-11D3-B654-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
PostBootReminder object - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\Windows\system32\shell32.dll
PSDispatch - {00020420-0000-0000-c000-000000000046} - C:\Windows\SysWOW64\oleaut32.dll
PSEnumVariant - {00020421-0000-0000-C000-000000000046} - C:\Windows\SysWOW64\oleaut32.dll
PSFactoryBuffer - {11C18934-5DFE-4FE3-B650-78CA31123842} - C:\Program Files (x86)\HP\IrisOCR_12.3.4.0\dpe_ps.dll
PSOAInterface - {00020424-0000-0000-c000-000000000046} - C:\Windows\SysWOW64\oleaut32.dll
PSSupportErrorInfo - {DF0B3D60-548F-101B-8E65-08002B2BD119} - C:\Windows\SysWOW64\oleaut32.dll
PSTypeComp - {00020425-0000-0000-C000-000000000046} - C:\Windows\SysWOW64\oleaut32.dll
PSTypeInfo - {00020422-0000-0000-C000-000000000046} - C:\Windows\SysWOW64\oleaut32.dll
PSTypeLib - {00020423-0000-0000-C000-000000000046} - C:\Windows\SysWOW64\oleaut32.dll
Queued Components Recorder - {ecabafc2-7f19-11d2-978e-0000f8757e2a} - C:\Windows\system32\comsvcs.dll
RefEdit.Ctrl - {00024512-0000-0000-C000-000000000046} - C:\Program Files (x86)\Microsoft Office\Office12\REFEDIT.DLL
Script Encoder Object - {32DA2B15-CFED-11D1-B747-00C04FC2B085} - C:\Windows\SysWOW64\scrrun.dll
ShellFolder for CD Burning - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\Windows\system32\shell32.dll
Shortcut - {00021401-0000-0000-C000-000000000046} - C:\Windows\SysWOW64\shell32.dll
Skype Class - {830690FC-BF2F-47A6-AC2D-330BCB402664} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SpSharedRecoContext Class - {47206204-5ECA-11D2-960F-00C04F8EE628} - C:\Windows\System32\Speech\Common\sapi.dll
SpSharedRecognizer Class - {3BEE4890-4FE9-4A37-8C1E-5E7E12791C1F} - C:\Windows\System32\Speech\Common\sapi.dll
Standard Audio Renderer Device Segment - {37B03544-A4C8-11D2-B634-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
Standard Video Renderer Device Segment - {37B03543-A4C8-11D2-B634-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
Stream Buffer Recording Control Object - {CAAFDD83-CEFC-4E3D-BA03-175F17A24F91} - C:\Windows\SysWOW64\msvidctl.dll
Stream Buffer Sink Segment - {9E77AAC4-35E5-42A1-BDC2-8F3FF399847C} - C:\Windows\SysWOW64\msvidctl.dll
Stream Buffer Source - {AD8E510D-217F-409B-8076-29C5E73B98E8} - C:\Windows\SysWOW64\msvidctl.dll
Stream Buffer V2 Source - {FD351EA1-4173-4AF4-821D-80D4AE979048} - C:\Windows\SysWOW64\MSVidCtl.dll
System Monitor Source Properties - {0CF32AA1-7571-11D0-93C4-00AA00A3DDEA} - C:\Windows\System32\sysmon.ocx
SysTrayInvoker - {730f6cdc-2c86-11d2-8773-92e220524153} - C:\Windows\system32\stobject.dll
Tablet Tip Soft Keyboard Skin Class - {E94137E0-92ED-4579-9251-18AF2A08CCD1} - %CommonProgramFiles%\microsoft shared\ink\tipskins.dll
Trident HTMLEditor - {3050F4F5-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtmled.dll
Utility Object for Binding Events SubObjects in Script Variables - {577FAA18-4518-445E-8F70-1473F8CF4BA4} - C:\Windows\SysWOW64\msvidctl.dll
VFW Capture Class Manager - {860bb310-5d01-11d0-bd3b-00a0c911ce86} - C:\Windows\SysWOW64\devenum.dll
Video Effect (1 input) Class Manager - {cc7bfb42-f175-11d1-a392-00e0291f3959} - C:\Windows\SysWOW64\qedit.dll
Video Effect (2 input) Class Manager - {cc7bfb43-f175-11d1-a392-00e0291f3959} - C:\Windows\SysWOW64\qedit.dll
Video Mixing Renderer 9 - {51B4ABF3-748F-4E3B-A276-C828330E926A} - C:\Windows\SysWOW64\quartz.dll
Video Mixing Renderer 9 Device Segment - {24DC3975-09BF-4231-8655-3EE71F43837D} - C:\Windows\SysWOW64\msvidctl.dll
Video Render Dynamic Terminal - {AED6483E-3304-11D2-86F1-006008B0E5D2} - C:\Windows\SysWOW64\termmgr.dll
Video Renderers Collection Class - {C5702CCE-9B79-11D3-B654-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll
VideoPort Object - {CE292861-FC88-11D0-9E69-00C04FD7C15B} - C:\Windows\SysWOW64\qdvd.dll
VMR Allocator Presenter 9 - {2D2E24CB-0CD5-458F-86EA-3E6FA22C8E64} - C:\Windows\SysWOW64\quartz.dll
VMR ImageSync 9 - {E4979309-7A32-495E-8A92-7B014AAD4961} - C:\Windows\SysWOW64\quartz.dll
WaveIn Class Manager - {33D9A762-90C8-11d0-BD43-00A0C911CE86} - C:\Windows\SysWOW64\devenum.dll
WaveOut and DSound Class Manager - {e0f158e1-cb04-11d0-bd4e-00a0c911ce86} - C:\Windows\SysWOW64\devenum.dll
WebDVD Adminitration class - {FA7C375B-66A7-4280-879D-FD459C84BB02} - C:\Windows\SysWOW64\msvidctl.dll
WebDVD Device Segment - {011B3619-FE63-4814-8A84-15A194CE9CE3} - C:\Windows\SysWOW64\msvidctl.dll
Windows Mail Address Book - {233A9694-667E-11d1-9DFB-006097D50408} - %ProgramFiles%\Windows Mail\msoe.dll
XDS Feature Segment - {0149EEDF-D08F-4142-8D73-D23903D21E90} - C:\Windows\SysWOW64\msvidctl.dll

[Stopped/disabled NT Services]
* Stopped (102) *
@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 = C:\Windows\System32\svchost.exe -k secsvcs
@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 = "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe"
@%SystemRoot%\ehome\ehrecvr.exe,-101 = C:\Windows\ehome\ehRecvr.exe
@%SystemRoot%\ehome\ehsched.exe,-101 = C:\Windows\ehome\ehsched.exe
@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193 = "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"
@%SystemRoot%\servicing\TrustedInstaller.exe,-100 = C:\Windows\servicing\TrustedInstaller.exe
@%SystemRoot%\system32\aelupsvc.dll,-1 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\system32\Alg.exe,-112 = C:\Windows\System32\alg.exe
@%systemroot%\system32\appidsvc.dll,-100 = C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
@%systemroot%\system32\appinfo.dll,-100 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\system32\AxInstSV.dll,-103 = C:\Windows\system32\svchost.exe -k AxInstSVGroup
@%SystemRoot%\system32\bdesvc.dll,-100 = C:\Windows\System32\svchost.exe -k netsvcs
@%systemroot%\system32\browser.dll,-100 = C:\Windows\System32\svchost.exe -k netsvcs
@%SystemRoot%\System32\bthserv.dll,-101 = C:\Windows\system32\svchost.exe -k bthsvcs
@%SystemRoot%\System32\certprop.dll,-11 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\System32\certprop.dll,-13 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\system32\defragsvc.dll,-101 = C:\Windows\system32\svchost.exe -k defragsvc
@%systemroot%\system32\dot3svc.dll,-1102 = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
@%systemroot%\system32\eapsvc.dll,-1 = C:\Windows\System32\svchost.exe -k netsvcs
@%SystemRoot%\system32\efssvc.dll,-100 = C:\Windows\System32\lsass.exe
@%systemroot%\system32\fdPHost.dll,-100 = C:\Windows\system32\svchost.exe -k LocalService
@%systemroot%\system32\fdrespub.dll,-100 = C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
@%systemroot%\system32\fxsresm.dll,-118 = C:\Windows\system32\fxssvc.exe
@%SystemRoot%\System32\hidserv.dll,-101 = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
@%systemroot%\system32\IPBusEnum.dll,-102 = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\system32\iscsidsc.dll,-5000 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\system32\kmsvc.dll,-6 = C:\Windows\System32\svchost.exe -k netsvcs
@%SystemRoot%\System32\ListSvc.dll,-100 = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\system32\lltdres.dll,-1 = C:\Windows\System32\svchost.exe -k LocalService
@%systemroot%\system32\Locator.exe,-2 = C:\Windows\system32\locator.exe
@%systemroot%\system32\mmcss.dll,-102 = C:\Windows\system32\svchost.exe -k LocalService
@%SystemRoot%\system32\msimsg.dll,-27 = C:\Windows\system32\msiexec.exe /V
@%SystemRoot%\system32\netman.dll,-109 = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\system32\netprofm.dll,-202 = C:\Windows\System32\svchost.exe -k LocalService
@%SystemRoot%\system32\p2psvc.dll,-8006 = C:\Windows\System32\svchost.exe -k LocalServicePeerNet
@%SystemRoot%\system32\peerdistsvc.dll,-9000 = C:\Windows\System32\svchost.exe -k PeerDist
@%systemroot%\system32\pla.dll,-500 = C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
@%SystemRoot%\system32\pnrpauto.dll,-8002 = C:\Windows\System32\svchost.exe -k LocalServicePeerNet
@%SystemRoot%\system32\pnrpsvc.dll,-8000 = C:\Windows\System32\svchost.exe -k LocalServicePeerNet
@%SystemRoot%\system32\pnrpsvc.dll,-8004 = C:\Windows\System32\svchost.exe -k LocalServicePeerNet
@%SystemRoot%\System32\polstore.dll,-5010 = C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
@%SystemRoot%\system32\PresentationHost.exe,-3309 = C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
@%SystemRoot%\System32\provsvc.dll,-100 = C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
@%systemroot%\system32\psbase.dll,-300 = C:\Windows\system32\lsass.exe
@%SystemRoot%\system32\qagentrt.dll,-6 = C:\Windows\System32\svchost.exe -k NetworkService
@%SystemRoot%\system32\qmgr.dll,-1000 = C:\Windows\System32\svchost.exe -k netsvcs
@%SystemRoot%\system32\qwave.dll,-1 = %windir%\system32\svchost.exe -k LocalServiceAndNoImpersonation
@%Systemroot%\system32\rasauto.dll,-200 = C:\Windows\System32\svchost.exe -k netsvcs
@%Systemroot%\system32\rasmans.dll,-200 = C:\Windows\System32\svchost.exe -k netsvcs
@%SystemRoot%\System32\SCardSvr.dll,-1 = C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
@%SystemRoot%\system32\sdrsvc.dll,-107 = C:\Windows\system32\svchost.exe -k SDRSVC
@%SystemRoot%\system32\seclogon.dll,-7001 = %windir%\system32\svchost.exe -k netsvcs
@%SystemRoot%\System32\sensrsvc.dll,-1000 = C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
@%SystemRoot%\System32\SessEnv.dll,-1026 = C:\Windows\System32\svchost.exe -k netsvcs
@%SystemRoot%\system32\snmptrap.exe,-3 = C:\Windows\System32\snmptrap.exe
@%SystemRoot%\system32\sppuinotify.dll,-103 = C:\Windows\system32\svchost.exe -k LocalService
@%systemroot%\system32\ssdpsrv.dll,-100 = C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
@%SystemRoot%\system32\sstpsvc.dll,-200 = C:\Windows\system32\svchost.exe -k LocalService
@%SystemRoot%\System32\StorSvc.dll,-100 = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\System32\swprv.dll,-103 = C:\Windows\System32\svchost.exe -k swprv
@%SystemRoot%\system32\TabSvc.dll,-100 = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\system32\tapisrv.dll,-10100 = C:\Windows\System32\svchost.exe -k NetworkService
@%SystemRoot%\system32\tbssvc.dll,-100 = C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
@%SystemRoot%\System32\termsrv.dll,-268 = C:\Windows\System32\svchost.exe -k NetworkService
@%SystemRoot%\system32\ui0detect.exe,-101 = C:\Windows\system32\UI0Detect.exe
@%SystemRoot%\system32\umrdp.dll,-1000 = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
@%systemroot%\system32\upnphost.dll,-213 = C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
@%SystemRoot%\system32\vaultsvc.dll,-1003 = C:\Windows\system32\lsass.exe
@%SystemRoot%\system32\vds.exe,-100 = C:\Windows\System32\vds.exe
@%systemroot%\system32\vssvc.exe,-102 = C:\Windows\system32\vssvc.exe
@%SystemRoot%\system32\w32time.dll,-200 = C:\Windows\system32\svchost.exe -k LocalService
@%SystemRoot%\system32\Wat\WatUX.exe,-601 = C:\Windows\system32\Wat\WatAdminSvc.exe
@%Systemroot%\system32\wbem\wmiapsrv.exe,-110 = C:\Windows\system32\wbem\WmiApSrv.exe
@%systemroot%\system32\wbengine.exe,-104 = "C:\Windows\system32\wbengine.exe"
@%systemroot%\system32\wbiosrvc.dll,-100 = C:\Windows\system32\svchost.exe -k WbioSvcGroup
@%SystemRoot%\system32\wcncsvc.dll,-3 = C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
@%SystemRoot%\system32\WcsPlugInService.dll,-200 = C:\Windows\system32\svchost.exe -k wcssvc
@%systemroot%\system32\wdi.dll,-500 = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
@%systemroot%\system32\wdi.dll,-502 = C:\Windows\System32\svchost.exe -k LocalService
@%systemroot%\system32\webclnt.dll,-100 = C:\Windows\system32\svchost.exe -k LocalService
@%SystemRoot%\system32\wecsvc.dll,-200 = C:\Windows\system32\svchost.exe -k NetworkService
@%SystemRoot%\System32\wercplsupport.dll,-101 = C:\Windows\System32\svchost.exe -k netsvcs
@%SystemRoot%\System32\wersvc.dll,-100 = C:\Windows\System32\svchost.exe -k WerSvcGroup
@%SystemRoot%\system32\winhttp.dll,-100 = C:\Windows\system32\svchost.exe -k LocalService
@%SystemRoot%\system32\wpcsvc.dll,-100 = C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
@%SystemRoot%\system32\wpdbusenum.dll,-100 = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
@%Systemroot%\system32\wsmsvc.dll,-101 = C:\Windows\System32\svchost.exe -k NetworkService
@%SystemRoot%\System32\wwansvc.dll,-257 = C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
@%systemroot%\sysWow64\perfhost.exe,-2 = C:\Windows\SysWow64\perfhost.exe
@appmgmts.dll,-3250 = C:\Windows\system32\svchost.exe -k netsvcs
@comres.dll,-2797 = C:\Windows\System32\msdtc.exe
@comres.dll,-2946 = C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation
@comres.dll,-947 = C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
@keyiso.dll,-100 = C:\Windows\system32\lsass.exe
@regsvc.dll,-1 = C:\Windows\system32\svchost.exe -k regsvc
Adobe Flash Player Update Service = C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
BBUpdate = "C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe"
Google Software Updater = "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe"
Google Update Service (gupdatem) = "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc
Microsoft Office Diagnostics Service = "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
Office Source Engine = "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Trend Micro Security Agent Communicator = "C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe"

* Stopped & disabled (6) *
@%SystemRoot%\ehome\ehres.dll,-15501 = C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201 = "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
@%SystemRoot%\system32\ipnathlp.dll,-106 = C:\Windows\System32\svchost.exe -k netsvcs
@%Systemroot%\system32\mprdim.dll,-200 = C:\Windows\System32\svchost.exe -k netsvcs
Microsoft .NET Framework NGEN v2.0.50727_X64 = C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
Microsoft .NET Framework NGEN v2.0.50727_X86 = C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe



==================================================
= Other users on this computer: Default user =
==================================================
--------------------

Autostart folders:

[User Startup]
desktop.ini
HughesNetStatusMeter.lnk


==================================================
= Other users on this computer: SYSTEM =
==================================================
--------------------

Autostart folders:

[User Startup]
desktop.ini
HughesNetStatusMeter.lnk



==================================================
= Other hardware configurations: Last known good =
==================================================
--------------------

On-reboot actions:

BootExecute = autocheck autochk *

--------------------

Services:

[NT Services (61)]
@%SystemRoot%\system32\audiosrv.dll,-200 = C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
@%SystemRoot%\system32\audiosrv.dll,-204 = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\system32\bfe.dll,-1001 = C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
@%SystemRoot%\system32\cryptsvc.dll,-1001 = C:\Windows\system32\svchost.exe -k NetworkService
@%systemroot%\system32\cscsvc.dll,-200 = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\system32\dhcpcore.dll,-100 = C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
@%SystemRoot%\System32\dnsapi.dll,-101 = C:\Windows\system32\svchost.exe -k NetworkService
@%systemroot%\system32\dps.dll,-500 = C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
@%SystemRoot%\system32\dwm.exe,-2000 = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\system32\FirewallAPI.dll,-23090 = C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
@%systemroot%\system32\FntCache.dll,-100 = C:\Windows\system32\svchost.exe -k LocalService
@%SystemRoot%\system32\ikeext.dll,-501 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\system32\iphlpsvc.dll,-500 = C:\Windows\System32\svchost.exe -k NetSvcs
@%SystemRoot%\system32\lmhsvc.dll,-101 = C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
@%systemroot%\system32\mmcss.dll,-100 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\System32\netlogon.dll,-102 = C:\Windows\system32\lsass.exe
@%SystemRoot%\System32\nlasvc.dll,-1 = C:\Windows\System32\svchost.exe -k NetworkService
@%SystemRoot%\system32\nsisvc.dll,-200 = C:\Windows\system32\svchost.exe -k LocalService
@%SystemRoot%\system32\pcasvc.dll,-1 = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
@%systemroot%\system32\profsvc.dll,-300 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\system32\samsrv.dll,-1 = C:\Windows\system32\lsass.exe
@%SystemRoot%\system32\schedsvc.dll,-100 = C:\Windows\system32\svchost.exe -k netsvcs
@%systemroot%\system32\SearchIndexer.exe,-103 = C:\Windows\system32\SearchIndexer.exe /Embedding
@%SystemRoot%\system32\Sens.dll,-200 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\System32\shsvcs.dll,-12288 = C:\Windows\System32\svchost.exe -k netsvcs
@%systemroot%\system32\spoolsv.exe,-1 = C:\Windows\System32\spoolsv.exe
@%SystemRoot%\system32\sppsvc.exe,-101 = C:\Windows\system32\sppsvc.exe
@%systemroot%\system32\srvsvc.dll,-100 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\system32\sysmain.dll,-1000 = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\System32\themeservice.dll,-8192 = C:\Windows\System32\svchost.exe -k netsvcs
@%SystemRoot%\system32\trkwks.dll,-1 = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\system32\umpnpmgr.dll,-100 = C:\Windows\system32\svchost.exe -k DcomLaunch
@%SystemRoot%\system32\umpo.dll,-100 = C:\Windows\system32\svchost.exe -k DcomLaunch
@%Systemroot%\system32\wbem\wmisvc.dll,-205 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\system32\wevtsvc.dll,-200 = C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
@%SystemRoot%\system32\wiaservc.dll,-9 = C:\Windows\system32\svchost.exe -k imgsvc
@%systemroot%\system32\wkssvc.dll,-100 = C:\Windows\System32\svchost.exe -k NetworkService
@%SystemRoot%\System32\wlansvc.dll,-257 = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
@%SystemRoot%\System32\wscsvc.dll,-200 = C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
@%systemroot%\system32\wuaueng.dll,-105 = C:\Windows\system32\svchost.exe -k netsvcs
@%SystemRoot%\system32\wudfsvc.dll,-1000 = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
@%windir%\system32\RpcEpMap.dll,-1001 = C:\Windows\system32\svchost.exe -k RPCSS
@comres.dll,-2450 = C:\Windows\system32\svchost.exe -k LocalService
@gpapi.dll,-112 = C:\Windows\system32\svchost.exe -k netsvcs
@oleres.dll,-5010 = C:\Windows\system32\svchost.exe -k rpcss
@oleres.dll,-5012 = C:\Windows\system32\svchost.exe -k DcomLaunch
Adobe Acrobat Update Service = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
AVG WatchDog = "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
AVGIDSAgent = "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
BingBar Service = "C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe"
Google Update Service (gupdate) = "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
Microsoft .NET Framework NGEN v2.0.50727_X64 = C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
Microsoft .NET Framework NGEN v2.0.50727_X86 = C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Microsoft .NET Framework NGEN v4.0.30319_X64 = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
Microsoft .NET Framework NGEN v4.0.30319_X86 = C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
Microsoft Online Services Sign-in Assistant = "C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE"
SAS Core Service = "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
Skype Click to Call PNR Service = "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
Skype Click to Call Updater = "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
Skype Updater = "C:\Program Files (x86)\Skype\Updater\Updater.exe"
Trend Micro Solution Platform = "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=qb -dt=60000

[SafeBoot services (Minimal boot)]
* CD-ROM Drive *
{4D36E965-E325-11CE-BFC1-08002BE10318}

* DiskDrive *
{4D36E967-E325-11CE-BFC1-08002BE10318}

* Driver *
sermouse.sys
vga.sys
vgasave.sys
volmgr.sys
volmgrx.sys
WudfPf
WudfRd

* Driver Group *
Base
Boot Bus Extender
Boot file system
File system
Filter
PCI Configuration
PNP Filter
Primary disk
SCSI Class
System Bus Extender

* Floppy disk drive *
{4D36E980-E325-11CE-BFC1-08002BE10318}

* Hdc *
{4D36E96A-E325-11CE-BFC1-08002BE10318}

* Human Interface Devices *
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}

* IEEE 1394 Bus host controllers *
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}

* Keyboard *
{4D36E96B-E325-11CE-BFC1-08002BE10318}

* Mouse *
{4D36E96F-E325-11CE-BFC1-08002BE10318}

* PCMCIA Adapters *
{4D36E977-E325-11CE-BFC1-08002BE10318}

* SBP2 IEEE 1394 Devices *
{D48179BE-EC20-11D1-B6B8-00C04FA372A7}

* SCSIAdapter *
{4D36E97B-E325-11CE-BFC1-08002BE10318}

* SecurityDevices *
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}

* Service *
AppInfo
AppMgmt
CryptSvc
DcomLaunch
EFS
EventLog
HelpSvc
KeyIso
Netlogon
NTDS
PlugPlay
Power
ProfSvc
RpcEptMapper
RpcSs
sacsvr
SWPRV
TabletInputService
TBS
TrustedInstaller
VDS
vmms
WinDefend
WinMgmt
WudfSvc

* Standard floppy disk controller *
{4D36E969-E325-11CE-BFC1-08002BE10318}

* System *
{4D36E97D-E325-11CE-BFC1-08002BE10318}

* Universal Serial Bus controllers *
{36FC9E60-C465-11CF-8056-444553540000}

* Volume *
{71A27CDD-812A-11D0-BEC7-08002BE2092F}

* Volume shadow copy *
{533C5B84-EC70-11D2-9505-00C04F79DEAF}


[SafeBoot services (Minimal boot + network support)]
* CD-ROM Drive *
{4D36E965-E325-11CE-BFC1-08002BE10318}

* DiskDrive *
{4D36E967-E325-11CE-BFC1-08002BE10318}

* Driver *
bowser
dfsc
ipnat.sys
MPSDrv
mrxsmb
mrxsmb10
mrxsmb20
ndiscap
nsiproxy.sys
rdbss
rdpencdd.sys
sermouse.sys
vga.sys
vgasave.sys
volmgr.sys
volmgrx.sys
WudfPf
WudfRd
WudfUsbccidDriver

* Driver Group *
Base
Boot Bus Extender
Boot file system
File system
Filter
NDIS
NDIS Wrapper
NetBIOSGroup
NetDDEGroup
Network
NetworkProvider
PCI Configuration
PNP Filter
PNP_TDI
Primary disk
SCSI Class
Streams Drivers
System Bus Extender
TDI

* Floppy disk drive *
{4D36E980-E325-11CE-BFC1-08002BE10318}

* Hdc *
{4D36E96A-E325-11CE-BFC1-08002BE10318}

* Human Interface Devices *
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}

* IEEE 1394 Bus host controllers *
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}

* Keyboard *
{4D36E96B-E325-11CE-BFC1-08002BE10318}

* Mouse *
{4D36E96F-E325-11CE-BFC1-08002BE10318}

* Net *
{4D36E972-E325-11CE-BFC1-08002BE10318}

* NetClient *
{4D36E973-E325-11CE-BFC1-08002BE10318}

* NetService *
{4D36E974-E325-11CE-BFC1-08002BE10318}

* NetTrans *
{4D36E975-E325-11CE-BFC1-08002BE10318}

* PCMCIA Adapters *
{4D36E977-E325-11CE-BFC1-08002BE10318}

* SBP2 IEEE 1394 Devices *
{D48179BE-EC20-11D1-B6B8-00C04FA372A7}

* SCSIAdapter *
{4D36E97B-E325-11CE-BFC1-08002BE10318}

* SecurityDevices *
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}

* Service *
AFD
AppInfo
AppMgmt
BFE
Browser
CryptSvc
DcomLaunch
Dhcp
DnsCache
Dot3Svc
Eaphost
EFS
EventLog
HelpSvc
IKEEXT
KeyIso
LanmanServer
LanmanWorkstation
LmHosts
Messenger
MPSSvc
NativeWifiP
Ndisuio
NetBIOS
NetBT
Netlogon
NetMan
netprofm
NlaSvc
Nsi
NTDS
PlugPlay
PolicyAgent
Power
ProfSvc
rdsessmgr
RpcEptMapper
RpcSs
sacsvr
SCardSvr
SharedAccess
SWPRV
TabletInputService
TBS
Tcpip
TrustedInstaller
VaultSvc
VDS
vmms
WinDefend
WinMgmt
Wlansvc
WudfSvc

* Smart card readers *
{50DD5230-BA8A-11D1-BF5D-0000F805F530}

* Standard floppy disk controller *
{4D36E969-E325-11CE-BFC1-08002BE10318}

* System *
{4D36E97D-E325-11CE-BFC1-08002BE10318}

* Universal Serial Bus controllers *
{36FC9E60-C465-11CF-8056-444553540000}

* Volume *
{71A27CDD-812A-11D0-BEC7-08002BE2092F}

* Volume shadow copy *
{533C5B84-EC70-11D2-9505-00C04F79DEAF}


[SafeBoot: Alternate shell]
cmd.exe (not enabled)

--------------------

Driver filters:

[Class filters]
* Imaging devices *
- Upper filters
ksthunk.sys

* Infrared devices *
- Upper filters
IRENUM.sys

* Mice and other pointing devices *
- Upper filters
mouclass.sys

* Smart card readers *
- Upper filters
scfilter.sys

* Storage Volumes *
- Lower filters
fvevol.sys
rdyboost.sys



[Device filters]
* @machine.inf,%rdp_kbd.devicedesc%;Terminal Server Keyboard Driver *
- Upper filters
kbdclass.sys

* @machine.inf,%rdp_mou.devicedesc%;Terminal Server Mouse Driver *
- Upper filters
mouclass.sys

* @msports.inf,%*pnp0501.devicedesc%;Communications Port *
- Upper filters
serenum.sys

* @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor) *
- Lower filters
NdisTapi.sys

* @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP) *
- Lower filters
NdisTapi.sys

* @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6) *
- Lower filters
NdisTapi.sys

* @oem5.inf,%bcm1397hmg_devicedesc%;Dell Wireless 1397 WLAN Mini-Card *
- Upper filters
vwifibus.sys

* @pcmcia.inf,%pci\ven_1180&dev_0476.devicedesc%;Ricoh R/RL/5C476(II) or Compatible CardBus Controller *
- Upper filters
pcmcia.sys



--------------------

Print monitors (12):

CutePDF Writer Monitor - cpwmon64.dll
DELS3 Langmon - DELS3L6.DLL
HP 5D12 Status Monitor - hpinksts5D12LM.dll
HP A511 Status Monitor - hpinkstsA511LM.dll
HP Discovery Port Monitor (HP Officejet 6600) - HPDiscoPM5D12.dll
HP Discovery Port Monitor (HP Photosmart 6510 series) - HPDiscoPMA511.dll
LIDIL hpzllw71 - hpzllw71.dll
Local Port - localspl.dll
Microsoft Shared Fax Monitor - FXSMON.DLL
Standard TCP/IP Port - tcpmon.dll
USB Monitor - usbmon.dll
WSD Port - WSDMon.dll

--------------------

WOW compatibility:

[KnownDlls (32-bit) (28)]
advapi32.dll
clbcatq.dll
COMDLG32.dll
difxapi.dll
gdi32.dll
IERTUTIL.dll
IMAGEHLP.dll
IMM32.dll
kernel32.dll
LPK.dll
MSCTF.dll
MSVCRT.dll
NORMALIZ.dll
NSI.dll
ole32.dll
OLEAUT32.dll
PSAPI.DLL
rpcrt4.dll
sechost.dll
Setupapi.dll
SHELL32.dll
SHLWAPI.dll
URLMON.dll
user32.dll
USP10.dll
WININET.dll
WLDAP32.dll
WS2_32.dll


--------------------------------------------------
End of report, 128,627 bytes

Commandline options:
   /showempty      - Show empty sections
   /showcmts       - Show comments in .bat files
   /noshowclsids   - Hide class IDs
   /noshowprivate  - Hide usernames and computer name
   /noshowusers    - Hide entries from other users
   /noshowhardware - Hide entries from other hardware configurations
   /showlargehosts - Show hosts file even when more than 1000 lines are in it
   /showlargezones - Show Zones even when more than 1000 domains are in them
   /autosave       - Run hidden, automatically save a report and quit
   /autosavepath:  - Specify where to save log, when using /autosave.
                     Use surrounding quotes for paths with spaces.