Hijack log please help(RESOLVED)
-
Hijack log please help(RESOLVED)
Hi, my pc barely even works. It has all but stopped loading pages and prevents my from accessing search engines. I had to even use another pc in my home to register here. Here is my HJT log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:09, on 2008-05-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\zHotkey.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\NETGEAR\WPN111\wpn111.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: {9278edf9-8a93-3ee8-1464-131917f7a503} - {305a7f71-9131-4641-8ee3-39a89fde8729} - C:\WINDOWS\system32\lvbgsdat.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\s wg.dll
O2 - BHO: (no name) - {C4647C0B-369F-41E9-A8A8-2E65620DA119} - C:\WINDOWS\system32\qoMfecYq.dll (file missing)
O2 - BHO: (no name) - {E23136A1-1AC4-4D1B-926F-5D537CFFF359} - C:\WINDOWS\system32\opnmNdDt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump
s_startup
O4 - HKLM\..\Run: [b420deac] rundll32.exe "C:\WINDOWS\system32\finphrln.dll",b
O4 - HKLM\..\Run: [BMb713ed30] Rundll32.exe "C:\WINDOWS\system32\mwkpagvg.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {F2D35D99-63B1-46D3-970C-6E22320D5DCB} (kSoloCntrlIE Class) - http://www.ksolo.com/playerBase/kSoloIEHDSD.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: opnmNdDt - C:\WINDOWS\SYSTEM32\opnmNdDt.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - Network Associates, Inc. - C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
--
End of file - 7751 bytes
-
Spybot s&d 1.5 keeps finding virtumonde and virtumonde.dll here is the log:
--- Search result list ---
Virtumonde.dll: [SBI $D83DB17A] Library (File, nothing done)
C:\WINDOWS\system32\qoMfecYq.dll_old
AdRevolver: Tracking cookie (Opera 7+: Owner) (Cookie, nothing done)
AdRevolver: Tracking cookie (Opera 7+: Owner) (Cookie, nothing done)
AdRevolver: Tracking cookie (Opera 7+: Owner) (Cookie, nothing done)
AdRevolver: Tracking cookie (Opera 7+: Owner) (Cookie, nothing done)
AdRevolver: Tracking cookie (Opera 7+: Owner) (Cookie, nothing done)
AdRevolver: Tracking cookie (Opera 7+: Owner) (Cookie, nothing done)
AdRevolver: Tracking cookie (Opera 7+: Owner) (Cookie, nothing done)
AdRevolver: Tracking cookie (Opera 7+: Owner) (Cookie, nothing done)
HitBox: Tracking cookie (Opera 7+: Owner) (Cookie, nothing done)
WebTrends live: Tracking cookie (Opera 7+: Owner) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---
2008-01-28 blindman.exe (1.0.0.7)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-01-28 SDMain.exe (1.0.0.5)
2007-10-07 SDShred.exe (1.0.1.2)
2008-01-28 SDUpdate.exe (1.0.8.8)
2008-01-28 SDWinSec.exe (1.0.0.11)
2008-01-28 SpybotSD.exe (1.5.2.20)
2008-01-28 TeaTimer.exe (1.5.2.16)
2008-05-27 unins000.exe (51.49.0.0)
2008-01-28 Update.exe (1.4.0.6)
2008-01-28 advcheck.dll (1.5.4.5)
2007-04-02 aports.dll (2.1.0.0)
2007-11-17 DelZip179.dll (1.79.7.4)
2008-01-28 SDFiles.dll (1.5.1.19)
2008-01-28 SDHelper.dll (1.5.0.11)
2008-01-28 Tools.dll (2.1.3.3)
2008-04-16 Includes\Adware.sbi (*)
2008-05-21 Includes\AdwareC.sbi (*)
2008-05-21 Includes\Cookies.sbi (*)
2007-12-26 Includes\Dialer.sbi (*)
2008-05-21 Includes\DialerC.sbi (*)
2008-05-21 Includes\HeavyDuty.sbi (*)
2008-04-30 Includes\Hijackers.sbi (*)
2008-05-21 Includes\HijackersC.sbi (*)
2008-04-30 Includes\Keyloggers.sbi (*)
2008-05-21 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-05-21 Includes\Malware.sbi (*)
2008-05-21 Includes\MalwareC.sbi (*)
2008-03-26 Includes\PUPS.sbi (*)
2008-05-21 Includes\PUPSC.sbi (*)
2008-05-21 Includes\Revision.sbi (*)
2008-01-09 Includes\Security.sbi (*)
2008-05-21 Includes\SecurityC.sbi (*)
2008-04-16 Includes\Spybots.sbi (*)
2008-05-21 Includes\SpybotsC.sbi (*)
2008-04-16 Includes\Spyware.sbi (*)
2008-05-21 Includes\SpywareC.sbi (*)
2007-11-06 Includes\Tracks.uti
2008-05-21 Includes\Trojans.sbi (*)
2008-05-21 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2008-12-24 Plugins\TCPIPAddress.dll
--- System information ---
Windows XP (Build: 2600) Service Pack 2 (5.1.2600)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
/ Windows Media Player 9: Security Update for Windows Media Player 9 (KB936782)
/ Windows XP: Security Update for Windows XP (KB923689)
/ Windows XP: Security Update for Windows XP (KB941569)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB938127)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB942615)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB944533)
/ Windows XP / SP0: Hotfix for Windows Internet Explorer 7 (KB947864)
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Update for Windows XP (KB904942)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Hotfix for Windows XP (KB914440)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918118)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
/ Windows XP / SP3: Security Update for Windows XP (KB919007)
/ Windows XP / SP3: Security Update for Windows XP (KB920213)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB920685)
/ Windows XP / SP3: Update for Windows XP (KB920872)
/ Windows XP / SP3: Security Update for Windows XP (KB921503)
/ Windows XP / SP3: Update for Windows XP (KB922582)
/ Windows XP / SP3: Security Update for Windows XP (KB922819)
/ Windows XP / SP3: Security Update for Windows XP (KB923191)
/ Windows XP / SP3: Security Update for Windows XP (KB923414)
/ Windows XP / SP3: Security Update for Windows XP (KB923980)
/ Windows XP / SP3: Security Update for Windows XP (KB924270)
/ Windows XP / SP3: Security Update for Windows XP (KB924496)
/ Windows XP / SP3: Security Update for Windows XP (KB924667)
/ Windows XP / SP3: Security Update for Windows XP (KB925902)
/ Windows XP / SP3: Security Update for Windows XP (KB926255)
/ Windows XP / SP3: Security Update for Windows XP (KB926436)
/ Windows XP / SP3: Security Update for Windows XP (KB927779)
/ Windows XP / SP3: Security Update for Windows XP (KB927802)
/ Windows XP / SP3: Update for Windows XP (KB927891)
/ Windows XP / SP3: Security Update for Windows XP (KB928255)
/ Windows XP / SP3: Security Update for Windows XP (KB928843)
/ Windows XP / SP3: Security Update for Windows XP (KB929123)
/ Windows XP / SP3: Security Update for Windows XP (KB930178)
/ Windows XP / SP3: Update for Windows XP (KB930916)
/ Windows XP / SP3: Security Update for Windows XP (KB931261)
/ Windows XP / SP3: Security Update for Windows XP (KB931784)
/ Windows XP / SP3: Security Update for Windows XP (KB932168)
/ Windows XP / SP3: Security Update for Windows XP (KB933729)
/ Windows XP / SP3: Hotfix for Windows XP (KB935448)
/ Windows XP / SP3: Security Update for Windows XP (KB935839)
/ Windows XP / SP3: Security Update for Windows XP (KB935840)
/ Windows XP / SP3: Security Update for Windows XP (KB936021)
/ Windows XP / SP3: Update for Windows XP (KB936357)
/ Windows XP / SP3: Security Update for Windows XP (KB938127)
/ Windows XP / SP3: Update for Windows XP (KB938828)
/ Windows XP / SP3: Security Update for Windows XP (KB938829)
/ Windows XP / SP3: Security Update for Windows XP (KB941202)
/ Windows XP / SP3: Security Update for Windows XP (KB941568)
/ Windows XP / SP3: Security Update for Windows XP (KB941644)
/ Windows XP / SP3: Security Update for Windows XP (KB941693)
/ Windows XP / SP3: Security Update for Windows XP (KB942615)
/ Windows XP / SP3: Update for Windows XP (KB942763)
/ Windows XP / SP3: Update for Windows XP (KB942840)
/ Windows XP / SP3: Security Update for Windows XP (KB943055)
/ Windows XP / SP3: Security Update for Windows XP (KB943460)
/ Windows XP / SP3: Security Update for Windows XP (KB943485)
/ Windows XP / SP3: Security Update for Windows XP (KB944653)
/ Windows XP / SP3: Security Update for Windows XP (KB945553)
/ Windows XP / SP3: Security Update for Windows XP (KB946026)
/ Windows XP / SP3: Update for Windows XP (KB946627)
/ Windows XP / SP3: Security Update for Windows XP (KB948590)
/ Windows XP / SP3: Security Update for Windows XP (KB948881)
/ Windows XP / SP3: Security Update for Windows XP (KB950749)
/ Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221
--- Startup entries list ---
Located: HK_LM:Run, AlcWzrd
command: ALCWZRD.EXE
file: C:\WINDOWS\ALCWZRD.EXE
size: 2559488
MD5: 924650C4F4D4D17E42282EE08C4118DD
Located: HK_LM:Run, b420deac
command: rundll32.exe "C:\WINDOWS\system32\finphrln.dll",b
file: C:\WINDOWS\system32\finphrln.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, BMb713ed30
command: Rundll32.exe "C:\WINDOWS\system32\mwkpagvg.dll",s
file: C:\WINDOWS\system32\mwkpagvg.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, CHotkey
command: zHotkey.exe
file: C:\WINDOWS\zHotkey.exe
size: 543232
MD5: 91E1B0577D9662AA0A83C75418F6F6F8
Located: HK_LM:Run, High Definition Audio Property Page Shortcut
command: HDAudPropShortcut.exe
file: C:\WINDOWS\system32\HDAudPropShortcut.exe
size: 61952
MD5: 3E7A11C1C4EBD2C3C52197238DF4E14B
Located: HK_LM:Run, Microsoft Works Update Detection
command: C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
file: C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
size: 50688
MD5: 5046F135BB97A68BFE485AB039E605C0
Located: HK_LM:Run, OutpostFeedBack
command: "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dumps_startup
file: C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe
size: 405504
MD5: C92467124232F86712F7F32CB647B643
Located: HK_LM:Run, OutpostMonitor
command: C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray
file: C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe
size: 938496
MD5: D257B2BB1A8CDC1487DEE268B75A2E0A
Located: HK_LM:Run, RegistryMechanic
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, SoundMan
command: SOUNDMAN.EXE
file: C:\WINDOWS\SOUNDMAN.EXE
size: 77824
MD5: 4D80259D6997D3F4B40D21AF275662A4
Located: HK_LM:Run, WinampAgent
command: "C:\Program Files\Winamp\winampa.exe"
file: C:\Program Files\Winamp\winampa.exe
size: 36352
MD5: 93146CD558AE246116BA3315E15505B7
Located: HK_LM:RunOnce, Spybot - Search & Destroy
command: "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
file: C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5146448
MD5: 2ECA8CDEED7C82F879E766DA92A3561A
Located: HK_LM:RunOnce, SpybotDeletingA6210
command: command /c del "C:\WINDOWS\system32\qoMfecYq.dll_old"
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:RunOnce, SpybotDeletingC3316
command: cmd /c del "C:\WINDOWS\system32\qoMfecYq.dll_old"
file: C:\WINDOWS\system32\cmd.exe
size: 388608
MD5: EEB024F2C81F0D55936FB825D21A91D6
Located: HK_CU:Run, ctfmon.exe
where: PE_C_ADMINISTRATOR...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-3471528498-2676692561-780926503-1003...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-3471528498-2676692561-780926503-1003...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2097488
MD5: A9A5DB6AC3721BE698B996913693D73F
Located: HK_CU:RunOnce, SpybotDeletingB7483
where: S-1-5-21-3471528498-2676692561-780926503-1003...
command: command /c del "C:\WINDOWS\system32\qoMfecYq.dll_old"
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:RunOnce, SpybotDeletingD3652
where: S-1-5-21-3471528498-2676692561-780926503-1003...
command: cmd /c del "C:\WINDOWS\system32\qoMfecYq.dll_old"
file: C:\WINDOWS\system32\cmd.exe
size: 388608
MD5: EEB024F2C81F0D55936FB825D21A91D6
Located: Startup (common), NETGEAR WPN111 Smart Wizard.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\NETGEAR\WPN111\wpn111.exe
file: C:\Program Files\NETGEAR\WPN111\wpn111.exe
size: 884838
MD5: 7DC9C40086BC796B74E9B58C6235A971
Located: Startup (disabled), BigFix (DISABLED)
command: C:\PROGRA~1\BigFix\BigFix.exe /atstartup
file: C:\PROGRA~1\BigFix\BigFix.exe
size: 1742384
MD5: 3802278FED9E3594B4BC3377FF0CFF3B
Located: Startup (disabled), Google Updater (DISABLED)
command: C:\PROGRA~1\Google\GOOGLE~2\GOOGLE~1.EXE -systray -startup
file: C:\PROGRA~1\Google\GOOGLE~2\GOOGLE~1.EXE
size: 124400
MD5: D5CBD60C6863D68D61A4205429594AF9
Located: WinLogon, !SASWinLogon
command: C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
file: C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, igfxcui
command: igfxsrvc.dll
file: igfxsrvc.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, opnmNdDt
command: opnmNdDt.dll
file: opnmNdDt.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{305a7f71-9131-4641-8ee3-39a89fde8729} ({9278edf9-8a93-3ee8-1464-131917f7a503})
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\
BHO name: {9278edf9-8a93-3ee8-1464-131917f7a503}
CLSID name:
Path: C:\WINDOWS\system32\
Long name: lvbgsdat.dll
Short name:
Date (created): 2008-05-27 10:03:42
Date (last access): 2008-05-28 16:17:06
Date (last write): 2008-05-27 10:03:44
Filesize: 134144
Attributes: archive
MD5: 3496F828F1AB7EE6C47BD499D31B7259
CRC32: 8D0CB38C
{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://toolbar.google.com/
info source: TonyKlein
Path: c:\program files\google\
Long name: GoogleToolbar1.dll
Short name: GOOGLE~1.DLL
Date (created): 2008-02-09 05:19:44
Date (last access): 2008-05-28 15:05:50
Date (last write): 2008-02-09 05:19:44
Filesize: 2554944
Attributes: readonly archive
MD5: C898A8FC22C86857A58147351A534D5C
CRC32: 45F483F8
Version: 4.0.1602.1060
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Notifier BHO
Path: C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\
Long name: swg.dll
Short name:
Date (created): 2008-01-12 01:54:28
Date (last access): 2008-05-28 14:52:42
Date (last write): 2008-01-12 01:54:28
Filesize: 654320
Attributes: archive
MD5: 72D6804DC43CC0CF4F10E699D7738138
CRC32: ABF4BA3E
Version: 2.1.1119.1736
{C4647C0B-369F-41E9-A8A8-2E65620DA119} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
Path: C:\WINDOWS\system32\
Long name: qoMfecYq.dll
{E23136A1-1AC4-4D1B-926F-5D537CFFF359} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
Path: C:\WINDOWS\system32\
Long name: opnmNdDt.dll
Short name:
Date (created): 2008-05-23 19:32:34
Date (last access): 2008-05-28 16:38:58
Date (last write): 2008-05-23 19:32:34
Filesize: 56320
Attributes: archive
MD5: 2D09B76004A9E929989D9FA20BE2A4E5
CRC32: 7A93506C
--- ActiveX list ---
{0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1)
DPF name:
CLSID name: F-Secure Online Scanner 3.1
Installer: C:\WINDOWS\Downloaded Program Files\fscax.inf
Codebase: http://support.f-secure.com/ols/fscax.cab
description:
classification: Legitimate
known filename: fscax.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: fscax.dll
Short name:
Date (created): 2007-05-07 17:39:24
Date (last access): 2008-05-28 14:29:48
Date (last write): 2007-05-07 17:39:24
Filesize: 254360
Attributes: archive
MD5: D5199825510E4C4F97DC93B7BC3B1A8A
CRC32: 9FA45099
Version: 3.1.0.5
{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\setup.inf
Codebase: http://download.macromedia.com/pub/s...irector/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Legitimate
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\macromed\Director\
Long name: swdir.dll
Short name:
Date (created): 2007-12-20 04:53:22
Date (last access): 2008-05-28 15:05:50
Date (last write): 2007-08-07 18:20:44
Filesize: 182248
Attributes: archive
MD5: 6C90714399BD3F1E7C0503A38EADBAC7
CRC32: D1E8C81D
Version: 10.2.0.23
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_03
Installer: C:\WINDOWS\Downloaded Program Files\jinstall-6u3.inf
Codebase: http://java.sun.com/update/1.6.0/jin...ws-i586-jc.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.6.0_03\bin\
Long name: npjpi160_03.dll
Short name: NPJPI1~1.DLL
Date (created): 2007-09-25 00:31:44
Date (last access): 2008-05-28 15:05:50
Date (last write): 2007-09-25 02:11:34
Filesize: 132496
Attributes: archive
MD5: D6A4682A6FF41832A3F1A7AB9AE08199
CRC32: 9080B537
Version: 6.0.30.5
{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2
Installer:
Codebase: http://java.sun.com/products/plugin/...ndows-i586.cab
description:
classification: Legitimate
known filename: npjpi142.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\j2re1.4.2\bin\
Long name: NPJPI142.dll
Short name:
Date (created): 2007-12-15 22
24
Date (last access): 2008-05-28 15:05:50
Date (last write): 2007-12-15 2224
Filesize: 65636
Attributes: archive
MD5: 4ACFBF6AB1BBE79DBD665C186B3B5AFD
CRC32: BE89D675
Version: 1.4.2.0
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_03
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_03\bin\
Long name: npjpi160_03.dll
Short name: NPJPI1~1.DLL
Date (created): 2007-09-25 00:31:44
Date (last access): 2008-05-28 16:39:26
Date (last write): 2007-09-25 02:11:34
Filesize: 132496
Attributes: archive
MD5: D6A4682A6FF41832A3F1A7AB9AE08199
CRC32: 9080B537
Version: 6.0.30.5
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_03
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_03\bin\
Long name: npjpi160_03.dll
Short name: NPJPI1~1.DLL
Date (created): 2007-09-25 00:31:44
Date (last access): 2008-05-28 16:39:26
Date (last write): 2007-09-25 02:11:34
Filesize: 132496
Attributes: archive
MD5: D6A4682A6FF41832A3F1A7AB9AE08199
CRC32: 9080B537
Version: 6.0.30.5
{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://download.macromedia.com/pub/s...sh/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9e.ocx
Short name:
Date (created): 2007-11-20 20:04:14
Date (last access): 2008-05-28 15:05:50
Date (last write): 2007-11-20 20:04:14
Filesize: 2987392
Attributes: readonly archive
MD5: D3C50535C26190FEAD7785A03499C0AC
CRC32: A77C3E92
Version: 9.0.115.0
{F2D35D99-63B1-46D3-970C-6E22320D5DCB} (kSoloCntrlIE Class)
DPF name:
CLSID name: kSoloCntrlIE Class
Installer: C:\WINDOWS\Downloaded Program Files\kSoloClientIE.inf
Codebase: http://www.ksolo.com/playerBase/kSoloIEHDSD.cab
description:
classification: Open for discussion
known filename: KSOLOC~1.OCX
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: kSoloClientIE.ocx
Short name: KSOLOC~1.OCX
Date (created): 2006-09-28 19:59:04
Date (last access): 2008-05-28 15:05:50
Date (last write): 2006-09-28 19:59:04
Filesize: 172032
Attributes: archive
MD5: 52F501707264A6BF2E0358402BCB7F9C
CRC32: 384C9DC7
Version: 2.1.0.16
{FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam)
DPF name:
CLSID name: PCPitstop Exam
Installer:
Codebase: http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
Path: C:\WINDOWS\Downloaded Program Files\
Long name: pcpitstop2.dll
Short name: PCPITS~1.DLL
Date (created): 2008-05-28 08:13:16
Date (last access): 2008-05-28 14:29:48
Date (last write): 2008-05-28 08:13:18
Filesize: 302288
Attributes: archive
MD5: 95A4E084361DC6F65D036404BEF69D8D
CRC32: B1034623
Version: 1.0.0.9
--- Process list ---
PID: 0 ( 0) [System]
PID: 828 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 1248 ( 828) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 1272 ( 828) \??\C:\WINDOWS\system32\winlogon.exe
size: 502272
PID: 1316 (1272) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 1328 (1272) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 1480 (1316) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1536 (1316) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1572 (1316) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1624 (1316) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1848 (1316) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 276 (1988) C:\WINDOWS\Explorer.EXE
size: 1033216
MD5: 97BD6515465659FF8F3B7BE375B2EA87
PID: 324 (1316) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
size: 164984
MD5: B0695A42CE28525EC60DC9F7D2348EB9
PID: 452 ( 276) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5146448
MD5: 2ECA8CDEED7C82F879E766DA92A3561A
PID: 640 (1316) C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
size: 587096
MD5: 0629361FAC4576BA48AB39F4903DCE9E
PID: 740 (1316) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 980 (1316) C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
size: 1135728
MD5: 8FA646F0E639D9A8C8B98E217D471DC0
PID: 1024 (1316) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
size: 312880
MD5: 5DCD235C061022BCDA9AA48670B64211
PID: 1208 (1316) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
size: 138680
MD5: D213C2B1CE0FAEAB59EC0C55B4493F94
PID: 1780 (1316) C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe
size: 90112
MD5: 1F1F459E191FD540D0C4F306BDD500A9
PID: 216 (1316) C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
size: 46208
MD5: 1880A485022FF365B5FD6F92BBFE012D
PID: 396 (1316) C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
size: 172032
MD5: 33D7285F12D934268A34206DFC4AD1B3
PID: 572 (1316) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: AB0A7CA90D9E3D6A193905DC1715DED0
PID: 520 (1572) C:\WINDOWS\system32\wscntfy.exe
size: 13824
MD5: 49911DD39E023BB6C45E4E436CFBD297
PID: 1368 (1316) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 4 ( 0) System
PID: 956 (1316) acs.exe
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 2008-05-28 16:39:24
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.google.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/search?q=%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\windows\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.google.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir...ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
--- Uninstall list ---
(AddressBook)
Adobe Flash Player ActiveX 9.0.115.0 (Adobe Flash Player ActiveX)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_activ eX.exe
publisher: Adobe Systems Incorporated
help link: http://www.adobe.com/go/flashplayer_support/
Adobe Flash Player Plugin 9.0.115.0 (Adobe Flash Player Plugin)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_plugi n.exe
publisher: Adobe Systems Incorporated
Adobe Shockwave Player 10.2.0.23 (Adobe Shockwave Player)
uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
publisher: Adobe Systems, Inc.
help link: http://www.adobe.com/support/shockwave
Agnitum Outpost Firewall Pro 6.0 (Agnitum Outpost Firewall Pro_is1)
install date: 20080528
install location: C:\Program Files\Agnitum\Outpost Firewall Pro\
uninstall cmd: "C:\Program Files\Agnitum\Outpost Firewall Pro\unins000.exe"
publisher: Agnitum, Ltd.
help link: http://www.agnitum.com/support/index.php
America Online (Choose which version to remove) (America Online us)
uninstall cmd: C:\Program Files\Common Files\aolshare\Aolunins_us.exe
AOL Connectivity Services (AOL Connectivity Services)
uninstall cmd: C:\PROGRA~1\COMMON~1\AOL\ACS\AcsUninstall.exe /c
AOL Spyware Protection 1.0.66 (AOL Spyware Protection)
uninstall cmd: C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\UNWISE.EXE C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\INSTALL.LOG
publisher: AOL Spyware Protection
comments: AOL Spyware Protection
AOL Toolbar (AOL Toolbar)
uninstall cmd: "C:\Program Files\AOL Toolbar\UNWISE.EXE" /u "C:\Program Files\AOL Toolbar\INSTALL.LOG"
AOL You've Got Pictures Screensaver (AOL YGP Screensaver)
uninstall cmd: C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe
AOL Coach Version 1.0(Build:20040229.1 en) (AOLCoach)
uninstall cmd: C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe
ASIO4ALL (ASIO4ALL)
uninstall cmd: C:\Program Files\ASIO4ALL v2\uninstall.exe
Audacity 1.2.6 (Audacity_is1)
install location: C:\Program Files\Audacity\
uninstall cmd: "C:\Program Files\Audacity\unins000.exe"
help link: http://audacity.sourceforge.net
AVG Anti-Spyware 7.5 (AVGAntiSpyware75)
install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5
uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
publisher: Grisoft Ltd.
help link: http://www.grisoft.com
BigFix (BigFix)
uninstall cmd: C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\BigFix\Uninst.isu" -c"C:\Program Files\BigFix\Lib\UninstallHelper.dll"
SoftV92 Data Fax Modem with SmartCP (CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SU BSYS_200014F1\HXFSETUP.EXE -U -IURSLST5K.inf
Collab (Collab)
uninstall cmd: C:\Program Files\Image-Line\Collab\uninstall.exe
publisher: Image-Line bvba
help link: http://www.flstudio.com
(Connection Manager)
D'Accord iChords 2.0 (D'Accord iChords 2.0_is1)
install date: 20080512
install location: C:\Program Files\D'Accord iChords 2.0\
uninstall cmd: "C:\Program Files\D'Accord iChords 2.0\unins000.exe"
publisher: D'Accord Music Software
help link: http://www.daccordmusic.com
(DirectAnimation)
(DirectDrawEx)
(DXM_Runtime)
FL Studio 8 (FL Studio 8)
uninstall cmd: C:\Program Files\Image-Line\FL Studio 8\uninstall.exe
publisher: Image-Line bvba
help link: http://www.flstudio.com
Flipz IV Flash (Flipz IV Flash_is1)
uninstall cmd: "C:\Program Files\Flipz4Flash\unins000.exe"
publisher: Flipz - Inteevo Technology
help link: http://www.flipz.tv
(Fontcore)
Google Updater 2.2.1070.1219 (Google Updater)
uninstall cmd: "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
publisher: Google Inc.
help link: http://pack.google.com:80/pack-support?hl=en&gl=us
HijackThis 2.0.2 2.0.2 (HijackThis)
uninstall cmd: "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
publisher: TrendMicro
(ICW)
(iDEN WebJAL)
uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Motorola\iDEN WebJAL\Uninst.isu"
Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs)
install date: 20080130
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAP Is$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
(IE40)
(IE4Data)
(IE5BAKEX)
Windows Internet Explorer 7 20070813.185237 (ie7)
install date: 20080130
uninstall cmd: "C:\WINDOWS\ie7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://www.microsoft.com/ie
(IEData)
IL Download Manager (IL Download Manager)
uninstall cmd: C:\Program Files\Image-Line\Downloader\uninstall.exe
publisher: Image-Line bvba
help link: http://www.flstudio.com
(InstallShield Uninstall Information)
PC CIF Camer@ 1.0.4.7 (InstallShield_{31220F55-4AA9-4386-83BA-F2CF5E91BB3C})
version: 16777220
version (major): 1
estimated size: 11165
install date: 20080106
install location: C:\Program Files\PC CIF Camer@\
install source: C:\WINDOWS\Downloaded Installations\{939F7895-0A6E-4CC2-B1D1-297FECD42AE0}\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\ID river.exe /M{31220F55-4AA9-4386-83BA-F2CF5E91BB3C} /l1033
publisher: PC Camera
Digital Media Reader 1.09 (InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1})
version: 17367040
version (major): 1
version (minor): 9
estimated size: 525
install date: 20071215
install source: C:\WINDOWS\Downloaded Installations\{EF7DE47D-0883-4DED-92DF-1F2DA2CBE2FC}\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}
High Definition Audio Driver Package - KB835221 20040219.000000 (KB835221WXP)
uninstall cmd: C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuni nst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=KB835221
(KB873339)
(KB884016)
(KB886185)
(KB888302)
(KB890859)
(KB891781)
Windows Genuine Advantage Validation Tool (KB892130) (KB892130)
install date: 20080130
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=892130
(KB893756)
(KB893803)
Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\s puninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467
(KB894391)
(KB896358)
(KB896423)
(KB896428)
(KB899587)
(KB899591)
(KB900725)
(KB901017)
(KB901214)
(KB902400)
Update for Windows XP (KB904942) 2 (KB904942)
install date: 20080130
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spunins t.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904942
(KB905414)
(KB905749)
(KB908519)
(KB908531)
(KB910437)
(KB911280)
(KB911562)
(KB911564)
(KB911927)
(KB913580)
(KB914388)
(KB914389)
Hotfix for Windows XP (KB914440) 12 (KB914440)
install date: 20080130
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spunins t.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914440
Hotfix for Windows XP (KB915865) 10 (KB915865)
install date: 20080130
uninstall cmd: "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spunins t.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=915865
(KB916595)
Security Update for Windows XP (KB917344) 1 (KB917344)
install date: 20080127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spunins t.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917344
(KB918118)
(KB918439)
(KB919007)
(KB920213)
(KB920670)
(KB920683)
(KB920685)
(KB921503)
(KB922582)
(KB922819)
(KB923191)
(KB923414)
Security Update for Windows XP (KB923689) (KB923689)
install date: 20080513
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spunins t.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923689
(KB923980)
(KB924270)
(KB924496)
(KB924667)
Security Update for Windows Media Player 6.4 (KB925398) (KB925398_WMP64)
install date: 20071218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\s puninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=925398
(KB925902)
(KB926255)
(KB926436)
(KB927779)
(KB927802)
(KB927891)
(KB928255)
(KB928843)
(KB929123)
(KB930178)
(KB930916)
(KB931261)
(KB932168)
(KB933729)
(KB935448)
(KB935839)
(KB935840)
(KB936021)
(KB936357)
Security Update for Windows Media Player 9 (KB936782) (KB936782_WMP9)
install date: 20071218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB936782_WMP9$\spuninst\sp uninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=936782
(KB938127)
Security Update for Windows Internet Explorer 7 (KB938127) 1 (KB938127-IE7)
install date: 20080201
uninstall cmd: "C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=938127
(KB938828)
(KB938829)
(KB941202)
(KB941568)
(KB941569)
(KB941644)
Security Update for Windows XP (KB941693) 1 (KB941693)
install date: 20080513
uninstall cmd: "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spunins t.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=941693
(KB942615)
Security Update for Windows Internet Explorer 7 (KB942615) 1 (KB942615-IE7)
install date: 20080130
uninstall cmd: "C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=942615
(KB942840)
Security Update for Windows XP (KB943055) 1 (KB943055)
install date: 20080215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spunins t.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=943055
Security Update for Windows XP (KB943460) 1 (KB943460)
install date: 20080130
uninstall cmd: "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spunins t.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=943460
(KB943485)
Security Update for Windows Internet Explorer 7 (KB944533) 1 (KB944533-IE7)
install date: 20080215
uninstall cmd: "C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=944533
(KB944653)
Security Update for Windows XP (KB945553) 1 (KB945553)
install date: 20080513
uninstall cmd: "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spunins t.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=945553
Security Update for Windows XP (KB946026) 1 (KB946026)
install date: 20080215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spunins t.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=946026
Hotfix for Windows Internet Explorer 7 (KB947864) 1 (KB947864-IE7)
install date: 20080513
uninstall cmd: "C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=947864
Security Update for Windows XP (KB948590) 1 (KB948590)
install date: 20080513
uninstall cmd: "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spunins t.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=948590
Security Update for Windows XP (KB948881) 1 (KB948881)
install date: 20080513
uninstall cmd: "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spunins t.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=948881
Security Update for Windows XP (KB950749) 1 (KB950749)
install date: 20080515
uninstall cmd: "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spunins t.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=950749
LiveReg (Symantec Corporation) 3.0.0 (LiveReg)
install location: C:\Program Files\Common Files\Symantec Shared\LiveReg
uninstall cmd: C:\Program Files\Common Files\Symantec Shared\LiveReg\VCSetup.exe /REMOVE
publisher: Symantec Corporation
LiveUpdate 2.5 (Symantec Corporation) 2.5.55.0 (LiveUpdate)
install location: C:\Program Files\Symantec\LiveUpdate
uninstall cmd: C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
publisher: Symantec Corporation
Microsoft .NET Framework 1.1 Hotfix (KB928366) (M928366)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Upda tes\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Upda tes\M928366\M928366Uninstall.msp"
McAfee SecurityCenter (Mcafee SecurityCenter)
uninstall cmd: c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\screm.ui ::uninstall.htm
Meta Tags Retriever (Meta Tags Retriever_is1)
uninstall cmd: "C:\Program Files\Meta Tags Retriever\unins000.exe"
publisher: EasySubmitWebsite.com
help link: http://www.easysubmitwebsite.com
Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\ RepairRedist.htm
(MobileOptionPack)
Mozilla Firefox (2.0.0.14) 2.0.0.14 (en-US) (Mozilla Firefox (2.0.0.14))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe
publisher: Mozilla
comments: Mozilla Firefox
(MPlayer2)
Microsoft Speech Recognition Engine 4.0 (English) (MSCSR)
uninstall cmd: RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mscsrgpc.inf, Uninstall.NT
(MSI30-Beta1)
(MSI30-Beta2)
(MSI30-KB884016)
(MSI30-RC1)
(MSI30-RC2)
(MSI30a-KB884016)
(MSI31-Beta)
(MSI31-RC1)
MultitrackStudio Lite 4.31 (MultitrackStudio_is1)
install date: 20071222
install location: C:\Program Files\MtStudio\
uninstall cmd: "C:\Program Files\MtStudio\unins000.exe"
publisher: Bremmers Audio Design
help link: http://www.multitrackstudio.com
Nero OEM (Nero - Burning Rom!UninstallKey)
uninstall cmd: C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero BurnRights (Nero BurnRights!UninstallKey)
uninstall cmd: C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL
(NetMeeting)
Microsoft National Language Support Downlevel APIs (NLSDownlevelMapping)
install date: 20080130
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMap ping$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
OOBOX SynchroBox data 2.0 2.0 (OOBOX SynchroBox data)
uninstall cmd: C:\Program Files\OOBOX\Music\iTuner\uninst.exe
publisher: Pyxsys SARL
(OutlookExpress)
PC Pitstop Optimize2 2.0 2.0.0.15 (PC Pitstop Optimize2_is1)
install date: 20080528
install location: C:\Program Files\PCPitstop\Optimize2\
uninstall cmd: "C:\Program Files\PCPitstop\Optimize2\unins000.exe"
publisher: PC Pitstop LLC
help link: http://www.pcpitstop.com/faq/Optimize2.asp
(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Microsoft Picture It! Photo Premium 9 9.0.0.0000 (PictureIt_v9)
install location: C:\Program Files\Microsoft Picture It! 9\
install source: D:\I386\APPS\APP32492\
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0903}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?prd=...&sar=PictureIt
PoiZone (PoiZone)
uninstall cmd: C:\Program Files\Image-Line\PoiZone\uninstall.exe
publisher: Image-Line bvba
help link: http://www.image-line.com
Pure Networks Port Magic 1.2.1393.0 (Port Magic)
install location: C:\PROGRA~1\PURENE~1\PORTMA~1
uninstall cmd: C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe -Uninstall -ShowUI
publisher: Pure Networks
help link: http://aol-support.purenetworks.com
Intel(R) PRO Network Adapters and Drivers (PROSet)
uninstall cmd: Prounstl.exe
QuickTime (QuickTime)
uninstall cmd: C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RealPlayer Basic (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Registry Mechanic 7.0 7.0 (Registry Mechanic_is1)
install date: 20080525
install location: C:\Program Files\Registry Mechanic\
uninstall cmd: "C:\Program Files\Registry Mechanic\unins000.exe"
publisher: PC Tools
help link: http://www.pctools.com/registry-mechanic/support/
(SchedulingAgent)
(Sevinst)
(Shockwave)
9.0.115.0 (ShockwaveFlash)
Spybot - Search & Destroy 1.5.2.20 (Spybot - Search & Destroy_is1)
install date: 20080527
uninstall cmd: "C:\WINDOWS\unins000.exe"
publisher: Safer Networking Ltd.
help link: http://www.safer-networking.org/
Learn2 Player (Uninstall Only) (StreetPlugin)
uninstall cmd: C:\Program Files\Learn2.com\StRunner\stuninst.exe
Norton AntiVirus 2005 (Symantec Corporation) 11.0.1 (SymSetup.{C6F5B6CF-609C-428E-876F-CA83176C021B})
install location: C:\Program Files\Norton AntiVirus
install source: D:\I386\APPS\APP00922
uninstall cmd: C:\Program Files\Common Files\Symantec Shared\SymSetup\{C6F5B6CF-609C-428E-876F-CA83176C021B}.exe /X
publisher: Symantec Corporation
Toxic Biohazard (Toxic Biohazard)
uninstall cmd: C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
publisher: Image-Line bvba
help link: http://www.image-line.com
(ViewpointMediaPlayer)
(Wdf01000)
(Wdf01001)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Wdf01005)
install date: 20071225
uninstall cmd: "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spunins t.exe"
publisher: Microsoft Corporation
Windows Genuine Advantage Validation Tool (KB892130) 1.7.0059.1 (WGA)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=892130
Winamp 5.531 (Winamp)
uninstall cmd: "C:\Program Files\Winamp\UninstWA.exe"
publisher: Nullsoft, Inc
help link: http://forums.winamp.com
Windows Media Format Runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinRAR archiver (WinRAR archiver)
uninstall cmd: C:\Program Files\WinRAR\uninstall.exe
XoftSpySE (XoftSpySE)
uninstall cmd: C:\Program Files\XoftSpySE\uninstall.exe
Yahoo! SiteBuilder 2.4.0 (Yahoo! SiteBuilder)
version (major): 2
version (minor): 4
install location: C:\Program Files\Yahoo SiteBuilder
uninstall cmd: "C:\Program Files\Yahoo SiteBuilder\uninstall.exe"
Microsoft Money 2004 12.0.50 ({1D643CD7-4DD6-11D7-A4E0-000874180BB3})
version: 201326642
version (major): 12
estimated size: 141875
install date: 20071215
install location: C:\Program Files\Microsoft Money\
install source: D:\i386\Apps\App25887\
uninstall cmd: MsiExec.exe /I{1D643CD7-4DD6-11D7-A4E0-000874180BB3}
publisher: Microsoft
comments: The Installation database contains the logic and data required to install Money 2004
help link: http://support.microsoft.com
help telephone: (800) 936-5700
Symantec 11.0.1 ({228F6876-A313-40A3-91C0-C3CBE6997D09})
version: 184549377
version (major): 11
estimated size: 2956
install date: 20071215
install source: D:\I386\APPS\APP00922\Support\MSRedist\
uninstall cmd: MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
publisher: Symantec Corp
Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
uninstall cmd: regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Internet Worm Protection 11.0.1 ({2908F0CB-C1D4-447F-97A2-CFC135C9F8D4})
version: 184549377
version (major): 11
estimated size: 11241
install date: 20071215
install source: D:\I386\APPS\APP00922\NAV\
uninstall cmd: MsiExec.exe /I{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}
publisher: Symantec Corp
SymNet 5.4.0 ({2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2})
version: 84148224
version (major): 5
version (minor): 4
estimated size: 2692
install date: 20071215
install source: D:\I386\APPS\APP00922\Support\SymNet\
uninstall cmd: MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
publisher: Symantec Corporation
PC CIF Camer@ 1.0.4.7 ({31220F55-4AA9-4386-83BA-F2CF5E91BB3C})
version: 16777220
version (major): 1
estimated size: 11165
install date: 20080106
install location: C:\Program Files\PC CIF Camer@\
install source: C:\WINDOWS\Downloaded Installations\{939F7895-0A6E-4CC2-B1D1-297FECD42AE0}\
publisher: PC Camera
Java(TM) 6 Update 3 1.6.0.30 ({3248F0A8-6813-11D6-A77B-00B0D0160030})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 113966
install date: 20080101
install source: http://javadl.sun.com/webapps/downlo.../windows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0_03\README.txt
Norton AntiVirus Help 11.00.00 ({34EEB1F5-E939-40A1-A6BA-957282A4B2C8})
version: 184549376
version (major): 11
estimated size: 812
install date: 20071215
install source: D:\I386\APPS\APP00922\Support\Help\
uninstall cmd: MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}
publisher: Symantec Corp.
WebFldrs XP 9.50.7523 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2472
install date: 20040826
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows
Microsoft Works 08.04.0623 ({416D80BA-6F6D-4672-B7CF-F54DA2F80B44})
version: 134480495
version (major): 8
version (minor): 4
estimated size: 294265
install date: 20040811
install source: E:\MSWORKS\
uninstall cmd: MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
publisher: Microsoft Corporation
comments: Microsoft Works 8.0 installation.
help link: http://support.microsoft.com/support/works
help telephone:
NETGEAR RangeMax(TM) Wireless USB 2.0 Adapter WPN111 1.0.0 ({582E9125-32B6-4CBA-AB48-3E33CE3DB389})
version: 16777216
install date: 20080512
install location: C:\Program Files\NETGEAR\WPN111
install source: F:\wpn111_2_0_setup.exe
uninstall cmd: C:\Program Files\InstallShield Installation Information\{582E9125-32B6-4CBA-AB48-3E33CE3DB389}\setup.exe -runfromtemp -l0x0009 -removeonly
publisher: NETGEAR
PowerDVD ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
WeatherBug 6.8.1.1 ({70DECFBF-9119-4434-B2D3-A3C283D15E45})
version: 101187585
version (major): 6
version (minor): 8
estimated size: 4231
install date: 20080117
install location: C:\Program Files\AWS\
install source: C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\5L6Z4P2V\
uninstall cmd: MsiExec.exe /X{70DECFBF-9119-4434-B2D3-A3C283D15E45}
publisher: AWS Convergence Technologies
Java 2 Runtime Environment, SE v1.4.2 1.4.2 ({7148F0A8-6813-11D6-A77B-00B0D0142000})
version: 17039362
version (major): 1
version (minor): 4
estimated size: 63112
install date: 20071215
install source: C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142000}\
uninstall cmd: MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
publisher: Sun Microsystems, Inc.
comments: http://www.java.com
contact: http://www.java.com
help link: http://www.java.com
help telephone: http://www.java.com
readme: Readme.txt
Microsoft Visual C++ 2005 Redistributable 8.0.56336 ({7299052b-02a4-4627-81f2-1818da5d550d})
version: 134274064
version (major): 8
estimated size: 5330
install date: 20080523
uninstall cmd: MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
publisher: Microsoft Corporation
Windows Backup Utility 5.1 ({76EFFC7C-17A6-479D-9E47-8E658C1695AE})
version: 83951616
version (major): 5
version (minor): 1
estimated size: 1233
install date: 20040826
install source: C:\Bundle\VALUEADD\MSFT\NTBACKUP\
uninstall cmd: MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/management
SPBBC 1.00.0000 ({77772678-817F-4401-9301-ED1D01A8DA56})
version: 16777216
version (major): 1
estimated size: 1423
install date: 20071215
install location: C:\Program Files\Norton AntiVirus\
install source: D:\I386\APPS\APP00922\Support\SPBBC\
uninstall cmd: MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
publisher: Your Company Name
Digital Media Reader 1.09 ({81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1})
version: 17367040
version (major): 1
version (minor): 9
estimated size: 525
install date: 20071215
install source: C:\WINDOWS\Downloaded Installations\{EF7DE47D-0883-4DED-92DF-1F2DA2CBE2FC}\
Opera 9.25 9.25 ({870B0889-A92E-4230-A6A1-F739C1D140DD})
version: 152633344
version (major): 9
version (minor): 25
estimated size: 5450
install date: 20080130
install location: C:\Program Files\Opera\
uninstall cmd: MsiExec.exe /X{870B0889-A92E-4230-A6A1-F739C1D140DD}
publisher: Opera Software ASA
help link: http://www.opera.com/support
Intel(R) Graphics Media Accelerator Driver ({8A708DD8-A5E6-11D4-A706-000629E95E20})
uninstall cmd: RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2I D PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582
Microsoft Money 2004 System Pack 12.0.80 ({8C64E145-54BA-11D6-91B1-00500462BE80})
version: 201326672
version (major): 12
estimated size: 2132
install date: 20071215
install location: C:\WINDOWS\system32\
install source: D:\i386\Apps\App25887\
uninstall cmd: MsiExec.exe /I{8C64E145-54BA-11D6-91B1-00500462BE80}
publisher: Microsoft
comments: Installs system components used by Microsoft Money 2004.
help link: http://support.microsoft.com
help telephone: (800) 936-5700
Motorola Driver Installation 2.8.0 ({9579E862-5FC7-4337-B1CC-5E37451524C5})
version: 34078720
version (major): 2
version (minor): 8
estimated size: 2843
install date: 20071219
install source: C:\Documents and Settings\Owner\Desktop\
uninstall cmd: MsiExec.exe /I{9579E862-5FC7-4337-B1CC-5E37451524C5}
publisher: Motorola Inc.
comments: Motorola Device Driver Installation
contact: Motorola Inc.
help link: http://www.Motorola.com
Sony ACID Music Studio 7.0 7.0.157 ({A74C1699-4BCE-433F-82D6-F11207A0581B})
version: 117440669
version (major): 7
estimated size: 112296
install date: 20080523
install source: C:\Program Files\Sony Setup\ACID Music Studio 7.0\
uninstall cmd: MsiExec.exe /X{A74C1699-4BCE-433F-82D6-F11207A0581B}
publisher: Sony
help link: http://mediasoftware.sonypictures.com/support
Adobe Reader 6.0 6.0 ({AC76BA86-7AD7-1033-7B44-000000000001})
version: 100663296
version (major): 6
estimated size: 44437
install date: 20040826
install source: \\sol\apps\Acrobat\6.0\us\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-000000000001}
publisher: Adobe Systems Incorporated
comments:
contact: Customer Support Department
help link: http://www.adobe.com/support/main.html
help telephone:
readme: Readme.htm
Spybot - Search & Destroy 1.5.2 ({B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1)
install date: 20080527
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited
help link: http://www.safer-networking.org/index.php?page=support
Microsoft .NET Framework 2.0 Service Pack 1 2.1.21022 ({B508B3F1-A24A-32C0-B310-85786919EF28})
version: 33640990
version (major): 2
version (minor): 1
estimated size: 190934
install date: 20080130
uninstall cmd: MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=98073
MSXML 4.0 SP2 (KB936181) 4.20.9848.0 ({C04E32E0-0416-434D-AFB9-6969D703A9EF})
version: 68429432
version (major): 4
version (minor): 20
estimated size: 2680
install date: 20071218
uninstall cmd: MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/936181
Norton AntiVirus 2005 11.0.1 ({C6F5B6CF-609C-428E-876F-CA83176C021B})
version: 184549377
version (major): 11
estimated size: 58624
install date: 20071215
install source: D:\I386\APPS\APP00922\NAV\
uninstall cmd: MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
publisher: Symantec Corporation
Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 69907
install date: 20071219
install source: D:\I386\APPS\APP25908\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\ RepairRedist.htm
SUPERAntiSpyware Free Edition 3.6.0.1000 ({CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA})
version: 50724864
version (major): 3
version (minor): 6
estimated size: 10965
install date: 20080129
install source: C:\Program Files\Common Files\Wise Installation Wizard\
uninstall cmd: MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
publisher: SUPERAntiSpyware.com
help link: http://www.superantispyware.com/support.html
Symantec Script Blocking Installer 11.0.1 ({D327AFC9-7BAA-473A-8319-6EB7A0D40138})
version: 184549377
version (major): 11
estimated size: 477
install date: 20071215
install source: D:\I386\APPS\APP00922\Support\ScrBlock\
uninstall cmd: MsiExec.exe /I{D327AFC9-7BAA-473A-8319-6EB7A0D40138}
publisher: Symantec
oobeFlagNetscape0 5.0.0 ({D95877BE-0165-42EC-B558-727F9F41372C})
version: 83886080
version (major): 5
estimated size: 1148
install date: 20071215
install source: D:\I386\APPS\APP06699\
uninstall cmd: MsiExec.exe /X{D95877BE-0165-42EC-B558-727F9F41372C}
publisher: New Boundary Technologies
Microsoft Picture It! Photo Premium 9 9.0.0.0000 ({DBA8B9E1-C6FF-4624-9598-73D3B41A0903})
version: 150994944
version (major): 9
estimated size: 133414
install date: 20071215
install source: D:\I386\APPS\APP32492\
publisher: Microsoft Corporation
comments: Microsoft Picture It! Photo Premium 9
help link: http://go.microsoft.com/fwlink/?prd=...&sar=PictureIt
help telephone:
Google Toolbar for Internet Explorer 4.0.0.002 ({DBEA1034-5882-4A88-8033-81C4EF0CFA29})
version: 67108864
version (major): 4
estimated size: 1044
install date: 20080209
install source: C:\Program Files\Google\Installers\
uninstall cmd: MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
publisher: Google Inc.
ccCommon 103.0.1.26 ({DC367608-64A7-4BF7-92F4-8BAA25BA02DB})
version: 1728053249
version (major): 103
estimated size: 5682
install date: 20071215
install source: D:\I386\APPS\APP00922\Support\ccCommon\
uninstall cmd: MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
publisher: Symantec
Neighbors From Hell: On Vacation 1.0.0 ({DE790600-2AEB-456D-836A-6654DB2577CD})
version: 16777216
version (major): 1
estimated size: 388032
install date: 20071225
install source: F:\
uninstall cmd: MsiExec.exe /I{DE790600-2AEB-456D-836A-6654DB2577CD}
publisher: JoWooD Studio Vienna
Ad-Aware 2007 7.0.2.6 ({DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF})
version: 117440514
version (major): 7
estimated size: 27365
install date: 20080120
install location: C:\Program Files\Lavasoft\Ad-Aware 2007\
install source: C:\Program Files\Common Files\Wise Installation Wizard\
uninstall cmd: MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
publisher: Lavasoft
help link: http://www.lavasoftsupport.com
Norton AntiVirus Parent MSI 11.0.1 ({E5EE9939-259F-4DE2-8023-5C49E16A4F43})
version: 184549377
version (major): 11
estimated size: 661
install date: 20071215
install source: D:\I386\APPS\APP00922\NAV\
uninstall cmd: MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
publisher: Symantec Corp.
Realtek High Definition Audio Driver ({F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" REMOVE
McAfee AntiSpyware 1.00.0000 ({F39A74A0-FAE2-401C-AED1-1C941AA28EA8})
version: 16777216
version (major): 1
estimated size: 5442
install date: 20071215
install location: C:\Program Files\McAfee\McAfee AntiSpyware\
install source: D:\I386\APPS\APP12148\
uninstall cmd: MsiExec.exe /I{F39A74A0-FAE2-401C-AED1-1C941AA28EA8}
publisher: McAfee Consumer Division
comments: McAfee AntiSpyware
contact: techsupport@mcafeehelp.com
help link: http://www.mcafeehelp.com
help telephone: (408)992-8599
readme: C:\Program Files\McAfee\McAfee AntiSpyware\Readme.txt
Norton WMI Update 2005.1.0.111 ({F64306A5-4C32-41bb-B153-53986527FAB4})
version (major): 2005
version (minor): 1
estimated size: 613
install date: 20071215
install source: D:\I386\APPS\APP00922\Support\SymSC\
uninstall cmd: MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4}
publisher: Symantec Corporation
CommentKahuna 1.0.2 ({F85C7360-582E-4EB8-824B-5B2FBB2BB7FE})
version: 16777218
version (major): 1
estimated size: 556
install date: 20080113
uninstall cmd: MsiExec.exe /I{F85C7360-582E-4EB8-824B-5B2FBB2BB7FE}
publisher: Profitstudios
contact: Profitstudios
Multimedia Keyboard Driver ({FF262740-C85A-11D5-BBEC-00D0B740900A})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF262740-C85A-11D5-BBEC-00D0B740900A}\Setup.exe" -l0x9
--- System Services ---
Service (registry key): .NET CLR Data
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): .NET CLR Networking
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): .NET Data Provider for Oracle
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): .NET Data Provider for SqlServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): .NETFramework
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): aawservice
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Ad-Aware 2007 Service
Description: Ad-Aware service
Object name: LocalSystem
Image path: "C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"
Image size: 587096
Image MD5: 0629361FAC4576BA48AB39F4903DCE9E
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 0
Depends On services: RpcSS
Service (registry key): Abiosdsk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0
Service (registry key): abp480n5
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ABP480N5.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): ACPI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft ACPI Driver
Image path: system32\DRIVERS\ACPI.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): ACPIEC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): acssrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Agnitum Client Security Service
Description: Agnitum Client Security Service
Object name: LocalSystem
Image path: C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
Image size: 1183744
Image MD5: 06A004785A5869973C3F9C894D39366D
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0
Service (registry key): adpu160m
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\adpu160m.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): aec
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel Acoustic Echo Canceller
Image path: system32\drivers\aec.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): AegisP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AEGIS Protocol (IEEE 802.1x) v3.2.0.3
Description: AEGIS Protocol (IEEE 802.1x) v3.2.0.3
Image path: system32\DRIVERS\AegisP.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1
Service (registry key): AFD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AFD
Description: AFD Networking Support Environment
Image path: \SystemRoot\System32\drivers\afd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): afw
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Agnitum firewall driver
Image path: system32\DRIVERS\afw.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): agp440
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel AGP Bus Filter
Image path: system32\DRIVERS\agp440.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): agpCPQ
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Compaq AGP Bus Filter
Image path: system32\DRIVERS\agpCPQ.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): Aha154x
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\aha154x.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): aic78u2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\aic78u2.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): aic78xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\aic78xx.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): Alerter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Alerter
Description: Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation
Service (registry key): ALG
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Application Layer Gateway Service
Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 44544
Image MD5: F1958FBF86D5C004CF19A5951A9514B7
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Service (registry key): AliIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\aliide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): alim1541
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ALI AGP Bus Filter
Image path: system32\DRIVERS\alim1541.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): amdagp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AMD AGP Bus Filter Driver
Image path: system32\DRIVERS\amdagp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): amsint
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\amsint.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): AOL ACS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AOL Connectivity Service
Object name: LocalSystem
Image path: C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
Image size: 1135728
Image MD5: 8FA646F0E639D9A8C8B98E217D471DC0
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Service (registry key): AppMgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Application Management
Description: Provides software installation services such as Assign, Publish, and Remove.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Service (registry key): Arp1394
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: 1394 ARP Client Protocol
Description: 1394 ARP Client Protocol
Image path: system32\DRIVERS\arp1394.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip
Service (registry key): asc
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\asc.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): asc3350p
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\asc3350p.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): asc3550
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\asc3550.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): ASP.NET
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): ASP.NET_1.1.4322
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): ASP.NET_2.0.50727
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): aspnet_state
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ASP.NET State Service
Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\as pnet_state.exe
Image size: 33800
Image MD5: 4EABF511B1AF176A971C3271E48FA3A8
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Service (registry key): ASWFilt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ASWFilt
Description: Agnitum Kernel Mode Anti-Spyware SandBox plug-in
Image path: system32\Filt\ASWFilt.dll
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): AsyncMac
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: RAS Asynchronous Media Driver
Description: RAS Asynchronous Media Driver
Image path: system32\DRIVERS\asyncmac.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): atapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Standard IDE/ESDI Hard Disk Controller
Image path: system32\DRIVERS\atapi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): Atdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0
Service (registry key): Atmarpc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ATM ARP Client Protocol
Description: ATM ARP Client Protocol
Image path: system32\DRIVERS\atmarpc.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip
Service (registry key): AudioSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Audio
Description: Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs
Service (registry key): audstub
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Audio Stub Driver
Image path: system32\DRIVERS\audstub.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): AVG Anti-Spyware Driver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AVG Anti-Spyware Driver
Image path: \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): AVG Anti-Spyware Guard
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AVG Anti-Spyware Guard
Object name: LocalSystem
Image path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
Image size: 312880
Image MD5: 5DCD235C061022BCDA9AA48670B64211
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Service (registry key): AvgAsCln
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AVG Anti-Spyware Clean Driver
Image path: System32\DRIVERS\AvgAsCln.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): BattC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): Beep
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): BITS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Background Intelligent Transfer Service
Description: Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs
Service (registry key): Browser
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Computer Browser
Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,LanmanServer
Service (registry key): cbidf
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\cbidf2k.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): cbidf2k
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): ccSetMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Settings Manager
Description: Symantec Settings Manager
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
Image size: 164984
Image MD5: B0695A42CE28525EC60DC9F7D2348EB9
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0
Depends On services: RPCSS
Service (registry key): cd20xrnt
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\cd20xrnt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): Cdaudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): Cdfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"
Service (registry key): Cdrom
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD-ROM Driver
Image path: system32\DRIVERS\cdrom.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"
Service (registry key): Changer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): CiSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Indexing Service
Description: Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language.
Object name: LocalSystem
Image path: %SystemRoot%\system32\cisvc.exe
Image size: 5632
Image MD5: 3192BD04D032A9C4A85A3278C268A13A
Control Set: CurrentControlSet
Start: 3
Type: 288
Error Control: 1
Depends On services: RPCSS
Service (registry key): ClipSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ClipBook
Description: Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\clipsrv.exe
Image size: 33280
Image MD5: C8DEC22C4137D7A90F8BDF41CA4B82AE
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 1
Depends On services: NetDDE
Service (registry key): clr_optimization_v2.0.50727_32
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: .NET Runtime Optimization Service v2.0.50727_X86
Description: Microsoft .NET Framework NGEN
Object name: LocalSystem
Image path: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
Image size: 70144
Image MD5: 234B1BC2796483E1F5C3F26649FB3388
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Service (registry key): CmdIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\cmdide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): COMSysApp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: COM+ System Application
Description: Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Image size: 5120
Image MD5: DD87DB7387B9EB441C5674888A0D840C
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: rpcss
Service (registry key): ContentFilter
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): ContentIndex
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): Cpqarray
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\cpqarray.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): CryptSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Cryptographic Services
Description: Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs
Service (registry key): dac2w2k
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\dac2w2k.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): dac960nt
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\dac960nt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): DcomLaunch
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DCOM Server Process Launcher
Description: Provides launch functionality for DCOM services.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost -k DcomLaunch
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Service (registry key): Dhcp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DHCP Client
Description: Manages network configuration by registering and updating IP addresses and DNS names.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd,NetBT
Service (registry key): Disk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Disk Driver
Image path: system32\DRIVERS\disk.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"
Service (registry key): dmadmin
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logical Disk Manager Administrative Service
Description: Configures hard disk drives and volumes. The service only runs for configuration processes and then stops.
Object name: LocalSystem
Image path: %SystemRoot%\System32\dmadmin.exe /com
Image size: 224768
Image MD5: 554C7CB178FE3BD12450B81AD63ADBC3
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay,DmServer
Service (registry key): dmboot
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\drivers\dmboot.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): dmio
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\drivers\dmio.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): dmload
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\drivers\dmload.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): dmserver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logical Disk Manager
Description: Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay
Service (registry key): DMusic
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel DLS Syntheiszer
Image path: system32\drivers\DMusic.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): DNINDIS5
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DNINDIS5 NDIS Protocol Driver
Image path: \??\C:\WINDOWS\system32\DNINDIS5.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Dnscache
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DNS Client
Description: Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip
Service (registry key): dpti2o
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\dpti2o.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): drmkaud
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel DRM Audio Descrambler
Image path: system32\drivers\drmkaud.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): E100B
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) PRO Adapter Driver
Image path: system32\DRIVERS\e100b325.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): ERSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Error Reporting Service
Description: Allows error reporting for services and applictions running in non-standard environments.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSs
Service (registry key): Eventlog
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Event Log
Description: Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 108032
Image MD5: C6CE6EEC82F187615D1002BB3BB50ED4
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Service (registry key): EventSystem
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: COM+ Event System
Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS
Service (registry key): F-Secure Standalone Minifilter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: F-Secure Standalone Minifilter
Image path: \??\C:\DOCUME~1\Owner\LOCALS~1\Temp\OnlineScanner\ Anti-Virus\fsgk.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): Fastfat
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Service (registry key): FastUserSwitchingCompatibility
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Fast User Switching Compatibility
Description: Provides management for applications that require assistance in a multiple user environment.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: TermService
Service (registry key): Fdc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Floppy Disk Controller Driver
Image path: system32\DRIVERS\fdc.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Fips
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): Flpydisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Floppy Disk Driver
Image path: system32\DRIVERS\flpydisk.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): FltMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: FltMgr
Description: File System Filter Manager Driver
Image path: system32\DRIVERS\fltMgr.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1
Service (registry key): Fs_Rec
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 8
Error Control: 0
Service (registry key): Ftdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Volume Manager Driver
Image path: system32\DRIVERS\ftdisk.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): Gpc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Generic Packet Classifier
Description: Generic Packet Classifier
Image path: system32\DRIVERS\msgpc.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): gusvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Google Updater Service
Object name: LocalSystem
Image path: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
Image size: 138680
Image MD5: D213C2B1CE0FAEAB59EC0C55B4493F94
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0
Depends On services: RPCSS
Service (registry key): HdAudAddService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft UAA Function Driver for High Definition Audio Service
Image path: system32\drivers\HdAudio.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): HDAudBus
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft UAA Bus Driver for High Definition Audio
Image path: system32\DRIVERS\HDAudBus.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): helpsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Help and Support
Description: Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS
Service (registry key): HidServ
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: HID Input Service
Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs
Service (registry key): HidUsb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft HID Class Driver
Image path: system32\DRIVERS\hidusb.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): hpn
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\hpn.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): HSFHWBS2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\HSFHWBS2.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): HSF_DP
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\HSF_DP.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): HTTP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: HTTP
Description: This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start.
Image path: System32\Drivers\HTTP.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): HTTPFilter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: HTTP SSL
Description: This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k HTTPFilter
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP
Service (registry key): i2omgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): i2omp
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\i2omp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): i8042prt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: i8042 Keyboard and PS/2 Mouse Port Driver
Image path: system32\DRIVERS\i8042prt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): ialm
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ialmnt5.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): Imapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD-Burning Filter Driver
Image path: system32\DRIVERS\imapi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): ImapiService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IMAPI CD-Burning COM Service
Description: Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\imapi.exe
Image size: 150016
Image MD5: FA788520BCAC0F5D9D5CDE5615C0D931
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Service (registry key): inetaccs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): ini910u
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ini910u.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): Inport
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): IntcAzAudAddService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Service for Realtek HD Audio (WDM)
Image path: system32\drivers\RtkHDAud.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): IntelIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\intelide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): intelppm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel Processor Driver
Image path: system32\DRIVERS\intelppm.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): Ip6Fw
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPv6 Windows Firewall Driver
Description: Provides intrusion prevention service for a home or small office network.
Image path: system32\DRIVERS\Ip6Fw.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): IpFilterDriver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Image path: system32\DRIVERS\ipfltdrv.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip
Service (registry key): IpInIp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP in IP Tunnel Driver
Description: IP in IP Tunnel Driver
Image path: system32\DRIVERS\ipinip.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip
Service (registry key): IpNat
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP Network Address Translator
Description: IP Network Address Translator
Image path: system32\DRIVERS\ipnat.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip
Service (registry key): IPSec
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPSEC driver
Description: IPSEC driver
Image path: system32\DRIVERS\ipsec.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): IRENUM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IR Enumerator Service
Image path: system32\DRIVERS\irenum.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): ISAPISearch
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): isapnp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PnP ISA/EISA Bus Driver
Image path: system32\DRIVERS\isapnp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3
Service (registry key): Kbdclass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Keyboard Class Driver
Image path: system32\DRIVERS\kbdclass.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): kbdhid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Keyboard HID Driver
Image path: system32\DRIVERS\kbdhid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): kmixer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel Wave Audio Mixer
Image path: system32\drivers\kmixer.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): KSecDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): lanmanserver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Server
Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Service (registry key): lanmanworkstation
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Workstation
Description: Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Service (registry key): lbrtfdc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): ldap
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): LicenseService
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): LmHosts
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TCP/IP NetBIOS Helper
Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: NetBT,Afd
Service (registry key): McAfeeAntiSpyware
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: McAfee AntiSpyware Real-Time Scanner
Object name: LocalSystem
Image path: C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe
Image size: 90112
Image MD5: 1F1F459E191FD540D0C4F306BDD500A9
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0
Service (registry key): mcupdmgr.exe
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: McAfee SecurityCenter Update Manager
Object name: LocalSystem
Image path: C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
Image size: 249856
Image MD5: ABD5B888AF754E30A95B21AD885635B0
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS
Service (registry key): mdmxsdk
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\mdmxsdk.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0
Service (registry key): Messenger
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Messenger
Description: Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,NetBIOS,PlugPlay,RpcSS
Service (registry key): mnmdd
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): mnmsrvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetMeeting Remote Desktop Sharing
Description: Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\mnmsrvc.exe
Image size: 32768
Image MD5: F6415361201915B9FE3896B0E4E724FF
Control Set: CurrentControlSet
Start: 3
Type: 272
Error Control: 1
Service (registry key): Modem
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): MotDev
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Motorola Inc. USB Device
Image path: system32\DRIVERS\motodrv.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): motmodem
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Motorola USB CDC ACM Driver
Image path: system32\DRIVERS\motmodem.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): Mouclass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mouse Class Driver
Image path: system32\DRIVERS\mouclass.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): mouhid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mouse HID Driver
Image path: system32\DRIVERS\mouhid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): MountMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): mraid35x
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\mraid35x.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): MRxDAV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WebDav Client Redirector
Description: WebDav Client Redirector
Image path: system32\DRIVERS\mrxdav.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Service (registry key): MRxSmb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MRXSMB
Description: MRXSMB
Image path: system32\DRIVERS\mrxsmb.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Service (registry key): MSDTC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Distributed Transaction Coordinator
Description: Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: C:\WINDOWS\system32\msdtc.exe
Image size: 6144
Image MD5: C7C3D89EB0A6F3DBA622EA737FA335B1
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS,SamSS
Service (registry key): Msfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Service (registry key): MSIServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Installer
Description: Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %systemroot%\system32\msiexec.exe /V
Image size: 78848
Image MD5: F5F0146580E7023ADB963879840777F8
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs
Service (registry key): MSKSSRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Service Proxy
Image path: system32\drivers\MSKSSRV.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): MSPCLOCK
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Clock Proxy
Image path: system32\drivers\MSPCLOCK.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): MSPQM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Quality Manager Proxy
Image path: system32\drivers\MSPQM.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): mssmbios
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft System Management BIOS Driver
Image path: system32\DRIVERS\mssmbios.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Mup
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mup
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1
Service (registry key): mxnic
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Macronix MX987xx Family Fast Ethernet NT Driver
Image path: system32\DRIVERS\mxnic.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): NAVENG
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NAVENG
Image path: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\2004081 1.020\NAVENG.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): NAVEX15
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NAVEX15
Image path: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\2004081 1.020\NAVEX15.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): NDIS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NDIS System Driver
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): NdisTapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Image path: system32\DRIVERS\ndistapi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Ndisuio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Image path: system32\DRIVERS\ndisuio.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): NdisWan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access NDIS WAN Driver
Description: Remote Access NDIS WAN Driver
Image path: system32\DRIVERS\ndiswan.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): NDProxy
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): NetBIOS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetBIOS Interface
Description: NetBIOS Interface
Image path: system32\DRIVERS\netbios.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Service (registry key): NetBT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetBios over Tcpip
Description: NetBios over Tcpip
Image path: system32\DRIVERS\netbt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: Tcpip
Service (registry key): NetDDE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network DDE
Description: Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 111104
Image MD5: 05AFB5AD06462257BEA7495283C86D50
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: NetDDEDSDM
Service (registry key): NetDDEdsdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network DDE DSDM
Description: Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 111104
Image MD5: 05AFB5AD06462257BEA7495283C86D50
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Service (registry key): Netlogon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Net Logon
Description: Supports pass-through authentication of account logon events for computers in a domain.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation
Service (registry key): Netman
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Connections
Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 288
Error Control: 1
Depends On services: RpcSs
Service (registry key): NIC1394
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: 1394 Net Driver
Image path: system32\DRIVERS\nic1394.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Nla
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Location Awareness (NLA)
Description: Collects and stores network configuration and location information, and notifies applications when this information changes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd
Service (registry key): NPFMntor
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Norton AntiVirus Firewall Monitor Service
Description: Detects installation of Symantec Firewall clients
Object name: LocalSystem
Image path: "C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe"
Image size: 46208
Image MD5: 1880A485022FF365B5FD6F92BBFE012D
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0
Service (registry key): Npfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Service (registry key): Ntfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Service (registry key): NtLmSsp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NT LM Security Support Provider
Description: Provides security to remote procedure call (RPC) programs that use transports other than named pipes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Service (registry key): NtmsSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Removable Storage
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs
Service (registry key): Null
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): nv
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\nv4_mini.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): NwlnkFlt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPX Traffic Filter Driver
Description: IPX Traffic Filter Driver
Image path: system32\DRIVERS\nwlnkflt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: NwlnkFwd
Service (registry key): NwlnkFwd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPX Traffic Forwarder Driver
Description: IPX Traffic Forwarder Driver
Image path: system32\DRIVERS\nwlnkfwd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): ohci1394
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: OHCI Compliant IEEE 1394 Host Controller
Image path: system32\DRIVERS\ohci1394.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): P3
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel PentiumIII Processor Driver
Image path: system32\DRIVERS\p3.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): Parport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Parallel port driver
Image path: system32\DRIVERS\parport.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): PartMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): ParVdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0
Depends On services: Parport
Depends On group: "Parallel arbitrator"
Service (registry key): PCI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PCI Bus Driver
Image path: system32\DRIVERS\pci.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3
Service (registry key): PCIDump
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): PCIIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\pciide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): Pcmcia
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): PDCOMP
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): PDFRAME
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): PDRELI
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): PDRFRAME
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): perc2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\perc2.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): perc2hib
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\perc2hib.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): PerfDisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): PerfNet
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): PerfOS
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): PerfProc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): PlugPlay
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Plug and Play
Description: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 108032
Image MD5: C6CE6EEC82F187615D1002BB3BB50ED4
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Service (registry key): PolicyAgent
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPSEC Services
Description: Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,Tcpip,IPSec
Service (registry key): PptpMiniport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Image path: system32\DRIVERS\raspptp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): PrismXL
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PrismXL
Object name: LocalSystem
Image path: C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 0
Service (registry key): ProtectedStorage
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Protected Storage
Description: Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Control Set: CurrentControlSet
Start: 2
Type: 288
Error Control: 1
Depends On services: RpcSs
Service (registry key): PSched
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Image path: system32\DRIVERS\psched.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Gpc
Service (registry key): Ptilink
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Direct Parallel Link Driver
Description: Direct Parallel Link Driver
Image path: system32\DRIVERS\ptilink.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): PxHelp20
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PxHelp20
Image path: System32\Drivers\PxHelp20.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): ql1080
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ql1080.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): Ql10wnt
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ql10wnt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): ql12160
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ql12160.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): ql1240
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ql1240.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): ql1280
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ql1280.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): RasAcd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Image path: system32\DRIVERS\rasacd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): RasAuto
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Auto Connection Manager
Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RasMan,Tapisrv
Service (registry key): Rasl2tp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Image path: system32\DRIVERS\rasl2tp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): RasMan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Connection Manager
Description: Creates a network connection.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Tapisrv
Service (registry key): RasPppoe
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access PPPOE Driver
Description: Remote Access PPPOE Driver
Image path: system32\DRIVERS\raspppoe.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Raspti
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Direct Parallel
Description: Direct Parallel
Image path: system32\DRIVERS\raspti.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Rdbss
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Rdbss
Description: Rdbss
Image path: system32\DRIVERS\rdbss.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Service (registry key): RDPCDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\RDPCDD.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): RDPDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): rdpdr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Server Device Redirector Driver
Image path: system32\DRIVERS\rdpdr.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): RDPNP
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): RDPWD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): RDSessMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Desktop Help Session Manager
Description: Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\sessmgr.exe
Image size: 140800
Image MD5: 729798E0933076B8FCFCD9934698F164
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS
Service (registry key): redbook
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Digital CD Audio Playback Filter Driver
Image path: system32\DRIVERS\redbook.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): RemoteAccess
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Routing and Remote Access
Description: Offers routing services to businesses in local area and wide area network environments.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSS
Depends On group: NetBIOSGroup
Service (registry key): RpcLocator
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Procedure Call (RPC) Locator
Description: Manages the RPC name service database.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\locator.exe
Image size: 75264
Image MD5: 793F04A09B15E7C6C11DBDFFAF06C0AB
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: LanmanWorkstation
Service (registry key): RpcSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Procedure Call (RPC)
Description: Provides the endpoint mapper and other miscellaneous RPC services.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost -k rpcss
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Service (registry key): RSVP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: QoS RSVP
Description: Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets.
Object name: LocalSystem
Image path: %SystemRoot%\system32\rsvp.exe
Image size: 132608
Image MD5: 471B3F9741D762ABE75E9DEEA4787E47
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: TcpIp,Afd,RpcSs
Service (registry key): SamSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Security Accounts Manager
Description: Stores security information for local user accounts.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS
Service (registry key): SandBox
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SandBox
Description: Agnitum Host Protection Component
Image path: system32\DRIVERS\SandBox.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): SASDIFSV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SASDIFSV
Image path: \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): SASENUM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SASENUM
Image path: \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): SASKUTIL
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SASKUTIL
Image path: \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): SAVRT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SAVRT
Image path: \??\C:\Program Files\Norton AntiVirus\SAVRT.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: SAVRTPEL
Service (registry key): SAVRTPEL
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SAVRTPEL
Image path: \??\C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1
Service (registry key): SAVScan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SAVScan
Description: Handles Norton AntiVirus Auto-Protect Archive Scanning
Object name: LocalSystem
Image path: "C:\Program Files\Norton AntiVirus\SAVScan.exe"
Image size: 197864
Image MD5: CF3235D1D5BC8F1E7BEF28FC0BDBCDC9
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: SAVRT
Service (registry key): SBService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ScriptBlocking Service
Object name: LocalSystem
Image path: C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
Image size: 66688
Image MD5: FFCF3E6242D7CDC12A91DFE75C89D690
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Service (registry key): SCardSvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Smart Card
Description: Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\SCardSvr.exe
Image size: 95744
Image MD5: 25D8DE134DF108E3DBC8D7D23B1AA58E
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 0
Depends On services: PlugPlay
Service (registry key): Schedule
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Task Scheduler
Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs
Service (registry key): Secdrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Secdrv
Description: SafeDisc driver
Image path: system32\DRIVERS\secdrv.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): seclogon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Secondary Logon
Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 288
Error Control: 0
Service (registry key): SENS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: System Event Notification
Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: EventSystem
Service (registry key): serenum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Serenum Filter Driver
Image path: system32\DRIVERS\serenum.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Serial
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Serial port driver
Image path: system32\DRIVERS\serial.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): Sfloppy
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Depends On group: "SCSI miniport"
Service (registry key): SharedAccess
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Firewall/Internet Connection Sharing (ICS)
Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Netman,WinMgmt
Service (registry key): ShellHWDetection
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Shell Hardware Detection
Description: Provides notifications for AutoPlay hardware events.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSs
Service (registry key): Simbad
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): sisagp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SIS AGP Bus Filter
Image path: system32\DRIVERS\sisagp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): SNDSrvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Network Drivers Service
Description: Symantec Network Drivers Service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
Image size: 206048
Image MD5: 4424E504DC24284194BEAA04F045B9C3
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Service (registry key): Sparrow
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\sparrow.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): SPBBCDrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SPBBCDrv
Image path: \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): SPBBCSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec SPBBCSvc
Description: Symantec SPBBC
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"
Image size: 173160
Image MD5: 08FA56B7C13B4CBF0E5D351AECAD92B1
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS
Service (registry key): splitter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel Audio Splitter
Image path: system32\drivers\splitter.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Spooler
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Print Spooler
Description: Loads files to memory for later printing.
Object name: LocalSystem
Image path: %SystemRoot%\system32\spoolsv.exe
Image size: 57856
Image MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS
Service (registry key): sr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: System Restore Filter Driver
Image path: system32\DRIVERS\sr.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1
Service (registry key): srservice
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: System Restore Service
Description: Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs
Service (registry key): Srv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Srv
Description: Srv
Image path: system32\DRIVERS\srv.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Service (registry key): SSDPSRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SSDP Discovery Service
Description: Enables discovery of UPnP devices on your home network.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP
Service (registry key): stisvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Image Acquisition (WIA)
Description: Provides image acquisition services for scanners and cameras.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k imgsvc
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs
Service (registry key): SunkFilt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Alcor Micro Corp - 9360
Image path: \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): SunkFilt39
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Alcor Micro Corp - 3239
Image path: \??\C:\WINDOWS\System32\Drivers\sunkfilt39.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Sunkfiltp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: HP && Alcor Micro Corp for Phison
Image path: \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): swenum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Software Bus Driver
Image path: system32\DRIVERS\swenum.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): swmidi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel GS Wavetable Synthesizer
Image path: system32\drivers\swmidi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): SwPrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MS Software Shadow Copy Provider
Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{63C33B1B-E9A2-4399-8C21-F59FA31488FA}
Image size: 5120
Image MD5: DD87DB7387B9EB441C5674888A0D840C
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Depends On services: rpcss
Service (registry key): symc810
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\symc810.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): symc8xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\symc8xx.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): SYMREDRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\System32\Drivers\SYMREDRV.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): sym_hi
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\sym_hi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): sym_u3
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\sym_u3.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): sysaudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel System Audio Device
Image path: system32\drivers\sysaudio.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): SysmonLog
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Performance Logs and Alerts
Description: Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\system32\smlogsvc.exe
Image size: 89600
Image MD5: 8B54AA346D1B1B113FFAA75501B8B1B2
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Service (registry key): TapiSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Telephony
Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs
Service (registry key): Tcpip
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Image path: system32\DRIVERS\tcpip.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: IPSec
Service (registry key): TDPIPE
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): TDTCP
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): TermDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Device Driver
Image path: system32\DRIVERS\termdd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): TermService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Services
Description: Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost -k DComLaunch
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS
Service (registry key): Themes
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Themes
Description: Provides user experience theme management.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Service (registry key): TosIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\toside.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): TrkWks
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Distributed Link Tracking Client
Description: Maintains links between NTFS files within a computer or across computers in a network domain.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs
Service (registry key): TSDDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): Udfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Service (registry key): ultra
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ultra.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): UMWdf
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows User Mode Driver Framework
Description: Enables Windows user mode drivers.
Object name: NT AUTHORITY\LocalService
Image path: C:\WINDOWS\system32\wdfmgr.exe
Image size: 38912
Image MD5: AB0A7CA90D9E3D6A193905DC1715DED0
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RpcSs
Service (registry key): Update
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microcode Update Driver
Image path: system32\DRIVERS\update.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): upnphost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Universal Plug and Play Device Host
Description: Provides support to host Universal Plug and Play devices.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: SSDPSRV,HTTP
Service (registry key): UPS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Uninterruptible Power Supply
Description: Manages an uninterruptible power supply (UPS) connected to the computer.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\ups.exe
Image size: 18432
Image MD5: 3F5DF65B0758675F95A2D43918A740A3
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Service (registry key): usbccgp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Generic Parent Driver
Image path: system32\DRIVERS\usbccgp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): usbehci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB 2.0 Enhanced Host Controller Miniport Driver
Image path: system32\DRIVERS\usbehci.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): usbhub
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB2 Enabled Hub
Image path: system32\DRIVERS\usbhub.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): USBSTOR
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB Mass Storage Driver
Image path: system32\DRIVERS\USBSTOR.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): usbuhci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Universal Host Controller Miniport Driver
Image path: system32\DRIVERS\usbuhci.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): VgaSave
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\System32\drivers\vga.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): viaagp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: VIA AGP Bus Filter
Image path: system32\DRIVERS\viaagp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): ViaIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\viaide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): VolSnap
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): VSS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Volume Shadow Copy
Description: Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\vssvc.exe
Image size: 289792
Image MD5: 3EE00364AE0FD8D604F46CBAF512838A
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS
Service (registry key): W32Time
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Time
Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Service (registry key): W3SVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): Wanarp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Image path: system32\DRIVERS\wanarp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): wanatw
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (ATW)
Image path: system32\DRIVERS\wanatw4.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Wdf01000
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Wdf01000
Image path: system32\DRIVERS\Wdf01000.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): WDICA
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): wdmaud
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft WINMM WDM Audio Compatibility Driver
Image path: system32\drivers\wdmaud.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): WebClient
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WebClient
Description: Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: MRxDAV
Service (registry key): winachsf
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\HSF_CNXT.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): winmgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Management Instrumentation
Description: Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS
Service (registry key): Winsock
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 4
Error Control: 1
Service (registry key): WinSock2
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): WinTrust
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): WmdmPmSN
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Portable Media Serial Number Service
Description: Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Service (registry key): WmiApRpl
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): WmiApSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WMI Performance Adapter
Description: Provides performance library information from WMI HiPerf providers.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\wbem\wmiapsrv.exe
Image size: 126464
Image MD5: BA8CECC3E813E1F7C441B20393D4F86C
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS
Service (registry key): WPN111
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Wireless USB 2.0 Adapter with RangeMax Service
Image path: system32\DRIVERS\WPN111.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): WS2IFSL
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 0
Error Control: 0
Service (registry key): wscsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Security Center
Description: Monitors system security settings and configurations.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,winmgmt
Service (registry key): wuauserv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Automatic Updates
Description: Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Service (registry key): WZCSVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Wireless Zero Configuration
Description: Provides automatic configuration for the 802.11 adapters
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,Ndisuio
Service (registry key): xmlprov
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Provisioning Service
Description: Manages XML configuration files on a domain basis for automatic network provisioning.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs
Service (registry key): {291A202C-7BA9-4A72-BD22-829F5A1F0F3B}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): {6BB1DDB4-841F-4AAA-BD6B-E82607B11598}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): {F43A2FAB-DB1F-4090-80DF-7BA6217F0500}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
-
Welcome,
Items/programs that can interfere with the fix
I notice that you have Spybot's TeaTimer running. While this is normally a wonderful tool to protect against hijackers, it can also interfere with HijackThis fixes. So please disable TeaTimer by doing the following:- Run Spybot-S&D
- Go to the Mode menu, and make sure "Advanced Mode" is selected
- On the left hand side, choose Tools -> Resident
- Uncheck "Resident TeaTimer" and OK any prompts
You can reenable TeaTimer once your system is clean.
AVG Anti-Spyware (formerly ewido)
Launch AVG Anti-Spyware and in the main window click "Realtime protection" (in green indicating "Active") to change to inactive.
Now reboot into safe mode( without networking support) by tapping your F8 key upon restart and safe mode screen appears, select safe mode and press enter.
Run hijackthis and click on "scan system only" button and put checks next to these:
O2 - BHO: {9278edf9-8a93-3ee8-1464-131917f7a503} - {305a7f71-9131-4641-8ee3-39a89fde8729} - C:\WINDOWS\system32\lvbgsdat.dll
O2 - BHO: (no name) - {C4647C0B-369F-41E9-A8A8-2E65620DA119} - C:\WINDOWS\system32\qoMfecYq.dll (file missing)
O2 - BHO: (no name) - {E23136A1-1AC4-4D1B-926F-5D537CFFF359} - C:\WINDOWS\system32\opnmNdDt.dll
O4 - HKLM\..\Run: [b420deac] rundll32.exe "C:\WINDOWS\system32\finphrln.dll",b
O4 - HKLM\..\Run: [BMb713ed30] Rundll32.exe "C:\WINDOWS\system32\mwkpagvg.dll",s
O20 - Winlogon Notify: opnmNdDt - C:\WINDOWS\SYSTEM32\opnmNdDt.dll
Please close ALL browser windows (including this one).
Everything closed out but hijackthis and click on "fix checked"
Still in safe mode
Navigate to these files or folders using Windows Explorer (OR Start -> Search) and delete (if present):
DELETE FILES:
C:\WINDOWS\system32\finphrln.dll",b
C:\WINDOWS\system32\mwkpagvg.dll",s
C:\WINDOWS\SYSTEM32\opnmNdDt.dll
Reboot your PC
It appears you are running two anti-virus programs at the same time, not good, please uninstall one of them from add/remove program > Mcafee or Symanetec
Please download VundoFix.exe to your desktop.- Double-click VundoFix.exe to run it.
- Click the Scan for Vundo button.
- Once it's done scanning, click the Remove Vundo button.
- You will receive a prompt asking if you want to remove the files, click YES
- Once you click yes, your desktop will go blank as it starts removing Vundo.
- When completed, it will prompt that it will reboot your computer, click OK.
- Please post the contents of C:\vundofix.txt and a new HiJackThis log.
Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.
After the above see if you can run super anti spyware as it is the best vundo trojan killer on the planet and you have it. Update it first if possible.
New hijackthis please.
Last edited by Neal; 29-05-2008 at 01:27 AM.
-
It worked !! Thank you soooo much.
-
If you are no longer having any more trouble here is some preventative measures for you.
Be sure to re-hide hidden files/folders if you were asked to unhide them
Here are some preventive measures you can take to keep your computer from getting infected again. Also keep SpybotS&D updated.
http://www.d-a-l.com/help/showthread.php?t=32403
Flush your restore points in ME and XP, by turning System Restore off and then back on.
This will create a fresh restore point.
Explained Here:
Windows XP: http://vil.nai.com/vil/SystemHelpDoc...ysRestore.aspx
Explained Here
Microsoft ME:
http://service1.symantec.com/SUPPORT...rc=sec_doc_nam
Please download ATF Cleaner by Atribune to desktop.
http://www.atribune.org/public-beta/ATF-Cleaner.exe
Double-click ATF-Cleaner.exe to run the program, to clean junk files off your PC.
If you would like to keep your cookies don't check that item
* Under Main "Select Files to Delete" choose: Select All.
* Click the Empty Selected button.
* If you use Firefox browser click Firefox at the top and choose: Select All
* Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
* If you use Opera browser click Opera at the top and choose: Select All
* Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
To reduce the re-infection potential for malware and protect yourself against spyware, here are a few helpful suggestions:
1. Keep Windows and Internet Explorer current with the latest critical security updates from Microsoft. This will patch many of the security holes through which attackers can gain access to your computer. You CANNOT complete this update using an alternate browser.
http://v5.windowsupdate.microsoft.co....aspx?ln=en-us
http://www.microsoft.com/windows/ie/default.asp
2. Run your antivirus software regularly, and to keep its definitions up-to-date. If you are thinking about switching, there are a some good free Antivirus programs that are decent, including Avira and Avast and PCTools.
AVIRA: http://www.free-av.com/]Avira
AVAST: http://www.avast.com/eng/avast_4_home.html
PCTOOLS: http://www.pctools.com/free-antivirus/
3. In addtion to using SpyBot S&D consider using another free malware scanning/removal program:
Windows Defender: http://www.microsoft.com/athome/secu...e/default.mspx
4. Consider using a free firewall if you are not already using one. Some good free ones are:
Kerio: http://www.sunbelt-software.com/Home...onal-Firewall/
Comodo: http://www.personalfirewall.comodo.com/
5. Consider using an alternate free browser for general web surfing but you must use IE for windows update.
Mozilla Firefox: www.mozilla.org/products/firefox/
6. Consider increasing your browser security by using Spyware Blaster:
SpywareBlaster will increase browser protection by blocking Thousands of known malware sites by adding them to IE's restricted sites zone. Download it here:
http://www.javacoolsoftware.com/spywareblaster.html
If you use SpywareBlaster, you can also use a customblocklist to add even more entries into IE restricted sites zone. Go to this site for the current list and how to use instructions: http://customblockinglist.cjb.net/
IE-SPYAD is similar in that it adds thousands more known malware sites to IE's restricted zone. Download it here:
https://netfiles.uiuc.edu/ehowes/www/resource.htm
Block access to Untrustworthy Sites
You can prevent your computer from visiting a myriad of untrustworthy sites and ad-servers by installing a customised hosts file. One of the best available is the: MVPS Hosts File. Simply follow the instructions to install the file in the correct location. This will not only make surfing safer but will improve website load times and block popups from many of the large ad-servers.
*Remember just like your primary anti-virus software, it is important to keep all of these programs up-to-date and use them on a regular basis. It's Free
Last edited by Neal; 30-05-2008 at 10:05 PM.
