Vista Home Basic
Firewall and Defender are not listed under services
Spybot output below:
--------------------------------------------------------------------------
IWinGames: [SBI $3424BEDC] Settings (Registry key, nothing done)
HKEY_CLASSES_ROOT\Installer\Features\4301AEBD288588A40833184CFEC0AF92
IWinGames: [SBI $4209145D] Settings (Registry key, nothing done)
HKEY_CLASSES_ROOT\Installer\Products\4301AEBD288588A40833184CFEC0AF92
IWinGames: [SBI $15CB95A3] Settings (Registry key, nothing done)
HKEY_CLASSES_ROOT\Installer\UpgradeCodes\80F08842F9EA1BE4BA4922DA74CDB698
DoubleClick: Tracking cookie (Internet Explorer: eric) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-03-24 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2011-03-18 Includes\Adware.sbi (*)
2011-12-27 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2010-12-14 Includes\Dialer.sbi (*)
2011-11-29 Includes\DialerC.sbi (*)
2011-02-24 Includes\HeavyDuty.sbi (*)
2011-03-29 Includes\Hijackers.sbi (*)
2011-10-04 Includes\HijackersC.sbi (*)
2010-09-15 Includes\iPhone.sbi (*)
2010-12-14 Includes\Keyloggers.sbi (*)
2011-09-27 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2011-12-07 Includes\Malware.sbi (*)
2011-12-20 Includes\MalwareC.sbi (*)
2011-02-24 Includes\PUPS.sbi (*)
2011-12-27 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2011-02-24 Includes\Security.sbi (*)
2011-12-13 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2011-10-18 Includes\Spyware.sbi (*)
2011-10-18 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2011-09-28 Includes\Trojans.sbi (*)
2011-12-12 Includes\TrojansC-02.sbi (*)
2011-12-27 Includes\TrojansC-03.sbi (*)
2011-12-27 Includes\TrojansC-04.sbi (*)
2011-12-20 Includes\TrojansC-05.sbi (*)
2011-12-12 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
-------------------------------------------------------------------------
i don't have a Tools list on the left side of Spybot SD (is my Spybot out of date?), but i did pull out the following from the Services Listing which appears to include startup status
Name Description Status Startup Type Log On As
Apple Mobile Device Provides the interface to Apple mobile devices. Started Automatic Local System
Application Experience Processes application compatibility cache requests for applications as they are launched Started Automatic Local System
Application Information Facilitates the running of interactive applications with additional administrative privileges. If this service is stopped, users will be unable to launch applications with the additional administrative privileges they may require to perform desired user tasks. Started Manual Local System
Application Layer Gateway Service Provides support for 3rd party protocol plug-ins for Internet Connection Sharing Manual Local Service
Automatic LiveUpdate Scheduler Manages the scheduling of Automatic LiveUpdate sessions Started Automatic Local System
Background Intelligent Transfer Service Transfers files in the background using idle network bandwidth. If the service is disabled, then any applications that depend on BITS, such as Windows Update or MSN Explorer, will be unable to automatically download programs and other information. Started Automatic (Delayed Start) Local System
Bonjour Service Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence. Started Automatic Local System
BrYNSvc Started Manual Local System
Certificate Propagation Propagates certificates from smart cards. Manual Local System
CNG Key Isolation The CNG key isolation service is hosted in the LSA process. The service provides key process isolation to private keys and associated cryptographic operations as required by the Common Criteria. The service stores and uses long-lived keys in a secure process complying with Common Criteria requirements. Started Manual Local System
COM Host COM aggregation host service Manual Local System
COM+ Event System Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local Service
COM+ System Application Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System
Computer Browser Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start. Automatic Local System
Cryptographic Services Provides four management services: Catalog Database Service, which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; Automatic Root Certificate Update Service, which retrieves root certificates from Windows Update and enable scenarios such as SSL; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Network Service
DCOM Server Process Launcher Provides launch functionality for DCOM services. Started Automatic Local System
Desktop Window Manager Session Manager Provides Desktop Window Manager startup and maintenance services Started Automatic Local System
DFS Replication Enables you to synchronize folders on multiple servers across local or wide area network (WAN) network connections. This service uses the Remote Differential Compression (RDC) protocol to update only the portions of files that have changed since the last replication. Manual Local System
DHCP Client Registers and updates IP addresses and DNS records for this computer. If this service is stopped, this computer will not receive dynamic IP addresses and DNS updates. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local Service
Diagnostic Policy Service The Diagnostic Policy Service enables problem detection, troubleshooting and resolution for Windows components. If this service is stopped, diagnostics will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local Service
Diagnostic Service Host The Diagnostic Service Host service enables problem detection, troubleshooting and resolution for Windows components. If this service is stopped, some diagnostics will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local Service
Diagnostic System Host The Diagnostic System Host service enables problem detection, troubleshooting and resolution for Windows components. If this service is stopped, some diagnostics will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start. Started Manual Local System
Distributed Link Tracking Client Maintains links between NTFS files within a computer or across computers in a network. Started Automatic Local System
Distributed Transaction Coordinator Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Network Service
dlbk_device Started Automatic Local System
DNS Client The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer. If the service is stopped, DNS names will continue to be resolved. However, the results of DNS name queries will not be cached and the computer's name will not be registered. If the service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Network Service
DSBrokerService Started Automatic Local System
Extensible Authentication Protocol The Extensible Authentication Protocol (EAP) service provides network authentication in such scenarios as 802.1x wired and wireless, VPN, and Network Access Protection (NAP). EAP also provides application programming interfaces (APIs) that are used by network access clients, including wireless and VPN clients, during the authentication process. If you disable this service, this computer is prevented from accessing networks that require EAP authentication. Started Manual Local System
Function Discovery Provider Host Host process for Function Discovery providers. Manual Local Service
Function Discovery Resource Publication Publishes this computer and resources attached to this computer so they can be discovered over the network. If this service is stopped, network resources will no longer be published and they will not be discovered by other computers on the network. Started Automatic Local Service
Google Desktop Manager 5.9.1005.12335 Updates Google Desktop with the latest security fixes, enhancements and features. This service only runs occasionally and thus does not affect your computer's performance. If this service is stopped or disabled, Google Desktop may not function correctly. Manual Local System
Google Update Service (gupdate1caaa3f89f17c17) Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it. Automatic (Delayed Start) Local System
Google Update Service (gupdatem) Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it. Manual Local System
GoToAssist Citrix GoToAssist provides remote help to this PC. Manual Local System
Group Policy Client The service is responsible for applying settings configured by administrators for the computer and users through the Group Policy component. If the service is stopped or disabled, the settings will not be applied and applications and components will not be manageable through Group Policy. Any components or applications that depend on the Group Policy component might not be functional if the service is stopped or disabled. Started Automatic Local System
Health Key and Certificate Management Provides X.509 certificate and key management services for the Network Access Protection Agent (NAPAgent). Enforcement technologies that use X.509 certificates may not function properly without this service Manual Local System
Human Interface Device Access Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System
IKE and AuthIP IPsec Keying Modules The IKEEXT service hosts the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules. These keying modules are used for authentication and key exchange in Internet Protocol security (IPsec). Stopping or disabling the IKEEXT service will disable IKE and AuthIP key exchange with peer computers. IPsec is typically configured to use IKE or AuthIP; therefore, stopping or disabling the IKEEXT service might result in an IPsec failure and might compromise the security of the system. It is strongly recommended that you have the IKEEXT service running. Automatic Local System
InstallDriver Table Manager Provides support for the Running Object Table for InstallShield Drivers Manual Local System
Interactive Services Detection Enables user notification of user input for interactive services, which enables access to dialogs created by interactive services when they appear. If this service is stopped, notifications of new interactive service dialogs will no longer function and there may no longer be access to interactive service dialogs. If this service is disabled, both notifications of and access to new interactive service dialogs will no longer function. Manual Local System
Internet Connection Sharing (ICS) Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. Automatic Local System
iPod Service iPod hardware management services Started Manual Local System
IPsec Policy Agent Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool "netsh ipsec". If you stop this service, you may experience network connectivity issues if your policy requires that connections use IPsec. Also,remote management of Windows Firewall is not available when this service is stopped. Automatic Network Service
KtmRm for Distributed Transaction Coordinator Coordinates transactions between MSDTC and the Kernel Transaction Manager (KTM). Started Automatic (Delayed Start) Network Service
Link-Layer Topology Discovery Mapper Creates a Network Map, consisting of PC and device topology (connectivity) information, and metadata describing each PC and device. If this service is disabled, the Network Map will not function properly. Manual Local Service
LiveUpdate LiveUpdate Core Engine Manual Local System
Logitech Bluetooth Service Manual Local System
Microsoft .NET Framework NGEN v2.0.50727_X86 Microsoft .NET Framework NGEN Disabled Local System
Microsoft .NET Framework NGEN v4.0.30319_X86 Microsoft .NET Framework NGEN Automatic (Delayed Start) Local System
Microsoft iSCSI Initiator Service Manages Internet SCSI (iSCSI) sessions from this computer to remote iSCSI target devices. If this service is stopped, this computer will not be able to login or access iSCSI targets. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System
Microsoft Office Diagnostics Service Run portions of Microsoft Office Diagnostics. Manual Local System
Microsoft Software Shadow Copy Provider Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System
Multimedia Class Scheduler Enables relative prioritization of work based on system-wide task priorities. This is intended mainly for multimedia applications. If this service is stopped, individual tasks resort to their default priority. Started Automatic Local System
Net.Tcp Port Sharing Service Provides ability to share TCP ports over the net.tcp protocol. Disabled Local Service
Netlogon Maintains a secure channel between this computer and the domain controller for authenticating users and services. If this service is stopped, the computer may not authenticate users and services and the domain controller cannot register DNS records. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System
Network Access Protection Agent Enables Network Access Protection (NAP) functionality on client computers Manual Network Service
Network Connections Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections. Started Manual Local System
Network List Service Identifies the networks to which the computer has connected, collects and stores properties for these networks, and notifies applications when these properties change. Started Automatic Local Service
Network Location Awareness Collects and stores configuration information for the network and notifies programs when this information is modified. If this service is stopped, configuration information might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Network Service
Network Store Interface Service This service delivers network notifications (e.g. interface addition/deleting etc) to user mode clients. Stopping this service will cause loss of network connectivity. If this service is disabled, any other services that explicitly depend on this service will fail to start. Started Automatic Local Service
NVIDIA Display Driver Service Provides system and desktop level support to the NVIDIA display driver Started Automatic Local System
NVIDIA Stereoscopic 3D Driver Service Provides system support for NVIDIA Stereoscopic 3D driver Started Automatic Local System
Office Source Engine Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports. Manual Local System
Parental Controls This service enables Windows Parental Controls on the system. If this service is not running, Parental controls will not work. Manual Local Service
PDFProFiltSrvPP Started Automatic Local System
Peer Name Resolution Protocol Enables Serverless Peer Name Resolution over the Internet. If disabled, some Peer to Peer and Collaborative applications, such as Windows Meetings, may not function Manual Local Service
Peer Networking Grouping Provides Peer Networking Grouping services Manual Local Service
Peer Networking Identity Manager Provides Identity service for Peer Networking Manual Local Service
Performance Logs & Alerts Performance Logs and Alerts Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local Service
Plug and Play Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability. Started Automatic Local System
PnP-X IP Bus Enumerator The PnP-X bus enumerator service manages the virtual network bus. It discovers network connected devices using the SSDP/WS discovery protocols and gives them presence in PnP. If this service is stopped or disabled, presence of NCD devices will not be maintained in PnP. All pnpx based scenarios will stop functioning. Manual Local System
PNRP Machine Name Publication Service This service publishes a machine name using the Peer Name Resolution Protocol. Configuration is managed via the netsh context 'p2p pnrp peer' Manual Local Service
Portable Device Enumerator Service Enforces group policy for removable mass-storage devices. Enables applications such as Windows Media Player and Image Import Wizard to transfer and synchronize content using removable mass-storage devices. Started Automatic Local System
Print Spooler Loads files to memory for later printing Started Automatic Local System
Problem Reports and Solutions Control Panel Support This service provides support for viewing, sending and deletion of system-level problem reports for the Problem Reports and Solutions control panel. Manual Local System
Program Compatibility Assistant Service Provides support for the Program Compatibility Assistant. If this service is stopped, the Program Compatibility Assistant will not function properly. If this service is disabled, any services that depend on it will fail to start. Started Automatic Local System
Protected Storage Provides protected storage for sensitive data, such as passwords, to prevent access by unauthorized services, processes, or users. Started Manual Local System
Quality Windows Audio Video Experience Quality Windows Audio Video Experience (qWave) is a networking platform for Audio Video (AV) streaming applications on IP home networks. qWave enhances AV streaming performance and reliability by ensuring network quality-of-service (QoS) for AV applications. It provides mechanisms for admission control, run time monitoring and enforcement, application feedback, and traffic prioritization. Manual Local Service
ReadyBoost Provides support for improving system performance using ReadyBoost. Started Automatic Local System
Remote Access Auto Connection Manager Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address. Manual Local System
Remote Access Connection Manager Manages dial-up and virtual private network (VPN) connections from this computer to the Internet or other remote networks. If this service is disabled, any services that explicitly depend on it will fail to start. Started Manual Local System
Remote Procedure Call (RPC) Serves as the endpoint mapper and COM Service Control Manager. If this service is stopped or disabled, programs using COM or Remote Procedure Call (RPC) services will not function properly. Started Automatic Network Service
Remote Procedure Call (RPC) Locator Manages the RPC name service database. Started Automatic Network Service
Remote Registry Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local Service
Routing and Remote Access Offers routing services to businesses in local area and wide area network environments. Disabled Local System
Roxio Hard Drive Watcher 9 Started Automatic Local System
RoxMediaDB9 Roxio RoxMediaDB9 Service Manual Local System
SBSD Security Center Service Automatic Local System
Secondary Logon Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System
Secure Socket Tunneling Protocol Service Provides support for the Secure Socket Tunneling Protocol (SSTP) to connect to remote computers using VPN. If this service is disabled, users will not be able to use SSTP to access remote servers. Started Manual Local Service
Security Accounts Manager The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests. Disabling this service will prevent other services in the system from being notified when the SAM is ready, which may in turn cause those services to fail to start correctly. This service should not be disabled. Started Automatic Local System
Server Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System
Shell Hardware Detection Provides notifications for AutoPlay hardware events. Started Automatic Local System
SL UI Notification Service Provides Software Licensing activation and notification Manual Local Service
Smart Card Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local Service
Smart Card Removal Policy Allows the system to be configured to lock the user desktop upon smart card removal. Manual Local System
SNMP Trap Receives trap messages generated by local or remote Simple Network Management Protocol (SNMP) agents and forwards the messages to SNMP management programs running on this computer. If this service is stopped, SNMP-based programs on this computer will not receive SNMP trap messages. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local Service
Software Licensing Enables the download, installation and enforcement of digital licenses for Windows and Windows applications. If the service is disabled, the operating system and licensed applications may run in a notification mode. Started Automatic Network Service
SSDP Discovery Discovers networked devices and services that use the SSDP discovery protocol, such as UPnP devices. Also announces SSDP devices and services running on the local computer. If this service is stopped, SSDP-based devices will not be discovered. If this service is disabled, any services that explicitly depend on it will fail to start. Started Manual Local Service
stllssvr Manual Local System
Superfetch Maintains and improves system performance over time. Started Automatic Local System
SupportSoft Sprocket Service (dellsupportcenter) SupportSoft Sprocket Service Started Automatic Local System
Symantec AppCore Service Symantec Application Service Started Automatic Local System
Symantec Core LC Symantec Core LC Started Manual Local System
Symantec Event Manager Event propagation and logging service Started Automatic Local System
Symantec IS Password Validation User account management service Manual Local System
Symantec Lic NetConnect service Symantec Lic NetConnect Service Started Automatic Local System
Symantec Settings Manager Settings storage and management service Started Automatic Local System
System Event Notification Service Monitors system events and notifies subscribers to COM+ Event System of these events. Started Automatic Local System
Tablet PC Input Service Enables Tablet PC pen and ink functionality Started Automatic Local System
Task Scheduler Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System
TCP/IP NetBIOS Helper Provides support for the NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution for clients on the network, therefore enabling users to share files, print, and log on to the network. If this service is stopped, these functions might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local Service
Telephony Provides Telephony API (TAPI) support for programs that control telephony devices on the local computer and, through the LAN, on servers that are also running the service. Started Manual Network Service
Terminal Services Allows users to connect interactively to a remote computer. Remote Desktop and Terminal Server depend on this service. To prevent remote use of this computer, clear the checkboxes on the Remote tab of the System properties control panel item. Started Automatic Network Service
Terminal Services Configuration Terminal Services Configuration service (TSCS) is responsible for all Terminal Services and Remote Desktop related configuration and session maintenance activities that require SYSTEM context. These include per-session temporary folders, TS themes, and TS certificates. Manual Local System
Themes Provides user experience theme management. Started Automatic Local System
Thread Ordering Server Provides ordered execution for a group of threads within a specific period of time. Manual Local Service
TPM Base Services Enables access to the Trusted Platform Module (TPM), which provides hardware-based cryptographic services to system components and applications. If this service is stopped or disabled, applications will be unable to use keys protected by the TPM. Automatic (Delayed Start) Local Service
UPnP Device Host Allows UPnP devices to be hosted on this computer. If this service is stopped, any hosted UPnP devices will stop functioning and no additional hosted devices can be added. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local Service
User Profile Service This service is responsible for loading and unloading user profiles. If this service is stopped or disabled, users will no longer be able to successfully logon or logoff, applications may have problems getting to users' data, and components registered to receive profile event notifications will not receive them. Started Automatic Local System
Virtual Disk Provides management services for disks, volumes, file systems, and storage arrays. Manual Local System
Volume Shadow Copy Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System
WebClient Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local Service
Windows Audio Manages audio for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start Started Automatic Local Service
Windows Audio Endpoint Builder Manages audio devices for the Windows Audio service. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start Started Automatic Local System
Windows Backup Provides Windows Backup and Restore capabilities. Manual Local System
Windows CardSpace Securely enables the creation, management, and disclosure of digital identities. Manual Local System
Windows Color System The WcsPlugInService service hosts third-party Windows Color System color device model and gamut map model plug-in modules. These plug-in modules are vendor-specific extensions to the Windows Color System baseline color device and gamut map models. Stopping or disabling the WcsPlugInService service will disable this extensibility feature, and the Windows Color System will use its baseline model processing rather than the vendor's desired processing. This might result in inaccurate color rendering. Manual Local Service
Windows Connect Now - Config Registrar Act as a Registrar, issues network credential to Enrollee. If this service is disabled, the Windows Connect Now - Config Registrar will not function properly. Manual Local Service
Windows Driver Foundation - User-mode Driver Framework Manages user-mode driver host processes Started Automatic Local System
Windows Error Reporting Service Allows errors to be reported when programs stop working or responding and allows existing solutions to be delivered. Also allows logs to be generated for diagnostic and repair services. If this service is stopped, error reporting might not work correctly and results of diagnostic services and repairs might not be displayed. Started Automatic Local System
Windows Event Collector This service manages persistent subscriptions to events from remote sources that support WS-Management protocol. This includes Windows Vista event logs, hardware and IPMI-enabled event sources. The service stores forwarded events in a local Event Log. If this service is stopped or disabled event subscriptions cannot be created and forwarded events cannot be accepted. Manual Network Service
Windows Event Log This service manages events and event logs. It supports logging events, querying events, subscribing to events, archiving event logs, and managing event metadata. It can display events in both XML and plain text format. Stopping this service may compromise security and reliability of the system. Started Automatic Local Service
Windows Font Cache Service Optimizes performance of applications by caching commonly used font data. Applications will start this service if it is not already running. It can be disabled, though doing so will degrade application performance. Started Automatic (Delayed Start) Local Service
Windows Image Acquisition (WIA) Provides image acquisition services for scanners and cameras Started Automatic Local Service
Windows Installer Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System
Windows Management Instrumentation Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System
Windows Media Player Network Sharing Service Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play Manual Network Service
Windows Modules Installer Enables installation, modification, and removal of Windows updates and optional components. If this service is disabled, install or uninstall of Windows updates might fail for this computer. Manual Local System
Windows Presentation Foundation Font Cache 3.0.0.0 Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications. Manual Local Service
Windows Presentation Foundation Font Cache 4.0.0.0 Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications. Manual Local Service
Windows Remote Management (WS-Management) Windows Remote Management (WinRM) service implements the WS-Management protocol for remote management. WS-Management is a standard web services protocol used for remote software and hardware management. The WinRM service listens on the network for WS-Management requests and processes them. The WinRM Service needs to be configured with a listener using winrm.cmd command line tool or through Group Policy in order for it to listen over the network. The WinRM service provides access to WMI data and enables event collection. Event collection and subscription to events require that the service is running. WinRM messages use HTTP and HTTPS as transports. The WinRM service does not depend on IIS but is preconfigured to share a port with IIS on the same machine. The WinRM service reserves the /wsman URL prefix. To prevent conflicts with IIS, administrators should ensure that any websites hosted on IIS do not use the /wsman URL prefix. Manual Network Service
Windows Search Provides content indexing and property caching for file, email and other content (via extensibility APIs). The service responds to file and email notifications to index modified content. If the service is stopped or disabled, the Explorer will not be able to display virtual folder views of items, and search in the Explorer will fall back to item-by-item slow search. Started Automatic Local System
Windows Time Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local Service
Windows Update Enables the detection, download, and installation of updates for Windows and other programs. If this service is disabled, users of this computer will not be able to use Windows Update or its automatic updating feature, and programs will not be able to use the Windows Update Agent (WUA) API. Started Automatic (Delayed Start) Local System
WinHTTP Web Proxy Auto-Discovery Service WinHTTP implements the client HTTP stack and provides developers with a Win32 API and COM Automation component for sending HTTP requests and receiving responses. In addition, WinHTTP provides support for auto-discovering a proxy configuration via its implementation of the Web Proxy Auto-Discovery (WPAD) protocol. Started Manual Local Service
Wired AutoConfig This service performs IEEE 802.1X authentication on Ethernet interfaces Manual Local System
WLAN AutoConfig This service enumerates WLAN adapters, manages WLAN connections and profiles. Started Automatic Local System
WMI Performance Adapter Provides performance library information from Windows Management Instrumentation (WMI) providers to clients on the network. This service only runs when Performance Data Helper is activated. Manual Local System
Workstation Creates and maintains client network connections to remote servers using the SMB protocol. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local Service
Thank you for posting the logs. :)
I believe you may be having these problems with Windows Defender and Windows Firewall due to your recent episode with malware.
Unfortunately,I haven't been able to find an easy solution.
A system restore isn't a good idea,since it might restore you back to when you were infected.
I don't believe a startup repair will fix the problems you're having,either.
I see you have a Dell computer.Did it come with a Vista installation DVD?
There is a tutorial here:
http://www.vistax64.com/tutorials/88236-repair-install-vista.html
Please read through it and see if you think it might be worth a try for you,if you do have the Vista installation DVD.(Note what it says about service pack 1 and service pack 2.)Also,please only attempt the repair install/upgrade if you're pretty certain the malware was removed sucessfully by Spybot and Malware Bytes.
Or,if the above doesn't work for you,you could try installing a third-party firewall instead if you wish.If you prefer that,I can post a couple options for you.
I see some services listed related to Symantec/Norton,but didn't notice anything in startup related to an antivirus.Did you previously have Norton antivirus installed?
If you no longer have an antivirus currently installed,I can list a couple free antiviruses for you to choose from,if you like,too.
Yes,if you did a full OS reinstall,you would have to reinstall all applications.
The tutorial I linked to is not a full reinstall.It is geared more to being a repair install,the way you used to be able to do a repair install of Windows XP,though Microsoft since decided to do things differently.
Some things would be returned to default if you tried the repair(upgrade) install.They're listed in the red/pink box.
It is a bit drastic,though,so you ought to avoid trying it if you feel uncomfortable with it. :)
Spybot and MalwareBytes are both very good to have,but neither one is an antivirus,and an antivirus is needed.There are some free ones available.
AVG:
http://download.cnet.com/AVG-Anti-Virus-Free-Edition-2012/3000-2239_4-10320142.html?part=dl-avg_free_ca&subj=dl&tag=button
Avast:
http://download.cnet.com/Avast-Free-Antivirus/3000-2239_4-10019223.html?part=dl-85737&subj=dl&tag=button
Avira:
http://www.avira.com/en/avira-free-antivirus
If you decide to download an antivirus,please only choose one.It's possible more than one antivirus installed at a time can conflict with one another if they both have real-time protection running.
Agnitum and Comodo are both good firewalls.Another good one is Zone Alarm:
http://www.zonealarm.com/security/en/trialpay-za-signup.htm
The free one is over to the left.The button appears to be greyed out,but if you click it,it will take you to a download page,with instructions.
No,I don't believe the problem is from any conflict with Malwarebytes and Teatimer.The startup entry in your startup list is Malwarebytes Anti-Malware Reboot,and is listed on this page as being used by Malwarebytes's Anti-malware to perform an action on reboot.
http://www.bleepingcomputer.com/startups/mbam.exe-22288.html
I believe that startup entry is for some cleanup action it will perform after you reboot.
I don't see any entries in your startup list for MBAM's Real-Time Active Malware Prevention Engine.If you don't have the Pro version of Malwarebytes,then the Real-Time Active Malware Prevention Engine isn't included with the program,so there should be no conflicts with Malwarebytes and Teatimer,as Malwarebytes free is basically a spyware scanner only.
I'm not 100% certain,but I believe the upgrade to Windows 7 might be equivalent to the Vista reinstall I listed above,if you decide on that.
There's an upgrade advisor available here:
http://windows.microsoft.com/upgradeadvisor
And some more info here:
http://windows.microsoft.com/upgrade