Win32.TDSS.rtk - Request for Helpq

**xcentrik** · 2009-08-10, 01:51

Hello to all and thank you for all you do.

I am having trouble with the annoying Win32.TDSS.rtk as many other are appearing to have. The entries from Spybot I am getting are posted first. I will also post my RSIT and ANtiroot logs after the SB logs. I am sure the process I will follow is pretty much the same as in other posts, such as http://forums.spybot.info/showthread.php?t=50594, and if so please let me know. If there is anything else I should do I would appreciate all the help. Thank you very much in advance!

Spybot Logs:

I have run spybot numerous time, both while processes are running and before startup, always keeps coming back.

--- Search result list ---
Win32.TDSS.rtk: [SBI $79B0E3AB] File (File, fixed)
C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys
Properties.size=0
Properties.md5=70F8852B4B8973BDE59A19330B14EE23

Win32.TDSS.rtk: [SBI $49F1C28A] File (File, fixed)
C:\WINDOWS\system32\SKYNETknbavmho.dll
Properties.size=0
Properties.md5=031C6BC3EDB0513A8FF3E38640BC95EF

Win32.TDSS.rtk: [SBI $49F1C28A] File (File, fixed)
C:\WINDOWS\system32\SKYNETqdeiqomq.dll
Properties.size=0
Properties.md5=3F40CC2D50A4B51C76F1657CF57B8E96

Win32.TDSS.rtk: [SBI $1A7ABF3C] File (File, fixed)
C:\WINDOWS\system32\SKYNETksrteoaf.dat
Properties.size=0
Properties.md5=3ECBF3A70FCFCA3D32AD547788B697CF

Win32.TDSS.rtk: [SBI $1A7ABF3C] File (File, fixed)
C:\WINDOWS\system32\SKYNETlwpvruwk.dat
Properties.size=0
Properties.md5=17890E5122ACB2D5A248BE63D7247F7F

--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2008-07-07 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-03-20 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-07-28 advcheck.dll (1.6.3.17)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-05-19 Includes\Adware.sbi (*)
2009-07-30 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-05-19 Includes\Dialer.sbi (*)
2009-08-04 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2009-08-04 Includes\HijackersC.sbi (*)
2009-06-23 Includes\Keyloggers.sbi (*)
2009-07-30 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-07-14 Includes\Malware.sbi (*)
2009-08-05 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2009-08-04 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2009-07-30 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-04-07 Includes\Spyware.sbi (*)
2009-08-04 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2009-07-22 Includes\Trojans.sbi (*)
2009-08-05 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

--- System information ---
Windows XP (Build: 2600) Service Pack 3 (5.1.2600)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player: Security Update for Windows Media Player (KB952069)
/ Windows Media Player 11: Security Update for Windows Media Player 11 (KB936782)
/ Windows Media Player 11: Hotfix for Windows Media Player 11 (KB939683)
/ Windows Media Player 11: Security Update for Windows Media Player 11 (KB954154)
/ Windows Media Player 11: Critical Update for Windows Media Player 11 (KB959772)
/ Windows Presentation Foundation: This Hotfix is for Microsoft .NET Framework 3.0. If you later install a more recent service pack, this Hotfix will be uninstalled automatically. For more information, visit http://support.microsoft.com/kb/932471
/ Windows XP: Security Update for Windows XP (KB941569)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB928090)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB938127)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB950759)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB953838)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB956390)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB958215)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB960714)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB961260)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB963027)
/ Windows XP / SP0: Update for Windows Internet Explorer 8 (KB969497)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB969897)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB972260)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP4: Security Update for Windows XP (KB923561)
/ Windows XP / SP4: Security Update for Windows XP (KB938464)
/ Windows XP / SP4: Security Update for Windows XP (KB950762)
/ Windows XP / SP4: Security Update for Windows XP (KB950974)
/ Windows XP / SP4: Security Update for Windows XP (KB951066)
/ Windows XP / SP4: Update for Windows XP (KB951072-v2)
/ Windows XP / SP4: Security Update for Windows XP (KB951376-v2)
/ Windows XP / SP4: Security Update for Windows XP (KB951698)
/ Windows XP / SP4: Security Update for Windows XP (KB951748)
/ Windows XP / SP4: Update for Windows XP (KB951978)
/ Windows XP / SP4: Security Update for Windows XP (KB952004)
/ Windows XP / SP4: Hotfix for Windows XP (KB952287)
/ Windows XP / SP4: Security Update for Windows XP (KB952954)
/ Windows XP / SP4: Security Update for Windows XP (KB953839)
/ Windows XP / SP4: Security Update for Windows XP (KB954211)
/ Windows XP / SP4: Security Update for Windows XP (KB954459)
/ Windows XP / SP4: Hotfix for Windows XP (KB954550-v5)
/ Windows XP / SP4: Security Update for Windows XP (KB954600)
/ Windows XP / SP4: Security Update for Windows XP (KB955069)
/ Windows XP / SP4: Update for Windows XP (KB955839)
/ Windows XP / SP4: Security Update for Windows XP (KB956391)
/ Windows XP / SP4: Security Update for Windows XP (KB956572)
/ Windows XP / SP4: Security Update for Windows XP (KB956802)
/ Windows XP / SP4: Security Update for Windows XP (KB956803)
/ Windows XP / SP4: Security Update for Windows XP (KB956841)
/ Windows XP / SP4: Security Update for Windows XP (KB957095)
/ Windows XP / SP4: Security Update for Windows XP (KB957097)
/ Windows XP / SP4: Security Update for Windows XP (KB958644)
/ Windows XP / SP4: Security Update for Windows XP (KB958687)
/ Windows XP / SP4: Security Update for Windows XP (KB958690)
/ Windows XP / SP4: Security Update for Windows XP (KB959426)
/ Windows XP / SP4: Security Update for Windows XP (KB960225)
/ Windows XP / SP4: Security Update for Windows XP (KB960715)
/ Windows XP / SP4: Security Update for Windows XP (KB960803)
/ Windows XP / SP4: Hotfix for Windows XP (KB961118)
/ Windows XP / SP4: Security Update for Windows XP (KB961371)
/ Windows XP / SP4: Security Update for Windows XP (KB961373)
/ Windows XP / SP4: Security Update for Windows XP (KB961501)
/ Windows XP / SP4: Update for Windows XP (KB967715)
/ Windows XP / SP4: Security Update for Windows XP (KB968537)
/ Windows XP / SP4: Security Update for Windows XP (KB969898)
/ Windows XP / SP4: Security Update for Windows XP (KB970238)
/ Windows XP / SP4: Security Update for Windows XP (KB971633)
/ Windows XP / SP4: Security Update for Windows XP (KB973346)
/ XML Paper Specification Shared Components Pack 1.0: XML Paper Specification Shared Components Pack 1.0

--- Startup entries list ---
Located: HK_LM:Run,
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, Acrobat Assistant 8.0
command: "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
file: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
size: 624248
MD5: 4D042B1F1375CF371AFBE0E0276BA627

Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
size: 34672
MD5: 69B16C7B7746BA5C642FC05B3561FC73

Located: HK_LM:Run, Adobe_ID0EYTHM
command: C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
file: C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
size: 1884160
MD5: C1873D880786B6B03AF781E23835D925

Located: HK_LM:Run, Alcmtr
command: ALCMTR.EXE
file: C:\WINDOWS\ALCMTR.EXE
size: 69632
MD5: 8B4CBBA1EA526830C7F97E7822E2493A

Located: HK_LM:Run, ASUSGamerOSD
command: C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
file: C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
size: 380928
MD5: 3986FF03F6C3DD063D05B6193EA360FA

Located: HK_LM:Run, GrooveMonitor
command: "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
file: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 33648
MD5: 35DCD380D4D579D8B8EA91D5D8AE444C

Located: HK_LM:Run, Kernel and Hardware Abstraction Layer
command: KHALMNPR.EXE
file: C:\WINDOWS\KHALMNPR.EXE
size: 76304
MD5: E6A9F68D26A094FB78B98180A40A29FC

Located: HK_LM:Run, NBKeyScan
command: "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
file: C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
size: 2221352
MD5: DE9BD75FADB913F4E418CFBA381D7198

Located: HK_LM:Run, NeroFilterCheck
command: C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
file: C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
size: 570664
MD5: 925659214E5E6749C4B6B6E87B3A82D6

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\NvCpl.dll
size: 13529088
MD5: 2C6E14603D984A9724AE7E6D037D4A6A

Located: HK_LM:Run, NvMediaCenter
command: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
file: C:\WINDOWS\system32\NvMcTray.dll
size: 86016
MD5: BEAA778E2B6285E465143DD2519A75A5

Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINDOWS\system32\nwiz.exe
size: 1630208
MD5: 03EAD6EC9D5D9D26A6845FAA35343889

Located: HK_LM:Run, RTHDCPL
command: RTHDCPL.EXE
file: C:\WINDOWS\RTHDCPL.EXE
size: 16857600
MD5: A6543BD31E3B48F70DA57FB01F13D934

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre6\bin\jusched.exe"
file: C:\Program Files\Java\jre6\bin\jusched.exe
size: 136600
MD5: B98FFA8288EFAABC436C30D198608345

Located: HK_LM:Run, UnlockerAssistant
command: "C:\Program Files\Unlocker\UnlockerAssistant.exe"
file: C:\Program Files\Unlocker\UnlockerAssistant.exe
size: 15872
MD5: 3FFE8752B77382C5050006C31781D05A

Located: HK_LM:Run, UserFaultCheck
command: %systemroot%\system32\dumprep 0 -u
file: C:\WINDOWS\system32\dumprep 0 -u
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, WinampAgent
command: "C:\Program Files\Winamp\winampa.exe"
file: C:\Program Files\Winamp\winampa.exe
size: 36352
MD5: E7DEADB409CD8A4552C91ABF624F138F

Located: HK_LM:RunOnce, SpybotDeletingA2594
command: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA2730
command: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll"
file: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA2775
command: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys"
file: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA2797
command: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll"
file: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA3415
command: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat"
file: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA4381
command: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll"
file: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA4430
command: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys"
file: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA4440
command: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA515
command: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA5832
command: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA5927
command: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA6115
command: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat"
file: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA6138
command: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA7415
command: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat"
file: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA7613
command: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys_old"
file: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA7726
command: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat"
file: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA7792
command: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA796
command: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA8355
command: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll"
file: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingA9586
command: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys_old"
file: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingC112
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC1402
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC1457
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC1622
command: cmd.exe /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC1976
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC2245
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC291
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC5003
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC5242
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC6167
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC6317
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC6442
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC6457
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC6808
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC7088
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC7531
command: cmd.exe /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC7569
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC7710
command: cmd.exe /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC7743
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_LM:RunOnce, SpybotDeletingC8079
command: cmd.exe /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, nltide_3
where: .DEFAULT...
command: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
file: C:\WINDOWS\system32\advpack.dll
size: 128512
MD5: 8FED1E0A491D4990853D23F21C59C730

Located: HK_CU:RunOnce, ShowDeskFix
where: .DEFAULT...
command: regsvr32 /s /n /i:u shell32
file: regsvr32 /s /n /i:u shell32
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, nltide_3
where: S-1-5-20...
command: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
file: C:\WINDOWS\system32\advpack.dll
size: 128512
MD5: 8FED1E0A491D4990853D23F21C59C730

Located: HK_CU:RunOnce, ShowDeskFix
where: S-1-5-20...
command: regsvr32 /s /n /i:u shell32
file: regsvr32 /s /n /i:u shell32
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, Aim6
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
file: C:\Program Files\AIM6\aim6.exe
size: 49968
MD5: 5B4AF27E83DA8385A9B08E76DA730C91

Located: HK_CU:Run, Creative Detector U
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: "C:\Program Files\Creative\MediaSource5\CTDetctu.exe" /R
file: C:\Program Files\Creative\MediaSource5\CTDetctu.exe
size: 188416
MD5: 0BD5218D5A8C5598E75E8614938F9948

Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3

Located: HK_CU:Run, IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
file: C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
size: 1840424
MD5: C44031488DED58FCE58E5D94BC345D30

Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887

Located: HK_CU:RunOnce, SpybotDeletingB1865
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB2372
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB2902
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys_old"
file: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB2981
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll"
file: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB2982
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat"
file: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB4035
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB466
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB4908
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll"
file: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB5805
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll"
file: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB6431
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys"
file: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB6849
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll"
file: command.com /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB7485
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys"
file: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB7906
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB7932
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat"
file: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB8298
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB8460
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat"
file: command.com /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB9225
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB9708
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat_old"
file: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB9867
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat"
file: command.com /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingB9997
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys_old"
file: command.com /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys_old"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingD1488
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD1624
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD2033
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD2319
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD255
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD2679
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD3100
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD3112
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD3392
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETknbavmho.dll"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD4267
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD483
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD5113
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD6523
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETqdeiqomq.dll"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD6549
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD6773
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD7026
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD7882
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD809
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETksrteoaf.dat"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD9122
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\drivers\SKYNETbwpwcmqi.sys"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, SpybotDeletingD9308
where: S-1-5-21-854245398-1500820517-682003330-1004...
command: cmd.exe /c del "C:\WINDOWS\system32\SKYNETlwpvruwk.dat_old"
file: C:\WINDOWS\system32\cmd.exe
size: 389120
MD5: 6D778E0F95447E6546553EEEA709D03C

Located: HK_CU:RunOnce, nltide_3
where: S-1-5-18...
command: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
file: C:\WINDOWS\system32\advpack.dll
size: 128512
MD5: 8FED1E0A491D4990853D23F21C59C730

Located: HK_CU:RunOnce, ShowDeskFix
where: S-1-5-18...
command: regsvr32 /s /n /i:u shell32
file: regsvr32 /s /n /i:u shell32
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: Startup (common), Logitech SetPoint.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Logitech\SetPoint\SetPoint.exe
file: C:\Program Files\Logitech\SetPoint\SetPoint.exe
size: 805392
MD5: D0948BE9B3547B9669195D7F84FC09F7

Located: Startup (user), Styler.lnk
where: C:\Documents and Settings\Joshua\Start Menu\Programs\Startup...
command: C:\Documents and Settings\Joshua\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe
file: C:\Documents and Settings\Joshua\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe
size: 15086
MD5: 8588D2403599C1E7D1F6C9EA458CEB39

Located: Startup (disabled), OneNote 2007 Screen Clipper and Launcher (DISABLED)
command: C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE /tsr
file: C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE
size: 101440
MD5: 9D0EEBDA40D5C33BC63FB8BB984F7681

Located: WinLogon, avgrsstarter
command: avgrsstx.dll
file: avgrsstx.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, dimsntfy
command: %SystemRoot%\System32\dimsntfy.dll
file: %SystemRoot%\System32\dimsntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, LBTWlgn
command: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
file: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
size: 72208
MD5: 2ACBFEF9984F0FE9849DA857206CCECC

Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

--- Browser helper object list ---
{074C1DC5-9320-4A9A-947D-C042949C6216} (ContributeBHO Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: ContributeBHO Class
Path: C:\Program Files\Adobe\
Long name: contributeieplugin.dll
Short name: CONTRI~1.DLL
Date (created): 3/16/2007 3:13:06 PM
Date (last access): 8/9/2009 3:42:56 PM
Date (last write): 3/16/2007 3:13:06 PM
Filesize: 118784
Attributes: archive
MD5: E23691A98928CE49586753982B8402A2
CRC32: 2CAFCB5A
Version: 1.0.0.0

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (AcroIEHelperStub)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: AcroIEHelperStub
CLSID name: Adobe PDF Link Helper
Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\
Long name: AcroIEHelperShim.dll
Short name: ACROIE~2.DLL
Date (created): 6/11/2008 11:33:16 PM
Date (last access): 8/9/2009 3:39:48 PM
Date (last write): 6/11/2008 11:33:16 PM
Filesize: 75128
Attributes: archive
MD5: E96C752BBA0E22330A43258FC800200E
CRC32: E5D72083
Version: 9.0.0.332

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (WormRadar.com IESiteBlocker.NavFilter)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: WormRadar.com IESiteBlocker.NavFilter
CLSID name: AVG Safe Search
Path: C:\Program Files\AVG\AVG8\
Long name: avgssie.dll
Short name:
Date (created): 2/4/2009 10:21:00 AM
Date (last access): 8/9/2009 4:15:10 PM
Date (last write): 7/19/2009 11:43:04 PM
Filesize: 1111320
Attributes: archive
MD5: A8F964A2FB9400B81E1483AA5A8B39F5
CRC32: E3F2A2F4
Version: 8.5.0.392

{72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Groove GFS Browser Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Groove GFS Browser Helper
Path: C:\Program Files\Microsoft Office\Office12\
Long name: GrooveShellExtensions.dll
Short name: GRA8E1~1.DLL
Date (created): 8/24/2007 8:01:22 AM
Date (last access): 8/9/2009 4:12:24 PM
Date (last write): 8/24/2007 8:01:22 AM
Filesize: 2212224
Attributes: archive
MD5: 32C4927E013C018A13D8DFBDA4148812
CRC32: 9A9F3D8B
Version: 12.0.6211.1000

{b0cda128-b425-4eef-a174-61a11ac5dbf8} (AIM Toolbar Loader)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: AIM Toolbar Loader
CLSID name: AIM Toolbar Loader
Path: C:\Program Files\AIM Toolbar\
Long name: aimtb.dll
Short name:
Date (created): 5/6/2009 11:14:26 AM
Date (last access): 8/9/2009 4:15:10 PM
Date (last write): 5/6/2009 11:14:26 AM
Filesize: 1279272
Attributes: archive
MD5: 4BD0311F7E4F1A6010CCC1D263128443
CRC32: 71974D6A
Version: 5.25.24.1

{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 12/27/2008 9:40:58 PM
Date (last access): 8/9/2009 3:49:10 PM
Date (last write): 12/27/2008 9:40:58 PM
Filesize: 34816
Attributes: archive
MD5: 5D57FD3DF32DC69CEC3D1D54B4C43162
CRC32: D7C13FB2
Version: 6.0.110.3

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (JQSIEStartDetectorImpl)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: JQSIEStartDetectorImpl
CLSID name: JQSIEStartDetectorImpl Class
Path: C:\Program Files\Java\jre6\lib\deploy\jqs\ie\
Long name: jqs_plugin.dll
Short name: JQS_PL~1.DLL
Date (created): 12/27/2008 9:41:02 PM
Date (last access): 8/9/2009 3:49:10 PM
Date (last write): 12/27/2008 9:41:02 PM
Filesize: 73728
Attributes: archive
MD5: F68EDAFE003F2B3523C0742CD3B8D673
CRC32: 9C709350
Version: 6.0.110.3

--- ActiveX list ---
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_11
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_11.dll
Short name: NPJPI1~1.DLL
Date (created): 12/27/2008 9:41:00 PM
Date (last access): 8/9/2009 2:47:20 PM
Date (last write): 12/27/2008 9:41:00 PM
Filesize: 132504
Attributes: archive
MD5: D400116F6776ACB6EDB6B1F5EEB9F92D
CRC32: CECB5751
Version: 6.0.110.3

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get.../ultrashim.cab
description:
classification: Open for discussion
known filename:
info link:
info source: Safer Networking Ltd.

{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_06
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_06\bin\
Long name: npjpi160_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/25/2008 2:37:02 AM
Date (last access): 8/9/2009 2:47:00 PM
Date (last write): 3/25/2008 4:28:02 AM
Filesize: 132496
Attributes: archive
MD5: 5522AFEAB77DD6D401F3FE5C0A46122E
CRC32: F643B062
Version: 6.0.60.2

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 6/10/2008 3:32:34 AM
Date (last access): 8/9/2009 2:47:10 PM
Date (last write): 6/10/2008 5:27:02 AM
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6

{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_11
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_11.dll
Short name: NPJPI1~1.DLL
Date (created): 12/27/2008 9:41:00 PM
Date (last access): 8/9/2009 4:36:10 PM
Date (last write): 12/27/2008 9:41:00 PM
Filesize: 132504
Attributes: archive
MD5: D400116F6776ACB6EDB6B1F5EEB9F92D
CRC32: CECB5751
Version: 6.0.110.3

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_11
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_11.dll
Short name: NPJPI1~1.DLL
Date (created): 12/27/2008 9:41:00 PM
Date (last access): 8/9/2009 4:36:10 PM
Date (last write): 12/27/2008 9:41:00 PM
Filesize: 132504
Attributes: archive
MD5: D400116F6776ACB6EDB6B1F5EEB9F92D
CRC32: CECB5751
Version: 6.0.110.3

--- Process list ---
PID: 0 ( 0) [System]
PID: 812 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 868 ( 812) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 892 ( 812) \??\C:\WINDOWS\system32\winlogon.exe
size: 507904
PID: 940 ( 892) C:\WINDOWS\system32\services.exe
size: 110592
MD5: 65DF52F5B8B6E9BBD183505225C37315
PID: 952 ( 892) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: BF2466B3E18E970D8A976FB95FC1CA85
PID: 1100 ( 940) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1212 ( 940) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1268 ( 940) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1316 ( 940) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1460 ( 940) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1540 ( 940) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1880 ( 940) C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
size: 611664
MD5: 17067069B9A7865028C1F2E6971D0CCC
PID: 2044 ( 940) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: D8E14A61ACC1D4A6CD0D38AEBAC7FA3B
PID: 560 ( 440) C:\WINDOWS\Explorer.EXE
size: 1033728
MD5: 12896823FB95BFB3DC9B46BCAEDC9923
PID: 248 ( 560) C:\Program Files\Unlocker\UnlockerAssistant.exe
size: 15872
MD5: 3FFE8752B77382C5050006C31781D05A
PID: 628 ( 560) C:\Program Files\Java\jre6\bin\jusched.exe
size: 136600
MD5: B98FFA8288EFAABC436C30D198608345
PID: 644 ( 560) C:\WINDOWS\RTHDCPL.EXE
size: 16857600
MD5: A6543BD31E3B48F70DA57FB01F13D934
PID: 692 ( 560) C:\WINDOWS\system32\RUNDLL32.EXE
size: 33280
MD5: 037B1E7798960E0420003D05BB577EE6
PID: 720 ( 560) C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
size: 380928
MD5: 3986FF03F6C3DD063D05B6193EA360FA
PID: 832 ( 560) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 33648
MD5: 35DCD380D4D579D8B8EA91D5D8AE444C
PID: 1012 ( 940) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1160 ( 560) C:\Program Files\Winamp\winampa.exe
size: 36352
MD5: E7DEADB409CD8A4552C91ABF624F138F
PID: 1412 ( 940) C:\WINDOWS\ATKKBService.exe
size: 262144
MD5: DF70303547E59F09DCD32983100EDCD1
PID: 1408 ( 560) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
size: 624248
MD5: 4D042B1F1375CF371AFBE0E0276BA627
PID: 1452 ( 940) C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
size: 298776
MD5: BFC093C2DDDE8FCE5DA078E663B4515B
PID: 1552 ( 560) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3
PID: 1064 ( 560) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887
PID: 1628 ( 940) C:\Program Files\Bonjour\mDNSResponder.exe
size: 229376
MD5: 73686FE0B2E0469F89FD2075BE724704
PID: 1632 ( 560) C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
size: 1840424
MD5: C44031488DED58FCE58E5D94BC345D30
PID: 1676 ( 560) C:\Program Files\Creative\MediaSource5\CTDetctu.exe
size: 188416
MD5: 0BD5218D5A8C5598E75E8614938F9948
PID: 1704 ( 940) C:\WINDOWS\system32\CTsvcCDA.exe
size: 44032
MD5: 3C8B6609712F4FF78E521F6DCFC4032B
PID: 1960 ( 940) C:\Program Files\Java\jre6\bin\jqs.exe
size: 152984
MD5: 32192B4EBE8720ED8D49A455C962CB91
PID: 1956 ( 940) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
size: 877864
MD5: 2AAE889742376EDC5C3203DFB74F28FD
PID: 360 ( 560) C:\Program Files\Logitech\SetPoint\SetPoint.exe
size: 805392
MD5: D0948BE9B3547B9669195D7F84FC09F7
PID: 728 ( 560) C:\Program Files\Styler\Styler.exe
size: 307200
MD5: D68AE8C031B370538F917AF176A947F6
PID: 1800 ( 940) C:\WINDOWS\system32\nvsvc32.exe
size: 159812
MD5: 93972E943623635A47DC33D312B6A378
PID: 1840 (1452) C:\Program Files\AVG\AVG8\avgrsx.exe
size: 486680
MD5: 95E1D555542D5F6031E756751C6FF3F4
PID: 2124 ( 360) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
size: 76304
MD5: 19E0D28FE38F55CA4C63F77D3657959A
PID: 2156 ( 940) C:\WINDOWS\system32\IoctlSvc.exe
size: 81920
MD5: 875E4E0661F3A5994DF9E5E3A0A4F96B
PID: 2264 ( 940) C:\WINDOWS\system32\PnkBstrA.exe
size: 75064
MD5: A1DD33D16F277CE34124EE52AB2C0F14
PID: 2396 ( 940) C:\WINDOWS\system32\PnkBstrB.exe
size: 189104
MD5: 10652913B563B6376B5C25DB63FA72E3
PID: 2464 ( 940) C:\Program Files\Viewpoint\Common\ViewpointService.exe
size: 24652
MD5: 5F974FDE801C73952770736BECDE11E7
PID: 3148 ( 940) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
size: 537896
MD5: CB992AE1506985D9167E85883B4C3240
PID: 3236 ( 940) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
size: 654848
MD5: 227846995AFEEFA70D328BF5334A86A5
PID: 3764 ( 940) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: 8C515081584A38AA007909CD02020B3D
PID: 2744 ( 560) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 3260 ( 560) C:\Program Files\Mozilla Firefox\firefox.exe
size: 307704
MD5: 457441B04089CF16784D698B4B4EA8AF
PID: 4 ( 0) System

**xcentrik** · 2009-08-10, 01:52

--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 8/9/2009 4:36:08 PM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.google.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

--- Winsock Layered Service Provider list ---

--- Uninstall list ---
(AddressBook)

Adobe Flash Player 10 ActiveX 10.0.22.87 (Adobe Flash Player ActiveX)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
publisher: Adobe Systems Incorporated
help link: http://www.adobe.com/go/flashplayer_support/

Adobe Flash Player 10 Plugin 10.0.22.87 (Adobe Flash Player Plugin)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
publisher: Adobe Systems Incorporated

Add or Remove Adobe Creative Suite 3 Master Collection 1.0 (Adobe_4dcfd9b7e901b57f81f667144603236)
estimated size: 8303318
uninstall cmd: C:\Program Files\Common Files\Adobe\Installers\4dcfd9b7e901b57f81f667144603236\Setup.exe
publisher: Adobe Systems Incorporated
help link: http://www.adobe.com/go/support/

AIM Toolbar (AIM Toolbar)
uninstall cmd: "C:\Program Files\AIM Toolbar\uninstall.exe"

AIM 6 (AIM_6)
uninstall cmd: C:\Program Files\AIM6\uninst.exe

(AOL Diagnostics_N)

(AOLOCP_Y)

(AVG7Uninstall)

AVG Free 8.5 (AVG8Uninstall)
version (major): 8
version (minor): 5
install location: C:\Program Files\AVG\AVG8
uninstall cmd: C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
publisher: AVG Technologies

(Branding)

(CADI)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove

CCleaner (remove only) (CCleaner)
uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"

Company of Heroes 2.301.0 (Company of Heroes)
install location: C:\Program Files\THQ\Company of Heroes
uninstall cmd: "C:\Program Files\THQ\Company of Heroes\Uninstall_English.exe"
publisher: THQ Inc.

(Connection Manager)

(Creative MediaSource 5)

(Creative MediaSource Player Skin Pack Unicode)
uninstall cmd: "C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009

(Creative MediaSource Unicode)
uninstall cmd: "C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009

DAMN NFO Viewer v2.10.0032.RC3 (Remove Only) v2.10.0032.RC3 (DamnNFOViewer)
install location: C:\Program Files\Desktop\DamnNFO
uninstall cmd: rundll32.exe advpack.dll,LaunchINFSection DamnNFO.inf,DefaultUninstall
publisher: Addon by Mrs Peel
help link: http://www.damn.to

dBpoweramp DSP Effects (dBpoweramp DSP Effects)
uninstall cmd: "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp DSP Effects.dat

dBpoweramp Music Converter Release 12.3 (dBpoweramp Music Converter)
estimated size: 11164
install location: C:\Program Files\Illustrate\dBpoweramp
uninstall cmd: "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat

(DirectAnimation)

(DirectDrawEx)

(DXM_Runtime)

Microsoft Office Enterprise 2007 12.0.6215.1000 (ENTERPRISE)
install location: C:\Program Files\Microsoft Office
uninstall cmd: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
publisher: Microsoft Corporation

(Fontcore)

IconPackager (IconPackager)
uninstall cmd: C:\PROGRA~1\Stardock\OBJECT~1\ICONPA~1\iconpackager.exe /uninstallwise

(ICW)

(IDNMitigationAPIs)

(IE40)

(IE4Data)

(IE5BAKEX)

(ie7)

Windows Internet Explorer 8 20090308.140743 (ie8)
install date: 20090511
uninstall cmd: "C:\WINDOWS\ie8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://www.microsoft.com/ie

(IEData)

(InstallShield Uninstall Information)

(InstallShield_{1BA7B068-4719-42A3-B553-D4ED97434F92})

(InstallShield_{2DD388FF-6422-43C9-86A1-C7A99C83E946})

ASUS Smart Doctor 5.21 (InstallShield_{75B869DA-C51D-4021-B8C8-5C23F46E078F})
version: 85262336
version (major): 5
version (minor): 21
estimated size: 10958
install date: 20080925
install source: D:\Utility\SmartDoc\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{75B869DA-C51D-4021-B8C8-5C23F46E078F} /l1033
publisher: ASUSTek COMPUTER INC.
comments: SmartDoctor moinitors graphic card's healthy
contact: http://www.asus.com.tw
help link: http://www.asus.com.tw
help telephone: 886-2-28943447

ASUS VideoSecurity Online 3.5.1.3 (InstallShield_{7A529246-912F-4C40-A82A-E608DB702FD7})
version: 50659329
version (major): 3
version (minor): 5
estimated size: 36612
install date: 20080925
install location: C:\Program Files\ASUS\ASUS VideoSecurity\
install source: D:\Utility\VideoSec\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7A529246-912F-4C40-A82A-E608DB702FD7}
publisher: ASUSTeK Computer Inc.
contact: Technical Support Dept.
help link: http://www.asus.com.tw
help telephone: 886-2-29843447
readme: C:\Program Files\ASUS\ASUS VideoSecurity\ReadMe.txt

Call of Duty(R) 4 - Modern Warfare(TM) 1.6 (InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 6762756
install date: 20080927
install location: C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\
install source: D:\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
publisher: Activision
contact: Technical Support
help link: http://activision.custhelp.com

(KB884267)

(KB885353)

(KB886612)

(KB887078)

(KB887626)

(KB888656)

(KB889858)

(KB891122)

(KB892313)

(KB893240)

(KB893241)

(KB895181)

(KB895316)

(KB895572)

(KB897586)

Update for Windows XP (KB898461) 1 (KB898461)
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461

(KB898549)

(KB900399)

(KB902344)

(KB907658)

(KB911565)

(KB911854)

Security Update for Windows XP (KB923561) 1 (KB923561)
install date: 20090417
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923561

Security Update for Windows XP (KB923789) (KB923789)
uninstall cmd: C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923789

Hotfix for Windows Media Format 11 SDK (KB929399) (KB929399)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=929399

Security Update for Windows Media Player 11 (KB936782) (KB936782_WMP11)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=936782

Security Update for Windows XP (KB938464) 1 (KB938464)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=938464

Hotfix for Windows Media Player 11 (KB939683) (KB939683)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=939683

Security Update for Windows XP (KB941569) (KB941569)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=941569

Security Update for Windows XP (KB950762) 1 (KB950762)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=950762

Security Update for Windows XP (KB950974) 1 (KB950974)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=950974

Security Update for Windows XP (KB951066) 1 (KB951066)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=951066

Update for Windows XP (KB951072-v2) 2 (KB951072-v2)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=951072

Security Update for Windows XP (KB951376-v2) 2 (KB951376-v2)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=951376

Security Update for Windows XP (KB951698) 1 (KB951698)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=951698

Security Update for Windows XP (KB951748) 1 (KB951748)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=951748

Update for Windows XP (KB951978) 1 (KB951978)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=951978

Security Update for Windows XP (KB952004) 1 (KB952004)
install date: 20090417
uninstall cmd: "C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=952004

Security Update for Windows Media Player (KB952069) (KB952069_WM9)
install date: 20081211
uninstall cmd: "C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=952069

Hotfix for Windows XP (KB952287) 1 (KB952287)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=952287

Security Update for Windows XP (KB952954) 1 (KB952954)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=952954

Security Update for Windows Internet Explorer 7 (KB953838) 1 (KB953838-IE7)
install date: 20080926
uninstall cmd: "C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=953838

Security Update for Windows XP (KB953839) 1 (KB953839)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=953839

Security Update for Windows Media Player 11 (KB954154) (KB954154_WM11)
install date: 20080926
uninstall cmd: "C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=954154

Security Update for Windows XP (KB954211) 1 (KB954211)
install date: 20081015
uninstall cmd: "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=954211

Security Update for Windows XP (KB954459) 1 (KB954459)
install date: 20081112
uninstall cmd: "C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=954459

Hotfix for Windows XP (KB954550-v5) 5 (KB954550-v5)
install date: 20090511
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=954550

Security Update for Windows XP (KB954600) 1 (KB954600)
install date: 20081211
uninstall cmd: "C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=954600

Security Update for Windows XP (KB955069) 1 (KB955069)
install date: 20081112
uninstall cmd: "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=955069

Update for Windows XP (KB955839) 1 (KB955839)
install date: 20081211
uninstall cmd: "C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=955839

Security Update for Windows Internet Explorer 7 (KB956390) 1 (KB956390-IE7)
install date: 20081015
uninstall cmd: "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=956390

Security Update for Windows XP (KB956391) 1 (KB956391)
install date: 20081015
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=956391

Security Update for Windows XP (KB956572) 1 (KB956572)
install date: 20090417
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=956572

Security Update for Windows XP (KB956802) 1 (KB956802)
install date: 20081211
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=956802

Security Update for Windows XP (KB956803) 1 (KB956803)
install date: 20081015
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=956803

Security Update for Windows XP (KB956841) 1 (KB956841)
install date: 20081015
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=956841

Security Update for Windows XP (KB957095) 1 (KB957095)
install date: 20081015
uninstall cmd: "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=957095

Security Update for Windows XP (KB957097) 1 (KB957097)
install date: 20081112
uninstall cmd: "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=957097

Security Update for Windows Internet Explorer 7 (KB958215) 1 (KB958215-IE7)
install date: 20081211
uninstall cmd: "C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=958215

Security Update for Windows XP (KB958644) 1 (KB958644)
install date: 20081024
uninstall cmd: "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=958644

Security Update for Windows XP (KB958687) 1 (KB958687)
install date: 20090114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=958687

Security Update for Windows XP (KB958690) 1 (KB958690)
install date: 20090312
uninstall cmd: "C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=958690

Security Update for Windows XP (KB959426) 1 (KB959426)
install date: 20090417
uninstall cmd: "C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=959426

Critical Update for Windows Media Player 11 (KB959772) (KB959772_WM11)
install date: 20090312
uninstall cmd: "C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=959772

Security Update for Windows XP (KB960225) 1 (KB960225)
install date: 20090312
uninstall cmd: "C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=960225

Security Update for Windows Internet Explorer 7 (KB960714) 1 (KB960714-IE7)
install date: 20081218
uninstall cmd: "C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=960714

Security Update for Windows XP (KB960715) 1 (KB960715)
install date: 20090212
uninstall cmd: "C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=960715

Security Update for Windows XP (KB960803) 1 (KB960803)
install date: 20090417
uninstall cmd: "C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=960803

Hotfix for Windows XP (KB961118) 1 (KB961118)
install date: 20090512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=961118

Security Update for Windows Internet Explorer 7 (KB961260) 1 (KB961260-IE7)
install date: 20090212
uninstall cmd: "C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=961260

Security Update for Windows XP (KB961371) 1 (KB961371)
install date: 20090715
uninstall cmd: "C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=961371

Security Update for Windows XP (KB961373) 1 (KB961373)
install date: 20090417
uninstall cmd: "C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=961373

Security Update for Windows XP (KB961501) 1 (KB961501)
install date: 20090610
uninstall cmd: "C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=961501

Security Update for Windows Internet Explorer 7 (KB963027) 1 (KB963027-IE7)
install date: 20090417
uninstall cmd: "C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=963027

Update for Windows XP (KB967715) 1 (KB967715)
install date: 20090225
uninstall cmd: "C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=967715

Security Update for Windows XP (KB968537) 1 (KB968537)
install date: 20090610
uninstall cmd: "C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=968537

Update for Windows Internet Explorer 8 (KB969497) 1 (KB969497-IE8)
install date: 20090511
uninstall cmd: "C:\WINDOWS\ie8updates\KB969497-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=969497

Security Update for Windows Internet Explorer 8 (KB969897) 1 (KB969897-IE8)
install date: 20090610
uninstall cmd: "C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=969897

Security Update for Windows XP (KB969898) 1 (KB969898)
install date: 20090610
uninstall cmd: "C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=969898

Security Update for Windows XP (KB970238) 1 (KB970238)
install date: 20090610
uninstall cmd: "C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=970238

Security Update for Windows XP (KB971633) 1 (KB971633)
install date: 20090715
uninstall cmd: "C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=971633

Security Update for Windows Internet Explorer 8 (KB972260) 1 (KB972260-IE8)
install date: 20090729
uninstall cmd: "C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=972260

Security Update for Windows XP (KB973346) 1 (KB973346)
install date: 20090715
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=973346

Right Click Image Converter (Kristanix Right Click Image Converter)
uninstall cmd: "C:\Program Files\Kristanix\Right Click Image Converter\uninstall.exe"

LClock (LClock)
uninstall cmd: C:\Program Files\LClock\Uninstall.exe

Malwarebytes' Anti-Malware (Malwarebytes' Anti-Malware_is1)
install date: 20090508
install location: C:\Program Files\Malwarebytes' Anti-Malware\
uninstall cmd: "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
publisher: Malwarebytes Corporation
help link: http://www.malwarebytes.org

Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

Microsoft .NET Framework 3.5 SP1 (Microsoft .NET Framework 3.5 SP1)
install location: C:\WINDOWS\Microsoft.NET\Framework\v3.5\
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=120337

(MobileOptionPack)

Mozilla Firefox (3.0.13) 3.0.13 (en-US) (Mozilla Firefox (3.0.13))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe
publisher: Mozilla
comments: Mozilla Firefox

(MPlayer2)

Microsoft Compression Client Pack 1.0 for Windows XP 1 (MSCompPackV1)
install date: 20080925
uninstall cmd: "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=74087

(Nero - Burning Rom!UninstallKey)
uninstall cmd: C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL

(NeroBackItUp!UninstallKey)
uninstall cmd: C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL

(NeroMediaHome!UninstallKey)
uninstall cmd: C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL

(NeroRecode!UninstallKey)
uninstall cmd: C:\WINDOWS\UNRecode.exe /UNINSTALL

(NeroShowTime!UninstallKey)
uninstall cmd: C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL

(NeroVision!UninstallKey)
uninstall cmd: C:\WINDOWS\UNNeroVision.exe /UNINSTALL

(NLSDownlevelMapping)

NVIDIA Drivers (NVIDIA Drivers)
uninstall cmd: C:\WINDOWS\system32\nvuninst.exe UninstallGUI

(OutlookExpress)

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

PunkBuster Services 0.986 (PunkBusterSvc)
uninstall cmd: C:\WINDOWS\system32\pbsvc.exe -u
publisher: Even Balance, Inc.
help link: http://www.evenbalance.com/index.php?page=pbsvcfaq.php

Resource Hacker 3.4.0 (Resource Hacker 3.4.0)
uninstall cmd: "C:\WINDOWS\Resource Hacker 3.4.0\uninstall.exe" "/U:C:\Program Files\Resource Hacker 3.4.0\Uninstall\uninstall.xml"
publisher: Resource Hacker 3.4.0
contact: Resource Hacker 3.4.0 Support Department

(SchedulingAgent)

Download Updater (AOL LLC) (SoftwareUpdUtility)
uninstall cmd: C:\Program Files\Common Files\Software Update Utility\uninstall.exe

Team Fortress 2 (Steam App 440)
install location: c:\program files\valve\steam\steamapps\joshchoma\team fortress 2
uninstall cmd: "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/440
publisher: Valve
help link: http://support.steampowered.com/

The Cleaner 5.2 (The Cleaner v5.2 Demo Edition_is1)
install date: 20090104
install location: C:\Program Files\The Cleaner Demo\
uninstall cmd: "C:\Program Files\The Cleaner Demo\unins000.exe"
publisher: MooSoft Development Inc
help link: http://www.moosoft.com

Trojan Remover 6.7.5 6.7.5 (Trojan Remover_is1)
install date: 20090105
install location: C:\Program Files\Trojan Remover\
uninstall cmd: "C:\Program Files\Trojan Remover\unins000.exe"
publisher: Simply Super Software
comments: Trojan Remover is designed to detect/remove Malware
contact: support@simplysup1.com
help link: http://www.simplysup.com/support/

Unlocker 1.8.5 1.8.5 (Unlocker)
uninstall cmd: C:\Program Files\Unlocker\uninst.exe
publisher: Cedrick Collomb

Viewpoint Media Player (ViewpointMediaPlayer)
uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u

(Wdf01000)

(Wdf01001)

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Wdf01005)
install date: 20081112
uninstall cmd: "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

Windows Genuine Advantage Notifications (KB905474) 1.8.0031.9 (WgaNotify)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905474

(WIC)

Winamp 5.541 (Winamp)
uninstall cmd: "C:\Program Files\Winamp\UninstWA.exe"
publisher: Nullsoft, Inc
help link: http://forums.winamp.com

Windows Media Format 11 runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
help link: http://go.microsoft.com/fwlink/?LinkId=62768

Windows Media Player 11 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows Sidebar 6.0.6001.18000 (Windows Sidebar)
uninstall cmd: RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,UnInstall
publisher: Microsoft Corporation
comments: Use the [Change] button to fix any Windows Sidebar problems you may be having.
help link: http://www.wincert.net/forum/index.php?showtopic=1442

WinRAR archiver (WinRAR archiver)
uninstall cmd: C:\Program Files\WinRAR\uninstall.exe

(WMCSetup)

Windows Media Format 11 runtime (WMFDist11)
install date: 20080925
uninstall cmd: "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

Windows Media Player 11 (wmp11)
install date: 20080925
uninstall cmd: "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

World of Warcraft (World of Warcraft)
uninstall cmd: C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
publisher: Blizzard Entertainment

Microsoft User-Mode Driver Framework Feature Pack 1.0 (Wudf01000)
install date: 20080925
uninstall cmd: "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
comments: Build Number 5716

XML Paper Specification Shared Components Pack 1.0 (XpsEPSC)
install date: 20080925
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=test

XviD MPEG-4 Video Codec (xvid)
uninstall cmd: C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:\WINDOWS\INF\xvid.inf
publisher: XviD Development Team
help link: http://www.xvid.org/

(ZENcast Organizer)

Crysis(R) 1.00.0000 ({000E79B7-E725-4F01-870A-C12942B7F8E4})
version: 16777216
version (major): 1
estimated size: 6335724
install date: 20080926
install location: C:\Program Files\Electronic Arts\Crytek\Crysis\
install source: D:\
uninstall cmd: MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
publisher: Electronic Arts

Adobe Photoshop CS3 10 ({0046FA01-C5B9-4985-BACB-398DC480FC05})
version: 167772160
version (major): 10
estimated size: 349064
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobePhotoshop10en_US\
uninstall cmd: MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
publisher: Adobe Systems Incorporated

Adobe XMP DVA Panels CS3 1.0 ({0224CACC-994D-45F8-B973-D65056EA9C2F})
version: 16777216
version (major): 1
estimated size: 169
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeXMPPanelsDVAAll\
uninstall cmd: MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
publisher: Adobe Systems Incorporated

Adobe Soundbooth CS3 Codecs 3 ({0327FA9D-975C-448C-A086-577D57BB25B8})
version: 50331648
version (major): 3
estimated size: 29001
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeSoundboothCodecsAll\
uninstall cmd: MsiExec.exe /I{0327FA9D-975C-448C-A086-577D57BB25B8}
publisher: Adobe Systems Incorporated

Steam(TM) 1.0.0.0 ({048298C9-A4D3-490B-9FF9-AB023A9238F3})
version: 16777216
version (major): 1
estimated size: 25174
install date: 20080925
install source: D:\
uninstall cmd: MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
publisher: Valve
comments: Steam
help link: http://steampowered.custhelp.com/cgi...user/entry.php

Microsoft Games for Windows - LIVE Redistributable 2.0.687.0 ({05B49229-22A2-4F88-842A-BBC2EBE1CCF6})
version: 33555119
version (major): 2
estimated size: 34812
install date: 20090510
install source: C:\Documents and Settings\Joshua\Local Settings\Application Data\Microsoft\XLive\Updates\585207d1\Content\
uninstall cmd: MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
publisher: Microsoft Corporation

Adobe Bridge Start Meeting 1.0 ({08B32819-6EEF-4057-AEDA-5AB681A36A23})
version: 16777216
version (major): 1
estimated size: 477
install date: 20090512
install source: D:\Adobe CS3\payloads\BridgeStartMeeting\
uninstall cmd: MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
publisher: Adobe Systems Incorporated

Rockstar Games Social Club 1.00.0000 ({08B3869E-D282-424C-9AFC-870E04A4BA14})
version: 16777216
install date: 20081228
install location: C:\Program Files\Rockstar Games\Rockstar Games Social Club
install source: D:\RGSC\
uninstall cmd: "C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly
publisher: Rockstar Games
contact: Rockstar Games Support
help link: http://www.rockstargames.comsupport/index.php

CDDRV_Installer 4.60 ({0C826C5B-B131-423A-A229-C71B3CACCD6A})
version: 71041024
version (major): 4
version (minor): 60
estimated size: 2233
install date: 20081111
install location: C:\Program Files\Common Files\Logishrd\CDDRV2\
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\{57DEEEC3-6AB4-4905-A63C-24CB1CB979FC}\
uninstall cmd: MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
publisher: Logitech

OpenOffice.org Installer 1.0 1.0.9221 ({0D499481-22C6-4B25-8AC2-6D3F6C885FB9})
version: 16786437
version (major): 1
estimated size: 2455
install date: 20081106
install location: C:\Program Files\Sun\OpenOffice.org Installer 1.0\
install source: http://javadl-esd.sun.com/update/1.6.0/sp-1.6.0_07/sp3/
uninstall cmd: MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
publisher: Sun Microsystems
comments: OpenOffice.org Installer 1.0 (en-US) (OOG680m5(Build:9221))[CWS:c18v001]
help link: http://www.sun.com/getopenoffice

Company of Heroes - FAKEMSI 2.0.0.0 ({14574B7F-75D1-4718-B7F2-EBF6E2862A35})
version: 33554432
version (major): 2
estimated size: 24
install date: 20081002
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\97c5bf1a87bf49c992d581df1282de60\
uninstall cmd: MsiExec.exe /I{14574B7F-75D1-4718-B7F2-EBF6E2862A35}
publisher: THQ Inc.

Adobe WinSoft Linguistics Plugin 1.0 ({184CE391-7E0E-4C63-9935-D7A10EDFD3C6})
version: 16777216
version (major): 1
estimated size: 8205
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeWinSoftLinguisticsPluginAll\
uninstall cmd: MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
publisher: Adobe Systems Incorporated

**xcentrik** · 2009-08-10, 01:54

Adobe After Effects CS3 Presets 8 ({193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285})
version: 134217728
version (major): 8
estimated size: 92965
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeAfterEffects8PresetsAll\
uninstall cmd: MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
publisher: Adobe Systems Incorporated

Company of Heroes - FAKEMSI 2.0.0.0 ({199E6632-EB28-4F73-AECB-3E192EB92D18})
version: 33554432
version (major): 2
estimated size: 24
install date: 20081002
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\97c5bf1a87bf49c992d581df1282de60\
uninstall cmd: MsiExec.exe /I{199E6632-EB28-4F73-AECB-3E192EB92D18}
publisher: THQ Inc.

ASUS Utilities 1.00.0000 ({1BA7B068-4719-42A3-B553-D4ED97434F92})
version: 16777216
version (major): 1
estimated size: 11628
install date: 20080925
install location: C:\Program Files\My Company Name\My Product Name\
install source: D:\Utility\
publisher: ASUSTek

Adobe Version Cue CS3 Server 3.0 ({1D58229F-C505-45CA-8223-F35F3A34B963})
version: 50331648
version (major): 3
estimated size: 202526
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeVersionCue3All\
uninstall cmd: MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
publisher: Adobe Systems Incorporated

Company of Heroes - FAKEMSI 2.0.0.0 ({25724802-CC14-4B90-9F3B-3D6955EE27B1})
version: 33554432
version (major): 2
estimated size: 24
install date: 20081002
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\97c5bf1a87bf49c992d581df1282de60\
uninstall cmd: MsiExec.exe /I{25724802-CC14-4B90-9F3B-3D6955EE27B1}
publisher: THQ Inc.

Java(TM) 6 Update 11 6.0.110 ({26A24AE4-039D-4CA4-87B4-2F83216011FF})
version: 100663406
version (major): 6
estimated size: 92660
install date: 20081227
install location: C:\Program Files\Java\jre6\
install source: C:\Documents and Settings\Joshua\Application Data\Sun\Java\jre1.6.0_11\
uninstall cmd: MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre6\README.txt

Adobe Stock Photos CS3 1.5 ({29E5EA97-5F74-4A57-B8B2-D4F169117183})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 10488
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeStockPhotos1.5All\
uninstall cmd: MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
publisher: Adobe Systems Incorporated

ASUS nVidia Driver 5.00.0000 ({2DD388FF-6422-43C9-86A1-C7A99C83E946})
version: 83886080
version (major): 5
estimated size: 7624
install date: 20080925
install location: C:\Program Files\My Company Name\My Product Name\
install source: D:\Driver\
publisher: ASUSTek

Adobe Flash Video Encoder 2.0 ({2EFFFC71-1E66-454E-A6E6-CEEC800B96D2})
version: 33554432
version (major): 2
estimated size: 38158
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeFlashVideoEncoder2en_US\
uninstall cmd: MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}
publisher: Adobe Systems Incorporated

KhalInstallWrapper 4.60.122 ({3101CB58-3482-4D21-AF1A-7057FC935355})
version: 71041146
version (major): 4
version (minor): 60
estimated size: 1889
install date: 20081111
install location: C:\Program Files\Logitech\KhalInstallWrapper\
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\pft54.tmp\1-SetPoint\KHAL\
uninstall cmd: MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
publisher: Logitech

ASUS Gamer OSD 2.06.0528 ({315ACD04-BCEB-478B-9B1D-5431D0E6CB11})
version: 33948176
install date: 20080925
install location: C:\Program Files\ASUSTeK COMPUTER INC.\ASUS Gamer OSD
install source: D:\Utility\GamerOSD\WinXP\x86\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x9 -removeonly
publisher: ASUSTeK COMPUTER INC.

Java(TM) 6 Update 6 1.6.0.60 ({3248F0A8-6813-11D6-A77B-00B0D0160060})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 141226
install date: 20080925
install source: C:\Documents and Settings\Default User\Application Data\Sun\Java\jre1.6.0_06\
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0_06\README.txt

Java(TM) 6 Update 7 1.6.0.70 ({3248F0A8-6813-11D6-A77B-00B0D0160070})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 117050
install date: 20081106
install source: http://javadl.sun.com/webapps/downlo.../windows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0_07\README.txt

Company of Heroes - FAKEMSI 2.0.0.0 ({32C4A4EB-C97D-414E-99C5-38F8DFD31D5D})
version: 33554432
version (major): 2
estimated size: 24
install date: 20081002
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\97c5bf1a87bf49c992d581df1282de60\
uninstall cmd: MsiExec.exe /I{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}
publisher: THQ Inc.

WebFldrs XP 9.50.7523 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2472
install date: 20080925
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows

Gadget Installer 1.0.2 ({3F3733A5-8322-454D-A638-3B74E1C83752})
version: 16777218
version (major): 1
estimated size: 421
install date: 20080925
install source: C:\Program Files\VistaExperience.org\
uninstall cmd: MsiExec.exe /I{3F3733A5-8322-454D-A638-3B74E1C83752}
publisher: VistaExperience.org
contact: Thomas Pleasance

Adobe Setup 1.0 ({4458C442-7376-4CF9-AF58-E8CEA6722363})
version: 16777216
version (major): 1
estimated size: 70852
install date: 20090512
install source: D:\Adobe CS3\
uninstall cmd: MsiExec.exe /I{4458C442-7376-4CF9-AF58-E8CEA6722363}
publisher: Adobe Systems Incorporated

Adobe Premiere Pro CS3 Third Party Content 3 ({485ACF57-F364-440A-8496-E1E81C8FA1AA})
version: 50331648
version (major): 3
estimated size: 23801
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobePremierePro3ProtectedAll\
uninstall cmd: MsiExec.exe /I{485ACF57-F364-440A-8496-E1E81C8FA1AA}
publisher: Adobe Systems Incorporated

Microsoft Games for Windows - LIVE 2.0.675.0 ({4AA3D64E-9EC3-4B0F-AB91-5885AC55641F})
version: 33555107
version (major): 2
estimated size: 10660
install date: 20081223
install source: c:\93f5d710436e79240bf1e8a9\pkg\
uninstall cmd: MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
publisher: Microsoft Corporation

Company of Heroes - FAKEMSI 2.0.0.0 ({50193078-F553-4EBA-AA77-64C9FAA12F98})
version: 33554432
version (major): 2
estimated size: 24
install date: 20081002
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\97c5bf1a87bf49c992d581df1282de60\
uninstall cmd: MsiExec.exe /I{50193078-F553-4EBA-AA77-64C9FAA12F98}
publisher: THQ Inc.

Adobe Premiere Pro CS3 Functional Content 8 ({50F102CA-4BE2-41A9-9810-5BB05EB91B9A})
version: 134217728
version (major): 8
estimated size: 257081
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobePremierePro3FCAll\
uninstall cmd: MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}
publisher: Adobe Systems Incorporated

Adobe Color EU Extra Settings 1.0 ({51846830-E7B2-4218-8968-B77F0FF475B8})
version: 16777216
version (major): 1
estimated size: 1661
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeColorEU_ExtraSettingsAll\
uninstall cmd: MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
publisher: Adobe Systems Incorporated

Company of Heroes - FAKEMSI 2.0.0.0 ({51D718D1-DA81-4FAD-919F-5C1CE3C33379})
version: 33554432
version (major): 2
estimated size: 24
install date: 20081002
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\97c5bf1a87bf49c992d581df1282de60\
uninstall cmd: MsiExec.exe /I{51D718D1-DA81-4FAD-919F-5C1CE3C33379}
publisher: THQ Inc.

Adobe Linguistics CS3 3.0.0 ({54793AA1-5001-42F4-ABB6-C364617C6078})
version: 50331648
version (major): 3
estimated size: 67177
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeLinguisticsAll\
uninstall cmd: MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
publisher: Adobe Systems Incorporated

Adobe Encore CS3 3 ({54B2EAD9-A110-43F7-B010-2859A1BD2AFE})
version: 50331648
version (major): 3
estimated size: 258169
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeEncore3All\
uninstall cmd: MsiExec.exe /I{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}
publisher: Adobe Systems Incorporated

neroxml 1.0.0 ({56C049BE-79E9-4502-BEA7-9754A3E60F9B})
version: 16777216
version (major): 1
estimated size: 3795
install date: 20081111
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\NERO1001370\Data\Redist\
uninstall cmd: MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
publisher: Nero AG
contact: Nero AG

Grand Theft Auto IV 1.00.0000 ({579BA58C-F33D-4970-9953-B94B43768AC3})
version: 16777216
install date: 20081223
install location: C:\Program Files\Rockstar Games\Grand Theft Auto IV
install source: D:\GTAIV\
uninstall cmd: "C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly
publisher: Rockstar Games
contact: Rockstar Games Technical Support
help link: http://www.rockstargames.com/support

Adobe Premiere Pro CS3 3 ({58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA})
version: 50331648
version (major): 3
estimated size: 416993
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobePremierePro3All\
uninstall cmd: MsiExec.exe /I{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}
publisher: Adobe Systems Incorporated

Company of Heroes - FAKEMSI 2.0.0.0 ({66F78C51-D108-4F0C-A93C-1CBE74CE338F})
version: 33554432
version (major): 2
estimated size: 24
install date: 20081002
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\97c5bf1a87bf49c992d581df1282de60\
uninstall cmd: MsiExec.exe /I{66F78C51-D108-4F0C-A93C-1CBE74CE338F}
publisher: THQ Inc.

Adobe Fonts All 1.0 ({6ABE0BEE-D572-4FE8-B434-9E72A289431B})
version: 16777216
version (major): 1
estimated size: 68409
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeFontsAll\
uninstall cmd: MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
publisher: Adobe Systems Incorporated

Adobe Flash CS3 9.0 ({6B52140A-F189-4945-BFFC-DB3F00B8C589})
version: 150994944
version (major): 9
estimated size: 501866
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeFlash9en_US\
uninstall cmd: MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}
publisher: Adobe Systems Incorporated

Adobe MotionPicture Color Files 1.0 ({6B708481-748A-4EB4-97C1-CD386244FF77})
version: 16777216
version (major): 1
estimated size: 1817
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeMotionPictureAll\
uninstall cmd: MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
publisher: Adobe Systems Incorporated

AHV content for Acrobat and Flash 1 ({6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD})
version: 16777216
version (major): 1
estimated size: 6045
install date: 20090512
install source: D:\Adobe CS3\payloads\AHVSTIAll\
uninstall cmd: MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
publisher: Adobe Systems Incorporated

Adobe Asset Services CS3 3 ({6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61})
version: 50331648
version (major): 3
estimated size: 48819
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeAssetServices3All\
uninstall cmd: MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
publisher: Adobe Systems Incorporated

2.00 ({700932B3-A964-4878-82A2-96054622A1F7})
version: 33554432
install location: C:\Program Files\Creative\ShareDLL\CADI
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9

Microsoft Visual C++ 2005 SP1 Redistributable 8.0.56336 ({7299052b-02a4-4627-81f2-1818da5d550d})
version: 134274064
version (major): 8
estimated size: 5330
install date: 20080925
install source: C:\Documents and Settings\Default User\7zS1FF0.tmp\
uninstall cmd: MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
publisher: Microsoft Corporation

ASUS Smart Doctor 5.21 ({75B869DA-C51D-4021-B8C8-5C23F46E078F})
version: 85262336
version (major): 5
version (minor): 21
estimated size: 10958
install date: 20080925
install source: D:\Utility\SmartDoc\
publisher: ASUSTek COMPUTER INC.
comments: SmartDoctor moinitors graphic card's healthy
contact: http://www.asus.com.tw
help link: http://www.asus.com.tw
help telephone: 886-2-28943447

Ventrilo Client 3.0.4 ({789289CA-F73A-4A16-A331-54D498CE069F})
version: 50331652
version (major): 3
estimated size: 3980
install date: 20090102
install source: C:\Program Files\Common Files\Wise Installation Wizard\
uninstall cmd: MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
publisher: Flagship Industries, Inc.
help link: http://www.ventrilo.com

ASUS VideoSecurity Online 3.5.1.3 ({7A529246-912F-4C40-A82A-E608DB702FD7})
version: 50659329
version (major): 3
version (minor): 5
estimated size: 36612
install date: 20080925
install location: C:\Program Files\ASUS\ASUS VideoSecurity\
install source: D:\Utility\VideoSec\
publisher: ASUSTeK Computer Inc.
contact: Technical Support Dept.
help link: http://www.asus.com.tw
help telephone: 886-2-29843447
readme: C:\Program Files\ASUS\ASUS VideoSecurity\ReadMe.txt

Adobe Help Viewer CS3 1 ({7ACFB90E-8FD0-4397-AD3A-5195412623A3})
version: 16777216
version (major): 1
estimated size: 4149
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeHelpViewerAll\
uninstall cmd: MsiExec.exe /I{7ACFB90E-8FD0-4397-AD3A-5195412623A3}
publisher: Adobe Systems Incorporated

Adobe Dreamweaver CS3 9 ({7C10F5C7-F00F-4BD3-A110-C7D240D2DD25})
version: 150994944
version (major): 9
estimated size: 248703
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeDreamweaver9en_US\
uninstall cmd: MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}
publisher: Adobe Systems Incorporated

Adobe Fireworks CS3 9.0 ({7DFC1012-D346-46CE-B03E-FF79125AE029})
version: 150994944
version (major): 9
estimated size: 195097
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeFireworks9en_US\
uninstall cmd: MsiExec.exe /I{7DFC1012-D346-46CE-B03E-FF79125AE029}
publisher: Adobe Systems Incorporated

Company of Heroes - FAKEMSI 2.0.0.0 ({7F4B1592-222F-4E5F-A100-E5AFD61A0BB3})
version: 33554432
version (major): 2
estimated size: 24
install date: 20081002
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\97c5bf1a87bf49c992d581df1282de60\
uninstall cmd: MsiExec.exe /I{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}
publisher: THQ Inc.

Company of Heroes - FAKEMSI 2.0.0.0 ({80D03817-7943-4839-8E96-B9F924C5E67D})
version: 33554432
version (major): 2
estimated size: 24
install date: 20081002
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\97c5bf1a87bf49c992d581df1282de60\
uninstall cmd: MsiExec.exe /I{80D03817-7943-4839-8E96-B9F924C5E67D}
publisher: THQ Inc.

Adobe Video Profiles 1.0 ({845A8DB9-8802-4FD3-9FE3-938A6C46A2EC})
version: 16777216
version (major): 1
estimated size: 17
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeVideoProfilesAll\
uninstall cmd: MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
publisher: Adobe Systems Incorporated

MSXML 4.0 SP2 (KB954430) 4.20.9870.0 ({86493ADD-824D-4B8E-BD72-8C5DCDC52A71})
version: 68429454
version (major): 4
version (minor): 20
estimated size: 2729
install date: 20081111
install source: c:\e454209fd58a7b197aec9a5903\
uninstall cmd: MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/954430

Adobe Creative Suite 3 Master Collection 1.0 ({8718DC03-D066-4957-94E5-50C3C5042E8E})
version: 16777216
version (major): 1
estimated size: 9318
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeMasterCollectionSuiteen_US_Volume\
uninstall cmd: MsiExec.exe /I{8718DC03-D066-4957-94E5-50C3C5042E8E}
publisher: Adobe Systems Incorporated

Adobe Device Central CS3 1.0 ({8D2BA474-F406-4710-9AE4-D4F22D21F0DD})
version: 16777216
version (major): 1
estimated size: 137154
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeDeviceCentralAll\
uninstall cmd: MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
publisher: Adobe Systems Incorporated

Adobe Type Support 1.0 ({8E6808E2-613D-4FCD-81A2-6C8FA8E03312})
version: 16777216
version (major): 1
estimated size: 5677
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeTypeSupportAll\
uninstall cmd: MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
publisher: Adobe Systems Incorporated

Microsoft Software Update for Web Folders (English) 12 12.0.6215.1000 ({90120000-0010-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 14675
install date: 20081111
install source: C:\MSOCache\All Users\{90120000-0010-0409-0000-0000000FF1CE}-C\
publisher: Microsoft Corporation

Microsoft Office Access MUI (English) 2007 12.0.6215.1000 ({90120000-0015-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 53384
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0117-0409-0000-0000000FF1CE}-C\Access.en-us\
uninstall cmd: MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Excel MUI (English) 2007 12.0.6215.1000 ({90120000-0016-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 15444
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0016-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office PowerPoint MUI (English) 2007 12.0.6215.1000 ({90120000-0018-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 15521
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0018-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Publisher MUI (English) 2007 12.0.6215.1000 ({90120000-0019-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 24282
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0019-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Outlook MUI (English) 2007 12.0.6215.1000 ({90120000-001A-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 22828
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-001A-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Word MUI (English) 2007 12.0.6215.1000 ({90120000-001B-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 18657
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-001B-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Proof (English) 2007 12.0.6213.1000 ({90120000-001F-0409-0000-0000000FF1CE})
version: 201332805
version (major): 12
estimated size: 56807
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.en\
uninstall cmd: MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173})
uninstall cmd: msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Proof (French) 2007 12.0.6213.1000 ({90120000-001F-040C-0000-0000000FF1CE})
version: 201332805
version (major): 12
estimated size: 23736
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.fr\
uninstall cmd: MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C})
uninstall cmd: msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Proof (Spanish) 2007 12.0.6213.1000 ({90120000-001F-0C0A-0000-0000000FF1CE})
version: 201332805
version (major): 12
estimated size: 38517
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.es\
uninstall cmd: MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1})
uninstall cmd: msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Proofing (English) 2007 12.0.4518.1014 ({90120000-002C-0409-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 506
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Enterprise 2007 12.0.6215.1000 ({90120000-0030-0000-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 977887
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
publisher: Microsoft Corporation

Security Update for 2007 Microsoft Office System (KB951596) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1AFF2298-CC00-4A3B-866A-C62B8373794E})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
publisher: Microsoft
help link: http://support.microsoft.com/kb/951596

Update for Microsoft Office Outlook 2007 (KB952142) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{4AD3A076-427C-491F-A5B7-7D1DE788A756})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
publisher: Microsoft
help link: http://support.microsoft.com/kb/952142

Security Update for Microsoft Office PowerPoint 2007 (KB951338) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{558B709B-821B-4FC5-90FC-9A8890641E77})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
publisher: Microsoft
help link: http://support.microsoft.com/kb/951338

Security Update for Microsoft Office system 2007 (KB954326) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5F7F6FFF-395D-480E-8450-64F385D82C5F})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
publisher: Microsoft
help link: http://support.microsoft.com/kb/954326

Security Update for Microsoft Office Excel 2007 (KB951546) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7399DD71-8E24-4E60-B6A8-6CED89C0AC26})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
publisher: Microsoft
help link: http://support.microsoft.com/kb/951546

Security Update for 2007 Microsoft Office System (KB951944) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{797AE457-BA17-4BBC-B501-25FB3A0103C7})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
publisher: Microsoft
help link: http://support.microsoft.com/kb/951944

Security Update for Microsoft Office system 2007 (KB951808) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8F375E11-4FD6-4B89-9E2B-A76D48B51E00})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
publisher: Microsoft
help link: http://support.microsoft.com/kb/951808

Update for Outlook 2007 Junk Email Filter (kb956080) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{96CC215F-3F22-4E1E-A101-F0041934A456})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {96CC215F-3F22-4E1E-A101-F0041934A456}
publisher: Microsoft
help link: http://support.microsoft.com/kb/956080

Update for Office 2007 (KB946691) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A420F522-7395-4872-9882-C591B4B92278})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
publisher: Microsoft
help link: http://support.microsoft.com/kb/946691

Security Update for Microsoft Office Word 2007 (KB950113) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD72BABE-C733-4FCF-9674-4314466191B9})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
publisher: Microsoft
help link: http://support.microsoft.com/kb/950113

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Security Update for Microsoft Office OneNote 2007 (KB950130) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F1B2401C-B610-4BF2-AA1C-52C55827A8F4})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
publisher: Microsoft
help link: http://support.microsoft.com/kb/950130

Security Update for Microsoft Office Publisher 2007 (KB950114) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
publisher: Microsoft
help link: http://support.microsoft.com/kb/950114

Microsoft Office InfoPath MUI (English) 2007 12.0.6215.1000 ({90120000-0044-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 8746
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0044-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Shared MUI (English) 2007 12.0.6215.1000 ({90120000-006E-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 36198
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85})
uninstall cmd: msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office 2007 Recent Documents Gadget 12.0.4518.1027 ({90120000-008A-0409-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 468
install date: 20080925
install source: C:\WINDOWS\system32\
uninstall cmd: MsiExec.exe /X{90120000-008A-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support

Microsoft Office OneNote MUI (English) 2007 12.0.6215.1000 ({90120000-00A1-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 37842
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-00A1-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Groove MUI (English) 2007 12.0.6215.1000 ({90120000-00BA-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 3566
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0114-0409-0000-0000000FF1CE}-C\Groove.en-us\
uninstall cmd: MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Groove Setup Metadata MUI (English) 2007 12.0.6215.1000 ({90120000-0114-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 502
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0114-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Shared Setup Metadata MUI (English) 2007 12.0.6215.1000 ({90120000-0115-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 502
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85})
uninstall cmd: msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Access Setup Metadata MUI (English) 2007 12.0.6215.1000 ({90120000-0117-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 502
install date: 20081111
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0117-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Adobe Anchor Service CS3 1.0 ({90176341-0A8B-4CCC-A78D-F862228A6B95})
version: 16777216
version (major): 1
estimated size: 1025
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeALMAnchorServiceAll\
uninstall cmd: MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
publisher: Adobe Systems Incorporated

Adobe Color NA Recommended Settings 1.0 ({95655ED4-7CA5-46DF-907F-7144877A32E5})
version: 16777216
version (major): 1
estimated size: 1661
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeColorNA_RecommendedAll\
uninstall cmd: MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
publisher: Adobe Systems Incorporated

Fallout 3 1.00.0000 ({974C4B12-4D02-4879-85E0-61C95CC63E9E})
version: 16777216
install date: 20090727
install location: C:\Program Files\Bethesda Softworks\Fallout 3
install source: D:\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x9 -removeonly
publisher: Bethesda Softworks

Company of Heroes - FAKEMSI 2.0.0.0 ({97E5205F-EA4F-438F-B211-F1846419F1C1})
version: 33554432
version (major): 2
estimated size: 24
install date: 20081002
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\97c5bf1a87bf49c992d581df1282de60\
uninstall cmd: MsiExec.exe /I{97E5205F-EA4F-438F-B211-F1846419F1C1}
publisher: THQ Inc.

Company of Heroes - FAKEMSI 2.0.0.0 ({99A7722D-9ACB-43F3-A222-ABC7133F159E})
version: 33554432
version (major): 2
estimated size: 24
install date: 20081002
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\97c5bf1a87bf49c992d581df1282de60\
uninstall cmd: MsiExec.exe /I{99A7722D-9ACB-43F3-A222-ABC7133F159E}
publisher: THQ Inc.

Adobe Bridge CS3 2 ({9C9824D9-9000-4373-A6A5-D0E5D4831394})
version: 33554432
version (major): 2
estimated size: 265326
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeBridge2All\
uninstall cmd: MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
publisher: Adobe Systems Incorporated

Adobe CMaps 1.0 ({A2B242BD-FF8D-4840-9DAA-9170EABEC59C})
version: 16777216
version (major): 1
estimated size: 6493
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeCMapsAll\
uninstall cmd: MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
publisher: Adobe Systems Incorporated

Adobe Color - Photoshop Specific 1.0 ({A2D81E70-2A98-4A08-A628-94388B063C5E})
version: 16777216
version (major): 1
estimated size: 6373
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeColorPhotoshopAll\
uninstall cmd: MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
publisher: Adobe Systems Incorporated

Microsoft .NET Framework 3.0 Service Pack 2 3.2.30729 ({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7})
version: 50493449
version (major): 3
version (minor): 2
estimated size: 182276
install date: 20090510
install source: c:\f5727de6ffff589366c34e6e02db\wcu\dotNetFramework\dotnetfx30\
uninstall cmd: MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=98075

({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB958483)

Adobe Soundbooth CS3 1 ({A6B23EFA-6590-482C-A11F-5ACE1B91F5B9})
version: 16777216
version (major): 1
estimated size: 471132
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeSoundboothAll\
uninstall cmd: MsiExec.exe /I{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}
publisher: Adobe Systems Incorporated

PDF Settings 1.0 ({AC5B0C19-D851-42F4-BDA0-410ECF7F70A5})
version: 16777216
version (major): 1
estimated size: 579
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobePDFSettingsAll\
uninstall cmd: MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
publisher: Adobe Systems Incorporated

Adobe Acrobat 8 Professional 8.1.0 ({AC76BA86-1033-0000-7760-000000000003})
version: 134283264
version (major): 8
version (minor): 1
estimated size: 1223586
install date: 20090512
install location: C:\Program Files\Adobe\Acrobat 8.0
install source: D:\Adobe CS3\payloads\AdobeAcrobat8.1en_US\
publisher: Adobe Systems
comments:
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone:
readme: C:\Program Files\Adobe\Acrobat 8.0Readme.htm

Adobe Reader 9 9.0.0 ({AC76BA86-7AD7-1033-7B44-A90000000001})
version: 150994944
version (major): 9
estimated size: 209258
install date: 20090112
install location: C:\Program Files\Adobe\Reader 9.0\Reader\
install source: C:\Documents and Settings\Joshua\Local Settings\Application Data\Adobe\Reader 9.0\Setup Files\READER9\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
publisher: Adobe Systems Incorporated
comments:
contact: Customer Support
help link: http://www.adobe.com/support/main.html
readme: C:\Program Files\Adobe\Reader 9.0\Readme.htm

Adobe Camera Raw 4.0 4.0 ({B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C})
version: 67108864
version (major): 4
estimated size: 9969
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeCameraRaw4.0All\
uninstall cmd: MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
publisher: Adobe Systems Incorporated

Spybot - Search & Destroy 1.6.2 ({B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1)
install date: 20090320
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited
help link: http://www.safer-networking.org/index.php?page=support

Adobe SING CS3 0.1 ({B671CBFD-4109-4D35-9252-3062D3CCB7B2})
version: 65536
version (minor): 1
estimated size: 6121
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeSINGAll\
uninstall cmd: MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
publisher: Adobe Systems Incorporated

Adobe BridgeTalk Plugin CS3 1.0 ({B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E})
version: 16777216
version (major): 1
estimated size: 673
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeBridgeTalkPluginAll\
uninstall cmd: MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
publisher: Adobe Systems Incorporated

Adobe Encore CS3 Codecs 3 ({B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931})
version: 50331648
version (major): 3
estimated size: 31933
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeEncore3CodecsAll\
uninstall cmd: MsiExec.exe /I{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}
publisher: Adobe Systems Incorporated

Adobe Default Language CS3 1.0 ({B9B35331-B7E4-4E5C-BF4C-7BC87856124D})
version: 16777216
version (major): 1
estimated size: 1742
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeDefaultLanguageCS3All\
uninstall cmd: MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
publisher: Adobe Systems Incorporated

Company of Heroes - FAKEMSI 2.0.0.0 ({BA801B94-C28D-46EE-B806-E1E021A3D519})
version: 33554432
version (major): 2
estimated size: 24
install date: 20081002
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\97c5bf1a87bf49c992d581df1282de60\
uninstall cmd: MsiExec.exe /I{BA801B94-C28D-46EE-B806-E1E021A3D519}
publisher: THQ Inc.

Alky for Applications (Windows XP) 1.1 ({BB05D173-9681-4812-A7FA-BD4042A3DA00})
version: 16842752
version (major): 1
version (minor): 1
estimated size: 2710
install date: 20080925
install source: C:\Documents and Settings\Default User\7ZipSfx.000\
uninstall cmd: MsiExec.exe /X{BB05D173-9681-4812-A7FA-BD4042A3DA00}
publisher: Alky Team

Adobe Flash Player 9 ActiveX 9.0.45.0 ({BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C})
version: 150994989
version (major): 9
estimated size: 2722
install date: 20090512
install location: C:\WINDOWS\system32\Macromed\Flash\
install source: D:\Adobe CS3\payloads\AdobeFlashPlayer9_axDbg_mul\
uninstall cmd: MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
publisher: Adobe Systems, Inc.
help link: http://www.adobe.com/go/flashplayer_support/

Adobe Extension Manager CS3 1.8 ({BE5F3842-8309-4754-92D5-83E02E6077A3})
version: 17301504
version (major): 1
version (minor): 8
estimated size: 50902
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeExtensionManager1.8All\
uninstall cmd: MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
publisher: Adobe Systems Incorporated

Creative MediaSource 5 5.00 ({BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD})
version: 83886080
install location: C:\Program Files\Creative\MediaSource5
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\setup.exe" -l0x9 /remove
help link: http://www.creative.com/support

Microsoft .NET Framework 2.0 Service Pack 2 2.2.30729 ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F})
version: 33716233
version (major): 2
version (minor): 2
estimated size: 188772
install date: 20090510
install source: c:\f5727de6ffff589366c34e6e02db\wcu\dotNetFramework\dotnetfx20\
uninstall cmd: MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=98073

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB431780)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB946922)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB947748)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB949272)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952137)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952677)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953300)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953990)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB954832)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB956860)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957541)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957542)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957543)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958129)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958481)

Adobe ExtendScript Toolkit 2 2.0 ({C2D69781-F392-4118-A5A7-C7E9C38DBFC2})
version: 33554432
version (major): 2
estimated size: 16118
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeExtendScriptToolKitAll\
uninstall cmd: MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
publisher: Adobe Systems Incorporated

Microsoft VC9 runtime libraries 1.0.0 ({C4124E95-5061-4776-8D5D-E3D931C778E1})
version: 16777216
version (major): 1
estimated size: 1439
install date: 20090615
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\
uninstall cmd: MsiExec.exe /I{C4124E95-5061-4776-8D5D-E3D931C778E1}
publisher: AOL LLC
comments: MSVC 9 Runtime libraries
contact: AOL LLC

Adobe WAS CS3 1.0 ({C5BD220A-EFE8-48A5-B70E-9503D535FACE})
version: 16777216
version (major): 1
estimated size: 629
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeWASAll\
uninstall cmd: MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
publisher: Adobe Systems Incorporated

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30304 9.0.30304 ({C9B26742-06BE-3B75-B1DE-7B91B5956A04})
version: 151025248
version (major): 9
estimated size: 10476
install date: 20080925
install source: C:\Documents and Settings\Default User\7ZipSfx.000\
uninstall cmd: MsiExec.exe /X{C9B26742-06BE-3B75-B1DE-7B91B5956A04}
publisher: Microsoft Corporation

REALTEK GbE & FE Ethernet PCI-E NIC Driver 1.16.0000 ({C9BED750-1211-4480-B1A5-718A3BE15525})
version: 17825792
install date: 20080925
install location: C:\WINDOWS\OPTIONS\CABS\
install source: D:\NETWORK\RTL8111\NONVISTA\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\SETUP.EXE -runfromtemp -l0x0009 -removeonly
publisher: Realtek

Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 36539
install date: 20080925
install source: C:\Documents and Settings\Default User\7ZipSfx.000\1.1\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

Adobe InDesign CS3 5.0 ({CB3F8375-B600-4B9F-83C9-238ED1E583FD})
version: 83886080
version (major): 5
estimated size: 388899
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeInDesign5en_US\
uninstall cmd: MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}
publisher: Adobe Systems Incorporated

Microsoft .NET Framework 3.5 SP1 3.5.30729 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9})
version: 50690057
version (major): 3
version (minor): 5
estimated size: 75412
install date: 20090510
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\IXP01FB4.tmp\dotnetfx35\x86\
uninstall cmd: MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
publisher: Microsoft Corporation

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
publisher: Microsoft Corporation
comments: This hotfix is for Microsoft .NET Framework 3.5 SP1.
If you later install a more recent service pack, this hotfix will be uninstalled automatically.
For more information, visit http://support.microsoft.com/kb/953595.
help link: http://support.microsoft.com/kb/953595

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
publisher: Microsoft Corporation
comments: This hotfix is for Microsoft .NET Framework 3.5 SP1.
If you later install a more recent service pack, this hotfix will be uninstalled automatically.
For more information, visit http://support.microsoft.com/kb/958484.
help link: http://support.microsoft.com/kb/958484

Adobe Version Cue CS3 Client 3 ({D0DFF92A-492E-4C40-B862-A74A173C25C5})
version: 50331648
version (major): 3
estimated size: 22411
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeVersionCueClient3All\
uninstall cmd: MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
publisher: Adobe Systems Incorporated

Adobe PDF Library Files 8.0 ({D2559B88-CC9D-4B48-81BB-F492BAA9C48C})
version: 134217728
version (major): 8
estimated size: 59001
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobePDFL8All\
uninstall cmd: MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
publisher: Adobe Systems Incorporated

Half-Life(R) 2 1.0.0.0 ({D45EC259-4A19-4656-B588-C2C360DD18EA})
version: 16777216
version (major): 1
estimated size: 4411605
install date: 20080925
install source: D:\
uninstall cmd: MsiExec.exe /I{D45EC259-4A19-4656-B588-C2C360DD18EA}
publisher: Valve
comments: Half-Life 2
help link: http://steampowered.custhelp.com/cgi...user/entry.php

Company of Heroes - FAKEMSI 2.0.0.0 ({D4D244D1-05E0-4D24-86A2-B2433C435671})
version: 33554432
version (major): 2
estimated size: 24
install date: 20081002
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\97c5bf1a87bf49c992d581df1282de60\
uninstall cmd: MsiExec.exe /I{D4D244D1-05E0-4D24-86A2-B2433C435671}
publisher: THQ Inc.

Adobe XMP Panels CS3 1.0 ({D5A31AB1-345D-47C7-A87B-036A669F6DF1})
version: 16777216
version (major): 1
estimated size: 189
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeXMPPanelsAll\
uninstall cmd: MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
publisher: Adobe Systems Incorporated

Nero 8 Ultra Edition HD 8.3.314 ({D6C9AF27-9414-46C8-B9D8-D878BA041033})
version: 134414650
version (major): 8
version (minor): 3
estimated size: 569634
install date: 20081111
install location: C:\Program Files\Nero\Nero8\
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\NERO1001370\Data\
uninstall cmd: MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041033}
publisher: Nero AG
comments: Nero AG
contact: http://www.nero.com
help link: http://support.nero.com
help telephone: xxxxxxxxxxxxxx

Adobe Color Common Settings 1.0 ({DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9})
version: 16777216
version (major): 1
estimated size: 29987
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeColorCommonSetAll\
uninstall cmd: MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
publisher: Adobe Systems Incorporated

Adobe Color JA Extra Settings 1.0 ({DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029})
version: 16777216
version (major): 1
estimated size: 2777
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeColorJA_ExtraSettingsAll\
uninstall cmd: MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
publisher: Adobe Systems Incorporated

Ad-Aware 7.1.0.7 ({DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF})
version: 117506048
version (major): 7
version (minor): 1
estimated size: 29981
install date: 20090113
install location: C:\Program Files\Lavasoft\Ad-Aware\
install source: C:\Program Files\Common Files\Wise Installation Wizard\
uninstall cmd: MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
publisher: Lavasoft
help link: http://www.lavasoftsupport.com

Call of Duty(R) 4 - Modern Warfare(TM) 1.6 ({E48469CC-635E-4FD5-A122-1497C286D217})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 6762756
install date: 20080927
install location: C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\
install source: D:\
publisher: Activision
contact: Technical Support
help link: http://activision.custhelp.com

Adobe Update Manager CS3 5.1.0 ({E69AE897-9E0B-485C-8552-7841F48D42D8})
version: 83951616
version (major): 5
version (minor): 1
estimated size: 6232
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeAUM5.1All\
uninstall cmd: MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
publisher: Adobe Systems Incorporated

Styler 1.4.0.1 ({E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941})
version: 17039360
version (major): 1
version (minor): 4
estimated size: 720
install date: 20080925
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\7zS241.tmp\
uninstall cmd: MsiExec.exe /I{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}
publisher: ta2027

Adobe InDesign CS3 Icon Handler 5.0 ({EA7B3CC4-366D-4CF6-8350-FD7A7034116E})
version: 83886080
version (major): 5
estimated size: 3672
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeInDesignCS3IconHandler\
uninstall cmd: MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
publisher: Adobe Systems Incorporated

Company of Heroes - FAKEMSI 2.0.0.0 ({EAF636A9-F664-4703-A659-85A894DA264F})
version: 33554432
version (major): 2
estimated size: 24
install date: 20081002
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\97c5bf1a87bf49c992d581df1282de60\
uninstall cmd: MsiExec.exe /I{EAF636A9-F664-4703-A659-85A894DA264F}
publisher: THQ Inc.

Adobe After Effects CS3 8 ({EB0202F7-016A-410C-ADE4-40F848CCC661})
version: 134217728
version (major): 8
estimated size: 347969
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeAfterEffects8All\
uninstall cmd: MsiExec.exe /I{EB0202F7-016A-410C-ADE4-40F848CCC661}
publisher: Adobe Systems Incorporated

Adobe Illustrator CS3 13.0 ({F08E8D2E-F132-4742-9C87-D5FF223A016A})
version: 218103808
version (major): 13
estimated size: 524060
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeIllustrator13en_US\
uninstall cmd: MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
publisher: Adobe Systems Incorporated

World in Conflict 1.0.0.0 ({F11ADC64-C89E-47F4-A0B3-3665FF859397})
version: 16777216
install date: 20081003
install location: C:\Program Files\Sierra Entertainment\World in Conflict\
install source: D:\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{F11ADC64-C89E-47F4-A0B3-3665FF859397}\setup.exe -runfromtemp -l0x0009 -removeonly
publisher: Massive Entertainment AB
comments: If you need help with this product, please consult your manual.
contact: http://www.worldinconflict.com
help link: http://support.sierra.com
help telephone: 1-800-630-0811
readme: C:\Program Files\Sierra Entertainment\World in Conflict\Readme.txt

Realtek High Definition Audio Driver 5.10.0.5567 ({F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC})
version: 37093376
install date: 20080925
install location: C:\Program Files\Realtek\Audio\InstallShield\
install source: D:\AUDIO\REALTEK\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x9 -removeonly
publisher: Realtek Semiconductor Corp.

**xcentrik** · 2009-08-10, 01:56

Logitech SetPoint 4.60 ({F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E})
version: 71041024
install date: 20081111
install location: C:\Program Files\Logitech\SetPoint
install source: C:\DOCUME~1\Joshua\LOCALS~1\Temp\pft54.tmp\1-SetPoint\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x0009 -removeonly
publisher: Logitech

Adobe Contribute CS3 4.1 ({FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7})
version: 67174400
version (major): 4
version (minor): 1
estimated size: 128075
install date: 20090512
install source: D:\Adobe CS3\payloads\AdobeContribute4.1en_US\
uninstall cmd: MsiExec.exe /I{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}
publisher: Adobe Systems Incorporated

--- System Services ---
Service (registry key): .NET CLR Data
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET CLR Networking
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for Oracle
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for SqlServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NETFramework
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): 6633fcb3.sys
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: 6633fcb3.sys
Image path: \??\C:\WINDOWS\System32\drivers\6633fcb3.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): aawservice
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Lavasoft Ad-Aware Service
Description: Protects your computer from spyware
Object name: LocalSystem
Image path: "C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe"
Image size: 611664
Image MD5: 17067069B9A7865028C1F2E6971D0CCC
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 0
Depends On services: RpcSS

Service (registry key): Abiosdsk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0

Service (registry key): abp480n5
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): acap2000
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ACPI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft ACPI Driver
Image path: system32\DRIVERS\ACPI.sys
Image size: 187776
Image MD5: 8FD99680A539792A30E97944FDAECF17
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): ACPIEC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Adobe Version Cue CS3
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Adobe Version Cue CS3
Description: Adobe Version Cue CS3
Object name: NT AUTHORITY\LocalService
Image path: "C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" -win32service
Image size: 153792
Image MD5: 14C23516C990DCD6052152CF034DDE40
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): adpu160m
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): aec
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel Acoustic Echo Canceller
Image path: system32\drivers\aec.sys
Image size: 142592
Image MD5: 8BED39E3C35D6A489438B8141717A557
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): AFD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AFD
Description: AFD Networking Support Environment
Image path: \SystemRoot\System32\drivers\afd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): Aha154x
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78u2
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Alerter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Alerter
Description: Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): ALG
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Application Layer Gateway Service
Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 44544
Image MD5: 8C515081584A38AA007909CD02020B3D
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): AliIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): amsint
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): AppMgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Application Management
Description: Provides software installation services such as Assign, Publish, and Remove.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): asc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3350p
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3550
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ASP.NET
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ASP.NET_1.1.4322
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ASP.NET_2.0.50727
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): aspnet_state
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ASP.NET State Service
Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
Image size: 34312
Image MD5: 0E5E4957549056E2BF2C49F4F6B601AD
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): asusgsb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ASUS Virtual Video Capture Device Driver
Image path: system32\drivers\asusgsb.sys
Image size: 12416
Image MD5: D320732BCF5FF856120BD06855C66867
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): asuskbnt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Enhanced Display Driver Helper Service
Image path: system32\drivers\atkkbnt.sys
Image size: 11136
Image MD5: B3B881EB81013AAC11594A5400ADA47A
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): ASUSVRC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ASUSTeK Virtual Capture Device
Image path: system32\DRIVERS\AsusVRC.sys
Image size: 18432
Image MD5: 94442E3029FF6C9F08140FE6718AF4FB
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): AsyncMac
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: RAS Asynchronous Media Driver
Description: RAS Asynchronous Media Driver
Image path: system32\DRIVERS\asyncmac.sys
Image size: 14336
Image MD5: B153AFFAC761E7F5FCFA822B9C4E97BC
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): atapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Standard IDE/ESDI Hard Disk Controller
Image path: system32\DRIVERS\atapi.sys
Image size: 96512
Image MD5: 9F3A2F5AA6875C72BF062C712CFA2674
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): Atdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0

Service (registry key): ATKKeyboardService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ATK Keyboard Service
Object name: LocalSystem
Image path: C:\WINDOWS\ATKKBService.exe
Image size: 262144
Image MD5: DF70303547E59F09DCD32983100EDCD1
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1

Service (registry key): Atmarpc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ATM ARP Client Protocol
Description: ATM ARP Client Protocol
Image path: system32\DRIVERS\atmarpc.sys
Image size: 59904
Image MD5: 9916C1225104BA14794209CFA8012159
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): AudioSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Audio
Description: Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): audstub
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Audio Stub Driver
Image path: system32\DRIVERS\audstub.sys
Image size: 3072
Image MD5: D9F724AA26C010A217C97606B160ED68
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): AVG
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): avg8wd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AVG Free8 WatchDog
Object name: LocalSystem
Image path: C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
Image size: 298776
Image MD5: BFC093C2DDDE8FCE5DA078E663B4515B
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): AvgLdx86
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AVG Free AVI Loader Driver x86
Image path: \SystemRoot\System32\Drivers\avgldx86.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): AvgMfx86
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AVG Free On-access Scanner Minifilter Driver x86
Image path: \SystemRoot\System32\Drivers\avgmfx86.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): BattC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Beep
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): BITS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Background Intelligent Transfer Service
Description: Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Bonjour Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##
Description: ##Id_String2.6844F930_1628_4223_B5CC_5BB94B879762##
Object name: LocalSystem
Image path: "C:\Program Files\Bonjour\mDNSResponder.exe"
Image size: 229376
Image MD5: 73686FE0B2E0469F89FD2075BE724704
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: Tcpip

Service (registry key): Browser
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Computer Browser
Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,LanmanServer

Service (registry key): cbidf2k
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): CCDECODE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Closed Caption Decoder
Image path: system32\DRIVERS\CCDECODE.sys
Image size: 17024
Image MD5: 0BE5AEF125BE881C4F854C554F2B025C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): cd20xrnt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Cdaudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): Cdfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"

Service (registry key): Cdrom
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD-ROM Driver
Image path: system32\DRIVERS\cdrom.sys
Image size: 62976
Image MD5: 1F4260CC5B42272D71F79E570A27A4FE
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): Changer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): CiSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Indexing Service
Description: Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language.
Object name: LocalSystem
Image path: %SystemRoot%\system32\cisvc.exe
Image size: 5632
Image MD5: 1CFE720EB8D93A7158A4EBC3AB178BDE
Control Set: CurrentControlSet
Start: 3
Type: 288
Error Control: 1
Depends On services: RPCSS

Service (registry key): ClipSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ClipBook
Description: Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\clipsrv.exe
Image size: 33280
Image MD5: 34CBE729F38138217F9C80212A2A0C82
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 1
Depends On services: NetDDE

Service (registry key): clr_optimization_v2.0.50727_32
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: .NET Runtime Optimization Service v2.0.50727_X86
Description: Microsoft .NET Framework NGEN
Object name: LocalSystem
Image path: c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Image size: 69632
Image MD5: D87ACAED61E417BBA546CED5E7E36D9C
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0

Service (registry key): CmdIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): COMSysApp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: COM+ System Application
Description: Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Image size: 5120
Image MD5: 0A9BA6AF531AFE7FA5E4FB973852D863
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: rpcss

Service (registry key): ContentFilter
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ContentIndex
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Cpqarray
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Creative Service for CDROM Access
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Creative Service for CDROM Access
Object name: LocalSystem
Image path: C:\WINDOWS\system32\CTsvcCDA.exe
Image size: 44032
Image MD5: 3C8B6609712F4FF78E521F6DCFC4032B
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): CryptSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Cryptographic Services
Description: Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): dac2w2k
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0

Service (registry key): dac960nt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): DcomLaunch
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DCOM Server Process Launcher
Description: Provides launch functionality for DCOM services.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost -k DcomLaunch
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): Dhcp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DHCP Client
Description: Manages network configuration by registering and updating IP addresses and DNS names.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd,NetBT

Service (registry key): Disk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Disk Driver
Image path: system32\DRIVERS\disk.sys
Image size: 36352
Image MD5: 044452051F3E02E7963599FC8F4F3E25
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): dmadmin
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logical Disk Manager Administrative Service
Description: Configures hard disk drives and volumes. The service only runs for configuration processes and then stops.
Object name: LocalSystem
Image path: %SystemRoot%\System32\dmadmin.exe /com
Image size: 224768
Image MD5: E46050330BD42F33609117F861E32D3C
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay,DmServer

Service (registry key): dmboot
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\drivers\dmboot.sys
Image size: 799744
Image MD5: D992FE1274BDE0F84AD826ACAE022A41
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logical Disk Manager Driver
Image path: System32\drivers\dmio.sys
Image size: 153344
Image MD5: 7C824CF7BBDE77D95C08005717A95F6F
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): dmload
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\drivers\dmload.sys
Image size: 5888
Image MD5: E9317282A63CA4D188C0DF5E09C6AC5F
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): dmserver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logical Disk Manager
Description: Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay

Service (registry key): DMusic
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel DLS Syntheiszer
Image path: system32\drivers\DMusic.sys
Image size: 52864
Image MD5: 8A208DFCF89792A484E76C40E5F50B45
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Dnscache
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DNS Client
Description: Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip

Service (registry key): Dot3svc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Wired AutoConfig
Description: This service performs IEEE 802.1X authentication on Ethernet interfaces
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k dot3svc
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Ndisuio,eaphost

Service (registry key): dpti2o
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): drmkaud
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel DRM Audio Descrambler
Image path: system32\drivers\drmkaud.sys
Image size: 2944
Image MD5: 8F5FCFF8E8848AFAC920905FBD9D33C8
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): EapHost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Extensible Authentication Protocol Service
Description: Provides windows clients Extensible Authentication Protocol Service
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k eapsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): EIO
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): EIO_XP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: EIO_XP
Image path: \??\C:\WINDOWS\system32\drivers\EIO_XP.sys
Image size: 12288
Image MD5: 0DAF3544804650526751C478AECCCE63
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): ERSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Error Reporting Service
Description: Allows error reporting for services and applictions running in non-standard environments.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSs

Service (registry key): ET5Drv
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \??\C:\WINDOWS\system32\Drivers\ET5Drv.sys
Image size: 30008
Image MD5: E5030E34DE21A6818E8586BFB7DD4B60
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Eventlog
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Event Log
Description: Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 110592
Image MD5: 65DF52F5B8B6E9BBD183505225C37315
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): EventSystem
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: COM+ Event System
Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): ezplay
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: VSO Software ezplay
Image path: System32\Drivers\ezplay.sys
Image size: 94208
Image MD5: 73E701E0FA4D2FC7D22EFCEFF276C50A
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Fastfat
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1

Service (registry key): FastUserSwitchingCompatibility
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Fast User Switching Compatibility
Description: Provides management for applications that require assistance in a multiple user environment.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: TermService

Service (registry key): Fdc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Floppy Disk Controller Driver
Image path: system32\DRIVERS\fdc.sys
Image size: 27392
Image MD5: 92CDD60B6730B9F50F6A1A0C1F8CDC81
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Fips
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): FLEXnet Licensing Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: FLEXnet Licensing Service
Description: This service performs licensing functions on behalf of FLEXnet enabled products.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
Image size: 654848
Image MD5: 227846995AFEEFA70D328BF5334A86A5
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): Flpydisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Floppy Disk Driver
Image path: system32\DRIVERS\flpydisk.sys
Image size: 20480
Image MD5: 9D27E7B80BFCDF1CDD9B555862D5E7F0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): FltMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: FltMgr
Description: File System Filter Manager Driver
Image path: system32\DRIVERS\fltMgr.sys
Image size: 129792
Image MD5: B2CF4B0786F8212CB92ED2B50C6DB6B0
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1

Service (registry key): FontCache3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Presentation Foundation Font Cache 3.0.0.0
Description: Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications.
Object name: NT AUTHORITY\LocalService
Image path: c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
Image size: 46104
Image MD5: 8BA7C024070F2B7FDD98ED8A4BA41789
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): Fs_Rec
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 8
Error Control: 0

Service (registry key): Ftdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Volume Manager Driver
Image path: system32\DRIVERS\ftdisk.sys
Image size: 125056
Image MD5: 6AC26732762483366C3969C9E4D2259D
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): gdrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: gdrv
Image path: \??\C:\WINDOWS\gdrv.sys
Image size: 16608
Image MD5: 5C230948DD6652228F88CA7AE6CB276C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Gpc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Generic Packet Classifier
Description: Generic Packet Classifier
Image path: system32\DRIVERS\msgpc.sys
Image size: 35072
Image MD5: 0A02C63C8B144BD8C86B103DEE7C86A2
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): gsj354b
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: gsj354b
Image path: \??\C:\WINDOWS\System32\drivers\gsj354b.sys
Image size: 45344
Image MD5: EAD9317CCAD7F60F04C04CE1EC49453D
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): HDAudBus
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft UAA Bus Driver for High Definition Audio
Image path: system32\DRIVERS\HDAudBus.sys
Image size: 144384
Image MD5: 573C7D0A32852B48F3058CFD8026F511
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): helpsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Help and Support
Description: Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): HidServ
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: HID Input Service
Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): HidUsb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft HID Class Driver
Image path: system32\DRIVERS\hidusb.sys
Image size: 10368
Image MD5: CCF82C5EC8A7326C3066DE870C06DAF1
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): hkmsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Health Key and Certificate Management Service
Description: Manages health certificates and keys (used by NAP)
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): hpn
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): HTTP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: HTTP
Description: This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start.
Image path: System32\Drivers\HTTP.sys
Image size: 264832
Image MD5: F6AACF5BCE2893E0C1754AFEB672E5C9
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): HTTPFilter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: HTTP SSL
Description: This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k HTTPFilter
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP

Service (registry key): i2omgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): i2omp
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): i8042prt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: i8042 Keyboard and PS/2 Mouse Port Driver
Image path: system32\DRIVERS\i8042prt.sys
Image size: 52480
Image MD5: 4A0B06AA8943C1E332520F7440C0AA30
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): IDriverT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: InstallDriver Table Manager
Description: Provides support for the Running Object Table for InstallShield Drivers
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
Image size: 69632
Image MD5: 1CF03C69B49ACB70C722DF92755C0C8C
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0

Service (registry key): idsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows CardSpace
Description: Securely enables the creation, management, and disclosure of digital identities.
Object name: LocalSystem
Image path: "c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
Image size: 881664
Image MD5: C01AC32DC5C03076CFB852CB5DA5229C
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): Imapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD-Burning Filter Driver
Image path: system32\DRIVERS\imapi.sys
Image size: 42112
Image MD5: 083A052659F5310DD8B6A6CB05EDCF8E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): ImapiService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IMAPI CD-Burning COM Service
Description: Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\imapi.exe
Image size: 150528
Image MD5: 30DEAF54A9755BB8546168CFE8A6B5E1
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): inetaccs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ini910u
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Inport
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): IntcAzAudAddService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Service for Realtek HD Audio (WDM)
Image path: system32\drivers\RtkHDAud.sys
Image size: 4676096
Image MD5: 08BAF30F6DE95814F58AF9CE7BBC5614
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): IntelIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): intelppm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel Processor Driver
Image path: system32\DRIVERS\intelppm.sys
Image size: 36352
Image MD5: 8C953733D8F36EB2133F5BB58808B66B
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): Ip6Fw
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPv6 Windows Firewall Driver
Description: Provides intrusion prevention service for a home or small office network.
Image path: system32\DRIVERS\Ip6Fw.sys
Image size: 36608
Image MD5: 3BB22519A194418D5FEC05D800A19AD0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): IpFilterDriver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Image path: system32\DRIVERS\ipfltdrv.sys
Image size: 32896
Image MD5: 731F22BA402EE4B62748ADAF6363C182
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IpInIp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP in IP Tunnel Driver
Description: IP in IP Tunnel Driver
Image path: system32\DRIVERS\ipinip.sys
Image size: 20864
Image MD5: B87AB476DCF76E72010632B5550955F5
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IpNat
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP Network Address Translator
Description: IP Network Address Translator
Image path: system32\DRIVERS\ipnat.sys
Image size: 152832
Image MD5: CC748EA12C6EFFDE940EE98098BF96BB
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IPSec
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPSEC driver
Description: IPSEC driver
Image path: system32\DRIVERS\ipsec.sys
Image size: 75264
Image MD5: 23C74D75E36E7158768DD63D92789A91
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): IRENUM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IR Enumerator Service
Image path: system32\DRIVERS\irenum.sys
Image size: 11264
Image MD5: C93C9FF7B04D772627A3646D89F7BF89
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ISAPISearch
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): isapnp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PnP ISA/EISA Bus Driver
Image path: system32\DRIVERS\isapnp.sys
Image size: 37248
Image MD5: 05A299EC56E52649B1CF2FC52D20F2D7
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): JavaQuickStarterService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Java Quick Starter
Description: Prefetches JRE files for faster startup of Java applets and applications
Object name: LocalSystem
Image path: "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
Image size: 152984
Image MD5: 32192B4EBE8720ED8D49A455C962CB91
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): Kbdclass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Keyboard Class Driver
Image path: system32\DRIVERS\kbdclass.sys
Image size: 24576
Image MD5: 463C1EC80CD17420A542B7F36A36F128
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): kmixer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel Wave Audio Mixer
Image path: system32\drivers\kmixer.sys
Image size: 172416
Image MD5: 692BCF44383D056AED41B045A323D378
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): KSecDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): L8042Kbd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logitech SetPoint Keyboard Driver
Image path: system32\DRIVERS\L8042Kbd.sys
Image size: 20240
Image MD5: D1968DEA7BAFF4A917858C384339CEC8
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): LanmanServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Server
Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): lanmanworkstation
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Workstation
Description: Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): lbrtfdc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): LBTServ
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logitech Bluetooth Service
Object name: LocalSystem
Image path: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
Image size: 121360
Image MD5: A0F7DC0080E4F97DC97DE08B699E231B
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: PlugPlay

Service (registry key): ldap
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): LHidFilt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logitech SetPoint KMDF HID Filter Driver
Image path: system32\DRIVERS\LHidFilt.Sys
Image size: 35344
Image MD5: 24E0DDB99AECCF86BB37702611761459
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): LHidKe
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): LicenseService
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): LmHosts
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TCP/IP NetBIOS Helper
Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: NetBT,Afd

Service (registry key): LMouFilt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logitech SetPoint KMDF Mouse Filter Driver
Image path: system32\DRIVERS\LMouFilt.Sys
Image size: 36880
Image MD5: D58B330D318361A66A9FE60D7C9B4951
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Messenger
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Messenger
Description: Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,NetBIOS,PlugPlay,RpcSS

Service (registry key): Microsoft Office Groove Audit Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Office Groove Audit Service
Object name: NT AUTHORITY\LocalService
Image path: "C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe"
Image size: 68464
Image MD5: 033B947AF4A997820E86FCB070B1F450
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): Modem
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): Mouclass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mouse Class Driver
Image path: system32\DRIVERS\mouclass.sys
Image size: 23040
Image MD5: 35C9E97194C8CFB8430125F8DBC34D04
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): mouhid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mouse HID Driver
Image path: system32\DRIVERS\mouhid.sys
Image size: 12160
Image MD5: B1C303E17FB9D46E87A98E4BA6769685
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): MountMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): mraid35x
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): MRxDAV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WebDav Client Redirector
Description: WebDav Client Redirector
Image path: system32\DRIVERS\mrxdav.sys
Image size: 180608
Image MD5: 11D42BB6206F33FBB3BA0288D3EF81BD
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): MRxSmb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MRXSMB
Description: MRXSMB
Image path: system32\DRIVERS\mrxsmb.sys
Image size: 455296
Image MD5: 60AE98742484E7AB80C3C1450E708148
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): MS1000
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\MS1000.sys
Image size: 5376
Image MD5: FBBB1A51EB6E43B40144A05932766D6C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSDTC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Distributed Transaction Coordinator
Description: Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: C:\WINDOWS\system32\msdtc.exe
Image size: 6144
Image MD5: A137F1470499A205ABBB9AAFB3B6F2B1
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS,SamSS

Service (registry key): MSDTC Bridge 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Msfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): MSIServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Installer
Description: Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\msiexec.exe /V
Image size: 78848
Image MD5: 5879D691E842574A20FE63817CB76DF9
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): MSKSSRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Service Proxy
Image path: system32\drivers\MSKSSRV.sys
Image size: 7552
Image MD5: D1575E71568F4D9E14CA56B7B0453BF1
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPCLOCK
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Clock Proxy
Image path: system32\drivers\MSPCLOCK.sys
Image size: 5376
Image MD5: 325BB26842FC7CCC1FCCE2C457317F3E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPQM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Quality Manager Proxy
Image path: system32\drivers\MSPQM.sys
Image size: 4992
Image MD5: BAD59648BA099DA4A17680B39730CB3D
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

**xcentrik** · 2009-08-10, 01:57

Service (registry key): mssmbios
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft System Management BIOS Driver
Image path: system32\DRIVERS\mssmbios.sys
Image size: 15488
Image MD5: AF5F4F3F14A8EA2C26DE30F7A1E17136
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSTEE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Tee/Sink-to-Sink Converter
Image path: system32\drivers\MSTEE.sys
Image size: 5504
Image MD5: E53736A9E30C45FA9E7B5EAC55056D1D
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Mup
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mup
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1

Service (registry key): NABTSFEC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NABTS/FEC VBI Codec
Image path: system32\DRIVERS\NABTSFEC.sys
Image size: 85248
Image MD5: 5B50F1B2A2ED47D560577B221DA734DB
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): napagent
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Access Protection Agent
Description: Allows windows clients to participate in Network Access Protection
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): NDIS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NDIS System Driver
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): NdisIP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft TV/Video Connection
Image path: system32\DRIVERS\NdisIP.sys
Image size: 10880
Image MD5: 7FF1F1FD8609C149AA432F95A8163D97
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NdisTapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Image path: system32\DRIVERS\ndistapi.sys
Image size: 10112
Image MD5: 1AB3D00C991AB086E69DB84B6C0ED78F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Ndisuio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Image path: system32\DRIVERS\ndisuio.sys
Image size: 14592
Image MD5: F927A4434C5028758A842943EF1A3849
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NdisWan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access NDIS WAN Driver
Description: Remote Access NDIS WAN Driver
Image path: system32\DRIVERS\ndiswan.sys
Image size: 91520
Image MD5: EDC1531A49C80614B2CFDA43CA8659AB
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NDProxy
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Nero BackItUp Scheduler 3
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Nero BackItUp Scheduler 3
Description: Nero BackItUp Scheduler 3 is responsible to control all jobs created using Nero BackItUp 3. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP.
Object name: LocalSystem
Image path: C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
Image size: 877864
Image MD5: 2AAE889742376EDC5C3203DFB74F28FD
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): NetBIOS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetBIOS Interface
Description: NetBIOS Interface
Image path: system32\DRIVERS\netbios.sys
Image size: 34688
Image MD5: 5D81CF9A2F1A3A756B66CF684911CDF0
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): NetBT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetBios over Tcpip
Description: NetBios over Tcpip
Image path: system32\DRIVERS\netbt.sys
Image size: 162816
Image MD5: 74B2B2F5BEA5E9A3DC021D685551BD3D
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): NetDDE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network DDE
Description: Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 111104
Image MD5: B857BA82860D7FF85AE29B095645563B
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: NetDDEDSDM

Service (registry key): NetDDEdsdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network DDE DSDM
Description: Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 111104
Image MD5: B857BA82860D7FF85AE29B095645563B
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1

Service (registry key): Netlogon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Net Logon
Description: Supports pass-through authentication of account logon events for computers in a domain.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: BF2466B3E18E970D8A976FB95FC1CA85
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): Netman
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Connections
Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 288
Error Control: 1
Depends On services: RpcSs

Service (registry key): NetTcpPortSharing
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Net.Tcp Port Sharing Service
Description: Provides ability to share TCP ports over the net.tcp protocol.
Object name: NT AUTHORITY\LocalService
Image path: "c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Image size: 132096
Image MD5: D34612C5D02D026535B3095D620626AE
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1

Service (registry key): Nla
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Location Awareness (NLA)
Description: Collects and stores network configuration and location information, and notifies applications when this information changes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd

Service (registry key): NMIndexingService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NMIndexingService
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe"
Image size: 537896
Image MD5: CB992AE1506985D9167E85883B4C3240
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): Npfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): Ntfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1

Service (registry key): NtLmSsp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NT LM Security Support Provider
Description: Provides security to remote procedure call (RPC) programs that use transports other than named pipes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: BF2466B3E18E970D8A976FB95FC1CA85
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): NtmsSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Removable Storage
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Null
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): nv
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\nv4_mini.sys
Image size: 6555168
Image MD5: C5410B0903D54F71347FE7C5BCA87A81
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): NVSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NVIDIA Display Driver Service
Description: Provides system and desktop level support to the NVIDIA display driver
Object name: LocalSystem
Image path: %SystemRoot%\system32\nvsvc32.exe
Image size: 159812
Image MD5: 93972E943623635A47DC33D312B6A378
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): NwlnkFlt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPX Traffic Filter Driver
Description: IPX Traffic Filter Driver
Image path: system32\DRIVERS\nwlnkflt.sys
Image size: 12416
Image MD5: B305F3FAD35083837EF46A0BBCE2FC57
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: NwlnkFwd

Service (registry key): NwlnkFwd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPX Traffic Forwarder Driver
Description: IPX Traffic Forwarder Driver
Image path: system32\DRIVERS\nwlnkfwd.sys
Image size: 32512
Image MD5: C99B3415198D1AAB7227F2C88FD664B9
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): odserv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Office Diagnostics Service
Description: Run portions of Microsoft Office Diagnostics.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
Image size: 443776
Image MD5: E54AA592A65F317390EEE386A8821692
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): ose
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Office Source Engine
Description: Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Image size: 145184
Image MD5: 5A432A042DAE460ABE7199B758E8606C
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): Outlook
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Parport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Parallel port driver
Image path: system32\DRIVERS\parport.sys
Image size: 80128
Image MD5: 5575FAF8F97CE5E713D108C2A58D7C7C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): PartMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): ParVdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0
Depends On services: Parport
Depends On group: "Parallel arbitrator"

Service (registry key): PCI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PCI Bus Driver
Image path: system32\DRIVERS\pci.sys
Image size: 68224
Image MD5: A219903CCF74233761D92BEF471A07B1
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): PCIDump
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): PCIIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\pciide.sys
Image size: 3328
Image MD5: CCF5F451BB1A5A2A522A76E670000FF0
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): Pcmcia
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): pcouffin
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: VSO Software pcouffin
Image path: System32\Drivers\pcouffin.sys
Image size: 47360
Image MD5: 5B6C11DE7E839C05248CED8825470FEF
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): PDCOMP
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDFRAME
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDRELI
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDRFRAME
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): perc2
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): perc2hib
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): PerfDisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfNet
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfOS
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfProc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PLFlash DeviceIoControl Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PLFlash DeviceIoControl Service
Object name: LocalSystem
Image path: C:\WINDOWS\system32\IoctlSvc.exe
Image size: 81920
Image MD5: 875E4E0661F3A5994DF9E5E3A0A4F96B
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): PlugPlay
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Plug and Play
Description: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 110592
Image MD5: 65DF52F5B8B6E9BBD183505225C37315
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): PnkBstrA
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PnkBstrA
Description: PunkBuster Service Component [v1032] http://www.evenbalance.com
Object name: LocalSystem
Image path: C:\WINDOWS\system32\PnkBstrA.exe
Image size: 75064
Image MD5: A1DD33D16F277CE34124EE52AB2C0F14
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): PnkBstrB
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PnkBstrB
Description: PunkBuster Service Component [v2.200 COD4] http://www.evenbalance.com
Object name: LocalSystem
Image path: C:\WINDOWS\system32\PnkBstrB.exe
Image size: 189104
Image MD5: 10652913B563B6376B5C25DB63FA72E3
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): PolicyAgent
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPSEC Services
Description: Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: BF2466B3E18E970D8A976FB95FC1CA85
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,Tcpip,IPSec

Service (registry key): PptpMiniport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Image path: system32\DRIVERS\raspptp.sys
Image size: 48384
Image MD5: EFEEC01B1D3CF84F16DDD24D9D9D8F99
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ProtectedStorage
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Protected Storage
Description: Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: BF2466B3E18E970D8A976FB95FC1CA85
Control Set: CurrentControlSet
Start: 2
Type: 288
Error Control: 1
Depends On services: RpcSs

Service (registry key): PSched
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Image path: system32\DRIVERS\psched.sys
Image size: 69120
Image MD5: 09298EC810B07E5D582CB3A3F9255424
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Gpc

Service (registry key): Ptilink
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Direct Parallel Link Driver
Description: Direct Parallel Link Driver
Image path: system32\DRIVERS\ptilink.sys
Image size: 17792
Image MD5: 80D317BD1C3DBC5D4FE7B1678C60CADD
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): PxHelp20
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PxHelp20
Image path: System32\Drivers\PxHelp20.sys
Image size: 43528
Image MD5: D86B4A68565E444D76457F14172C875A
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): ql1080
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Ql10wnt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql12160
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql1240
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql1280
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): RasAcd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Image path: system32\DRIVERS\rasacd.sys
Image size: 8832
Image MD5: FE0D99D6F31E4FAD8159F690D68DED9C
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): RasAuto
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Auto Connection Manager
Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RasMan,Tapisrv

Service (registry key): Rasl2tp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Image path: system32\DRIVERS\rasl2tp.sys
Image size: 51328
Image MD5: 11B4A627BC9614B885C4969BFA5FF8A6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): RasMan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Connection Manager
Description: Creates a network connection.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Tapisrv

Service (registry key): RasPppoe
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access PPPOE Driver
Description: Remote Access PPPOE Driver
Image path: system32\DRIVERS\raspppoe.sys
Image size: 41472
Image MD5: 5BC962F2654137C9909C3D4603587DEE
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Raspti
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Direct Parallel
Description: Direct Parallel
Image path: system32\DRIVERS\raspti.sys
Image size: 16512
Image MD5: FDBB1D60066FCFBB7452FD8F9829B242
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Rdbss
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Rdbss
Description: Rdbss
Image path: system32\DRIVERS\rdbss.sys
Image size: 175744
Image MD5: 7AD224AD1A1437FE28D89CF22B17780A
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): RDPCDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\RDPCDD.sys
Image size: 4224
Image MD5: 4912D5B403614CE99C28420F75353332
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): RDPDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): rdpdr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Server Device Redirector Driver
Image path: system32\DRIVERS\rdpdr.sys
Image size: 196224
Image MD5: 15CABD0F7C00C47C70124907916AF3F1
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): RDPNP
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): RDPWD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): RDSessMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Desktop Help Session Manager
Description: Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\sessmgr.exe
Image size: 141312
Image MD5: 3C37BF86641BDA977C3BF8A840F3B7FA
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): redbook
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Digital CD Audio Playback Filter Driver
Image path: system32\DRIVERS\redbook.sys
Image size: 57600
Image MD5: F828DD7E1419B6653894A8F97A0094C5
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): RemoteAccess
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Routing and Remote Access
Description: Offers routing services to businesses in local area and wide area network environments.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSS
Depends On group: NetBIOSGroup

Service (registry key): RemoteRegistry
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Registry
Description: Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): RpcLocator
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Procedure Call (RPC) Locator
Description: Manages the RPC name service database.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\locator.exe
Image size: 75264
Image MD5: AAED593F84AFA419BBAE8572AF87CF6A
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): RpcSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Procedure Call (RPC)
Description: Provides the endpoint mapper and other miscellaneous RPC services.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost -k rpcss
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): RSVP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: QoS RSVP
Description: Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets.
Object name: LocalSystem
Image path: %SystemRoot%\system32\rsvp.exe
Image size: 132608
Image MD5: 471B3F9741D762ABE75E9DEEA4787E47
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: TcpIp,Afd,RpcSs

Service (registry key): RTLE8023xp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver
Image path: system32\DRIVERS\Rtenicxp.sys
Image size: 105856
Image MD5: 89619EF503F949FAE09252A8B883EE11
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SamSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Security Accounts Manager
Description: Stores security information for local user accounts.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: BF2466B3E18E970D8A976FB95FC1CA85
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): SCardSvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Smart Card
Description: Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\SCardSvr.exe
Image size: 95744
Image MD5: 86D007E7A654B9A71D1D7D856B104353
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 0
Depends On services: PlugPlay

Service (registry key): Schedule
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Task Scheduler
Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Secdrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Secdrv
Description: SafeDisc driver
Image path: system32\DRIVERS\secdrv.sys
Image size: 20480
Image MD5: 90A3935D05B494A5A39D37E71F09A677
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): seclogon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Secondary Logon
Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 288
Error Control: 0

Service (registry key): SENS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: System Event Notification
Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: EventSystem

Service (registry key): serenum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Serenum Filter Driver
Image path: system32\DRIVERS\serenum.sys
Image size: 15744
Image MD5: 0F29512CCD6BEAD730039FB4BD2C85CE
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Serial
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Serial port driver
Image path: system32\DRIVERS\serial.sys
Image size: 64512
Image MD5: CCA207A8896D4C6A0C9CE29A4AE411A7
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): ServiceModelEndpoint 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ServiceModelOperation 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ServiceModelService 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Sfloppy
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Depends On group: "SCSI miniport"

Service (registry key): SharedAccess
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Firewall/Internet Connection Sharing (ICS)
Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Netman,WinMgmt

Service (registry key): ShellHWDetection
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Shell Hardware Detection
Description: Provides notifications for AutoPlay hardware events.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSs

Service (registry key): Simbad
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): SLIP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: BDA Slip De-Framer
Image path: system32\DRIVERS\SLIP.sys
Image size: 11136
Image MD5: 866D538EBE33709A5C9F5C62B73B7D14
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SLIP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: BDA Slip De-Framer
Image path: system32\DRIVERS\SLIP.sys
Image size: 11136
Image MD5: 866D538EBE33709A5C9F5C62B73B7D14
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SMSvcHost 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Sparrow
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): splitter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel Audio Splitter
Image path: system32\drivers\splitter.sys
Image size: 6272
Image MD5: AB8B92451ECB048A4D1DE7C3FFCB4A9F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Spooler
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Print Spooler
Description: Loads files to memory for later printing.
Object name: LocalSystem
Image path: %SystemRoot%\system32\spoolsv.exe
Image size: 57856
Image MD5: D8E14A61ACC1D4A6CD0D38AEBAC7FA3B
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): sr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: System Restore Filter Driver
Image path: system32\DRIVERS\sr.sys
Image size: 73472
Image MD5: 76BB022C2FB6902FD5BDD4F78FC13A5D
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1

Service (registry key): srservice
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: System Restore Service
Description: Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Srv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Srv
Description: Srv
Image path: system32\DRIVERS\srv.sys
Image size: 333952
Image MD5: 3BB03F2BA89D2BE417206C373D2AF17C
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): SSDPSRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SSDP Discovery Service
Description: Enables discovery of UPnP devices on your home network.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP

Service (registry key): stisvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Image Acquisition (WIA)
Description: Provides image acquisition services for scanners and cameras.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k imgsvc
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): streamip
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: BDA IPSink
Image path: system32\DRIVERS\StreamIP.sys
Image size: 15232
Image MD5: 77813007BA6265C4B6098187E6ED79D2
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): swenum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Software Bus Driver
Image path: system32\DRIVERS\swenum.sys
Image size: 4352
Image MD5: 3941D127AEF12E93ADDF6FE6EE027E0F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): swmidi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel GS Wavetable Synthesizer
Image path: system32\drivers\swmidi.sys
Image size: 56576
Image MD5: 8CE882BCC6CF8A62F2B2323D95CB3D01
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SwPrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MS Software Shadow Copy Provider
Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{B6A05C37-0CC4-4DE2-8057-CD3853201EAA}
Image size: 5120
Image MD5: 0A9BA6AF531AFE7FA5E4FB973852D863
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Depends On services: rpcss

Service (registry key): symc810
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): symc8xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): sym_hi
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): sym_u3
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): sysaudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel System Audio Device
Image path: system32\drivers\sysaudio.sys
Image size: 60800
Image MD5: 8B83F3ED0F1688B4958F77CD6D2BF290
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SysmonLog
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Performance Logs and Alerts
Description: Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\system32\smlogsvc.exe
Image size: 89600
Image MD5: C7ABBC59B43274B1109DF6B24D617051
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): TapiSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Telephony
Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): Tcpip
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Image path: system32\DRIVERS\tcpip.sys
Image size: 361600
Image MD5: 9AEFA14BD6B182D61E3119FA5F436D3D
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: IPSec

Service (registry key): TDPIPE
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): TDTCP
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): TermDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Device Driver
Image path: system32\DRIVERS\termdd.sys
Image size: 40840
Image MD5: 88155247177638048422893737429D9E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): TermService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Services
Description: Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost -k DComLaunch
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): Themes
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Themes
Description: Provides user experience theme management.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): TlntSvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Telnet
Description: Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\tlntsvr.exe
Image size: 73216
Image MD5: DB7205804759FF62C34E3EFD8A4CC76A
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 1
Depends On services: RPCSS,TCPIP,NTLMSSP

Service (registry key): TosIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): TrkWks
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Distributed Link Tracking Client
Description: Maintains links between NTFS files within a computer or across computers in a network domain.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): TSDDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Udfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1

Service (registry key): ultra
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): UnlockerDriver5
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \??\C:\Program Files\Unlocker\UnlockerDriver5.sys
Image size: 4096
Image MD5: B2AF2BA8A3205A8458B61F638FB431DD
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 0

Service (registry key): Update
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microcode Update Driver
Image path: system32\DRIVERS\update.sys
Image size: 384768
Image MD5: 402DDC88356B1BAC0EE3DD1580C76A31
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): upnphost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Universal Plug and Play Device Host
Description: Provides support to host Universal Plug and Play devices.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: SSDPSRV,HTTP

Service (registry key): UPS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Uninterruptible Power Supply
Description: Manages an uninterruptible power supply (UPS) connected to the computer.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\ups.exe
Image size: 18432
Image MD5: 05365FB38FCA1E98F7A566AAAF5D1815
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): usbccgp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Generic Parent Driver
Image path: system32\DRIVERS\usbccgp.sys
Image size: 32128
Image MD5: 173F317CE0DB8E21322E71B7E60A27E8
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbehci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB 2.0 Enhanced Host Controller Miniport Driver
Image path: system32\DRIVERS\usbehci.sys
Image size: 30208
Image MD5: 65DCF09D0E37D4C6B11B5B0B76D470A7
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbhub
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Standard Hub Driver
Image path: system32\DRIVERS\usbhub.sys
Image size: 59520
Image MD5: 1AB3CDDE553B6E064D2E754EFE20285C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): USBSTOR
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB Mass Storage Driver
Image path: system32\DRIVERS\USBSTOR.SYS
Image size: 26368
Image MD5: A32426D9B14A089EAA1D922E0C5801A9
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbuhci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Universal Host Controller Miniport Driver
Image path: system32\DRIVERS\usbuhci.sys
Image size: 20608
Image MD5: 26496F9DEE2D787FC3E61AD54821FFE6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): VgaSave
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\System32\drivers\vga.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): ViaIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Video3D
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ASUS Video3D Service
Image path: System32\Drivers\Video3D32.sys
Image size: 10752
Image MD5: 8643DA4A6C83DA6C10FCAB1E5AB6632D
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Viewpoint Manager Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Viewpoint Manager Service
Description: Ensures Viewpoint 3D and Rich Media Technologies are up to date
Object name: LocalSystem
Image path: "C:\Program Files\Viewpoint\Common\ViewpointService.exe"
Image size: 24652
Image MD5: 5F974FDE801C73952770736BECDE11E7
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): VolSnap
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): VSS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Volume Shadow Copy
Description: Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\vssvc.exe
Image size: 289792
Image MD5: 7A9DB3A67C333BF0BD42E42B8596854B
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): VxD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): W32Time
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Time
Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): W3SVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): W8335XP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335)
Image path: system32\DRIVERS\WG311v3XP.sys
Image size: 280576
Image MD5: 7455B3C11A1D6A844B53FEBDB58646E9
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Wanarp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Image path: system32\DRIVERS\wanarp.sys
Image size: 34560
Image MD5: E20B95BAEDB550F32DD489265C1DA1F6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Wdf01000
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Wdf01000
Image path: system32\DRIVERS\Wdf01000.sys
Image size: 492000
Image MD5: FD47474BD21794508AF449D9D91AF6E6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): WDICA
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): wdmaud
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft WINMM WDM Audio Compatibility Driver
Image path: system32\drivers\wdmaud.sys
Image size: 83072
Image MD5: 6768ACF64B18196494413695F0C3A00F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): WebClient
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WebClient
Description: Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: MRxDAV

Service (registry key): Windows Workflow Foundation 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

**xcentrik** · 2009-08-10, 01:58

Service (registry key): winmgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Management Instrumentation
Description: Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS

Service (registry key): Winsock
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 4
Error Control: 1

Service (registry key): WinSock2
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): WinTrust
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): WmdmPmSN
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Portable Media Serial Number Service
Description: Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): Wmi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Management Instrumentation Driver Extensions
Description: Provides systems management information to and from drivers.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): WmiApRpl
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): WmiApSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WMI Performance Adapter
Description: Provides performance library information from WMI HiPerf providers.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\wbem\wmiapsrv.exe
Image size: 126464
Image MD5: E0673F1106E62A68D2257E376079F821
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): WMPNetworkSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Media Player Network Sharing Service
Description: Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play
Object name: NT AUTHORITY\NetworkService
Image path: "C:\Program Files\Windows Media Player\WMPNetwk.exe"
Image size: 913408
Image MD5: F74E3D9A7FA9556C3BBB14D4E5E63D3B
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: upnphost,http,HTTPFilter

Service (registry key): WpdUsb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WpdUsb
Image path: system32\DRIVERS\wpdusb.sys
Image size: 38528
Image MD5: CF4DEF1BF66F06964DC0D91844239104
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): WS2IFSL
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 0
Error Control: 0

Service (registry key): wscsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Security Center
Description: Monitors system security settings and configurations.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,winmgmt

Service (registry key): WSTCODEC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: World Standard Teletext Codec
Image path: system32\DRIVERS\WSTCODEC.SYS
Image size: 19200
Image MD5: C98B39829C2BBD34E454150633C62C78
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): wuauserv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Automatic Updates
Description: Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): WudfPf
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Driver Foundation - User-mode Driver Framework Platform Driver
Description: Provide communciation services for UMDF components.
Image path: system32\DRIVERS\WudfPf.sys
Image size: 77568
Image MD5: F15FEAFFFBB3644CCC80C5DA584E6311
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): WudfRd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Driver Foundation - User-mode Driver Framework Reflector
Description: Reflect device requests to user-mode driver drivers
Image path: system32\DRIVERS\wudfrd.sys
Image size: 82944
Image MD5: 28B524262BCE6DE1F7EF9F510BA3985B
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): WudfSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Driver Foundation - User-mode Driver Framework
Description: Manages user-mode driver host processes
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay

Service (registry key): WZCSVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Wireless Zero Configuration
Description: Provides automatic configuration for the 802.11 adapters
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,Ndisuio

Service (registry key): xmlprov
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Provisioning Service
Description: Manages XML configuration files on a domain basis for automatic network provisioning.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): {776DB437-B4DA-49B8-AE48-5493C7CB46F0}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): {7B93701E-2940-4084-AF5D-E6A16D69109E}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): {CB211FD3-4B11-4C69-AD4E-DF1D25A948AB}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

**tashi** · 2009-08-10, 02:56

Hello xcentrik.

Originally Posted by xcentrik

I am sure the process I will follow is pretty much the same as in other posts,

Actually no.

Please read this forum's FAQ, "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) then start a new topic with a link back to this one.

Best regards.

**tashi** · 2009-08-10, 05:53

New topic: http://forums.spybot.info/showthread.php?t=50667

Thread: Win32.TDSS.rtk - Request for Helpq

Thread Tools

Display

Win32.TDSS.rtk - Request for Helpq

SB logs

SB logs

Sb logs

SB logs

SB logs

Posting Permissions