0% found this document useful (0 votes)

153 views28 pages

PSC Exam

This document summarizes the startup configuration and security settings of a Windows 8.1 system belonging to a user named Marius. It lists startup programs, browser settings, services, drivers, and other configuration details. The system has outdated security patches and third-party security software installed for additional protection.

Uploaded by

Ilie Marius

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

153 views28 pages

PSC Exam

Uploaded by

Ilie Marius

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

You are on page 1/ 28

================================================================================

=============
Privacy Software Corporation - PSC-EXAM 1.05 - STARTUPS report
Windows Version: 6.2.9200 (Windows 8.1 Pro) (9600.winblue_r7.150109-2022)
Registered owner: Marius
Internet Explorer:
Current logged user: USERNAME as *LIMITED* USER, privileges DENIED!
Updated: NOT - UPDATED!
================================================================================
=============
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run:
LManager:
---------------------------------------------------------------------HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce:
:
---------------------------------------------------------------------HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices:
---------------------------------------------------------------------HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce:
---------------------------------------------------------------------HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\explorer\run:
---------------------------------------------------------------------HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run:
ToolwizTimeFreeze: "C:\Program Files\Toolwiz Time Freeze 2015\ToolwizTime
Freeze.exe" -autorun
f.lux: "C:\Users\Marius\AppData\Local\FluxSoftware\Flux\flux.
exe" /noshow
CCD: C:\Program Files\COMODO\cDrive\cDrive.exe
---------------------------------------------------------------------HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices:
---------------------------------------------------------------------HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce:
---------------------------------------------------------------------HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\explorer\run:
---------------------------------------------------------------------HKCU\SOFTWARE\Microsoft\OLE:
---------------------------------------------------------------------HKLM\SOFTWARE\Microsoft\OLE:
DefaultLaunchPermission:

EnableDCOM:
LegacyImpersonationLevel:
MachineLaunchRestriction:
MachineAccessRestriction:

---------------------------------------------------------------------HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects:

{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}: C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.D
LL
---------------------------------------------------------------------HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad:
{E6FB5E20-DE35-11CF-9C87-00AA005127ED}: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
---------------------------------------------------------------------HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs:
C:\Windows\SysWOW64\nvinit.dll
---------------------------------------------------------------------HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components:
>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}: %SystemRoot%\system32\unregmp2.exe /Sho
wWMP
{44BBA840-CC51-11CF-AAFA-00AA00B6015C}: "%ProgramFiles%\Windows Mail\WinMail.exe
" OCInstallUserConfigOE
{6BF52A52-394A-11d3-B153-00C04F79FAA6}: %SystemRoot%\system32\unregmp2.exe /Firs
tLogon
{89B4C1CD-B018-4511-B0A1-5476DBF70820}: C:\Windows\SysWOW64\Rundll32.exe C:\Wind
ows\SysWOW64\mscories.dll,Install
---------------------------------------------------------------------HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components:
---------------------------------------------------------------------HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
---------------------------------------------------------------------StartUp folders:
HKCU - ShellFolders: C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Men
u\Programs\Startup
DESKTOP.INI
HKCU - User Folders: C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Men
u\Programs\Startup
DESKTOP.INI
HKLM - ShellFolders: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startu
p
DESKTOP.INI
HKLM - User Folders: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startu
p
DESKTOP.INI
WIN.INI load: (none)
WIN.INI open: (none)
WIN.INI run : (none)
SYSTEM.INI Shell : explorer.exe
SYSTEM.INI ScrSav: C:\Windows\system32\ooscrsav.scr

---------------------------------------------------------------------Associations:
batfile: "%1" %*
ChatFile: (none)
comfile: "%1" %*
chm.file: "%SystemRoot%\hh.exe" %1
exefile: "%1" %*
htafile: C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A28
8AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %*
http: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1
"
https: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1
"
htmlfile: "C:\Program Files\Internet Explorer\iexplore.exe" %1
hlpfile: %SystemRoot%\winhlp32.exe %1
inffile: %SystemRoot%\system32\NOTEPAD.EXE %1
inifile: %SystemRoot%\system32\NOTEPAD.EXE %1
txtfile: %SystemRoot%\system32\NOTEPAD.EXE %1
---------------------------------------------------------------------ActiveX (DPF) location: C:\Windows\Downloaded Program Files
DESKTOP.INI
---------------------------------------------------------------------Browser wars:
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main - search bar:
(none)
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main - search page:
http://go.microsoft.com/fwlink/?LinkId=54896
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search - searchassistant:
(none)
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main - local page:
C:\Windows\system32\blank.htm
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main - HomeOldSP:
(none)
HKCU\SOFTWARE\Microsoft\Internet Explorer\Styles - User StyleSheet:
(none)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - search bar:
(none)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - search page:
http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - searchassistant:
(none)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - local page:
C:\Windows\SysWOW64\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Styles - User StyleSheet:
(none)

---------------------------------------------------------------------HKCU\SYSTEM\CurrentControlSet\Control\Lsa:
---------------------------------------------------------------------HKLM\SYSTEM\CurrentControlSet\Control\Lsa:
---------------------------------------------------------------------HKLM\SYSTEM\CurrentControlSet\Control\MPRServices\TestService:
(none)
---------------------------------------------------------------------HKLM\SYSTEM\CurrentControlSet\Services:
1394ohci: \SystemRoot\System32\drivers\1394ohci.sys
3ware: System32\drivers\3ware.sys
ACPI: System32\drivers\ACPI.sys
acpiex: System32\Drivers\acpiex.sys
acpipagr: \SystemRoot\System32\drivers\acpipagr.sys
AcpiPmi: \SystemRoot\System32\drivers\acpipmi.sys
acpitime: \SystemRoot\System32\drivers\acpitime.sys
ADP80XX: System32\drivers\ADP80XX.SYS
ADUServiceNSRT: C:\Program Files (x86)\Common Files\Microsoft\Care Sui
te\ADUService\ADUService.exe
AeLookupSvc: C:\Windows\system32\svchost.exe -k netsvcs
AFD: \SystemRoot\system32\drivers\afd.sys
agp440: System32\drivers\agp440.sys
ahcache: system32\DRIVERS\ahcache.sys
ALG: C:\Windows\System32\alg.exe
AmdK8: \SystemRoot\System32\drivers\amdk8.sys
AmdPPM: \SystemRoot\System32\drivers\amdppm.sys
amdsata: System32\drivers\amdsata.sys
amdsbs: System32\drivers\amdsbs.sys
amdxata: System32\drivers\amdxata.sys
AppID: \SystemRoot\system32\drivers\appid.sys
AppIDSvc: C:\Windows\system32\svchost.exe -k LocalServiceNetwork
Restricted
Appinfo: C:\Windows\system32\svchost.exe -k netsvcs
AppMgmt: C:\Windows\system32\svchost.exe -k netsvcs
AppReadiness: C:\Windows\System32\svchost.exe -k AppReadiness
AppXSvc: C:\Windows\system32\svchost.exe -k wsappx
arcsas: System32\drivers\arcsas.sys
aspnet_state: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet
_state.exe
AsyncMac: \SystemRoot\system32\DRIVERS\asyncmac.sys
atapi: System32\drivers\atapi.sys
athr: \SystemRoot\system32\DRIVERS\athwbx.sys
AudioEndpointBuilder: C:\Windows\System32\svchost.exe -k LocalSystemNetworkR
estricted
Audiosrv: C:\Windows\System32\svchost.exe -k LocalServiceNetwork
Restricted
AxInstSV: C:\Windows\system32\svchost.exe -k AxInstSVGroup
b06bdrv: System32\drivers\bxvbda.sys
BasicDisplay: \SystemRoot\System32\drivers\BasicDisplay.sys
BasicRender: \SystemRoot\System32\drivers\BasicRender.sys
bcmfn2: \SystemRoot\System32\drivers\bcmfn2.sys
BDESVC: C:\Windows\System32\svchost.exe -k netsvcs
BFE: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwo

rk
BITS: C:\Windows\System32\svchost.exe -k netsvcs
bowser: system32\DRIVERS\bowser.sys
BrokerInfrastructure: C:\Windows\system32\svchost.exe -k DcomLaunch
Browser: C:\Windows\System32\svchost.exe -k netsvcs
BtFilter: \SystemRoot\system32\DRIVERS\btfilter.sys
BthAvrcpTg: \SystemRoot\System32\drivers\BthAvrcpTg.sys
BthEnum: \SystemRoot\System32\drivers\BthEnum.sys
BthHFEnum: \SystemRoot\System32\drivers\bthhfenum.sys
bthhfhid: \SystemRoot\System32\drivers\BthHFHid.sys
BthHFSrv: C:\Windows\System32\svchost.exe -k LocalServiceAndNoIm
personation
BthLEEnum: \SystemRoot\system32\DRIVERS\BthLEEnum.sys
BTHMODEM: \SystemRoot\System32\drivers\bthmodem.sys
BthPan: \SystemRoot\System32\drivers\bthpan.sys
BTHPORT: \SystemRoot\System32\Drivers\BTHport.sys
bthserv: C:\Windows\system32\svchost.exe -k LocalService
BTHUSB: \SystemRoot\System32\Drivers\BTHUSB.sys
cbvd: system32\DRIVERS\cbvd.sys
cdfs: system32\DRIVERS\cdfs.sys
cdrom: \SystemRoot\System32\drivers\cdrom.sys
CertPropSvc: C:\Windows\system32\svchost.exe -k netsvcs
circlass: \SystemRoot\System32\drivers\circlass.sys
CLFS: System32\drivers\CLFS.sys
CmBatt: \SystemRoot\System32\drivers\CmBatt.sys
CmdAgent: "C:\Program Files\COMODO\COMODO Internet Security\cmda
gent.exe"
cmderd: System32\DRIVERS\cmderd.sys
cmdGuard: system32\DRIVERS\cmdguard.sys
cmdhlp: \SystemRoot\system32\DRIVERS\cmdhlp.sys
cmdvirth: "C:\Program Files\COMODO\COMODO Internet Security\cmdv
irth.exe"
CNG: System32\Drivers\cng.sys
CompositeBus: \SystemRoot\System32\drivers\CompositeBus.sys
COMSysApp: C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-F
D88-11D1-960D-00805FC79235}
condrv: System32\drivers\condrv.sys
COSService.exe: C:\Program Files\COMODO\COMMON\COSService.exe
cphs: C:\Windows\SysWow64\IntelCpHeciSvc.exe
CryptSvc: C:\Windows\system32\svchost.exe -k NetworkService
CSC: system32\drivers\csc.sys
CscService: C:\Windows\System32\svchost.exe -k LocalSystemNetworkR
estricted
dam: system32\drivers\dam.sys
DcomLaunch: C:\Windows\system32\svchost.exe -k DcomLaunch
defragsvc: C:\Windows\system32\svchost.exe -k defragsvc
DeviceAssociationService: C:\Windows\system32\svchost.exe -k LocalSystemNetworkR
estricted
DeviceInstall: C:\Windows\system32\svchost.exe -k DcomLaunch
Dfsc: System32\Drivers\dfsc.sys
Dhcp: C:\Windows\system32\svchost.exe -k LocalServiceNetwork
Restricted
disk: System32\drivers\disk.sys
dmvsc: \SystemRoot\System32\drivers\dmvsc.sys
Dnscache: C:\Windows\system32\svchost.exe -k NetworkService
dot3svc: C:\Windows\system32\svchost.exe -k LocalSystemNetworkR
estricted
DPS: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwo
rk
drmkaud: \SystemRoot\system32\drivers\drmkaud.sys

DsiWMIService:
DsmSvc:
DXGKrnl:
Eaphost:
ebdrv:
EFS:
EhStorClass:
EhStorTcgDrv:
ErrDev:
EventLog:

C:\Program Files (x86)\Launch Manager\dsiwmis.exe

C:\Windows\system32\svchost.exe -k netsvcs
\SystemRoot\System32\drivers\dxgkrnl.sys
C:\Windows\System32\svchost.exe -k netsvcs
System32\drivers\evbda.sys
C:\Windows\System32\lsass.exe
System32\drivers\EhStorClass.sys
System32\drivers\EhStorTcgDrv.sys
\SystemRoot\System32\drivers\errdev.sys
C:\Windows\System32\svchost.exe -k LocalServiceNetwork

EventSystem:
Fax:
fdc:
fdPHost:
FDResPub:

C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\fxssvc.exe
\SystemRoot\System32\drivers\fdc.sys
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoIm

Restricted

personation
fhsvc: C:\Windows\system32\svchost.exe -k LocalSystemNetworkR
estricted
FileInfo: System32\drivers\fileinfo.sys
Filetrace: system32\drivers\filetrace.sys
flpydisk: \SystemRoot\System32\drivers\flpydisk.sys
FltMgr: system32\drivers\fltmgr.sys
FontCache: C:\Windows\system32\svchost.exe -k LocalService
FontCache3.0.0.0: C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Presenta
tionFontCache.exe
FoxitCloudUpdateService: C:\Program Files (x86)\Foxit Software\Foxit Reader\Fox
it Cloud\FCUpdateService.exe
FsDepends: System32\drivers\FsDepends.sys
fussvc: "C:\Program Files (x86)\Windows Kits\8.1\App Certifica
tion Kit\fussvc.exe"
fvevol: System32\DRIVERS\fvevol.sys
FxPPM: \SystemRoot\System32\drivers\fxppm.sys
gagp30kx: System32\drivers\gagp30kx.sys
gencounter: \SystemRoot\System32\drivers\vmgencounter.sys
GfExperienceService: "C:\Program Files\NVIDIA Corporation\GeForce Experienc
e Service\GfExperienceService.exe"
GPIOClx0101: System32\Drivers\msgpioclx.sys
gpsvc: C:\Windows\system32\svchost.exe -k netsvcs
gupdate: "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
" /svc
gupdatem: "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
" /medsvc
hcmon: \??\C:\Windows\system32\drivers\hcmon.sys
HdAudAddService: \SystemRoot\system32\drivers\HdAudio.sys
HDAudBus: \SystemRoot\System32\drivers\HDAudBus.sys
HidBatt: \SystemRoot\System32\drivers\HidBatt.sys
HidBth: \SystemRoot\System32\drivers\hidbth.sys
hidi2c: \SystemRoot\System32\drivers\hidi2c.sys
HidIr: \SystemRoot\System32\drivers\hidir.sys
hidserv: C:\Windows\system32\svchost.exe -k LocalSystemNetworkR
estricted
HidUsb: \SystemRoot\System32\drivers\hidusb.sys
hkmsvc: C:\Windows\System32\svchost.exe -k netsvcs
HomeGroupListener: C:\Windows\System32\svchost.exe -k LocalSystemNetworkR
estricted
HomeGroupProvider: C:\Windows\System32\svchost.exe -k LocalServiceNetwork
Restricted
HpSAMD: System32\drivers\HpSAMD.sys
HTTP: system32\drivers\HTTP.sys

hwpolicy: System32\drivers\hwpolicy.sys
hyperkbd: \SystemRoot\System32\drivers\hyperkbd.sys
HyperVideo: \SystemRoot\system32\DRIVERS\HyperVideo.sys
i8042prt: \SystemRoot\System32\drivers\i8042prt.sys
iaLPSSi_GPIO: \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys
iaLPSSi_I2C: \SystemRoot\System32\drivers\iaLPSSi_I2C.sys
iaStorA: System32\drivers\iaStorA.sys
iaStorAV: System32\drivers\iaStorAV.sys
IAStorDataMgrSvc: "C:\Program Files\Intel\Intel(R) Rapid Storage Technol
ogy\IAStorDataMgrSvc.exe"
iaStorV: System32\drivers\iaStorV.sys
ICCS: "C:\Program Files (x86)\Intel\Intel(R) Integrated Cloc
k Controller Service\ICCProxy.exe"
IEEtwCollectorService: C:\Windows\system32\IEEtwCollector.exe /V
igfx: \SystemRoot\system32\DRIVERS\igdkmd64.sys
igfxCUIService1.0.0.0: C:\Windows\system32\igfxCUIService.exe
IKEEXT: C:\Windows\system32\svchost.exe -k netsvcs
inspect: \SystemRoot\system32\DRIVERS\inspect.sys
intaud_WaveExtensible: \SystemRoot\system32\drivers\intelaud.sys
IntcAzAudAddService: \SystemRoot\system32\drivers\RTKVHD64.sys
IntcDAud: \SystemRoot\system32\DRIVERS\IntcDAud.sys
Intel(R) Capability Licensing Service Interface: "C:\Program Files\Intel\iCLS Cl
ient\HeciServer.exe"
Intel(R) Capability Licensing Service TCP IP Interface: "C:\Program Files\Intel\
iCLS Client\SocketHeciServer.exe"
intelide: System32\drivers\intelide.sys
intelpep: System32\drivers\intelpep.sys
intelppm: \SystemRoot\System32\drivers\intelppm.sys
IpFilterDriver: system32\DRIVERS\ipfltdrv.sys
iphlpsvc: C:\Windows\System32\svchost.exe -k NetSvcs
IPMIDRV: \SystemRoot\System32\drivers\IPMIDrv.sys
IPNAT: System32\drivers\ipnat.sys
IpOverUsbSvc: "C:\Program Files (x86)\Common Files\Microsoft Shared\
Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe"
IRENUM: system32\drivers\irenum.sys
isapnp: System32\drivers\isapnp.sys
iScsiPrt: \SystemRoot\System32\drivers\msiscsi.sys
iwdbus: \SystemRoot\System32\drivers\iwdbus.sys
jhi_service: "C:\Program Files (x86)\Intel\Intel(R) Management Engi
ne Components\DAL\jhi_service.exe"
kbdclass: \SystemRoot\System32\drivers\kbdclass.sys
kbdhid: \SystemRoot\System32\drivers\kbdhid.sys
kbldfltr: system32\drivers\kbldfltr.sys
kdnic: \SystemRoot\system32\DRIVERS\kdnic.sys
KeyIso: C:\Windows\system32\lsass.exe
KSecDD: System32\Drivers\ksecdd.sys
KSecPkg: System32\Drivers\ksecpkg.sys
ksthunk: \SystemRoot\system32\drivers\ksthunk.sys
KtmRm: C:\Windows\System32\svchost.exe -k NetworkServiceAndNo
Impersonation
L1C: \SystemRoot\system32\DRIVERS\L1C63x64.sys
LanmanServer: C:\Windows\system32\svchost.exe -k netsvcs
LanmanWorkstation: C:\Windows\System32\svchost.exe -k NetworkService
lfsvc: C:\Windows\system32\svchost.exe -k netsvcs
lltdio: \SystemRoot\system32\DRIVERS\lltdio.sys
lltdsvc: C:\Windows\System32\svchost.exe -k LocalService
lmhosts: C:\Windows\system32\svchost.exe -k LocalServiceNetwork
Restricted
LMS: "C:\Program Files (x86)\Intel\Intel(R) Management Engi
ne Components\LMS\LMS.exe"

LSI_SAS:
LSI_SAS2:
LSI_SAS3:
LSI_SSS:
LSM:
luafv:
megasas:
megasr:
MEIx64:
MMCSS:
Modem:
monitor:
mouclass:
mouhid:
mountmgr:
mpsdrv:
MpsSvc:

System32\drivers\lsi_sas.sys
System32\drivers\lsi_sas2.sys
System32\drivers\lsi_sas3.sys
System32\drivers\lsi_sss.sys
C:\Windows\system32\svchost.exe -k DcomLaunch
\SystemRoot\system32\drivers\luafv.sys
System32\drivers\megasas.sys
System32\drivers\megasr.sys
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
C:\Windows\system32\svchost.exe -k netsvcs
system32\drivers\modem.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\mouhid.sys
System32\drivers\mountmgr.sys
System32\drivers\mpsdrv.sys
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwo

MRxDAV:
mrxsmb:
mrxsmb10:
mrxsmb20:
MsBridge:
MSDTC:
msgpiowin32:
mshidkmdf:
mshidumdf:
msisadrv:
MSiSCSI:
msiserver:
MsKeyboardFilter:
MSKSSRV:
MsLldp:
MSPCLOCK:
MSPQM:
mssmbios:
MSTEE:
MTConfig:
Mup:
mvumis:
napagent:
NativeWifiP:
NcaSvc:
NcbService:
estricted
NcdAutoSetup:
rk
NDIS:
NdisCap:
NdisImPlatform:
NdisTapi:
Ndisuio:
NdisVirtualBus:
NdisWan:
NdisWanLegacy:
Ndu:
NetBIOS:
NetBT:
Netlogon:
Netman:

\SystemRoot\system32\drivers\mrxdav.sys
system32\DRIVERS\mrxsmb.sys
system32\DRIVERS\mrxsmb10.sys
system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\bridge.sys
C:\Windows\System32\msdtc.exe
\SystemRoot\System32\drivers\msgpiowin32.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\mshidumdf.sys
System32\drivers\msisadrv.sys
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\svchost.exe -k netsvcs
\SystemRoot\system32\drivers\MSKSSRV.sys
\SystemRoot\system32\DRIVERS\mslldp.sys
\SystemRoot\system32\drivers\MSPCLOCK.sys
\SystemRoot\system32\drivers\MSPQM.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\system32\drivers\MSTEE.sys
\SystemRoot\System32\drivers\MTConfig.sys
System32\Drivers\mup.sys
System32\drivers\mvumis.sys
C:\Windows\System32\svchost.exe -k NetworkService
\SystemRoot\system32\DRIVERS\nwifi.sys
C:\Windows\System32\svchost.exe -k NetSvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkR

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwo
system32\drivers\ndis.sys
\SystemRoot\system32\DRIVERS\ndiscap.sys
\SystemRoot\system32\DRIVERS\NdisImPlatform.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
system32\drivers\Ndu.sys
system32\DRIVERS\netbios.sys
System32\DRIVERS\netbt.sys
C:\Windows\system32\lsass.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkR

estricted
netprofm: C:\Windows\System32\svchost.exe -k LocalService
NetTcpPortSharing: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcH
ost.exe
netvsc: \SystemRoot\System32\drivers\netvsc63.sys
NlaSvc: C:\Windows\System32\svchost.exe -k NetworkService
npsvctrig: \SystemRoot\System32\drivers\npsvctrig.sys
nsi: C:\Windows\system32\svchost.exe -k LocalService
nsiproxy: system32\drivers\nsiproxy.sys
nvlddmkm: \SystemRoot\system32\DRIVERS\nvlddmkm.sys
NvNetworkService: "C:\Program Files (x86)\NVIDIA Corporation\NetService\
NvNetworkService.exe"
nvpciflt: system32\DRIVERS\nvpciflt.sys
nvraid: System32\drivers\nvraid.sys
nvstor: System32\drivers\nvstor.sys
NvStreamKms: \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\Nv
StreamKms.sys
NvStreamSvc: "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstr
eamsvc.exe"
nvsvc: "C:\Windows\system32\nvvsvc.exe"
nvvad_WaveExtensible: \SystemRoot\system32\drivers\nvvad64v.sys
nv_agp: System32\drivers\nv_agp.sys
OODefragAgent: "C:\Program Files\OO Software\Defrag\oodag.exe"
ose64: "C:\Program Files\Common Files\Microsoft Shared\Source
Engine\OSE.EXE"
p2pimsvc: C:\Windows\System32\svchost.exe -k LocalServicePeerNet
p2psvc: C:\Windows\System32\svchost.exe -k LocalServicePeerNet
PACSPTISVR-Sound_Organizer: "C:\Program Files (x86)\Sony\Sound Organizer\Sony.Ea
rth\PACSPTISVR.exe"
Parport: \SystemRoot\System32\drivers\parport.sys
partmgr: System32\drivers\partmgr.sys
PcaSvc: C:\Windows\system32\svchost.exe -k LocalSystemNetworkR
estricted
pccsmcfd: \SystemRoot\system32\DRIVERS\pccsmcfdx64.sys
pci: System32\drivers\pci.sys
pciide: System32\drivers\pciide.sys
pcmcia: System32\drivers\pcmcia.sys
pcw: System32\drivers\pcw.sys
pdc: system32\drivers\pdc.sys
PEAUTH: system32\drivers\peauth.sys
PeerDistSvc: C:\Windows\System32\svchost.exe -k PeerDist
PerfHost: C:\Windows\SysWow64\perfhost.exe
pla: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwo
rk
PlugPlay: C:\Windows\system32\svchost.exe -k DcomLaunch
PNRPAutoReg: C:\Windows\System32\svchost.exe -k LocalServicePeerNet
PNRPsvc: C:\Windows\System32\svchost.exe -k LocalServicePeerNet
PolicyAgent: C:\Windows\system32\svchost.exe -k NetworkServiceNetwo
rkRestricted
Power: C:\Windows\system32\svchost.exe -k DcomLaunch
PptpMiniport: \SystemRoot\system32\DRIVERS\raspptp.sys
PrintNotify: C:\Windows\system32\svchost.exe -k print
Processor: \SystemRoot\System32\drivers\processr.sys
ProfSvc: C:\Windows\system32\svchost.exe -k netsvcs
Ps2Kb2Hid: \SystemRoot\System32\drivers\aPs2Kb2Hid.sys
Psched: \SystemRoot\system32\DRIVERS\pacer.sys
PxHlpa64: System32\Drivers\PxHlpa64.sys
QWAVE: C:\Windows\system32\svchost.exe -k LocalServiceAndNoIm
personation
QWAVEdrv: \SystemRoot\system32\drivers\qwavedrv.sys

RasAcd:
RasAgileVpn:
RasAuto:
Rasl2tp:
RasMan:
RasPppoe:
RasSstp:
rdbss:
rdpbus:
RDPDR:
RdpVideoMiniport:
rdyboost:
RemoteAccess:
RemoteRegistry:
Reparse:
RfButtonDriverService:
RFCOMM:
RpcEptMapper:
RpcLocator:
RpcSs:
RSPCIESTOR:
rspndr:
s3cap:
SamSs:
sbp2port:
SCardSvr:
personation
ScDeviceEnum:
estricted
scfilter:
Schedule:
SCPolicySvc:
sdbus:
sdstor:
seclogon:
SENS:
SensorsSimulatorDriver:
SensrSvc:
personation
SerCx:
SerCx2:
Serenum:
Serial:
sermouse:
ServiceLayer:
ceLayer.exe"
SessionEnv:
sfloppy:
SharedAccess:
ShellHWDetection:
SiSRaid2:
SiSRaid4:
smphost:
SNMPTRAP:
spaceport:
SpbCx:
Spooler:
sppsvc:
SQLWriter:
iter.exe"

System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
C:\Windows\System32\svchost.exe -k netsvcs
\SystemRoot\system32\DRIVERS\rasl2tp.sys
C:\Windows\System32\svchost.exe -k netsvcs
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
system32\DRIVERS\rdbss.sys
\SystemRoot\System32\drivers\rdpbus.sys
System32\drivers\rdpdr.sys
System32\drivers\rdpvideominiport.sys
System32\drivers\rdyboost.sys
C:\Windows\System32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k localService
system32\DRIVERS\CBReparse.sys
C:\Windows\RfBtnSvc64.exe
\SystemRoot\System32\drivers\rfcomm.sys
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\locator.exe
C:\Windows\system32\svchost.exe -k rpcss
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\drivers\vms3cap.sys
C:\Windows\system32\lsass.exe
System32\drivers\sbp2port.sys
C:\Windows\system32\svchost.exe -k LocalServiceAndNoIm
C:\Windows\system32\svchost.exe -k LocalSystemNetworkR
System32\DRIVERS\scfilter.sys
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k netsvcs
\SystemRoot\System32\drivers\sdbus.sys
\SystemRoot\System32\drivers\sdstor.sys
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k netsvcs
\SystemRoot\system32\DRIVERS\WUDFRd.sys
C:\Windows\system32\svchost.exe -k LocalServiceAndNoIm
system32\drivers\SerCx.sys
system32\drivers\SerCx2.sys
\SystemRoot\System32\drivers\serenum.sys
\SystemRoot\System32\drivers\serial.sys
\SystemRoot\System32\drivers\sermouse.sys
"C:\Program Files (x86)\PC Connectivity Solution\Servi
C:\Windows\System32\svchost.exe -k netsvcs
\SystemRoot\System32\drivers\sfloppy.sys
C:\Windows\System32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k netsvcs
System32\drivers\SiSRaid2.sys
System32\drivers\sisraid4.sys
C:\Windows\System32\svchost.exe -k smphost
C:\Windows\System32\snmptrap.exe
System32\drivers\spaceport.sys
system32\drivers\SpbCx.sys
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwr

srv:
srv2:
srvnet:
SSDPSRV:

System32\DRIVERS\srv.sys
System32\DRIVERS\srv2.sys
System32\DRIVERS\srvnet.sys
C:\Windows\system32\svchost.exe -k LocalServiceAndNoIm

SstpSvc:
stexstor:
stisvc:
storahci:
storflt:
stornvme:
StorSvc:

C:\Windows\system32\svchost.exe -k LocalService
System32\drivers\stexstor.sys
C:\Windows\system32\svchost.exe -k imgsvc
System32\drivers\storahci.sys
System32\drivers\vmstorfl.sys
System32\drivers\stornvme.sys
C:\Windows\System32\svchost.exe -k LocalSystemNetworkR

personation

estricted
storvsc: System32\drivers\storvsc.sys
storvsp: \SystemRoot\System32\drivers\storvsp.sys
svsvc: C:\Windows\system32\svchost.exe -k LocalSystemNetworkR
estricted
swenum: \SystemRoot\System32\drivers\swenum.sys
swprv: C:\Windows\System32\svchost.exe -k swprv
SynchronizationService.exe: C:\Program Files\COMODO\COMMON\SynchronizationServic
e.exe
SysMain: C:\Windows\system32\svchost.exe -k LocalSystemNetworkR
estricted
SystemEventsBroker: C:\Windows\system32\svchost.exe -k DcomLaunch
TabletInputService: C:\Windows\System32\svchost.exe -k LocalSystemNetworkR
estricted
TapiSrv: C:\Windows\System32\svchost.exe -k NetworkService
Tcpip: System32\drivers\tcpip.sys
TCPIP6: \SystemRoot\system32\DRIVERS\tcpip.sys
tcpipreg: System32\drivers\tcpipreg.sys
tdx: \SystemRoot\system32\DRIVERS\tdx.sys
Te.Service: "C:\Program Files (x86)\Windows Kits\8.1\Testing\Runti
mes\TAEF\Wex.Services.exe"
TeamViewer: "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.
exe"
terminpt: \SystemRoot\System32\drivers\terminpt.sys
TermService: C:\Windows\System32\svchost.exe -k NetworkService
Themes: C:\Windows\System32\svchost.exe -k netsvcs
THREADORDER: C:\Windows\system32\svchost.exe -k LocalService
TimeBroker: C:\Windows\system32\svchost.exe -k LocalServiceAndNoIm
personation
TPM: \SystemRoot\system32\drivers\tpm.sys
TrkWks: C:\Windows\System32\svchost.exe -k LocalSystemNetworkR
estricted
TrustedInstaller: C:\Windows\servicing\TrustedInstaller.exe
TsUsbFlt: system32\drivers\tsusbflt.sys
TsUsbGD: \SystemRoot\System32\drivers\TsUsbGD.sys
tunnel: \SystemRoot\system32\DRIVERS\tunnel.sys
TWZDISK: System32\Drivers\TWZDISK.sys
TWZFILE: \??\C:\Windows\System32\Drivers\TWZFILE.sys
uagp35: System32\drivers\uagp35.sys
UASPStor: \SystemRoot\System32\drivers\uaspstor.sys
UCX01000: \SystemRoot\System32\drivers\ucx01000.sys
udfs: system32\DRIVERS\udfs.sys
UEFI: \SystemRoot\System32\drivers\UEFI.sys
UI0Detect: C:\Windows\system32\UI0Detect.exe
uliagpkx: System32\drivers\uliagpkx.sys
umbus: \SystemRoot\System32\drivers\umbus.sys
UmPass: \SystemRoot\System32\drivers\umpass.sys
UmRdpService: C:\Windows\System32\svchost.exe -k LocalSystemNetworkR

estricted
Unchecky: C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
upnphost: C:\Windows\system32\svchost.exe -k LocalServiceAndNoIm
personation
usbccgp:
usbcir:
usbehci:
usbhub:
USBHUB3:
usbohci:
usbprint:
usbscan:
usbser:
USBSTOR:
usbuhci:
usbvideo:
USBXHCI:
VaultSvc:
vdrvroot:
vds:
VerifierExt:
vhdmp:
viaide:
Vid:
VMAuthdService:

\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\usbcir.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\drivers\usbohci.sys
\SystemRoot\System32\drivers\usbprint.sys
\SystemRoot\system32\DRIVERS\usbscan.sys
\SystemRoot\system32\DRIVERS\usbser.sys
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\drivers\usbuhci.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
C:\Windows\system32\lsass.exe
System32\drivers\vdrvroot.sys
C:\Windows\System32\vds.exe
system32\drivers\VerifierExt.sys
\SystemRoot\System32\drivers\vhdmp.sys
System32\drivers\viaide.sys
\SystemRoot\System32\drivers\Vid.sys
"C:\Program Files (x86)\VMware\VMware Player\vmware-au

thd.exe"
vmbus: System32\drivers\vmbus.sys
VMBusHID: \SystemRoot\System32\drivers\VMBusHID.sys
vmbusr: \SystemRoot\System32\drivers\vmbusr.sys
vmci: System32\drivers\vmci.sys
vmicguestinterface: C:\Windows\system32\svchost.exe -k LocalSystemNetworkR
estricted
vmicheartbeat: C:\Windows\system32\svchost.exe -k ICService
vmickvpexchange: C:\Windows\system32\svchost.exe -k LocalSystemNetworkR
estricted
vmicrdv: C:\Windows\system32\svchost.exe -k ICService
vmicshutdown: C:\Windows\system32\svchost.exe -k LocalSystemNetworkR
estricted
vmictimesync: C:\Windows\system32\svchost.exe -k LocalServiceNetwork
Restricted
vmicvss: C:\Windows\system32\svchost.exe -k LocalSystemNetworkR
estricted
vmkbd: \??\C:\Windows\system32\drivers\VMkbd.sys
VMnetAdapter: \SystemRoot\system32\DRIVERS\vmnetadapter.sys
VMnetBridge: \SystemRoot\system32\DRIVERS\vmnetbridge.sys
VMnetDHCP: C:\Windows\system32\vmnetdhcp.exe
VMnetuserif: \??\C:\Windows\system32\drivers\vmnetuserif.sys
VMUSBArbService: "C:\Program Files (x86)\Common Files\VMware\USB\vmware
-usbarbitrator64.exe"
VMware NAT Service: C:\Windows\system32\vmnat.exe
vmx86: \??\C:\Windows\system32\drivers\vmx86.sys
volmgr: System32\drivers\volmgr.sys
volmgrx: System32\drivers\volmgrx.sys
volsnap: System32\drivers\volsnap.sys
vpci: \SystemRoot\System32\drivers\vpci.sys
vpcivsp: \SystemRoot\System32\drivers\vpcivsp.sys
VsEtwService120: "C:\Program Files\Microsoft Visual Studio 12.0\Common7
\Packages\Debugger\Services\VsEtwService.exe"
vsmraid: System32\drivers\vsmraid.sys
vsock: system32\drivers\vsock.sys

VSS:
VSTXRAID:
vwifibus:
vwififlt:
vwifimp:
W32Time:
WacomPen:
Wanarp:
Wanarpv6:
wbengine:
WbioSrvc:
Wcmsvc:

C:\Windows\system32\vssvc.exe
System32\drivers\vstxraid.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
C:\Windows\system32\svchost.exe -k LocalService
\SystemRoot\System32\drivers\wacompen.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
"C:\Windows\system32\wbengine.exe"
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNetwork

wcncsvc:
personation
WcsPlugInService:
WdBoot:
Wdf01000:
WdFilter:
WdiServiceHost:
WdiSystemHost:
estricted
WdNisDrv:
WdNisSvc:
WebClient:
Wecsvc:
WEPHOSTSVC:
wercplsupport:
WerSvc:
WFPLWFS:
WiaRpc:
estricted
WIMMount:
WinDefend:
WinHttpAutoProxySvc:
Winmgmt:
WinRing0_1_2_0:
WinRM:
winusb:
WlanSvc:
estricted
wlidsvc:
WmiAcpi:
wmiApSrv:
WMPNetworkSvc:
exe"
wpcfltr:
WPCSvc:
Restricted
WPDBusEnum:
estricted
WpdUpFltr:
ws2ifsl:
wscsvc:
Restricted
WSearch:
WSService:
wuauserv:
WudfPf:
WUDFRd:

C:\Windows\System32\svchost.exe -k LocalServiceAndNoIm

Restricted
C:\Windows\system32\svchost.exe -k wcssvc
\SystemRoot\system32\drivers\WdBoot.sys
system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WdFilter.sys
C:\Windows\System32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkR
system32\Drivers\WdNisDrv.sys
"C:\Program Files (x86)\Windows
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
system32\DRIVERS\wfplwfs.sys
C:\Windows\system32\svchost.exe

Defender\NisSrv.exe"
-k LocalService
-k NetworkService
-k WepHostSvcGroup
-k netsvcs
-k WerSvcGroup
-k LocalSystemNetworkR

system32\drivers\wimmount.sys
"C:\Program Files (x86)\Windows Defender\MsMpEng.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
\??\C:\Program Files (x86)\BatteryCare\WinRing0x64.sys
C:\Windows\System32\svchost.exe -k NetworkService
\SystemRoot\System32\drivers\winusb.sys
C:\Windows\system32\svchost.exe -k LocalSystemNetworkR
C:\Windows\system32\svchost.exe -k netsvcs
\SystemRoot\System32\drivers\wmiacpi.sys
C:\Windows\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\Windows Media Player\wmpnetwk.
system32\DRIVERS\wpcfltr.sys
C:\Windows\system32\svchost.exe -k LocalServiceNetwork
C:\Windows\system32\svchost.exe -k LocalSystemNetworkR
System32\drivers\WpdUpFltr.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
C:\Windows\System32\svchost.exe -k LocalServiceNetwork
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k wsappx
C:\Windows\system32\svchost.exe -k netsvcs
system32\drivers\WudfPf.sys
\SystemRoot\System32\drivers\WUDFRd.sys

wudfsvc: C:\Windows\system32\svchost.exe -k LocalSystemNetworkR

estricted
WUDFWpdFs: \SystemRoot\system32\DRIVERS\WUDFRd.sys
WwanSvc: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwo
rk
---------------------------------------------------------------------LSP:HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
\Catalog_Entries
000000000001: C:\Windows\system32\mswsock.dll
000000000002: C:\Windows\system32\mswsock.dll
000000000003: C:\Windows\system32\mswsock.dll
000000000004: C:\Windows\system32\mswsock.dll
000000000005: C:\Windows\system32\mswsock.dll
000000000006: C:\Windows\system32\mswsock.dll
000000000007: C:\Windows\system32\mswsock.dll
000000000008: C:\Windows\system32\mswsock.dll
000000000009: C:\Windows\system32\mswsock.dll
000000000010: C:\Windows\system32\mswsock.dll
000000000011: C:\Windows\system32\mswsock.dll
000000000012: C:\Windows\system32\vsocklib.dll
000000000013: C:\Windows\system32\vsocklib.dll
---------------------------------------------------------------------HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:
{8082C5E6-4C27-48ec-A809-B8E1122E8F97}: .contact shell extension handler
{8082C5E6-4C27-48ec-A809-B8E1122E8F97}: %CommonProgramFiles%\System\wab32.dll
{08165EA0-E946-11CF-9C87-00AA005127ED}: WebCheckWebCrawler
{08165EA0-E946-11CF-9C87-00AA005127ED}: C:\Windows\SysWOW64\webcheck.dll
{F5175861-2688-11d0-9C5E-00AA00A45957}: Subscription Folder
{F5175861-2688-11d0-9C5E-00AA00A45957}: C:\Windows\SysWOW64\webcheck.dll
{13D3C4B8-B179-4ebb-BF62-F704173E7448}: Windows Contact Preview Handler
{13D3C4B8-B179-4ebb-BF62-F704173E7448}: %CommonProgramFiles%\System\wab32.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48}: Contacts folder
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48}:
{E6FB5E20-DE35-11CF-9C87-00AA005127ED}: WebCheck
{E6FB5E20-DE35-11CF-9C87-00AA005127ED}:
{7D559C10-9FE9-11d0-93F7-00AA0059CE02}: Code Download Agent
{7D559C10-9FE9-11d0-93F7-00AA0059CE02}: C:\Windows\SysWOW64\webcheck.dll
{CF67796C-F57F-45F8-92FB-AD698826C602}: contact_wab_auto_file
{CF67796C-F57F-45F8-92FB-AD698826C602}: %CommonProgramFiles%\System\wab32.dll
{289AF617-1CC3-42A6-926C-E6A863F0E3BA}: DLNA Namespace Extension
{289AF617-1CC3-42A6-926C-E6A863F0E3BA}: C:\Windows\SysWOW64\dlnashext.dll
{16C2C29D-0E5F-45f3-A445-03E03F587B7D}: group_wab_auto_file
{16C2C29D-0E5F-45f3-A445-03E03F587B7D}: %CommonProgramFiles%\System\wab32.dll
{4F58F63F-244B-4c07-B29F-210BE59BE9B4}: .group shell extension handler
{4F58F63F-244B-4c07-B29F-210BE59BE9B4}: %CommonProgramFiles%\System\wab32.dll
{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}: Subscription Mgr

{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}: C:\Windows\SysWOW64\webcheck.dll
{60254CA5-953B-11CF-8C96-00AA00B8708C}: Shell extensions for Windows Script Host
{60254CA5-953B-11CF-8C96-00AA00B8708C}: C:\Windows\SysWOW64\wshext.dll
{BFD468D2-D0A0-4bdc-878C-E69C2F5B435D}: Microsoft Windows Mail Html Preview Hand
ler
{BFD468D2-D0A0-4bdc-878C-E69C2F5B435D}: C:\Windows\SysWOW64\inetcomm.dll
{f8b8412b-dea3-4130-b36c-5e8be73106ac}: Microsoft Windows Mail Html Preview Hand
ler
{f8b8412b-dea3-4130-b36c-5e8be73106ac}: C:\Windows\SysWOW64\inetcomm.dll
{b9815375-5d7f-4ce2-9245-c9d4da436930}: Microsoft Windows Mail Html Preview Hand
ler
{b9815375-5d7f-4ce2-9245-c9d4da436930}: C:\Windows\SysWOW64\inetcomm.dll
{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}: WebCheck SyncMgr Handler
{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}: C:\Windows\SysWOW64\webcheck.dll
{92dbad9f-5025-49b0-9078-2d78f935e341}: Microsoft Windows Mail Html Preview Hand
ler
{92dbad9f-5025-49b0-9078-2d78f935e341}: C:\Windows\SysWOW64\inetcomm.dll
{3DBEE9A1-C471-4B95-BBCA-F39310064458}: Microsoft Camera Raw Property Store
{3DBEE9A1-C471-4B95-BBCA-F39310064458}: C:\Program Files (x86)\Common Files\Micr
osoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
{8BA85C75-763B-4103-94EB-9470F12FE0F7}: Microsoft SkyDrive Pro Icon Overlay 1 (E
rrorConflict)
{8BA85C75-763B-4103-94EB-9470F12FE0F7}: C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.D
LL
{CD55129A-B1A1-438E-A425-CEBC7DC684EE}: Microsoft SkyDrive Pro Icon Overlay 2 (S
yncInProgress)
{CD55129A-B1A1-438E-A425-CEBC7DC684EE}: C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.D
LL
{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}: Microsoft SkyDrive Pro Icon Overlay 3 (I
nSync)
{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}: C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.D
LL
{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}: Microsoft SkyDrive Pro Browser Helper
{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}: C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.D
LL
{DB19096C-5365-4164-A246-59FEFF9D8062}: Nameext
{DB19096C-5365-4164-A246-59FEFF9D8062}: C:\Program Files (x86)\Microsoft Office\
Office15\NAMEEXT.DLL
{0006F045-0000-0000-C000-000000000046}: Microsoft Outlook Custom Icon Handler
{0006F045-0000-0000-C000-000000000046}: C:\Program Files (x86)\Microsoft Office\
Office15\OLKFSTUB.DLL
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}: Microsoft Office Metadata Handler
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}: C:\Program Files (x86)\Common Files\Micr
osoft Shared\OFFICE15\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}: Microsoft Office Thumbnail Handler

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}: C:\Program Files (x86)\Common Files\Micr

osoft Shared\OFFICE15\msoshext.dll
{c5aec3ec-e812-4677-a9a7-4fee1f9aa000}: Icaros Thumbnail Provider
{c5aec3ec-e812-4677-a9a7-4fee1f9aa000}: C:\Program Files (x86)\K-Lite Codec Pack
\Icaros\32-bit\IcarosThumbnailProvider.dll
{0C08E3BB-D10B-4CC9-B1B3-701F5BE9D6EC}: Icaros Property Handler
{0C08E3BB-D10B-4CC9-B1B3-701F5BE9D6EC}: C:\Program Files (x86)\K-Lite Codec Pack
\Icaros\32-bit\IcarosPropertyHandler.dll
---------------------------------------------------------------------================================================================================
=============
Privacy Software Corporation - PSC-EXAM 1.05 - PROCESSES report
================================================================================
=============
---------------------------------------------------------------------Process ID: 0
SYSTEM IDLE PROC (access denied)
---------------------------------------------------------------------Process ID: 4
RPCSS
(access denied)
---------------------------------------------------------------------Process ID: 468
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 664
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 752
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 856
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 864
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 948
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 1000
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 924
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 484
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 1048
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 1092
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 1148
(ALL access denied - no debug either!)

---------------------------------------------------------------------Process ID: 1184

(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 1208
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 1664
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 1732
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 1840
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 1864
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 1520
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2260
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2364
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2388
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2500
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2576
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2688
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2696
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2808
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2884
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2908
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2988
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2996
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2384
(ALL access denied - no debug either!)

---------------------------------------------------------------------Process ID: 3120

(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 3140
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 3200
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 3220
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 3368
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 3400
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 3576
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 3592
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 3820
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 4316
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 4432
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 4816
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 3964
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2136
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 4888
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 5532
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2444
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2672
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2740
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2944
(ALL access denied - no debug either!)

---------------------------------------------------------------------Process ID: 7060

(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 6064
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 6812
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 1908
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 4772
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2408
UNCHECKY_BG.EXE: C:\PROGRAM FILES (X86)\UNCHECKY\BIN\UNCHECKY_BG.EXE
NTDLL.DLL: C:\WINDOWS\SYSTEM32\NTDLL.DLL
KERNEL32.DLL: C:\WINDOWS\SYSTEM32\KERNEL32.DLL
KERNELBASE.DLL: C:\WINDOWS\SYSTEM32\KERNELBASE.DLL
PSAPI.DLL: C:\WINDOWS\SYSTEM32\PSAPI.DLL
USER32.DLL: C:\WINDOWS\SYSTEM32\USER32.DLL
ADVAPI32.DLL: C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
SHELL32.DLL: C:\WINDOWS\SYSTEM32\SHELL32.DLL
OLE32.DLL: C:\WINDOWS\SYSTEM32\OLE32.DLL
OLEAUT32.DLL: C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
GDI32.DLL: C:\WINDOWS\SYSTEM32\GDI32.DLL
MSVCRT.DLL: C:\WINDOWS\SYSTEM32\MSVCRT.DLL
SECHOST.DLL: C:\WINDOWS\SYSTEM32\SECHOST.DLL
RPCRT4.DLL: C:\WINDOWS\SYSTEM32\RPCRT4.DLL
COMBASE.DLL: C:\WINDOWS\SYSTEM32\COMBASE.DLL
SHLWAPI.DLL: C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
SSPICLI.DLL: C:\WINDOWS\SYSTEM32\SSPICLI.DLL
CRYPTBASE.DLL: C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL
BCRYPTPRIMITIVES.DLL: C:\WINDOWS\SYSTEM32\BCRYPTPRIMITIVES.DLL
IMM32.DLL: C:\WINDOWS\SYSTEM32\IMM32.DLL
MSCTF.DLL: C:\WINDOWS\SYSTEM32\MSCTF.DLL
NVINIT.DLL: C:\WINDOWS\SYSTEM32\NVINIT.DLL
VERSION.DLL: C:\WINDOWS\SYSTEM32\VERSION.DLL
DETOURED.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\_ETOURED.D
LL
NVD3D9WRAP.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\NVD3D9WR
AP.DLL
SETUPAPI.DLL: C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
CFGMGR32.DLL: C:\WINDOWS\SYSTEM32\CFGMGR32.DLL
NVDXGIWRAP.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\NVDXGIWR
AP.DLL
GUARD32.DLL: C:\WINDOWS\SYSTEM32\GUARD32.DLL
FLTLIB.DLL: C:\WINDOWS\SYSTEM32\FLTLIB.DLL
NTMARTA.DLL: C:\WINDOWS\SYSTEM32\NTMARTA.DLL
KERNEL.APPCORE.DLL: C:\WINDOWS\SYSTEM32\KERNEL.APPCORE.DLL
UXTHEME.DLL: C:\WINDOWS\SYSTEM32\UXTHEME.DLL
DWMAPI.DLL: C:\WINDOWS\SYSTEM32\DWMAPI.DLL
SHCORE.DLL: C:\WINDOWS\SYSTEM32\SHCORE.DLL
PROFAPI.DLL: C:\WINDOWS\SYSTEM32\PROFAPI.DLL
---------------------------------------------------------------------Process ID: 4380
(ALL access denied - no debug either!)
----------------------------------------------------------------------

Process ID: 2288

(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 992
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 1292
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 6040
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2008
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 4328
LMANAGER.EXE: C:\PROGRAM FILES (X86)\LAUNCH MANAGER\LMANAGER.EXE
NTDLL.DLL: C:\WINDOWS\SYSTEM32\NTDLL.DLL
KERNEL32.DLL: C:\WINDOWS\SYSTEM32\KERNEL32.DLL
KERNELBASE.DLL: C:\WINDOWS\SYSTEM32\KERNELBASE.DLL
COMCTL32.DLL: C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144
CCF1DF_6.0.9600.17415_NONE_A9ED7F470139B3C1\COMCTL32.DLL
VERSION.DLL: C:\WINDOWS\SYSTEM32\VERSION.DLL
SETUPAPI.DLL: C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
SHLWAPI.DLL: C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
POWRPROF.DLL: C:\WINDOWS\SYSTEM32\POWRPROF.DLL
WLANAPI.DLL: C:\WINDOWS\SYSTEM32\WLANAPI.DLL
WTSAPI32.DLL: C:\WINDOWS\SYSTEM32\WTSAPI32.DLL
COMFNUTL.DLL: C:\PROGRAM FILES (X86)\LAUNCH MANAGER\COMFNUTL.DLL
CDROMUTL.DLL: C:\PROGRAM FILES (X86)\LAUNCH MANAGER\CDROMUTL.DLL
MIXERUTL.DLL: C:\PROGRAM FILES (X86)\LAUNCH MANAGER\MIXERUTL.DLL
WND2FILE.DLL: C:\PROGRAM FILES (X86)\LAUNCH MANAGER\WND2FILE.DLL
POWERUTL.DLL: C:\PROGRAM FILES (X86)\LAUNCH MANAGER\POWERUTL.DLL
OSDUTL2.DLL: C:\PROGRAM FILES (X86)\LAUNCH MANAGER\OSDUTL2.DLL
SZUPFUTL.DLL: C:\PROGRAM FILES (X86)\LAUNCH MANAGER\SZUPFUTL.DLL
RADIOWNDUTL.DLL: C:\PROGRAM FILES (X86)\LAUNCH MANAGER\RADIOWNDUTL.DLL
USER32.DLL: C:\WINDOWS\SYSTEM32\USER32.DLL
GDI32.DLL: C:\WINDOWS\SYSTEM32\GDI32.DLL
ADVAPI32.DLL: C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
SHELL32.DLL: C:\WINDOWS\SYSTEM32\SHELL32.DLL
OLE32.DLL: C:\WINDOWS\SYSTEM32\OLE32.DLL
OLEAUT32.DLL: C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
WINMM.DLL: C:\WINDOWS\SYSTEM32\WINMM.DLL
MSVCRT.DLL: C:\WINDOWS\SYSTEM32\MSVCRT.DLL
CFGMGR32.DLL: C:\WINDOWS\SYSTEM32\CFGMGR32.DLL
RPCRT4.DLL: C:\WINDOWS\SYSTEM32\RPCRT4.DLL
COMBASE.DLL: C:\WINDOWS\SYSTEM32\COMBASE.DLL
SECHOST.DLL: C:\WINDOWS\SYSTEM32\SECHOST.DLL
WINSPOOL.DRV: C:\WINDOWS\SYSTEM32\WINSPOOL.DRV
GDIPLUS.DLL: C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.GDIPLUS_6595B64144CCF1DF_1
.1.9600.17415_NONE_DAD8722C5BCC2D8F\GDIPLUS.DLL
WINMMBASE.DLL: C:\WINDOWS\SYSTEM32\WINMMBASE.DLL
SSPICLI.DLL: C:\WINDOWS\SYSTEM32\SSPICLI.DLL
DEVOBJ.DLL: C:\WINDOWS\SYSTEM32\DEVOBJ.DLL
CRYPTBASE.DLL: C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL
BCRYPTPRIMITIVES.DLL: C:\WINDOWS\SYSTEM32\BCRYPTPRIMITIVES.DLL
IMM32.DLL: C:\WINDOWS\SYSTEM32\IMM32.DLL
MSCTF.DLL: C:\WINDOWS\SYSTEM32\MSCTF.DLL
NVINIT.DLL: C:\WINDOWS\SYSTEM32\NVINIT.DLL
DETOURED.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\_ETOURED.D

LL
NVD3D9WRAP.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\NVD3D9WR
AP.DLL
NVDXGIWRAP.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\NVDXGIWR
AP.DLL
GUARD32.DLL: C:\WINDOWS\SYSTEM32\GUARD32.DLL
PSAPI.DLL: C:\WINDOWS\SYSTEM32\PSAPI.DLL
FLTLIB.DLL: C:\WINDOWS\SYSTEM32\FLTLIB.DLL
NTMARTA.DLL: C:\WINDOWS\SYSTEM32\NTMARTA.DLL
SHCORE.DLL: C:\WINDOWS\SYSTEM32\SHCORE.DLL
PROFAPI.DLL: C:\WINDOWS\SYSTEM32\PROFAPI.DLL
KERNEL.APPCORE.DLL: C:\WINDOWS\SYSTEM32\KERNEL.APPCORE.DLL
LMSMBKEL.DLL: C:\PROGRAM FILES (X86)\LAUNCH MANAGER\LMSMBKEL.DLL
UXTHEME.DLL: C:\WINDOWS\SYSTEM32\UXTHEME.DLL
DWRITE.DLL: C:\WINDOWS\SYSTEM32\DWRITE.DLL
WINSTA.DLL: C:\WINDOWS\SYSTEM32\WINSTA.DLL
DHBKCUTL.DLL: C:\PROGRAM FILES (X86)\LAUNCH MANAGER\DHBKCUTL.DLL
HIDREAD.DLL: C:\PROGRAM FILES (X86)\LAUNCH MANAGER\HIDREAD.DLL
WINTRUST.DLL: C:\WINDOWS\SYSTEM32\WINTRUST.DLL
CRYPT32.DLL: C:\WINDOWS\SYSTEM32\CRYPT32.DLL
MSASN1.DLL: C:\WINDOWS\SYSTEM32\MSASN1.DLL
---------------------------------------------------------------------Process ID: 6060
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 4604
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2636
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 6328
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 1992
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 3432
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 6664
NVBACKEND.EXE: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\UPDATE CORE\NVBACKEND.E
XE
NTDLL.DLL: C:\WINDOWS\SYSTEM32\NTDLL.DLL
KERNEL32.DLL: C:\WINDOWS\SYSTEM32\KERNEL32.DLL
KERNELBASE.DLL: C:\WINDOWS\SYSTEM32\KERNELBASE.DLL
IPHLPAPI.DLL: C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
WS2_32.DLL: C:\WINDOWS\SYSTEM32\WS2_32.DLL
USER32.DLL: C:\WINDOWS\SYSTEM32\USER32.DLL
ADVAPI32.DLL: C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
SHELL32.DLL: C:\WINDOWS\SYSTEM32\SHELL32.DLL
SHLWAPI.DLL: C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
SETUPAPI.DLL: C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
VERSION.DLL: C:\WINDOWS\SYSTEM32\VERSION.DLL
WINHTTP.DLL: C:\WINDOWS\SYSTEM32\WINHTTP.DLL
OLE32.DLL: C:\WINDOWS\SYSTEM32\OLE32.DLL
OLEAUT32.DLL: C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
NSI.DLL: C:\WINDOWS\SYSTEM32\NSI.DLL
WINNSI.DLL: C:\WINDOWS\SYSTEM32\WINNSI.DLL
RPCRT4.DLL: C:\WINDOWS\SYSTEM32\RPCRT4.DLL

GDI32.DLL: C:\WINDOWS\SYSTEM32\GDI32.DLL
MSVCRT.DLL: C:\WINDOWS\SYSTEM32\MSVCRT.DLL
SECHOST.DLL: C:\WINDOWS\SYSTEM32\SECHOST.DLL
COMBASE.DLL: C:\WINDOWS\SYSTEM32\COMBASE.DLL
CFGMGR32.DLL: C:\WINDOWS\SYSTEM32\CFGMGR32.DLL
SSPICLI.DLL: C:\WINDOWS\SYSTEM32\SSPICLI.DLL
CRYPTBASE.DLL: C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL
BCRYPTPRIMITIVES.DLL: C:\WINDOWS\SYSTEM32\BCRYPTPRIMITIVES.DLL
IMM32.DLL: C:\WINDOWS\SYSTEM32\IMM32.DLL
MSCTF.DLL: C:\WINDOWS\SYSTEM32\MSCTF.DLL
NVINIT.DLL: C:\WINDOWS\SYSTEM32\NVINIT.DLL
DETOURED.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\_ETOURED.D
LL
NVD3D9WRAP.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\NVD3D9WR
AP.DLL
NVDXGIWRAP.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\NVDXGIWR
AP.DLL
GUARD32.DLL: C:\WINDOWS\SYSTEM32\GUARD32.DLL
PSAPI.DLL: C:\WINDOWS\SYSTEM32\PSAPI.DLL
FLTLIB.DLL: C:\WINDOWS\SYSTEM32\FLTLIB.DLL
NTMARTA.DLL: C:\WINDOWS\SYSTEM32\NTMARTA.DLL
SHCORE.DLL: C:\WINDOWS\SYSTEM32\SHCORE.DLL
UXTHEME.DLL: C:\WINDOWS\SYSTEM32\UXTHEME.DLL
DWMAPI.DLL: C:\WINDOWS\SYSTEM32\DWMAPI.DLL
DEVOBJ.DLL: C:\WINDOWS\SYSTEM32\DEVOBJ.DLL
WINTRUST.DLL: C:\WINDOWS\SYSTEM32\WINTRUST.DLL
CRYPT32.DLL: C:\WINDOWS\SYSTEM32\CRYPT32.DLL
MSASN1.DLL: C:\WINDOWS\SYSTEM32\MSASN1.DLL
ONTOLOGY.DLL: C:\USERS\MARIUS\APPDATA\LOCAL\NVIDIA\NVBACKEND\APPLICATIONONTOLOGY
\ONTOLOGY.DLL
CRYPTSP.DLL: C:\WINDOWS\SYSTEM32\CRYPTSP.DLL
RSAENH.DLL: C:\WINDOWS\SYSTEM32\RSAENH.DLL
BCRYPT.DLL: C:\WINDOWS\SYSTEM32\BCRYPT.DLL
MSWSOCK.DLL: C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
NAPINSP.DLL: C:\WINDOWS\SYSTEM32\NAPINSP.DLL
PNRPNSP.DLL: C:\WINDOWS\SYSTEM32\PNRPNSP.DLL
NLAAPI.DLL: C:\WINDOWS\SYSTEM32\NLAAPI.DLL
DNSAPI.DLL: C:\WINDOWS\SYSTEM32\DNSAPI.DLL
WINRNR.DLL: C:\WINDOWS\SYSTEM32\WINRNR.DLL
WSHBTH.DLL: C:\WINDOWS\SYSTEM32\WSHBTH.DLL
FWPUCLNT.DLL: C:\WINDOWS\SYSTEM32\FWPUCLNT.DLL
RASADHLP.DLL: C:\WINDOWS\SYSTEM32\RASADHLP.DLL
KERNEL.APPCORE.DLL: C:\WINDOWS\SYSTEM32\KERNEL.APPCORE.DLL
CLBCATQ.DLL: C:\WINDOWS\SYSTEM32\CLBCATQ.DLL
WEBIO.DLL: C:\WINDOWS\SYSTEM32\WEBIO.DLL
SCHANNEL.DLL: C:\WINDOWS\SYSTEM32\SCHANNEL.DLL
GPAPI.DLL: C:\WINDOWS\SYSTEM32\GPAPI.DLL
NCRYPT.DLL: C:\WINDOWS\SYSTEM32\NCRYPT.DLL
NTASN1.DLL: C:\WINDOWS\SYSTEM32\NTASN1.DLL
NCRYPTSSLP.DLL: C:\WINDOWS\SYSTEM32\NCRYPTSSLP.DLL
DPAPI.DLL: C:\WINDOWS\SYSTEM32\DPAPI.DLL
---------------------------------------------------------------------Process ID: 4696
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 5840
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2140
(ALL access denied - no debug either!)

---------------------------------------------------------------------Process ID: 5792

TOOLWIZTIMEFREEZE.EXE: C:\PROGRAM FILES\TOOLWIZ TIME FREEZE 2015\TOOLWIZTIMEFREE
ZE.EXE
NTDLL.DLL: C:\WINDOWS\SYSTEM32\NTDLL.DLL
KERNEL32.DLL: C:\WINDOWS\SYSTEM32\KERNEL32.DLL
KERNELBASE.DLL: C:\WINDOWS\SYSTEM32\KERNELBASE.DLL
USER32.DLL: C:\WINDOWS\SYSTEM32\USER32.DLL
ADVAPI32.DLL: C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
OLEAUT32.DLL: C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
VERSION.DLL: C:\WINDOWS\SYSTEM32\VERSION.DLL
GDI32.DLL: C:\WINDOWS\SYSTEM32\GDI32.DLL
OLE32.DLL: C:\WINDOWS\SYSTEM32\OLE32.DLL
COMCTL32.DLL: C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144
CCF1DF_5.82.9600.17415_NONE_7C5769EAAA0AA358\COMCTL32.DLL
SHELL32.DLL: C:\WINDOWS\SYSTEM32\SHELL32.DLL
COMDLG32.DLL: C:\WINDOWS\SYSTEM32\COMDLG32.DLL
FLTLIB.DLL: C:\WINDOWS\SYSTEM32\FLTLIB.DLL
WINMM.DLL: C:\WINDOWS\SYSTEM32\WINMM.DLL
MSVCRT.DLL: C:\WINDOWS\SYSTEM32\MSVCRT.DLL
SECHOST.DLL: C:\WINDOWS\SYSTEM32\SECHOST.DLL
RPCRT4.DLL: C:\WINDOWS\SYSTEM32\RPCRT4.DLL
COMBASE.DLL: C:\WINDOWS\SYSTEM32\COMBASE.DLL
SHLWAPI.DLL: C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
WINMMBASE.DLL: C:\WINDOWS\SYSTEM32\WINMMBASE.DLL
SSPICLI.DLL: C:\WINDOWS\SYSTEM32\SSPICLI.DLL
CFGMGR32.DLL: C:\WINDOWS\SYSTEM32\CFGMGR32.DLL
DEVOBJ.DLL: C:\WINDOWS\SYSTEM32\DEVOBJ.DLL
CRYPTBASE.DLL: C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL
SHCORE.DLL: C:\WINDOWS\SYSTEM32\SHCORE.DLL
BCRYPTPRIMITIVES.DLL: C:\WINDOWS\SYSTEM32\BCRYPTPRIMITIVES.DLL
IMM32.DLL: C:\WINDOWS\SYSTEM32\IMM32.DLL
MSCTF.DLL: C:\WINDOWS\SYSTEM32\MSCTF.DLL
NVINIT.DLL: C:\WINDOWS\SYSTEM32\NVINIT.DLL
DETOURED.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\_ETOURED.D
LL
NVD3D9WRAP.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\NVD3D9WR
AP.DLL
SETUPAPI.DLL: C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
NVDXGIWRAP.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\NVDXGIWR
AP.DLL
GUARD32.DLL: C:\WINDOWS\SYSTEM32\GUARD32.DLL
PSAPI.DLL: C:\WINDOWS\SYSTEM32\PSAPI.DLL
NTMARTA.DLL: C:\WINDOWS\SYSTEM32\NTMARTA.DLL
UXTHEME.DLL: C:\WINDOWS\SYSTEM32\UXTHEME.DLL
DWMAPI.DLL: C:\WINDOWS\SYSTEM32\DWMAPI.DLL
OLEPRO32.DLL: C:\WINDOWS\SYSTEM32\OLEPRO32.DLL
KERNEL.APPCORE.DLL: C:\WINDOWS\SYSTEM32\KERNEL.APPCORE.DLL
COMCTL32.DLL: C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144
CCF1DF_6.0.9600.17415_NONE_A9ED7F470139B3C1\COMCTL32.DLL
CLBCATQ.DLL: C:\WINDOWS\SYSTEM32\CLBCATQ.DLL
PROPSYS.DLL: C:\WINDOWS\SYSTEM32\PROPSYS.DLL
PROFAPI.DLL: C:\WINDOWS\SYSTEM32\PROFAPI.DLL
WINDOWSCODECS.DLL: C:\WINDOWS\SYSTEM32\WINDOWSCODECS.DLL
---------------------------------------------------------------------Process ID: 6308
FLUX.EXE: C:\USERS\MARIUS\APPDATA\LOCAL\FLUXSOFTWARE\FLUX\FLUX.EXE
NTDLL.DLL: C:\WINDOWS\SYSTEM32\NTDLL.DLL
KERNEL32.DLL: C:\WINDOWS\SYSTEM32\KERNEL32.DLL
KERNELBASE.DLL: C:\WINDOWS\SYSTEM32\KERNELBASE.DLL

DDRAW.DLL: C:\WINDOWS\SYSTEM32\DDRAW.DLL
WSOCK32.DLL: C:\WINDOWS\SYSTEM32\WSOCK32.DLL
USER32.DLL: C:\WINDOWS\SYSTEM32\USER32.DLL
GDI32.DLL: C:\WINDOWS\SYSTEM32\GDI32.DLL
ADVAPI32.DLL: C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
OLE32.DLL: C:\WINDOWS\SYSTEM32\OLE32.DLL
OLEAUT32.DLL: C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
VERSION.DLL: C:\WINDOWS\SYSTEM32\VERSION.DLL
WINTRUST.DLL: C:\WINDOWS\SYSTEM32\WINTRUST.DLL
URLMON.DLL: C:\WINDOWS\SYSTEM32\URLMON.DLL
WININET.DLL: C:\WINDOWS\SYSTEM32\WININET.DLL
SHLWAPI.DLL: C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
COMCTL32.DLL: C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144
CCF1DF_5.82.9600.17415_NONE_7C5769EAAA0AA358\COMCTL32.DLL
SHELL32.DLL: C:\WINDOWS\SYSTEM32\SHELL32.DLL
MSVCRT.DLL: C:\WINDOWS\SYSTEM32\MSVCRT.DLL
DCIMAN32.DLL: C:\WINDOWS\SYSTEM32\DCIMAN32.DLL
WS2_32.DLL: C:\WINDOWS\SYSTEM32\WS2_32.DLL
SECHOST.DLL: C:\WINDOWS\SYSTEM32\SECHOST.DLL
RPCRT4.DLL: C:\WINDOWS\SYSTEM32\RPCRT4.DLL
COMBASE.DLL: C:\WINDOWS\SYSTEM32\COMBASE.DLL
CRYPT32.DLL: C:\WINDOWS\SYSTEM32\CRYPT32.DLL
MSASN1.DLL: C:\WINDOWS\SYSTEM32\MSASN1.DLL
IERTUTIL.DLL: C:\WINDOWS\SYSTEM32\IERTUTIL.DLL
USERENV.DLL: C:\WINDOWS\SYSTEM32\USERENV.DLL
NSI.DLL: C:\WINDOWS\SYSTEM32\NSI.DLL
SSPICLI.DLL: C:\WINDOWS\SYSTEM32\SSPICLI.DLL
PROFAPI.DLL: C:\WINDOWS\SYSTEM32\PROFAPI.DLL
CRYPTBASE.DLL: C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL
BCRYPTPRIMITIVES.DLL: C:\WINDOWS\SYSTEM32\BCRYPTPRIMITIVES.DLL
IMM32.DLL: C:\WINDOWS\SYSTEM32\IMM32.DLL
MSCTF.DLL: C:\WINDOWS\SYSTEM32\MSCTF.DLL
NVINIT.DLL: C:\WINDOWS\SYSTEM32\NVINIT.DLL
DETOURED.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\_ETOURED.D
LL
NVD3D9WRAP.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\NVD3D9WR
AP.DLL
SETUPAPI.DLL: C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
CFGMGR32.DLL: C:\WINDOWS\SYSTEM32\CFGMGR32.DLL
NVDXGIWRAP.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\NVDXGIWR
AP.DLL
GUARD32.DLL: C:\WINDOWS\SYSTEM32\GUARD32.DLL
PSAPI.DLL: C:\WINDOWS\SYSTEM32\PSAPI.DLL
FLTLIB.DLL: C:\WINDOWS\SYSTEM32\FLTLIB.DLL
NTMARTA.DLL: C:\WINDOWS\SYSTEM32\NTMARTA.DLL
DXVA2.DLL: C:\WINDOWS\SYSTEM32\DXVA2.DLL
KERNEL.APPCORE.DLL: C:\WINDOWS\SYSTEM32\KERNEL.APPCORE.DLL
UXTHEME.DLL: C:\WINDOWS\SYSTEM32\UXTHEME.DLL
DWMAPI.DLL: C:\WINDOWS\SYSTEM32\DWMAPI.DLL
SHCORE.DLL: C:\WINDOWS\SYSTEM32\SHCORE.DLL
NVUMDSHIM.DLL: C:\WINDOWS\SYSTEM32\NVUMDSHIM.DLL
SECUR32.DLL: C:\WINDOWS\SYSTEM32\SECUR32.DLL
ONDEMANDCONNROUTEHELPER.DLL: C:\WINDOWS\SYSTEM32\ONDEMANDCONNROUTEHELPER.DLL
WINHTTP.DLL: C:\WINDOWS\SYSTEM32\WINHTTP.DLL
MSWSOCK.DLL: C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
IPHLPAPI.DLL: C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
WINNSI.DLL: C:\WINDOWS\SYSTEM32\WINNSI.DLL
DNSAPI.DLL: C:\WINDOWS\SYSTEM32\DNSAPI.DLL
RASADHLP.DLL: C:\WINDOWS\SYSTEM32\RASADHLP.DLL
FWPUCLNT.DLL: C:\WINDOWS\SYSTEM32\FWPUCLNT.DLL

COMCTL32.DLL: C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144
CCF1DF_6.0.9600.17415_NONE_A9ED7F470139B3C1\COMCTL32.DLL
SCHANNEL.DLL: C:\WINDOWS\SYSTEM32\SCHANNEL.DLL
CRYPTSP.DLL: C:\WINDOWS\SYSTEM32\CRYPTSP.DLL
RSAENH.DLL: C:\WINDOWS\SYSTEM32\RSAENH.DLL
BCRYPT.DLL: C:\WINDOWS\SYSTEM32\BCRYPT.DLL
GPAPI.DLL: C:\WINDOWS\SYSTEM32\GPAPI.DLL
NCRYPT.DLL: C:\WINDOWS\SYSTEM32\NCRYPT.DLL
NTASN1.DLL: C:\WINDOWS\SYSTEM32\NTASN1.DLL
IGDUMDIM32.DLL: C:\WINDOWS\SYSTEM32\IGDUMDIM32.DLL
IGDUSC32.DLL: C:\WINDOWS\SYSTEM32\IGDUSC32.DLL
CRYPTNET.DLL: C:\WINDOWS\SYSTEM32\CRYPTNET.DLL
WLDAP32.DLL: C:\WINDOWS\SYSTEM32\WLDAP32.DLL
MSCMS.DLL: C:\WINDOWS\SYSTEM32\MSCMS.DLL
NCRYPTSSLP.DLL: C:\WINDOWS\SYSTEM32\NCRYPTSSLP.DLL
---------------------------------------------------------------------Process ID: 1412
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 3112
IASTORICON.EXE: C:\PROGRAM FILES\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORI
CON.EXE
NTDLL.DLL: C:\WINDOWS\SYSTEM32\NTDLL.DLL
MSCOREE.DLL: C:\WINDOWS\SYSTEM32\MSCOREE.DLL
KERNEL32.DLL: C:\WINDOWS\SYSTEM32\KERNEL32.DLL
KERNELBASE.DLL: C:\WINDOWS\SYSTEM32\KERNELBASE.DLL
APPHELP.DLL: C:\WINDOWS\SYSTEM32\APPHELP.DLL
ACLAYERS.DLL: C:\WINDOWS\APPPATCH\ACLAYERS.DLL
MSVCRT.DLL: C:\WINDOWS\SYSTEM32\MSVCRT.DLL
USER32.DLL: C:\WINDOWS\SYSTEM32\USER32.DLL
GDI32.DLL: C:\WINDOWS\SYSTEM32\GDI32.DLL
SHELL32.DLL: C:\WINDOWS\SYSTEM32\SHELL32.DLL
SHLWAPI.DLL: C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
OLEAUT32.DLL: C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
MPR.DLL: C:\WINDOWS\SYSTEM32\MPR.DLL
SETUPAPI.DLL: C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
SFC.DLL: C:\WINDOWS\SYSTEM32\SFC.DLL
WINSPOOL.DRV: C:\WINDOWS\SYSTEM32\WINSPOOL.DRV
RPCRT4.DLL: C:\WINDOWS\SYSTEM32\RPCRT4.DLL
COMBASE.DLL: C:\WINDOWS\SYSTEM32\COMBASE.DLL
CFGMGR32.DLL: C:\WINDOWS\SYSTEM32\CFGMGR32.DLL
SSPICLI.DLL: C:\WINDOWS\SYSTEM32\SSPICLI.DLL
SFC_OS.DLL: C:\WINDOWS\SYSTEM32\SFC_OS.DLL
CRYPTBASE.DLL: C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL
SECHOST.DLL: C:\WINDOWS\SYSTEM32\SECHOST.DLL
BCRYPTPRIMITIVES.DLL: C:\WINDOWS\SYSTEM32\BCRYPTPRIMITIVES.DLL
IMM32.DLL: C:\WINDOWS\SYSTEM32\IMM32.DLL
MSCTF.DLL: C:\WINDOWS\SYSTEM32\MSCTF.DLL
NVINIT.DLL: C:\WINDOWS\SYSTEM32\NVINIT.DLL
VERSION.DLL: C:\WINDOWS\SYSTEM32\VERSION.DLL
ADVAPI32.DLL: C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
DETOURED.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\_ETOURED.D
LL
NVD3D9WRAP.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\NVD3D9WR
AP.DLL
NVDXGIWRAP.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\NVDXGIWR
AP.DLL
GUARD32.DLL: C:\WINDOWS\SYSTEM32\GUARD32.DLL
OLE32.DLL: C:\WINDOWS\SYSTEM32\OLE32.DLL
PSAPI.DLL: C:\WINDOWS\SYSTEM32\PSAPI.DLL

FLTLIB.DLL: C:\WINDOWS\SYSTEM32\FLTLIB.DLL
NTMARTA.DLL: C:\WINDOWS\SYSTEM32\NTMARTA.DLL
MSCOREEI.DLL: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\MSCOREEI.DLL
CLR.DLL: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\CLR.DLL
MSVCR120_CLR0400.DLL: C:\WINDOWS\SYSTEM32\MSVCR120_CLR0400.DLL
MSCORLIB.NI.DLL: C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MSCORLIB\D03A3DD
CD6A395878751C5E90FA16915\MSCORLIB.NI.DLL
KERNEL.APPCORE.DLL: C:\WINDOWS\SYSTEM32\KERNEL.APPCORE.DLL
UXTHEME.DLL: C:\WINDOWS\SYSTEM32\UXTHEME.DLL
CLRJIT.DLL: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\CLRJIT.DLL
CRYPTSP.DLL: C:\WINDOWS\SYSTEM32\CRYPTSP.DLL
RSAENH.DLL: C:\WINDOWS\SYSTEM32\RSAENH.DLL
BCRYPT.DLL: C:\WINDOWS\SYSTEM32\BCRYPT.DLL
SYSTEM.NI.DLL: C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\SYSTEM\1A6B5095C44
16A37F9CA4CF4436D1311\SYSTEM.NI.DLL
SYSTEM.DRAWING.NI.DLL: C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\SYSTEM.DRA
WING\D91798A9A9FCB450351FE8E49026A69F\SYSTEM.DRAWING.NI.DLL
SYSTEM.WINDOWS.FORMS.NI.DLL: C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\SYST
EM.WINDOWS.FORMS\A4D2243DF4AF8AB65FF74D436D449789\SYSTEM.WINDOWS.FORMS.NI.DLL
SYSTEM.CONFIGURATION.NI.DLL: C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\SYST
EM.CONFIGURATION\B5B80F1284DFA1B883DA48ED58ECBC47\SYSTEM.CONFIGURATION.NI.DLL
SYSTEM.XML.NI.DLL: C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\SYSTEM.XML\9A3
49FB029581F4752D2C6CFCFEAB816\SYSTEM.XML.NI.DLL
COMCTL32.DLL: C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144
CCF1DF_5.82.9600.17415_NONE_7C5769EAAA0AA358\COMCTL32.DLL
DWMAPI.DLL: C:\WINDOWS\SYSTEM32\DWMAPI.DLL
SYSTEM.CORE.NI.DLL: C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\SYSTEM.CORE\7
94A3D83E77A53D6FC029C389F9CC408\SYSTEM.CORE.NI.DLL
SYSTEM.SERVICEMODEL.NI.DLL: C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\SYSTE
M.SERVICEMODEL\BA30D04512DA7A1965A3571BCD99BEC3\SYSTEM.SERVICEMODEL.NI.DLL
SMDIAGNOSTICS.NI.DLL: C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\SMDIAGNOSTI
CS\FBB07EF2F687508F75BFEACD97F2453B\SMDIAGNOSTICS.NI.DLL
SYSTEM.SERVICEMODEL.INTERNALS.NI.DLL: C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.3031
9_32\SYSTEM.SERVD1DEC626#\D6180CFAAC57962CA62186C1151B5F7F\SYSTEM.SERVICEMODEL.I
NTERNALS.NI.DLL
SYSTEM.RUNTIME.SERIALIZATION.NI.DLL: C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319
_32\SYSTEM.RUNTEB92AA12#\7D61AB80C44108150BAD37E8D916E220\SYSTEM.RUNTIME.SERIALI
ZATION.NI.DLL
SYSTEM.SERVICEMODEL.WEB.NI.DLL: C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\S
YSTEM.SERVF73E6522#\B3C81A74A2EB41ADDC4ACD4F57471DF5\SYSTEM.SERVICEMODEL.WEB.NI.
DLL
SYSTEM.IDENTITYMODEL.NI.DLL: C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\SYST
EM.IDENTITYMODEL\E022D26945EA757DD775664E03BC2EE2\SYSTEM.IDENTITYMODEL.NI.DLL
SHCORE.DLL: C:\WINDOWS\SYSTEM32\SHCORE.DLL
GDIPLUS.DLL: C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.GDIPLUS_6595B64144CCF1DF_1
.1.9600.17415_NONE_DAD8722C5BCC2D8F\GDIPLUS.DLL
DWRITE.DLL: C:\WINDOWS\SYSTEM32\DWRITE.DLL
WINDOWSCODECS.DLL: C:\WINDOWS\SYSTEM32\WINDOWSCODECS.DLL
PROFAPI.DLL: C:\WINDOWS\SYSTEM32\PROFAPI.DLL
SYSTEM.WEB.NI.DLL: C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\SYSTEM.WEB\E3A
2B379DEABEC908165C08BA74F31F2\SYSTEM.WEB.NI.DLL
SECUR32.DLL: C:\WINDOWS\SYSTEM32\SECUR32.DLL
MSV1_0.DLL: C:\WINDOWS\SYSTEM32\MSV1_0.DLL
CRYPTDLL.DLL: C:\WINDOWS\SYSTEM32\CRYPTDLL.DLL
---------------------------------------------------------------------Process ID: 5700
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 2060
(ALL access denied - no debug either!)

---------------------------------------------------------------------Process ID: 5660

(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 5796
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 6364
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 7112
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 4352
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 7044
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 6312
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 6680
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 3688
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 6552
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 6304
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 7092
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 6160
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 6548
(ALL access denied - no debug either!)
---------------------------------------------------------------------Process ID: 3328
PSC-EXAM.EXE: C:\USERS\MARIUS\DESKTOP\PSC-EXAM.EXE
NTDLL.DLL: C:\WINDOWS\SYSTEM32\NTDLL.DLL
KERNEL32.DLL: C:\WINDOWS\SYSTEM32\KERNEL32.DLL
KERNELBASE.DLL: C:\WINDOWS\SYSTEM32\KERNELBASE.DLL
APPHELP.DLL: C:\WINDOWS\SYSTEM32\APPHELP.DLL
ADVAPI32.DLL: C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
USER32.DLL: C:\WINDOWS\SYSTEM32\USER32.DLL
MSVCRT.DLL: C:\WINDOWS\SYSTEM32\MSVCRT.DLL
SECHOST.DLL: C:\WINDOWS\SYSTEM32\SECHOST.DLL
RPCRT4.DLL: C:\WINDOWS\SYSTEM32\RPCRT4.DLL
GDI32.DLL: C:\WINDOWS\SYSTEM32\GDI32.DLL
SSPICLI.DLL: C:\WINDOWS\SYSTEM32\SSPICLI.DLL
CRYPTBASE.DLL: C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL
BCRYPTPRIMITIVES.DLL: C:\WINDOWS\SYSTEM32\BCRYPTPRIMITIVES.DLL
IMM32.DLL: C:\WINDOWS\SYSTEM32\IMM32.DLL
MSCTF.DLL: C:\WINDOWS\SYSTEM32\MSCTF.DLL

NVINIT.DLL: C:\WINDOWS\SYSTEM32\NVINIT.DLL
VERSION.DLL: C:\WINDOWS\SYSTEM32\VERSION.DLL
DETOURED.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\_ETOURED.D
LL
NVD3D9WRAP.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\NVD3D9WR
AP.DLL
SETUPAPI.DLL: C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
CFGMGR32.DLL: C:\WINDOWS\SYSTEM32\CFGMGR32.DLL
NVDXGIWRAP.DLL: C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\COPROCMANAGER\NVDXGIWR
AP.DLL
GUARD32.DLL: C:\WINDOWS\SYSTEM32\GUARD32.DLL
OLE32.DLL: C:\WINDOWS\SYSTEM32\OLE32.DLL
SHLWAPI.DLL: C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
PSAPI.DLL: C:\WINDOWS\SYSTEM32\PSAPI.DLL
COMBASE.DLL: C:\WINDOWS\SYSTEM32\COMBASE.DLL
FLTLIB.DLL: C:\WINDOWS\SYSTEM32\FLTLIB.DLL
NTMARTA.DLL: C:\WINDOWS\SYSTEM32\NTMARTA.DLL
VDMDBG.DLL: C:\WINDOWS\SYSTEM32\VDMDBG.DLL
---------------------------------------------------------------------Process ID: 2600
(ALL access denied - no debug either!)
================================================================================
=============
------------------------------------- END REPORT ----------------------------------------================================================================================
=============
Active Connections
Proto
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP

Local Address
0.0.0.0:135
0.0.0.0:445
0.0.0.0:902
0.0.0.0:912
0.0.0.0:49152
0.0.0.0:49153
0.0.0.0:49154
0.0.0.0:49155
0.0.0.0:49156
0.0.0.0:49162
0.0.0.0:50300
127.0.0.1:5939
127.0.0.1:9990
127.0.0.1:23404
192.168.0.101:139
192.168.0.101:55940
192.168.0.101:55942
192.168.0.101:55964
192.168.0.101:55966
192.168.0.101:55969
192.168.0.101:56062

Foreign Address
0:0
0:0
0:0
0:0
0:0
0:0
0:0
0:0
0:0
0:0
0:0
0:0
0:0
0:0
0:0
217.73.160.219:https
217.73.160.215:https
we-in-f188:5228
217.73.160.221:https
do-6:https
db3msgr6012706:https

State
LISTENING
LISTENING
LISTENING
LISTENING
LISTENING
LISTENING
LISTENING
LISTENING
LISTENING
LISTENING
LISTENING
LISTENING
LISTENING
LISTENING
LISTENING
ESTABLISHED
ESTABLISHED
ESTABLISHED
ESTABLISHED
ESTABLISHED
ESTABLISHED

Empowerment Tech Microsoft Excel PPT 1
100% (1)
Empowerment Tech Microsoft Excel PPT 1
45 pages
Harley Davidson xr1200 2010 Owners Manual
No ratings yet
Harley Davidson xr1200 2010 Owners Manual
137 pages
Ansi Aami SP10-2002 A1-2003 (R) 2008
No ratings yet
Ansi Aami SP10-2002 A1-2003 (R) 2008
2 pages
Software Rip
No ratings yet
Software Rip
1,320 pages
List of Drivers
No ratings yet
List of Drivers
78 pages
Cridex Malware Memory Analysis
No ratings yet
Cridex Malware Memory Analysis
14 pages
Prev
No ratings yet
Prev
1,047 pages
Cessna 550-551-560 (PWC JT15D) Initial Aircraft Type Rating Course
50% (2)
Cessna 550-551-560 (PWC JT15D) Initial Aircraft Type Rating Course
27 pages
TDSSKiller.2.8.6.0 14.08.2012 18.54.33 Log
No ratings yet
TDSSKiller.2.8.6.0 14.08.2012 18.54.33 Log
124 pages
ZHPDiag
No ratings yet
ZHPDiag
48 pages
ZHP Diag
No ratings yet
ZHP Diag
41 pages
FRST
No ratings yet
FRST
66 pages
RFA Bugreport
No ratings yet
RFA Bugreport
27 pages
TDSSKiller.2.8.16.0 03.10.2019 21.23.57 Log
No ratings yet
TDSSKiller.2.8.16.0 03.10.2019 21.23.57 Log
34 pages
Log Steganos OKAYFREEDOM
No ratings yet
Log Steganos OKAYFREEDOM
28 pages
Siv Vig Postgrad
No ratings yet
Siv Vig Postgrad
23 pages
FRST
No ratings yet
FRST
25 pages
Speccy PC Specs
No ratings yet
Speccy PC Specs
73 pages
Kesla 20RH Harvester Head (Operator)
100% (1)
Kesla 20RH Harvester Head (Operator)
64 pages
Assignment 2
No ratings yet
Assignment 2
7 pages
Services
No ratings yet
Services
28 pages
MadTech - A Revolution Between Martech and Adtech PDF
No ratings yet
MadTech - A Revolution Between Martech and Adtech PDF
7 pages
Process
No ratings yet
Process
8 pages
UsbFix Report
No ratings yet
UsbFix Report
8 pages
UsbFix Report
No ratings yet
UsbFix Report
8 pages
Process Explorer Utility
No ratings yet
Process Explorer Utility
13 pages
Zadia
No ratings yet
Zadia
55 pages
ZA Scan
No ratings yet
ZA Scan
5 pages
Rkill
No ratings yet
Rkill
7 pages
UsbFix Report
No ratings yet
UsbFix Report
8 pages
Bugreport
No ratings yet
Bugreport
34 pages
Module 1 Introduction To Java Technology
No ratings yet
Module 1 Introduction To Java Technology
62 pages
Desktop 3K14FBP
No ratings yet
Desktop 3K14FBP
41 pages
Developing Countries - Col
No ratings yet
Developing Countries - Col
1 page
Start Up List
No ratings yet
Start Up List
3 pages
Bug Report
No ratings yet
Bug Report
31 pages
Summary and Response Essay
No ratings yet
Summary and Response Essay
6 pages
MBRCheck 04.12.12 16.30.06
No ratings yet
MBRCheck 04.12.12 16.30.06
4 pages
Process
No ratings yet
Process
7 pages
Upd 2
No ratings yet
Upd 2
9 pages
HP Nc6400 Compal La-2952p
No ratings yet
HP Nc6400 Compal La-2952p
46 pages
API Security Project: Kick Off
No ratings yet
API Security Project: Kick Off
26 pages
Information
No ratings yet
Information
7 pages
System Idle Processkuku
No ratings yet
System Idle Processkuku
4 pages
Coca Cola 131212165203 Phpapp02
50% (2)
Coca Cola 131212165203 Phpapp02
26 pages
Yealink - SIP-T21P-E2 - Datasheet - by LATNOK CD
No ratings yet
Yealink - SIP-T21P-E2 - Datasheet - by LATNOK CD
2 pages
UsbFix Report
No ratings yet
UsbFix Report
6 pages
TV LCD Led Sharp Lc32le630e
No ratings yet
TV LCD Led Sharp Lc32le630e
176 pages
The Philippines 50 Years From Now in Terms of Political
No ratings yet
The Philippines 50 Years From Now in Terms of Political
2 pages
Backdoor
No ratings yet
Backdoor
4 pages
Bug Report
No ratings yet
Bug Report
11 pages
Bug Report
No ratings yet
Bug Report
5 pages
Heritage Drillworks-Pore Pressure - Geomechanics Presentation
No ratings yet
Heritage Drillworks-Pore Pressure - Geomechanics Presentation
24 pages
Ultra Virus Killer Log
No ratings yet
Ultra Virus Killer Log
8 pages
UsbFix Report
No ratings yet
UsbFix Report
4 pages
Bug Report
No ratings yet
Bug Report
7 pages
Bug Report
No ratings yet
Bug Report
8 pages
Current Process List
No ratings yet
Current Process List
18 pages
Fontlog
No ratings yet
Fontlog
3 pages
108.CSS Links
No ratings yet
108.CSS Links
6 pages
1 Chapter 1 - Intro To Computer - Programming
No ratings yet
1 Chapter 1 - Intro To Computer - Programming
42 pages
CV Sara Ben Chamkha
No ratings yet
CV Sara Ben Chamkha
1 page
COMPUTECH
No ratings yet
COMPUTECH
30 pages
Process List
No ratings yet
Process List
14 pages
Process List
No ratings yet
Process List
8 pages
Seminar On Electronic Fuel Injection 1
No ratings yet
Seminar On Electronic Fuel Injection 1
4 pages
FRST
No ratings yet
FRST
11 pages
Bug Report 21
No ratings yet
Bug Report 21
5 pages
Bug Report
No ratings yet
Bug Report
7 pages
Workbook For Students Guide
No ratings yet
Workbook For Students Guide
25 pages
122 Epirb
No ratings yet
122 Epirb
1 page
Hijack THis
No ratings yet
Hijack THis
3 pages
Analyzing Microsoft Office Documents
No ratings yet
Analyzing Microsoft Office Documents
10 pages
Log Steganos OKAYFREEDOM
No ratings yet
Log Steganos OKAYFREEDOM
25 pages
English Unit 8 Questions
No ratings yet
English Unit 8 Questions
5 pages
Tachiyomi
No ratings yet
Tachiyomi
3 pages
UsbFix Report
No ratings yet
UsbFix Report
3 pages
Hi Jack Thisiii
No ratings yet
Hi Jack Thisiii
5 pages
Chrome Reprompt
No ratings yet
Chrome Reprompt
5 pages
Microproject Soft
No ratings yet
Microproject Soft
14 pages
AdwCleaner (C00)
No ratings yet
AdwCleaner (C00)
3 pages
Process
No ratings yet
Process
7 pages
INE Command and Control C2 CC Course File
No ratings yet
INE Command and Control C2 CC Course File
73 pages
Network
No ratings yet
Network
90 pages
Process List
No ratings yet
Process List
8 pages
Bug Report
No ratings yet
Bug Report
9 pages
Process
No ratings yet
Process
4 pages
CyberArk Sentry PAM
No ratings yet
CyberArk Sentry PAM
5 pages
Autodesk Fusion 360 PCB Black Book (V 2.0.18719)
From Everand
Autodesk Fusion 360 PCB Black Book (V 2.0.18719)
Gaurav Verma
No ratings yet
Evaluation of Some Android Emulators and Installation of Android OS on Virtualbox and VMware
From Everand
Evaluation of Some Android Emulators and Installation of Android OS on Virtualbox and VMware
Dr. Hidaia Mahmood Alassouli
No ratings yet

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

PSC Exam

Uploaded by

PSC Exam

Uploaded by

================================================================================

---------------------------------------------------------------------HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects:

C:\Program Files (x86)\Launch Manager\dsiwmis.exe

wudfsvc: C:\Windows\system32\svchost.exe -k LocalSystemNetworkR

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}: C:\Program Files (x86)\Common Files\Micr

---------------------------------------------------------------------Process ID: 1184

---------------------------------------------------------------------Process ID: 3120

---------------------------------------------------------------------Process ID: 7060

Process ID: 2288

---------------------------------------------------------------------Process ID: 5792

---------------------------------------------------------------------Process ID: 5660

You might also like

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.