PDA

View Full Version : Reappearing spyware on startup



Snowy
2007-03-24, 23:12
I ran the eTrust web scanner and it found no viruses or anything.

I ran spybot in safe mode and it found Web Live Trend which is usually one of 20-something problems that appear whenever i run spybot in regular mode. Only fixes the problems temporarily. I have never done this before so I think i have a lot of extra junk. Please help me out : )

Logfile of HijackThis v1.99.1
Scan saved at 5:05:40 PM, on 3/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab50997.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab50997.cab
O18 - Protocol: bw+0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

shelf life
2007-03-26, 00:36
hi Snowy

log looks ok. look in add/remove programs panel and see if you have anything that might have the word search in it. like a search tool that would integrate with your browser.

shelf life

Snowy
2007-03-26, 07:27
Hey shelf life,

I looked through the add/remove panel and didnt find anything with search in it or anything that sticks out as spyware to me. I started running spybot multiple times during the day and it seems like they keep coming back randomly without me running anything manually. They are usually the same ones ranging from 20 to 30 problems. zedo, hitbox, Double Click, advertising.com, etc.

Not sure what to do. All the processes running look fine.

Snowy
2007-03-26, 07:53
Hey again,

I knew my registy was cluttered and when i downloaded several free registry programs to clean it up, they found from 500 - 700 errors. After this they told me.. by the way its not free. Do you know any free safe registry clean up programs?

I don't know if this will help my spyware problem at all, but im trying everything i can think of.

shelf life
2007-03-27, 01:18
hi Snowy,

zedo, hitbox, Double Click, advertising.com, etc.
those sound like cookies which are harmless and deposited on your computer during normal browsing.

can you post the spybot report. like this:

Open SpyBot. On the toolbar menu select mode and switch to advanced mode. on the left....lower down, select tools,then>> at top>view report. Ensure all the options are selected near the bottom except [ ]dont check: do not report disabled or known legitimate Items, then select(near the top) view report. Press export, in the save in box choose a place such as your my documents folder,or desktop then. copy/paste that log in next reply.
-----------------------
a registry normally does get gunked up over time, i know of one free one, but lets take care of what spybots finding first please.

shelf life

Snowy
2007-03-27, 03:01
Hey shelf life,
Thank you for taking time helping me.

I think they are all mostly cookies, but they come back without me browsing. Also some windows security thing in the registry keeps being shut off. I originally posted because it seems like my commit charge is too high and slowing down the computer. I was thinking spyware was the cause.

The report is ridiculously long and is about 200,000 characters too much. It would take about 15 posts. Not sure if this is what you had in mind or if the report is way longer than it should be.

Snowy
2007-03-27, 03:21
--- Search result list ---


--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/917283
/ Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/922770
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB923723)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
/ Windows XP: Security Update for Windows XP (KB923689)
/ Windows XP / SP3: Windows XP Hotfix - KB834707
/ Windows XP / SP3: Windows XP Hotfix - KB867282
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Windows XP Hotfix - KB888310
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890047
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB890923
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Security Update for Windows XP (KB896688)
/ Windows XP / SP3: Update for Windows XP (KB896727)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899588)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Security Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Security Update for Windows XP (KB916281)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917159)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917422)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918118)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
/ Windows XP / SP3: Security Update for Windows XP (KB918899)
/ Windows XP / SP3: Security Update for Windows XP (KB919007)
/ Windows XP / SP3: Security Update for Windows XP (KB920213)
/ Windows XP / SP3: Security Update for Windows XP (KB920214)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB920685)
/ Windows XP / SP3: Update for Windows XP (KB920872)
/ Windows XP / SP3: Security Update for Windows XP (KB921398)
/ Windows XP / SP3: Security Update for Windows XP (KB921883)
/ Windows XP / SP3: Update for Windows XP (KB922582)
/ Windows XP / SP3: Security Update for Windows XP (KB922616)
/ Windows XP / SP3: Security Update for Windows XP (KB922760)
/ Windows XP / SP3: Security Update for Windows XP (KB922819)
/ Windows XP / SP3: Security Update for Windows XP (KB923191)
/ Windows XP / SP3: Security Update for Windows XP (KB923414)
/ Windows XP / SP3: Security Update for Windows XP (KB923694)
/ Windows XP / SP3: Security Update for Windows XP (KB923980)
/ Windows XP / SP3: Security Update for Windows XP (KB924191)
/ Windows XP / SP3: Security Update for Windows XP (KB924270)
/ Windows XP / SP3: Security Update for Windows XP (KB924496)
/ Windows XP / SP3: Security Update for Windows XP (KB924667)
/ Windows XP / SP3: Security Update for Windows XP (KB925454)
/ Windows XP / SP3: Security Update for Windows XP (KB925486)
/ Windows XP / SP3: Security Update for Windows XP (KB926255)
/ Windows XP / SP3: Security Update for Windows XP (KB926436)
/ Windows XP / SP3: Security Update for Windows XP (KB927779)
/ Windows XP / SP3: Security Update for Windows XP (KB927802)
/ Windows XP / SP3: Security Update for Windows XP (KB928090)
/ Windows XP / SP3: Security Update for Windows XP (KB928255)
/ Windows XP / SP3: Security Update for Windows XP (KB928843)
/ Windows XP / SP3: Update for Windows XP (KB929338)
/ Windows XP / SP3: Security Update for Windows XP (KB929969)
/ Windows XP / SP3: Update for Windows XP (KB931836)


--- Startup entries list ---
Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 115816
MD5: 25be770865658cb79100117112819a7c

Located: HK_LM:Run, DeadAIM
command: rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
file: C:\WINDOWS\system32\rundll32.exe
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, osCheck
command: "C:\Program Files\Norton Internet Security\osCheck.exe"
file: C:\Program Files\Norton Internet Security\osCheck.exe
size: 26248
MD5: 3602c14e8b2bf31e7b4f14c162178945

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
file: C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
size: 75520
MD5: edf5d27c6d244740418903626df5741a

Located: HK_CU:Run, Aim6
command: "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
file: C:\Program Files\AIM6\aim6.exe
size: 50736
MD5: b6c1d859d1c25e80ab655bd5f4a6884b

Located: HK_CU:Run, MsnMsgr
command: "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
file: C:\Program Files\MSN Messenger\MsnMsgr.Exe
size: 5674352
MD5: c4281ad865739e71fd1e4dac19a68d60

Located: Startup (disabled), Adobe Reader Speed Launch (DISABLED)
command: C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE
file: C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE
size: 29696
MD5: 43362b96870ce8649f4f2ec893da93f0

Located: Startup (disabled), AutoCAD Startup Accelerator (DISABLED)
command: C:\PROGRA~1\COMMON~1\AUTODE~1\ACSTAR~1.EXE
file: C:\PROGRA~1\COMMON~1\AUTODE~1\ACSTAR~1.EXE
size: 10872
MD5: 9cbdbaf045d9572e3297e030820a21c1

Located: Startup (disabled), Dataviz Messenger (DISABLED)
command: C:\WINDOWS\DVZCOM~1\DvzMsgr.exe
file: C:\WINDOWS\DVZCOM~1\DvzMsgr.exe
size: 24576
MD5: 13816d59a60dd9bf2b13cbe7507ff240

Located: Startup (disabled), Logitech Desktop Messenger (DISABLED)
command: C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe /start
file: C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe
size: 196608
MD5: 6f2e5108667bf1149d884e3cbeb9cdd1

Located: Startup (disabled), Adobe Gamma (DISABLED)
command: C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE
file:

Located: System.ini, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll



--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
BHO name:
CLSID name: Adobe PDF Reader Link Helper
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 12/14/2004 1:56:50 AM
Date (last access): 3/26/2007 6:48:20 PM
Date (last write): 1/12/2006 8:38:22 PM
Filesize: 63128
Attributes: archive
MD5: F17B2B264072B921FC66A0BE16626BAB
CRC32: 5184CFEA
Version: 7.0.7.142

{1E8A6170-7264-4D0F-BEAE-D42A53123C75} ()
BHO name:
CLSID name:
Path: C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\
Long name: NppBHO.dll
Short name:
Date (created): 9/6/2006 1:18:24 AM
Date (last access): 3/26/2007 6:48:20 PM
Date (last write): 9/6/2006 1:18:24 AM
Filesize: 93400
Attributes: readonly archive
MD5: 28D6CF8C2E156EF8AB3E049246C22B70
CRC32: C688A3B8
Version: 2007.1.0.133

{5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
BHO name:
CLSID name: DriveLetterAccess
description: Hewlett-Packard's DLA software
classification: Unknown
known filename: tfswshx.dll
info link:
info source: TonyKlein
Path: C:\WINDOWS\system32\dla\
Long name: tfswshx.dll
Short name:
Date (created): 2/12/2006 1:17:50 AM
Date (last access): 3/26/2007 6:48:20 PM
Date (last write): 11/16/2004 2:05:00 AM
Filesize: 118842
Attributes: archive
MD5: 3B24B4891B10F3A17E5205688EEC14FB
CRC32: 9FB06BBD
Version: 1.4.8.0

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.5.0_11\bin\
Long name: ssv.dll
Short name:
Date (created): 12/15/2006 4:09:16 AM
Date (last access): 3/26/2007 6:48:20 PM
Date (last write): 12/15/2006 4:23:24 AM
Filesize: 440056
Attributes: archive
MD5: 38C5BE22267A9236E79B1401B5D71D04
CRC32: 2D9C7143
Version: 5.0.110.3

{7E853D72-626A-48EC-A868-BA8D5E23E045} ()
BHO name:
CLSID name:



--- ActiveX list ---
{00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class)
DPF name:
CLSID name: Checkers Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
description:
classification: Legitimate
known filename: msgrchkr.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: msgrchkr.dll
Short name:
Date (created): 5/29/2003 4:00:18 PM
Date (last access): 3/26/2007 6:46:52 PM
Date (last write): 5/29/2003 4:00:18 PM
Filesize: 77408
Attributes: archive
MD5: 42D567DF86B9B7AC4A89664C9651B68B
CRC32: 47FF3D19
Version: 7.1.9502.1

{14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
description:
classification: Legitimate
known filename: MessengerStatsPAClient.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MessengerStatsPAClient.dll
Short name: MESSEN~1.DLL
Date (created): 4/6/2004 7:03:54 PM
Date (last access): 3/26/2007 6:46:52 PM
Date (last write): 4/6/2004 7:03:54 PM
Filesize: 172072
Attributes: archive
MD5: 94D1773AEAA2197AFEE3A6F8404FE4E9
CRC32: 76C3823D
Version: 9.2.7513.1

{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
description:
classification: Legitimate
known filename: LegitCheckControl.DLL
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.dll
Short name: LEGITC~1.DLL
Date (created): 7/12/2005 6:04:22 PM
Date (last access): 3/26/2007 6:46:52 PM
Date (last write): 2/15/2007 7:01:04 PM
Filesize: 1476992
Attributes: archive
MD5: 6299685540C149FED6DBFD2CD587D1F4
CRC32: 6C1D4BDA
Version: 1.7.17.0

{2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class)
DPF name:
CLSID name: Minesweeper Flags Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
description:
classification: Legitimate
known filename: minesweeper.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: minesweeper.dll
Short name: MINESW~1.DLL
Date (created): 5/29/2003 4:00:22 PM
Date (last access): 3/26/2007 6:46:52 PM
Date (last write): 5/29/2003 4:00:22 PM
Filesize: 84064
Attributes: archive
MD5: F951FD0EA383DF2D49CA0359E4A86968
CRC32: 50A69718
Version: 7.1.9502.1

{5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class)
DPF name:
CLSID name: UnoCtrl Class
Installer: C:\WINDOWS\Downloaded Program Files\GAME_UNO1.INF
Codebase: http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: GAME_UNO1.dll
Short name: GAME_U~1.DLL
Date (created): 11/23/2006 12:22:42 AM
Date (last access): 3/26/2007 6:46:52 PM
Date (last write): 11/23/2006 12:22:42 AM
Filesize: 372736
Attributes: archive
MD5: 491C8F47C0DCFBC1B1329B9B368AA78F
CRC32: 5BFD37C9
Version: 1.0.1123.1

{7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class)
DPF name:
CLSID name: WScanCtl Class
Installer: C:\WINDOWS\Downloaded Program Files\webscan.inf
Codebase: http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
description:
classification: Legitimate
known filename: webscan.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: webscan.dll
Short name:
Date (created): 11/20/2006 12:02:34 PM
Date (last access): 3/26/2007 6:46:52 PM
Date (last write): 11/20/2006 12:02:34 PM
Filesize: 180282
Attributes: archive
MD5: 76EA3ABECE61FBA3C07F61E42BB0CA48
CRC32: AECD0E4D
Version: 1.1.0.1049

Snowy
2007-03-27, 03:23
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_11
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.5.0_11\bin\
Long name: NPJPI150_11.dll
Short name: NPJPI1~1.DLL
Date (created): 12/15/2006 4:09:16 AM
Date (last access): 3/24/2007 4:25:16 PM
Date (last write): 12/15/2006 4:23:26 AM
Filesize: 75528
Attributes: archive
MD5: 3B3F6984DBF972DAFF1B7E9C44E2FE75
CRC32: 4BDE2041
Version: 5.0.110.3

{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MessengerStatsClient.cab50997.cab
description:
classification: Legitimate
known filename: messengerstatsclient.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: messengerstatsclient.dll
Short name: MESSEN~2.DLL
Date (created): 5/29/2003 3:00:20 PM
Date (last access): 3/26/2007 6:46:52 PM
Date (last write): 5/29/2003 3:00:20 PM
Filesize: 160864
Attributes: archive
MD5: B069B555A00AA026F657AA4FD13AE154
CRC32: 89BB01E1
Version: 7.1.9502.1

{97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
Path: C:\WINDOWS\Downloaded Program Files\CONFLICT.1\
Long name: MessengerStatsPAClient.dll
Short name: MESSEN~1.DLL
Date (created): 1/29/2007 10:46:36 AM
Date (last access): 3/26/2007 6:46:52 PM
Date (last write): 1/29/2007 10:46:36 AM
Filesize: 234536
Attributes: archive
MD5: 569A41651A042A14D0D0F39FDEE44D12
CRC32: FE7A2287
Version: 9.5.5762.1

{B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer)
DPF name:
CLSID name: MSN Games - Installer
Installer:
Codebase: http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
description:
classification: Legitimate
known filename: ZIntro.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ZIntro.ocx
Short name:
Date (created): 7/18/2006 2:35:06 PM
Date (last access): 3/26/2007 6:46:52 PM
Date (last write): 1/24/2007 6:39:48 PM
Filesize: 149544
Attributes: archive
MD5: AA9F01AD8F571FAF01C52081943E7FCF
CRC32: 19359EEF
Version: 9.5.5579.1

{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_03
Installer:
Codebase: http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi142_03.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\j2re1.4.2_03\bin\
Long name: NPJPI142_03.dll
Short name: NPJPI1~1.DLL
Date (created): 11/19/2003 7:48:18 PM
Date (last access): 3/24/2007 4:13:42 PM
Date (last write): 11/19/2003 7:48:12 PM
Filesize: 65650
Attributes: archive
MD5: 2AD31341BE41AC9B086128AD86A2B53F
CRC32: 081CFB35
Version: 1.4.2.30

{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_06
Installer:
Codebase: http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
description:
classification: Legitimate
known filename: NPJPI142_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\j2re1.4.2_06\bin\
Long name: NPJPI142_06.dll
Short name: NPJPI1~1.DLL
Date (created): 9/28/2004 9:26:10 PM
Date (last access): 3/24/2007 4:15:02 PM
Date (last write): 9/28/2004 9:26:00 PM
Filesize: 65650
Attributes: archive
MD5: 69E5147BA901A9238C4EB08C84E1A85B
CRC32: 6CB34BCC
Version: 1.4.2.60

{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_02
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
description:
classification: Legitimate
known filename: NPJPI150_02.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_02\bin\
Long name: NPJPI150_02.dll
Short name: NPJPI1~1.DLL
Date (created): 3/4/2005 3:36:50 AM
Date (last access): 3/24/2007 4:16:20 PM
Date (last write): 3/4/2005 3:54:18 AM
Filesize: 69746
Attributes: archive
MD5: 6C9A4C573C0C771D99D902EE06DA3CBB
CRC32: 55F989EE
Version: 5.0.20.9

{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_04
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_04.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_04\bin\
Long name: NPJPI150_04.dll
Short name: NPJPI1~1.DLL
Date (created): 6/3/2005 3:52:58 AM
Date (last access): 3/24/2007 4:18:06 PM
Date (last write): 6/3/2005 4:09:54 AM
Filesize: 69746
Attributes: archive
MD5: 8548FE98BD687F35AFD0AED9C2A2DEE3
CRC32: 4058FA1B
Version: 5.0.40.5

{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 11/10/2005 2:03:56 PM
Date (last access): 3/24/2007 4:19:52 PM
Date (last write): 11/10/2005 2:22:10 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_09
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
description:
classification: Legitimate
known filename: NPJPI150_09.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_09\bin\
Long name: NPJPI150_09.dll
Short name: NPJPI1~1.DLL
Date (created): 10/12/2006 4:10:58 AM
Date (last access): 3/24/2007 4:21:40 PM
Date (last write): 10/12/2006 4:25:44 AM
Filesize: 69746
Attributes: archive
MD5: A3CDEB59B6B8C2EA81B9ED2D3EF4C95E
CRC32: 2A32A9A2
Version: 5.0.90.3

{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_10
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
Path: C:\Program Files\Java\jre1.5.0_10\bin\
Long name: NPJPI150_10.dll
Short name: NPJPI1~1.DLL
Date (created): 11/9/2006 4:07:34 PM
Date (last access): 3/24/2007 4:23:30 PM
Date (last write): 11/9/2006 4:21:54 PM
Filesize: 75528
Attributes: archive
MD5: 635F4B3A0F1C661B5CEDE628BA85E46B
CRC32: 0C9B7145
Version: 5.0.100.3

{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_11
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
Path: C:\Program Files\Java\jre1.5.0_11\bin\
Long name: NPJPI150_11.dll
Short name: NPJPI1~1.DLL
Date (created): 12/15/2006 4:09:16 AM
Date (last access): 3/26/2007 7:46:18 PM
Date (last write): 12/15/2006 4:23:26 AM
Filesize: 75528
Attributes: archive
MD5: 3B3F6984DBF972DAFF1B7E9C44E2FE75
CRC32: 4BDE2041
Version: 5.0.110.3

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_11
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_11\bin\
Long name: NPJPI150_11.dll
Short name: NPJPI1~1.DLL
Date (created): 12/15/2006 4:09:16 AM
Date (last access): 3/26/2007 7:46:18 PM
Date (last write): 12/15/2006 4:23:26 AM
Filesize: 75528
Attributes: archive
MD5: 3B3F6984DBF972DAFF1B7E9C44E2FE75
CRC32: 4BDE2041
Version: 5.0.110.3

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9b.ocx
Short name:
Date (created): 11/9/2006 3:46:28 PM
Date (last access): 3/26/2007 4:29:20 PM
Date (last write): 11/9/2006 3:46:28 PM
Filesize: 2262648
Attributes: readonly archive
MD5: F3B3EE66CA76C94510555ABE9D00A353
CRC32: A51F3CB4
Version: 9.0.28.0

{DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object)
DPF name:
CLSID name: WheelofFortune Object
Installer:
Codebase: http://messenger.zone.msn.com/binary/WoF.cab50997.cab
description:
classification: Legitimate
known filename: WoF.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: WoF.ocx
Short name:
Date (created): 5/7/2004 2:58:02 PM
Date (last access): 3/26/2007 6:46:52 PM
Date (last write): 11/22/2005 4:30:30 PM
Filesize: 2453032
Attributes: archive
MD5: 4160FDF3E1ED79832C0D952369E047B2
CRC32: CC08CE21
Version: 9.4.939.1



--- Process list ---
PID: 0 ( 0) [System]
PID: 584 ( 4) \SystemRoot\System32\smss.exe
PID: 632 ( 584) \??\C:\WINDOWS\system32\csrss.exe
PID: 660 ( 584) \??\C:\WINDOWS\system32\winlogon.exe
PID: 704 ( 660) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 716 ( 660) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 900 ( 704) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 968 ( 704) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1064 ( 704) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1156 ( 704) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1260 ( 704) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1316 ( 704) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
size: 108648
MD5: FE69C498B922CE835E2E2123FBD0A272
PID: 1528 ( 704) C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
size: 46736
MD5: CE045B180D34404FF3017C18D308E9C1
PID: 1884 ( 704) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1904 (1816) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 1396 ( 704) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
size: 198336
MD5: 0FCFBD0EDAA188B3D652DDCE6D16D866
PID: 1732 ( 704) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 2024 ( 704) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: C81B8635DEE0D3EF5F64B3DD643023A5
PID: 1124 ( 704) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 3224 (1904) C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
size: 75520
MD5: EDF5D27C6D244740418903626DF5741A
PID: 3248 (1904) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 115816
MD5: 25BE770865658CB79100117112819A7C
PID: 3276 (1904) C:\Program Files\MSN Messenger\MsnMsgr.Exe
size: 5674352
MD5: C4281AD865739E71FD1E4DAC19A68D60
PID: 4012 ( 704) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 3888 (1904) C:\Program Files\AIM6\aim6.exe
size: 50736
MD5: B6C1D859D1C25E80AB655BD5F4A6884B
PID: 3968 (3888) C:\Program Files\AIM6\aolsoftware.exe
size: 50736
MD5: C482C535CBFEFE722EC1EB7F11F680A3
PID: 3072 ( 704) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
size: 1087680
MD5: 6FDA95007C483C378824F86FE351AA9C
PID: 2532 (1904) C:\Program Files\Mozilla Firefox\firefox.exe
size: 7206509
MD5: 46B61D591E68BFE531DE21DDBB8222E8
PID: 3308 (1904) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 3/26/2007 7:46:19 PM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://runonce.msn.com/?v=msgrv75
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.dell4me.com/myway
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.dell4me.com/myway
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.dell4me.com/myway
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip

Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AAFD11FD-543A-45F2-B610-F0A1623C0D37}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Snowy
2007-03-27, 03:25
Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AAFD11FD-543A-45F2-B610-F0A1623C0D37}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B9C4D0A9-E472-4708-A07C-9623A9E86D17}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B9C4D0A9-E472-4708-A07C-9623A9E86D17}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2810EB22-763D-4D0C-9450-64BBD1758685}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2810EB22-763D-4D0C-9450-64BBD1758685}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{531D3D38-B38F-4A40-9052-52EFBA55506B}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{531D3D38-B38F-4A40-9052-52EFBA55506B}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace



--- Uninstall list ---
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com

(AddressBook)

Adobe Atmosphere Player for Acrobat and Adobe Reader (Adobe Atmosphere Player)
uninstall cmd: C:\WINDOWS\atmoUn.exe

Adobe Shockwave Player 10.1.3.18 (Adobe Shockwave Player)
uninstall cmd: C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
publisher: Adobe Systems, Inc.
help link: http://www.adobe.com/support/shockwave

AIM 6.0 (AIM_6.0)
uninstall cmd: C:\Program Files\AIM6\uninst.exe

ATI - Software Uninstall Utility 6.14.10.1016 (All ATI Software)
install location: C:\Program Files\ATI Technologies\UninstallAll
uninstall cmd: C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe

Ambush Pack 1.00 for Pocket Tanks Deluxe (Ambush Pack for Pocket Tanks Deluxe_is1)
uninstall cmd: "C:\Program Files\Pocket Tanks Deluxe\unins006.exe"
publisher: BlitWise Productions, LLC
help link: http://www.blitwise.com

AOL Instant Messenger (AOL Instant Messenger)
uninstall cmd: C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=

ATI Display Driver 8.342-070202a1-041238C-ATI (ATI Display Driver)
uninstall cmd: rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

Autodesk DWF Viewer 4.1 (Autodesk DWF Viewer)
version (major): 4
version (minor): 1
install date: 2007-03-23 03:45:57
install location: C:\Program Files\Autodesk\Autodesk DWF Viewer
install source: C:\DOCUME~1\Snowy\LOCALS~1\Temp\Rar$EX14.656\Bin\AcadFEUI\support\aev
uninstall cmd: C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove
publisher: Autodesk, Inc.
contact: supportinformation.en@autodesk.com
help link: http://www.autodesk.com/viewers

(Branding)

Chaos Pack 1.00 for Pocket Tanks Deluxe (Chaos Pack for Pocket Tanks Deluxe_is1)
uninstall cmd: "C:\Program Files\Pocket Tanks Deluxe\unins005.exe"
publisher: BlitWise Productions, LLC
help link: http://www.blitwise.com

CleanUp! (CleanUp!)
uninstall cmd: C:\Program Files\CleanUp!\uninstall.exe

(Connection Manager)

Dell Support 5.0.0 (630) (DellSupport)
uninstall cmd: rundll32 C:\PROGRA~1\DELLSU~1\AUInst.dll,ExUninstall

(Diablo II)

(DirectAnimation)

(DirectDrawEx)

DivX Content Uploader 1.1.0 (DivX Content Uploader)
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
publisher: DivX, Inc.

(dlatray.exe)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}

(DXM_Runtime)

Fireworks Pack v1.0 for Pocket Tanks Deluxe 1.0 (Fireworks Pack for Pocket Tanks Deluxe_is1)
install location: C:\Program Files\Pocket Tanks Deluxe\
uninstall cmd: "C:\Program Files\Pocket Tanks Deluxe\unins007.exe"
publisher: BlitWise Productions, LLC
help link: http://www.blitwise.com/support.html

Fish Tycoon (Fish Tycoon_is1)
install location: C:\Program Files\Fish Tycoon\
uninstall cmd: "C:\Program Files\Fish Tycoon\unins000.exe"

Flamethrower Pack 1.00a for Pocket Tanks Deluxe (Flamethrower Pack for Pocket Tanks Deluxe_is1)
uninstall cmd: "C:\Program Files\Pocket Tanks Deluxe\unins004.exe"
publisher: BlitWise Productions, LLC
help link: http://www.blitwise.com
(Fontcore)

GameSpy Arcade (GameSpy Arcade)
uninstall cmd: C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG

Gravity Pack v1.0 for Pocket Tanks Deluxe 1.0 (Gravity Pack for Pocket Tanks Deluxe_is1)
install location: C:\Program Files\Pocket Tanks Deluxe\
uninstall cmd: "C:\Program Files\Pocket Tanks Deluxe\unins008.exe"
publisher: BlitWise Productions, LLC
help link: http://www.blitwise.com/support.html

Half-Life: Counter-Strike (Half-Life: Counter-Strike)
uninstall cmd: C:\Sierra\COUNTE~1\UNWISE.EXE C:\Sierra\COUNTE~1\INSTALL.LOG

Heroes of Might and Magic® III (Heroes of Might and Magic® III)
uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\3DO\Heroes3\Uninst.isu" -c"C:\Program Files\3DO\Heroes3\uninst.dll

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\DOCUME~1\Snowy\LOCALS~1\Temp\Rar$EX00.781\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

(ICW)

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

IGN Download Manager 2.2.2 2.2.2 (IGN Download Manager)
uninstall cmd: C:\Program Files\IGN\Download Manager\uninst.exe
publisher: IGN Entertainment, Inc.

(InstallShield Uninstall Information)

iPod for Windows 2006-01-10 4.7.0 (InstallShield_{3D047C15-C859-45F7-81CE-F2681778069B})
version: 67567616
version (major): 4
version (minor): 7
estimated size: 52135
install date: 20060119
install location: C:\Program Files\iPod\
install source: C:\WINDOWS\Downloaded Installations\{00C2E789-F948-4BE1-8167-6E6447DC4CE2}\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3D047C15-C859-45F7-81CE-F2681778069B} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare
help link: http://www.info.apple.com
readme: http://www.info.apple.com/support/downloads.html

iPod for Windows 2005-10-12 4.3.0 (InstallShield_{D9F4A9F8-92C5-4289-9D04-F0F8F02D580A})
version: 67305472
version (major): 4
version (minor): 3
estimated size: 66864
install date: 20060109
install location: C:\Program Files\iPod\
install source: D:\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D9F4A9F8-92C5-4289-9D04-F0F8F02D580A} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare
help link: http://www.info.apple.com
readme: http://www.info.apple.com/support/downloads.html

Intel(R) 537EP V9x DF PCI Modem (Intel(R) 537EP V9x DF PCI Modem)
uninstall cmd: rundll32 IntelCci.dll,iSMUninstallation "Intel(R) 537EP V9x DF PCI Modem"

Windows XP Hotfix - KB834707 20040929.110854 (KB834707)
uninstall cmd: C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=834707

Windows XP Hotfix - KB867282 20050127.090417 (KB867282)
uninstall cmd: C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=867282

Windows XP Hotfix - KB873333 20050114.005213 (KB873333)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873333

Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339

(KB884016)

Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885250

Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835

Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836

Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185

Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472

Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887742

Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888113

Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302

Windows XP Hotfix - KB888310 20041027.095746 (KB888310)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888310

Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20050903
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046

Windows XP Hotfix - KB890047 20041221.124506 (KB890047)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890047

Windows XP Hotfix - KB890175 20041201.233338 (KB890175)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890175

Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20050412
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859

Windows XP Hotfix - KB890923 1 (KB890923)
install date: 20050412
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890923

Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781

Windows XP Hotfix - KB893066 1 (KB893066)
install date: 20050412
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893066

Windows XP Hotfix - KB893086 1 (KB893086)
install date: 20050412
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893086

Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20050903
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756

Windows Installer 3.1 (KB893803) 3.1 (KB893803)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467

Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467

Update for Windows XP (KB894391) 1 (KB894391)
install date: 20050903
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391

Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20050903
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358

Security Update for Windows XP (KB896422) 1 (KB896422)
install date: 20050903
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422

Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20050903
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423

Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20051110
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896424

Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20050903
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428

Security Update for Windows XP (KB896688) 1 (KB896688)
install date: 20051012
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896688

Update for Windows XP (KB896727) 1 (KB896727)
install date: 20050903
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896727

Security Update for Step By Step Interactive Training (KB898458) 20050502.101010 (KB898458)
install date: 20050903
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/898458

Update for Windows XP (KB898461) 1 (KB898461)
install date: 20050903
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461

Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20050903
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587

Security Update for Windows XP (KB899588) 1 (KB899588)
install date: 20050903
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899588

Security Update for Windows XP (KB899591) 1 (KB899591)
install date: 20050903
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591

Update for Windows XP (KB900485) 2 (KB900485)
install date: 20060427
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900485

Security Update for Windows XP (KB900725) 1 (KB900725)
install date: 20051012
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900725

Security Update for Windows XP (KB901017) 1 (KB901017)
install date: 20051012
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901017

Security Update for Windows XP (KB901214) 1 (KB901214)
install date: 20050903
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214

Snowy
2007-03-27, 03:26
Security Update for Windows XP (KB902400) 1 (KB902400)
install date: 20051012
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902400

Security Update for Windows XP (KB904706) 1 (KB904706)
install date: 20051012
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904706

Security Update for Windows XP (KB905414) 1 (KB905414)
install date: 20051012
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905414

Security Update for Windows XP (KB905749) 1 (KB905749)
install date: 20051012
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905749

Security Update for Windows XP (KB905915) 1 (KB905915)
install date: 20051214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905915

Security Update for Windows XP (KB908519) 1 (KB908519)
install date: 20060111
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908519

Security Update for Windows XP (KB908531) 1 (KB908531)
install date: 20060415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908531

Update for Windows XP (KB910437) 1 (KB910437)
install date: 20051214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=910437

Security Update for Windows XP (KB911280) 1 (KB911280)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911280

Security Update for Windows XP (KB911562) 1 (KB911562)
install date: 20060415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911562

Security Update for Windows Media Player (KB911564) (KB911564)
install date: 20060217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911564

Security Update for Windows Media Player 10 (KB911565) (KB911565)
install date: 20060217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911565

Security Update for Windows XP (KB911567) 1 (KB911567)
install date: 20060415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911567

Security Update for Windows XP (KB911927) 1 (KB911927)
install date: 20060217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911927

Security Update for Windows XP (KB912812) 1 (KB912812)
install date: 20060415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912812

Security Update for Windows XP (KB912919) 1 (KB912919)
install date: 20060108
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912919

Security Update for Windows XP (KB913446) 1 (KB913446)
install date: 20060217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913446

Security Update for Windows XP (KB913580) 1 (KB913580)
install date: 20060510
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913580

Security Update for Windows XP (KB914388) 1 (KB914388)
install date: 20060711
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914388

Security Update for Windows XP (KB914389) 1 (KB914389)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914389

Security Update for Windows XP (KB916281) 1 (KB916281)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916281

Update for Windows XP (KB916595) 1 (KB916595)
install date: 20060711
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916595

Security Update for Windows XP (KB917159) 1 (KB917159)
install date: 20060711
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917159

Security Update for Microsoft .NET Framework 2.0 (KB917283) 1 (KB917283.T1_1ToU93_1)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/917283

Security Update for Windows XP (KB917344) 1 (KB917344)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917344

Security Update for Windows XP (KB917422) 1 (KB917422)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917422

Security Update for Windows Media Player 10 (KB917734) (KB917734_WMP10)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=917734

Security Update for Windows XP (KB917953) 1 (KB917953)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917953

Security Update for Windows XP (KB918118) 1 (KB918118)
install date: 20070214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918118

Security Update for Windows XP (KB918439) 1 (KB918439)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918439

Security Update for Windows XP (KB918899) 1 (KB918899)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918899

Security Update for Windows XP (KB919007) 1 (KB919007)
install date: 20060913
uninstall cmd: "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=919007

Security Update for Windows XP (KB920213) 1 (KB920213)
install date: 20061116
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920213

Security Update for Windows XP (KB920214) 1 (KB920214)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920214

Security Update for Windows XP (KB920670) 1 (KB920670)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920670

Security Update for Windows XP (KB920683) 1 (KB920683)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920683

Security Update for Windows XP (KB920685) 1 (KB920685)
install date: 20060913
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920685

Update for Windows XP (KB920872) 1 (KB920872)
install date: 20060913
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920872

Security Update for Windows XP (KB921398) 1 (KB921398)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921398

Security Update for Windows XP (KB921883) 1 (KB921883)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921883

Update for Windows XP (KB922582) 1 (KB922582)
install date: 20060913
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922582

Security Update for Windows XP (KB922616) 1 (KB922616)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922616

Security Update for Windows XP (KB922760) 1 (KB922760)
install date: 20061116
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922760

Security Update for Microsoft .NET Framework 2.0 (KB922770) 1 (KB922770.T1_1ToU168_1)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/922770

Security Update for Windows XP (KB922819) 1 (KB922819)
install date: 20061014
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922819

Security Update for Windows XP (KB923191) 1 (KB923191)
install date: 20061014
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923191

Security Update for Windows XP (KB923414) 1 (KB923414)
install date: 20061014
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923414

Security Update for Windows XP (KB923689) (KB923689)
install date: 20061216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923689

Security Update for Windows XP (KB923694) 1 (KB923694)
install date: 20061216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923694

Security Update for Step By Step Interactive Training (KB923723) 20050502.101010 (KB923723)
install date: 20070214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/923723

Security Update for Windows XP (KB923980) 1 (KB923980)
install date: 20061116
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923980

Security Update for Windows XP (KB924191) 1 (KB924191)
install date: 20061014
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924191

Security Update for Windows XP (KB924270) 1 (KB924270)
install date: 20061116
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924270

Security Update for Windows XP (KB924496) 1 (KB924496)
install date: 20061014
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924496

Security Update for Windows XP (KB924667) 1 (KB924667)
install date: 20070214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924667

Security Update for Windows Media Player 6.4 (KB925398) (KB925398_WMP64)
install date: 20061216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=925398

Security Update for Windows XP (KB925454) 1 (KB925454)
install date: 20061216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925454

Security Update for Windows XP (KB925486) 1 (KB925486)
install date: 20060927
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925486

Security Update for Windows XP (KB926255) 1 (KB926255)
install date: 20061216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926255

Security Update for Windows XP (KB926436) 1 (KB926436)
install date: 20070214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926436

Security Update for Windows XP (KB927779) 1 (KB927779)
install date: 20070214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=927779

Security Update for Windows XP (KB927802) 1 (KB927802)
install date: 20070214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=927802

Security Update for Windows XP (KB928090) 1 (KB928090)
install date: 20070214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928090

Security Update for Windows XP (KB928255) 1 (KB928255)
install date: 20070214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928255

Security Update for Windows XP (KB928843) 1 (KB928843)
install date: 20070214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928843

Update for Windows XP (KB929338) 1 (KB929338)
install date: 20070315
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929338

Security Update for Windows XP (KB929969) 1 (KB929969)
install date: 20070112
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929969

Update for Windows XP (KB931836) 1 (KB931836)
install date: 20070214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931836

LimeWire 4.12.6 4.12.6 (LimeWire)
uninstall cmd: "C:\Program Files\LimeWire\uninstall.exe"
publisher: Lime Wire, LLC
help link: http://www.limewire.com/support

LiveUpdate 3.1 (Symantec Corporation) 3.1.0.99 (LiveUpdate)
install location: "C:\Program Files\Symantec\LiveUpdate"
uninstall cmd: "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
publisher: Symantec Corporation

Logitech Print Service (Logitech Print Service)
uninstall cmd: C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG

Microsoft .NET Framework 1.1 Hotfix (KB886903) (M886903)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"

Meteor Pack 1.00 for Pocket Tanks Deluxe (Meteor Pack for Pocket Tanks Deluxe_is1)
uninstall cmd: "C:\Program Files\Pocket Tanks Deluxe\unins002.exe"
publisher: BlitWise Productions, LLC
help link: http://www.blitwise.com

Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

Microsoft .NET Framework 2.0 (Microsoft .NET Framework 2.0)
install location: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=45396

(Microsoft Interactive Training)
uninstall cmd: C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu

MSN Gaming Zone (Microsoft Internet Gaming Zone)
uninstall cmd: C:\PROGRA~1\MSNGAM~1\zsetup.exe /Uninstall

Snowy
2007-03-27, 03:27
mIRC (mIRC)
uninstall cmd: "C:\Program Files\mIRC\mirc.exe" -uninstall

(MobileOptionPack)

Move Networks Player for Firefox (Move Player_is1)
install date: 20070323
install location: C:\Program Files\Mozilla Firefox\plugins\
uninstall cmd: "C:\Program Files\Mozilla Firefox\plugins\unins000.exe"
publisher: Move Networks
help link: http://www.movenetworks.com

Mozilla Firefox (1.5.0.11) 1.5.0.11 (en-US) (Mozilla Firefox (1.5.0.11))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5.0.11 (en-US)"
publisher: Mozilla

(MPlayer2)

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

(NetMeeting)

Nuke Pack 1.00 for Pocket Tanks Deluxe (Nuke Pack for Pocket Tanks Deluxe_is1)
uninstall cmd: "C:\Program Files\Pocket Tanks Deluxe\unins001.exe"
publisher: BlitWise Productions, LLC
help link: http://www.blitwise.com

(OutlookExpress)

PacMania II (PacMania II)
uninstall cmd: C:\Program Files\Alawar\PacMania II\uninstal.exe

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Pocket Tanks Deluxe 1.00a (Pocket Tanks Deluxe_is1)
uninstall cmd: "C:\Program Files\Pocket Tanks Deluxe\unins000.exe"
publisher: BlitWise Productions, LLC
help link: http://www.blitwise.com/support.html

Power Pack 1.00 for Pocket Tanks Deluxe (Power Pack for Pocket Tanks Deluxe_is1)
uninstall cmd: "C:\Program Files\Pocket Tanks Deluxe\unins003.exe"
publisher: BlitWise Productions, LLC
help link: http://www.blitwise.com

Intel(R) PRO Network Adapters and Drivers (PROSet)
uninstall cmd: Prounstl.exe

Logitech® Camera Driver (QcDrv)
install location: C:\Program Files\Common Files\Logitech\QCDRV
install source: C:\Program Files\Logitech\QuickCamWebInstall\Drivers\Bin
uninstall cmd: "C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT

Radio@Netscape (Radio@Netscape)
uninstall cmd: C:\Program Files\Radio@Netscape\Uninstall Radio@Netscape.exe

(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

RealPlayer (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

(RecordNow.exe)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}

(SchedulingAgent)

(Sevinst)

(SGTRAY.EXE)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature

(Shockwave)

Adobe Flash Player 9 ActiveX 9 (ShockwaveFlash)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
publisher: Adobe Systems
help link: http://www.adobe.com/go/flashplayer_support/

Sierra On-Line Games (Remove only) (Sierra Uninstall)
uninstall cmd: C:\DELL\drivers\R90275\Setup.exe /U

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

SpywareBlaster v3.3 3.3.0 (SpywareBlaster_is1)
install location: C:\Program Files\SpywareBlaster\
uninstall cmd: "C:\Program Files\SpywareBlaster\unins000.exe"
publisher: Javacool Software LLC

Steam (Steam)
uninstall cmd: C:\PROGRA~1\Valve\Steam\UNWISE.EXE C:\PROGRA~1\Valve\Steam\INSTALL.LOG
publisher: Valve
help link: http://www.steampowered.com/

Learn2 Player (Uninstall Only) (StreetPlugin)
uninstall cmd: C:\Program Files\Learn2.com\StRunner\stuninst.exe

Norton Internet Security (Symantec Corporation) 10.0.0.86 (SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B})
install location: C:\Program Files\Norton Internet Security
install source: D:
uninstall cmd: "C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_0_0_86\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe" /X
publisher: Symantec Corporation

System Requirements Lab (System Requirements Lab)
uninstall cmd: C:\Program Files\Common Files\SystemRequirementsLab\Uninstall.exe

Viewpoint Media Player (ViewpointMediaPlayer)
uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u

Windows Genuine Advantage Notifications (KB905474) 1.7.0017.0 (WgaNotify)
install date: 20070228
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905474

Windows Media Format Runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Player 10 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

WinISO 5.3 (WinISO_is1)
uninstall cmd: "C:\Program Files\WinISO\unins000.exe"
publisher: WinISO Computing Inc.
help link: http://www.winiso.com

WinRAR archiver (WinRAR archiver)
uninstall cmd: C:\Program Files\WinRAR\uninstall.exe

World of Warcraft (World of Warcraft)
uninstall cmd: C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe

Zuma Deluxe 1.0 (Zuma Deluxe 1.0)
uninstall cmd: C:\Program Files\PopCap Games\Zuma Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Zuma Deluxe\Install.log"

Catalyst Control Center Graphics Full New 2007.0202.1923.34565 ({03A26689-82BB-6FF9-1FDA-93B18547C8C8})
version (major): 2007
version (minor): 202
estimated size: 473
install date: 20070223
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Graphics-Full-New\
publisher: ATI

ATI Catalyst Control Center 1.007.2007.0202 ({055EE59D-217B-43A7-ABFF-507B966405D8})
version: 17237975
install location: C:\Program Files\ATI Technologies\ATI Catalyst Control Center
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0

Sonic Update Manager 2.9 ({09DA4F91-2A09-4232-AB8C-6BC740096DE3})
version: 34144256
version (major): 2
version (minor): 9
estimated size: 900
install date: 20050501
install source: D:\SENTRY_MSI\
uninstall cmd: MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
publisher: Sonic Solutions

Microsoft Plus! Photo Story 2 LE 1.1.0.3463 ({0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B})
version: 16842752
version (major): 1
version (minor): 1
install date: 20050221
uninstall cmd: MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
publisher: Microsoft Corporation
readme: C:\Program Files\Microsoft Plus! Photo Story 2 LE\Readme.htm

DeadAIM 4.5.11 ({0F8F3415-CB0A-49A6-A23A-D8390444B127})
version: 67436555
version (major): 4
version (minor): 5
estimated size: 309
install date: 20050307
install location: C:\Program Files\AIM\
install source: C:\WINDOWS\Downloaded Installations\{E1945072-8AFC-42A3-9E3B-9C679E090B26}\
uninstall cmd: MsiExec.exe /I{0F8F3415-CB0A-49A6-A23A-D8390444B127}
publisher: JDennis.net Ltd
comments: DeadAIM - The AIM Enhancer
contact: Customer Support Department
help link: http://www.jdennis.net/forums
help telephone: N/A

Sonic DLA 4.95.3 ({1206EF92-2E83-4859-ACCB-2048C3CB7DA6})
version: 73334787
version (major): 4
version (minor): 95
estimated size: 2649
install date: 20060212
install source: C:\DELL\drivers\R90275\
uninstall cmd: MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
publisher: Sonic Solutions
help link: http://support.sonic.com/

Intel(R) PROSet for Wired Connections 8.00.5000 ({17334AAF-C9E7-483B-9F45-E3FCAF07FFA7})
version: 134222728
version (major): 8
install date: 20050221
uninstall cmd: MsiExec.exe /I{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}
publisher: Dell
comments: Intel(R) PROSet installation package
contact: Dell Customer Support
help link: http://support.dell.com

AutoUpdate 1.1 ({18D10072035C4515918F7E37EAFAACFC})
install location: C:\Program Files\DivX

Sonic MyDVD 5.3.0 ({21657574-BD54-48A2-9450-EB03B2C7FC29})
version: 84082688
version (major): 5
version (minor): 3
estimated size: 84777
install date: 20050501
install source: D:\MYDVD_53\
uninstall cmd: MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
publisher: Sonic Solutions
help link: http://support.sonic.com/

Skins 2007.0202.1923.34565 ({21BC2871-0B96-9EC1-6CBF-A0B9BCBC0D89})
version (major): 2007
version (minor): 202
estimated size: 3380
install date: 20070223
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Skins\
publisher: ATI

SymNet 7.0.0.170 ({2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2})
version: 117440512
version (major): 7
estimated size: 3062
install date: 20070128
install source: D:\Support\SymNet\
uninstall cmd: MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
publisher: Symantec Corporation

J2SE Runtime Environment 5.0 Update 2 1.5.0.20 ({3248F0A8-6813-11D6-A77B-00B0D0150020})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 120657
install date: 20050412
install source: http://java.sun.com/webapps/download/GetFile/1.5.0_02-b09/windows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_02\README.txt

J2SE Runtime Environment 5.0 Update 4 1.5.0.40 ({3248F0A8-6813-11D6-A77B-00B0D0150040})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 121261
install date: 20050926
install source: http://java.sun.com/webapps/download/GetFile/1.5.0_04-b05/windows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_04\README.txt

J2SE Runtime Environment 5.0 Update 6 1.5.0.60 ({3248F0A8-6813-11D6-A77B-00B0D0150060})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 122273
install date: 20051212
install source: http://jdl.sun.com/webapps/download/GetFile/1.5.0_06-b05/windows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_06\README.txt

J2SE Runtime Environment 5.0 Update 9 1.5.0.90 ({3248F0A8-6813-11D6-A77B-00B0D0150090})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 122833
install date: 20061112
install source: http://jdl.sun.com/webapps/download/GetFile/1.5.0_09-b03/windows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_09\README.txt

J2SE Runtime Environment 5.0 Update 10 1.5.0.100 ({3248F0A8-6813-11D6-A77B-00B0D0150100})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 122989
install date: 20070112
install source: http://javadl.sun.com/webapps/download/GetFile/1.5.0_10-b03/windows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_10\README.txt

J2SE Runtime Environment 5.0 Update 11 1.5.0.110 ({3248F0A8-6813-11D6-A77B-00B0D0150110})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 123326
install date: 20070212
install source: http://javadl.sun.com/webapps/download/GetFile/1.5.0_11-b03/windows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_11\README.txt

Windows Media Player 10 9.00.3636 ({33BB4982-DC52-4886-A03B-F4C5C80BEE89})
version: 150998580
version (major): 9
install date: 20050221
uninstall cmd: MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=9647

WebFldrs XP 9.50.7523 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2456
install date: 20040810
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows

Internet Explorer Default Page 1.00.03 ({35BDEFF1-A610-4956-A00D-15453C116395})
version: 16777219
version (major): 1
install date: 20050221
uninstall cmd: MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395}
publisher: Dell Inc.
comments: Your Comments
contact: Customer Support Department
help link: http://support.dell.com
help telephone: 0

MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F})
version: 68429425
version (major): 4
version (minor): 20
estimated size: 2625
install date: 20070323
install source: c:\5c1c923c6821336ef9268a6305\
uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/927978

ccc-core-static 2007.0202.1923.34565 ({3CBBEE47-C8F4-316A-92FF-ED7E3DFAE41E})
version (major): 2007
version (minor): 202
estimated size: 4156
install date: 20070223
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Core-Static\
publisher: ATI

ccCommon 106.0.1.10 ({3CCAD2EF-CFF2-4637-82AA-AABF370282D3})
version: 1778384897
version (major): 106
estimated size: 6489
install date: 20070128
install source: D:\Support\ccCommon\
uninstall cmd: MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
publisher: Symantec

iPod for Windows 2006-01-10 4.7.0 ({3D047C15-C859-45F7-81CE-F2681778069B})
version: 67567616
version (major): 4
version (minor): 7
estimated size: 52135
install date: 20060119
install location: C:\Program Files\iPod\
install source: C:\WINDOWS\Downloaded Installations\{00C2E789-F948-4BE1-8167-6E6447DC4CE2}\
publisher: Apple Computer, Inc.
contact: AppleCare
help link: http://www.info.apple.com
readme: http://www.info.apple.com/support/downloads.html

Modem On Hold 1.12 ({3F92ABBB-6BBF-11D5-B229-002078017FBF})
version (major): 1
version (minor): 12
install location: C:\Program Files\Modem On Hold
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
publisher: BVRP Software, Inc

8.00.0005 ({403EF592-953B-4794-BCEF-ECAB835C2095})
version: 134217733
version (major): 8
install date: 20050221
install source: C:\DELL\d5526\
uninstall cmd: MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
publisher: Intel
comments: Pseudo NCS Install
contact: Customer Support Department
help link: http://www.intel.com
help telephone: 1-555-555-4505

Catalyst Control Center Graphics Previews Common 2007.0202.1923.34565 ({410DB4DE-354D-F472-F66D-FCFF345A8960})
version (major): 2007
version (minor): 202
estimated size: 2118
install date: 20070223
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Graphics-Previews-Common\
publisher: ATI

Adobe Stock Photos 1.0 1.0.4 ({47813E93-F2A0-484A-838E-47EC1B28D190})
version: 16777220
version (major): 1
estimated size: 7777
install date: 20051115
install location: C:\Program Files\Adobe\Adobe Stock Photos\
install source: C:\DOCUME~1\Snowy\LOCALS~1\Temp\
uninstall cmd: MsiExec.exe /I{47813E93-F2A0-484A-838E-47EC1B28D190}
publisher: Adobe Systems
comments: Your Comments
contact: Customer Support Department
help link: http://www.adobe.com
help telephone: 1-555-555-4505

Norton Internet Security 10.0.0.86 ({48185814-A224-447a-81DA-71BD20580E1B})
version: 167772160
version (major): 10
estimated size: 9054
install date: 20070128
install source: D:\Setup\
uninstall cmd: MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B}
publisher: Symantec Corporation

Norton Confidential Browser Component 1.0.0.133 ({4843B611-8FCB-4428-8C23-31D0A5EAE164})
version: 16777216
version (major): 1
estimated size: 2565
install date: 20070128
install source: D:\Support\NCO\
uninstall cmd: MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
publisher: Symantec Corporation

Snowy
2007-03-27, 03:28
Banctec Service Agreement 1.10.0000 ({4B9F45E8-E3CE-40B4-9463-80A9B3481DEF})
version: 17432576
version (major): 1
version (minor): 10
install date: 20050221
uninstall cmd: MsiExec.exe /X{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}
publisher: Dell
comments: Go to http://support.dell.com.
contact: Dell Support
help link: http://support.dell.com
help telephone: 0

Palm Desktop 4.1.0300 ({4D8314D2-11FE-4397-A7CC-7015CFF50BCE})
version: 67174700
version (major): 4
version (minor): 1
estimated size: 37106
install date: 20050406
install source: D:\Palm Desktop\
uninstall cmd: MsiExec.exe /X{4D8314D2-11FE-4397-A7CC-7015CFF50BCE}
publisher: Palm, Inc.
comments: For troubleshooting help try the Palm Knowledge Finder at www.palm.com/support.
contact: Palm Customer Support
help link: http://www.palm.com/support
help telephone: None
readme: Readme_eng.txt

Documents To Go 6.002.643 ({4E7E8E6A-15F1-4E26-9352-26AD235131E9})
version: 100795011
version (major): 6
version (minor): 2
estimated size: 21657
install date: 20050406
install source: C:\DOCUME~1\Snowy\LOCALS~1\Temp\pft35~tmp\
uninstall cmd: MsiExec.exe /X{4E7E8E6A-15F1-4E26-9352-26AD235131E9}
publisher: DataViz Inc.
comments: comments
contact: Customer Support Department
help link: http://support.dataviz.com
help telephone: 1-203-874-0085

Windows Live Messenger 8.1.0178.00 ({571700F0-DB9D-4B3A-B03D-35A14BB5939F})
version: 134283442
version (major): 8
version (minor): 1
estimated size: 31819
install date: 20070203
install source: C:\DOCUME~1\Snowy\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
publisher: Microsoft Corporation

AutoCAD 2005 - English 16.1.63.10 ({5783F2D7-0301-0409-0002-0060B0CE6BBA})
version: 268501055
version (major): 16
version (minor): 1
estimated size: 338948
install date: 20070323
install source: C:\DOCUME~1\Snowy\LOCALS~1\Temp\Rar$EX14.656\Bin\AcadFEUI\
uninstall cmd: MsiExec.exe /I{5783F2D7-0301-0409-0002-0060B0CE6BBA}
publisher: Autodesk

Dell Driver Reset Tool 1.02.0000 ({5905F42D-3F5F-4916-ADA6-94A3646AEE76})
version: 16908288
version (major): 1
version (minor): 2
install date: 20050221
uninstall cmd: MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
publisher: Dell Inc.
comments:
contact: Customer Support Department
help link: http://support.dell.com
help telephone:

Logitech ImageStudio 7.30.0000 ({5A24DD7E-7B01-41AC-ADA8-F1776177A3BA})
version: 119406592
version (major): 7
version (minor): 30
estimated size: 147828
install date: 20050404
install location: C:\Program Files\Logitech\ImageStudio\
install source: D:\ImageStudio\enu\
uninstall cmd: MsiExec.exe /I{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}
publisher: Logitech, Inc.
contact: Logitech® Customer Support
help link: http://www.logitech.com/support
help telephone: USA: (702) 269-3457 UK: +44 (0) 1344-894301
readme: C:\Program Files\Logitech\ImageStudio\Readme.txt

Norton Internet Security 10.0.0.86 ({5AA2CD16-706F-41f3-87C5-2B5A031F2B3B})
version: 167772160
version (major): 10
estimated size: 57439
install date: 20070128
install source: D:\Setup\
uninstall cmd: MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}
publisher: Symantec Corporation

QuickTime 7.1.5.120 ({5E863175-E85D-44A6-8968-82507D34AE7F})
version: 117506053
version (major): 7
version (minor): 1
estimated size: 72139
install date: 20070312
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\Snowy\LOCALS~1\Temp\IXP261.TMP\
uninstall cmd: MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

ccc-utility 2007.0202.1923.34565 ({5F49D1B0-D558-F251-715E-A46CD0A30FED})
version (major): 2007
version (minor): 202
estimated size: 249
install date: 20070223
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Utility\
publisher: ATI

Catalyst Control Center Graphics Light 2007.0202.1923.34565 ({61BA2A5B-881D-EEF7-F5D2-5EFAF7CCBDA9})
version (major): 2007
version (minor): 202
estimated size: 3037
install date: 20070223
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Graphics-Light\
publisher: ATI

({62369F2F77534556AEF4C58152E3BDE5})

Windows Genuine Advantage v1.3.0254.0 1.3.0254.0 ({63569CE9-FA00-469C-AF5C-E5D4D93ACF91})
version: 16974078
version (major): 1
version (minor): 3
estimated size: 519
install date: 20050903
install source: C:\DOCUME~1\Snowy\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
publisher: Microsoft
comments: Your Comments
contact: Customer Support Department
help link: http://www.microsoft.com/genuine/downloads/whyValidate.aspx/help
help telephone: 1-425.882.8080

Catalyst Control Center Core Implementation 2007.0202.1923.34565 ({651E5E05-3416-E761-B919-37EF1F4272F9})
version (major): 2007
version (minor): 202
estimated size: 6944
install date: 20070223
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Core-Implementation\
publisher: ATI

PowerDVD 5.3 ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall

Photo Click 1.0.0 ({6E179C77-7335-458D-9537-4F4EAC0181ED})
version: 16777216
version (major): 1
install date: 20050221
install location: C:\Program Files\Dell\Media Experience\Plugins\
uninstall cmd: MsiExec.exe /I{6E179C77-7335-458D-9537-4F4EAC0181ED}
publisher: Photo Click
comments:
contact: Customer Support Department
help link:
help telephone:

Microsoft Plus! Digital Media Edition Installer 1.1.0.3514 ({6E45BA47-383C-4C1E-8ED0-0D4845C293D7})
version: 16842752
version (major): 1
version (minor): 1
install date: 20050221
uninstall cmd: MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
publisher: Microsoft Corporation

Microsoft .NET Framework 2.0 2.0.50727 ({7131646D-CD3C-40F4-97B9-CD9E4E6262EF})
version: 33605159
version (major): 2
estimated size: 218792
install date: 20070223
install source: C:\DOCUME~1\Snowy\LOCALS~1\Temp\IXP000.TMP\
publisher: Microsoft Corporation

Java 2 Runtime Environment, SE v1.4.2_03 1.4.2_03 ({7148F0A8-6813-11D6-A77B-00B0D0142030})
version (major): 1
version (minor): 4
estimated size: 139992
install date: 20050221
install source: C:\Documents and Settings\Owner\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}\
uninstall cmd: MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
publisher: Sun Microsystems, Inc.
comments: http://www.java.com
contact: http://www.java.com
help link: http://www.java.com
help telephone: http://www.java.com
readme: Readme.txt

Java 2 Runtime Environment, SE v1.4.2_06 1.4.2_06 ({7148F0A8-6813-11D6-A77B-00B0D0142060})
version (major): 1
version (minor): 4
estimated size: 110872
install date: 20050312
install source: http://java.sun.com/webapps/download/GetFile/1.4.2_06-b03/windows-i586/
uninstall cmd: MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142060}
publisher: Sun Microsystems, Inc.
comments: http://www.java.com
contact: http://www.java.com
help link: http://www.java.com
help telephone: http://www.java.com
readme: Readme.txt

CCC Help English 2007.0202.1922.34565 ({7191C910-3F72-B2CA-0FA5-F0E78F5F8FD2})
version (major): 2007
version (minor): 202
estimated size: 1037
install date: 20070223
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Help\en-US\
publisher: ATI

Dell System Restore 2.00.0000 ({74F7662C-B1DB-489E-A8AC-07A06B24978B})
version: 33554432
version (major): 2
install date: 20050221
publisher: Dell Inc.
comments: N/A
contact: Customer Support Department
help link: http://support.dell.com
help telephone: 1-800-624-9896

6.2.1 ({7585478E9D9B42108671C12F8714CEFE})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
publisher: DivX, Inc.

SPBBC 32bit 3.0.1.10 ({77772678-817F-4401-9301-ED1D01A8DA56})
version: 50331649
version (major): 3
estimated size: 3628
install date: 20070128
install location: C:\Program Files\Norton Internet Security
install source: D:\Support\SPBBC\
uninstall cmd: MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
publisher: Symantec Corporation

Ventrilo Client 2.3.0 ({789289CA-F73A-4A16-A331-54D498CE069F})
version: 33751040
version (major): 2
version (minor): 3
estimated size: 2392
install date: 20051107
install source: C:\Program Files\Common Files\Wise Installation Wizard\
uninstall cmd: MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
publisher: Flagship Industries, Inc.
help link: http://www.ventrilo.com

Modem Event Monitor ({7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}\setup.exe" -l0x9

Palm VersaMail(tm) 2.61.1100 ({7B0ADD54-01D9-45E7-964A-B4A334F12034})
version: 37553228
version (major): 2
version (minor): 61
estimated size: 3959
install date: 20050406
install source: C:\DOCUME~1\Snowy\LOCALS~1\Temp\_isE\
publisher: Palm, Inc.
comments: Palm VersaMail(tm) Setup
contact: Customer Support Department
help link: http://www.palm.com/support
help telephone: 1-847-262-7256
readme:

DivX Codec 6.5.1 ({7B63B2922B174135AFC0E1377DD81EC2})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
publisher: DivX, Inc.

Modem Helper 2.25 ({7F142D56-3326-11D5-B229-002078017FBF})
install location: C:\Program Files\Modem Helper
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
publisher: BVRP Software

Jasc Paint Shop Pro 8 Dell Edition 8.10.0000 ({81A34902-9D0B-4920-A25C-4CDC5D14B328})
version: 134873088
version (major): 8
version (minor): 10
install date: 20050221
uninstall cmd: MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
publisher: Jasc Software Inc
comments: Jasc Software Inc Paint Shop Pro 8
contact: Customer Support Department
help link: http://www.jasc.com/support2.asp
help telephone: (952) 930-9171

Norton AntiVirus 14.0.0.89 ({830D8CBD-C668-49e2-A969-C2C2106332E0})
version: 234881024
version (major): 14
estimated size: 52740
install date: 20070128
install source: D:\NAV\
uninstall cmd: MsiExec.exe /X{830D8CBD-C668-49e2-A969-C2C2106332E0}
publisher: Symantec Corporation

DivX Player 6.4.2 ({8ADFC4160D694100B5B8A22DE9DCABD9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
publisher: DivXNetworks, Inc.

Logitech Desktop Messenger 2.30.04 ({900B1197-53F5-4F46-A882-2CFFFE2EEDCB})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x9 UNINSTALL
publisher: Logitech, Inc.
contact: Logitech Customer Support
help link: www.logitech.com/support

Microsoft Office Professional Edition 2003 11.0.6361.0 ({90110409-6000-11D3-8CFE-0150048383C9})
version: 184555737
version (major): 11
estimated size: 379343
install date: 20050327
install source: C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\
uninstall cmd: MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\OFFICE11\1033\OFREADME.HTM

Sonic RecordNow! 7.3 ({9541FED0-327F-4DF0-8B96-EF57EF622F19})
version: 117637120
version (major): 7
version (minor): 3
estimated size: 25698
install date: 20050501
install source: D:\RECORDNOW_73\
uninstall cmd: MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
publisher: Sonic Solutions
help link: http://support.sonic.com/

Logitech IM Video Companion 1.3.0.2041 ({984F10FD-11FD-4BED-8163-92DB81E6A825})
install source: D:\VideoIM\ENU\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{984F10FD-11FD-4BED-8163-92DB81E6A825}\Setup.exe" -l0x9 UNINSTALL
publisher: Logitech
help link: http://support.logitech.com

Norton Protection Center 2007.1.0.118 ({9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8})
version (major): 2007
version (minor): 1
estimated size: 5734
install date: 20070128
install source: D:\Support\uiNPC\
uninstall cmd: MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}
publisher: Symantec Corporation

Apple Software Update 1.1.0.3 ({A260B422-70E1-41E2-957D-F76FA21266D5})
version: 16842752
version (major): 1
version (minor): 1
estimated size: 2472
install date: 20070312
install location: C:\Program Files\Apple Software Update\
install source: C:\DOCUME~1\Snowy\LOCALS~1\Temp\IXP261.TMP\
uninstall cmd: MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

iTunes 7.1.1.5 ({AB90749C-7422-4580-8A7A-66CC5E9E5F98})
version: 117506049
version (major): 7
version (minor): 1
estimated size: 51658
install date: 20070319
install location: C:\Program Files\iTunes\
install source: C:\Program Files\Apple Software Update\Packages\
uninstall cmd: MsiExec.exe /I{AB90749C-7422-4580-8A7A-66CC5E9E5F98}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Dell Media Experience 3.0 ({AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B})
version: 50331648
version (major): 3
install date: 20050221
uninstall cmd: MsiExec.exe /I{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}
publisher: Dell

Adobe Reader 7.0.7 7.0.7 ({AC76BA86-7AD7-1033-7B44-A70000000000})
version: 117440519
version (major): 7
estimated size: 63275
install date: 20060407
install source: C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\ENU\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
publisher: Adobe Systems Incorporated
comments:
contact:
help link: http://www.adobe.com/support/main.html
help telephone:
readme: C:\Program Files\Adobe\Acrobat 7.0\Reader\Readme.htm

PENTAX USB DISK Device 1.02.0000 ({AEE9ABDF-CFFD-4CC2-8519-E8ECEB5A2AAF})
version: 16908288
version (major): 1
version (minor): 2
estimated size: 64
install date: 20050305
install source: D:\USB\ENG\disk1\
uninstall cmd: MsiExec.exe /X{AEE9ABDF-CFFD-4CC2-8519-E8ECEB5A2AAF}
publisher: PENTAX

DivX Converter 6.2.1 ({B13A7C41581B411290FBC0395694E2A9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
publisher: DivX, Inc.

DivX Web Player 1.3.0 ({B7050CBDB2504B34BC2A9CA0A692CC29})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
publisher: DivX,Inc.

Adobe Bridge 1.0 001.000.003 ({B74D4E10-6884-0000-0000-000000000103})
version: 16777219
version (major): 1
estimated size: 89201
install date: 20060410
install location: C:\Program Files\Adobe\Adobe Bridge\
install source: C:\DOCUME~1\Snowy\LOCALS~1\Temp\
uninstall cmd: MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
publisher: Adobe Systems
comments: Your Comments
contact: Customer Support Department
help link: http://www.adobe.com/support/main.html

MSRedist 1.0.0.0 ({B7C61755-DB48-4003-948F-3D34DB8EAF69})
version: 16777216
version (major): 1
estimated size: 3394
install date: 20070128
install source: D:\Support\Redist\
uninstall cmd: MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
publisher: Symantec Corporation

Logitech QuickCam Software 8.47.0000 ({C43048A9-742C-4DAD-90D2-E3B53C9DB825})
version: 137297920
install location: C:\Program Files\Logitech\Video
install source: C:\Program Files\Logitech\QuickCamWebInstall\AppInst\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x9
publisher: Logitech, Inc.
contact: Logitech Customer Support
help link: http://www.logitech.com/support
help telephone: USA: (702) 269-3457 UK: +44 (0) 1344-894301
readme: C:\Program Files\Logitech\Video\Readme.txt

Symantec Technical Support Web Controls 1.0.0 ({C4868E88-F5B5-4E45-9592-C7062BD97441})
version: 16777216
version (major): 1
estimated size: 7405
install date: 20070128
install source: C:\Documents and Settings\Snowy\Local Settings\Temporary Internet Files\Content.IE5\EBS4A07C\
uninstall cmd: MsiExec.exe /X{C4868E88-F5B5-4E45-9592-C7062BD97441}
publisher: Symantec Corporation
contact: Symantec Corporation

Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 60747
install date: 20050305
install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

Snowy
2007-03-27, 03:30
Jasc Paint Shop Photo Album 4.0.3 ({CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0})
version: 67108867
version (major): 4
install date: 20050221
uninstall cmd: MsiExec.exe /I{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}
publisher: Jasc Software, Inc.
comments:
contact: Customer Support Department
help link: http://www.jasc.com
help telephone: (952) 930 - 9171
readme: readme.html

Dell Media Experience Update ({CDE4CC8B-134B-421E-943C-90799E56F664})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CDE4CC8B-134B-421E-943C-90799E56F664}\setup.exe" -l0x9 -L0x9 /SMAINT

Norton Confidential Web Protection Component 1.0.0.133 ({D353CC51-430D-4C6F-9B7E-52003DA1E05A})
version: 16777216
version (major): 1
estimated size: 965
install date: 20070128
install source: D:\Support\NCO\
uninstall cmd: MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
publisher: Symantec Corporation

Symantec Real Time Storage Protection Component 10.1.4.2 ({D6E6FA4A-5445-4850-8365-CF216C1CBB7A})
version: 167837700
version (major): 10
version (minor): 1
estimated size: 1591
install date: 20070201
install source: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\Updt520\
publisher: Symantec Corporation

iPod for Windows 2005-10-12 4.3.0 ({D9F4A9F8-92C5-4289-9D04-F0F8F02D580A})
version: 67305472
version (major): 4
version (minor): 3
estimated size: 66864
install date: 20060109
install location: C:\Program Files\iPod\
install source: D:\
publisher: Apple Computer, Inc.
contact: AppleCare
help link: http://www.info.apple.com
readme: http://www.info.apple.com/support/downloads.html

Norton Internet Security 10.0.0 ({E3EFA461-EB83-4C3B-9C47-2C1D58A01555})
version: 167772160
version (major): 10
estimated size: 1200
install date: 20070128
install source: D:\Support\HelpMSI\
uninstall cmd: MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
publisher: Symantec Corp.

Norton Internet Security 10.0.0.86 ({E5EE9939-259F-4DE2-8023-5C49E16A4F43})
version: 167772160
version (major): 10
estimated size: 1002
install date: 20070128
install source: D:\NAV\
uninstall cmd: MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
publisher: Symantec Corporation

Catalyst Control Center Graphics Full Existing 2007.0202.1923.34565 ({EC33A4E0-A500-D4A2-C1F8-DCA04496B053})
version (major): 2007
version (minor): 202
estimated size: 16161
install date: 20070223
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Graphics-Full-Existing\
publisher: ATI

ACDSee for PENTAX 5.1.0 ({EED5156C-4BA8-4105-A506-DB9D00F8B68D})
version: 83951616
version (major): 5
version (minor): 1
estimated size: 37171
install date: 20050305
install source: D:\ACDSee\ENG\
uninstall cmd: MsiExec.exe /I{EED5156C-4BA8-4105-A506-DB9D00F8B68D}
publisher: ACD Systems Ltd
comments: ACDSee 5.0 and other image management software
contact: Technical Support
help link: http://www.acdsystems.com
help telephone: 250-544-6701

AppCore 1 ({EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B})
version: 16777216
version (major): 1
estimated size: 457
install date: 20070128
install source: D:\Support\AppCore\
uninstall cmd: MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
publisher: Symantec Corporation

AV 1 ({F4DB525F-A986-4249-B98B-42A8066251CA})
version: 16777216
version (major): 1
estimated size: 4195
install date: 20070128
install source: D:\Support\AV\
uninstall cmd: MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
publisher: Symantec Corporation

--- System Services ---
Service (registry key): .NET CLR Data
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET CLR Networking
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for Oracle
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for SqlServer
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NETFramework
Start: 0
Type: 0
Error Control: 0

Service (registry key): Abiosdsk
Start: 4
Type: 1
Error Control: 0

Service (registry key): abp480n5
Image path: system32\DRIVERS\ABP480N5.SYS
Image size: 23552
Image MD5: 6ABB91494FE6C59089B9336452AB2EA3
Start: 0
Type: 1
Error Control: 1

Service (registry key): ACPI
Display name: Microsoft ACPI Driver
Image path: system32\DRIVERS\ACPI.sys
Image size: 187776
Image MD5: A10C7534F7223F4A73A948967D00E69B
Start: 0
Type: 1
Error Control: 1

Service (registry key): ACPIEC
Start: 4
Type: 1
Error Control: 1

Service (registry key): Adobe LM Service
Display name: Adobe LM Service
Description: AdobeLM Service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
Image size: 72704
Image MD5: C1EB9968EC89FBA5F3A264E2E57923AB
Start: 3
Type: 16
Error Control: 1

Service (registry key): adpu160m
Image path: system32\DRIVERS\adpu160m.sys
Image size: 101888
Image MD5: 9A11864873DA202C996558B2106B0BBC
Start: 0
Type: 1
Error Control: 1

Service (registry key): aeaudio
Image path: system32\drivers\aeaudio.sys
Image size: 4816
Image MD5: 11C04B17ED2ABBB4833694BCD644AC90
Start: 3
Type: 1
Error Control: 1

Service (registry key): aec
Display name: Microsoft Kernel Acoustic Echo Canceller
Image path: system32\drivers\aec.sys
Image size: 142464
Image MD5: 1EE7B434BA961EF845DE136224C30FEC
Start: 3
Type: 1
Error Control: 1

Service (registry key): AFD
Display name: AFD
Description: AFD Networking Support Environment
Image path: \SystemRoot\System32\drivers\afd.sys
Start: 1
Type: 1
Error Control: 1

Service (registry key): agp440
Display name: Intel AGP Bus Filter
Image path: system32\DRIVERS\agp440.sys
Image size: 42368
Image MD5: 2C428FA0C3E3A01ED93C9B2A27D8D4BB
Start: 0
Type: 1
Error Control: 1

Service (registry key): agpCPQ
Display name: Compaq AGP Bus Filter
Image path: system32\DRIVERS\agpCPQ.sys
Image size: 44928
Image MD5: 67288B07D6ABA6C1267B626E67BC56FD
Start: 0
Type: 1
Error Control: 1

Service (registry key): Aha154x
Image path: system32\DRIVERS\aha154x.sys
Image size: 12800
Image MD5: C23EA9B5F46C7F7910DB3EAB648FF013
Start: 0
Type: 1
Error Control: 1

Service (registry key): aic78u2
Image path: system32\DRIVERS\aic78u2.sys
Image size: 55168
Image MD5: 19DD0FB48B0C18892F70E2E7D61A1529
Start: 0
Type: 1
Error Control: 1

Service (registry key): aic78xx
Image path: system32\DRIVERS\aic78xx.sys
Image size: 56960
Image MD5: B7FE594A7468AA0132DEB03FB8E34326
Start: 0
Type: 1
Error Control: 1

Service (registry key): Alerter
Display name: Alerter
Description: Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): ALG
Display name: Application Layer Gateway Service
Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 44544
Image MD5: F1958FBF86D5C004CF19A5951A9514B7
Start: 3
Type: 16
Error Control: 1

Service (registry key): AliIde
Image path: system32\DRIVERS\aliide.sys
Image size: 5248
Image MD5: 1140AB9938809700B46BB88E46D72A96
Start: 0
Type: 1
Error Control: 1

Service (registry key): alim1541
Display name: ALI AGP Bus Filter
Image path: system32\DRIVERS\alim1541.sys
Image size: 42752
Image MD5: F312B7CEF21EFF52FA23056B9D815FAD
Start: 0
Type: 1
Error Control: 1

Service (registry key): amdagp
Display name: AMD AGP Bus Filter Driver
Image path: system32\DRIVERS\amdagp.sys
Image size: 43008
Image MD5: 675C16A3C1F8482F85EE4A97FC0DDE3D
Start: 0
Type: 1
Error Control: 1

Service (registry key): amsint
Image path: system32\DRIVERS\amsint.sys
Image size: 12032
Image MD5: 79F5ADD8D24BD6893F2903A3E2F3FAD6
Start: 0
Type: 1
Error Control: 1

Service (registry key): AppMgmt
Display name: Application Management
Description: Provides software installation services such as Assign, Publish, and Remove.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1

Service (registry key): asc
Image path: system32\DRIVERS\asc.sys
Image size: 26496
Image MD5: 62D318E9A0C8FC9B780008E724283707
Start: 0
Type: 1
Error Control: 1

Service (registry key): asc3350p
Image path: system32\DRIVERS\asc3350p.sys
Image size: 22400
Image MD5: 69EB0CC7714B32896CCBFD5EDCBEA447
Start: 0
Type: 1
Error Control: 1

Service (registry key): asc3550
Image path: system32\DRIVERS\asc3550.sys
Image size: 14848
Image MD5: 5D8DE112AA0254B907861E9E9C31D597
Start: 0
Type: 1
Error Control: 1

Service (registry key): ASP.NET
Start: 0
Type: 0
Error Control: 0

Service (registry key): ASP.NET_1.1.4322
Start: 0
Type: 0
Error Control: 0

Service (registry key): ASP.NET_2.0.50727
Start: 0
Type: 0
Error Control: 0

Service (registry key): aspnet_state
Display name: ASP.NET State Service
Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
Image size: 29896
Image MD5: D33C507942299753868204CC7642FA27
Start: 3
Type: 16
Error Control: 1

Service (registry key): AsyncMac
Display name: RAS Asynchronous Media Driver
Description: RAS Asynchronous Media Driver
Image path: system32\DRIVERS\asyncmac.sys
Image size: 14336
Image MD5: 02000ABF34AF4C218C35D257024807D6
Start: 3
Type: 1
Error Control: 1

Service (registry key): atapi
Display name: Standard IDE/ESDI Hard Disk Controller
Image path: system32\DRIVERS\atapi.sys
Image size: 95360
Image MD5: CDFE4411A69C224BD1D11B2DA92DAC51
Start: 0
Type: 1
Error Control: 1

Service (registry key): Atdisk
Start: 4
Type: 1
Error Control: 0

Service (registry key): Ati HotKey Poller
Object name: LocalSystem
Image path: %SystemRoot%\system32\Ati2evxx.exe
Image size: 446464
Image MD5: 29B2874B3956B62C0DBEA32D75A8E776
Start: 4
Type: 272
Error Control: 1

Service (registry key): ATI Smart
Display name: ATI Smart
Object name: LocalSystem
Image path: C:\WINDOWS\SYSTEM32\ati2sgag.exe
Image size: 520192
Image MD5: 0FE888957DEE9CDBF09642CBCC9779D3
Start: 4
Type: 272
Error Control: 1

Service (registry key): ati2mtag
Image path: system32\DRIVERS\ati2mtag.sys
Image size: 1975296
Image MD5: A1789368B4A31D2111AF7AEDA0C8D3FC
Start: 3
Type: 1
Error Control: 0

Service (registry key): Atierecord
Start: 0
Type: 0
Error Control: 0

Service (registry key): Atmarpc
Display name: ATM ARP Client Protocol
Description: ATM ARP Client Protocol
Image path: system32\DRIVERS\atmarpc.sys
Image size: 59904
Image MD5: EC88DA854AB7D7752EC8BE11A741BB7F
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): AudioSrv
Display name: Windows Audio
Description: Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): audstub
Display name: Audio Stub Driver
Image path: system32\DRIVERS\audstub.sys
Image size: 3072
Image MD5: D9F724AA26C010A217C97606B160ED68
Start: 3
Type: 1
Error Control: 1

Service (registry key): Autodesk Licensing Service
Display name: Autodesk Licensing Service
Description: Anchor service for Autodesk products licensed with SafeCast
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"
Image size: 74360
Image MD5: 9F29157695EE58875B06724743CE9C42
Start: 3
Type: 16
Error Control: 1

Service (registry key): Automatic LiveUpdate Scheduler
Display name: Automatic LiveUpdate Scheduler
Description: Manages the scheduling of Automatic LiveUpdate sessions
Object name: LocalSystem
Image path: "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
Image size: 198336
Image MD5: 0FCFBD0EDAA188B3D652DDCE6D16D866
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): BattC
Start: 0
Type: 0
Error Control: 0

Service (registry key): Beep
Start: 1
Type: 1
Error Control: 1

Service (registry key): BITS
Display name: Background Intelligent Transfer Service
Description: Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Browser
Display name: Computer Browser
Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,LanmanServer

Service (registry key): bvrp_pci
Start: 3
Type: 1
Error Control: 1

Service (registry key): CamDrL
Display name: Logitech QuickCam Pro 3000(CamDrl)
Image path: system32\DRIVERS\Camdrl.sys
Image size: 326656
Image MD5: CBA8BCE5BF67A3C619D5CE540BED9CF7
Start: 3
Type: 1
Error Control: 1

Service (registry key): cbidf
Image path: system32\DRIVERS\cbidf2k.sys
Image size: 13952
Image MD5: 90A673FC8E12A79AFBED2576F6A7AAF9
Start: 0
Type: 1
Error Control: 1

Service (registry key): cbidf2k
Start: 4
Type: 1
Error Control: 1

Service (registry key): CCDECODE
Display name: Closed Caption Decoder
Image path: system32\DRIVERS\CCDECODE.sys
Image size: 17024
Image MD5: 6163ED60B684BAB19D3352AB22FC48B2
Start: 3
Type: 1
Error Control: 1

Service (registry key): ccEvtMgr
Display name: Symantec Event Manager
Description: Event propagation and logging service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
Image size: 108648
Image MD5: FE69C498B922CE835E2E2123FBD0A272
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS,ccSetMgr

Service (registry key): ccSetMgr
Display name: Symantec Settings Manager
Description: Settings storage and management service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
Image size: 108648
Image MD5: FE69C498B922CE835E2E2123FBD0A272
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS

Service (registry key): cd20xrnt
Image path: system32\DRIVERS\cd20xrnt.sys
Image size: 7680
Image MD5: F3EC03299634490E97BBCE94CD2954C7
Start: 0
Type: 1
Error Control: 1

Service (registry key): Cdaudio
Start: 1
Type: 1
Error Control: 0

Service (registry key): Cdfs
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"

Service (registry key): Cdrom
Display name: CD-ROM Driver
Image path: system32\DRIVERS\cdrom.sys
Image size: 49536
Image MD5: AF9C19B3100FE010496B1A27181FBF72
Start: 1
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): Changer
Start: 1
Type: 1
Error Control: 0

Service (registry key): CiSvc
Display name: Indexing Service
Description: Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language.
Object name: LocalSystem
Image path: %SystemRoot%\system32\cisvc.exe
Image size: 5632
Image MD5: 3192BD04D032A9C4A85A3278C268A13A
Start: 3
Type: 288
Error Control: 1
Depends On services: RPCSS

Service (registry key): ClipSrv
Display name: ClipBook
Description: Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\clipsrv.exe
Image size: 33280
Image MD5: C8DEC22C4137D7A90F8BDF41CA4B82AE
Start: 4
Type: 16
Error Control: 1
Depends On services: NetDDE

Snowy
2007-03-27, 03:31
Service (registry key): clr_optimization_v2.0.50727_32
Display name: .NET Runtime Optimization Service v2.0.50727_X86
Description: Microsoft .NET Framework NGEN
Object name: LocalSystem
Image path: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Image size: 66240
Image MD5: 3C4D595E7F9B747325AEF28B4ADCAAE5
Start: 3
Type: 16
Error Control: 0

Service (registry key): CLTNetCnService
Display name: Symantec Lic NetConnect service
Description: Symantec Lic NetConnect Service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
Image size: 108648
Image MD5: FE69C498B922CE835E2E2123FBD0A272
Start: 2
Type: 32
Error Control: 0

Service (registry key): CmdIde
Image path: system32\DRIVERS\cmdide.sys
Image size: 6656
Image MD5: E5DCB56C533014ECBC556A8357C929D5
Start: 0
Type: 1
Error Control: 1

Service (registry key): comHost
Display name: COM Host
Description: COM aggregation host service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe"
Image size: 48272
Image MD5: 9D50FAF8BFFE9629EF0E97858C4805D9
Start: 4
Type: 16
Error Control: 0
Depends On services: RpcSs

Service (registry key): COMSysApp
Display name: COM+ System Application
Description: Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Image size: 5120
Image MD5: DD87DB7387B9EB441C5674888A0D840C
Start: 3
Type: 16
Error Control: 1
Depends On services: rpcss

Service (registry key): ContentFilter
Start: 0
Type: 0
Error Control: 0

Service (registry key): ContentIndex
Start: 0
Type: 0
Error Control: 0

Service (registry key): Cpqarray
Image path: system32\DRIVERS\cpqarray.sys
Image size: 14976
Image MD5: 3EE529119EED34CD212A215E8C40D4B6
Start: 0
Type: 1
Error Control: 1

Service (registry key): CryptSvc
Display name: Cryptographic Services
Description: Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): dac2w2k
Image path: system32\DRIVERS\dac2w2k.sys
Image size: 179584
Image MD5: E550E7418984B65A78299D248F0A7F36
Start: 0
Type: 1
Error Control: 1

Service (registry key): dac960nt
Image path: system32\DRIVERS\dac960nt.sys
Image size: 14720
Image MD5: 683789CAA3864EB46125AE86FF677D34
Start: 0
Type: 1
Error Control: 1

Service (registry key): DcomLaunch
Display name: DCOM Server Process Launcher
Description: Provides launch functionality for DCOM services.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost -k DcomLaunch
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): Dhcp
Display name: DHCP Client
Description: Manages network configuration by registering and updating IP addresses and DNS names.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd,NetBT

Service (registry key): Disk
Display name: Disk Driver
Image path: system32\DRIVERS\disk.sys
Image size: 36352
Image MD5: 00CA44E4534865F8A3B64F7C0984BFF0
Start: 0
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): dmadmin
Display name: Logical Disk Manager Administrative Service
Description: Configures hard disk drives and volumes. The service only runs for configuration processes and then stops.
Object name: LocalSystem
Image path: %SystemRoot%\System32\dmadmin.exe /com
Image size: 224768
Image MD5: 554C7CB178FE3BD12450B81AD63ADBC3
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay,DmServer

Service (registry key): dmboot
Image path: System32\drivers\dmboot.sys
Image size: 799744
Image MD5: C0FBB516E06E243F0CF31F597E7EBF7D
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmio
Image path: System32\drivers\dmio.sys
Image size: 153344
Image MD5: F5E7B358A732D09F4BCF2824B88B9E28
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmload
Image path: System32\drivers\dmload.sys
Image size: 5888
Image MD5: E9317282A63CA4D188C0DF5E09C6AC5F
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmserver
Display name: Logical Disk Manager
Description: Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay

Service (registry key): DMusic
Display name: Microsoft Kernel DLS Syntheiszer
Image path: system32\drivers\DMusic.sys
Image size: 52864
Image MD5: A6F881284AC1150E37D9AE47FF601267
Start: 3
Type: 1
Error Control: 1

Service (registry key): Dnscache
Display name: DNS Client
Description: Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip

Service (registry key): Dot4
Display name: MS IEEE-1284.4 Driver
Image path: system32\DRIVERS\Dot4.sys
Image size: 207360
Image MD5: AD7FC1963B152B3728E3C4F83554A576
Start: 3
Type: 1
Error Control: 1

Service (registry key): Dot4Print
Display name: Print Class Driver for IEEE-1284.4
Image path: system32\DRIVERS\Dot4Prt.sys
Image size: 12928
Image MD5: 77CE63A8A34AE23D9FE4C7896D1DEBE7
Start: 3
Type: 1
Error Control: 1

Service (registry key): Dot4Scan
Display name: Scan Class Driver for IEEE-1284.4
Image path: system32\DRIVERS\Dot4Scan.sys
Image size: 8704
Image MD5: BD05306428DA63369692477DDC0F6F5F
Start: 3
Type: 1
Error Control: 1

Service (registry key): dpti2o
Image path: system32\DRIVERS\dpti2o.sys
Image size: 20192
Image MD5: 40F3B93B4E5B0126F2F5C0A7A5E22660
Start: 0
Type: 1
Error Control: 1

Service (registry key): drmkaud
Display name: Microsoft Kernel DRM Audio Descrambler
Image path: system32\drivers\drmkaud.sys
Image size: 2944
Image MD5: 1ED4DBBAE9F5D558DBBA4CC450E3EB2E
Start: 3
Type: 1
Error Control: 1

Service (registry key): drvmcdb
Image path: system32\drivers\drvmcdb.sys
Image size: 87488
Image MD5: E814854E6B246CCF498874839AB64D77
Start: 0
Type: 1
Error Control: 0

Service (registry key): drvncdb
Start: 0
Type: 0
Error Control: 0

Service (registry key): drvnddm
Image path: system32\drivers\drvnddm.sys
Image size: 40480
Image MD5: EE83A4EBAE70BC93CF14879D062F548B
Start: 2
Type: 2
Error Control: 0

Service (registry key): E100B
Display name: Intel(R) PRO Adapter Driver
Image path: system32\DRIVERS\e100b325.sys
Image size: 154112
Image MD5: 7D91DC6342248369F94D6EBA0CF42E99
Start: 3
Type: 1
Error Control: 1

Service (registry key): eeCtrl
Display name: Symantec Eraser Control driver
Image path: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
Image size: 383800
Image MD5: 1DF3D1BE3403D663827496E62D24CA4C
Start: 1
Type: 1
Error Control: 1
Depends On services: FltMgr

Service (registry key): EraserUtilRebootDrv
Display name: EraserUtilRebootDrv
Image path: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
Image size: 102712
Image MD5: F84DF4DCA289B209DC2DAECBB0E87C89
Start: 3
Type: 1
Error Control: 1

Service (registry key): ERSvc
Display name: Error Reporting Service
Description: Allows error reporting for services and applictions running in non-standard environments.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSs

Service (registry key): Eventlog
Display name: Event Log
Description: Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 108032
Image MD5: C6CE6EEC82F187615D1002BB3BB50ED4
Start: 2
Type: 32
Error Control: 1

Service (registry key): EventSystem
Display name: COM+ Event System
Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): Fastfat
Start: 4
Type: 2
Error Control: 1

Service (registry key): FastUserSwitchingCompatibility
Display name: Fast User Switching Compatibility
Description: Provides management for applications that require assistance in a multiple user environment.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: TermService

Service (registry key): Fax
Display name: Fax
Description: Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network.
Object name: LocalSystem
Image path: %systemroot%\system32\fxssvc.exe
Image size: 267776
Image MD5: FCBD571FA0EE8DC238944AE5FAB74461
Start: 2
Type: 16
Error Control: 1
Depends On services: TapiSrv,RpcSs,PlugPlay,Spooler

Service (registry key): Fdc
Display name: Floppy Disk Controller Driver
Image path: system32\DRIVERS\fdc.sys
Image size: 27392
Image MD5: CED2E8396A8838E59D8FD529C680E02C
Start: 3
Type: 1
Error Control: 1

Service (registry key): Fips
Start: 1
Type: 1
Error Control: 1

Service (registry key): Flpydisk
Display name: Floppy Disk Driver
Image path: system32\DRIVERS\flpydisk.sys
Image size: 20480
Image MD5: 0DD1DE43115B93F4D85E889D7A86F548
Start: 3
Type: 1
Error Control: 1

Service (registry key): FltMgr
Display name: FltMgr
Description: File System Filter Manager Driver
Image path: system32\DRIVERS\fltMgr.sys
Image size: 128896
Image MD5: 3D234FB6D6EE875EB009864A299BEA29
Start: 0
Type: 2
Error Control: 1

Service (registry key): Fs_Rec
Start: 1
Type: 8
Error Control: 0

Service (registry key): Ftdisk
Display name: Volume Manager Driver
Image path: system32\DRIVERS\ftdisk.sys
Image size: 125056
Image MD5: 6AC26732762483366C3969C9E4D2259D
Start: 0
Type: 1
Error Control: 1

Service (registry key): GEARAspiWDM
Display name: GEARAspiWDM
Image path: System32\Drivers\GEARAspiWDM.sys
Image size: 15664
Image MD5: 4AC51459805264AFFD5F6FDFB9D9235F
Start: 3
Type: 1
Error Control: 1

Service (registry key): Gpc
Display name: Generic Packet Classifier
Description: Generic Packet Classifier
Image path: system32\DRIVERS\msgpc.sys
Image size: 35072
Image MD5: C0F1D4A21DE5A415DF8170616703DEBF
Start: 3
Type: 1
Error Control: 1

Service (registry key): helpsvc
Display name: Help and Support
Description: Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): HidServ
Display name: Human Interface Device Access
Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): HidUsb
Display name: Microsoft HID Class Driver
Image path: system32\DRIVERS\hidusb.sys
Image size: 9600
Image MD5: 1DE6783B918F540149AA69943BDFEBA8
Start: 3
Type: 1
Error Control: 0

Service (registry key): hpn
Image path: system32\DRIVERS\hpn.sys
Image size: 25952
Image MD5: B028377DEA0546A5FCFBA928A8AEFAE0
Start: 0
Type: 1
Error Control: 1

Service (registry key): HTTP
Display name: HTTP
Description: This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start.
Image path: System32\Drivers\HTTP.sys
Image size: 262784
Image MD5: CB77BB47E67E84DEB17BA29632501730
Start: 3
Type: 1
Error Control: 1

Service (registry key): HTTPFilter
Display name: HTTP SSL
Description: This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k HTTPFilter
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP

Snowy
2007-03-27, 03:31
Service (registry key): i2omgmt
Start: 1
Type: 1
Error Control: 1

Service (registry key): i2omp
Image path: system32\DRIVERS\i2omp.sys
Image size: 18560
Image MD5: ED6BF9E441FDEA13292A6D30A64A24C3
Start: 0
Type: 1
Error Control: 1

Service (registry key): i8042prt
Display name: i8042 Keyboard and PS/2 Mouse Port Driver
Image path: system32\DRIVERS\i8042prt.sys
Image size: 52736
Image MD5: 5502B58EEF7486EE6F93F3F164DCB808
Start: 1
Type: 1
Error Control: 1

Service (registry key): IDriverT
Display name: InstallDriver Table Manager
Description: Provides support for the Running Object Table for InstallShield Drivers
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
Image size: 69632
Image MD5: 1CF03C69B49ACB70C722DF92755C0C8C
Start: 4
Type: 16
Error Control: 0

Service (registry key): ILADFtmi
Start: 0
Type: 0
Error Control: 0

Service (registry key): Imapi
Display name: CD-Burning Filter Driver
Image path: system32\DRIVERS\imapi.sys
Image size: 41856
Image MD5: F8AA320C6A0409C0380E5D8A99D76EC6
Start: 1
Type: 1
Error Control: 1

Service (registry key): ImapiService
Display name: IMAPI CD-Burning COM Service
Description: Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\imapi.exe
Image size: 150016
Image MD5: FA788520BCAC0F5D9D5CDE5615C0D931
Start: 3
Type: 16
Error Control: 1

Service (registry key): inetaccs
Start: 0
Type: 0
Error Control: 0

Service (registry key): ini910u
Image path: system32\DRIVERS\ini910u.sys
Image size: 16000
Image MD5: 4A40E045FAEE58631FD8D91AFC620719
Start: 0
Type: 1
Error Control: 1

Service (registry key): Inport
Start: 0
Type: 0
Error Control: 0

Service (registry key): IntelC51
Image path: system32\DRIVERS\IntelC51.sys
Image size: 1233525
Image MD5: 7509C548400F4C9E0211E3F6E66ABBE6
Start: 3
Type: 1
Error Control: 1

Service (registry key): IntelC52
Image path: system32\DRIVERS\IntelC52.sys
Image size: 647929
Image MD5: 9584FFDD41D37F2C239681D0DAC2513E
Start: 3
Type: 1
Error Control: 1

Service (registry key): IntelC53
Image path: system32\DRIVERS\IntelC53.sys
Image size: 61157
Image MD5: CF0B937710CEC6EF39416EDECD803CBB
Start: 3
Type: 1
Error Control: 1

Service (registry key): IntelIde
Image path: system32\DRIVERS\intelide.sys
Image size: 5504
Image MD5: 2D722B2B54AB55B2FA475EB58D7B2AAD
Start: 0
Type: 1
Error Control: 1

Service (registry key): intelppm
Display name: Intel Processor Driver
Image path: system32\DRIVERS\intelppm.sys
Image size: 36096
Image MD5: 279FB78702454DFF2BB445F238C048D2
Start: 1
Type: 1
Error Control: 1

Service (registry key): Ip6Fw
Display name: IPv6 Windows Firewall Driver
Description: Provides intrusion prevention service for a home or small office network.
Image path: system32\DRIVERS\Ip6Fw.sys
Image size: 29056
Image MD5: 4448006B6BC60E6C027932CFC38D6855
Start: 3
Type: 1
Error Control: 1

Service (registry key): IpFilterDriver
Display name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Image path: system32\DRIVERS\ipfltdrv.sys
Image size: 32896
Image MD5: 731F22BA402EE4B62748ADAF6363C182
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IpInIp
Display name: IP in IP Tunnel Driver
Description: IP in IP Tunnel Driver
Image path: system32\DRIVERS\ipinip.sys
Image size: 20992
Image MD5: E1EC7F5DA720B640CD8FB8424F1B14BB
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IpNat
Display name: IP Network Address Translator
Description: IP Network Address Translator
Image path: system32\DRIVERS\ipnat.sys
Image size: 134912
Image MD5: E2168CBC7098FFE963C6F23F472A3593
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): iPod Service
Display name: iPod Service
Description: iPod hardware management services
Object name: LocalSystem
Image path: "C:\Program Files\iPod\bin\iPodService.exe"
Image size: 500800
Image MD5: 661194608009B558DE1925C7EBE1A4BA
Start: 4
Type: 16
Error Control: 1
Depends On services: RpcSs

Service (registry key): IPSec
Display name: IPSEC driver
Description: IPSEC driver
Image path: system32\DRIVERS\ipsec.sys
Image size: 74752
Image MD5: 64537AA5C003A6AFEEE1DF819062D0D1
Start: 1
Type: 1
Error Control: 1

Service (registry key): IRENUM
Display name: IR Enumerator Service
Image path: system32\DRIVERS\irenum.sys
Image size: 11264
Image MD5: 50708DAA1B1CBB7D6AC1CF8F56A24410
Start: 3
Type: 1
Error Control: 1

Service (registry key): ISAPISearch
Start: 0
Type: 0
Error Control: 0

Service (registry key): isapnp
Display name: PnP ISA/EISA Bus Driver
Image path: system32\DRIVERS\isapnp.sys
Image size: 35840
Image MD5: E504F706CCB699C2596E9A3DA1596E87
Start: 0
Type: 1
Error Control: 3

Service (registry key): ISPwdSvc
Display name: Symantec IS Password Validation
Description: User account management service
Object name: LocalSystem
Image path: "C:\Program Files\Norton Internet Security\isPwdSvc.exe"
Image size: 79496
Image MD5: B0C93B31A0234BEBAF6E636C9EDE8741
Start: 3
Type: 16
Error Control: 0

Service (registry key): Kbdclass
Display name: Keyboard Class Driver
Image path: system32\DRIVERS\kbdclass.sys
Image size: 24576
Image MD5: EBDEE8A2EE5393890A1ACEE971C4C246
Start: 1
Type: 1
Error Control: 1

Service (registry key): kmixer
Display name: Microsoft Kernel Wave Audio Mixer
Image path: system32\drivers\kmixer.sys
Image size: 172416
Image MD5: BA5DEDA4D934E6288C2F66CAF58D2562
Start: 3
Type: 1
Error Control: 1

Service (registry key): KSecDD
Start: 0
Type: 1
Error Control: 1

Service (registry key): lanmanserver
Display name: Server
Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): lanmanworkstation
Display name: Workstation
Description: Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): lbrtfdc
Start: 1
Type: 1
Error Control: 0

Service (registry key): ldap
Start: 0
Type: 0
Error Control: 0

Service (registry key): LicenseService
Start: 0
Type: 0
Error Control: 0

Service (registry key): LiveUpdate
Display name: LiveUpdate
Description: LiveUpdate Core Engine
Object name: LocalSystem
Image path: "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"
Image size: 2528960
Image MD5: FB3A35318CA7F6A10FA3C3826A69AFFE
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): LmHosts
Display name: TCP/IP NetBIOS Helper
Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: NetBT,Afd

Service (registry key): LVUSBSta
Display name: Logitech USB Monitor Filter
Image path: system32\drivers\lvusbsta.sys
Image size: 22016
Image MD5: C5EFBD05A5195402121711A6EBBB271F
Start: 3
Type: 1
Error Control: 1

Service (registry key): Messenger
Display name: Messenger
Description: Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,NetBIOS,PlugPlay,RpcSS

Service (registry key): mnmdd
Start: 1
Type: 1
Error Control: 0

Service (registry key): mnmsrvc
Display name: NetMeeting Remote Desktop Sharing
Description: Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\mnmsrvc.exe
Image size: 32768
Image MD5: F6415361201915B9FE3896B0E4E724FF
Start: 3
Type: 272
Error Control: 1

Service (registry key): Modem
Start: 3
Type: 1
Error Control: 0

Service (registry key): MODEMCSA
Display name: Unimodem Streaming Filter Device
Image path: system32\drivers\MODEMCSA.sys
Image size: 16128
Image MD5: 1992E0D143B09653AB0F9C5E04B0FD65
Start: 3
Type: 1
Error Control: 1

Service (registry key): mohfilt
Image path: system32\DRIVERS\mohfilt.sys
Image size: 37048
Image MD5: 59B8B11FF70728EEC60E72131C58B716
Start: 3
Type: 1
Error Control: 1

Service (registry key): Mouclass
Display name: Mouse Class Driver
Image path: system32\DRIVERS\mouclass.sys
Image size: 23040
Image MD5: 34E1F0031153E491910E12551400192C
Start: 1
Type: 1
Error Control: 1

Service (registry key): mouhid
Display name: Mouse HID Driver
Image path: system32\DRIVERS\mouhid.sys
Image size: 12160
Image MD5: B1C303E17FB9D46E87A98E4BA6769685
Start: 3
Type: 1
Error Control: 0

Service (registry key): MountMgr
Start: 0
Type: 1
Error Control: 1

Service (registry key): mraid35x
Image path: system32\DRIVERS\mraid35x.sys
Image size: 17280
Image MD5: 3F4BB95E5A44F3BE34824E8E7CAF0737
Start: 0
Type: 1
Error Control: 1

Service (registry key): MRxDAV
Display name: WebDav Client Redirector
Description: WebDav Client Redirector
Image path: system32\DRIVERS\mrxdav.sys
Image size: 181248
Image MD5: 46EDCC8F2DB2F322C24F48785CB46366
Start: 3
Type: 2
Error Control: 1

Service (registry key): MRxSmb
Display name: MRXSMB
Description: MRXSMB
Image path: system32\DRIVERS\mrxsmb.sys
Image size: 453120
Image MD5: 025AF03CE51645C62F3B6907A7E2BE5E
Start: 1
Type: 2
Error Control: 1

Service (registry key): MSDTC
Display name: Distributed Transaction Coordinator
Description: Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: C:\WINDOWS\system32\msdtc.exe
Image size: 6144
Image MD5: C7C3D89EB0A6F3DBA622EA737FA335B1
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS,SamSS

Service (registry key): Msfs
Start: 1
Type: 2
Error Control: 1

Service (registry key): MSIServer
Display name: Windows Installer
Description: Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\msiexec.exe /V
Image size: 78848
Image MD5: F5F0146580E7023ADB963879840777F8
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): MSKSSRV
Display name: Microsoft Streaming Service Proxy
Image path: system32\drivers\MSKSSRV.sys
Image size: 7552
Image MD5: AE431A8DD3C1D0D0610CDBAC16057AD0
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPCLOCK
Display name: Microsoft Streaming Clock Proxy
Image path: system32\drivers\MSPCLOCK.sys
Image size: 5376
Image MD5: 13E75FEF9DFEB08EEDED9D0246E1F448
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPQM
Display name: Microsoft Streaming Quality Manager Proxy
Image path: system32\drivers\MSPQM.sys
Image size: 4992
Image MD5: 1988A33FF19242576C3D0EF9CE785DA7
Start: 3
Type: 1
Error Control: 1

Service (registry key): mssmbios
Display name: Microsoft System Management BIOS Driver
Image path: system32\DRIVERS\mssmbios.sys
Image size: 15488
Image MD5: 469541F8BFD2B32659D5D463A6714BCE
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSTEE
Display name: Microsoft Streaming Tee/Sink-to-Sink Converter
Image path: system32\drivers\MSTEE.sys
Image size: 5504
Image MD5: BF13612142995096AB084F2DB7F40F77
Start: 3
Type: 1
Error Control: 1

Service (registry key): Mup
Display name: Mup
Start: 0
Type: 2
Error Control: 1

Service (registry key): NABTSFEC
Display name: NABTS/FEC VBI Codec
Image path: system32\DRIVERS\NABTSFEC.sys
Image size: 85376
Image MD5: 5C8DC6429C43DC6177C1FA5B76290D1A
Start: 3
Type: 1
Error Control: 1

Service (registry key): NAVENG
Display name: NAVENG
Image path: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070326.020\NAVENG.SYS
Image size: 80472
Image MD5: 68F5550E4395B0D9B6D205CA7561C5B1
Start: 3
Type: 1
Error Control: 1

Service (registry key): NAVEX15
Display name: NAVEX15
Image path: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070326.020\NAVEX15.SYS
Image size: 852600
Image MD5: 3EFBA831884806A0D6675BBD61C479F0
Start: 3
Type: 1
Error Control: 1

Service (registry key): NDIS
Display name: NDIS System Driver
Start: 0
Type: 1
Error Control: 1

Service (registry key): NdisIP
Display name: Microsoft TV/Video Connection
Image path: system32\DRIVERS\NdisIP.sys
Image size: 10880
Image MD5: 520CE427A8B298F54112857BCF6BDE15
Start: 3
Type: 1
Error Control: 1

Service (registry key): NdisTapi
Display name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Image path: system32\DRIVERS\ndistapi.sys
Image size: 9600
Image MD5: 08D43BBDACDF23F34D79E44ED35C1B4C
Start: 3
Type: 1
Error Control: 1

Service (registry key): Ndisuio
Display name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Image path: system32\DRIVERS\ndisuio.sys
Image size: 12928
Image MD5: 34D6CD56409DA9A7ED573E1C90A308BF
Start: 3
Type: 1
Error Control: 1

Service (registry key): NdisWan
Display name: Remote Access NDIS WAN Driver
Description: Remote Access NDIS WAN Driver
Image path: system32\DRIVERS\ndiswan.sys
Image size: 91776
Image MD5: 0B90E255A9490166AB368CD55A529893
Start: 3
Type: 1
Error Control: 1

Service (registry key): NDProxy
Start: 3
Type: 1
Error Control: 1

Service (registry key): NetBIOS
Display name: NetBIOS Interface
Description: NetBIOS Interface
Image path: system32\DRIVERS\netbios.sys
Image size: 34560
Image MD5: 3A2ACA8FC1D7786902CA434998D7CEB4
Start: 1
Type: 2
Error Control: 1

Service (registry key): NetBT
Display name: NetBT
Description: NetBios over Tcpip
Image path: system32\DRIVERS\netbt.sys
Image size: 162816
Image MD5: 0C80E410CD2F47134407EE7DD19CC86B
Start: 1
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): NetDDE
Display name: Network DDE
Description: Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 111104
Image MD5: 05AFB5AD06462257BEA7495283C86D50
Start: 4
Type: 32
Error Control: 1
Depends On services: NetDDEDSDM

Snowy
2007-03-27, 03:32
Service (registry key): NetDDEdsdm
Display name: Network DDE DSDM
Description: Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 111104
Image MD5: 05AFB5AD06462257BEA7495283C86D50
Start: 4
Type: 32
Error Control: 1

Service (registry key): Netlogon
Display name: Net Logon
Description: Supports pass-through authentication of account logon events for computers in a domain.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Start: 3
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): Netman
Display name: Network Connections
Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 288
Error Control: 1
Depends On services: RpcSs

Service (registry key): NetSvc
Display name: Intel NCS NetService
Description: Supports Intel(R) PROSet for Wired Connections.
Object name: LocalSystem
Image path: C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
Image size: 143360
Image MD5: 02D0798F376FCBD0210EDA58476D0B1B
Start: 3
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): Nla
Display name: Network Location Awareness (NLA)
Description: Collects and stores network configuration and location information, and notifies applications when this information changes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd

Service (registry key): Npfs
Start: 1
Type: 2
Error Control: 1

Service (registry key): Ntfs
Start: 4
Type: 2
Error Control: 1

Service (registry key): NtLmSsp
Display name: NT LM Security Support Provider
Description: Provides security to remote procedure call (RPC) programs that use transports other than named pipes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Start: 3
Type: 32
Error Control: 1

Service (registry key): NtmsSvc
Display name: Removable Storage
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Null
Start: 1
Type: 1
Error Control: 1

Service (registry key): nv
Image path: system32\DRIVERS\nv4_mini.sys
Image size: 1897408
Image MD5: 2B298519EDBFCF451D43E0F1E8F1006D
Start: 3
Type: 1
Error Control: 0

Service (registry key): NwlnkFlt
Display name: IPX Traffic Filter Driver
Description: IPX Traffic Filter Driver
Image path: system32\DRIVERS\nwlnkflt.sys
Image size: 12416
Image MD5: B305F3FAD35083837EF46A0BBCE2FC57
Start: 3
Type: 1
Error Control: 1
Depends On services: NwlnkFwd

Service (registry key): NwlnkFwd
Display name: IPX Traffic Forwarder Driver
Description: IPX Traffic Forwarder Driver
Image path: system32\DRIVERS\nwlnkfwd.sys
Image size: 32512
Image MD5: C99B3415198D1AAB7227F2C88FD664B9
Start: 3
Type: 1
Error Control: 1

Service (registry key): omci
Display name: OMCI WDM Device Driver
Image path: system32\DRIVERS\omci.sys
Image size: 17217
Image MD5: 53D5F1278D9EDB21689BBBCECC09108D
Start: 1
Type: 1
Error Control: 1

Service (registry key): ose
Display name: Office Source Engine
Description: Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Image size: 89136
Image MD5: 7A56CF3E3F12E8AF599963B16F50FB6A
Start: 4
Type: 16
Error Control: 1

Service (registry key): Outlook
Start: 0
Type: 0
Error Control: 0

Service (registry key): PalmUSBD
Image path: system32\drivers\PalmUSBD.sys
Image size: 16509
Image MD5: 803CF09C795290825607505D37819135
Start: 3
Type: 1
Error Control: 1

Service (registry key): Parport
Display name: Parallel port driver
Image path: system32\DRIVERS\parport.sys
Image size: 80128
Image MD5: 29744EB4CE659DFE3B4122DEB45BC478
Start: 3
Type: 1
Error Control: 1

Service (registry key): PartMgr
Start: 0
Type: 1
Error Control: 1

Service (registry key): ParVdm
Start: 4
Type: 1
Error Control: 0
Depends On services: Parport
Depends On group: "Parallel arbitrator"

Service (registry key): PCI
Display name: PCI Bus Driver
Image path: system32\DRIVERS\pci.sys
Image size: 68224
Image MD5: 8086D9979234B603AD5BC2F5D890B234
Start: 0
Type: 1
Error Control: 3

Service (registry key): PCIDump
Start: 1
Type: 1
Error Control: 0

Service (registry key): PCIIde
Image path: system32\DRIVERS\pciide.sys
Image size: 3328
Image MD5: CCF5F451BB1A5A2A522A76E670000FF0
Start: 0
Type: 1
Error Control: 1

Service (registry key): Pcmcia
Start: 4
Type: 1
Error Control: 1

Service (registry key): PDCOMP
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDFRAME
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDRELI
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDRFRAME
Start: 3
Type: 1
Error Control: 0

Service (registry key): perc2
Image path: system32\DRIVERS\perc2.sys
Image size: 27296
Image MD5: 6C14B9C19BA84F73D3A86DBA11133101
Start: 0
Type: 1
Error Control: 1

Service (registry key): perc2hib
Image path: system32\DRIVERS\perc2hib.sys
Image size: 5504
Image MD5: F50F7C27F131AFE7BEBA13E14A3B9416
Start: 0
Type: 1
Error Control: 1

Service (registry key): PerfDisk
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfNet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfOS
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfProc
Start: 0
Type: 0
Error Control: 0

Service (registry key): PhilCam8116
Display name: Logitech QuickCam Pro 3000(PID_08B0)
Image path: system32\DRIVERS\CamDrL21.sys
Image size: 236121
Image MD5: A2B74F7DC4407BE6A20808D00AECA9DF
Start: 3
Type: 1
Error Control: 1

Service (registry key): PlugPlay
Display name: Plug and Play
Description: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 108032
Image MD5: C6CE6EEC82F187615D1002BB3BB50ED4
Start: 2
Type: 32
Error Control: 1

Service (registry key): PolicyAgent
Display name: IPSEC Services
Description: Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,Tcpip,IPSec

Service (registry key): PptpMiniport
Display name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Image path: system32\DRIVERS\raspptp.sys
Image size: 48384
Image MD5: 1C5CC65AAC0783C344F16353E60B72AC
Start: 3
Type: 1
Error Control: 1

Service (registry key): ProtectedStorage
Display name: Protected Storage
Description: Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Start: 2
Type: 288
Error Control: 1
Depends On services: RpcSs

Service (registry key): PSched
Display name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Image path: system32\DRIVERS\psched.sys
Image size: 69120
Image MD5: 48671F327553DCF1D27F6197F622A668
Start: 3
Type: 1
Error Control: 1
Depends On services: Gpc

Service (registry key): Ptilink
Display name: Direct Parallel Link Driver
Description: Direct Parallel Link Driver
Image path: system32\DRIVERS\ptilink.sys
Image size: 17792
Image MD5: 80D317BD1C3DBC5D4FE7B1678C60CADD
Start: 3
Type: 1
Error Control: 1

Service (registry key): PxHelp20
Display name: PxHelp20
Image path: System32\Drivers\PxHelp20.sys
Image size: 36624
Image MD5: 1962166E0CEB740704F30FA55AD3D509
Start: 0
Type: 1
Error Control: 1

Service (registry key): ql1080
Image path: system32\DRIVERS\ql1080.sys
Image size: 40320
Image MD5: 0A63FB54039EB5662433CABA3B26DBA7
Start: 0
Type: 1
Error Control: 1

Service (registry key): Ql10wnt
Image path: system32\DRIVERS\ql10wnt.sys
Image size: 33152
Image MD5: 6503449E1D43A0FF0201AD5CB1B8C706
Start: 0
Type: 1
Error Control: 1

Service (registry key): ql12160
Image path: system32\DRIVERS\ql12160.sys
Image size: 45312
Image MD5: 156ED0EF20C15114CA097A34A30D8A01
Start: 0
Type: 1
Error Control: 1

Service (registry key): ql1240
Image path: system32\DRIVERS\ql1240.sys
Image size: 40448
Image MD5: 70F016BEBDE6D29E864C1230A07CC5E6
Start: 0
Type: 1
Error Control: 1

Service (registry key): ql1280
Image path: system32\DRIVERS\ql1280.sys
Image size: 49024
Image MD5: 907F0AEEA6BC451011611E732BD31FCF
Start: 0
Type: 1
Error Control: 1

Service (registry key): RasAcd
Display name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Image path: system32\DRIVERS\rasacd.sys
Image size: 8832
Image MD5: FE0D99D6F31E4FAD8159F690D68DED9C
Start: 1
Type: 1
Error Control: 1

Service (registry key): RasAuto
Display name: Remote Access Auto Connection Manager
Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RasMan,Tapisrv

Service (registry key): Rasl2tp
Display name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Image path: system32\DRIVERS\rasl2tp.sys
Image size: 51328
Image MD5: 98FAEB4A4DCF812BA1C6FCA4AA3E115C
Start: 3
Type: 1
Error Control: 1

Service (registry key): RasMan
Display name: Remote Access Connection Manager
Description: Creates a network connection.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: Tapisrv

Service (registry key): RasPppoe
Display name: Remote Access PPPOE Driver
Description: Remote Access PPPOE Driver
Image path: system32\DRIVERS\raspppoe.sys
Image size: 41472
Image MD5: 7306EEED8895454CBED4669BE9F79FAA
Start: 3
Type: 1
Error Control: 1

Service (registry key): Raspti
Display name: Direct Parallel
Description: Direct Parallel
Image path: system32\DRIVERS\raspti.sys
Image size: 16512
Image MD5: FDBB1D60066FCFBB7452FD8F9829B242
Start: 3
Type: 1
Error Control: 1

Service (registry key): Rdbss
Display name: Rdbss
Description: Rdbss
Image path: system32\DRIVERS\rdbss.sys
Image size: 174592
Image MD5: 03B965B1CA47F6EF60EB5E51CB50E0AF
Start: 1
Type: 2
Error Control: 1

Service (registry key): RDPCDD
Image path: System32\DRIVERS\RDPCDD.sys
Image size: 4224
Image MD5: 4912D5B403614CE99C28420F75353332
Start: 1
Type: 1
Error Control: 0

Service (registry key): RDPDD
Start: 0
Type: 0
Error Control: 0

Service (registry key): rdpdr
Display name: Terminal Server Device Redirector Driver
Image path: system32\DRIVERS\rdpdr.sys
Image size: 196864
Image MD5: A2CAE2C60BC37E0751EF9DDA7CEAF4AD
Start: 3
Type: 1
Error Control: 1

Service (registry key): RDPNP
Start: 0
Type: 0
Error Control: 0

Service (registry key): RDPWD
Start: 3
Type: 1
Error Control: 0

Service (registry key): RDSessMgr
Display name: Remote Desktop Help Session Manager
Description: Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\sessmgr.exe
Image size: 140800
Image MD5: 729798E0933076B8FCFCD9934698F164
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): redbook
Display name: Digital CD Audio Playback Filter Driver
Image path: system32\DRIVERS\redbook.sys
Image size: 57472
Image MD5: B31B4588E4086D8D84ADBF9845C2402B
Start: 1
Type: 1
Error Control: 1

Service (registry key): RemoteAccess
Display name: Routing and Remote Access
Description: Offers routing services to businesses in local area and wide area network environments.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSS
Depends On group: NetBIOSGroup

Service (registry key): RpcLocator
Display name: Remote Procedure Call (RPC) Locator
Description: Manages the RPC name service database.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\locator.exe
Image size: 75264
Image MD5: 793F04A09B15E7C6C11DBDFFAF06C0AB
Start: 3
Type: 16
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): RpcSs
Display name: Remote Procedure Call (RPC)
Description: Provides the endpoint mapper and other miscellaneous RPC services.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost -k rpcss
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): RSVP
Display name: QoS RSVP
Description: Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets.
Object name: LocalSystem
Image path: %SystemRoot%\system32\rsvp.exe
Image size: 132608
Image MD5: 471B3F9741D762ABE75E9DEEA4787E47
Start: 3
Type: 16
Error Control: 1
Depends On services: TcpIp,Afd,RpcSs

Service (registry key): SamSs
Display name: Security Accounts Manager
Description: Stores security information for local user accounts.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): SCardSvr
Display name: Smart Card
Description: Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\SCardSvr.exe
Image size: 95744
Image MD5: 25D8DE134DF108E3DBC8D7D23B1AA58E
Start: 3
Type: 32
Error Control: 0
Depends On services: PlugPlay

Service (registry key): Schedule
Display name: Task Scheduler
Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Snowy
2007-03-27, 03:33
rvice (registry key): Secdrv
Display name: Secdrv
Description: SafeDisc driver
Image path: system32\DRIVERS\secdrv.sys
Image size: 163644
Image MD5: 07F7F501AD50DE2BA2D5842D9B6D6155
Start: 2
Type: 1
Error Control: 1

Service (registry key): seclogon
Display name: Secondary Logon
Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 288
Error Control: 0

Service (registry key): SENS
Display name: System Event Notification
Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: EventSystem

Service (registry key): serenum
Display name: Serenum Filter Driver
Image path: system32\DRIVERS\serenum.sys
Image size: 15488
Image MD5: A2D868AEEFF612E70E213C451A70CAFB
Start: 3
Type: 1
Error Control: 1

Service (registry key): Serial
Display name: Serial port driver
Image path: system32\DRIVERS\serial.sys
Image size: 64896
Image MD5: CD9404D115A00D249F70A371B46D5A26
Start: 1
Type: 1
Error Control: 0

Service (registry key): sfdrv01
Display name: StarForce Protection Environment Driver (version 1.x)
Image path: System32\drivers\sfdrv01.sys
Image size: 50688
Image MD5: 4C0D673281178CB496011A2E28571FC8
Start: 0
Type: 1
Error Control: 1

Service (registry key): sfhlp02
Display name: StarForce Protection Helper Driver (version 2.x)
Image path: System32\drivers\sfhlp02.sys
Image size: 6656
Image MD5: 15BE2B5E4DC5B8623CF167720682ABC9
Start: 0
Type: 1
Error Control: 1

Service (registry key): Sfloppy
Start: 1
Type: 1
Error Control: 0
Depends On group: "SCSI miniport"

Service (registry key): SharedAccess
Display name: Windows Firewall/Internet Connection Sharing (ICS)
Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: Netman,WinMgmt

Service (registry key): ShellHWDetection
Display name: Shell Hardware Detection
Description: Provides notifications for AutoPlay hardware events.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSs

Service (registry key): Simbad
Start: 4
Type: 1
Error Control: 1

Service (registry key): sisagp
Display name: SIS AGP Bus Filter
Image path: system32\DRIVERS\sisagp.sys
Image size: 41088
Image MD5: 732D859B286DA692119F286B21A2A114
Start: 0
Type: 1
Error Control: 1

Service (registry key): SLIP
Display name: BDA Slip De-Framer
Image path: system32\DRIVERS\SLIP.sys
Image size: 11136
Image MD5: 5CAEED86821FA2C6139E32E9E05CCDC9
Start: 3
Type: 1
Error Control: 1

Service (registry key): smwdm
Image path: system32\drivers\smwdm.sys
Image size: 612352
Image MD5: 4AA922332433CDEB8B82C072C212E32E
Start: 3
Type: 1
Error Control: 1

Service (registry key): Sparrow
Image path: system32\DRIVERS\sparrow.sys
Image size: 19072
Image MD5: 83C0F71F86D3BDAF915685F3D568B20E
Start: 0
Type: 1
Error Control: 1

Service (registry key): SPBBCDrv
Display name: SPBBCDrv
Image path: \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
Image size: 417592
Image MD5: 2B957A86CBFD0AB78B591EFE16C6860F
Start: 1
Type: 1
Error Control: 1

Service (registry key): splitter
Display name: Microsoft Kernel Audio Splitter
Image path: system32\drivers\splitter.sys
Image size: 6400
Image MD5: 0CE218578FFF5F4F7E4201539C45C78F
Start: 3
Type: 1
Error Control: 1

Service (registry key): Spooler
Display name: Print Spooler
Description: Loads files to memory for later printing.
Object name: LocalSystem
Image path: %SystemRoot%\system32\spoolsv.exe
Image size: 57856
Image MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): sr
Display name: System Restore Filter Driver
Image path: system32\DRIVERS\sr.sys
Image size: 73472
Image MD5: E41B6D037D6CD08461470AF04500DC24
Start: 0
Type: 2
Error Control: 1

Service (registry key): srservice
Display name: System Restore Service
Description: Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): SRTSP
Display name: SRTSP
Image path: System32\Drivers\SRTSP.SYS
Image size: 247608
Image MD5: ED5E9F3BF11D0BB770F652B22EC26465
Start: 3
Type: 2
Error Control: 1
Depends On services: SRTSPX,FltMgr

Service (registry key): SRTSPL
Display name: SRTSPL
Image path: System32\Drivers\SRTSPL.SYS
Image size: 276792
Image MD5: C70A2581E35E03C85F29AA1BC723659A
Start: 3
Type: 1
Error Control: 1
Depends On services: SRTSPX

Service (registry key): SRTSPX
Display name: SRTSPX
Image path: System32\Drivers\SRTSPX.SYS
Image size: 25400
Image MD5: 05F2DB228922E6B8A001ED83EE4D1153
Start: 1
Type: 1
Error Control: 1

Service (registry key): Srv
Display name: Srv
Description: Srv
Image path: system32\DRIVERS\srv.sys
Image size: 332928
Image MD5: EA554A3FFC3F536FE8320EB38F5E4843
Start: 3
Type: 2
Error Control: 1

Service (registry key): sscdbhk5
Image path: system32\drivers\sscdbhk5.sys
Image size: 5627
Image MD5: D7968049BE0ADBB6A57CEE3960320911
Start: 1
Type: 2
Error Control: 0

Service (registry key): SSDPSRV
Display name: SSDP Discovery Service
Description: Enables discovery of UPnP devices on your home network.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP

Service (registry key): ssrtln
Image path: system32\drivers\ssrtln.sys
Image size: 23545
Image MD5: C3FFD65ABFB6441E7606CF74F1155273
Start: 1
Type: 2
Error Control: 0

Service (registry key): stisvc
Display name: Windows Image Acquisition (WIA)
Description: Provides image acquisition services for scanners and cameras.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k imgsvc
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): streamip
Display name: BDA IPSink
Image path: system32\DRIVERS\StreamIP.sys
Image size: 15360
Image MD5: 284C57DF5DC7ABCA656BC2B96A667AFB
Start: 3
Type: 1
Error Control: 1

Service (registry key): swenum
Display name: Software Bus Driver
Image path: system32\DRIVERS\swenum.sys
Image size: 4352
Image MD5: 03C1BAE4766E2450219D20B993D6E046
Start: 3
Type: 1
Error Control: 1

Service (registry key): swmidi
Display name: Microsoft Kernel GS Wavetable Synthesizer
Image path: system32\drivers\swmidi.sys
Image size: 54272
Image MD5: 94ABC808FC4B6D7D2BBF42B85E25BB4D
Start: 3
Type: 1
Error Control: 1

Service (registry key): SwPrv
Display name: MS Software Shadow Copy Provider
Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{A445BD1E-49EE-4607-B370-5CCA447377C4}
Image size: 5120
Image MD5: DD87DB7387B9EB441C5674888A0D840C
Start: 3
Type: 16
Error Control: 0
Depends On services: rpcss

Service (registry key): Symantec Core LC
Display name: Symantec Core LC
Description: Symantec Core LC
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"
Image size: 1087680
Image MD5: 6FDA95007C483C378824F86FE351AA9C
Start: 3
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): SymAppCore
Display name: Symantec AppCore Service
Description: Symantec Application Service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe"
Image size: 46736
Image MD5: CE045B180D34404FF3017C18D308E9C1
Start: 2
Type: 16
Error Control: 0
Depends On services: RPCSS,ccSetMgr

Service (registry key): symc810
Image path: system32\DRIVERS\symc810.sys
Image size: 16256
Image MD5: 1FF3217614018630D0A6758630FC698C
Start: 0
Type: 1
Error Control: 1

Service (registry key): symc8xx
Image path: system32\DRIVERS\symc8xx.sys
Image size: 32640
Image MD5: 070E001D95CF725186EF8B20335F933C
Start: 0
Type: 1
Error Control: 1

Service (registry key): SYMDNS
Image path: \SystemRoot\System32\Drivers\SYMDNS.SYS
Start: 3
Type: 1
Error Control: 0

Service (registry key): SymEvent
Image path: \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
Image size: 115000
Image MD5: 403BD24FA5C55FC648ABDD039629A954
Start: 3
Type: 1
Error Control: 1

Service (registry key): SYMFW
Image path: \SystemRoot\System32\Drivers\SYMFW.SYS
Start: 3
Type: 1
Error Control: 0

Service (registry key): SYMIDS
Image path: \SystemRoot\System32\Drivers\SYMIDS.SYS
Start: 3
Type: 1
Error Control: 0

Service (registry key): SYMIDSCO
Image path: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20070308.001\SymIDSCo.sys
Image size: 185976
Image MD5: 64C78C2164997FB8D27B8E7AB0D86B3E
Start: 3
Type: 1
Error Control: 0

Service (registry key): SYMNDIS
Image path: \SystemRoot\System32\Drivers\SYMNDIS.SYS
Start: 3
Type: 1
Error Control: 0
Depends On services: SymTDI,SYMFW,SYMIDS

Service (registry key): SYMREDRV
Image path: \SystemRoot\System32\Drivers\SYMREDRV.SYS
Start: 3
Type: 1
Error Control: 0

Service (registry key): SYMTDI
Display name: SYMTDI
Image path: \SystemRoot\System32\Drivers\SYMTDI.SYS
Start: 1
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): sym_hi
Image path: system32\DRIVERS\sym_hi.sys
Image size: 28384
Image MD5: 80AC1C4ABBE2DF3B738BF15517A51F2C
Start: 0
Type: 1
Error Control: 1

Service (registry key): sym_u3
Image path: system32\DRIVERS\sym_u3.sys
Image size: 30688
Image MD5: BF4FAB949A382A8E105F46EBB4937058
Start: 0
Type: 1
Error Control: 1

Service (registry key): sysaudio
Display name: Microsoft Kernel System Audio Device
Image path: system32\drivers\sysaudio.sys
Image size: 60800
Image MD5: 650AD082D46BAC0E64C9C0E0928492FD
Start: 3
Type: 1
Error Control: 1

Service (registry key): SysmonLog
Display name: Performance Logs and Alerts
Description: Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\system32\smlogsvc.exe
Image size: 89600
Image MD5: 8B54AA346D1B1B113FFAA75501B8B1B2
Start: 3
Type: 16
Error Control: 1

Service (registry key): TapiSrv
Display name: Telephony
Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): Tcpip
Display name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Image path: system32\DRIVERS\tcpip.sys
Image size: 359808
Image MD5: 1DBF125862891817F374F407626967F4
Start: 1
Type: 1
Error Control: 1
Depends On services: IPSec

Service (registry key): TDPIPE
Start: 3
Type: 1
Error Control: 0

Service (registry key): TDTCP
Start: 3
Type: 1
Error Control: 0

Service (registry key): TermDD
Display name: Terminal Device Driver
Image path: system32\DRIVERS\termdd.sys
Image size: 40840
Image MD5: A540A99C281D933F3D69D55E48727F47
Start: 1
Type: 1
Error Control: 1

Service (registry key): TermService
Display name: Terminal Services
Description: Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost -k DComLaunch
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): tfsnboio
Image path: system32\dla\tfsnboio.sys
Image size: 25883
Image MD5: 75B30B9EA32FE7D8BBC332D3B944AD46
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsncofs
Image path: system32\dla\tfsncofs.sys
Image size: 34843
Image MD5: B811A431B14694D88EB5BEFAA55B4501
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsndrct
Image path: system32\dla\tfsndrct.sys
Image size: 4123
Image MD5: F5E2CF2144F1FE51DADD6E9063D311EB
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsndres
Image path: system32\dla\tfsndres.sys
Image size: 2239
Image MD5: E32B32045B6B914FD4CAAE8BE6CA7E8A
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsnifs
Image path: system32\dla\tfsnifs.sys
Image size: 86554
Image MD5: 43034B10A94D1C6F13A1A0E848F51226
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsnopio
Image path: system32\dla\tfsnopio.sys
Image size: 15227
Image MD5: F5EE0FAAFDE37326EA35ACBFA5DEFD3D
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsnpool
Image path: system32\dla\tfsnpool.sys
Image size: 6363
Image MD5: 597348EB65B3E19709E9A45CA2B30B61
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsnudf
Image path: system32\dla\tfsnudf.sys
Image size: 98714
Image MD5: 767AFFD52432A0F7E7D39F6FF64401F4
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsnudfa
Image path: system32\dla\tfsnudfa.sys
Image size: 100603
Image MD5: 2806B2FD00263CCD90CC0638C6139EB0
Start: 2
Type: 2
Error Control: 0

Snowy
2007-03-27, 03:34
Service (registry key): Themes
Display name: Themes
Description: Provides user experience theme management.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): tmcomm
Display name: tmcomm
Image path: \??\C:\WINDOWS\system32\drivers\tmcomm.sys
Image size: 76560
Image MD5: 4DC436421C9D745D7E8C37F956701C78
Start: 2
Type: 1
Error Control: 1

Service (registry key): TosIde
Image path: system32\DRIVERS\toside.sys
Image size: 4992
Image MD5: F2790F6AF01321B172AA62F8E1E187D9
Start: 0
Type: 1
Error Control: 1

Service (registry key): TrkWks
Display name: Distributed Link Tracking Client
Description: Maintains links between NTFS files within a computer or across computers in a network domain.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): TSDDD
Start: 0
Type: 0
Error Control: 0

Service (registry key): Udfs
Start: 4
Type: 2
Error Control: 1

Service (registry key): ultra
Image path: system32\DRIVERS\ultra.sys
Image size: 36736
Image MD5: 1B698A51CD528D8DA4FFAED66DFC51B9
Start: 0
Type: 1
Error Control: 1

Service (registry key): UMWdf
Display name: Windows User Mode Driver Framework
Description: Enables Windows user mode drivers.
Object name: NT AUTHORITY\LocalService
Image path: C:\WINDOWS\system32\wdfmgr.exe
Image size: 38912
Image MD5: C81B8635DEE0D3EF5F64B3DD643023A5
Start: 2
Type: 16
Error Control: 1
Depends On services: RpcSs

Service (registry key): Update
Display name: Microcode Update Driver
Image path: system32\DRIVERS\update.sys
Image size: 209408
Image MD5: AFF2E5045961BBC0A602BB6F95EB1345
Start: 3
Type: 1
Error Control: 1

Service (registry key): upnphost
Display name: Universal Plug and Play Device Host
Description: Provides support to host Universal Plug and Play devices.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: SSDPSRV,HTTP

Service (registry key): UPS
Display name: Uninterruptible Power Supply
Description: Manages an uninterruptible power supply (UPS) connected to the computer.
Object name: LocalSystem
Image path: %SystemRoot%\System32\ups.exe
Image size: 18432
Image MD5: 3F5DF65B0758675F95A2D43918A740A3
Start: 3
Type: 16
Error Control: 1

Service (registry key): usbaudio
Display name: USB Audio Driver (WDM)
Image path: system32\drivers\usbaudio.sys
Image size: 59264
Image MD5: 45A0D14B26C35497AD93BCE7E15C9941
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbccgp
Display name: Microsoft USB Generic Parent Driver
Image path: system32\DRIVERS\usbccgp.sys
Image size: 31616
Image MD5: BFFD9F120CC63BCBAA3D840F3EEF9F79
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbehci
Display name: Microsoft USB 2.0 Enhanced Host Controller Miniport Driver
Image path: system32\DRIVERS\usbehci.sys
Image size: 26624
Image MD5: 15E993BA2F6946B2BFBBFCD30398621E
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbhub
Display name: USB2 Enabled Hub
Image path: system32\DRIVERS\usbhub.sys
Image size: 57600
Image MD5: C72F40947F92CEA56A8FB532EDF025F1
Start: 3
Type: 1
Error Control: 1

Service (registry key): USBSTOR
Display name: USB Mass Storage Driver
Image path: system32\DRIVERS\USBSTOR.SYS
Image size: 26496
Image MD5: 6CD7B22193718F1D17A47A1CD6D37E75
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbuhci
Display name: Microsoft USB Universal Host Controller Miniport Driver
Image path: system32\DRIVERS\usbuhci.sys
Image size: 20480
Image MD5: F8FD1400092E23C8F2F31406EF06167B
Start: 3
Type: 1
Error Control: 1

Service (registry key): usnjsvc
Display name: Messenger Sharing Folders USN Journal Reader service
Description: Service installed by Messenger to enable sharing scenarios
Object name: LocalSystem
Image path: "C:\Program Files\MSN Messenger\usnsvc.exe"
Image size: 97136
Image MD5: C5B70A6AA947667CE0E5FC84A05EC8B6
Start: 4
Type: 16
Error Control: 1
Depends On services: rpcss,eventlog

Service (registry key): VgaSave
Image path: \SystemRoot\System32\drivers\vga.sys
Start: 1
Type: 1
Error Control: 0

Service (registry key): viaagp
Display name: VIA AGP Bus Filter
Image path: system32\DRIVERS\viaagp.sys
Image size: 42240
Image MD5: D92E7C8A30CFD14D8E15B5F7F032151B
Start: 0
Type: 1
Error Control: 1

Service (registry key): ViaIde
Image path: system32\DRIVERS\viaide.sys
Image size: 5376
Image MD5: 59CB1338AD3654417BEA49636457F65D
Start: 0
Type: 1
Error Control: 1

Service (registry key): VolSnap
Start: 0
Type: 1
Error Control: 1

Service (registry key): VSS
Display name: Volume Shadow Copy
Description: Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\vssvc.exe
Image size: 289792
Image MD5: 3EE00364AE0FD8D604F46CBAF512838A
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): w32time
Display name: Windows Time
Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): W3SVC
Start: 0
Type: 0
Error Control: 0

Service (registry key): Wanarp
Display name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Image path: system32\DRIVERS\wanarp.sys
Image size: 34560
Image MD5: 984EF0B9788ABF89974CFED4BFBAACBC
Start: 3
Type: 1
Error Control: 1

Service (registry key): wanatw
Display name: WAN Miniport (ATW)
Image path: system32\DRIVERS\wanatw4.sys
Start: 3
Type: 1
Error Control: 1

Service (registry key): WDICA
Start: 3
Type: 1
Error Control: 0

Service (registry key): wdmaud
Display name: Microsoft WINMM WDM Audio Compatibility Driver
Image path: system32\drivers\wdmaud.sys
Image size: 82944
Image MD5: EFD235CA22B57C81118C1AEB4798F1C1
Start: 3
Type: 1
Error Control: 1

Service (registry key): WebClient
Display name: WebClient
Description: Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: MRxDAV

Service (registry key): winmgmt
Display name: Windows Management Instrumentation
Description: Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS

Service (registry key): Winsock
Start: 3
Type: 4
Error Control: 1

Service (registry key): WinSock2
Start: 0
Type: 0
Error Control: 0

Service (registry key): WinTrust
Start: 0
Type: 0
Error Control: 0

Service (registry key): WmdmPmSN
Display name: Portable Media Serial Number Service
Description: Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1

Service (registry key): WmiApRpl
Start: 0
Type: 0
Error Control: 0

Service (registry key): WmiApSrv
Display name: WMI Performance Adapter
Description: Provides performance library information from WMI HiPerf providers.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\wbem\wmiapsrv.exe
Image size: 126464
Image MD5: BA8CECC3E813E1F7C441B20393D4F86C
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): WS2IFSL
Display name: Windows Socket 2.0 Non-IFS Service Provider Support Environment
Image path: \SystemRoot\System32\drivers\ws2ifsl.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): wscsvc
Display name: Security Center
Description: Monitors system security settings and configurations.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,winmgmt

Service (registry key): WSTCODEC
Display name: World Standard Teletext Codec
Image path: system32\DRIVERS\WSTCODEC.SYS
Image size: 19328
Image MD5: D5842484F05E12121C511AA93F6439EC
Start: 3
Type: 1
Error Control: 1

Service (registry key): wuauserv
Display name: Automatic Updates
Description: Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): WZCSVC
Display name: Wireless Zero Configuration
Description: Provides automatic configuration for the 802.11 adapters
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,Ndisuio

Service (registry key): xmlprov
Display name: Network Provisioning Service
Description: Manages XML configuration files on a domain basis for automatic network provisioning.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): {AAFD11FD-543A-45F2-B610-F0A1623C0D37}
Start: 0
Type: 0
Error Control: 0

Service (registry key): {B9C4D0A9-E472-4708-A07C-9623A9E86D17}
Start: 0
Type: 0
Error Control: 0

shelf life
2007-03-27, 04:33
hi Snowy,

thanks for all the info.

do you use firefox alot. there is a option to clear cookies (among other things) everytime you exit firefox. tools>option>privacy tab>private data.
also i would get atf cleaner to clean out temp files for both IE and firefox:
http://www.atribune.org/content/view/19/2/


Also some windows security thing in the registry keeps being shut off.
spy bot tells you this? you use spybots tea timer? can you find this in the spybot report and post just that one item.

shelf life

Snowy
2007-03-27, 07:36
Hey,

I am not entirely sure, but this all started happening around the time I downloaded and installed a game. I've since uninstalled the game and reinstalled with a different file.

I've blocked the bad sites and now also have mozilla to remove cookies on exit. Also thanks for the atf cleaner. Here is the thing i was talking about:


--- Report generated: 2007-03-25 03:17 ---

Microsoft.WindowsSecurityCenter_disabled: Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start!=W=2


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

shelf life
2007-03-28, 02:01
hi Snowy,

i think thats because the xp "security center" is not monitoring your firewall, AV etc.
see if this helps:
start>settings>control panel>security center.
under resources click on" change the way windows notifies me"
then put a checkmark next to each of the three items.

shelf life

Snowy
2007-03-28, 03:16
hey,

In the resources, I can click on everything except " change the way windows notifies me".

shelf life
2007-03-29, 01:19
hi Snowy,

ok, lets make sure the service is turned on. if you go to start>run and type in;
services.msc (then enter)
the service panel window will open
under the name column, look for:
security Center, right click on it and select properties.
under the general tab make sure the startup type is set to:
automatic
and the service status is started
click apply, ok close service panel. and reboot computer once, lets see if that works.

shelf life

Snowy
2007-03-29, 06:24
Hey shelf life,

It looks like norton disables windows security everytime I boot and replaces windows security with itself. I haven't had any problems since I blocked the cookies. I'm not sure why the problems started showing up when i am visiting the same sites i always have, but all is well. I think my computer is all set. Could I have the registry clean up if you think I am done too. Thanks a lot :bigthumb:

Snowy
2007-03-29, 10:50
umm... bummer

spybot just found a dropper.ragger registry change. Not sure what that is, but i fixed it. Also i downloaded ie7 and now i have a windows explorer error. Hope this doesnt mess up my computer..

shelf life
2007-03-30, 00:56
hi Snowy,


i have a windows explorer error.
windows explorer or internet explorer? what kind of error. since its been awhile why not scan with hjt and post a new log for another look.

shelf life

Snowy
2007-03-30, 04:28
Hey,

It said windows explorer error and then nothing else happened. Heres an HJT log.

Logfile of HijackThis v1.99.1
Scan saved at 9:25:54 PM, on 3/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab50997.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O18 - Protocol: bw+0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {8C9D54D4-B031-4552-AFFE-3E099726D2A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

shelf life
2007-03-30, 04:58
hi Snowy,

you can look in add/remove programs panel and uninstall Logitech Desktop Messenger if you want. it useless, it checks for updates to logitech products, something you can do manually. you use real player? if not i would remove that also. and PartyGaming\PartyPoker unless you installed it. could have piggy-backed in with something else.

scan with HJT, put a checkmark beside the items below, close all windows and click fix checked.

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
--------------------------

It said windows explorer error probably just a windows burp, i wouldnt worry about it unless if starts happening on a regular basis. you still looking for a registry cleaner?

shelf life

Snowy
2007-03-30, 10:52
Hey,

As far as i know party poker is uninstalled already. Thank you for the tips. i removed the ones you said to. To answer your question, yes i am still looking for a registry cleaner. Thanks again! :)

shelf life
2007-03-31, 02:05
hi Snowy,

CCleaner has a registry cleaner built in. before "fixing" the items it will ask you if you want to back up the registry first. i would do that just in case there are any issues and you had to restore the registry. its also good for cleaning up cookies, temp files, logs etc as you will see.

during the install process at the bottom of a screen it will ask if you want to install the "Ccleaner yahoo toolbar" i would uncheck it so it wont install. to check for updates automatically, up to you. you can check when you want from one of the ccleaners windows, rather than having it done automatically
the link:
http://www.ccleaner.com/

if all is good then i leave you with this:

Prevention-or How Can I Help Myself? (http://security-central.us/SafeHex/prevention.htm)

Snowy
2007-03-31, 19:59
Hey Shelf life,

Thank you so much for your help. Everything is running fine and spybot isnt findng anymore problems. Also thank you for Ccleaner. :)

shelf life
2007-03-31, 22:22
hi Snowy,

good. glad to help. happy safe surfing.

shelf life