View Full Version : Virtumonde, TinyBar Malware, can't run HJT
hvkreiter
2009-02-16, 20:26
Hi,
Yesterday I appear to have contracted TinyBar, and Virtumonde Malware. I have downloaded HJT, but every time I attempt to create a log, a box pops up that says HJT has generated errors and will be shut down. I did create a log from the last time I ran Spybot S&D. Here is what it says:
--- Search result list ---
TinyBar.C: [SBI $1BB1339D] Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
TinyBar.C: [SBI $32F9D995] Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
TinyBar.C: [SBI $D87CA6BD] Class ID (Registry value, nothing done)
HKEY_CLASSES_ROOT\CLSID\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}\InprocServer32\=...C:\WINNT\system32\ddcDssPF.dll...
TinyBar.C: [SBI $8F2A4A7E] Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
Smitfraud-C.: [SBI $99619F8C] Settings (Registry key, nothing done)
HKEY_USERS\S-1-5-21-419778038-180567841-1042708996-500\Software\Microsoft\instkey
Virtumonde: [SBI $FD08B4B7] Configuration file (File, nothing done)
C:\WINNT\SYSTEM32\KQpsAcfe.ini2
Properties.size=32365
Properties.md5=66E17A97ED4A6BE46BD9A8523497CCAA
Properties.filedate=1234804666
Properties.filedatetext=2009-02-16 12:17:46
Virtumonde: [SBI $2A2DCEAC] Configuration file (File, nothing done)
C:\WINNT\SYSTEM32\KQpsAcfe.ini
Properties.size=32365
Properties.md5=ABD330C1AAF2EB1FF881A0FB2AF72DEA
Properties.filedate=1234804796
Properties.filedatetext=2009-02-16 12:19:56
Virtumonde.prx: [SBI $3F9F40D4] Autorun settings (07d209a4) (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\07d209a4
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-02-15 unins000.exe (51.49.0.0)
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-01-26 advcheck.dll (1.6.2.15)
2009-01-26 SDHelper.dll (1.6.2.14)
2009-01-26 Tools.dll (2.1.6.10)
2008-06-14 DelZip179.dll (1.79.11.1)
2007-04-02 aports.dll (2.1.0.0)
2008-06-19 sqlite3.dll
2009-01-22 Includes\Revision.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-01-06 Includes\Dialer.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-02-10 Includes\Hijackers.sbi (*)
2008-12-09 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-11-18 Includes\Malware.sbi (*)
2008-12-16 Includes\PUPS.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2009-01-28 Includes\Spyware.sbi (*)
2009-01-22 Includes\Adware.sbi (*)
2008-06-03 Includes\Tracks.uti
2009-02-03 Includes\Trojans.sbi (*)
2009-01-22 Includes\DialerC.sbi (*)
2009-02-10 Includes\HijackersC.sbi (*)
2009-02-03 Includes\KeyloggersC.sbi (*)
2009-02-10 Includes\MalwareC.sbi (*)
2009-02-10 Includes\PUPSC.sbi (*)
2009-02-10 Includes\SecurityC.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-01-28 Includes\SpywareC.sbi (*)
2009-01-22 Includes\AdwareC.sbi (*)
2009-02-10 Includes\TrojansC.sbi (*)
2007-12-24 Plugins\TCPIPAddress.dll
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
--- System information ---
Windows 2000 (Build: 2195) Service Pack 4 (5.0.2195)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ Windows 2000 / SP4: Windows 2000 Service Pack 4
/ Windows 2000 / SP5: Windows Installer 3.1 (KB893803)
--- Startup entries list ---
Located: HK_LM:Run, 07d209a4
command: rundll32.exe "C:\WINNT\system32\cuihtyye.dll",b
file: C:\WINNT\system32\cuihtyye.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, AdaptecDirectCD
command: "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
file: C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
size: 679936
MD5: BC21ED6454FB9C7F1ADF0A663AC96392
Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 71328
MD5: 3D96C281A211864373FB2841694CEFB4
Located: HK_LM:Run, CreateCD50
command: "C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
file: C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe
size: 122965
MD5: D0525261C4608D79DF34AFF42351032B
Located: HK_LM:Run, HotKeysCmds
command: C:\WINNT\System32\hkcmd.exe
file: C:\WINNT\System32\hkcmd.exe
size: 106496
MD5: 17A09295AA7AA0CE20A3117A738F511D
Located: HK_LM:Run, HP Software Update
command: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
file: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: AC116F16A7716A720A45D7EA47CFD983
Located: HK_LM:Run, IgfxTray
command: C:\WINNT\System32\igfxtray.exe
file: C:\WINNT\System32\igfxtray.exe
size: 155648
MD5: 202012E84E401C92E2E0C158A0DFF510
Located: HK_LM:Run, Lexmark X83 Button Manager
command: C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
file: C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, Lexmark X83 Button Monitor
command: C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
file: C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
size: 40960
MD5: C5FE95838BE83310DC6F8C60174A4B3C
Located: HK_LM:Run, NBCUniversal Media Manager Tray
command: "C:\Program Files\Entriq\MediaSphere\Bin\EntriqMediaTray.exe" /CustomId:NBCUniversal
file: C:\Program Files\Entriq\MediaSphere\Bin\EntriqMediaTray.exe
size: 372736
MD5: 2F9E1DF6AFAA1BABA047B4D348A662C4
Located: HK_LM:Run, POINTER
command: point32.exe
file: point32.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: 7FBE43046EFDF24FC9375024E4D02AC9
Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
file: C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
size: 144784
MD5: 836DC47E6CAD975304D1D3EB2F516A1C
Located: HK_LM:Run, Symantec NetDriver Monitor
command: C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
file: C:\PROGRA~1\SYMNET~1\SNDMon.exe
size: 100056
MD5: F9418981EE4D7E995D359833ADAB59D5
Located: HK_LM:Run, Synchronization Manager
command: mobsync.exe /logon
file: C:\WINNT\system32\mobsync.exe
size: 111376
MD5: 9B2F5B9E745DEAAA57FB78329ED03061
Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 185632
MD5: 28525D80EA1D33CF60B8AC318A5F1C82
Located: HK_LM:Run, windows auto update
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:RunOnce, ^SetupICWDesktop
where: .DEFAULT...
command: C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop
file: C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe
size: 186640
MD5: 76D94AF73FB4C5361239782170592C4E
Located: HK_CU:Run, ctfmon.exe
where: PE_C_VIRGINIA BUSH...
command: ctfmon.exe
file: C:\WINNT\system32\ctfmon.exe
size: 8192
MD5: D36A33C21EEED5A6C1DAECB7C80A1909
Located: HK_CU:Run, ssgrate.exe
where: PE_C_VIRGINIA BUSH...
command: C:\WINNT\System32\winsystems.exe
file: C:\WINNT\System32\winsystems.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-419778038-180567841-1042708996-1002...
command: ctfmon.exe
file: C:\WINNT\system32\ctfmon.exe
size: 8192
MD5: D36A33C21EEED5A6C1DAECB7C80A1909
Located: HK_CU:Run, Aim6
where: S-1-5-21-419778038-180567841-1042708996-500...
command: "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
file: C:\Program Files\AIM6\aim6.exe
size: 50472
MD5: 88BC43EA04F747A477898DF4BF9F7BCF
hvkreiter
2009-02-16, 20:27
I couldn't post the rest as it was too long. Here's the second part:
Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-419778038-180567841-1042708996-500...
command: ctfmon.exe
file: C:\WINNT\system32\ctfmon.exe
size: 8192
MD5: D36A33C21EEED5A6C1DAECB7C80A1909
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-419778038-180567841-1042708996-500...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2144088
MD5: 896A1DB9A972AD2339C2E8569EC926D1
Located: HK_CU:Run, updateMgr
where: S-1-5-21-419778038-180567841-1042708996-500...
command: "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
size: 313472
MD5: 43F3F6D33C793089A7C32B45DA16094B
Located: HK_CU:Run, Yahoo! Pager
where: S-1-5-21-419778038-180567841-1042708996-500...
command: "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
file: C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
size: 4662776
MD5: 3A756D4066CC3BB8426EB08ABB6B5B10
Located: Startup (common), Adobe Gamma Loader.exe.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
file: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
size: 113664
MD5: C2FF17734176CD15221C10044EF0BA1A
Located: Startup (common), Adobe Reader Speed Launch.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: 43362B96870CE8649F4F2EC893DA93F0
Located: Startup (common), HP Image Zone Fast Start.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
size: 73728
MD5: 806EE198284D569253EB6A1D1180B37D
Located: Startup (common), Microsoft Office.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Microsoft Office\Office10\OSA.EXE
file: C:\Program Files\Microsoft Office\Office10\OSA.EXE
size: 83360
MD5: 5BC65464354A9FD3BEAA28E18839734A
Located: Startup (common), QuickBooks Update Agent.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
file: C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
size: 960032
MD5: 87BB14A3C218F021085F0C386EE3B213
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, ddcDssPF
command: ddcDssPF.dll
file: ddcDssPF.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, igfxcui
command: igfxsrvc.dll
file: igfxsrvc.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wzcnotif
command: wzcdlg.dll
file: wzcdlg.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{3c9693be-d2dd-4e7e-8391-31e45f37de94} ({49ed73f5-4e13-1938-e7e4-dd2deb3969c3})
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: {49ed73f5-4e13-1938-e7e4-dd2deb3969c3}
CLSID name:
Path: C:\WINNT\system32\
Long name: jnxwcb.dll
Short name:
Date (created): 2/15/2009 11:50:26 AM
Date (last access): 2/16/2009
Date (last write): 2/15/2009 11:50:26 AM
Filesize: 129024
Attributes: archive
MD5: EBD2B5DDF7D205CF07BCE64EBBA927C2
CRC32: F279227C
{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
Path: C:\WINNT\system32\
Long name: ddcDssPF.dll
Short name: DDCDSSPF.DLL
Date (created): 2/15/2009 11:44:18 AM
Date (last access): 2/16/2009
Date (last write): 2/15/2009 11:44:20 AM
Filesize: 36352
Attributes: archive
MD5: 8FAFA4C06DC354D97FB42B60B4EF9C62
CRC32: A5F01E18
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: ssv.dll
Short name:
Date (created): 3/6/2008 1:25:20 PM
Date (last access): 2/16/2009
Date (last write): 2/22/2008 4:25:20 AM
Filesize: 509328
Attributes: archive
MD5: 5B42CB6A121256465B251840FDB1B2FE
CRC32: 6EF0BCE9
Version: 6.0.50.13
{D662FD9E-1C0A-4743-908E-558F5333EBBE} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
Path: C:\WINNT\system32\
Long name: efcAspQK.dll
Short name: EFCASPQK.DLL
Date (created): 2/15/2009 11:49:38 AM
Date (last access): 2/16/2009
Date (last write): 2/15/2009 11:49:40 AM
Filesize: 302592
Attributes: archive
MD5: F87D0D7240A54C787C1E1FB32055795E
CRC32: C8629457
--- ActiveX list ---
DirectAnimation Java Classes (DirectAnimation Java Classes)
DPF name: DirectAnimation Java Classes
CLSID name:
Installer:
Codebase: file://C:\WINNT\Java\classes\dajava.cab
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\dajava.cab
info link:
info source: Patrick M. Kolla
Microsoft XML Parser for Java (Microsoft XML Parser for Java)
DPF name: Microsoft XML Parser for Java
CLSID name:
Installer:
Codebase: file://C:\WINNT\Java\classes\xmldso.cab
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\xmldso.cab
info link:
info source: Patrick M. Kolla
{02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control)
DPF name:
CLSID name: Microsoft Office Template and Media Control
Installer: C:\WINNT\Downloaded Program Files\ieawsdc.inf
Codebase: http://office.microsoft.com/templates/ieawsdc.cab
Path: C:\WINNT\Downloaded Program Files\
Long name: IEAWSDC.DLL
Short name:
Date (created): 10/6/2005 6:19:02 PM
Date (last access): 2/15/2009
Date (last write): 10/6/2005 6:19:02 PM
Filesize: 168448
Attributes: archive
MD5: D684C7699541E718A479267FE7EA16BA
CRC32: 2BBDF271
Version: 11.0.6009.0
{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINNT\Downloaded Program Files\erma.inf
Codebase: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Unknown
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINNT\System32\macromed\Director\
Long name: SwDir.dll
Short name: SWDIR.DLL
Date (created): 1/21/2007 12:46:10 PM
Date (last access): 2/15/2009
Date (last write): 9/3/2006 11:10:30 PM
Filesize: 54960
Attributes: archive
MD5: EB271B21EA6104B7C6946EF32D558C91
CRC32: CEC4E0C2
Version: 10.1.4.20
{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINNT\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://go.microsoft.com/fwlink/?linkid=39204
Path: C:\WINNT\System32\
Long name: LegitCheckControl.DLL
Short name: LEGITC~1.DLL
Date (created): 12/12/2006 10:45:04 AM
Date (last access): 2/16/2009
Date (last write): 12/12/2006 10:45:04 AM
Filesize: 1474864
Attributes: archive
MD5: C7F2604BB81A5E8F8FB12AB8CCBE25CE
CRC32: 42057390
Version: 1.5.723.1
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class)
DPF name:
CLSID name: YInstStarter Class
Installer: C:\Program Files\Yahoo!\Common\yinst.inf
Codebase: C:\Program Files\Yahoo!\Common\yinsthelper.dll
Path: C:\Program Files\Yahoo!\Common\
Long name: yinsthelper.dll
Short name: YINSTH~1.DLL
Date (created): 1/19/2007 8:53:36 AM
Date (last access): 2/15/2009
Date (last write): 7/30/2006 1:25:34 PM
Filesize: 188968
Attributes: archive
MD5: 18B54B53CEE0E7204495BAB864EBBF03
CRC32: 6D72BB93
Version: 2006.4.14.2
{31564D57-0000-0010-8000-00AA00389B71} ()
DPF name:
CLSID name:
Installer: C:\WINNT\Downloaded Program Files\wmvax.inf
Codebase: http://codecs.microsoft.com/codecs/i386/wmvax.cab
{32564D57-0000-0010-8000-00AA00389B71} ()
DPF name:
CLSID name:
Installer: C:\WINNT\Downloaded Program Files\wmv8ax.inf
Codebase: http://codecs.microsoft.com/codecs/i386/wmv8ax.cab
{3299935F-2C5A-499A-9908-95CFFF6EF8C1} (Quicksilver Class)
DPF name:
CLSID name: Quicksilver Class
Installer: C:\WINNT\Downloaded Program Files\Quicksilver.inf
Codebase: http://scpwnb.ops.placeware.com/etc/place/NOVEMBER/SCNpws-b1/5.1.8.511/lib/quicksilver.cab
{33564D57-0000-0010-8000-00AA00389B71} ()
DPF name:
CLSID name:
Installer: C:\WINNT\Downloaded Program Files\WMV9VCM.inf
Codebase: http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
{406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia)
DPF name:
CLSID name: Snapfish Activia
Installer: C:\WINNT\Downloaded Program Files\SnapfishActivia1000.inf
Codebase: http://photo1.walgreens.com/WalgreensActivia.cab
Path: C:\WINNT\Downloaded Program Files\
Long name: SnapfishActivia1000.ocx
Short name: SNAPFI~1.OCX
Date (created): 6/3/2005 12:24:32 PM
Date (last access): 2/15/2009
Date (last write): 6/3/2005 12:24:32 PM
Filesize: 286720
Attributes: archive
MD5: F5C79C45F1ADF877DC3AFDFF3565AE7B
CRC32: F118547A
Version: 1.0.0.10
{4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class)
DPF name:
CLSID name: EPUImageControl Class
Installer: C:\WINNT\Downloaded Program Files\EPUWALcontrol.inf
Codebase: http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
Path: C:\WINNT\Downloaded Program Files\
Long name: EPUWALcontrol.dll
Short name: EPUWAL~1.DLL
Date (created): 6/15/2006 6:33:54 PM
Date (last access): 2/15/2009
Date (last write): 6/15/2006 6:33:54 PM
Filesize: 1132192
Attributes: archive
MD5: 6C378170CBEC45E5DBBE6B5A17BB3C90
CRC32: 679C2B95
Version: 1.0.3.48
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_05
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: npjpi160_05.dll
Short name: NPJPI1~1.DLL
Date (created): 2/22/2008 2:33:32 AM
Date (last access): 2/15/2009
Date (last write): 2/22/2008 4:25:20 AM
Filesize: 132496
Attributes: archive
MD5: 4FDFB86D78994BD71CBB779A7809E9CD
CRC32: 5A0EB880
Version: 6.0.50.13
{9522B3FB-7A2B-4646-8AF6-36E7F593073C} ()
DPF name:
CLSID name:
Installer: C:\WINNT\Downloaded Program Files\cpbrkpie.inf
Codebase: http://a19.g.akamai.net/7/19/7125/4056/ftp.coupons.com/r3302/Coupons.cab
{A0EAC162-A012-4AD8-B2E1-D5A0BBBCDA51} (PopupSh Control)
DPF name:
CLSID name: PopupSh Control
Installer:
Codebase: http://206.222.17.187/images/PopupSh.ocx
Path: C:\WINNT\DOWNLO~1\
Long name: PopupSh.ocx
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_05
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: npjpi160_05.dll
Short name: NPJPI1~1.DLL
Date (created): 2/22/2008 2:33:32 AM
Date (last access): 2/16/2009
Date (last write): 2/22/2008 4:25:20 AM
Filesize: 132496
Attributes: archive
MD5: 4FDFB86D78994BD71CBB779A7809E9CD
CRC32: 5A0EB880
Version: 6.0.50.13
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_05
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: npjpi160_05.dll
Short name: NPJPI1~1.DLL
Date (created): 2/22/2008 2:33:32 AM
Date (last access): 2/16/2009
Date (last write): 2/22/2008 4:25:20 AM
Filesize: 132496
Attributes: archive
MD5: 4FDFB86D78994BD71CBB779A7809E9CD
CRC32: 5A0EB880
Version: 6.0.50.13
{CBD8B1CB-2F5F-415F-93E8-A297B33DCBB2} (CentrinoCheck Control)
DPF name:
CLSID name: CentrinoCheck Control
Installer: C:\WINNT\Downloaded Program Files\centrinodetect.inf
Codebase: http://entriq.vo.llnwd.net/o1/NBCUniversal/cabs/cpucheck_1_0_0_4.cab
Path: C:\WINNT\System32\
Long name: cpucheck.ocx
Short name:
Date (created): 9/28/2006 6:10:48 PM
Date (last access): 2/15/2009
Date (last write): 9/28/2006 6:10:48 PM
Filesize: 294912
Attributes: archive
MD5: 64807349B288C0CF1E10D54F60FDAB95
CRC32: DB72B219
Version: 1.0.0.4
{CE7D2BF2-D173-4CE2-9DAF-15EA153B5B43} (MediaControl Class)
DPF name:
CLSID name: MediaControl Class
Installer: C:\WINNT\Downloaded Program Files\MediaSphere.inf
Codebase: http://entriq.vo.llnwd.net/o1/NBCUniversal/cabs/Entriq_3_4_0_15_Silent.cab
Path: C:\Program Files\Entriq\MediaSphere\Bin\
Long name: EntriqMediaControl.dll
Short name: ENTRIQ~2.DLL
Date (created): 10/23/2006 8:37:26 PM
Date (last access): 2/15/2009
Date (last write): 9/6/2006 4:35:50 PM
Filesize: 278528
Attributes: archive
MD5: E86BF1BEB2AC4D9830BF1EB4481AA3C1
CRC32: 44D50FD4
Version: 3.4.0.15
{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINNT\Downloaded Program Files\swflash.inf
Codebase: http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINNT\System32\Macromed\Flash\
Long name: Flash9b.ocx
Short name: FLASH9B.OCX
Date (created): 11/9/2006 5:46:26 PM
Date (last access): 2/16/2009
Date (last write): 11/9/2006 5:46:26 PM
Filesize: 2262648
Attributes: readonly archive
MD5: F3B3EE66CA76C94510555ABE9D00A353
CRC32: A51F3CB4
Version: 9.0.28.0
{DE0FB644-C59B-46D1-B650-88BA945BC98F} (NBCUniversal Class)
DPF name:
CLSID name: NBCUniversal Class
Installer: C:\WINNT\Downloaded Program Files\MediaSphere.inf
Codebase: http://entriq.vo.llnwd.net/o1/NBCUniversal/cabs/NBCUniversal_1_0_0_3.cab
Path: C:\Program Files\NBC Universal\MediaSphere\Ver\
Long name: ProductVersion.dll
Short name: PRODUC~1.DLL
Date (created): 11/6/2006 5:57:26 PM
Date (last access): 2/15/2009
Date (last write): 10/2/2006 11:01:24 AM
Filesize: 176128
Attributes: archive
MD5: B5B442E1ED3BB31D804D7B84C469B88F
CRC32: CD768B87
Version: 1.0.0.3
{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class)
DPF name:
CLSID name: GpcContainer Class
Installer: C:\WINNT\Downloaded Program Files\ieatgpc.inf
Codebase: https://artafact.webex.com/client/v_artafact/training/ieatgpc.cab
Path: C:\WINNT\Downloaded Program Files\
Long name: ieatgpc.dll
Short name:
Date (created): 10/28/2002 9:56:26 PM
Date (last access): 2/15/2009
Date (last write): 10/28/2002 9:56:26 PM
Filesize: 62464
Attributes: archive
MD5: 7A533B65431DCA6A68C2BE36BEFEF5B5
CRC32: 4EEA48FF
Version: 1.0.0.10
{E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper)
DPF name:
CLSID name: Yahoo! Webcam Viewer Wrapper
Installer: C:\WINNT\Downloaded Program Files\VwrCtl.inf
Codebase: http://chat.yahoo.com/cab/yvwrctl.cab
Path: C:\WINNT\Downloaded Program Files\
Long name: yvwrctl.dll
Short name:
Date (created): 11/14/2002 2:54:28 PM
Date (last access): 2/15/2009
Date (last write): 11/14/2002 2:54:28 PM
Filesize: 192512
Attributes: archive
MD5: 0DCAEA6D72532E019F64ABD2D1ABC09D
CRC32: 3328315E
Version: 2.0.0.18
--- Process list ---
PID: 0 ( 0) [System]
PID: 164 ( 8) \SystemRoot\System32\smss.exe
size: 45840
PID: 192 ( 164) \??\C:\WINNT\system32\csrss.exe
size: 5392
PID: 188 ( 164) \??\C:\WINNT\system32\winlogon.exe
size: 181008
PID: 240 ( 188) C:\WINNT\system32\services.exe
size: 89360
MD5: CFED2D28F5B8A24127E9E06043070643
PID: 252 ( 188) C:\WINNT\system32\lsass.exe
size: 33552
MD5: 271229760CCED993E9E7CAB1C7274134
PID: 420 ( 240) C:\WINNT\system32\svchost.exe
size: 7952
MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
PID: 452 ( 240) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
size: 235168
MD5: 1AADAB9C918622DC836611888CF978A6
PID: 480 ( 240) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
size: 255648
MD5: 71602958E4604106AFFAC4D04616583F
PID: 608 ( 240) C:\WINNT\system32\spoolsv.exe
size: 45328
MD5: 987DAF317B917CFC973DE8364D62A76C
PID: 636 ( 240) C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
size: 611664
MD5: 17067069B9A7865028C1F2E6971D0CCC
PID: 652 ( 240) C:\Program Files\Intel\ASF Agent\ASFAgent.exe
size: 212992
MD5: 2B363D346B081BE18DC63E4A8139C258
PID: 688 ( 240) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
size: 100032
MD5: 1B58EE9929BAB30D06092E584F7D899F
PID: 732 ( 240) C:\WINNT\System32\svchost.exe
size: 7952
MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
PID: 756 ( 240) C:\Program Files\Dell\OpenManage\Client\Iap.exe
size: 163840
MD5: 10B554A36160C79374A660BB4BCC9D6B
PID: 824 ( 240) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
size: 270336
MD5: E5C0AAB23B6875AB54C0FA77A5ADAAFD
PID: 876 ( 240) C:\Program Files\Norton AntiVirus\navapsvc.exe
size: 158848
MD5: 106188EE7FCE8C769DEFEC27C1EDB67C
PID: 952 ( 240) C:\WINNT\System32\NMSSvc.exe
size: 1118208
MD5: E22D9BC391A1E7C4C55F0F49808466ED
PID: 1008 ( 972) C:\WINNT\Explorer.EXE
size: 243472
MD5: 59CF2B7DCED9111F48F51B4B570E672D
PID: 1032 ( 240) C:\WINNT\system32\regsvc.exe
size: 68368
MD5: 250C4CE389783FA2398E3AFA4317008C
PID: 1052 ( 240) C:\Program Files\Norton AntiVirus\SAVScan.exe
size: 194272
MD5: DE337E8649E1970C5663999457A9352F
PID: 1096 ( 240) C:\WINNT\system32\MSTask.exe
size: 119568
MD5: 00D8C428B2D6DFFCABEB859BC69F632B
PID: 1160 ( 240) C:\WINNT\system32\stisvc.exe
size: 61712
MD5: B75235626B950FF821146555C612F814
PID: 1216 ( 240) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
size: 585728
MD5: D0EDAE81C1E1CCD7E711286EEFE9DE57
PID: 1324 ( 240) C:\Program Files\Viewpoint\Common\ViewpointService.exe
size: 24652
MD5: 5F974FDE801C73952770736BECDE11E7
PID: 1376 (1008) C:\WINNT\System32\hkcmd.exe
size: 106496
MD5: 17A09295AA7AA0CE20A3117A738F511D
PID: 1088 (1008) C:\Program Files\Microsoft Hardware\Mouse\point32.exe
size: 73728
MD5: CF662CC44E401D07F1284891CC76F807
PID: 1344 ( 240) C:\WINNT\System32\WBEM\WinMgmt.exe
size: 196706
MD5: 05B2001E1BC653FD6091E741B46F71B4
PID: 1404 (1008) C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe
size: 122965
MD5: D0525261C4608D79DF34AFF42351032B
PID: 1420 (1008) C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
size: 679936
MD5: BC21ED6454FB9C7F1ADF0A663AC96392
PID: 1424 (1008) C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
size: 40960
MD5: C5FE95838BE83310DC6F8C60174A4B3C
PID: 1448 (1008) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 71328
MD5: 3D96C281A211864373FB2841694CEFB4
PID: 1348 (1008) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: AC116F16A7716A720A45D7EA47CFD983
PID: 1396 (1008) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 185632
MD5: 28525D80EA1D33CF60B8AC318A5F1C82
PID: 1484 (1008) C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
size: 144784
MD5: 836DC47E6CAD975304D1D3EB2F516A1C
PID: 1576 (1008) C:\WINNT\system32\ctfmon.exe
size: 8192
MD5: D36A33C21EEED5A6C1DAECB7C80A1909
PID: 1644 (1008) C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
size: 4662776
MD5: 3A756D4066CC3BB8426EB08ABB6B5B10
PID: 1680 (1008) C:\Program Files\AIM6\aim6.exe
size: 50472
MD5: 88BC43EA04F747A477898DF4BF9F7BCF
PID: 1728 (1008) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2144088
MD5: 896A1DB9A972AD2339C2E8569EC926D1
PID: 1204 (1008) C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
size: 960032
MD5: 87BB14A3C218F021085F0C386EE3B213
PID: 1996 (1800) C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
size: 479232
MD5: 1499435CDBDF07ACC38BDB49470BCA88
PID: 1852 (1680) C:\Program Files\AIM6\aolsoftware.exe
size: 41824
MD5: C32C2FE355CC3A94183DB50179664A04
PID: 1632 (1008) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 8 ( 0) System
hvkreiter
2009-02-16, 20:28
Again, I need to post the third part:
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 2/16/2009 12:20:04 PM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINNT\System32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://my.msn.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://smbusiness.dellnet.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
--- Uninstall list ---
WebEx (ActiveTouchMeetingClient)
uninstall cmd: C:\WINNT\DOWNLO~1\atcliun.exe
(AddressBook)
Adobe Flash Player 10 Plugin 10.0.12.36 (Adobe Flash Player Plugin)
uninstall cmd: C:\WINNT\system32\Macromed\Flash\uninstall_plugin.exe
publisher: Adobe Systems Incorporated
Adobe Photoshop 6.0 6.0 (Adobe Photoshop 6.0)
version (major): 6
install location: C:\Program Files\Adobe\Photoshop 6.0
install source: D:\
uninstall cmd: C:\WINNT\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll"
publisher: Adobe Systems, Inc.
Adobe Shockwave Player 10.1.4.20 (Adobe Shockwave Player)
uninstall cmd: C:\WINNT\SYSTEM32\MACROMED\SHOCKW~2\UNWISE.EXE C:\WINNT\SYSTEM32\MACROMED\SHOCKW~2\Install.log
publisher: Adobe Systems, Inc.
help link: http://www.adobe.com/support/shockwave
Adobe SVG Viewer 1.0 (Adobe SVG Viewer)
version (major): 1
install location: C:\WINNT\System32\Adobe\SVG Viewer
install source: D:\SVG\
uninstall cmd: C:\WINNT\IsUninst.exe -f"C:\WINNT\System32\Adobe\SVG Viewer\Uninst.isu"
publisher: Adobe Systems, Inc.
AIM 6 (AIM_6)
uninstall cmd: C:\Program Files\AIM6\uninst.exe
(AOL Diagnostics_N)
(AOLOCP_Y)
Barbie(TM) as The Princess and the Pauper Demo (Barbie(TM) as The Princess and the Pauper Demo)
uninstall cmd: C:\Program Files\Common Files\VU Games\Uninstall\P_PDUn.exe
Barbie(TM) Fashion Show(TM) CD-ROM (Barbie(TM) Fashion Show(TM) CD-ROM)
uninstall cmd: C:\Program Files\Common Files\Vivendi Universal Games\Uninstall\FashionUn.exe
(Branding)
Canon Camera Window DC_DV 5 for ZoomBrowser EX 5.4.5.17 (CameraWindowDVC5)
install location: C:\Program Files\Canon\CameraWindow\CameraWindowDVC
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Camera Window DC_DV 6 for ZoomBrowser EX 6.3.0.11 (CameraWindowDVC6)
install location: C:\Program Files\Canon\CameraWindow\CameraWindowDVC6
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Camera Window MC 6 for ZoomBrowser EX 6.2.0.11 (CameraWindowMC)
install location: C:\Program Files\Canon\CameraWindow\CameraWindowMC
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
Canon G.726 WMP-Decoder 1.0.1.3 (Canon G.726 WMP-Decoder)
install location: C:\Program Files\Canon\G726Decoder
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
Conexant HSF V92 56K Data Fax PCI Modem (CNXT_MODEM_PCI_VEN_14F1&DEV_2013&SUBSYS_021213E0)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2013&SUBSYS_021213E0\HxFSETUP.EXE -U -IVEN_14F1&DEV_2013&SUBSYS_021213E0
(Connection Manager)
Corel Applications (Corel Applications)
uninstall cmd: C:\WINNT\Corel\Uninst32.exe
Coupon Printer for Windows 4.0 (Coupon Printer for Windows4.0)
uninstall cmd: "C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml"
publisher: Coupons, Inc.
contact: Coupons, Inc. Support Department
help link: http://www.coupons.com
Canon Camera Support Core Library 7.3.1.6 (CSCLIB)
install location: C:\Program Files\Canon\CSCLIB
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
(DirectAnimation)
(DirectDrawEx)
Disney Fairies Screensaver (Disney Fairies Screensaver)
uninstall cmd: C:\WINNT\System32\Disney Fairies Screensaver.scr /u
(DXM_Runtime)
Entriq MediaSphere 3.4.0.15 (Entriq MediaSphere_is1)
install location: C:\Program Files\Entriq\MediaSphere\
uninstall cmd: "C:\Program Files\Entriq\MediaSphere\unins000.exe"
publisher: Entriq, Inc.
help link: http://www.entriq.com
Canon Utilities EOS Utility 1.0.4.18 (EOS Utility)
install location: C:\Program Files\Canon\EOS Utility
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
EPSON Printer Software (EPSON Printer and Utilities)
uninstall cmd: C:\WINNT\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
publisher: SEIKO EPSON Corporation
(expinst)
Fall Of The Leaves v1.1 (Fall Of The Leaves_is1)
uninstall cmd: "C:\Program Files\Fall Of The Leaves\unins000.exe"
FileZilla Client 3.0.4.1 3.0.4.1 (FileZilla Client)
install location: C:\Program Files\FileZilla Client
uninstall cmd: C:\Program Files\FileZilla Client\uninstall.exe
help link: http://filezilla-project.org
(Fontcore)
Friskies Screensaver (Friskies Screensaver)
uninstall cmd: C:\WINNT\System32\Friskies Screensaver.scr /u
Homestead SiteBuilder (Homestead SiteBuilder)
uninstall cmd: C:\Program Files\Homestead\Homestead SiteBuilder\Editor\hkuninst.exe
HP Document Viewer 5.3 5.3 (HP Document Viewer)
uninstall cmd: C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
publisher: HP
help link: http://www.hp.com/support
HP Imaging Device Functions 5.3 5.3 (HP Imaging Device Functions)
uninstall cmd: C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
publisher: HP
help link: http://www.hp.com/support
HP Image Zone 5.3 5.3 (HP Photo & Imaging)
uninstall cmd: C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
publisher: HP
help link: http://www.hp.com/support
HP Solution Center & Imaging Support Tools 5.3 5.3 (HP Solution Center & Imaging Support Tools)
uninstall cmd: C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
publisher: HP
help link: http://www.hp.com/support
(ICW)
(IE40)
(IE4Data)
(IE5BAKEX)
(IEData)
(IEREADME)
(InstallShield Uninstall Information)
Canon Camera TWAIN Driver 6.6 6.6.3 (InstallShield_{EEBC43D5-C84E-401D-84BC-D7DF882ED00D})
version: 101056515
version (major): 6
version (minor): 6
estimated size: 32
install date: 20070814
install source: D:\software\twain66\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{EEBC43D5-C84E-401D-84BC-D7DF882ED00D} /l1033
publisher: Canon
comments:
contact:
help link:
help telephone:
readme:
(KB884016)
3.1 (KB893803)
help link: http://go.microsoft.com/fwlink/?LinkId=42467
Windows Installer 3.1 (KB893803) (KB893803v2)
uninstall cmd: "C:\WINNT\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467
(Lexmark X83)
uninstall cmd: C:\Program Files\LexmarkX83\removex83.exe
LiveReg (Symantec Corporation) 2.4.2.2295 (LiveReg)
install location: C:\Program Files\Common Files\Symantec Shared\LiveReg
uninstall cmd: C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
publisher: Symantec Corporation
LiveUpdate 3.0 (Symantec Corporation) 3.0.0.160 (LiveUpdate)
install location: "C:\Program Files\Symantec\LiveUpdate"
uninstall cmd: "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
publisher: Symantec Corporation
Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINNT\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm
(Microsoft NetShow Player 2.0)
Microsoft Office Live Meeting (Microsoft Office Live Meeting)
install location: C:\Program Files\Microsoft Office\Live Meeting
uninstall cmd: C:\Program Files\Microsoft Office\Live Meeting\Quicksilver\quicksilver.exe -UALL
publisher: Microsoft
help link: http://placeware.custhelp.com
Microsoft Interactive Training (Microsoft Press Interactive Training)
uninstall cmd: C:\Program Files\MSPress\Training\lunins32_s.exe
(MobileOptionPack)
Canon MovieEdit Task for ZoomBrowser EX 2.3.0.19 (MovieEditTask)
install location: C:\Program Files\Canon\ZoomBrowser EX\Program
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Mozilla Firefox (3.0.6) 3.0.6 (en-US) (Mozilla Firefox (3.0.6))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe
publisher: Mozilla
comments: Mozilla Firefox
(MPlayer2)
(MSI30-Beta1)
(MSI30-Beta2)
(MSI30-KB884016)
(MSI30-RC1)
(MSI30-RC2)
(MSI30a-KB884016)
(MSI31-Beta)
(MSI31-RC1)
(MsJavaVM)
NBC Universal 1.0.0.3 (NBC Universal_is1)
install location: C:\Program Files\NBC Universal\MediaSphere\
uninstall cmd: "C:\Program Files\NBC Universal\MediaSphere\unins000.exe"
publisher: Entriq, Inc.
help link: http://www.entriq.com
(NetMeeting)
(OutlookExpress)
Canon Utilities PhotoStitch 3.1.18.42 (PhotoStitch)
install location: C:\Program Files\Canon\PhotoStitch
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Picasa 3 3.0 (Picasa 3)
install location: "C:\Program Files\Google\Picasa3"
uninstall cmd: "C:\Program Files\Google\Picasa3\Uninstall.exe"
publisher: Google, Inc.
help link: http://photos.google.com/
Intel(R) PRO Ethernet Adapter and Software (PROSet)
uninstall cmd: Prounstl.exe
Canon RAW Image Task for ZoomBrowser EX 2.4.0.7 (RAW Image Task)
install location: C:\Program Files\Canon\RAW Image Task
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RealPlayer (RealPlayer 6.0)
install location: C:\Program Files\Real\RealPlayer\realplay.exe
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
publisher: RealNetworks
comments: Play, Save, and Organize your music and videos, Burn a CD, or simply take your music with you.
contact: RealNetworks
Canon RemoteCapture Task for ZoomBrowser EX 1.6.0.9 (RemoteCaptureTask)
install location: C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
(SchedulingAgent)
(Sevinst)
Shockwave (Shockwave)
uninstall cmd: C:\WINNT\SYSTEM32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINNT\SYSTEM32\MACROMED\SHOCKW~1\INSTALL.LOG
Adobe Flash Player 9 ActiveX 9 (ShockwaveFlash)
uninstall cmd: C:\WINNT\System32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
publisher: Adobe Systems Incorporated
help link: http://www.adobe.com/go/flashplayer_support/
EPSON SPR1800 Reference Guide (Silent Package Run-Time Sample)
uninstall cmd: C:\Program Files\epson\guide\spr1800_e\uninstall.exe
Norton AntiVirus 2004 (Symantec Corporation) 10.00.00 (SymSetup.{C6F5B6CF-609C-428E-876F-CA83176C021B})
install location: C:\Program Files\Norton AntiVirus
install source: C:\Documents and Settings\Virginia Bush\Local Settings\Temp
uninstall cmd: C:\Program Files\Common Files\Symantec Shared\SymSetup\{C6F5B6CF-609C-428E-876F-CA83176C021B}.exe /X
publisher: Symantec Corporation
Trellix Web (Trellix2DeinstKey9)
uninstall cmd: C:\WINNT\IsUninst.exe -f"C:\Program Files\Trellix2\Uninst.isu"
Viewpoint Media Player (ViewpointMediaPlayer)
uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Windows 2000 Service Pack 4 (Windows 2000 Service Pack)
uninstall cmd: C:\WINNT\$NtServicePackUninstall$\spuninst\spuninst.exe
Wink (Wink)
uninstall cmd: "C:\Program Files\Wink\uninstall.exe"
WinZip 9.0 SR-1 (6224) (WinZip)
version (major): 9
install location: C:\PROGRA~1\WINZIP\
uninstall cmd: "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
publisher: WinZip Computing, Inc.
help link: http://www.winzip.com/xsupport.htm
Windows Media Player system update (9 Series) (WMP7)
uninstall cmd: C:\PROGRA~1\WINDOW~2\setup_wm.exe /Uninstall
Yahoo! Messenger (Yahoo! Messenger)
uninstall cmd: C:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG
Yahoo! Install Manager (YInstHelper)
uninstall cmd: C:\WINNT\System32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Canon Utilities ZoomBrowser EX 5.7.0.74 (ZoomBrowser EX)
install location: C:\Program Files\Canon\ZoomBrowser EX\Program
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
Intel(R) PROSet II 2.00.0020 ({01A4AEDE-F219-49A2-B855-16A016EAF9A4})
version: 33554452
version (major): 2
install date: 20020911
uninstall cmd: MsiExec.exe /I{01A4AEDE-F219-49A2-B855-16A016EAF9A4}
publisher: Intel
comments: 32bit version of Intel(R) PROSet II
contact: Dell Customer Support
help link: http://support.dell.com
PhotoGallery 53.0.13.000 ({03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7})
version: 889192461
version (major): 53
estimated size: 72206
install date: 20060604
install source: D:\setup\PhotoGallery\
publisher: Hewlett-Packard
Macromedia Flash Player 7.0.19.0 ({0456ebd7-5f67-4ab6-852e-63781e3f389c})
version: 117440531
version (major): 7
estimated size: 962
install date: 20051024
install source: D:\
uninstall cmd: MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
publisher: Macromedia, Inc.
QuickTime 7.1.6.200 ({08094E03-AFE4-4853-9D31-6D0743DF5328})
version: 117506054
version (major): 7
version (minor): 1
estimated size: 78387
install date: 20080331
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\IXP176.TMP\
uninstall cmd: MsiExec.exe /I{08094E03-AFE4-4853-9D31-6D0743DF5328}
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273
Destinations 53.0.13.000 ({09984AEC-6B9F-4ca7-B78D-CB44D4771DA3})
version: 889192461
version (major): 53
estimated size: 18263
install date: 20060604
install source: D:\setup\Destinations\
publisher: Hewlett-Packard
Norton WMI Update 2005.1.0.111 ({1526D87C-A955-4FAB-BF18-697BA457E352})
version (major): 2005
version (minor): 1
estimated size: 2168
install date: 20040902
install source: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\EXITEM~1.1_E\
uninstall cmd: MsiExec.exe /X{1526D87C-A955-4FAB-BF18-697BA457E352}
publisher: Symantec Corporation
DocumentViewer 53.0.13.000 ({172975EB-9465-4861-95B5-C7BB6D3DE62A})
version: 889192461
version (major): 53
estimated size: 37842
install date: 20060604
install source: D:\setup\DocumentViewer\
publisher: Hewlett-Packard
Sonic_PrimoSDK 53.0.13.000 ({21DB3D90-D816-4092-A260-CA3F6B55A6DD})
version: 889192461
version (major): 53
estimated size: 1855
install date: 20060604
install source: D:\setup\Sonic_PrimoSDK\
publisher: Hewlett-Packard
CP_Panorama1Config 53.0.13.000 ({23A7B376-BBEC-4e76-BBD7-0F155E70D74B})
version: 889192461
version (major): 53
estimated size: 161
install date: 20060604
install source: D:\setup\CP_Panorama1Config\
publisher: Hewlett-Packard
Java(TM) 6 Update 5 1.6.0.50 ({3248F0A8-6813-11D6-A77B-00B0D0160050})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 117058
install date: 20080306
install source: http://javadl.sun.com/webapps/download/GetFile/1.6.0_05-b13/windows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0_05\README.txt
InstantShareDevices 53.0.13.000 ({32BDCCB8-9DC8-496d-9DB1-F77510775BDB})
version: 889192461
version (major): 53
estimated size: 6430
install date: 20060604
install source: D:\setup\InstantShareDevices\
publisher: Hewlett-Packard
CP_CalendarTemplates1 53.0.13.000 ({36E47DA1-10E1-45d9-8B19-14D19607CDCF})
version: 889192461
version (major): 53
estimated size: 3553
install date: 20060604
install source: D:\setup\CP_CalendarTemplates1\
publisher: Hewlett-Packard
HP Scanjet 4800 series 5.3 ({469436E4-A436-4a2f-8113-239EE6D1A60F})
uninstall cmd: C:\Program Files\HP\Digital Imaging\{469436E4-A436-4a2f-8113-239EE6D1A60F}\setup\hpzscr01.exe -datfile hpgscr06.dat
publisher: HP
help link: http://www.hp.com
Intel® PRO Network Adapters WMI Provider (2.0) ({4C701994-43D2-4B7B-A548-C6E6C224D9A9})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C701994-43D2-4B7B-A548-C6E6C224D9A9}\setup.exe"
My Little Pony ({4CB67F83-F2FF-4542-A5EA-03082FB5B12F})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4CB67F83-F2FF-4542-A5EA-03082FB5B12F}\setup.exe" -l0x9
FullDPAppQFolder 1.00.0000 ({53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C})
version: 16777216
version (major): 1
install date: 20060604
install source: D:\setup\QFolder\
publisher: Hewlett-Packard
GdiplusUpgrade 1.00.01 ({5421155F-B033-49DB-9B33-8F80F233D4D5})
version: 16777217
version (major): 1
estimated size: 3232
install date: 20060608
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GdiplusUpgrade\
uninstall cmd: MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5}
publisher: Hewlett-Packard
QuickBooks Product Listing Service 2.0.126 ({55584E16-4D70-44EE-93DD-F144E8B7D4B7})
version: 33554558
version (major): 2
estimated size: 21171
install date: 20080117
install source: D:\qbooks\QBPLS\
uninstall cmd: MsiExec.exe /I{55584E16-4D70-44EE-93DD-F144E8B7D4B7}
publisher: Intuit
comments: QuickBooks Product Listing Service -- see http://www.intuit.com
contact: Intuit
help link: http://www.intuit.com/support/
help telephone: 1-888-320-7276
RandMap 53.0.13.000 ({56EE8B17-8274-418d-89AC-C057C5DB251E})
version: 889192461
version (major): 53
estimated size: 1
install date: 20060604
install source: D:\setup\RandMap\
publisher: Hewlett-Packard
WebReg 53.0.13.000 ({56F8AFC3-FA98-4ff1-9673-8A026CBF85BE})
version: 889192461
version (major): 53
estimated size: 609
install date: 20060604
install source: D:\setup\WebReg\
publisher: Hewlett-Packard
CP_Package_Basic1 53.0.13.000 ({5A01C58E-B0EC-49b9-AD71-7C0468688087})
version: 889192461
version (major): 53
estimated size: 3009
install date: 20060604
install source: D:\setup\CP_Package_Basic1\
publisher: Hewlett-Packard
SupportSoft Assisted Service 15 ({5A3F6A80-7913-475E-8B96-477A952CFA43})
version: 251658240
version (major): 15
estimated size: 3626
install date: 20080117
install source: D:\qbooks\SupportSoft\
uninstall cmd: MsiExec.exe /I{5A3F6A80-7913-475E-8B96-477A952CFA43}
publisher: SupportSoft
({5B239A98-4222-4D8C-AF38-1A8EC07F956B})
User's Guides ({5CD29180-A95E-11D3-A4EB-00C04F7BDB2C})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"
({5D0930A0-1033-433A-8BB9-602665550DD0})
DeviceFunctionQFolder 1.00.0000 ({5F26311C-B135-4F7F-B11E-8E650F83651E})
version: 16777216
version (major): 1
install date: 20060604
install source: D:\setup\QFolder\
publisher: Hewlett-Packard
Easy CD Creator 5 Basic 5.2.0.56 ({609F7AC8-C510-11D4-A788-009027ABA5D0})
version: 83951616
version (major): 5
version (minor): 1
install date: 20020911
uninstall cmd: MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}
publisher: Roxio Inc
help link: http://www.roxio.com/en/support
help telephone:
SkinsHP1 53.0.13.000 ({66BA8C26-AFE4-4408-807B-43E76B57EF53})
version: 889192461
version (major): 53
estimated size: 129
install date: 20060604
install source: D:\setup\SkinsHP1\
publisher: Hewlett-Packard
eSupportQFolder 1.00.0000 ({66E6CE0C-5A1E-430C-B40A-0C90FF1804A8})
version: 16777216
version (major): 1
install date: 20060604
install source: D:\setup\QFolder\
publisher: Hewlett-Packard
Intel® Pro Alerting Agent, Version 3.0.0 3.0.0 ({6797B492-3814-4129-AD07-C727D23FB5BF})
version: 50331648
version (major): 3
install date: 20020911
uninstall cmd: MsiExec.exe /I{6797B492-3814-4129-AD07-C727D23FB5BF}
publisher: Intel® Corporation
contact: Dell Customer Support
help link: http://support.dell.com
PowerDVD ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
DocProc 5.2.0.0 ({6BB6627C-694F-4FDC-A3E5-C7F4BED4C724})
version: 84017152
version (major): 5
version (minor): 2
estimated size: 77774
install date: 20060604
install source: D:\setup\DocProc\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
WebFldrs 9.00.3907 ({6F716D8C-398F-11D3-85E1-005004838609})
version: 150998851
version (major): 9
estimated size: 2644
install date: 20010619
install source: C:\WINNT\System32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows
MSXML 4.0 SP2 Parser and SDK 4.20.9818.0 ({716E0306-8318-4364-8B8F-0CC4E9376BAC})
version: 68429402
version (major): 4
version (minor): 20
estimated size: 1294
install date: 20080117
install source: D:\qbooks\
uninstall cmd: MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
publisher: Microsoft Corporation
help link: http://www.msdn.microsoft.com/xml
17.0.4001.564 ({71EEA108-09C9-4D81-8FA2-D48C70681242})
version: 285216673
version (major): 17
estimated size: 948075
install date: 20080117
install location: C:\Program Files\Intuit\QuickBooks 2007\
install source: D:\qbooks\
uninstall cmd: MsiExec.exe /I{71EEA108-09C9-4D81-8FA2-D48C70681242}
publisher: Intuit Inc.
comments: To repair this program, click on Change/Remove button.
contact: Customer Support Department
help link: http://www.quickbooks.com/support/
help telephone: 1-888-320-7276
OMCI 7.00.0316 ({73F1BDB7-11E1-11D5-9DC6-00C04F2FC33B})
version: 117440828
version (major): 7
install date: 20020911
uninstall cmd: MsiExec.exe /X{73F1BDB7-11E1-11D5-9DC6-00C04F2FC33B}
publisher: Dell Computer Corporation
comments: Setup on Windows 2000 or later. Administrative privileges on the target system are required.
contact: Customer Support Department
help link: http://support.dell.com
help telephone:
readme: C:\Program Files\Dell\OpenManage\Client\Readme.htm
Barbie(TM) In The 12 Dancing Princesses 1.00.0000 ({79E0927E-6347-495F-83C1-92B0AB252B07})
version: 16777216
install date: 20070409
install location: C:\Program Files\Barbie(TM)
install source: D:\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{79E0927E-6347-495F-83C1-92B0AB252B07}\setup.exe -runfromtemp -l0x0009 -removeonly
publisher: Activision
DocumentViewerQFolder 1.00.0000 ({7C03270C-4FAB-4F5C-B10D-52FEDA190790})
version: 16777216
version (major): 1
install date: 20060604
install source: D:\setup\QFolder\
publisher: Hewlett-Packard
ArcSoft PhotoImpression 4 ({7D4ED56E-C3DF-46F6-924B-D6774A766943})
version (major): 4
install location: C:\Program Files\ArcSoft\PhotoImpression 4
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7D4ED56E-C3DF-46F6-924B-D6774A766943}\Setup.exe" -l0x9
publisher: ArcSoft
CP_AtenaShokunin1Config 53.0.13.000 ({7E27304E-BAA2-4d90-A34E-76641FAFABB4})
version: 889192461
version (major): 53
estimated size: 225
install date: 20060604
install source: D:\setup\cp_AtenaShokunin1Config\
publisher: Hewlett-Packard
QuickBooks Credit Card Processing Kit ({7E545666-F418-45FD-B3DF-C0B99A1A579F})
install location: C:\Program Files\Intuit\QuickBooks 2007\
uninstall cmd: msiexec.exe /I {71EEA108-09C9-4D81-8FA2-D48C70681242} UNIQUE_NAME="masneutron" QBFULLNAME="QuickBooks Credit Card Processing Kit" ADDREMOVE=1
comments: To repair this program, click on Change/Remove button.
contact: Customer Support Department
help link: http://www.quickbooks.com/support/
Modem Helper ({7F142D56-3326-11D5-B229-002078017FBF})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" ControlPanel
Chainz ({82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110075733})
install date: 09/19/2005
install location: C:\Program Files\MSN Games\Chainz
install source: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\MH2G1UM5
uninstall cmd: "C:\Program Files\MSN Games\Chainz\Uninstall.exe" "C:\Program Files\MSN Games\Chainz\install.log"
publisher: Oberon Media
Mah Jong Tiles Deluxe ({82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110223873})
install date: 09/18/2005
install location: C:\Program Files\MSN Games\Mah Jong Tiles Deluxe
install source: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\RRUSSAWI
uninstall cmd: "C:\Program Files\MSN Games\Mah Jong Tiles Deluxe\Uninstall.exe" "C:\Program Files\MSN Games\Mah Jong Tiles Deluxe\install.log"
publisher: Oberon Media
({8851E12C-0EF9-11D4-A788-009027ABA5D0})
ICC Profiles 1.10 ({8925AD1C-13DE-4709-9E88-6A0C320D0D43})
version: 17432576
install date: 20071025
install location: C:\Program Files\EPSON\ICC Profiles
install source: C:\epson\epson12365_r1800_icc_profiles_glossy\glossy.exe
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8925AD1C-13DE-4709-9E88-6A0C320D0D43}\setup.exe" -l0x9 anything -removeonly
publisher: EPSON
Microsoft Silverlight 2.0.31005.0 ({89F4137D-6C26-4A84-BDB8-2E5A4BB71E00})
version: 33585437
version (major): 2
estimated size: 4736
install date: 20081218
install location: c:\Program Files\Microsoft Silverlight\
install source: c:\456571d131f1ba65556d4eca2eac\
uninstall cmd: MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkID=91955
Intel(R) 845G Chipset Graphics Driver Software ({8A708DD8-A5E6-11D4-A706-000629E95E20})
uninstall cmd: RUNDLL32.EXE C:\WINNT\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
3.0.7.009 ({8ADC27DB-E2C8-446C-A576-166C05C2DD24})
version: 50331655
version (major): 3
install date: 20070603
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft321.tmp\
publisher: Hewlett-Packard
HP Update 4.000.005.007 ({8C6027FD-53DC-446D-BB75-CACD7028A134})
version: 67108869
version (major): 4
estimated size: 3809
install date: 20070603
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft321.tmp\
uninstall cmd: MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
publisher: Hewlett-Packard
contact: http://www.hp.com/support
Microsoft Office XP Media Content 10.0.2619.0 ({90300409-6000-11D3-8CFE-0050048383C9})
version: 167774779
version (major): 10
install date: 20020911
install location: INSTALLLOCATION
uninstall cmd: MsiExec.exe /I{90300409-6000-11D3-8CFE-0050048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: ARPREADMESETTING
Microsoft Office XP Professional 10.0.3520.0 ({91110409-6000-11D3-8CFE-0050048383C9})
version: 167775680
version (major): 10
estimated size: 11808
install date: 20020911
uninstall cmd: MsiExec.exe /I{91110409-6000-11D3-8CFE-0050048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\Office10\1033\OFREAD10.HTM
Microsoft Publisher 2002 10.0.3520.0 ({91190409-6000-11D3-8CFE-0050048383C9})
version: 167775680
version (major): 10
estimated size: 11776
install date: 20020911
uninstall cmd: MsiExec.exe /I{91190409-6000-11D3-8CFE-0050048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\Office10\1033\OFREAD10.HTM
ScannerCopy 5.2.0.0 ({A195B13E-A5E3-4BAF-A995-7F70F445CD06})
version: 84017152
version (major): 5
version (minor): 2
estimated size: 6545
install date: 20060604
install source: D:\setup\ScannerCopy\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
Microsoft Visual C++ 2005 Redistributable 8.0.50727.42 ({A49F249F-0C91-497F-86DF-B2585E8E76B7})
version: 134268455
version (major): 8
estimated size: 10613
install date: 20080117
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
publisher: Microsoft Corporation
CueTour 53.0.13.000 ({A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D})
version: 889192461
version (major): 53
estimated size: 2977
install date: 20060604
install source: D:\setup\CueTour\
publisher: Hewlett-Packard
DeviceManagementQFolder 1.00.0000 ({AB5D51AE-EBC3-438D-872C-705C7C2084B0})
version: 16777216
version (major): 1
install date: 20060604
install source: D:\setup\QFolder\
publisher: Hewlett-Packard
Microsoft IntelliPoint ({ABEA93FA-8D65-11D2-98AB-00C04F79C5D1})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ABEA93FA-8D65-11D2-98AB-00C04F79C5D1}\setup.exe" Uninstall
Adobe Reader 7.0.9 7.0.9 ({AC76BA86-7AD7-1033-7B44-A70900000002})
version: 117440521
version (major): 7
estimated size: 73215
install date: 20080301
install location: C:\Program Files\Adobe\Acrobat 7.0\Reader\
install source: C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig709\ENU__\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
publisher: Adobe Systems Incorporated
comments:
contact:
help link: http://www.adobe.com/support/main.html
help telephone:
readme: C:\Program Files\Adobe\Acrobat 7.0\Reader\Readme.htm
Spybot - Search & Destroy 1.6.2 ({B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1)
install date: 20090215
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited
help link: http://www.safer-networking.org/index.php?page=support
PanoStandAlone 53.0.13.000 ({B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5})
version: 889192461
version (major): 53
estimated size: 11482
install date: 20060604
install source: D:\setup\PanoStandAlone\
publisher: Hewlett-Packard
Apple Software Update 2.0.2.92 ({B74F042E-E1B9-4A5B-8D46-387BB172F0A4})
version: 33554434
version (major): 2
estimated size: 2752
install date: 20080401
install location: C:\Program Files\Apple Software Update\
install source: C:\Program Files\Apple Software Update\Packages\
uninstall cmd: MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273
BufferChm 53.0.13.000 ({B996AE66-10DB-4ac5-B151-E8B4BFBC42FC})
version: 889192461
version (major): 53
estimated size: 5793
install date: 20060604
install source: D:\setup\BufferChm\
publisher: Hewlett-Packard
Scan 5.2.0.0 ({C506A18C-1469-4678-B094-F4EC9DAE6DB7})
version: 84017152
version (major): 5
version (minor): 2
estimated size: 16885
install date: 20060604
install source: D:\setup\Scan\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
Norton AntiVirus 2004 10.00.00 ({C6F5B6CF-609C-428E-876F-CA83176C021B})
version: 167772160
version (major): 10
estimated size: 62683
install date: 20030910
install source: C:\Documents and Settings\Virginia Bush\Local Settings\Temp\NAV\
uninstall cmd: MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
publisher: Symantec Corporation
Symantec Network Drivers Update 5.5.1.6 ({CA0A1E54-CE0F-4366-B09C-A87B61DC5633})
version: 84213761
version (major): 5
version (minor): 5
estimated size: 3194
install date: 20050917
install source: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\EXITEM~1.4_E\
publisher: Symantec Corporation
Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 61848
install date: 20080117
install source: C:\WINNT\TEMP\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\WINNT\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm
Norton AntiVirus SYMLT MSI 10.0.0 ({D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8})
version: 167772160
version (major): 10
estimated size: 1811
install date: 20030910
install source: C:\Documents and Settings\Virginia Bush\Local Settings\Temp\NAV\
uninstall cmd: MsiExec.exe /I{D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8}
publisher: Symantec Corp.
Symantec Script Blocking Installer 1.0.0 ({D327AFC9-7BAA-473A-8319-6EB7A0D40138})
version: 16777216
version (major): 1
estimated size: 481
install date: 20030910
install source: C:\Documents and Settings\Virginia Bush\Local Settings\Temp\Support\ScrBlock\
uninstall cmd: MsiExec.exe /I{D327AFC9-7BAA-473A-8319-6EB7A0D40138}
publisher: Symantec
CC_ccStart 2.0.0.635 ({D6414CC7-F215-467F-88B1-546ED863F35B})
version: 33554432
version (major): 2
install date: 20030910
install source: C:\Documents and Settings\Virginia Bush\Local Settings\Temp\Support\ccStart\
uninstall cmd: MsiExec.exe /I{D6414CC7-F215-467F-88B1-546ED863F35B}
publisher: Symantec Corporation
hpg4850QFolder 1.00.0000 ({D76E8E9D-1198-4585-BEFB-D11A68BBC194})
version: 16777216
version (major): 1
install date: 20060604
install source: D:\setup\QFolder\
publisher: Hewlett-Packard
ccCommon 2.0.0.635 ({DC367608-64A7-4BF7-92F4-8BAA25BA02DB})
version: 33554432
version (major): 2
estimated size: 5560
install date: 20030910
install source: C:\Documents and Settings\Virginia Bush\Local Settings\Temp\Support\ccCommon\
uninstall cmd: MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
publisher: Symantec
Ad-Aware 7.1.0.7 ({DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF})
version: 117506048
version (major): 7
version (minor): 1
estimated size: 26465
install date: 20080602
install location: C:\Program Files\Lavasoft\Ad-Aware\
install source: C:\Program Files\Common Files\Wise Installation Wizard\
uninstall cmd: MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
publisher: Lavasoft
help link: http://www.lavasoftsupport.com
HPProductAssistant 53.0.13.000 ({E3F90083-80D4-4b5a-87C7-E97E12F5516D})
version: 889192461
version (major): 53
estimated size: 3931
install date: 20060604
install source: D:\setup\hpproductassistant\
publisher: Hewlett-Packard
SymNet 4.7.1 ({E47EE8FB-ACC0-4608-859C-4E2851B18A6A})
version: 67567617
version (major): 4
version (minor): 7
estimated size: 673
install date: 20030910
install source: C:\Documents and Settings\Virginia Bush\Local Settings\Temp\Support\SymNet\
uninstall cmd: MsiExec.exe /I{E47EE8FB-ACC0-4608-859C-4E2851B18A6A}
publisher: Symantec Corp
Norton AntiVirus Parent MSI 10.0.0 ({E5EE9939-259F-4DE2-8023-5C49E16A4F43})
version: 167772160
version (major): 10
estimated size: 257
install date: 20030910
install source: C:\Documents and Settings\Virginia Bush\Local Settings\Temp\NAV\
uninstall cmd: MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
publisher: Symantec Corp.
SolutionCenter 50.0.152.000 ({EA103B64-C0E4-4C0E-A506-751590E1653D})
version: 838860952
version (major): 50
estimated size: 9975
install date: 20060604
install source: D:\setup\SolutionCenter\
publisher: Hewlett-Packard
Canon Camera TWAIN Driver 6.6.3 ({EEBC43D5-C84E-401D-84BC-D7DF882ED00D})
version: 101056515
version (major): 6
version (minor): 6
estimated size: 32
install date: 20070814
install source: D:\software\twain66\
publisher: Canon
comments:
contact:
help link:
help telephone:
readme:
hpg4850 5.0.0.0 ({F5DA4BCE-78D3-4B15-A74B-1688A6EF38E3})
version: 83886080
version (major): 5
estimated size: 33104
install date: 20060604
install source: D:\setup\hpg4850\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
MSRedist 1.0.0.0 ({FC37ABD0-2108-4beb-B010-1254E0662B5A})
version: 16777216
version (major): 1
estimated size: 6359
install date: 20030910
install source: C:\Documents and Settings\Virginia Bush\Local Settings\Temp\Support\MSRedist\
uninstall cmd: MsiExec.exe /I{FC37ABD0-2108-4beb-B010-1254E0662B5A}
publisher: Symantec Corp
EPSON Print CD 1.31.000 ({FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4})
version: 18808832
install location: C:\Program Files\EPSON Print CD
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}\setup.exe" -l0x9 -SYSTEM
hvkreiter
2009-02-16, 20:30
I deeply apologize if I'm wasting space/ time of anyone attempting to help me. I am very distraught and don't know how much info you need.
Here's more:
--- System Services ---
Service (registry key): .NET CLR Data
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): .NET CLR Networking
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): .NETFramework
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): aawservice
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Lavasoft Ad-Aware Service
Description: Ad-Aware service
Object name: LocalSystem
Image path: "C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe"
Image size: 611664
Image MD5: 17067069B9A7865028C1F2E6971D0CCC
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 0
Depends On services: RpcSS
Service (registry key): Abiosdsk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0
Service (registry key): abp480n5
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): ACPI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft ACPI Driver
Image path: System32\DRIVERS\ACPI.sys
Image size: 163120
Image MD5: 083049D5DC3F32D17C2EDFB732C78A09
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): ACPIEC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): adpu160m
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\adpu160m.sys
Image size: 64432
Image MD5: 31B7C8770FDA8A3A44BCA9DCFE2D1E8B
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): AFD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AFD Networking Support Environment
Image path: \SystemRoot\System32\drivers\afd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1
Service (registry key): agp440
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel AGP Bus Filter
Image path: System32\DRIVERS\agp440.sys
Image size: 21008
Image MD5: CDDB71A90077C93BEA5C72507F0B1394
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): Aha154x
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\aha154x.sys
Image size: 12336
Image MD5: 57FA6D0EEA7194A77CD62973329DD76A
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): aic116x
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): aic78u2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\aic78u2.sys
Image size: 65168
Image MD5: B70B2CA4B97847C57E39051F3DF41811
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): aic78xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\aic78xx.sys
Image size: 56848
Image MD5: ED843659D0EACF21CB12D96AB4D98C03
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): Alerter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Alerter
Description: Notifies selected users and computers of administrative alerts.
Object name: LocalSystem
Image path: %SystemRoot%\System32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation
Service (registry key): ami0nt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): amsint
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): AppMgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Application Management
Description: Provides software installation services such as Assign, Publish, and Remove.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Service (registry key): asc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): asc3350p
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): asc3550
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): ASFAgent
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ASF Agent
Object name: LocalSystem
Image path: C:\Program Files\Intel\ASF Agent\ASFAgent.exe
Image size: 212992
Image MD5: 2B363D346B081BE18DC63E4A8139C258
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS
Service (registry key): ASP.NET
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): ASP.NET_1.1.4322
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): Aspi32
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): aspnet_state
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ASP.NET State Service
Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: .\ASPNET
Image path: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
Image size: 32768
Image MD5: E1A1206A4FB19B675E947B29CCD25FBA
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Service (registry key): AsyncMac
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: RAS Asynchronous Media Driver
Description: RAS Asynchronous Media Driver
Image path: System32\DRIVERS\asyncmac.sys
Image size: 17840
Image MD5: 5D3D77C9EB3A8E6A14CC8E1252B6CC5C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): atapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Standard IDE/ESDI Hard Disk Controller
Image path: System32\DRIVERS\atapi.sys
Image size: 86672
Image MD5: 8C718AA8C77041B3285D55A0CE980867
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): Atdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0
Service (registry key): Atmarpc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ATM ARP Client Protocol
Description: ATM ARP Client Protocol
Image path: System32\DRIVERS\atmarpc.sys
Image size: 57904
Image MD5: 3E348B3313EA633D45CAF59DA0D631BA
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip
Service (registry key): audstub
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Audio Stub Driver
Image path: System32\DRIVERS\audstub.sys
Image size: 2896
Image MD5: 39D57104A45270F0D376E9DDB484EBBD
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Automatic LiveUpdate Scheduler
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Automatic LiveUpdate Scheduler
Description: Manages the scheduling of Automatic LiveUpdate sessions
Object name: LocalSystem
Image path: "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
Image size: 100032
Image MD5: 1B58EE9929BAB30D06092E584F7D899F
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS
Service (registry key): basic2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\basic2.sys
Image size: 77426
Image MD5: 9372CC48814A17E67C28945EB4ACC189
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): Beep
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): BITS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Background Intelligent Transfer Service
Description: Transfers files in the background using idle network bandwidth. If the service is disabled, then any functions that depend on BITS, such as Windows Update or MSN Explorer will be unable to automatically download programs and other information.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k BITSgroup
Image size: 7952
Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,Rpcss,SENS,Wmi
Service (registry key): Browser
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Computer Browser
Description: Maintains an up-to-date list of computers on your network and supplies the list to programs that request it.
Object name: LocalSystem
Image path: %SystemRoot%\System32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,LanmanServer
Service (registry key): BusLogic
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): bvrp_pci
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Ca533av
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Icatch(IV) Video Camera Device
Image path: System32\Drivers\Ca533av.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1
Service (registry key): CCDECODE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Closed Caption Decoder
Image path: System32\DRIVERS\CCDECODE.sys
Image size: 16384
Image MD5: 1478E6A09512235B9E119D2920477021
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): ccEvtMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Event Manager
Description: Symantec Event Manager
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
Image size: 255648
Image MD5: 71602958E4604106AFFAC4D04616583F
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0
Depends On services: RPCSS,ccSetMgr
Service (registry key): ccPwdSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Password Validation
Description: Symantec Password Validation Service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"
Image size: 87712
Image MD5: 326E61D12D2CFFF4E9C8F98A5DD9B37B
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Service (registry key): ccSetMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Settings Manager
Description: Symantec Settings Manager
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
Image size: 235168
Image MD5: 1AADAB9C918622DC836611888CF978A6
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0
Depends On services: RPCSS
Service (registry key): cd20xrnt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): Cdaudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): Cdfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"
Service (registry key): Cdr4_2K
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): Cdralw2k
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): Cdrom
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD-ROM Driver
Image path: System32\DRIVERS\cdrom.sys
Image size: 27984
Image MD5: 4B86A90A7F0095D514D22A9083826488
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"
Service (registry key): cdudf
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Service (registry key): Changer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): cisvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Indexing Service
Object name: LocalSystem
Image path: C:\WINNT\System32\cisvc.exe
Image size: 5392
Image MD5: 2830A2C82270F387265DFA658656EB99
Control Set: CurrentControlSet
Start: 3
Type: 288
Error Control: 1
Depends On services: RPCSS
Service (registry key): ClipSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ClipBook
Description: Supports ClipBook Viewer, which allows pages to be seen by remote ClipBooks.
Object name: LocalSystem
Image path: %SystemRoot%\system32\clipsrv.exe
Image size: 31504
Image MD5: 804212B6B82354CF4F0C2D567575688A
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: NetDDE
Service (registry key): ContentFilter
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): ContentIndex
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): Cpqarray
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): cpqarry2
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): cpqfcalm
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): cpqfws2e
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): dac960nt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): deckzpsx
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): Dhcp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DHCP Client
Description: Manages network configuration by registering and updating IP addresses and DNS names.
Object name: LocalSystem
Image path: %SystemRoot%\System32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd,NetBT
Service (registry key): Disk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Disk Driver
Image path: System32\DRIVERS\disk.sys
Image size: 30768
Image MD5: 322B9A3774DBF119F6635A476B0EB058
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"
Service (registry key): Diskperf
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): dmadmin
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logical Disk Manager Administrative Service
Description: Administrative service for disk management requests
Object name: LocalSystem
Image path: %SystemRoot%\System32\dmadmin.exe /com
Image size: 147728
Image MD5: 7B080C0AC30884E981221342DA197C1E
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay,DmServer
Service (registry key): dmboot
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\drivers\dmboot.sys
Image size: 369104
Image MD5: 0B91C63540682BC3C826FC6D8B3ECB7B
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): dmio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logical Disk Manager Driver
Image path: System32\drivers\dmio.sys
Image size: 137936
Image MD5: 6B35BFDBDBC247113852F18BF0F10E3C
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): dmload
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\drivers\dmload.sys
Image size: 7312
Image MD5: 3F1701FFA97AB012685ABC8A2D6FCE22
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): dmserver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logical Disk Manager
Description: Logical Disk Manager Watchdog Service
Object name: LocalSystem
Image path: %SystemRoot%\System32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay
Service (registry key): DMusic
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft DirectMusic SW Synth (WDM)
Image path: system32\drivers\DMusic.sys
Image size: 51152
Image MD5: 3431984234B5988D4C09F043CF4CD779
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Dnscache
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DNS Client
Description: Resolves and caches Domain Name System (DNS) names.
Object name: LocalSystem
Image path: %SystemRoot%\System32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip
Service (registry key): dvd_2K
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): E1000
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) PRO/1000 Adapter Driver
Image path: System32\DRIVERS\e1000nt5.sys
Image size: 89104
Image MD5: 4754EB9F8A40D6BE6A009622FE2530E8
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): EFS
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Service (registry key): EL90BC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: 3Com EtherLink XL B/C Adapter Driver
Image path: System32\DRIVERS\el90xbc5.sys
Image size: 61712
Image MD5: 42B84A53AE478073DBE6BFDBE683DF96
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Eventlog
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Event Log
Description: Logs event messages issued by programs and Windows. Event Log reports contain information that can be useful in diagnosing problems. Reports are viewed in Event Viewer.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Service (registry key): EventSystem
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: COM+ Event System
Description: Provides automatic distribution of events to subscribing COM components.
Object name: LocalSystem
Image path: C:\WINNT\System32\svchost.exe -k netsvcs
Image size: 7952
Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS
Service (registry key): Fallback
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\fallback.sys
Image size: 310899
Image MD5: 9EA76A7F28CD968F8ADC709E479F23B2
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0
Service (registry key): Fastfat
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Service (registry key): fasttrak
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\fasttrak.sys
Image size: 64418
Image MD5: D03E959BBD9B534486434DC40E73190C
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): Fax
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Fax Service
Description: Helps you send and receive faxes
Object name: LocalSystem
Image path: %systemroot%\system32\faxsvc.exe
Image size: 94992
Image MD5: C63946C8124A58A6C86EFB0EBEC7CCF9
Control Set: CurrentControlSet
Start: 3
Type: 272
Error Control: 1
Depends On services: TapiSrv,RpcSs,PlugPlay,Spooler
Service (registry key): Fd16_700
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\fd16_700.sys
Image size: 11280
Image MD5: 29DAB4083BC78729299D090A694080D6
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): Fdc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Floppy Disk Controller Driver
Image path: System32\DRIVERS\fdc.sys
Image size: 26256
Image MD5: 233E2C4DAE9C84CEF241F0EA30619629
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Fips
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Fips
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1
Service (registry key): fireport
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): flashpnt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): Flpydisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Floppy Disk Driver
Image path: System32\DRIVERS\flpydisk.sys
Image size: 19312
Image MD5: 6CA845333DA54F27A8657BE7EE0B600D
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Fsks
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\fsksnt.sys
Image size: 127405
Image MD5: B7B262D0431374F3AFD1349E35B368D9
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0
Service (registry key): Fs_Rec
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 8
Error Control: 0
Service (registry key): Ftdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Volume Manager Driver
Image path: System32\DRIVERS\ftdisk.sys
Image size: 115504
Image MD5: 9B73C6887C9E7AECAACA2A71363548E9
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): Gpc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Generic Packet Classifier
Description: Generic Packet Classifier
Image path: System32\DRIVERS\msgpc.sys
Image size: 34704
Image MD5: 6667D07854A3AE7715D22B82761CF0E7
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): gusvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Google Updater Service
Object name: LocalSystem
Image path: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
Image size: 136120
Image MD5: C1B577B2169900F4CF7190C39F085794
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Depends On services: RPCSS
Service (registry key): i8042prt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: i8042 Keyboard and PS/2 Mouse Port Driver
Image path: System32\DRIVERS\i8042prt.sys
Image size: 46992
Image MD5: 3B538E8A6B5E078406159EDFE09A5E53
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): ialm
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\ialmnt5.sys
Image size: 77277
Image MD5: 2B0A8FA7BE10DFEF9318757E4D6274B0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): Iap
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Iap
Object name: LocalSystem
Image path: C:\Program Files\Dell\OpenManage\Client\Iap.exe
Image size: 163840
Image MD5: 10B554A36160C79374A660BB4BCC9D6B
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 0
Depends On services: RPCSS
Service (registry key): IAS
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 32
Error Control: 0
Service (registry key): ichaud
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Service for AC'97 Driver (WDM)
Image path: system32\drivers\ichaud.sys
Image size: 32592
Image MD5: 890E66A62EBAB5FE7AAB940ABF5B25B6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): inetaccs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): ini910u
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): Inport
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): IntelIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\intelide.sys
Image size: 4624
Image MD5: 2C764FEBD7197E3331556FE215ADD934
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): IPFilter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft IntelliPoint Features driver
Image path: System32\DRIVERS\IPFilter.sys
Image size: 11504
Image MD5: 0F42B3DB32C7325755C24BC5DE3FFF78
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): IpFilterDriver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Image path: System32\DRIVERS\ipfltdrv.sys
Image size: 34416
Image MD5: 09A604211E2B2334FC023A41337E3165
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip
Service (registry key): IpInIp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP in IP Tunnel Driver
Description: IP in IP Tunnel Driver
Image path: System32\DRIVERS\ipinip.sys
Image size: 19984
Image MD5: DBC1437B56EEA1AF02CD39C011904491
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip
Service (registry key): IpNat
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP Network Address Translator
Description: IP Network Address Translator
Image path: System32\DRIVERS\ipnat.sys
Image size: 67120
Image MD5: 3509E9C33281F4343D2DA5650039F59D
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip
Service (registry key): IPSEC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPSEC driver
Description: IPSEC driver
Image path: System32\DRIVERS\ipsec.sys
Image size: 64304
Image MD5: 6BF394C7987FBC91B047EB0A8EFB2AA5
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): ipsraidn
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): IRENUM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IR Enumerator Service
Image path: System32\DRIVERS\irenum.sys
Image size: 10288
Image MD5: 7F5315E32BE0632F680B30E03A2CA809
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): ISAPISearch
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): isapnp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PnP ISA/EISA Bus Driver
Image path: System32\DRIVERS\isapnp.sys
Image size: 46992
Image MD5: B630369CA276FD208C1B5146920B5F2E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3
Service (registry key): K56
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\k56nt.sys
Image size: 426783
Image MD5: A4E3277398C8ABA999483D4C658C9696
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0
Service (registry key): Kbdclass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Keyboard Class Driver
Image path: System32\DRIVERS\kbdclass.sys
Image size: 24528
Image MD5: 399055F5C4A98F39B47D26888A72145D
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): kmixer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel Wave Audio Mixer
Image path: system32\drivers\kmixer.sys
Image size: 148304
Image MD5: 8E198EC9E823AA42EDF45B07EFE395AC
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): KSecDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): lanmanserver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Server
Description: Provides RPC support and file, print, and named pipe sharing.
Object name: LocalSystem
Image path: %SystemRoot%\System32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Service (registry key): lanmanworkstation
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Workstation
Description: Provides network connections and communications.
Object name: LocalSystem
Image path: %SystemRoot%\System32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Service (registry key): lbrtfdc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): LiveUpdate
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: LiveUpdate
Description: LiveUpdate Core Engine
Object name: LocalSystem
Image path: "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"
Image size: 2045632
Image MD5: 89BFFB6A09652DA7D019A387354D0D19
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS
Service (registry key): LmHosts
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TCP/IP NetBIOS Helper Service
Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
Object name: LocalSystem
Image path: %SystemRoot%\System32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: NetBT,Afd
Service (registry key): lp6nds35
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): MDM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Machine Debug Manager
Description: Manages local and remote debugging for Visual Studio debuggers
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
Image size: 270336
Image MD5: E5C0AAB23B6875AB54C0FA77A5ADAAFD
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS
hvkreiter
2009-02-16, 20:32
Here's the last of it.
Service (registry key): Messenger
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Messenger
Description: Sends and receives messages transmitted by administrators or by the Alerter service.
Object name: LocalSystem
Image path: %SystemRoot%\System32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,NetBIOS,RpcSS
Service (registry key): mmc_2K
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): mnmdd
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): mnmsrvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetMeeting Remote Desktop Sharing
Description: Allows authorized people to remotely access your Windows desktop using NetMeeting.
Object name: LocalSystem
Image path: C:\WINNT\System32\mnmsrvc.exe
Image size: 21776
Image MD5: EEEE63B92CA888AC9FB3D13581751EC2
Control Set: CurrentControlSet
Start: 3
Type: 272
Error Control: 1
Service (registry key): Modem
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): Mouclass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mouse Class Driver
Image path: System32\DRIVERS\mouclass.sys
Image size: 21776
Image MD5: 8D038DDE3F19B88427968E99A6216766
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): mouhid
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): MountMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): MPE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: BDA MPE Filter
Image path: System32\DRIVERS\MPE.sys
Image size: 15104
Image MD5: 83EFF7B976AE24F1A496CA94A8A19919
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): mraid2k
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\mraid2k.sys
Image size: 17258
Image MD5: 729C792A08AB2266B76F17075FB2F73D
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): mraid35x
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\mraid35x.sys
Image size: 9488
Image MD5: E1E21DE56B46A34B383EEC316B052709
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): MRxSmb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MRXSMB
Description: MRXSMB
Image path: System32\DRIVERS\mrxsmb.sys
Image size: 418640
Image MD5: E0836182D738EBE0E958EE641FDFA597
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Service (registry key): MsaSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft authenticate service
Description: Authenticate network access users
Object name: LocalSystem
Image path: C:\WINNT\System32\msasvc.exe
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Service (registry key): MSDTC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Distributed Transaction Coordinator
Description: Coordinates transactions that are distributed across two or more databases, message queues, file systems, or other transaction protected resource managers.
Object name: LocalSystem
Image path: C:\WINNT\System32\msdtc.exe
Image size: 6928
Image MD5: EDC54E17CDF1811A472D518A82182449
Control Set: CurrentControlSet
Start: 3
Type: 272
Error Control: 1
Depends On services: RPCSS,SamSS
Service (registry key): Msfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Service (registry key): MSIServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Installer
Description: Installs, repairs and removes software according to instructions contained in .MSI files.
Object name: LocalSystem
Image path: C:\WINNT\System32\msiexec.exe /V
Image size: 78848
Image MD5: F5F0146580E7023ADB963879840777F8
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs
Service (registry key): MSKSSRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Service Proxy
Image path: system32\drivers\MSKSSRV.sys
Image size: 7424
Image MD5: 85736F804191CB420A31ACA2A7F0674F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): MSPCLOCK
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Clock Proxy
Image path: system32\drivers\MSPCLOCK.sys
Image size: 5248
Image MD5: E943ADB93D83C5CBC0CA3F53F53B48CC
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): MSPQM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Quality Manager Proxy
Image path: system32\drivers\MSPQM.sys
Image size: 4816
Image MD5: BB041315C9930063E5EAB0BEE90ACFF6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): MSTEE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Tee/Sink-to-Sink Converter
Image path: system32\drivers\MSTEE.sys
Image size: 5504
Image MD5: D5059366B361F0E1124753447AF08AA2
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Mup
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mup
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1
Service (registry key): NABTSFEC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NABTS/FEC VBI Codec
Image path: System32\DRIVERS\NABTSFEC.sys
Image size: 83968
Image MD5: BB1C45D114B6DAB0BABF6B2FB0336DB2
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): navapsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Norton AntiVirus Auto Protect Service
Description: Handles Norton AntiVirus Auto-Protect events.
Object name: LocalSystem
Image path: C:\Program Files\Norton AntiVirus\navapsvc.exe
Image size: 158848
Image MD5: 106188EE7FCE8C769DEFEC27C1EDB67C
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS
Service (registry key): NAVENG
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NAVENG
Image path: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090211.004\NAVENG.Sys
Image size: 89104
Image MD5: DC129D50E1EC3721C2F649754E465E4F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): NAVEX15
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NAVEX15
Image path: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090211.004\NavEx15.Sys
Image size: 876112
Image MD5: 6FCBC09C16F0A74822DC9605A8B35738
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Ncrc710
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): NDIS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NDIS System Driver
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): NdisIP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft TV/Video Connection
Image path: System32\DRIVERS\NdisIP.sys
Image size: 10112
Image MD5: ABD7629CF2796250F315C1DD0B6CF7A0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): NdisTapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Image path: System32\DRIVERS\ndistapi.sys
Image size: 9200
Image MD5: E6F675C75C53887C58B98D6DB356B153
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Ndisuio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Image path: System32\DRIVERS\ndisuio.sys
Image size: 11984
Image MD5: 69ECAE880BDAC3C288F0508DF9CDEEF0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): NdisWan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access NDIS WAN Driver
Description: Remote Access NDIS WAN Driver
Image path: System32\DRIVERS\ndiswan.sys
Image size: 93360
Image MD5: B86A37AA73868343A9EEE148FDFCE1E0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): NDProxy
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): NetAlrt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetAlrt
Image path: \??\C:\WINNT\System32\drivers\NetAlrt.sys
Image size: 39680
Image MD5: 73C0F29643F54EBE777521C88535114A
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1
Service (registry key): NetBIOS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetBIOS Interface
Description: NetBIOS Interface
Image path: System32\DRIVERS\netbios.sys
Image size: 33456
Image MD5: 5151E6020A26BF7BC21C18FD612506BD
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Service (registry key): NetBT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetBT
Description: NetBios over Tcpip
Image path: System32\DRIVERS\netbt.sys
Image size: 168624
Image MD5: E854473D50E5F7917767A7C10E08E5F8
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: Tcpip
Service (registry key): NetDDE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network DDE
Description: Provides network transport and security for dynamic data exchange (DDE).
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 108816
Image MD5: C237423A8FCB4FD24523FEECA620717C
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: NetDDEDSDM
Service (registry key): NetDDEdsdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network DDE DSDM
Description: Manages shared dynamic data exchange and is used by Network DDE
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 108816
Image MD5: C237423A8FCB4FD24523FEECA620717C
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Service (registry key): NetDetect
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetDetect
Image path: \SystemRoot\system32\drivers\netdtect.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Netlogon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Net Logon
Description: Supports pass-through authentication of account logon events for computers in a domain.
Object name: LocalSystem
Image path: %SystemRoot%\System32\lsass.exe
Image size: 33552
Image MD5: 271229760CCED993E9E7CAB1C7274134
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation
Service (registry key): Netman
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Connections
Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 7952
Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
Control Set: CurrentControlSet
Start: 3
Type: 288
Error Control: 1
Depends On services: RpcSs
Service (registry key): NMSCFG
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NIC Management Service Configuration Driver
Image path: \??\C:\WINNT\system32\drivers\NMSCFG.SYS
Image size: 9868
Image MD5: FAD815A20FD2F828673B5B3B281A8CC3
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): NMSSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) NMS
Description: Intel(R) NIC Management Service
Object name: LocalSystem
Image path: C:\WINNT\System32\NMSSvc.exe
Image size: 1118208
Image MD5: E22D9BC391A1E7C4C55F0F49808466ED
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS
Service (registry key): Npfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Service (registry key): NTDS
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): Ntfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Service (registry key): NtLmSsp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NT LM Security Support Provider
Description: Provides security to remote procedure call (RPC) programs that use transports other than named pipes.
Object name: LocalSystem
Image path: %SystemRoot%\System32\lsass.exe
Image size: 33552
Image MD5: 271229760CCED993E9E7CAB1C7274134
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Service (registry key): NtmsSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Removable Storage
Description: Manages removable media, drives, and libraries.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 7952
Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
Control Set: CurrentControlSet
Start: 2
Type: 288
Error Control: 1
Depends On services: RpcSs
Service (registry key): Null
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): nv4
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\nv4.sys
Image size: 345040
Image MD5: 7E0FA667ECB04E1D5D6DCD4227515673
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): NwlnkFlt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPX Traffic Filter Driver
Description: IPX Traffic Filter Driver
Image path: System32\DRIVERS\nwlnkflt.sys
Image size: 12560
Image MD5: 9B0D6FB5C5D6A7571AEDB0C1A7A9C1B6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: NwlnkFwd
Service (registry key): NwlnkFwd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPX Traffic Forwarder Driver
Description: IPX Traffic Forwarder Driver
Image path: System32\DRIVERS\nwlnkfwd.sys
Image size: 35344
Image MD5: 09FA39E4812FDD042834650DF09675A0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): omci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: OMCI WDM Device Driver
Image path: System32\DRIVERS\omci.sys
Image size: 17153
Image MD5: 8F57DCD17CA9A5DCD93256EA9E7A4863
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): Parallel
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Parallel class driver
Image path: System32\DRIVERS\parallel.sys
Image size: 60208
Image MD5: EA27799907EABDB66D2D56AF68CD4F06
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Parport
Depends On group: "Parallel arbitrator"
Service (registry key): Parport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Parallel port driver
Image path: System32\DRIVERS\parport.sys
Image size: 25104
Image MD5: 69B713583D6E063AC487E2DA30C04289
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): PartMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): ParVdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0
Depends On services: Parport
Depends On group: "Parallel arbitrator"
Service (registry key): PCI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PCI Bus Driver
Image path: System32\DRIVERS\pci.sys
Image size: 59312
Image MD5: F0791B1F424F8D84A81D9AE6CFADF089
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3
Service (registry key): PCIDump
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): PCIIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\pciide.sys
Image size: 3088
Image MD5: 7D0BCB325D29D15024D6A572044E410B
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): Pcmcia
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): PerfDisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): PerfNet
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): PerfOS
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): PerfProc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): PlatAlrt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PlatAlrt
Image path: \??\C:\WINNT\System32\drivers\PlatAlrt.sys
Image size: 23744
Image MD5: 7E885EB50520747204947EFF818B0A29
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1
Service (registry key): PlugPlay
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Plug and Play
Description: Manages device installation and configuration and notifies programs of device changes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Service (registry key): PolicyAgent
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPSEC Policy Agent
Description: Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver.
Object name: LocalSystem
Image path: %SystemRoot%\System32\lsass.exe
Image size: 33552
Image MD5: 271229760CCED993E9E7CAB1C7274134
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS
Service (registry key): PptpMiniport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Image path: System32\DRIVERS\raspptp.sys
Image size: 48464
Image MD5: 0E0212BBBF15800F1536CBFA157DDDD6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): ProtectedStorage
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Protected Storage
Description: Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 2
Type: 288
Error Control: 1
Depends On services: RpcSs
Service (registry key): Ptilink
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Direct Parallel Link Driver
Description: Direct Parallel Link Driver
Image path: System32\DRIVERS\ptilink.sys
Image size: 17680
Image MD5: B78775F217255F786C2E8DBE4334E413
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): pwd_2k
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): PxHelp20
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PxHelp20
Image path: System32\Drivers\PxHelp20.sys
Image size: 43872
Image MD5: 49452BFCEC22F36A7A9B9C2181BC3042
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): QBFCService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intuit QuickBooks FCS
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe"
Image size: 71184
Image MD5: D37394A114213822F3F627548208BE8C
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Service (registry key): ql1080
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): Ql10wnt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): ql1240
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): ql2100
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): RasAcd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Image path: System32\DRIVERS\rasacd.sys
Image size: 8016
Image MD5: 63051B814E005DC62C7A0971668C52B4
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): RasAuto
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Auto Connection Manager
Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 7952
Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
Control Set: CurrentControlSet
Start: 3
Type: 288
Error Control: 1
Depends On services: RasMan,Tapisrv
Service (registry key): Rasl2tp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Image path: System32\DRIVERS\rasl2tp.sys
Image size: 52112
Image MD5: EC6037C594F20ADEDEA65F0D809493D2
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): RasMan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Connection Manager
Description: Creates a network connection.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 7952
Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
Control Set: CurrentControlSet
Start: 3
Type: 288
Error Control: 1
Depends On services: Tapisrv
Service (registry key): Raspti
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Direct Parallel
Description: Direct Parallel
Image path: System32\DRIVERS\raspti.sys
Image size: 16880
Image MD5: CB09A98E97E52C389AB17B1E003C9566
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): RCA
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Network Raw Channel Access
Image path: system32\drivers\RCA.sys
Image size: 21712
Image MD5: AFCE1F733A6AA3A90AC60794DFB26104
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Rdbss
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Rdbss
Description: Rdbss
Image path: System32\DRIVERS\rdbss.sys
Image size: 174800
Image MD5: D3CB7A695A43A287979C03DB94227D05
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Service (registry key): redbook
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Digital CD Audio Playback Filter Driver
Image path: System32\DRIVERS\redbook.sys
Image size: 35344
Image MD5: B5120CB5081865B0C7D93C305C7DA939
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): RemoteAccess
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Routing and Remote Access
Description: Offers routing services to businesses in local area and wide area network environments.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 7952
Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
Control Set: CurrentControlSet
Start: 4
Type: 288
Error Control: 1
Depends On services: RpcSS
Depends On group: NetBIOSGroup
Service (registry key): RemoteRegistry
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Registry Service
Description: Allows remote registry manipulation.
Object name: LocalSystem
Image path: %SystemRoot%\system32\regsvc.exe
Image size: 68368
Image MD5: 250C4CE389783FA2398E3AFA4317008C
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Service (registry key): Rksample
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\rksample.sys
Image size: 67654
Image MD5: 4C35E57300A2DC5932A8E29EFA527C32
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): RpcLocator
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Procedure Call (RPC) Locator
Description: Manages the RPC name service database.
Object name: LocalSystem
Image path: %SystemRoot%\System32\locator.exe
Image size: 72464
Image MD5: AD57E33F4F7F404D9ABA97E8B33FA21B
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: LanmanWorkstation
Service (registry key): RpcSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Procedure Call (RPC)
Description: Provides the endpoint mapper and other miscellaneous RPC services.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost -k rpcss
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Service (registry key): RSVP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: QoS RSVP
Description: Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets.
Object name: LocalSystem
Image path: %SystemRoot%\System32\rsvp.exe -s
Image size: 176912
Image MD5: 2A21BDDB1BA9B5CD776949380AB46A76
Control Set: CurrentControlSet
Start: 3
Type: 272
Error Control: 1
Depends On services: TcpIp,Afd
Service (registry key): SamSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Security Accounts Manager
Description: Stores security information for local user accounts.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 33552
Image MD5: 271229760CCED993E9E7CAB1C7274134
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Service (registry key): SAVRT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SAVRT
Image path: \??\C:\Program Files\Norton AntiVirus\SAVRT.SYS
Image size: 305288
Image MD5: AC9D162F3DD155E6023AA5AC89F59780
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): SAVRTPEL
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SAVRTPEL
Image path: \??\C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS
Image size: 37000
Image MD5: 7BD636B57B7FD56C2C2AC9515F6B57D7
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): SAVScan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SAVScan
Description: Handles Norton AntiVirus Auto-Protect Archive Scanning
Object name: LocalSystem
Image path: C:\Program Files\Norton AntiVirus\SAVScan.exe
Image size: 194272
Image MD5: DE337E8649E1970C5663999457A9352F
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: SAVRT
Service (registry key): SBService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ScriptBlocking Service
Object name: LocalSystem
Image path: C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
Image size: 66784
Image MD5: 928627472ADBD58BB72D5BB9CB1448F6
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Service (registry key): SCardDrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Smart Card Helper
Description: Provides support for legacy smart card readers attached to the computer.
Object name: LocalSystem
Image path: %SystemRoot%\System32\SCardSvr.exe
Image size: 100112
Image MD5: 13C381E66CDA8D4D80E84BF18307551F
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 0
Depends On group: "Smart Card Reader"
Service (registry key): SCardSvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Smart Card
Description: Manages and controls access to a smart card inserted into a smart card reader attached to the computer.
Object name: LocalSystem
Image path: %SystemRoot%\System32\SCardSvr.exe
Image size: 100112
Image MD5: 13C381E66CDA8D4D80E84BF18307551F
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 0
Depends On services: PlugPlay
Service (registry key): Schedule
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Task Scheduler
Description: Enables a program to run at a designated time.
Object name: LocalSystem
Image path: %SystemRoot%\system32\MSTask.exe
Image size: 119568
Image MD5: 00D8C428B2D6DFFCABEB859BC69F632B
Control Set: CurrentControlSet
Start: 2
Type: 288
Error Control: 1
Depends On services: RpcSs
Service (registry key): SchedulingAgent
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 2
Type: 0
Error Control: 0
Service (registry key): seclogon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: RunAs Service
Description: Enables starting processes under alternate credentials
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 2
Type: 288
Error Control: 0
Service (registry key): SENS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: System Event Notification
Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 7952
Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: EventSystem
Service (registry key): serenum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Serenum Filter Driver
Image path: System32\DRIVERS\serenum.sys
Image size: 14160
Image MD5: 6DB5FDF67486679DA3149EF212374861
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Serial
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Serial port driver
Image path: System32\DRIVERS\serial.sys
Image size: 62736
Image MD5: 80F28698F48E298D278057F23206133B
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): Sermouse
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): Sfloppy
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Depends On group: "SCSI miniport"
Service (registry key): sglfb
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): SharedAccess
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Internet Connection Sharing
Description: Provides network address translation, addressing, and name resolution services for all computers on your home network through a dial-up connection.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 7952
Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
Control Set: CurrentControlSet
Start: 3
Type: 288
Error Control: 1
Depends On services: RasMan
Service (registry key): Simbad
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): SLIP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: BDA Slip De-Framer
Image path: System32\DRIVERS\SLIP.sys
Image size: 10880
Image MD5: 92723FBDD30771C293FE5ED266A31CA6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): smwdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\drivers\smwdm.sys
Image size: 459944
Image MD5: B911C822922CF62DF83AD36D5C9775CC
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): SNDSrvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Network Drivers Service
Description: Symantec Network Drivers Service
Object name: LocalSystem
Image path: C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
Image size: 206552
Image MD5: 443E397643965E08C5AB6A6CAA732B97
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Service (registry key): SoftFax
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\faxnt.sys
Image size: 217019
Image MD5: 413CFA795CAD19A010889DF0EC060408
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0
Service (registry key): Sparrow
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\sparrow.sys
Image size: 19376
Image MD5: 56C24ADDE3C44D987C67033A7953C06F
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): SPGT560xUSB
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MS Card_Reader
Image path: System32\DRIVERS\SP560X2K.SYS
Image size: 20576
Image MD5: 60218C04239703D2769D28BC20BFCF46
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Spooler
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Print Spooler
Description: Loads files to memory for later printing.
Object name: LocalSystem
Image path: %SystemRoot%\system32\spoolsv.exe
Image size: 45328
Image MD5: 987DAF317B917CFC973DE8364D62A76C
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS
Service (registry key): Srv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Srv
Description: Srv
Image path: System32\DRIVERS\srv.sys
Image size: 244944
Image MD5: 42306C014D9E4D285EB5F49FE1178373
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Service (registry key): StiSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Still Image Service
Object name: LocalSystem
Image path: %systemroot%\system32\stisvc.exe
Image size: 61712
Image MD5: B75235626B950FF821146555C612F814
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Service (registry key): streamip
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: BDA IPSink
Image path: System32\DRIVERS\StreamIP.sys
Image size: 14976
Image MD5: 4544FD0DB39CB7B385A5392C068162CD
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): swenum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Software Bus Driver
Image path: System32\DRIVERS\swenum.sys
Image size: 4096
Image MD5: 616A013D3EA068B6DEE83D905E92EE9F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): swmidi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel GS Wavetable Synthesizer
Image path: system32\drivers\swmidi.sys
Image size: 53552
Image MD5: 8C7CD06D097A59391D94B59715FCA67C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Symantec Core LC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Core LC
Description: Symantec Core LC
Object name: LocalSystem
Image path: C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Image size: 585728
Image MD5: D0EDAE81C1E1CCD7E711286EEFE9DE57
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS
Service (registry key): symc810
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): symc8xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): SymEvent
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \??\C:\Program Files\Symantec\SYMEVENT.SYS
Image size: 124016
Image MD5: C9B8F325B2A22CDA1BDA7B25181B1389
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): symlcbrd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: symlcbrd
Image path: \??\C:\WINNT\System32\drivers\symlcbrd.sys
Image size: 2397
Image MD5: 993C0CB4BEDDDEBF7254191EC8A3F67E
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0
Service (registry key): SYMREDRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\System32\Drivers\SYMREDRV.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): SYMTDI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SYMTDI
Image path: \SystemRoot\System32\Drivers\SYMTDI.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: Tcpip
Service (registry key): SymWSC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SymWMI Service
Description: Symantec WMI Service
Object name: LocalSystem
Image path: C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Image size: 316544
Image MD5: 67C5AF84809468061121FBCBECB19285
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0
Depends On services: winmgmt
Service (registry key): sym_hi
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): sysaudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft System Audio Device
Image path: system32\drivers\sysaudio.sys
Image size: 47568
Image MD5: 6C14D96F8C1BA929FAD4BA40A29217FA
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): SysmonLog
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Performance Logs and Alerts
Description: Configures performance logs and alerts.
Object name: LocalSystem
Image path: %SystemRoot%\system32\smlogsvc.exe
Image size: 85776
Image MD5: F4F35FE5F46262D45491822D8A66BF62
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Service (registry key): TapiSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Telephony
Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 7952
Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
Control Set: CurrentControlSet
Start: 3
Type: 288
Error Control: 1
Depends On services: PlugPlay,RpcSs
Service (registry key): Tcpip
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Image path: System32\DRIVERS\tcpip.sys
Image size: 332144
Image MD5: 5F1BE742B1F2196663255991AE7ACC83
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): tga
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): TlntSvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Telnet
Description: Allows a remote user to log on to the system and run console programs using the command line.
Object name: LocalSystem
Image path: %SystemRoot%\system32\tlntsvr.exe
Image size: 186128
Image MD5: FA57D2175F4978E2F32CB1B02781D76A
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RpcSs,TcpIp
Service (registry key): Tones
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\tonesnt.sys
Image size: 56607
Image MD5: E0F10A379239B4FAB319C55A9CD6BC96
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0
Service (registry key): TrkWks
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Distributed Link Tracking Client
Description: Sends notifications of files moving between NTFS volumes in a network domain.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs
Service (registry key): UdfReadr
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Service (registry key): Udfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Service (registry key): uhcd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Universal Host Controller Driver
Image path: System32\DRIVERS\uhcd.sys
Image size: 32848
Image MD5: 376FB5E14B9D375DB3536BA563EAE97A
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): Ultra
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\ultra.sys
Image size: 46848
Image MD5: 3B652D049A3A533A0EBB9BB0D5593BE9
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Service (registry key): ultra66
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1
Service (registry key): Update
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microcode Update Driver
Image path: System32\DRIVERS\update.sys
Image size: 173232
Image MD5: 7A77F319935328CF30945FE0F3C69C9A
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): UPS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Uninterruptible Power Supply
Description: Manages an uninterruptible power supply (UPS) connected to the computer.
Object name: LocalSystem
Image path: %SystemRoot%\System32\ups.exe
Image size: 17680
Image MD5: 222A997AA4C7F7A2B3453B556AFA4406
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Service (registry key): usbaudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB Audio Driver (WDM)
Image path: system32\drivers\usbaudio.sys
Image size: 68912
Image MD5: B3555486F7786BE1A46C3DAD73DB6D92
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): USBCamera
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Icatch(IV) Still Camera Device
Image path: System32\Drivers\Bulk533.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): usbehci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB 2.0 Enhanced Host Controller Miniport Driver
Image path: System32\DRIVERS\usbehci.sys
Image size: 19728
Image MD5: 86C71CE544358D3227206A894AE04443
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): usbhub
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DSC Composite USB Device
Image path: System32\DRIVERS\usbhub.sys
Image size: 40176
Image MD5: 5C202078F5D500786A1F3279FAC3AA64
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1
Service (registry key): usbhub20
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB 2.0 Root Hub Support
Image path: System32\DRIVERS\usbhub20.sys
Image size: 49776
Image MD5: B0205D19BA25CA654810D0AED04496A8
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): usbprint
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB PRINTER Class
Image path: System32\DRIVERS\usbprint.sys
Image size: 21872
Image MD5: E0E4367F5EFF9E84FAFEEBA6AB937FD8
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): usbscan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB Scanner Driver
Image path: System32\DRIVERS\usbscan.sys
Image size: 12592
Image MD5: 6C0A98C98B84EEE9E3FB1CF86B6250B8
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): USBSTOR
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB Mass Storage Driver
Image path: System32\DRIVERS\USBSTOR.SYS
Image size: 21552
Image MD5: 13EBA8A2DA3447FE7F217E34210AC554
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): UtilMan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Utility Manager
Description: Starts and configures accessibility tools from one window
Object name: LocalSystem
Image path: %SystemRoot%\System32\UtilMan.exe
Image size: 22800
Image MD5: 7A960F1E9A0B2F7D14F1D0EDDD74375C
Control Set: CurrentControlSet
Start: 3
Type: 272
Error Control: 1
Service (registry key): V124
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\v124nt.sys
Image size: 534125
Image MD5: 177B65899D418F8C8F037B20567A99D6
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0
Service (registry key): VgaSave
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\System32\drivers\vga.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Service (registry key): Viewpoint Manager Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Viewpoint Manager Service
Description: Ensures Viewpoint 3D and Rich Media Technologies are up to date
Object name: LocalSystem
Image path: "C:\Program Files\Viewpoint\Common\ViewpointService.exe"
Image size: 24652
Image MD5: 5F974FDE801C73952770736BECDE11E7
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS
Service (registry key): VxD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): W32Time
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Time
Description: Sets the computer clock.
Object name: LocalSystem
Image path: %SystemRoot%\System32\services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Service (registry key): W3SVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): Wanarp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Image path: System32\DRIVERS\wanarp.sys
Image size: 32272
Image MD5: AA8C76DFC4AFA72F09FDBC6621B7D38D
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): wdmaud
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft WINMM WDM Audio Compatibility Driver
Image path: system32\drivers\wdmaud.sys
Image size: 73872
Image MD5: 997D25513BC89614417829B5BEC7C75C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): winachsf
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\HSF_CNXT.sys
Image size: 584336
Image MD5: A941AA38E3951058E584C4BBDDD56ED9
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Service (registry key): WinMgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Management Instrumentation
Description: Provides system management information.
Object name: LocalSystem
Image path: %SystemRoot%\System32\WBEM\WinMgmt.exe
Image size: 196706
Image MD5: 05B2001E1BC653FD6091E741B46F71B4
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Depends On services: RPCSS
Service (registry key): Winsock
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 4
Error Control: 1
Service (registry key): WinSock2
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): WinTrust
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): WmdmPmSN
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Portable Media Serial Number Service
Description: Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 7952
Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Service (registry key): Wmi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Management Instrumentation Driver Extensions
Description: Provides systems management information to and from drivers.
Object name: LocalSystem
Image path: %SystemRoot%\system32\Services.exe
Image size: 89360
Image MD5: CFED2D28F5B8A24127E9E06043070643
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Service (registry key): WSTCODEC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: World Standard Teletext Codec
Image path: System32\DRIVERS\WSTCODEC.SYS
Image size: 18688
Image MD5: 04ACA6442E639A794293828E8DDA7A44
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): wuauserv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Automatic Updates
Description: Enables the download and installation of critical Windows updates. If the service is disabled, the operating system can be manually updated at the Windows Update Web site.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k wugroup
Image size: 7952
Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Service (registry key): WZCSVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Wireless Configuration
Description: Provides authenticated network access control using IEEE 802.1x for wired and wireless Ethernet networks.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 7952
Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,Ndisuio,ProtectedStorage,WMI
Service (registry key): {0A941F9F-E3B0-4000-9868-E5239B479700}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Service (registry key): {6080A529-897E-4629-A488-ABA0C29B635E}
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) Graphics Platform (SoftBIOS) Driver
Image path: system32\drivers\ialmsbw.sys
Image size: 88320
Image MD5: 6F221E213521179132CF019D9DBF5CAE
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Service (registry key): {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) Graphics Chipset (KCH) Driver
Image path: system32\drivers\ialmkchw.sys
Image size: 69472
Image MD5: D972DB6F3FC84DF74ADC2A305E436301
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Service (registry key): {DCE7B6B9-CBFC-4807-9CF6-5F38E7566BCF}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Hello hvkreiter,
If you still need help please read this sticky and start again.
"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)
Best regards. :)