Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Vicious Trojan Keeps Resurfacing!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Vicious Trojan Keeps Resurfacing!

Unread postby grifter » December 10th, 2008, 1:56 pm

Hello,
I've got some kind of Trojan that keeps manipulating my startup settings on Windows Vista. Each time I run Malwarebytes, SuperAntiSpyware, or Spybot, I find A Zlob.DNSChanger or some other kind of Trojan.

Posted Below is my Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:48:08 AM, on 12/10/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\stsystra.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cli ... bd=6061102
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cli ... bd=6061102
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-3285236039-3022485011-2099142154-1006\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O13 - Gopher Prefix:
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 4056572984
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: SCM_Service - Unknown owner - C:\Windows\System32\WinService.exe

--
End of file - 8950 bytes

Thanks for your help! Your sagely advice has helped me in the past, and I sincerely appreciate it.
grifter
Regular Member
 
Posts: 15
Joined: November 10th, 2005, 2:05 am
Advertisement
Register to Remove

Re: Vicious Trojan Keeps Resurfacing!

Unread postby Shaba » December 15th, 2008, 5:13 am

Hi grifter

Please post next scan reports from Malwarebytes, SuperAntiSpyware and Spybot :)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Vicious Trojan Keeps Resurfacing!

Unread postby grifter » December 15th, 2008, 4:24 pm

Thanks for your help, Shaba. Here is the log from Malwarebytes:

Malwarebytes' Anti-Malware 1.31
Database version: 1502
Windows 6.0.6000

12/15/2008 12:20:55 PM
mbam-log-2008-12-15 (12-20-46).txt

Scan type: Full Scan (C:\|D:\|F:\|)
Objects scanned: 235873
Time elapsed: 1 hour(s), 2 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 6
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.75 85.255.112.79 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{bee1c99b-6baa-43b1-917a-c7ceeb7acb71}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.75 85.255.112.79 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.75 85.255.112.79 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{bee1c99b-6baa-43b1-917a-c7ceeb7acb71}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.75 85.255.112.79 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.75 85.255.112.79 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{bee1c99b-6baa-43b1-917a-c7ceeb7acb71}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.75 85.255.112.79 -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I will post the others from Spybot, and SuperAntiSpyware very soon.
Thanks again,
--Grifter
grifter
Regular Member
 
Posts: 15
Joined: November 10th, 2005, 2:05 am

Re: Vicious Trojan Keeps Resurfacing!

Unread postby Shaba » December 15th, 2008, 4:33 pm

OK, take your time :)

I would like to ask if you let malwarebytes to remove what if found?

I ask because all no action taken.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Vicious Trojan Keeps Resurfacing!

Unread postby grifter » December 15th, 2008, 4:44 pm

Yes, Malwarebytes removed the entries, and then asks me to restart my computer. When I restart my computer, the same problems occur. I saved this log before I had Malwarebytes remove the problems, but I copied the parts of the post fixes log for you here:

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.75 85.255.112.79 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{bee1c99b-6baa-43b1-917a-c7ceeb7acb71}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.75 85.255.112.79 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.75 85.255.112.79 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{bee1c99b-6baa-43b1-917a-c7ceeb7acb71}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.75 85.255.112.79 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.75 85.255.112.79 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{bee1c99b-6baa-43b1-917a-c7ceeb7acb71}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.75 85.255.112.79 -> Quarantined and deleted successfully.

Please let me know if there's anything else I need to do from Malwarebytes. Here is my log from Spybot:

--- Search result list ---
Hint of the Day: Click the bar at the right of this to see more information! ()


Zlob.DNSChanger: [SBI $041D1396] TCP/IP Settings #1 (Undefined) (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer=208.67.220.220,208.67.222.222

Zlob.DNSChanger: [SBI $041D1396] TCP/IP Settings #2 (Undefined) (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BEE1C99B-6BAA-43B1-917A-C7CEEB7ACB71}\DhcpNameServer=208.67.220.220,208.67.222.222

CoreMetrics: Tracking cookie (Firefox: default) (Cookie, fixed)


AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)


AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)


AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)


AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)


AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)


AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)



--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-09-16 TeaTimer.exe (1.6.3.25)
2008-12-08 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-10-22 advcheck.dll (1.6.2.13)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2008-11-04 Includes\Adware.sbi (*)
2008-12-09 Includes\AdwareC.sbi (*)
2008-06-03 Includes\Cookies.sbi (*)
2008-09-02 Includes\Dialer.sbi (*)
2008-09-09 Includes\DialerC.sbi (*)
2008-07-23 Includes\HeavyDuty.sbi (*)
2008-11-18 Includes\Hijackers.sbi (*)
2008-11-18 Includes\HijackersC.sbi (*)
2008-12-09 Includes\Keyloggers.sbi (*)
2008-12-09 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-11-18 Includes\Malware.sbi (*)
2008-12-09 Includes\MalwareC.sbi (*)
2008-11-03 Includes\PUPS.sbi (*)
2008-12-09 Includes\PUPSC.sbi (*)
2007-11-07 Includes\Revision.sbi (*)
2008-06-18 Includes\Security.sbi (*)
2008-12-09 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2008-12-10 Includes\Spyware.sbi (*)
2008-12-10 Includes\SpywareC.sbi (*)
2008-06-03 Includes\Tracks.uti
2008-11-04 Includes\Trojans.sbi (*)
2008-12-10 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll



--- System information ---
Windows Vista (Build: 6000) (6.0.6000)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB941833)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)


--- Startup entries list ---
Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 392845E8D49B5F0E81AAC4D795000A8C

Located: HK_LM:Run, avast!
command: "C:\Program Files\Avast4\ashDisp.exe"
file: C:\Program Files\Avast4\ashDisp.exe
size: 81000
MD5: 55EBFBAB39BFAB5E62358C093F297641

Located: HK_LM:Run, CCUTRAYICON
command: C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
file: C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
size: 182744
MD5: CB5AB280926FF4444B8CE6BB07E57A8D

Located: HK_LM:Run, IAAnotif
command: "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
file: C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
size: 174872
MD5: F371C6DF9A810EF2E6E4FA60ACBB5C33

Located: HK_LM:Run, ISUSPM Startup
command: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
file: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
size: 221184
MD5: 9ABF687071C649609BF7E177062A9008

Located: HK_LM:Run, NeroFilterCheck
command: C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
file: C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
file: C:\Windows\system32\NvCpl.dll
size: 13580832
MD5: D76615BD370039309C7D9A8EBF0D16D9

Located: HK_LM:Run, NvMediaCenter
command: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
file: C:\Windows\system32\NvMcTray.dll
size: 92704
MD5: 95B8975A500804F104F45185D7888387

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
file: C:\Program Files\QuickTime\QTTask.exe
size: 413696
MD5: 6CD5C3276C83F72677D647F27EE14ABD

Located: HK_LM:Run, SigmatelSysTrayApp
command: stsystra.exe
file: C:\Windows\stsystra.exe
size: 282624
MD5: E18770ED0BA0BA5BBAE0ABBE456F3482

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
file: C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
size: 144784
MD5: 6AB4C021FBD36DC6764924C312428D97

Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 185784
MD5: 8A71139A5CD86AC55CF0E4383AB4AE33

Located: HK_LM:Run, Windows Defender
command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1006264
MD5: 9AD9E2FB2811123DA13DE84CC154AB77

Located: HK_LM:RunOnce, Malwarebytes Anti-Malware (reboot)
command: "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
file: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
size: 1265296
MD5: 56E3536902563372047C68B3EB3CA6A5

Located: HK_CU:Run, Sidebar
where: S-1-5-19...
command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
file: C:\Program Files\Windows Sidebar\Sidebar.exe
size: 1232896
MD5: 582F3A0BA61D8F0D50C66B592808B6D6

Located: HK_CU:Run, WindowsWelcomeCenter
where: S-1-5-19...
command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
file: C:\Windows\system32\oobefldr.dll
size: 2159104
MD5: 736A6F5FF321AAAAB140B1100E345F04

Located: HK_CU:Run, Sidebar
where: S-1-5-20...
command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
file: C:\Program Files\Windows Sidebar\Sidebar.exe
size: 1232896
MD5: 582F3A0BA61D8F0D50C66B592808B6D6

Located: HK_CU:Run, WindowsWelcomeCenter
where: S-1-5-20...
command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
file: C:\Windows\system32\oobefldr.dll
size: 2159104
MD5: 736A6F5FF321AAAAB140B1100E345F04

Located: HK_CU:Run, BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
where: S-1-5-21-3285236039-3022485011-2099142154-1006...
command: "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
file: C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, Sidebar
where: S-1-5-21-3285236039-3022485011-2099142154-1006...
command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
file: C:\Program Files\Windows Sidebar\sidebar.exe
size: 1232896
MD5: 582F3A0BA61D8F0D50C66B592808B6D6

Located: Startup (common), Adobe Reader Speed Launch.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: Startup (common), HP Digital Imaging Monitor.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 210520
MD5: 1BA45CDEF852381DA4A95D056DDB4B48

Located: Startup (common), NETGEAR WG111v2 Smart Wizard.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
file: C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
size: 1261568
MD5: 3B33BF4A13228EEC2670CF77B157C95F

Located: WinLogon, !SASWinLogon
command: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
file: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
size: 352256
MD5: EDC730A6F345C01D9A12F09621665C5A

Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!



--- Browser helper object list ---
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (WormRadar.com IESiteBlocker.NavFilter)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: WormRadar.com IESiteBlocker.NavFilter
CLSID name: AVG Safe Search

{72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Groove GFS Browser Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Groove GFS Browser Helper
Path: C:\Program Files\Microsoft Office\Office12\
Long name: GrooveShellExtensions.dll
Short name: GRA8E1~1.DLL
Date (created): 8/24/2007 6:01:22 AM
Date (last access): 8/24/2008 7:56:46 PM
Date (last write): 8/24/2007 6:01:22 AM
Filesize: 2212224
Attributes: archive
MD5: 32C4927E013C018A13D8DFBDA4148812
CRC32: 9A9F3D8B
Version: 12.0.6211.1000

{CA6319C0-31B7-401E-A518-A07C3DB8F777} (Browser Address Error Redirector)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Browser Address Error Redirector
CLSID name: CBrowserHelperObject Object
Path: C:\Program Files\BAE\
Long name: BAE.dll
Short name:
Date (created): 11/1/2006 10:29:50 PM
Date (last access): 5/14/2007 4:55:20 PM
Date (last write): 8/30/2006 9:58:56 AM
Filesize: 94208
Attributes: archive
MD5: 7100C083D0C180109376C373F862BF6C
CRC32: 6BC60F66
Version: 1.1.0.1



--- ActiveX list ---
{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://download.microsoft.com/download/ ... ontrol.cab
description:
classification: Legitimate
known filename: LegitCheckControl.DLL
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.DLL
Short name: LEGITC~1.DLL
Date (created): 10/11/2007 2:12:48 PM
Date (last access): 10/11/2007 2:12:48 PM
Date (last write): 10/11/2007 2:12:48 PM
Filesize: 1468968
Attributes: archive
MD5: FC6680B6D4812D017109518AC07DED0E
CRC32: 4DC7C79C
Version: 1.7.59.1

{67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab)
DPF name: System Requirements Lab
CLSID name: System Requirements Lab Class
Installer:
Codebase: http://www.nvidia.com/content/DriverDow ... eqlab2.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: sysreqlab2.dll
Short name: SYSREQ~2.DLL
Date (created): 3/29/2007 11:07:12 AM
Date (last access): 3/29/2007 11:07:12 AM
Date (last write): 3/29/2007 11:07:12 AM
Filesize: 206384
Attributes: archive
MD5: ED3B0F1BA60554B9D2E5AE1B02AD9306
CRC32: E2F1D780
Version: 2.30.0.0

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
DPF name:
CLSID name: MUWebControl Class
Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf
Codebase: http://update.microsoft.com/microsoftup ... 4056572984
description:
classification: Legitimate
known filename: muweb.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: muweb.dll
Short name:
Date (created): 5/26/2005 4:19:32 AM
Date (last access): 5/13/2007 8:57:00 PM
Date (last write): 5/26/2005 4:19:32 AM
Filesize: 178408
Attributes: archive
MD5: EE37AA2C0700221CD8B02FADCD4C7FB5
CRC32: F5494B06
Version: 5.8.0.2469

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 6/10/2008 1:32:34 AM
Date (last access): 6/10/2072 1:32:34 AM
Date (last write): 6/10/2008 3:27:02 AM
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6

{BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab)
DPF name: System Requirements Lab
CLSID name: System Requirements Lab Class
Installer:
Codebase: http://www.systemrequirementslab.com/sysreqlab.cab
description:
classification: Open for discussion
known filename: sysreqlab.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: sysreqlab.dll
Short name: SYSREQ~1.DLL
Date (created): 8/21/2006 10:31:16 AM
Date (last access): 5/11/2007 1:55:50 AM
Date (last write): 8/21/2006 10:31:16 AM
Filesize: 394800
Attributes: archive
MD5: C3B2350E212AAB959D6A24F36118FA7D
CRC32: 997E4DA0
Version: 2.20.0.0

{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: ssv.dll
Short name:
Date (created): 3/20/2008 8:41:58 AM
Date (last access): 2/22/2008 1:33:32 AM
Date (last write): 2/22/2008 3:25:20 AM
Filesize: 509328
Attributes: archive
MD5: 5B42CB6A121256465B251840FDB1B2FE
CRC32: 6EF0BCE9
Version: 6.0.50.13

{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_09
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
description:
classification: Legitimate
known filename: NPJPI150_09.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: ssv.dll
Short name:
Date (created): 3/20/2008 8:41:58 AM
Date (last access): 2/22/2008 1:33:32 AM
Date (last write): 2/22/2008 3:25:20 AM
Filesize: 509328
Attributes: archive
MD5: 5B42CB6A121256465B251840FDB1B2FE
CRC32: 6EF0BCE9
Version: 6.0.50.13

{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_10
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
description:
classification: Legitimate
known filename: npjpi150_10.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: ssv.dll
Short name:
Date (created): 3/20/2008 8:41:58 AM
Date (last access): 2/22/2008 1:33:32 AM
Date (last write): 2/22/2008 3:25:20 AM
Filesize: 509328
Attributes: archive
MD5: 5B42CB6A121256465B251840FDB1B2FE
CRC32: 6EF0BCE9
Version: 6.0.50.13

{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_11
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
description:
classification: Legitimate
known filename: npjpi150_11.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: ssv.dll
Short name:
Date (created): 3/20/2008 8:41:58 AM
Date (last access): 2/22/2008 1:33:32 AM
Date (last write): 2/22/2008 3:25:20 AM
Filesize: 509328
Attributes: archive
MD5: 5B42CB6A121256465B251840FDB1B2FE
CRC32: 6EF0BCE9
Version: 6.0.50.13

{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
description:
classification: Legitimate
known filename: npjpi160.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: ssv.dll
Short name:
Date (created): 3/20/2008 8:41:58 AM
Date (last access): 2/22/2008 1:33:32 AM
Date (last write): 2/22/2008 3:25:20 AM
Filesize: 509328
Attributes: archive
MD5: 5B42CB6A121256465B251840FDB1B2FE
CRC32: 6EF0BCE9
Version: 6.0.50.13

{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_01
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
description:
classification: Legitimate
known filename: npjpi160_01.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: ssv.dll
Short name:
Date (created): 3/20/2008 8:41:58 AM
Date (last access): 2/22/2008 1:33:32 AM
Date (last write): 2/22/2008 3:25:20 AM
Filesize: 509328
Attributes: archive
MD5: 5B42CB6A121256465B251840FDB1B2FE
CRC32: 6EF0BCE9
Version: 6.0.50.13

{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_02
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
description:
classification: Legitimate
known filename: npjpi160_02.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: ssv.dll
Short name:
Date (created): 3/20/2008 8:41:58 AM
Date (last access): 2/22/2008 1:33:32 AM
Date (last write): 2/22/2008 3:25:20 AM
Filesize: 509328
Attributes: archive
MD5: 5B42CB6A121256465B251840FDB1B2FE
CRC32: 6EF0BCE9
Version: 6.0.50.13

{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_03
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: ssv.dll
Short name:
Date (created): 3/20/2008 8:41:58 AM
Date (last access): 2/22/2008 1:33:32 AM
Date (last write): 2/22/2008 3:25:20 AM
Filesize: 509328
Attributes: archive
MD5: 5B42CB6A121256465B251840FDB1B2FE
CRC32: 6EF0BCE9
Version: 6.0.50.13

{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_04
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: ssv.dll
Short name:
Date (created): 3/20/2008 8:41:58 AM
Date (last access): 2/22/2008 1:33:32 AM
Date (last write): 2/22/2008 3:25:20 AM
Filesize: 509328
Attributes: archive
MD5: 5B42CB6A121256465B251840FDB1B2FE
CRC32: 6EF0BCE9
Version: 6.0.50.13

{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_05
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: ssv.dll
Short name:
Date (created): 3/20/2008 8:41:58 AM
Date (last access): 2/22/2008 1:33:32 AM
Date (last write): 2/22/2008 3:25:20 AM
Filesize: 509328
Attributes: archive
MD5: 5B42CB6A121256465B251840FDB1B2FE
CRC32: 6EF0BCE9
Version: 6.0.50.13

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 6/10/2008 1:32:34 AM
Date (last access): 6/10/2072 1:32:34 AM
Date (last write): 6/10/2008 3:27:02 AM
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 6/10/2008 1:32:34 AM
Date (last access): 6/10/2072 1:32:34 AM
Date (last write): 6/10/2008 3:27:02 AM
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6

{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class)
DPF name:
CLSID name: get_atlcom Class
Installer: C:\WINDOWS\Downloaded Program Files\gp.inf
Codebase: http://www.adobe.com/products/acrobat/nos/gp.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: gp.ocx
Short name:
Date (created): 5/16/2007 8:22:06 AM
Date (last access): 5/16/2007 8:22:06 AM
Date (last write): 5/16/2007 8:22:06 AM
Filesize: 166512
Attributes: archive
MD5: 9BCFC46ECA1BF28E039ECCE2D331086E
CRC32: A9C6ED85
Version: 1.2.2.50

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://fpdownload2.macromedia.com/get/s ... wflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\Windows\system32\Macromed\Flash\
Long name: Flash9f.ocx
Short name:
Date (created): 3/24/2008 6:32:42 PM
Date (last access): 6/8/2008 8:21:16 PM
Date (last write): 3/24/2008 6:32:42 PM
Filesize: 2991488
Attributes: readonly archive
MD5: 48FDF435B8595604E54125B321924510
CRC32: 12335E29
Version: 9.0.124.0



--- Process list ---
PID: 1632 ( 992) C:\Windows\system32\Dwm.exe
size: 83456
MD5: E87B968F3D49117445893EB0503FE34F
PID: 1728 (1608) C:\Windows\Explorer.EXE
size: 2923520
MD5: 6D06CD98D954FE87FB2DB8108793B399
PID: 288 (1020) C:\Windows\system32\taskeng.exe
size: 166400
MD5: 1226E9FAE5B8508801EC974E3C9D9C14
PID: 1580 (1728) C:\Program Files\Windows Defender\MSASCui.exe
size: 1006264
MD5: 9AD9E2FB2811123DA13DE84CC154AB77
PID: 1432 (1728) C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
size: 144784
MD5: 6AB4C021FBD36DC6764924C312428D97
PID: 1780 (1728) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
size: 174872
MD5: F371C6DF9A810EF2E6E4FA60ACBB5C33
PID: 2012 (1728) C:\Windows\stsystra.exe
size: 282624
MD5: E18770ED0BA0BA5BBAE0ABBE456F3482
PID: 1836 (1728) C:\Windows\System32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 584 (1728) C:\Program Files\Avast4\ashDisp.exe
size: 81000
MD5: 55EBFBAB39BFAB5E62358C093F297641
PID: 1172 (1728) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 185784
MD5: 8A71139A5CD86AC55CF0E4383AB4AE33
PID: 1124 (1728) C:\Program Files\Windows Sidebar\sidebar.exe
size: 1232896
MD5: 582F3A0BA61D8F0D50C66B592808B6D6
PID: 1820 (1728) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 210520
MD5: 1BA45CDEF852381DA4A95D056DDB4B48
PID: 1804 (1728) C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
size: 1261568
MD5: 3B33BF4A13228EEC2670CF77B157C95F
PID: 1204 ( 760) C:\Windows\System32\mobsync.exe
size: 95232
MD5: 9C632DC0F1B6D79B05F46A4A5349CEF4
PID: 2356 (1124) C:\Program Files\Windows Sidebar\sidebar.exe
size: 1232896
MD5: 582F3A0BA61D8F0D50C66B592808B6D6
PID: 2436 ( 760) C:\Windows\system32\wbem\unsecapp.exe
size: 37376
MD5: E19C7BCE081B85F86F03AE9D82FFA77B
PID: 1752 (1820) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
size: 266240
MD5: 7476780891C8C6219BADE6EAD21A2EB1
PID: 1608 (1728) C:\Program Files\Windows Media Player\wmpnscfg.exe
size: 201728
MD5: 20EF9002CFF89C4C1077E4415EC7297B
PID: 1952 (1728) C:\Program Files\Spybot\SpybotSD.exe
size: 4891472
MD5: 3B1B5D09D3C9C4CD39D4DB06ED7A0855
PID: 0 ( 0) [System Process]
PID: 4 ( 0) System
PID: 412 ( 4) smss.exe
size: 62976
PID: 476 ( 464) csrss.exe
size: 7680
PID: 524 ( 464) wininit.exe
size: 95744
PID: 536 ( 516) csrss.exe
size: 7680
PID: 568 ( 524) services.exe
size: 279552
PID: 580 ( 524) lsass.exe
size: 7680
PID: 588 ( 524) lsm.exe
size: 210944
PID: 760 ( 568) svchost.exe
size: 22016
PID: 792 ( 516) winlogon.exe
size: 308224
PID: 840 ( 568) nvvsvc.exe
size: 196608
PID: 868 ( 568) svchost.exe
size: 22016
PID: 904 ( 568) svchost.exe
size: 22016
PID: 952 ( 568) svchost.exe
size: 22016
PID: 992 ( 568) svchost.exe
size: 22016
PID: 1020 ( 568) svchost.exe
size: 22016
PID: 1184 ( 952) audiodg.exe
size: 88064
PID: 1224 ( 568) SLsvc.exe
size: 2605568
PID: 1260 ( 568) svchost.exe
size: 22016
PID: 1308 ( 840) rundll32.exe
size: 44544
PID: 1668 ( 568) aswUpdSv.exe
PID: 1688 ( 568) ashServ.exe
PID: 264 ( 568) spoolsv.exe
size: 124928
PID: 312 ( 568) svchost.exe
size: 22016
PID: 2704 ( 568) svchost.exe
size: 22016
PID: 2748 ( 568) PresentationFontCache.exe
PID: 2904 ( 568) svchost.exe
size: 22016
PID: 2920 ( 568) IAANTmon.exe
PID: 2960 ( 568) NBService.exe
PID: 2992 ( 568) svchost.exe
size: 22016
PID: 3008 ( 568) svchost.exe
size: 22016
PID: 3028 ( 568) IoctlSvc.exe
size: 81920
PID: 3044 ( 568) svchost.exe
size: 22016
PID: 3056 ( 568) svchost.exe
size: 22016
PID: 3076 ( 568) RichVideo.exe
PID: 3100 ( 568) WinService.exe
size: 180224
PID: 3176 ( 568) svchost.exe
size: 22016
PID: 3232 ( 568) svchost.exe
size: 22016
PID: 3288 ( 568) SearchIndexer.exe
size: 287744
PID: 3364 ( 568) issm.exe
PID: 3544 ( 568) ashWebSv.exe
PID: 3836 (1020) taskeng.exe
size: 166400
PID: 3516 ( 760) WmiPrvSE.exe


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 12/15/2008 12:35:27 PM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\Windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://cm.my.yahoo.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
www.google.com/ig/dell?hl=en&client=del ... bd=6061102
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/search?q=%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Namespace Provider 3: E-mail Naming Shim Provider
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:

Namespace Provider 4: PNRP Cloud Namespace Provider
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:

Namespace Provider 5: PNRP Name Namespace Provider
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:



--- Uninstall list ---
(AddressBook)

Adobe Flash Player ActiveX 9.0.124.0 (Adobe Flash Player ActiveX)
uninstall cmd: C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
publisher: Adobe Systems Incorporated
help link: http://www.adobe.com/go/flashplayer_support/

Adobe Flash Player 10 Plugin 10.0.12.36 (Adobe Flash Player Plugin)
uninstall cmd: C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
publisher: Adobe Systems Incorporated

Adobe Photoshop CS2 9.0 (Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D})
version: 9
version (major): 9
install location: C:\Program Files\Adobe\Adobe Photoshop CS2\
uninstall cmd: msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
publisher: Adobe Systems, Inc.
comments:
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-555-555-4505

Advanced SystemCare 3 3.0.0 (Advanced SystemCare 3_is1)
install date: 20081121
install location: C:\Program Files\Advanced SystemCare 3\
uninstall cmd: "C:\Program Files\Advanced SystemCare 3\unins000.exe"
publisher: IObit
help link: http://www.iobit.com/

AIM 6 (AIM_6)
uninstall cmd: C:\Program Files\AIM6\uninst.exe

(AOL Diagnostics_N)

(AOLOCP_Y)

Ashampoo Burning Studio 6 FREE 6.7.5 (Ashampoo Burning Studio 6 FREE_is1)
install date: 20081205
install location: C:\Program Files\Ashampoo Burning Studio 6\
uninstall cmd: "C:\Program Files\Ashampoo Burning Studio 6\unins000.exe"
publisher: ashampoo GmbH & Co. KG
help link: http://www.ashampoo.com/support

avast! Antivirus 4.8 (avast!)
version (major): 4
version (minor): 8
install location: "C:\Program Files\Avast4"
install source: "C:\Program Files\Avast4\setup"
uninstall cmd: C:\Program Files\Avast4\aswRunDll.exe "C:\Program Files\Avast4\Setup\setiface.dll",RunSetup
publisher: Alwil Software
help link: http://www.avast.com

Azureus 2.5.0.0 (Azureus)
install location: C:\Program Files\Azureus
uninstall cmd: C:\Program Files\Azureus\Uninstall.exe

Otto (B3EE3001-DC24-4cd1-8743-5692C716659F)
uninstall cmd: "C:\Program Files\EnglishOtto\uninstallotto.exe"

(Branding)

CDisplay 1.8 (CDisplay_is1)
uninstall cmd: "C:\Program Files\CDisplay\unins000.exe"
publisher: dvd8n

Conexant D850 PCI V.92 Modem (CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1)

Combined Community Codec Pack 2008-01-24 2008-01-24 00:00 (Combined Community Codec Pack_is1)
install date: 20080603
install location: C:\Program Files\Combined Community Codec Pack\
uninstall cmd: "C:\Program Files\Combined Community Codec Pack\unins001.exe"
publisher: CCCP Project
help link: http://www.cccp-project.net/

(Connection Manager)

CoreDownload Free Wallpaper Changer 2.1 (CoreDownload Free Wallpaper Changer_is1)
install date: 20080914
install location: C:\Program Files\Wallpaper Changer\
uninstall cmd: "C:\Program Files\Wallpaper Changer\unins000.exe"
publisher: CoreDownload Free Wallpaper Changer

(DirectDrawEx)

DVDFab Platinum 4.1.2.0 (DVDFab Platinum 4_is1)
install date: 20080410
install location: C:\Program Files\DVDFab Platinum 4\
uninstall cmd: "C:\Program Files\DVDFab Platinum 4\unins000.exe"
publisher: Fengtao Software Inc.
help link: http://www.dvdfab.com/

(DXM_Runtime)

Intel(R) Quick Resume Technology Drivers (EL)
estimated size: 1
uninstall cmd: C:\WINDOWS\System32\Elusetup.exe

eMule (eMule)
uninstall cmd: "C:\Program Files\eMule\Uninstall.exe"

Microsoft Office Enterprise 2007 12.0.6215.1000 (ENTERPRISE)
install location: C:\Program Files\Microsoft Office
publisher: Microsoft Corporation

Express Burn (ExpressBurn)
uninstall cmd: C:\Program Files\NCH Swift Sound\ExpressBurn\uninst.exe
publisher: NCH Software

Exterminate It! 1.32.12.08 (Exterminate It!)
uninstall cmd: C:\Program Files\Exterminate It!\ExterminateIt_Uninst.exe
publisher: Curio Lab

FastStone Image Viewer 2.8 2.8 (FastStone Image Viewer)
uninstall cmd: C:\Program Files\FastStone Image Viewer\uninst.exe
publisher: FastStone Soft

File Renamer - Basic 4.0.3 (File Renamer - Basic)
uninstall cmd: C:\Windows\File Renamer - Basic Uninstaller.exe
publisher: Sherrod Computers

(Fontcore)

Free Mp3 Wma Converter V 1.6.0 (Free Mp3 Wma Converter_is1)
install location: C:\Program Files\Free Audio Pack\
uninstall cmd: "C:\Program Files\Free Audio Pack\unins000.exe"
publisher: Renan Broquin
help link: http://koyotstar.free.fr

FrostWire 4.17.0 4.17.0.0 (FrostWire)
uninstall cmd: C:\Program Files\FrostWire\Uninstall.exe
publisher: FrostWire, LLC
help link: www.FrostWire.com

getPlus(R)_ocx (getPlus(R)_ocx)
uninstall cmd: rundll32.exe advpack.dll,LaunchINFSection C:\Windows\inf\GETPLUSo.INF, DefaultUninstall

Haali Media Splitter (HaaliMkx)
uninstall cmd: "C:\Program Files\Haali\MatroskaSplitter\uninstall.exe"

HijackThis 2.0.2 2.0.2 (HijackThis)
uninstall cmd: "C:\Program Files\HijackThis\HijackThis.exe" /uninstall
publisher: TrendMicro

HP Imaging Device Functions 8.0 8.0 (HP Imaging Device Functions)
uninstall cmd: C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
publisher: HP
help link: http://www.hp.com/support

HP Solution Center & Imaging Support Tools 5.0 5.0 (HP Solution Center & Imaging Support Tools)
publisher: HP
help link: http://www.hp.com/support

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

(InstallShield Uninstall Information)

SmartSound Quicktracks Plugin 3.0.3.0 (InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E})
version: 50331651
version (major): 3
estimated size: 16196
install date: 20080813
install location: C:\Program Files\SmartSound Software\Quicktracks\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
publisher: SmartSound Software Inc
comments: Built by SmartSound Software Inc.
contact: Customer Support Department
help link: http://www.smartsound.com/support
help telephone: (818) 920-9132

CyberLink PowerDirector 7.0.1915 (InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1})
version: 117440512
version (major): 7
estimated size: 781048
install date: 20080813
install location: C:\Program Files\CyberLink\PowerDirector\
install source: E:\
uninstall cmd: "C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
publisher: CyberLink Corp.
help link: http://support.gocyberlink.com/
help telephone: +886-2-86671298

CyberLink PhotoNow 1.1.5203 (InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE})
version: 17432576
version (major): 1
version (minor): 10
estimated size: 21320
install date: 20080813
install location: C:\Program Files\CyberLink\PhotoNow\
install source: E:\PhotoNow\
uninstall cmd: "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall
publisher: CyberLink Corp.
help link: http://support.gocyberlink.com/
help telephone: +886-2-86671298

(InstallShield_{DA92A916-9238-4448-A876-276180E56FEA})

EA Download Manager 4.0.0.396 (InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474})
version: 67108864
version (major): 4
estimated size: 6743
install date: 20080908
install location: C:\Program Files\Electronic Arts\EADM\
install source: C:\Users\Joe\AppData\Local\Downloaded Installations\{B53F885B-B542-41E4-BE36-D905F5251107}\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1033
publisher: Electronic Arts

Intel(R) Viiv(TM) Software 1.6.429.0 (Intel(R) Configuration Center)
estimated size: 13553
install date: 20070514
install location: C:\Program Files\Intel\IntelDH\
install source: C:\Windows\Downloaded Installations\{292A5828-610D-4FD0-B856-B6CB8A49C657}\
uninstall cmd: MsiExec.exe /X{26C610BF-761B-4209-BD6A-A0F1B73D6DDE} /qb!
publisher: Intel Corporation
readme: C:\Program Files\Intel\IntelDH\readme.txt

IrfanView (remove only) (IrfanView)
uninstall cmd: C:\Program Files\IrfanView\iv_uninstall.exe

(KB884267)

(KB885353)

(KB886612)

(KB887078)

(KB887626)

(KB888656)

(KB889858)

(KB891122)

(KB892313)

(KB893240)

(KB893241)

Windows Installer 3.1 (KB893803) (KB893803v2)
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467

(KB895181)

(KB895316)

(KB895572)

(KB897586)

(KB898549)

(KB900399)

(KB902344)

(KB907658)

(KB911565)

(KB911854)

Security Update for CAPICOM (KB931906) 2.1.0.2 (KB931906)
uninstall cmd: MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931906

(KBKB895961)

Malwarebytes' Anti-Malware (Malwarebytes' Anti-Malware_is1)
install date: 20081206
install location: C:\Program Files\Malwarebytes' Anti-Malware\
uninstall cmd: "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
publisher: Malwarebytes Corporation
help link: http://www.malwarebytes.org

MediaMonkey 3.0 3.0 (MediaMonkey_is1)
install date: 20081106
install location: C:\Program Files\MediaMonkey\
uninstall cmd: "C:\Program Files\MediaMonkey\unins000.exe"
publisher: Ventis Media Inc.
help link: http://www.mediamonkey.com

Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\Windows\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

Microsoft .NET Framework 3.5 (Microsoft .NET Framework 3.5)
install location: C:\Windows\Microsoft.NET\Framework\v3.5\
uninstall cmd: C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=96416

(MobileOptionPack)

Move Networks Player for Internet Explorer (Move Networks Player_is1)
install date: 20070303
install location: C:\Users\Joe\Application Data\Move Networks\ie_bin\
uninstall cmd: "C:\Users\Joe\Application Data\Move Networks\ie_bin\unins000.exe"
publisher: Move Networks
help link: http://www.movenetworks.com

Mozilla Firefox (3.0.4) 3.0.4 (en-US) (Mozilla Firefox (3.0.4))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe
publisher: Mozilla
comments: Mozilla Firefox

(MPlayer2)

(Nero - Burning Rom!UninstallKey)
uninstall cmd: C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL

(NeroBackItUp!UninstallKey)
uninstall cmd: C:\Windows\UNNeroBackItUp.exe /UNINSTALL

(NeroMediaHome!UninstallKey)
uninstall cmd: C:\Windows\UNNeroMediaHome.exe /UNINSTALL

(NeroRecode!UninstallKey)
uninstall cmd: C:\Windows\UNRecode.exe /UNINSTALL

(NeroShowTime!UninstallKey)
uninstall cmd: C:\Windows\UNNeroShowTime.exe /UNINSTALL

(NeroVision!UninstallKey)
uninstall cmd: C:\Windows\UNNeroVision.exe /UNINSTALL

NVIDIA Drivers (NVIDIA Drivers)
uninstall cmd: C:\Windows\system32\NVUNINST.EXE UninstallGUI

PowerISO (PowerISO)
uninstall cmd: "C:\Program Files\PowerISO\uninstall.exe"

(PROSetDX)

(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

RealPlayer (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

RPG Maker VX RTP 1.02 (RPG Maker VX RTP_is1)
install date: 20080422
install location: C:\Program Files\RPGVX\
uninstall cmd: "C:\Program Files\RPGVX\unins000.exe"
publisher: Enterbrain

RPG Maker VX 1.02 (RPG Maker VX_is1)
install date: 20080422
install location: C:\Program Files\RPGVX\
uninstall cmd: "C:\Program Files\RPGVX\unins001.exe"
publisher: Enterbrain

(SchedulingAgent)

SearchAssist (SearchAssist)
uninstall cmd: C:\DELL\SearchAssist\UninstSA.bat

9.0.124.0 (ShockwaveFlash)

Slice Audio File Splitter (Slice)
uninstall cmd: C:\Program Files\NCH Swift Sound\Slice\uninst.exe
publisher: NCH Software

Learn2 Player (Uninstall Only) (StreetPlugin)
uninstall cmd: C:\Program Files\Learn2.com\StRunner\stuninst.exe

Switch Sound File Converter (Switch)
uninstall cmd: C:\Program Files\NCH Swift Sound\Switch\uninst.exe
publisher: NCH Software

System Requirements Lab (SystemRequirementsLab)
uninstall cmd: C:\Program Files\SystemRequirementsLab\Uninstall.exe

The Core Media Player 4.0 (The Core Media Player)
uninstall cmd: "C:\Program Files\CoreCodec\The Core Media Player\uninstall-tcmp4.exe"

The KMPlayer (remove only) (The KMPlayer)
uninstall cmd: "C:\Program Files\The KMPlayer\uninstall.exe"

The Rosetta Stone (The Rosetta Stone)
uninstall cmd: C:\Windows\unvise32.exe C:\Program Files\The Rosetta Stone\TRS Support\uninstal.log

NCH Toolbox (ToolBox)
uninstall cmd: C:\Program Files\NCH Swift Sound\ToolBox\uninst.exe
publisher: NCH Swift Sound

Viewpoint Media Player (ViewpointMediaPlayer)
uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u

Winamp (remove only) (Winamp)
uninstall cmd: "C:\Program Files\Winamp\UninstWA.exe"

Windows Media Format 11 runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
help link: http://go.microsoft.com/fwlink/?LinkId=62768

Windows Media Player 11 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

WinRAR archiver (WinRAR archiver)
uninstall cmd: C:\Program Files\WinRAR\uninstall.exe

(WMCSetup)

Xfire (remove only) (Xfire)
uninstall cmd: "C:\Program Files\Xfire\uninst.exe"

Crysis(R) 1.20.0000 ({000E79B7-E725-4F01-870A-C12942B7F8E4})
version: 18087936
version (major): 1
version (minor): 20
estimated size: 6524823
install date: 20080514
install location: C:\Program Files\Electronic Arts\Crytek\Crysis\
install source: D:\
uninstall cmd: MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
publisher: Electronic Arts

Medieval II Total War : Kingdoms : Crusades 1.03.000 ({02A10468-2F1C-447C-AD8E-4DEDDEA25AE2})
version: 16973824
install date: 20070830
install location: C:\Program Files\SEGA\Medieval II Total War\mods\crusades
install source: D:\crusades\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}\setup.exe -runfromtemp -l0x0009 -removeonly
publisher: SEGA
help link: http://www.sega.com/support
help telephone: 1-800-USA-SEGA

Intel(R) PRO Network Connections ({0A0873E1-D9BA-4994-B85D-A0A331EF1F0C})
version: 184549376
version (major): 11
install date: 20061102
install location: C:\Program Files\Intel\
publisher: Dell
contact: Dell Customer Support
help link: http://support.dell.com

Microsoft Plus! Photo Story 2 LE 1.1.0.3463 ({0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B})
version: 16842752
version (major): 1
version (minor): 1
install date: 20061102
uninstall cmd: MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
publisher: Microsoft Corporation
readme: C:\Program Files\Microsoft Plus! Photo Story 2 LE\Readme.htm

Security Update for CAPICOM (KB931906) 2.1.0.2 ({0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A})
version: 33619968
version (major): 2
version (minor): 1
estimated size: 770
install date: 20070510
install source: C:\Users\Joe\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
publisher: Microsoft Corporation

SF_CDC_Software 82.0.252.000 ({12787065-3D5B-414e-B7A8-859E74785034})
version: 1375731964
version (major): 82
estimated size: 7008
install date: 20081130
install source: C:\Users\Joe\AppData\Local\Temp\7zS97F7.tmp\setup\software\
publisher: Hewlett-Packard

WebReg 82.0.173.000 ({179C56A4-F57F-4561-8BBF-F911D26EB435})
version: 1375731885
version (major): 82
estimated size: 905
install date: 20081130
install source: C:\Users\Joe\AppData\Local\Temp\7zS97F7.tmp\setup\WebReg\
publisher: Hewlett-Packard

AutoUpdate 1.1 ({18D10072035C4515918F7E37EAFAACFC})
install location: C:\Program Files\DivX

Microsoft Visual J# .NET Redistributable Package 1.1 1.1.4322 ({1A655D51-1423-48A3-B748-8F5A0BE294C8})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 11679
install date: 20070512
install source: C:\Users\Joe\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{1A655D51-1423-48A3-B748-8F5A0BE294C8}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Repairjshcore.htm

Mass Effect 1.00 ({1B0FBB9A-995D-47cd-87CD-13E68B676E4F})
uninstall cmd: C:\Program Files\Common Files\BioWare\Uninstall Mass Effect.exe
publisher: Electronic Arts, Inc.
help link: http://support.ea.com/

Adobe Photoshop CS2 9.0 ({236BB7C4-4419-42FD-0409-1E257A25E34D})
version: 150994944
version (major): 9
estimated size: 639892
install date: 20061109
install location: C:\Program Files\Adobe\Adobe Photoshop CS2\
install source: E:\Adobe(R) Photoshop(R) CS2\
publisher: Adobe Systems, Inc.
comments:
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-555-555-4505

5400_Help 82.0.252.000 ({244E1FF0-B8BE-4927-9268-0782C4079F56})
version: 1375731964
version (major): 82
estimated size: 3313
install date: 20081130
install source: C:\Users\Joe\AppData\Local\Temp\7zS97F7.tmp\Setup\producthelp\
publisher: Hewlett-Packard

HP Update 4.000.008.003 ({25F6C900-C138-4888-A56C-91D3D063023A})
version: 67108872
version (major): 4
estimated size: 3572
install date: 20071028
install source: C:\Users\Joe\AppData\Local\Temp\pft5370.tmp\
uninstall cmd: MsiExec.exe /X{25F6C900-C138-4888-A56C-91D3D063023A}
publisher: Hewlett-Packard
contact: http://www.hp.com/support

Intel(R) Viiv(TM) Software 1.6.429.0 ({26C610BF-761B-4209-BD6A-A0F1B73D6DDE})
version: 17170861
version (major): 1
version (minor): 6
estimated size: 444586
install date: 20070514
install location: C:\Program Files\Intel\IntelDH\
install source: C:\Windows\Downloaded Installations\{292A5828-610D-4FD0-B856-B6CB8A49C657}\
publisher: Intel Corporation
readme: C:\Program Files\Intel\IntelDH\readme.txt

Unload 5.0.0 ({2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C})
version: 83886080
version (major): 5
estimated size: 8535
install date: 20061108
install source: d:\setup\UnloadIntent\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

OpenOffice.org 2.4 2.4.9310 ({2CD2C0DB-81C3-416B-9FA6-589B9235359B})
version: 33825886
version (major): 2
version (minor): 4
estimated size: 345009
install date: 20080707
install location: C:\Program Files\OpenOffice.org 2.4\
install source: C:\Users\Joe\Desktop\OpenOffice.org 2.4 (en-US) Installation Files\
uninstall cmd: MsiExec.exe /I{2CD2C0DB-81C3-416B-9FA6-589B9235359B}
publisher: OpenOffice.org
comments: OpenOffice.org 2.4 (en-US) (OOH680m17(Build:9310))
contact: Department for technical support
help link: http://www.openoffice.org
help telephone: x-xxx-xxx-xxx

Microsoft .NET Framework 3.5 3.5.21022 ({2FC099BD-AC9B-33EB-809C-D332E1B27C40})
version: 50680350
version (major): 3
version (minor): 5
estimated size: 47944
install date: 20071203
install source: C:\Users\Joe\AppData\Local\Temp\IXP07DC7.tmp\dotnetfx35\x86\
uninstall cmd: MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
publisher: Microsoft Corporation

Roxio Update Manager 3.0.0 ({30465B6C-B53F-49A1-9EBA-A3F187AD502E})
version: 50331648
version (major): 3
estimated size: 2443
install date: 20070514
uninstall cmd: MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
publisher: Roxio

J2SE Runtime Environment 5.0 Update 6 1.5.0.60 ({3248F0A8-6813-11D6-A77B-00B0D0150060})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 155929
install date: 20061102
install source: C:\Users\Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}\
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_06\README.txt

J2SE Runtime Environment 5.0 Update 9 1.5.0.90 ({3248F0A8-6813-11D6-A77B-00B0D0150090})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 122833
install date: 20061107
install source: http://jdl.sun.com/webapps/download/Get ... ows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_09\README.txt

J2SE Runtime Environment 5.0 Update 10 1.5.0.100 ({3248F0A8-6813-11D6-A77B-00B0D0150100})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 122989
install date: 20061220
install source: http://javadl.sun.com/webapps/download/ ... ows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_10\README.txt

J2SE Runtime Environment 5.0 Update 11 1.5.0.110 ({3248F0A8-6813-11D6-A77B-00B0D0150110})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 123326
install date: 20070220
install source: http://javadl.sun.com/webapps/download/ ... ows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_11\README.txt

Java(TM) SE Runtime Environment 6 1.6.0.0 ({3248F0A8-6813-11D6-A77B-00B0D0160000})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 111346
install date: 20070912
install source: C:\Users\Joe\AppData\LocalLow\Sun\Java\jre1.6.0\
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0\README.txt

Java(TM) SE Runtime Environment 6 Update 1 1.6.0.10 ({3248F0A8-6813-11D6-A77B-00B0D0160010})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 137306
install date: 20070420
install source: http://javadl.sun.com/webapps/download/ ... dows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0_01\README.txt

Java(TM) 6 Update 2 1.6.0.20 ({3248F0A8-6813-11D6-A77B-00B0D0160020})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 136370
install date: 20070720
install source: http://javadl.sun.com/webapps/download/ ... dows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0_02\README.txt

Java(TM) 6 Update 3 1.6.0.30 ({3248F0A8-6813-11D6-A77B-00B0D0160030})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 136430
install date: 20071020
install source: http://javadl.sun.com/webapps/download/ ... dows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0_03\README.txt

Java(TM) 6 Update 4 1.6.0.40 ({3248F0A8-6813-11D6-A77B-00B0D0160040})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 141042
install date: 20080409
install source: C:\Users\Joe\AppData\LocalLow\Sun\Java\jre1.6.0_04\
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0_04\README.txt

Java(TM) 6 Update 5 1.6.0.50 ({3248F0A8-6813-11D6-A77B-00B0D0160050})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 139422
install date: 20080320
install source: http://javadl.sun.com/webapps/download/ ... dows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0_05\README.txt

Java(TM) 6 Update 7 1.6.0.70 ({3248F0A8-6813-11D6-A77B-00B0D0160070})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 139514
install date: 20080720
install source: http://javadl.sun.com/webapps/download/ ... dows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0_07\README.txt

Windows Media Player 10 9.00.3636 ({33BB4982-DC52-4886-A03B-F4C5C80BEE89})
version: 150998580
version (major): 9
install date: 20061102
uninstall cmd: MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=9647

WebFldrs XP 9.50.7523 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2472
install date: 20050816
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows

MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F})
version: 68429425
version (major): 4
version (minor): 20
estimated size: 2625
install date: 20061117
install source: c:\1ca213ccae54b02ee39b97f7f0\
uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/927978

Dell Support 3.2 5.5.2038 ({3846E811-639D-4DE1-844B-30491C0A6C0C})
version: 84215798
version (major): 5
version (minor): 5
install date: 20061102
uninstall cmd: MsiExec.exe /X{3846E811-639D-4DE1-844B-30491C0A6C0C}
publisher: Dell
help link: http://support.dell.com/support/topics/ ... dn=1091989

URL Assistant ({3EE33958-7381-4E7B-A4F3-6E43098E9E9C})
uninstall cmd: regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"

NetWaiting 2.5.41 ({3F92ABBB-6BBF-11D5-B229-002078017FBF})
version: 33882153
install date: 20070514
install location: C:\Program Files\NetWaiting
uninstall cmd: C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\Setup.exe -runfromtemp -l0x0009 -removeonly
publisher: BVRP Software, Inc

8.00.0005 ({403EF592-953B-4794-BCEF-ECAB835C2095})
version: 134217733
version (major): 8
install date: 20061102
uninstall cmd: MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
publisher: Intel
comments: Pseudo NCS Install
contact: Customer Support Department
help link: http://www.intel.com
help telephone: 1-555-555-4505

NETGEAR WG111v2 wireless USB 2.0 adapter 1.0.0.133 ({4102037D-E8E0-48E0-B203-E521D194FB71})
version: 16777216
install date: 20080812
install location: C:\Program Files\NETGEAR\WG111v2
uninstall cmd: C:\Program Files\InstallShield Installation Information\{4102037D-E8E0-48E0-B203-E521D194FB71}\setup.exe -runfromtemp -l0x0009 -removeonly
publisher: NETGEAR

5400 82.0.252.000 ({488EF5B2-F072-46a1-B088-BEC3F4151E30})
version: 1375731964
version (major): 82
estimated size: 263
install date: 20081130
install source: C:\Program Files\HP\Digital Imaging\{FB79A6DF-44D2-40a6-9FFC-34BDEEBD980B}\Product\
publisher: Hewlett-Packard

ViewSonic Monitor Drivers ({48963B63-7A10-49D6-8B08-61E6132453D0})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48963B63-7A10-49D6-8B08-61E6132453D0}\Setup.exe" -l0x9

SmartSound Quicktracks Plugin 3.0.3.0 ({4A7FDA4D-F4D7-4A49-934A-066D59A43C7E})
version: 50331651
version (major): 3
estimated size: 16196
install date: 20080813
install location: C:\Program Files\SmartSound Software\Quicktracks\
publisher: SmartSound Software Inc
comments: Built by SmartSound Software Inc.
contact: Customer Support Department
help link: http://www.smartsound.com/support
help telephone: (818) 920-9132

neroxml 1.0.0 ({56C049BE-79E9-4502-BEA7-9754A3E60F9B})
version: 16777216
version (major): 1
estimated size: 48
install date: 20070613
install source: C:\Users\Joe\AppData\Local\Temp\NERFE96.tmp\Redist\
uninstall cmd: MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
publisher: Nero AG
contact: Nero AG

Dell Driver Reset Tool 1.02.0000 ({5905F42D-3F5F-4916-ADA6-94A3646AEE76})
version: 16908288
version (major): 1
version (minor): 2
install date: 20061102
uninstall cmd: MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
publisher: Dell Inc.
comments:
contact: Customer Support Department
help link: http://support.dell.com
help telephone:

User's Guides ({5CD29180-A95E-11D3-A4EB-00C04F7BDB2C})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"

EarthLink Setup Files 2005.2.178.0.2.2 ({5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2})
version (major): 2005
version (minor): 2
install date: 20061102
install location: C:\Program Files\EarthLink Setup\
uninstall cmd: MsiExec.exe /X{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}
publisher: EarthLink, Inc.

DeviceFunctionQFolder 1.00.0000 ({5F26311C-B135-4F7F-B11E-8E650F83651E})
version: 16777216
version (major): 1
estimated size: 124
install date: 20061108
install source: d:\setup\QFolder\
publisher: Hewlett-Packard

GameSpy Comrade 1.5.0.156 ({5F4C776F-8CBD-4C4F-892F-B568ABDD70C8})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 19486
install date: 20071123
install location: C:\Program Files\GameSpy\Comrade\
publisher: GameSpy

({62369F2F77534556AEF4C58152E3BDE5})

AOLIcon 1.00.0000 ({62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C})
version: 16777216
version (major): 1
estimated size: 648
install date: 20061102
uninstall cmd: MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
publisher: Dell
comments: Your Comments
contact: Customer Support Department
help link: http://www.yourcompany.com/help
help telephone: 1-555-555-4505

eSupportQFolder 1.00.0000 ({66E6CE0C-5A1E-430C-B40A-0C90FF1804A8})
version: 16777216
version (major): 1
estimated size: 124
install date: 20061108
install source: d:\setup\QFolder\
publisher: Hewlett-Packard

SF_CDC_ProductContext 82.0.252.000 ({68661EEA-28C4-4401-9D86-9AE17269560E})
version: 1375731964
version (major): 82
estimated size: 58
install date: 20081130
install source: C:\Program Files\HP\Digital Imaging\{FB79A6DF-44D2-40a6-9FFC-34BDEEBD980B}\
publisher: Hewlett-Packard

Apple Software Update 2.1.1.116 ({6956856F-B6B3-4BE0-BA0B-8F495BE32033})
version: 33619969
version (major): 2
version (minor): 1
estimated size: 2208
install date: 20081105
install location: C:\Program Files\Apple Software Update\
install source: C:\Users\Joe\AppData\Local\Temp\IXP108.TMP\
uninstall cmd: MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Windows Media Player Firefox Plugin 1.0.0.8 ({69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4})
version: 16777216
version (major): 1
estimated size: 296
install date: 20070622
install source: C:\Users\Joe\AppData\Local\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
publisher: Microsoft Corp

Microsoft Works 08.05.0818 ({6D52C408-B09A-4520-9B18-475B81D393F1})
version: 134546226
version (major): 8
version (minor): 5
estimated size: 3480
install date: 20080910
uninstall cmd: MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
publisher: Microsoft Corporation
comments: Microsoft Works 8.0 installation.
help link: http://go.microsoft.com/fwlink/?LinkId=6831
help telephone:

Digital Content Portal 1.00.0000 ({6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33})
version: 16777216
version (major): 1
install date: 20061102
uninstall cmd: MsiExec.exe /I{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}
publisher: Dell
comments: Dell Download Center
contact: Customer Support Department
help link: http://support.dell.com/
help telephone: http://support.dell.com/

Microsoft Plus! Digital Media Edition Installer 1.1.0.3514 ({6E45BA47-383C-4C1E-8ED0-0D4845C293D7})
version: 16842752
version (major): 1
version (minor): 1
install date: 20061102
uninstall cmd: MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
publisher: Microsoft Corporation

Microsoft Visual C++ 2005 Redistributable 8.0.56336 ({7299052b-02a4-4627-81f2-1818da5d550d})
version: 134274064
version (major): 8
estimated size: 422
install date: 20070920
install source: C:\Users\Joe\AppData\Local\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
publisher: Microsoft Corporation

Dell System Restore 2.00.0000 ({74F7662C-B1DB-489E-A8AC-07A06B24978B})
version: 33554432
version (major): 2
install date: 20061102
publisher: Dell Inc.
comments: N/A
contact: Customer Support Department
help link: http://support.dell.com
help telephone: 1-800-624-9896

6.6.0 ({7585478E9D9B42108671C12F8714CEFE})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
publisher: DivX, Inc.

Medieval II Total War : Kingdoms : Americas 1.03.000 ({75983B66-804C-40D1-BA13-64DAF652A6F1})
version: 16973824
install date: 20070830
install location: C:\Program Files\SEGA\Medieval II Total War\mods\americas
install source: D:\americas\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{75983B66-804C-40D1-BA13-64DAF652A6F1}\setup.exe -runfromtemp -l0x0009 -removeonly
publisher: SEGA
help link: http://www.sega.com/support
help telephone: 1-800-USA-SEGA

Medieval II Total War : Kingdoms : Teutonic 1.03.000 ({7AEE1963-7001-4C37-BC20-2FAEB74AA41C})
version: 16973824
install date: 20070830
install location: C:\Program Files\SEGA\Medieval II Total War\mods\teutonic
install source: D:\teutonic\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}\setup.exe -runfromtemp -l0x0009 -removeonly
publisher: SEGA
help link: http://www.sega.com/support
help telephone: 1-800-USA-SEGA

DivX Codec 6.8.2 ({7B63B2922B174135AFC0E1377DD81EC2})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
publisher: DivX, Inc.

Modem Helper 2.40 ({7F142D56-3326-11D5-B229-002078017FBF})
install location: C:\Program Files\Modem Helper
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
publisher: BVRP Software

MSXML 4.0 SP2 (KB954430) 4.20.9870.0 ({86493ADD-824D-4B8E-BD72-8C5DCDC52A71})
version: 68429454
version (major): 4
version (minor): 20
estimated size: 1309
install date: 20081112
uninstall cmd: MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/954430

Microsoft Silverlight 2.0.31005.0 ({89F4137D-6C26-4A84-BDB8-2E5A4BB71E00})
version: 33585437
version (major): 2
estimated size: 29338
install date: 20081025
install location: c:\Program Files\Microsoft Silverlight\
uninstall cmd: MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkID=91955

Bonjour 1.0.105 ({8A25392D-C5D2-4E79-A2BD-C15DDC5B0959})
version: 16777321
version (major): 1
estimated size: 497
install date: 20081105
install location: C:\Program Files\Bonjour\
install source: C:\Users\Joe\AppData\Local\Temp\IXP108.TMP\
uninstall cmd: MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

({8ADFC4160D694100B5B8A22DE9DCABD9})

QuickTime 7.55.90.70 ({8DC42D05-680B-41B0-8878-6C14D24602DB})
version: 121045082
version (major): 7
version (minor): 55
estimated size: 89767
install date: 20081105
install location: C:\Program Files\QuickTime\
install source: C:\Users\Joe\AppData\Local\Temp\IXP108.TMP\
uninstall cmd: MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Adobe Common File Installer 1.00.0000 ({8EDBA74D-0686-4C99-BFDD-F894678E5B39})
version: 16777216
version (major): 1
estimated size: 136561
install date: 20061109
install location: C:\Program Files\Common Files\Adobe\
install source: E:\Adobe(R) Photoshop(R) CS2\commonfilesinstaller\
uninstall cmd: MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
publisher: Adobe System Incorporated
comments: Your Comments
contact: Customer Support Department
help link: http://www.adobe.com/help
help telephone: 1-555-555-4505

Microsoft Office Access MUI (English) 2007 12.0.6215.1000 ({90120000-0015-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 31916
install date: 20080824
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0117-0409-0000-0000000FF1CE}-C\Access.en-us\
uninstall cmd: MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Excel MUI (English) 2007 12.0.6215.1000 ({90120000-0016-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 54928
install date: 20081209
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0016-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Update for Microsoft Office Excel 2007 Help (KB957242) ({90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{51864046-74C8-487B-97CD-6167A4B1DB56})
uninstall cmd: msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {51864046-74C8-487B-97CD-6167A4B1DB56}
publisher: Microsoft
help link: http://support.microsoft.com/kb/957242

Microsoft Office PowerPoint MUI (English) 2007 12.0.6215.1000 ({90120000-0018-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 27969
install date: 20081209
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0018-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Update for Microsoft Office PowerPoint 2007 Help (KB957247) ({90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{B20E2C59-EEC5-4102-9E50-5DBB2093C37D})
uninstall cmd: msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {B20E2C59-EEC5-4102-9E50-5DBB2093C37D}
publisher: Microsoft
help link: http://support.microsoft.com/kb/957247

Microsoft Office Publisher MUI (English) 2007 12.0.6215.1000 ({90120000-0019-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 33746
install date: 20081112
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0019-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Update for Microsoft Office Publisher 2007 Help (KB957249) ({90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{4E140A5A-4A90-404A-B955-10C2D98CD3EE})
uninstall cmd: msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4E140A5A-4A90-404A-B955-10C2D98CD3EE}
publisher: Microsoft
help link: http://support.microsoft.com/kb/957249

Microsoft Office Outlook MUI (English) 2007 12.0.6215.1000 ({90120000-001A-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 40744
install date: 20081209
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-001A-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Update for Microsoft Office Outlook 2007 Help (KB957246) ({90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{6F0E4983-E419-4591-B7DD-EFB0073D3E47})
uninstall cmd: msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {6F0E4983-E419-4591-B7DD-EFB0073D3E47}
publisher: Microsoft
help link: http://support.microsoft.com/kb/957246

Microsoft Office Word MUI (English) 2007 12.0.6215.1000 ({90120000-001B-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 32933
install date: 20081209
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-001B-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Update for Microsoft Office Word 2007 Help (KB957252) ({90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{54DF3345-0720-4224-9740-C7E00303F565})
uninstall cmd: msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {54DF3345-0720-4224-9740-C7E00303F565}
publisher: Microsoft
help link: http://support.microsoft.com/kb/957252

Microsoft Office Proof (English) 2007 12.0.6213.1000 ({90120000-001F-0409-0000-0000000FF1CE})
version: 201332805
version (major): 12
estimated size: 56807
install date: 20080824
install location: C:\Program Files\Microsoft Office\
uninstall cmd: MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173})
uninstall cmd: msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Proof (French) 2007 12.0.6213.1000 ({90120000-001F-040C-0000-0000000FF1CE})
version: 201332805
version (major): 12
estimated size: 23736
install date: 20080824
install location: C:\Program Files\Microsoft Office\
uninstall cmd: MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C})
uninstall cmd: msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Proof (Spanish) 2007 12.0.6213.1000 ({90120000-001F-0C0A-0000-0000000FF1CE})
version: 201332805
version (major): 12
estimated size: 38517
install date: 20080824
install location: C:\Program Files\Microsoft Office\
uninstall cmd: MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1})
uninstall cmd: msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Compatibility Pack for the 2007 Office system 12.0.6215.1000 ({90120000-0020-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 171726
install date: 20081112
install source: C:\Program Files\MSECache\O2007Cnv\1033\
uninstall cmd: MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support

Microsoft Office Proofing (English) 2007 12.0.4518.1014 ({90120000-002C-0409-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 506
install date: 20080807
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Enterprise 2007 12.0.6215.1000 ({90120000-0030-0000-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 919449
install date: 20081112
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
publisher: Microsoft Corporation

Update for Outlook 2007 Junk Email Filter (kb957829) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{07A1F6B6-4F1C-418C-A605-755A121C4A16})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {07A1F6B6-4F1C-418C-A605-755A121C4A16}
publisher: Microsoft
help link: http://support.microsoft.com/kb/957829

Security Update for 2007 Microsoft Office System (KB955936) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1D94099C-2BBA-440E-BD5E-093BBDF8F028})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
publisher: Microsoft
help link: http://support.microsoft.com/kb/955936

Update for Microsoft Office Outlook 2007 (KB952142) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{4AD3A076-427C-491F-A5B7-7D1DE788A756})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
publisher: Microsoft
help link: http://support.microsoft.com/kb/952142

Security Update for Microsoft Office PowerPoint 2007 (KB951338) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{558B709B-821B-4FC5-90FC-9A8890641E77})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
publisher: Microsoft
help link: http://support.microsoft.com/kb/951338

Security Update for Microsoft Office system 2007 (KB954326) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5F7F6FFF-395D-480E-8450-64F385D82C5F})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
publisher: Microsoft
help link: http://support.microsoft.com/kb/954326

Security Update for Microsoft Office Excel 2007 (KB955470) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E8637D8-10D6-4568-AA06-E2706F31685E})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
publisher: Microsoft
help link: http://support.microsoft.com/kb/955470

Security Update for 2007 Microsoft Office System (KB951944) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{797AE457-BA17-4BBC-B501-25FB3A0103C7})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
publisher: Microsoft
help link: http://support.microsoft.com/kb/951944

Security Update for Microsoft Office system 2007 (KB951808) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8F375E11-4FD6-4B89-9E2B-A76D48B51E00})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
publisher: Microsoft
help link: http://support.microsoft.com/kb/951808

Update for Office 2007 (KB946691) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A420F522-7395-4872-9882-C591B4B92278})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
publisher: Microsoft
help link: http://support.microsoft.com/kb/946691

Security Update for Microsoft Office Word 2007 (KB950113) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD72BABE-C733-4FCF-9674-4314466191B9})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
publisher: Microsoft
help link: http://support.microsoft.com/kb/950113

Security Update for 2007 Microsoft Office System (KB951550) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B243E9A5-ED77-4F1B-B338-2486FD82DC85})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
publisher: Microsoft
help link: http://support.microsoft.com/kb/951550

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Security Update for Microsoft Office OneNote 2007 (KB950130) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F1B2401C-B610-4BF2-AA1C-52C55827A8F4})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
publisher: Microsoft
help link: http://support.microsoft.com/kb/950130

Security Update for Microsoft Office Publisher 2007 (KB950114) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
publisher: Microsoft
help link: http://support.microsoft.com/kb/950114

Microsoft Office InfoPath MUI (English) 2007 12.0.6215.1000 ({90120000-0044-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 8746
install date: 20080824
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0044-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Shared MUI (English) 2007 12.0.6215.1000 ({90120000-006E-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 53482
install date: 20081112
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

Update for Microsoft Script Editor Help (KB957253) ({90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{F21BF703-548C-47B2-B92A-6876E9566C42})
uninstall cmd: msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {F21BF703-548C-47B2-B92A-6876E9566C42}
publisher: Microsoft
help link: http://support.microsoft.com/kb/957253

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85})
uninstall cmd: msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office OneNote MUI (English) 2007 12.0.6215.1000 ({90120000-00A1-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 39726
install date: 20081112
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-00A1-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Update for Microsoft Office OneNote 2007 Help (KB957245) ({90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{7332DE60-DC79-4578-A60A-A5EA0D6E032B})
uninstall cmd: msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {7332DE60-DC79-4578-A60A-A5EA0D6E032B}
publisher: Microsoft
help link: http://support.microsoft.com/kb/957245

Microsoft Office Groove MUI (English) 2007 12.0.6215.1000 ({90120000-00BA-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 3566
install date: 20080824
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0114-0409-0000-0000000FF1CE}-C\Groove.en-us\
uninstall cmd: MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Groove Setup Metadata MUI (English) 2007 12.0.6215.1000 ({90120000-0114-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 502
install date: 20080824
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0114-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Shared Setup Metadata MUI (English) 2007 12.0.6215.1000 ({90120000-0115-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 494
install date: 20080824
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85})
uninstall cmd: msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Access Setup Metadata MUI (English) 2007 12.0.6215.1000 ({90120000-0117-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 502
install date: 20080824
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0117-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Intel(R) Matrix Storage Manager ({9068B2BE-D93A-4C0A-861C-5E35E2C0E09E})
uninstall cmd: C:\Windows\System32\Imsmudlg.exe

Apple Mobile Device Support 2.1.1.13 ({976C2B2A-CE59-4AB3-83FB-BF895E28F2E6})
version: 33619969
version (major): 2
version (minor): 1
estimated size: 38008
install date: 20081105
install location: C:\Program Files\Common Files\Apple\Mobile Device Support\
install source: C:\Users\Joe\AppData\Local\Temp\IXP108.TMP\
uninstall cmd: MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Status 82.0.173.000 ({978C25EE-5777-46e4-8988-732C297CBDBD})
version: 1375731885
version (major): 82
estimated size: 580
install date: 20081130
install source: C:\Users\Joe\AppData\Local\Temp\7zS97F7.tmp\setup\Status\
publisher: Hewlett-Packard

Sonic Encoders 1.00 ({9941F0AA-B903-4AF4-A055-83A9815CC011})
version: 16777216
version (major): 1
estimated size: 4037
install date: 20050816
install source: d:\OEM\CONTENT\Extras\Sonic\
uninstall cmd: MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
publisher: Sonic Solutions

Destinations 82.0.173.000 ({9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF})
version: 1375731885
version (major): 82
estimated size: 20223
install date: 20081130
install source: C:\Users\Joe\AppData\Local\Temp\7zS97F7.tmp\setup\Destinations\
publisher: Hewlett-Packard

SPORE™ 1.02.0000 ({9DF0196F-B6B8-4C3A-8790-DE42AA530101})
version: 16908288
install date: 20081111
install location: C:\Program Files\SPORE
install source: D:\
uninstall cmd: "C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\setup.exe" -runfromtemp -l0x0009 -removeonly
publisher: Electronic Arts

SigmaTel Audio 5.10.4803.0 ({A462213D-EED4-42C2-9A60-7BDD4D4B0B17})
version: 84546243
install date: 20071224
install location: C:\Program Files\SigmaTel\C-Major Audio
install source: C:\dell\drivers\R124105\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
publisher: SigmaTel

EducateU 1.00.0000 ({A683A2C0-821C-486F-858C-FA634DB5E864})
version: 16777216
version (major): 1
install date: 20061102
uninstall cmd: MsiExec.exe /I{A683A2C0-821C-486F-858C-FA634DB5E864}
publisher: Dell
comments: Your Comments
contact: Customer Support Department
help link: http://support.dell.com
help telephone: http://support.dell.com

Sid Meier's Civilization 4 1.00.0000 ({A8589680-35C1-4732-ACCA-09B78921ECE3})
version: 16777216
version (major): 1
estimated size: 808
install date: 20080709
install location: C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\
publisher: Firaxis Games
contact: Customer Support Department
help link: http://www.2kgames.com/civ4/

Adobe Reader 8.1.3 8.1.3 ({AC76BA86-7AD7-1033-7B44-A81300000003})
version: 134283267
version (major): 8
version (minor): 1
estimated size: 87015
install date: 20081119
install source: C:\Users\Joe\AppData\Local\Adobe\Updater5\Install\reader8rdr-en_US\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
publisher: Adobe Systems Incorporated
comments:
contact: Customer Support
help link: http://www.adobe.com/support/main.html
readme: C:\Program Files\Adobe\Reader 8.0\Reader\Readme.htm

Documentation & Support Launcher 1.00.0000 ({B0DF58A2-40DF-4465-AA56-38623EC9938C})
version: 16777216
version (major): 1
install date: 20061102
install location: C:\Program Files\Dell\Launcher\DS\
uninstall cmd: MsiExec.exe /X{B0DF58A2-40DF-4465-AA56-38623EC9938C}
publisher: Dell Inc.

DivX Converter 6.6.0 ({B13A7C41581B411290FBC0395694E2A9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
publisher: DivX, Inc.

Spybot - Search & Destroy 1.6.0 ({B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1)
install date: 20081208
install location: C:\Program Files\Spybot\
uninstall cmd: "C:\Program Files\Spybot\unins000.exe"
publisher: Safer Networking Limited
help link: http://www.safer-networking.org/index.php?page=support

ViewSonic Monitor Drivers ({B4FEA924-630D-11D4-B78E-005004566E4D})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4FEA924-630D-11D4-B78E-005004566E4D}\Setup.exe" -l0x9

Games, Music, & Photos Launcher 1.00.0000 ({B6884A07-0305-47AE-9969-8F26FADC17DE})
version: 16777216
version (major): 1
install date: 20061102
install location: C:\Program Files\Dell\Launcher\GMP\
uninstall cmd: MsiExec.exe /X{B6884A07-0305-47AE-9969-8F26FADC17DE}
publisher: Dell Inc.

DivX Web Player 1.4.0 ({B7050CBDB2504B34BC2A9CA0A692CC29})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
publisher: DivX,Inc.

Adobe Bridge 1.0 001.000.004 ({B74D4E10-6884-0000-0000-000000000103})
version: 16777219
version (major): 1
estimated size: 89209
install date: 20061109
install location: C:\Program Files\Adobe\Adobe Bridge\
install source: C:\Users\Joe\LOCALS~1\Temp\
uninstall cmd: MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
publisher: Adobe Systems
comments: Your Comments
contact: Customer Support Department
help link: http://www.adobe.com/support/main.html

BufferChm 82.0.173.000 ({BE77A81F-B315-4666-9BF3-AE70C0ADB057})
version: 1375731885
version (major): 82
estimated size: 2146
install date: 20081130
install source: C:\Users\Joe\AppData\Local\Temp\7zS97F7.tmp\setup\BufferChm\
publisher: Hewlett-Packard

Disc2Phone 1.5.185 ({C01408FC-117C-44B7-8B0C-17794E526A01})
version: 17105081
version (major): 1
version (minor): 5
estimated size: 7886
install date: 20080203
install source: C:\Program Files\Sony Setup\Disc2Phone\
uninstall cmd: MsiExec.exe /X{C01408FC-117C-44B7-8B0C-17794E526A01}
help link: http://www.sonyericsson.com/support

MSXML 4.0 SP2 (KB936181) 4.20.9848.0 ({C04E32E0-0416-434D-AFB9-6969D703A9EF})
version: 68429432
version (major): 4
version (minor): 20
estimated size: 1296
install date: 20070815
uninstall cmd: MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/936181

Medieval II Total War 1.03.000 ({C0698BDA-0D29-40EE-8570-A31106DF9AB1})
version: 16973824
install date: 20070830
install location: C:\Program Files\SEGA\Medieval II Total War
install source: D:\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}\setup.exe -runfromtemp -l0x0009 -removeonly
publisher: SEGA
help link: http://www.sega.com/support
help telephone: 1-800-USA-SEGA

MSXML 4.0 SP2 (KB941833) 4.20.9849.0 ({C523D256-313D-4866-B36A-F3DE528246EF})
version: 68429433
version (major): 4
version (minor): 20
estimated size: 1296
install date: 20071010
uninstall cmd: MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/941833

Toolbox 82.0.173.000 ({C716522C-3731-4667-8579-40B098294500})
version: 1375731885
version (major): 82
estimated size: 6005
install date: 20081130
install source: C:\Users\Joe\AppData\Local\Temp\7zS97F7.tmp\setup\Toolbox\
publisher: Hewlett-Packard

CyberLink PowerDirector 7.0.1915 ({CB099890-1D5F-11D5-9EA9-0050BAE317E1})
version: 117440512
version (major): 7
estimated size: 781048
install date: 20080813
install location: C:\Program Files\CyberLink\PowerDirector\
install source: E:\
publisher: CyberLink Corp.
help link: http://support.gocyberlink.com/
help telephone: +886-2-86671298

Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 53239
install date: 20070514
install source: C:\$WINDOWS.~LS\Sources\NETFX\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\Windows\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

SUPERAntiSpyware Free Edition 4.22.0.1014 ({CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA})
version: 68550656
version (major): 4
version (minor): 22
estimated size: 18101
install date: 20081206
install source: C:\Program Files\Common Files\Wise Installation Wizard\
uninstall cmd: MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
publisher: SUPERAntiSpyware.com
help link: http://www.superantispyware.com/support.html

Medieval II Total War : Kingdoms : Britannia 1.03.000 ({CEDDEE73-3D36-41C2-AA40-29355D9FBD63})
version: 16973824
install date: 20070830
install location: C:\Program Files\SEGA\Medieval II Total War\mods\british_isles
install source: D:\britannia\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}\setup.exe -runfromtemp -l0x0009 -removeonly
publisher: SEGA
help link: http://www.sega.com/support
help telephone: 1-800-USA-SEGA

Sid Meier's Civilization 4 1.74 ({CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8})
version: 21626880
install date: 20080709
install location: C:\Program Files\Firaxis Games\Sid Meier's Civilization 4
install source: C:\Users\Joe\AppData\Local\Temp\byeC1D7.tmp\Disk1\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x9 -removeonly
publisher: Firaxis Games
help link: http://www.2kgames.com/civ4/support.htm
readme: C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Readme.htm

CyberLink PhotoNow 1.1.5203 ({D36DD326-7280-11D8-97C8-000129760CBE})
version: 17432576
version (major): 1
version (minor): 10
estimated size: 21320
install date: 20080813
install location: C:\Program Files\CyberLink\PhotoNow\
install source: E:\PhotoNow\
publisher: CyberLink Corp.
help link: http://support.gocyberlink.com/
help telephone: +886-2-86671298

Nero 8 8.3.42 ({D6D5CB84-0E6E-4E69-B300-C690B6911033})
version: 134414378
version (major): 8
version (minor): 3
estimated size: 1733158
install date: 20080611
install location: C:\Program Files\Nero\Nero8\
uninstall cmd: MsiExec.exe /X{D6D5CB84-0E6E-4E69-B300-C690B6911033}
publisher: Nero AG
comments: Nero AG
contact: http://www.nero.com
help link: http://support.nero.com
help telephone: xxxxxxxxxxxxxx

iTunes 8.0.1.11 ({DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843})
version: 134217729
version (major): 8
estimated size: 89733
install date: 20081105
install location: C:\Program Files\iTunes\
install source: C:\Users\Joe\AppData\Local\Temp\IXP108.TMP\
uninstall cmd: MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

UnloadSupport 1.00.0000 ({E06F04B9-45E6-4AC0-8083-85F7515F40F7})
version: 16777216
version (major): 1
estimated size: 4137
install date: 20081130
install source: C:\Users\Joe\AppData\Local\Temp\7zS97F7.tmp\setup\UnloadSupport\
publisher: Hewlett-Packard

Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) 8.00.761 ({E09B48B5-E141-427A-AB0C-D3605127224A})
version: 134218489
version (major): 8
estimated size: 70731
install date: 20070216
install source: C:\Program Files\Sony Setup\Vegas 7.0\mediamgr\msde\Setup\
uninstall cmd: MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
publisher: Microsoft Corporation

HPProductAssistant 53.0.13.000 ({E3F90083-80D4-4b5a-87C7-E97E12F5516D})
version: 889192461
version (major): 53
estimated size: 3115
install date: 20061108
install source: d:\setup\hpproductassistant\
publisher: Hewlett-Packard

Digital Line Detect 1.21 ({E646DCF0-5A68-11D5-B229-002078017FBF})
version: 18153472
install date: 20070514
install location: C:\Program Files\Digital Line Detect
uninstall cmd: C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\Setup.exe -runfromtemp -l0x0009 -removeonly
publisher: BVRP Software, Inc

Adobe Help Center 1.0 001.000.000 ({E9787678-1033-0000-8E67-000000000001})
version: 16777216
version (major): 1
estimated size: 21738
install date: 20061109
install location: C:\Program Files\Adobe\Adobe Help Center\
install source: E:\Adobe(R) Photoshop(R) CS2\Help Center\
uninstall cmd: MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
publisher: Adobe Systems
comments: Your Comments
contact: Customer Support Department
help link: http://www.adobe.com
help telephone: 1-555-555-4505

SolutionCenter 50.0.152.000 ({EA103B64-C0E4-4C0E-A506-751590E1653D})
version: 838860952
version (major): 50
estimated size: 8009
install date: 20061108
install source: d:\setup\SolutionCenter\
publisher: Hewlett-Packard

Adobe Stock Photos 1.0 1.0.8 ({EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A})
version: 16777224
version (major): 1
estimated size: 16046
install date: 20061109
install location: C:\Program Files\Adobe\Adobe Stock Photos\
install source: C:\Users\Joe\LOCALS~1\Temp\
uninstall cmd: MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
publisher: Adobe Systems
comments: Your Comments
contact: Customer Support Department
help link: http://www.adobe.com
help telephone: 1-555-555-4505

EA Download Manager 4.0.0.396 ({EF7E931D-DC84-471B-8DB6-A83358095474})
version: 67108864
version (major): 4
estimated size: 6743
install date: 20080908
install location: C:\Program Files\Electronic Arts\EADM\
install source: C:\Users\Joe\AppData\Local\Downloaded Installations\{B53F885B-B542-41E4-BE36-D905F5251107}\
publisher: Electronic Arts

Max Payne 2 1.01.102 ({EFE1AB94-5466-4B6E-BE31-FF4C115FD25D})
version: 16842854
install location: C:\Program Files\Rockstar Games\Max Payne 2
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}\Setup.exe" -l0x9

32 Bit HP CIO Components Installer 1.0.0 ({F1E63043-54FC-429B-AB2C-31AF9FBA4BC7})
version: 16777216
version (major): 1
estimated size: 212
install date: 20081130
install source: C:\Users\Joe\AppData\Local\Temp\7zS97F7.tmp\drivers\dot4\wrapper\
uninstall cmd: MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
publisher: Hewlett-Packard

FxVisor 1.3.0 ({F691A1F5-2789-46CE-A45A-57763198D384})
version: 16973824
version (major): 1
version (minor): 3
estimated size: 412
install date: 20071002
install source: C:\Users\Joe\Downloads\
uninstall cmd: MsiExec.exe /I{F691A1F5-2789-46CE-A45A-57763198D384}
publisher: Frameworkx
comments: Vista Shortcut Overlay Remover
contact: Frameworkx.com
help link: http://www.frameworkx.com

HP Deskjet Printer Driver Software 8.0.C 8.0 ({FB79A6DF-44D2-40a6-9FFC-34BDEEBD980B})
uninstall cmd: C:\Program Files\HP\Digital Imaging\{FB79A6DF-44D2-40a6-9FFC-34BDEEBD980B}\setup\hpzscr01.exe -datfile hppscr22.dat -onestop -showdisconnect -forcereboot
publisher: HP
help link: http://www.hp.com/support

ViewSonic Windows Vista Signed Files ({FC47C7A5-BE63-11D5-B7C9-005004566E4D})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC47C7A5-BE63-11D5-B7C9-005004566E4D}\Setup.exe" -l0x9

TrayApp 82.0.188.000 ({FF075778-6E50-47ed-991D-3B07FD4E3250})
version: 1375731900
version (major): 82
estimated size: 410
install date: 20081130
install source: C:\Users\Joe\AppData\Local\Temp\7zS97F7.tmp\setup\TrayApp\
publisher: Hewlett-Packard



--- System Services ---
Service (registry key): .NET CLR Data
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET CLR Networking
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for Oracle
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for SqlServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NETFramework
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): abp480n5
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: abp480n5
Image path: \SystemRoot\system32\DRIVERS\ABP480N5.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ACPI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft ACPI Driver
Image path: system32\drivers\acpi.sys
Image size: 258232
Image MD5: 84FC6DF81212D16BE5C4F441682FECCC
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): Adobe LM Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Adobe LM Service
Description: AdobeLM Service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
Image size: 72704
Image MD5: C1EB9968EC89FBA5F3A264E2E57923AB
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): adp94xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\adp94xx.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpahci
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\adpahci.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu160m
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\adpu160m.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu320
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\adpu320.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): adsi
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): AeLookupSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\aelupsvc.dll,-1
Description: @%SystemRoot%\system32\aelupsvc.dll,-2
Object name: localSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): AFD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Ancilliary Function Driver for Winsock
Description: Ancilliary Function Driver for Winsock
Image path: \SystemRoot\system32\drivers\afd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): agp440
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel AGP Bus Filter
Image path: \SystemRoot\system32\drivers\agp440.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Aha154x
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Aha154x
Image path: \SystemRoot\system32\DRIVERS\aha154x.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78u2
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: aic78u2
Image path: \SystemRoot\system32\DRIVERS\aic78u2.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\djsvs.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): AlertService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) Alert Service
Description: This service reports the notices from Intel® Viiv™ software. If this service is stopped or disabled, components of Intel Viiv software that depend on the notices will not receive them.
Object name: LocalSystem
Image path: "C:\Program Files\Intel\IntelDH\CCU\AlertService.exe"
Image size: 195032
Image MD5: 80F4A5260FC8F95185313A1D229239CE
Control Set: CurrentControlSet
Start: 4
Type: 272
Error Control: 1

Service (registry key): ALG
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\Alg.exe,-112
Description: @%SystemRoot%\system32\Alg.exe,-113
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 58880
Image MD5: E69FB0E3112C40FDC0EF7D21A52DC951
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): aliide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\aliide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): amdagp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AMD AGP Bus Filter Driver
Image path: \SystemRoot\system32\drivers\amdagp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): amdide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\amdide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): AmdK7
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AMD K7 Processor Driver
Image path: \SystemRoot\system32\drivers\amdk7.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): AmdK8
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AMD K8 Processor Driver
Image path: \SystemRoot\system32\drivers\amdk8.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): amsint
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: amsint
Image path: \SystemRoot\system32\DRIVERS\amsint.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Appinfo
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\appinfo.dll,-100
Description: @%systemroot%\system32\appinfo.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,ProfSvc

Service (registry key): Apple Mobile Device
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Apple Mobile Device
Description: Provides the interface to Apple mobile devices.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
Image size: 116040
Image MD5: B8E865D24F2753A35CC2A9A6A3CE1AD4
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: Tcpip

Service (registry key): AppMgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): arc
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\arc.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): arcsas
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\arcsas.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: asc
Image path: \SystemRoot\system32\DRIVERS\asc.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3350p
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: asc3350p
Image path: \SystemRoot\system32\DRIVERS\asc3350p.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3550
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: asc3550
Image path: \SystemRoot\system32\DRIVERS\asc3550.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ASP.NET_1.1.4322
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ASP.NET_2.0.50727
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): aswFsBlk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: aswFsBlk
Description: avast! mini-filter driver (aswFsBlk)
Image path: system32\DRIVERS\aswFsBlk.sys
Image size: 20560
Image MD5: AD3BF0F023C8C446C5CAE6C5DB36C836
Control Set: CurrentControlSet
Start: 2
Type: 2
Error Control: 1
Depends On services: FltMgr

Service (registry key): aswMonFlt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: aswMonFlt
Description: avast! mini-filter driver (aswMonFlt)
Image path: system32\DRIVERS\aswMonFlt.sys
Image size: 51792
Image MD5: F58E12DA806915C70245A521D4CEF792
Control Set: CurrentControlSet
Start: 2
Type: 2
Error Control: 1
Depends On services: FltMgr

Service (registry key): aswRdr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: aswRdr
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: tcpip

Service (registry key): aswSP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: avast! Self Protection
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): aswTdi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: avast! Network Shield Support
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: tcpip

Service (registry key): aswUpdSv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: avast! iAVS4 Control Service
Description: Provides automatic updating for the avast! antivirus.
Object name: LocalSystem
Image path: "C:\Program Files\Avast4\aswUpdSv.exe"
Image size: 18752
Image MD5: 118F964817982E771B8953DF2E99E3AB
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1

Service (registry key): AsyncMac
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: RAS Asynchronous Media Driver
Description: RAS Asynchronous Media Driver
Image path: system32\DRIVERS\asyncmac.sys
Image size: 17408
Image MD5: E86CF7CE67D5DE898F27EF884DC357D8
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): atapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IDE Channel
Image path: \SystemRoot\system32\drivers\atapi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): AudioEndpointBuilder
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\audiosrv.dll,-204
Description: @%SystemRoot%\System32\audiosrv.dll,-205
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay

Service (registry key): Audiosrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\audiosrv.dll,-200
Description: @%SystemRoot%\System32\audiosrv.dll,-201
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: AudioEndpointBuilder,RpcSs,MMCSS

Service (registry key): avast! Antivirus
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: avast! Antivirus
Description: Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler.
Object name: LocalSystem
Image path: "C:\Program Files\Avast4\ashServ.exe"
Image size: 155160
Image MD5: E1D075B489A5E6E294E968501184C5F6
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: aswMonFlt,RpcSS

Service (registry key): avast! Web Scanner
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: avast! Web Scanner
Description: Implements web (HTTP) scanning for avast! antivirus.
Object name: LocalSystem
Image path: "C:\Program Files\Avast4\ashWebSv.exe" /service
Image size: 352920
Image MD5: B9FD2B7A954A45963C3BF932DB10A633
Control Set: CurrentControlSet
Start: 3
Type: 272
Error Control: 1
Depends On services: "avast! Antivirus"

Service (registry key): BattC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Beep
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Beep
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): BFE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\bfe.dll,-1001
Description: @%SystemRoot%\system32\bfe.dll,-1002
Object name: NT AUTHORITY\LocalService
Image path: %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): BITS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\qmgr.dll,-1000
Description: @%SystemRoot%\system32\qmgr.dll,-1001
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,EventSystem

Service (registry key): blbdrive
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\blbdrive.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Bonjour Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bonjour Service
Description: Bonjour allows applications like iTunes and Safari to advertise and discover services on the local network. Having Bonjour running enables you to connect to hardware devices like Apple TV and software services like iTunes sharing and AirTunes. If you disable Bonjour, any network service that explicitly depends on it will fail to start.
Object name: LocalSystem
Image path: "C:\Program Files\Bonjour\mDNSResponder.exe"
Image size: 238888
Image MD5: 9EFE4236F8670846B6E7C5B0EFF6E715
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: Tcpip

Service (registry key): bowser
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bowser
Description: Implements the datagram receiver for the computer browser browser service.
Image path: system32\DRIVERS\bowser.sys
Image size: 69632
Image MD5: 913CD06FBE9105CE6077E90FD4418561
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): BrFiltLo
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother USB Mass-Storage Lower Filter Driver
Image path: \SystemRoot\system32\drivers\brfiltlo.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BrFiltUp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother USB Mass-Storage Upper Filter Driver
Image path: \SystemRoot\system32\drivers\brfiltup.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Browser
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\browser.dll,-100
Description: @%systemroot%\system32\browser.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,LanmanServer

Service (registry key): Brserid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother MFC Serial Port Interface Driver (WDM)
Image path: \SystemRoot\system32\drivers\brserid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): BrSerWdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother WDM Serial driver
Image path: \SystemRoot\system32\drivers\brserwdm.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): BrUsbMdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother MFC USB Fax Only Modem
Image path: \SystemRoot\system32\drivers\brusbmdm.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): BrUsbSer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother MFC USB Serial WDM Driver
Image path: \SystemRoot\system32\drivers\brusbser.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth PAN Network Adapter
Image path: system32\DRIVERS\btnetdrv.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Btcsrusb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth USB For Bluetooth Service
Image path: System32\Drivers\btcusb.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BthEnum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth Enumerator Service
Image path: system32\DRIVERS\BthEnum.sys
Image size: 19456
Image MD5: CF97C2D6A011EE9403B42191B5F95BA8
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BtHidBus
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth HID Bus Service
Image path: System32\Drivers\BtHidBus.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): BTHMODEM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth Serial Communications Driver
Image path: system32\DRIVERS\bthmodem.sys
Image size: 39936
Image MD5: AD07C1EC6665B8B35741AB91200C6B68
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BthPan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Image path: system32\DRIVERS\bthpan.sys
Image size: 92160
Image MD5: B8C3D9DDF85FD197C3E5F849FEF71144
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BTHPORT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth Port Driver
Image path: System32\Drivers\BTHport.sys
Image size: 220160
Image MD5: 4A74BBB2B6761789F42A6613479BDB1D
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BthServ
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\bthserv.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k bthsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: rpcss

Service (registry key): BTHUSB
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth Radio USB Driver
Image path: System32\Drivers\BTHUSB.sys
Image size: 29184
Image MD5: 1A407F9B707A06F55AA150F9AA072B09
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): cd20xrnt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: cd20xrnt
Image path: \SystemRoot\system32\DRIVERS\cd20xrnt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): cdfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD/DVD File System Reader
Description: ISO9660/Joliet File System Reader for CD/DVDs. (Core) (All pieces)
Image path: system32\DRIVERS\cdfs.sys
Image size: 70144
Image MD5: 6C3A437FC873C6F6A4FC620B6888CB86
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"

Service (registry key): cdrom
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD-ROM Driver
Image path: system32\DRIVERS\cdrom.sys
Image size: 67072
Image MD5: 8D1866E61AF096AE8B582454F5E4D303
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): CertPropSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\certprop.dll,-11
Description: @%SystemRoot%\System32\certprop.dll,-12
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): circlass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Consumer IR Devices
Image path: \SystemRoot\system32\drivers\circlass.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): CLFS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Common Log (CLFS)
Description: Common Log (CLFS)
Image path: System32\CLFS.sys
Image size: 224824
Image MD5: 1B84FD0937D3B99AF9BA38DDFF3DAF54
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): clr_optimization_v2.0.50727_32
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft .NET Framework NGEN v2.0.50727_X86
Description: Microsoft .NET Framework NGEN
Object name: LocalSystem
Image path: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Image size: 70144
Image MD5: 234B1BC2796483E1F5C3F26649FB3388
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0

Service (registry key): cmdide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\cmdide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): Compbatt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Composite Battery Driver
Image path: \SystemRoot\system32\drivers\compbatt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): COMSysApp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @comres.dll,-947
Description: @comres.dll,-948
Object name: LocalSystem
Image path: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Image size: 7168
Image MD5: BE01E566D1F569AAB32D0335613E1EEA
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RpcSs,EventSystem,SENS

Service (registry key): Cpqarray
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Cpqarray
Image path: \SystemRoot\system32\DRIVERS\cpqarray.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): crcdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Crcdisk Filter Driver
Image path: system32\drivers\crcdisk.sys
Image size: 22632
Image MD5: 2A213AE086BBEC5E937553C7D9A2B22C
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): Crusoe
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Transmeta Crusoe Processor Driver
Image path: \SystemRoot\system32\drivers\crusoe.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): crypt32
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): CryptSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Cryptographic Services
Description: @%SystemRoot%\system32\cryptsvc.dll,-1002
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): CscService
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): dac2w2k
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: dac2w2k
Image path: \SystemRoot\system32\DRIVERS\dac2w2k.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): dac960nt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: dac960nt
Image path: \SystemRoot\system32\DRIVERS\dac960nt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): DCLocator
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): DcomLaunch
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @oleres.dll,-5012
Description: @oleres.dll,-5013
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k DcomLaunch
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): DfsC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Dfs Client Driver
Description: Dfs Client Driver
Image path: System32\Drivers\dfsc.sys
Image size: 74752
Image MD5: A7179DE59AE269AB70345527894CCD7C
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Depends On services: Mup

Service (registry key): DFSR
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @dfsrres.dll,-101
Description: @dfsrres.dll,-102
Object name: LocalSystem
Image path: %SystemRoot%\system32\DFSR.exe
Image size: 2089984
Image MD5: E0D584AA76C7D845BA9F3A788260528F
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RpcSs,EventSystem

Service (registry key): Dhcp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\dhcpcsvc.dll,-100
Description: @%SystemRoot%\system32\dhcpcsvc.dll,-101
Object name: NT Authority\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: NSI,Tdx,Afd

Service (registry key): disk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Disk Driver
Image path: system32\drivers\disk.sys
Image size: 52840
Image MD5: 841AF4C4D41D3E3B2F244E976B0F7963
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): Dnscache
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DNS Client
Description: @%SystemRoot%\System32\dnsapi.dll,-102
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Tdx

Service (registry key): dot3svc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\dot3svc.dll,-1102
Description: @%systemroot%\system32\dot3svc.dll,-1103
Object name: localSystem
Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,Ndisuio,Eaphost

Service (registry key): Dot4
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MS IEEE-1284.4 Driver
Image path: system32\DRIVERS\Dot4.sys
Image size: 131584
Image MD5: 57B2D433A08B95E4F1B53A919937F3E5
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Dot4Print
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Print Class Driver for IEEE-1284.4
Image path: system32\DRIVERS\Dot4Prt.sys
Image size: 16384
Image MD5: D93FA484BB62FBE7E5EF335C5415D3CF
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): dot4usb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MS Dot4USB Filter Dot4USB Filter
Image path: system32\DRIVERS\dot4usb.sys
Image size: 36864
Image MD5: 599742C4260FB3E8EDB3BE148B8CE856
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): DPS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Diagnostic Policy Service
Description: @%systemroot%\system32\dps.dll,-501
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): dpti2o
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: dpti2o
Image path: \SystemRoot\system32\DRIVERS\dpti2o.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): DQLWinService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DQLWinService
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe"
Image size: 208896
Image MD5: A0B584C33F55545D56F9E71FB4E203AC
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 0

Service (registry key): drmkaud
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel DRM Audio Descrambler
Image path: system32\drivers\drmkaud.sys
Image size: 5632
Image MD5: EE472CD2C01F6F8E8AA1FA06FFEF61B6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): DSproct
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DSproct
Image path: \??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): DXGKrnl
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: LDDM Graphics Subsystem
Description: Controls the underlying video driver stacks to provide fully-featured display capabilities.
Image path: \SystemRoot\System32\drivers\dxgkrnl.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): e1express
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) PRO/1000 PCI Express Network Connection Driver
Image path: system32\DRIVERS\e1e6032.sys
Image size: 217728
Image MD5: 4A326A583E97C04FC2A636B10558BAE3
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): E1G60
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) PRO/1000 NDIS 6 Adapter Driver
Image path: system32\DRIVERS\E1G60I32.sys
Image size: 117760
Image MD5: F88FB26547FD2CE6D0A5AF2985892C48
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): EapHost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\eapsvc.dll,-1
Description: @%systemroot%\system32\eapsvc.dll,-2
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS,KeyIso

Service (registry key): Ecache
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ReadyBoost Caching Driver
Description: ReadyBoost Caching Driver
Image path: System32\drivers\ecache.sys
Image size: 132200
Image MD5: 0EFC7531B936EE57FDB4E837664C509F
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): ehRecvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\ehome\ehrecvr.exe,-101
Description: @%SystemRoot%\ehome\ehrecvr.exe,-102
Object name: NT AUTHORITY\networkService
Image path: %systemroot%\ehome\ehRecvr.exe
Image size: 291840
Image MD5: B4580122B0A7B263B6EE9ACBA69C8013
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Depends On services: RPCSS

Service (registry key): ehSched
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\ehome\ehsched.exe,-101
Description: @%SystemRoot%\ehome\ehsched.exe,-102
Object name: NT AUTHORITY\networkService
Image path: %systemroot%\ehome\ehsched.exe
Image size: 131072
Image MD5: AD1870C8E5D6DD340C829E6074BF3C3F
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Depends On services: RPCSS

Service (registry key): ehstart
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\ehome\ehstart.dll,-101
Description: @%SystemRoot%\ehome\ehstart.dll,-102
Object name: NT AUTHORITY\LocalService
Image path: %windir%\system32\svchost.exe -k LocalServiceNoNetwork
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS

Service (registry key): ELacpi
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ELacpi.sys
Image size: 9728
Image MD5: 0923AEC043F5D355B4EF0C2B29A362DE
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ELhid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: EL hid Service
Description: Elhid
Image path: \??\C:\WINDOWS\System32\Drivers\Elhid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): ELkbd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: EL KB Service
Description: ELkbd
Image path: \??\C:\WINDOWS\System32\Drivers\Elkbd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): ELmon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: EL Monitor Service
Description: ELmon
Image path: \??\C:\WINDOWS\System32\Drivers\Elmon.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): ELmou
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: EL Mouse Service
Description: ELmou
Image path: \??\C:\WINDOWS\System32\Drivers\Elmou.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): ELService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) Quick Resume technology
Description: Intel(R) Quick Resume Technology Service
Object name: LocalSystem
Image path: C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
Image size: 180224
Image MD5: 47FCF6628E1A221C41F3F0130FBF258E
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: Winmgmt

Service (registry key): elxstor
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\elxstor.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): EmdCache
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): EMDMgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\emdmgmt.dll,-1000
Description: @%SystemRoot%\system32\emdmgmt.dll,-1001
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: rpcss,ecache,slsvc,fileinfo

Service (registry key): ESENT
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Eventlog
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\wevtsvc.dll,-200
Description: @%SystemRoot%\system32\wevtsvc.dll,-201
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): EventSystem
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @comres.dll,-2450
Description: @comres.dll,-2451
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: rpcss

Service (registry key): fastfat
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: FAT12/16/32 File System Driver
Description: Note - dependance on CDROM.SYS only if required to read/write DVD-RAM media (which appears as CD class device). (Core) (All pieces)
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): fdc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Floppy Disk Controller Driver
Image path: system32\DRIVERS\fdc.sys
Image size: 25088
Image MD5: 63BDADA84951B9C03E641800E176898A
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): fdPHost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\fdPHost.dll,-100
Description: @%systemroot%\system32\fdPHost.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,http

Service (registry key): FDResPub
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\fdrespub.dll,-100
Description: @%systemroot%\system32\fdrespub.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,http

Service (registry key): FileInfo
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: File Information FS MiniFilter
Description: Collects information about files in memory to be consumed by other system services.
Image path: system32\drivers\fileinfo.sys
Image size: 56424
Image MD5: 65773D6115C037FFD7EF8280AE85EB9D
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1
Depends On services: fltmgr

Service (registry key): Filetrace
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: FileTrace
Description: ETW File Trace Filter
Image path: system32\drivers\filetrace.sys
Image size: 27648
Image MD5: C226DD0DE060745F3E042F58DCF78402
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: FltMgr

Service (registry key): flpydisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Floppy Disk Driver
Image path: system32\DRIVERS\flpydisk.sys
Image size: 20480
Image MD5: 6603957EFF5EC62D25075EA8AC27DE68
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): FltMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: FltMgr
Description: File System Filter Manager Driver
Image path: system32\drivers\fltmgr.sys
Image size: 183912
Image MD5: A6A8DA7AE4D53394AB22AC3AB6D3F5D3
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 3

Service (registry key): FontCache3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\PresentationHost.exe,-3309
Description: @%SystemRoot%\system32\PresentationHost.exe,-3310
Object name: NT Authority\LocalService
Image path: %systemroot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
Image size: 36864
Image MD5: 993883524AA9CF1C90E1545411A9AC9C
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): Fs_Rec
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 8
Error Control: 0

Service (registry key): gagp30kx
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms
Image path: \SystemRoot\system32\drivers\gagp30kx.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): GEARAspiWDM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: GEAR ASPI Filter Driver
Image path: System32\Drivers\GEARAspiWDM.sys
Image size: 15464
Image MD5: AB8A6A87D9D7255C3884D5B9541A6E80
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): gpsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @gpapi.dll,-112
Description: @gpapi.dll,-113
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,Mup

Service (registry key): HdAudAddService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft 1.1 UAA Function Driver for High Definition Audio Service
Image path: system32\drivers\HdAudio.sys
Image size: 235520
Image MD5: CB04C744BE0A61B1D648FAED182C3B59
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): HDAudBus
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft UAA Bus Driver for High Definition Audio
Image path: system32\DRIVERS\HDAudBus.sys
Image size: 53760
Image MD5: 0DB613A7E427B5663563677796FD5258
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): HidBth
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Bluetooth HID Miniport
Image path: \SystemRoot\system32\drivers\hidbth.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0

Service (registry key): HidIr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Infrared HID Driver
Image path: \SystemRoot\system32\drivers\hidir.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0

Service (registry key): hidserv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\hidserv.dll,-101
Description: @%SystemRoot%\System32\hidserv.dll,-102
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): HidUsb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft HID Class Driver
Image path: system32\DRIVERS\hidusb.sys
Image size: 12288
Image MD5: 3C64042B95E583B366BA4E5D2450235E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): hkmsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\kmsvc.dll,-6
Description: @%SystemRoot%\system32\kmsvc.dll,-7
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): HpCISSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\hpcisss.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): hpn
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: hpn
Image path: \SystemRoot\system32\DRIVERS\hpn.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): hpqcxs08
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: hpqcxs08
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k hpdevmgmt
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): hpqddsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: HP CUE DeviceDiscovery Service
Description: This service detects and monitors CUE devices on the system.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k hpdevmgmt
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): HSF_DPV
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\HSX_DPV.sys
Image size: 986624
Image MD5: 53229DCF431D76434816CD29251168A0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): HSXHWBS2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\HSXHWBS2.sys
Image size: 258048
Image MD5: ED98350ECD4A5A9C9F1E641C09872BB2
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): HTTP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: HTTP
Description: This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start.
Image path: system32\drivers\HTTP.sys
Image size: 385536
Image MD5: F31D27CCF514549A17E79BEBE01B40B6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): i2omp
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\i2omp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): i8042prt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: i8042 Keyboard and PS/2 Mouse Port Driver
Image path: system32\DRIVERS\i8042prt.sys
Image size: 54784
Image MD5: 1C9EE072BAA3ABB460B91D7EE9152660
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): IAANTMON
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) Matrix Storage Event Monitor
Object name: LocalSystem
Image path: C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
Image size: 355096
Image MD5: AE38A12F79A4980DDB88F36514F8A1DA
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): iaStor
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel RAID Controller
Image path: system32\drivers\iastor.sys
Image size: 304920
Image MD5: 997E8F5939F2D12CD9F2E6B395724C16
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): iaStorV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel RAID Controller Vista
Image path: system32\DRIVERS\iaStorV.sys
Image size: 232040
Image MD5: C957BF4B5D80B46C5017BF0101E6C906
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): IDriverT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: InstallDriver Table Manager
Description: Provides support for the Running Object Table for InstallShield Drivers
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
Image size: 69632
Image MD5: 1CF03C69B49ACB70C722DF92755C0C8C
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0

Service (registry key): idsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193
Description: @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8192
Object name: LocalSystem
Image path: "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
Image size: 864256
Image MD5: E7CC3AEAED9893A88876744CD439F76C
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): iirsp
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\iirsp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): IKEEXT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\ikeext.dll,-501
Description: @%SystemRoot%\system32\ikeext.dll,-502
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: BFE

Service (registry key): inetaccs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ini910u
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ini910u
Image path: \SystemRoot\system32\DRIVERS\ini910u.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): IntelDH
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IntelDH Driver
Image path: System32\Drivers\IntelDH.sys
Image size: 5504
Image MD5: B7A420E4B137176234272D5CA9D51A49
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): intelide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\intelide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): intelppm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel Processor Driver
Image path: system32\DRIVERS\intelppm.sys
Image size: 39424
Image MD5: CE44CC04262F28216DD4341E9E36A16F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): IPBusEnum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\IPBusEnum.dll,-102
Description: @%systemroot%\system32\IPBusEnum.dll,-103
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,fdPHost

Service (registry key): IpFilterDriver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Image path: system32\DRIVERS\ipfltdrv.sys
Image size: 47104
Image MD5: 880C6F86CC3F551B8FEA2C11141268C0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): iphlpsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\iphlpsvc.dll,-200
Description: @%SystemRoot%\system32\iphlpsvc.dll,-201
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k NetSvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSS,Tdx,winmgmt,tcpip,nsi

Service (registry key): IpInIp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP in IP Tunnel Driver
Description: IP in IP Tunnel Driver
Image path: system32\DRIVERS\ipinip.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IPMIDRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\ipmidrv.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): IPNAT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP Network Address Translator
Description: IP Network Address Translator
Image path: system32\DRIVERS\ipnat.sys
Image size: 99840
Image MD5: 10077C35845101548037DF04FD1A420B
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): iPod Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: iPod Service
Description: iPod hardware management services
Object name: LocalSystem
Image path: "C:\Program Files\iPod\bin\iPodService.exe"
Image size: 536872
Image MD5: D2E8EFB8AF35FCF5A7AF22F5A0CE1A82
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RpcSs

Service (registry key): IRENUM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IR Bus Enumerator
Description: IR Bus Enumerator
Image path: system32\drivers\irenum.sys
Image size: 13312
Image MD5: A82F328F4792304184642D6D397BB1E3
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): isapnp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PnP ISA/EISA Bus Driver
Image path: \SystemRoot\system32\drivers\isapnp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): iScsiPrt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: iScsiPort Driver
Image path: system32\DRIVERS\msiscsi.sys
Image size: 168552
Image MD5: 4DCA456D4D5723F8FA9C6760D240B0DF
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ISSM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) Software Services Manager
Object name: LocalSystem
Image path: "C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe"
Image size: 81880
Image MD5: B8B728563E3DF6F8A66E1A02B402903B
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: winmgmt,RpcSs

Service (registry key): iteatapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ITEATAPI_Service_Install
Image path: \SystemRoot\system32\drivers\iteatapi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): iteraid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ITERAID_Service_Install
Image path: \SystemRoot\system32\drivers\iteraid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): IvtBtBUs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IVT Bluetooth Bus Service
Image path: System32\Drivers\IvtBtBus.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): kbdclass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Keyboard Class Driver
Image path: system32\DRIVERS\kbdclass.sys
Image size: 35384
Image MD5: B076B2AB806B3F696DAB21375389101C
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): kbdhid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Keyboard HID Driver
Image path: system32\DRIVERS\kbdhid.sys
Image size: 15872
Image MD5: ED61DBC6603F612B7338283EDBACBC4B
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): KeyIso
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @keyiso.dll,-100
Description: @keyiso.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 7680
Image MD5: 6A0E382E74280E4CC0DF17FE2661D003
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): KSecDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\Drivers\ksecdd.sys
Image size: 407144
Image MD5: 11D0BC1F2AFD8ABBB5A3DC47A042DE54
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): KtmRm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @comres.dll,-2946
Description: @comres.dll,-2947
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\System32\svchost.exe -k NetworkService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,SamSS

Service (registry key): LanmanServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\srvsvc.dll,-100
Description: @%systemroot%\system32\srvsvc.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: SamSS,Srv

Service (registry key): LanmanWorkstation
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\wkssvc.dll,-100
Description: @%systemroot%\system32\wkssvc.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Bowser,MRxSmb10,MRxSmb20,NSI

Service (registry key): ldap
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): lltdio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Link-Layer Topology Discovery Mapper I/O Driver
Image path: system32\DRIVERS\lltdio.sys
Image size: 47104
Image MD5: FD015B4F95DAA2B712F0E372A116FBAD
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1

Service (registry key): lltdsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\lltdres.dll,-1
Description: @%SystemRoot%\system32\lltdres.dll,-2
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: rpcss,lltdio

Service (registry key): lmhosts
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\lmhsvc.dll,-101
Description: @%SystemRoot%\system32\lmhsvc.dll,-102
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: NetBT,Afd

Service (registry key): Lsa
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): LSI_FC
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\lsi_fc.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): LSI_SAS
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\lsi_sas.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): LSI_SCSI
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\lsi_scsi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): luafv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: UAC File Virtualization
Description: Virtualizes file write failures to per-user locations.
Image path: \SystemRoot\system32\drivers\luafv.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 2
Error Control: 1
Depends On services: FltMgr

Service (registry key): M1 Server
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) Viiv(TM) Media Server
Object name: .\IUSR_NMPR
Image path: C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
Image size: 32216
Image MD5: 8E5AA8C4D15D06F1C2EC1C79E7207DD7
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 1
Depends On services: winmgmt,ISSM,SSDPSRV

Service (registry key): MCLServiceATL
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) Application Tracker
Object name: LocalSystem
Image path: "C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe"
Image size: 174552
Image MD5: BB32D71031687CEEBC24B9E160ABCBA9
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 1
Depends On services: winmgmt,RpcSs

Service (registry key): Mcx2Svc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\ehome\ehres.dll,-15501
Description: @%SystemRoot%\ehome\ehres.dll,-15502
Object name: NT Authority\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: SSDPSRV,IPBusEnum,TermService,fdphost

Service (registry key): MDM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Machine Debug Manager
Description: Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
Image size: 322120
Image MD5: 11F714F85530A2BD134074DC30E99FCA
Control Set: CurrentControlSet
Start: 4
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): mdmxsdk
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\mdmxsdk.sys
Image size: 12672
Image MD5: 0CEA2D0D3FA284B85ED5B68365114F76
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0

Service (registry key): megasas
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\megasas.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): MHN
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MHN
Description: Multimedia Home Networking (MHN) is a networking platform for Audio Video (AV) streaming applications on IP home networks. MHN enhances AV streaming performance and reliability by ensuring network quality-of-service (QoS) for AV applications by providing mechanisms for admission control, run time monitoring and enforcement, application feedback, and traffic prioritization.
Object name: LocalSystem
Image path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: TcpIp,Afd,RpcSs,mhndrv

Service (registry key): MHNDRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MHN driver
Description: Multimedia Home Network component driver
Image path: system32\DRIVERS\mhndrv.sys
Image size: 11008
Image MD5: 7F2F1D2815A6449D346FCCCBC569FBD6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Microsoft Office Groove Audit Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Office Groove Audit Service
Object name: NT AUTHORITY\LocalService
Image path: "C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe"
Image size: 68464
Image MD5: 033B947AF4A997820E86FCB070B1F450
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): MMCSS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\mmcss.dll,-100
Description: @%systemroot%\system32\mmcss.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): Modem
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\drivers\modem.sys
Image size: 31744
Image MD5: 21755967298A46FB6ADFEC9DB6012211
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): monitor
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Monitor Class Function Driver Service
Image path: system32\DRIVERS\monitor.sys
Image size: 41984
Image MD5: 7446E104A5FE5987CA9E4983FBAC4F97
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): mouclass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mouse Class Driver
Image path: system32\DRIVERS\mouclass.sys
Image size: 34360
Image MD5: 5FBA13C1A1841B0885D316ED3589489D
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): mouhid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mouse HID Driver
Image path: system32\DRIVERS\mouhid.sys
Image size: 15872
Image MD5: B569B5C5D3BDE545DF3A6AF512CCCDBA
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): MountMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mount Point Manager
Image path: System32\drivers\mountmgr.sys
Image size: 54888
Image MD5: 01F1E5A3E4877C931CBB31613FEC16A6
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): mpio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Multi-Path Bus Driver
Image path: \SystemRoot\system32\drivers\mpio.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): mpsdrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\FirewallAPI.dll,-23092
Description: @%SystemRoot%\system32\FirewallAPI.dll,-23093
Image path: System32\drivers\mpsdrv.sys
Image size: 63488
Image MD5: 6E7A7F0C1193EE5648443FE2D4B789EC
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MpsSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\FirewallAPI.dll,-23090
Description: @%SystemRoot%\system32\FirewallAPI.dll,-23091
Object name: NT Authority\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: mpsdrv,bfe

Service (registry key): Mraid35x
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\mraid35x.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): MRxDAV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WebDav Client Redirector Driver
Description: WebDav Client Redirector Driver
Image path: \SystemRoot\system32\drivers\mrxdav.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: rdbss

Service (registry key): mrxsmb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SMB MiniRedirector Wrapper and Engine
Description: Implements the framework for the SMB filesystem redirector
Image path: system32\DRIVERS\mrxsmb.sys
Image size: 101888
Image MD5: 529B64F9735D27FEF1B8EA1678F8C79E
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: rdbss

Service (registry key): mrxsmb10
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SMB 1.x MiniRedirector
Description: Implements the SMB 1.x (CIFS) protocol. This protocol provides connectivity to network resources on pre-Windows Vista servers
Image path: system32\DRIVERS\mrxsmb10.sys
Image size: 211456
Image MD5: 2BBD3970018270D2C6A0B069F568154E
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: mrxsmb

Service (registry key): mrxsmb20
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SMB 2.0 MiniRedirector
Description: Implements the SMB 2.0 protocol, which provides connectivity to network resources on Windows Vista and later servers
Image path: system32\DRIVERS\mrxsmb20.sys
Image size: 58368
Image MD5: 30A67C7D8B80281028916DED6A64AEC9
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: mrxsmb

Service (registry key): msahci
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\msahci.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): msdsm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Multi-Path Device Specific Module
Image path: \SystemRoot\system32\drivers\msdsm.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): MSDTC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @comres.dll,-2797
Description: @comres.dll,-2798
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\System32\msdtc.exe
Image size: 106496
Image MD5: BC64A92D821EFEA8BAB8E8CAF1B668BC
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS,SamSS

Service (registry key): MSDTC Bridge 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Msfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): msisadrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ISA/EISA Class Driver
Image path: system32\drivers\msisadrv.sys
Image size: 13928
Image MD5: 5F454A16A5146CD91A176D70F0CFA3EC
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): MSiSCSI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\iscsidsc.dll,-5000
Description: @%SystemRoot%\system32\iscsidsc.dll,-5001
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): msiserver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\msimsg.dll,-27
Description: @%SystemRoot%\system32\msimsg.dll,-32
Object name: LocalSystem
Image path: %systemroot%\system32\msiexec /V
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: rpcss

Service (registry key): MSKSSRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Service Proxy
Image path: system32\drivers\MSKSSRV.sys
Image size: 8192
Image MD5: 892CEDEFA7E0FFE7BE8DA651B651D047
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPCLOCK
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Clock Proxy
Image path: system32\drivers\MSPCLOCK.sys
Image size: 5888
Image MD5: AE2CB1DA69B2676B4CEE2A501AF5871C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPQM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Quality Manager Proxy
Image path: system32\drivers\MSPQM.sys
Image size: 5504
Image MD5: F910DA84FA90C44A3ADDB7CD874463FD
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MsRPC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSSCNTRS
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): mssmbios
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft System Management BIOS Driver
Image path: system32\DRIVERS\mssmbios.sys
Image size: 28776
Image MD5: 4385C80EDE885E25492D408CAD91BD6F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSSQL$SONY_MEDIAMGR
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MSSQL$SONY_MEDIAMGR
Object name: LocalSystem
Image path: C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -sSONY_MEDIAMGR
Image size: 7520337
Image MD5: F80EEC5E1D6CDF82CB974DAADA0C57DD
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): MSSQLServerADHelper
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MSSQLServerADHelper
Object name: LocalSystem
Image path: C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
Image size: 66112
Image MD5: CB7524C21727404BD3140DCA32DEB7DE
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): MSTEE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Tee/Sink-to-Sink Converter
Image path: system32\drivers\MSTEE.sys
Image size: 6016
Image MD5: C826DD1373F38AFD9CA46EC3C436A14E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Mup
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mup
Description: Multiple UNC Provider
Image path: System32\Drivers\mup.sys
Image size: 46696
Image MD5: FA7AA70050CF5E2D15DE00941E5665E5
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1

Service (registry key): napagent
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\qagentrt.dll,-6
Description: @%SystemRoot%\system32\qagentrt.dll,-7
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\System32\svchost.exe -k NetworkService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): NativeWifiP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NativeWiFi Filter
Image path: system32\DRIVERS\nwifi.sys
Image size: 154624
Image MD5: 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NDIS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NDIS System Driver
Description: NDIS System Driver
Image path: system32\drivers\ndis.sys
Image size: 500840
Image MD5: 227C11E1E7CF6EF8AFB2A238D209760C
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): Ndisprot
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ArcNet NDIS Protocol Driver
Image path: \??\C:\Windows\system32\drivers\Ndisprot.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NdisTapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Image path: system32\DRIVERS\ndistapi.sys
Image size: 20480
Image MD5: 81659CDCBD0F9A9E07E6878AD8C78D3F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Ndisuio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NDIS Usermode I/O Protocol
Image path: system32\DRIVERS\ndisuio.sys
Image size: 16896
Image MD5: 5DE5EE546BF40838EBE0E01CB629DF64
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NdisWan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access NDIS WAN Driver
Description: Remote Access NDIS WAN Driver
Image path: system32\DRIVERS\ndiswan.sys
Image size: 118784
Image MD5: 397402ADCBB8946223A1950101F6CD94
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NDProxy
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Nero BackItUp Scheduler 3
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Nero BackItUp Scheduler 3
Description: Nero BackItUp Scheduler 3 is responsible to control all jobs created using Nero BackItUp 3. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP.
Object name: LocalSystem
Image path: C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
Image size: 877864
Image MD5: 40D7D0A208EE863BCA8D89E299216F15
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): Net Driver HPZ12
Registry path: \SYSTEM\CurrentControlSet\Services\
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k HPZ12
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): NetBIOS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetBIOS Interface
Description: NetBIOS Interface
Image path: system32\DRIVERS\netbios.sys
Image size: 35840
Image MD5: 356DBB9F98E8DC1028DD3092FCEEB877
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): netbt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NETBT
Description: This service implements NetBios over TCP/IP.
Image path: System32\DRIVERS\netbt.sys
Image size: 184320
Image MD5: E3A168912E7EEFC3BD3B814720D68B41
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: Tdx,tcpip

Service (registry key): Netlogon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\netlogon.dll,-102
Description: @%SystemRoot%\System32\netlogon.dll,-103
Object name: LocalSystem
Image path: %systemroot%\system32\lsass.exe
Image size: 7680
Image MD5: 6A0E382E74280E4CC0DF17FE2661D003
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): Netman
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\netman.dll,-109
Description: @%SystemRoot%\system32\netman.dll,-110
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,nsi

Service (registry key): netprofm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\netprof.dll,-246
Description: @%SystemRoot%\system32\netprof.dll,-247
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,nlasvc

Service (registry key): NetTcpPortSharing
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201
Description: @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8200
Object name: NT AUTHORITY\LocalService
Image path: "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Image size: 122880
Image MD5: F9102685F97F9BA85F4A70AFCF722CFE
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1

Service (registry key): nfrd960
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\nfrd960.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): NlaSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\nlasvc.dll,-1
Description: @%SystemRoot%\System32\nlasvc.dll,-2
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\System32\svchost.exe -k NetworkService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: NSI,RpcSs,TcpIp

Service (registry key): NMIndexingService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NMIndexingService
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe"
Image size: 529704
Image MD5: EBA1B4BF2E2375ABDADEDB649F283541
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): nmsgopro
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: GoProto Protocol Driver for NMS
Description: GoProto Protocol Driver for NMS
Image path: system32\DRIVERS\nmsgopro.sys
Image size: 28672
Image MD5: ACC8D7FC0DA793450F5F257D9CE4FF75
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1

Service (registry key): nmsunidr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: UniDriver for NMS
Image path: system32\DRIVERS\nmsunidr.sys
Image size: 7424
Image MD5: 64FA28C15DD71A80BEF3527E1EF07DF6
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0

Service (registry key): Npfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): nsi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\nsisvc.dll,-200
Description: @%SystemRoot%\system32\nsisvc.dll,-201
Object name: NT Authority\LocalService
Image path: %systemroot%\system32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: nsiproxy

Service (registry key): nsiproxy
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NSI proxy service
Description: NSI proxy service
Image path: system32\drivers\nsiproxy.sys
Image size: 16384
Image MD5: B488DFEC274DE1FC9D653870EF2587BE
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): NTDS
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Ntfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): ntrigdigi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: N-trig HID Tablet Driver
Image path: \SystemRoot\system32\drivers\ntrigdigi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Null
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): nvlddmkm
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\nvlddmkm.sys
Image size: 7379872
Image MD5: 00832A21237BA36901B5A3E499F2E197
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): nvraid
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\nvraid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): nvstor
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\nvstor.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): nvsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NVIDIA Display Driver Service
Description: Provides system and desktop level support to the NVIDIA display driver
Object name: LocalSystem
Image path: %SystemRoot%\system32\nvvsvc.exe
Image size: 196608
Image MD5: 24A4AD50C9B79C47DA3414B82B94C71C
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: nvlddmkm

Service (registry key): nv_agp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NVIDIA nForce AGP Bus Filter
Image path: \SystemRoot\system32\drivers\nv_agp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NwlnkFlt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPX Traffic Filter Driver
Description: IPX Traffic Filter Driver
Image path: system32\DRIVERS\nwlnkflt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: NwlnkFwd

Service (registry key): NwlnkFwd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPX Traffic Forwarder Driver
Description: IPX Traffic Forwarder Driver
Image path: system32\DRIVERS\nwlnkfwd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): odserv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Office Diagnostics Service
Description: Run portions of Microsoft Office Diagnostics.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
Image size: 443776
Image MD5: E54AA592A65F317390EEE386A8821692
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): ohci1394
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NEC FireWarden OHCI Compliant IEEE 1394 Host Controller
Image path: \SystemRoot\system32\drivers\ohci1394.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ose
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Office Source Engine
Description: Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Image size: 145184
Image MD5: 5A432A042DAE460ABE7199B758E8606C
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): Outlook
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): p2pimsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\p2psvc.dll,-8004
Description: @%SystemRoot%\system32\p2psvc.dll,-8005
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): p2psvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\p2psvc.dll,-8006
Description: @%SystemRoot%\system32\p2psvc.dll,-8007
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: p2pimsvc,PNRPSvc

Service (registry key): Parport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Parallel port driver
Image path: \SystemRoot\system32\drivers\parport.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): partmgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Partition Manager
Description: Disk class filter driver that auctions out partitions to volume managers
Image path: System32\drivers\partmgr.sys
Image size: 49256
Image MD5: 555A5B2C8022983BC7467BC925B222EE
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): Parvdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\parvdm.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0
Depends On services: Parport
Depends On group: "Parallel arbitrator"

Service (registry key): PcaSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\pcasvc.dll,-1
Description: @%SystemRoot%\system32\pcasvc.dll,-2
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): pci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PCI Bus Driver
Image path: system32\drivers\pci.sys
Image size: 140392
Image MD5: 1085D75657807E0E8B32F9E19A1647C3
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): pciide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\pciide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): pcmcia
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\pcmcia.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): pcouffin
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: VSO Software pcouffin
Image path: System32\Drivers\pcouffin.sys
Image size: 47360
Image MD5: 5B6C11DE7E839C05248CED8825470FEF
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): PEAUTH
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PEAUTH
Image path: system32\drivers\peauth.sys
Image size: 878080
Image MD5: 6349F6ED9C623B44B52EA3C63C831A92
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1

Service (registry key): PerfDisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfNet
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfOS
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfProc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): pla
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\pla.dll,-500
Description: @%systemroot%\system32\pla.dll,-501
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): PLFlash DeviceIoControl Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PLFlash DeviceIoControl Service
Object name: LocalSystem
Image path: C:\Windows\system32\IoctlSvc.exe
Image size: 81920
Image MD5: 875E4E0661F3A5994DF9E5E3A0A4F96B
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): PlugPlay
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\umpnpmgr.dll,-100
Description: @%SystemRoot%\system32\umpnpmgr.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k DcomLaunch
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): Pml Driver HPZ12
Registry path: \SYSTEM\CurrentControlSet\Services\
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k HPZ12
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): PNRPAutoReg
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\p2psvc.dll,-8002
Description: @%SystemRoot%\system32\p2psvc.dll,-8003
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: pnrpsvc

Service (registry key): PNRPsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\p2psvc.dll,-8000
Description: @%SystemRoot%\system32\p2psvc.dll,-8001
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: p2pimsvc

Service (registry key): PolicyAgent
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\polstore.dll,-5010
Description: @%SystemRoot%\system32\polstore.dll,-5011
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip,bfe

Service (registry key): PortProxy
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PptpMiniport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Image path: system32\DRIVERS\raspptp.sys
Image size: 61440
Image MD5: 6C359AC71D7B550A0D41F9DB4563CE05
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Processor
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Processor Driver
Image path: \SystemRoot\system32\drivers\processr.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ProfSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\profsvc.dll,-300
Description: @%systemroot%\system32\profsvc.dll,-301
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): ProtectedStorage
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\psbase.dll,-300
Description: @%systemroot%\system32\psbase.dll,-301
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 7680
Image MD5: 6A0E382E74280E4CC0DF17FE2661D003
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): PSched
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\drivers\pacer.sys,-101
Description: @%SystemRoot%\System32\drivers\pacer.sys,-101
Image path: system32\DRIVERS\pacer.sys
Image size: 70144
Image MD5: 2C8BAE55247C4E09352E870292E4D1AB
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): PxHelp20
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PxHelp20
Image path: System32\Drivers\PxHelp20.sys
Image size: 36528
Image MD5: FEFFCFDC528764A04C8ED63D5FA6E711
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): ql1080
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ql1080
Image path: \SystemRoot\system32\DRIVERS\ql1080.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Ql10wnt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Ql10wnt
Image path: \SystemRoot\system32\DRIVERS\ql10wnt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql12160
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ql12160
Image path: \SystemRoot\system32\DRIVERS\ql12160.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql1240
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ql1240
Image path: \SystemRoot\system32\DRIVERS\ql1240.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql1280
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ql1280
Image path: \SystemRoot\system32\DRIVERS\ql1280.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql2300
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: QLogic Fibre Channel Miniport Driver
Image path: \SystemRoot\system32\drivers\ql2300.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql40xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: QLogic iSCSI Miniport Driver
Image path: \SystemRoot\system32\drivers\ql40xx.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): QWAVE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\qwave.dll,-1
Description: @%SystemRoot%\system32\qwave.dll,-2
Object name: NT AUTHORITY\LocalService
Image path: %windir%\system32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: rpcss,psched,QWAVEdrv,LLTDIO

Service (registry key): QWAVEdrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\drivers\qwavedrv.sys,-1
Description: @%SystemRoot%\system32\drivers\qwavedrv.sys,-2
Image path: \SystemRoot\system32\drivers\qwavedrv.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): RasAcd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Image path: System32\DRIVERS\rasacd.sys
Image size: 11776
Image MD5: BD7B30F55B3649506DD8B3D38F571D2A
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): RasAuto
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%Systemroot%\system32\rasauto.dll,-200
Description: @%Systemroot%\system32\rasauto.dll,-201
Object name: localSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RasMan,Tapisrv

Service (registry key): Rasl2tp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Image path: system32\DRIVERS\rasl2tp.sys
Image size: 75776
Image MD5: 88587DD843E2059848995B407B67F6CF
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): RasMan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%Systemroot%\system32\rasmans.dll,-200
Description: @%Systemroot%\system32\rasmans.dll,-201
Object name: localSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Tapisrv

Service (registry key): RasPppoe
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access PPPOE Driver
Description: Remote Access PPPOE Driver
Image path: system32\DRIVERS\raspppoe.sys
Image size: 41472
Image MD5: CCF4E9C6CBBAC81437F88CB2AE0B6C96
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): rdbss
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Redirected Buffering Sub Sysytem
Description: Provides the framework for network mini-redirectors
Image path: system32\DRIVERS\rdbss.sys
Image size: 222208
Image MD5: 54129C5D9581BBEC8BD1EBD3BA813F47
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Depends On services: Mup

Service (registry key): RDPCDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: RDPCDD
Description: RDPDD Chained DD
Image path: System32\DRIVERS\RDPCDD.sys
Image size: 6144
Image MD5: 794585276B5D7FCA9F3FC15543F9F0B9
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): RDPDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): rdpdr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Server Device Redirector Driver
Image path: \SystemRoot\system32\drivers\rdpdr.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): RDPENCDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Image path: system32\drivers\rdpencdd.sys
Image size: 6144
Image MD5: 980B56E2E273E19D3A9D72D5C420F008
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): RDPNP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\drprov.dll,-100
Description: @%systemroot%\system32\drprov.dll,-101
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): RDPWD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: RDP Winstation Driver
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): Remote UI Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) Remoting Service
Object name: .\IUSR_NMPR
Image path: "C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe"
Image size: 550872
Image MD5: 42D5AB26FC5FCDB3C1BDAAC4AC153849
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: winmgmt,SSDPSRV,MCLServiceATL,RpcSs

Service (registry key): RemoteAccess
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%Systemroot%\system32\mprdim.dll,-200
Description: @%Systemroot%\system32\mprdim.dll,-201
Object name: localSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSS,RasMan,bfe
Depends On group: NetBIOSGroup

Service (registry key): RemoteRegistry
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @regsvc.dll,-1
Description: @regsvc.dll,-2
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k regsvc
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): RFCOMM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth Device (RFCOMM Protocol TDI)
Description: Bluetooth Device (RFCOMM Protocol TDI)
Image path: system32\DRIVERS\rfcomm.sys
Image size: 49664
Image MD5: 7EC90C316177BA3F1BCE92005264B447
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): RichVideo
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Cyberlink RichVideo Service(CRVS)
Object name: LocalSystem
Image path: "C:\Program Files\Cyberlink\Shared files\RichVideo.exe"
Image size: 241734
Image MD5: 2FCEAD838E64A79250046DD2A15B6A8A
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): RpcLocator
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\Locator.exe,-2
Description: @%systemroot%\system32\Locator.exe,-3
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\locator.exe
Image size: 7680
Image MD5: 5123F83CBC4349D065534EEB6BBDC42B
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): RpcSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @oleres.dll,-5010
Description: @oleres.dll,-5011
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k rpcss
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: DcomLaunch

Service (registry key): rspndr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Link-Layer Topology Discovery Responder
Image path: system32\DRIVERS\rspndr.sys
Image size: 60416
Image MD5: 97E939D2128FEC5D5A3E6E79B290A2F4
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1

Service (registry key): RTL8187
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver
Image path: system32\DRIVERS\wg111v2.sys
Image size: 288768
Image MD5: 99C27FCEB21347DAF3EE9E8C205314D6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): RTLWUSB
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver
Image path: system32\DRIVERS\wg111v2.sys
Image size: 288768
Image MD5: 99C27FCEB21347DAF3EE9E8C205314D6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): s125bus
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Sony Ericsson Device 125 driver (WDM)
Image path: system32\DRIVERS\s125bus.sys
Image size: 83336
Image MD5: 06847AA6F3A9BF7C44134D00A2E578C0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): s125mdfl
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Sony Ericsson Device 125 USB WMC Modem Filter
Description: Sony Ericsson Device 125 USB WMC Modem Filter
Image path: system32\DRIVERS\s125mdfl.sys
Image size: 15112
Image MD5: F83F88E1B125308FB5015EA0349502B0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): s125mdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Sony Ericsson Device 125 USB WMC Modem Driver
Description: Sony Ericsson Device 125 USB WMC Modem Driver
Image path: system32\DRIVERS\s125mdm.sys
Image size: 108680
Image MD5: 402A97756C14940AD6AE5169C2FB105E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): s125obex
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Sony Ericsson Device 125 USB WMC OBEX Interface
Description: Sony Ericsson Device 125 USB WMC OBEX Interface
Image path: system32\DRIVERS\s125obex.sys
Image size: 98696
Image MD5: BEDFC5707C356FD073BF1A4AFE442D91
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SamSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\samsrv.dll,-1
Description: @%SystemRoot%\system32\samsrv.dll,-2
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 7680
Image MD5: 6A0E382E74280E4CC0DF17FE2661D003
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): SASDIFSV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SASDIFSV
Image path: \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): SASENUM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SASENUM
Image path: \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SASKUTIL
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SASKUTIL
Image path: \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): sbp2port
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SBP-2 Transport/Protocol Bus Driver
Image path: \SystemRoot\system32\drivers\sbp2port.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): SBSDWSCService
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0
Depends On services: wscsvc

Service (registry key): SCardSvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\SCardSvr.dll,-1
Description: @%SystemRoot%\System32\SCardSvr.dll,-5
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: PlugPlay

Service (registry key): SCDEmu
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): Schedule
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\schedsvc.dll,-100
Description: @%SystemRoot%\system32\schedsvc.dll,-101
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,EventLog

Service (registry key): SCMNdisP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: General NDIS Protocol Driver
Description: General NDIS Protocol Driver
Image path: system32\DRIVERS\scmndisp.sys
Image size: 21728
Image MD5: 3B68015683C27CB00C7A6B60A37CBCFD
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): SCM_Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SCM_Service
Object name: LocalSystem
Image path: C:\Windows\System32\WinService.exe
Image size: 180224
Image MD5: 42660BBED859AC22DFD12AE598A8FFAA
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1

Service (registry key): SCPolicySvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\certprop.dll,-13
Description: @%SystemRoot%\System32\certprop.dll,-14
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): SDDMI2
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SDDMI2
Image path: \??\C:\Windows\system32\DDMI2.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SDRSVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\sdrsvc.dll,-107
Description: @%SystemRoot%\system32\sdrsvc.dll,-102
Object name: localSystem
Image path: %SystemRoot%\system32\svchost.exe -k SDRSVC
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): secdrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Security Driver
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1

Service (registry key): seclogon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\seclogon.dll,-7001
Description: @%SystemRoot%\system32\seclogon.dll,-7000
Object name: LocalSystem
Image path: %windir%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): SENS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\Sens.dll,-200
Description: @%SystemRoot%\system32\Sens.dll,-201
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: EventSystem

Service (registry key): Serenum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Serenum Filter Driver
Image path: \SystemRoot\system32\drivers\serenum.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Serial
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Serial Port Driver
Image path: \SystemRoot\system32\drivers\serial.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): sermouse
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Serial Mouse Driver
Image path: \SystemRoot\system32\drivers\sermouse.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ServiceModelEndpoint 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ServiceModelOperation 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ServiceModelService 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): SessionEnv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\SessEnv.dll,-1026
Description: @%SystemRoot%\System32\SessEnv.dll,-1027
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS,LanmanWorkstation

Service (registry key): sffdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SFF Storage Class Driver
Image path: \SystemRoot\system32\drivers\sffdisk.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): sffp_mmc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SFF Storage Protocol Driver for MMC
Image path: \SystemRoot\system32\drivers\sffp_mmc.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): sffp_sd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SFF Storage Protocol Driver for SDBus
Image path: \SystemRoot\system32\drivers\sffp_sd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): sfloppy
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: High-Capacity Floppy Disk Drive
Image path: \SystemRoot\system32\drivers\sfloppy.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): SharedAccess
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\ipnathlp.dll,-106
Description: @%SystemRoot%\system32\ipnathlp.dll,-107
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Netman,WinMgmt,RasMan,BFE

Service (registry key): ShellHWDetection
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\shsvcs.dll,-12288
Description: @%SystemRoot%\System32\shsvcs.dll,-12289
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSs

Service (registry key): sisagp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SIS AGP Bus Filter
Image path: \SystemRoot\system32\drivers\sisagp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SiSRaid2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\sisraid2.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): SiSRaid4
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\sisraid4.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): slsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\SLsvc.exe,-101
Description: @%SystemRoot%\system32\SLsvc.exe,-100
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\SLsvc.exe
Image size: 2605568
Image MD5: A1DCD30534835CB67733AD00175125A6
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RpcSs

Service (registry key): SLUINotify
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\SLUINotify.dll,-103
Description: @%SystemRoot%\system32\SLUINotify.dll,-102
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: SLSvc,netprofm,EventSystem

Service (registry key): Smb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\tcpipcfg.dll,-50005
Description: @%SystemRoot%\system32\tcpipcfg.dll,-50006
Image path: system32\DRIVERS\smb.sys
Image size: 66048
Image MD5: AC0D90738ADB51A6FD12FF00874A2162
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): SMSvcHost 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): SNMPTRAP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\snmptrap.exe,-3
Description: @%SystemRoot%\system32\snmptrap.exe,-4
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\snmptrap.exe
Image size: 12800
Image MD5: 2A146A055B4401C16EE62D18B8E2A032
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 1

Service (registry key): Sparrow
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Sparrow
Image path: \SystemRoot\system32\DRIVERS\sparrow.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): spldr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Security Processor Loader Driver
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): Spooler
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\spoolsv.exe,-1
Description: @%systemroot%\system32\spoolsv.exe,-2
Object name: LocalSystem
Image path: %SystemRoot%\System32\spoolsv.exe
Image size: 124928
Image MD5: DA612EF2556776DF2630B68BF2D48935
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS,http

Service (registry key): sptd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: sptd
Image path: System32\Drivers\sptd.sys
Image size: 639224
Image MD5: 3A162B39F0AEFDD841C75A46BA94FEFC
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): SQLAgent$SONY_MEDIAMGR
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SQLAgent$SONY_MEDIAMGR
Object name: LocalSystem
Image path: C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -i SONY_MEDIAMGR
Image size: 311872
Image MD5: E3F974BDEDC336490A2E6F3A703F016A
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: MSSQL$SONY_MEDIAMGR

Service (registry key): srv
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\srv.sys
Image size: 290304
Image MD5: 63695467D2AF343EE8D6766399AA1204
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: srv2

Service (registry key): srv2
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: srv2
Description: Default SDDL for Windows Resource Protected file
Image path: System32\DRIVERS\srv2.sys
Image size: 130048
Image MD5: E8C4D5BCA3C7B5C2A040052AA467B5BF
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: srvnet

Service (registry key): srvnet
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\srvnet.sys
Image size: 84992
Image MD5: CD11A0767E82DD8B1A3A26D305DBEC0F
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): SSDPSRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\ssdpsrv.dll,-100
Description: @%systemroot%\system32\ssdpsrv.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP

Service (registry key): STHDA
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SigmaTel High Definition Audio CODEC
Image path: system32\drivers\sthda.sys
Image size: 1156648
Image MD5: 797FCC1D859B203958E915BB82528DA9
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): stisvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\wiaservc.dll,-9
Description: @%SystemRoot%\system32\wiaservc.dll,-10
Object name: NT Authority\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k imgsvc
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RpcSs,ShellHWDetection

Service (registry key): stllssvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: stllssvr
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe"
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 0

Service (registry key): swenum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Software Bus Driver
Image path: system32\DRIVERS\swenum.sys
Image size: 12776
Image MD5: 1379BDB336F8158C176A465E30759F57
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): swprv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\swprv.dll,-103
Description: @%SystemRoot%\System32\swprv.dll,-102
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k swprv
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): symc810
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: symc810
Image path: \SystemRoot\system32\DRIVERS\symc810.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Symc8xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\symc8xx.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Sym_hi
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\sym_hi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Sym_u3
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\sym_u3.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): SysMain
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\sysmain.dll,-1000
Description: @%SystemRoot%\system32\sysmain.dll,-1001
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: rpcss,fileinfo

Service (registry key): TabletInputService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Tablet PC Input Service
Description: @%SystemRoot%\system32\TabSvc.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): TapiSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\tapisrv.dll,-10100
Description: @%SystemRoot%\system32\tapisrv.dll,-10101
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\System32\svchost.exe -k NetworkService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): TBS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\tbssvc.dll,-100
Description: @%SystemRoot%\system32\tbssvc.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): Tcpip
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\tcpipcfg.dll,-50003
Description: @%SystemRoot%\system32\tcpipcfg.dll,-50003
Image path: System32\drivers\tcpip.sys
Image size: 803328
Image MD5: 5DF77458AA92FDB36FCE79C60F74AB5D
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): Tcpip6
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft IPv6 Protocol Driver
Description: Microsoft IPv6 Protocol Driver
Image path: system32\DRIVERS\tcpip.sys
Image size: 803328
Image MD5: 5DF77458AA92FDB36FCE79C60F74AB5D
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): tcpipreg
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TCP/IP Registry Compatibility
Description: Provides compatibility for legacy applications which interact with TCP/IP through the registry. If this service is stopped, certain applications may have impaired functionality.
Image path: System32\drivers\tcpipreg.sys
Image size: 27648
Image MD5: 5CE0C4A7B12D0067DAD527D72B68C726
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1
Depends On services: tcpip

Service (registry key): TDPIPE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TDPIPE
Image path: system32\drivers\tdpipe.sys
Image size: 17920
Image MD5: 964248AEF49C31FA6A93201A73FFAF50
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): TDTCP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TDTCP
Image path: system32\drivers\tdtcp.sys
Image size: 28672
Image MD5: 7D2C1AE1648A60FCE4AA0F7982E419D3
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): tdx
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\tcpipcfg.dll,-50004
Description: @%SystemRoot%\system32\tcpipcfg.dll,-50004
Image path: system32\DRIVERS\tdx.sys
Image size: 68096
Image MD5: AB4FDE8AF4A0270A46A001C08CBCE1C2
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): TermDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Device Driver
Image path: system32\DRIVERS\termdd.sys
Image size: 50792
Image MD5: 2C549BD9DD091FBFAA0A2A48E82EC2FB
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): TermService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Services
Description: @%SystemRoot%\System32\termsrv.dll,-267
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\System32\svchost.exe -k NetworkService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RPCSS,TermDD

Service (registry key): Themes
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\shsvcs.dll,-8192
Description: @%SystemRoot%\System32\shsvcs.dll,-8193
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): THREADORDER
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\mmcss.dll,-102
Description: @%systemroot%\system32\mmcss.dll,-103
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): TlntSvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Telnet
Description: @%SystemRoot%\system32\tlntsvr.exe,-116
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\tlntsvr.exe
Image size: 75776
Image MD5: 18720B71393AD23954D69A361E500F47
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS,TCPIP

Service (registry key): TosIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TosIde
Image path: \SystemRoot\system32\DRIVERS\toside.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): TrkWks
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Distributed Link Tracking Client
Description: @%SystemRoot%\system32\trkwks.dll,-2
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): TrustedInstaller
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\servicing\TrustedInstaller.exe,-100
Description: @%SystemRoot%\servicing\TrustedInstaller.exe,-101
Object name: localSystem
Image path: %SystemRoot%\servicing\TrustedInstaller.exe
Image size: 27136
Image MD5: 34E388A395FEDBA1D0511ED39BBF4074
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): TSDDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): TSHWMDTCP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TSHWMDTCP
Image path: \??\C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): tssecsrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Services Security Filter Driver
Description: Terminal Services Security Filter Driver
Image path: System32\DRIVERS\tssecsrv.sys
Image size: 23552
Image MD5: 29F0ECA726F0D51F7E048BDB0B372F29
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): tunmp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Tun Miniport Adapter Driver
Image path: system32\DRIVERS\tunmp.sys
Image size: 15360
Image MD5: A858917785681743C512950FDFA14DB7
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): tunnel
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft IPv6 Tunnel Miniport Adapter Driver
Image path: system32\DRIVERS\tunnel.sys
Image size: 23040
Image MD5: 29F1D1D888EE61D20D5662E72AA34129
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): uagp35
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft AGPv3.5 Filter
Image path: \SystemRoot\system32\drivers\uagp35.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): udfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: udfs
Description: Reads/Writes UDF 1.02,1.5,2.0x,2.5 disc formats, usually found on C/DVD discs. (Core) (All pieces)
Image path: system32\DRIVERS\udfs.sys
Image size: 225280
Image MD5: 6348DA98707CEDA8A0DFB05820E17732
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1

Service (registry key): UGatherer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): UGTHRSVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): UI0Detect
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\ui0detect.exe,-101
Description: @%SystemRoot%\system32\ui0detect.exe,-102
Object name: LocalSystem
Image path: %SystemRoot%\system32\UI0Detect.exe
Image size: 35840
Image MD5: 24A333F4F14DCFB6FF6D5A1B9E5D79DD
Control Set: CurrentControlSet
Start: 3
Type: 272
Error Control: 1

Service (registry key): uliagpkx
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Uli AGP Bus Filter
Image path: \SystemRoot\system32\drivers\uliagpkx.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): uliahci
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\uliahci.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): UlSata
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\ulsata.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ulsata2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\ulsata2.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ultra
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ultra
Image path: \SystemRoot\system32\DRIVERS\ultra.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): umbus
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: UMBus Enumerator Driver
Image path: system32\DRIVERS\umbus.sys
Image size: 34816
Image MD5: 3FB78F1D1DD86D87BECECD9DFFA24DD9
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): UmRdpService
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): upnphost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\upnphost.dll,-213
Description: @%systemroot%\system32\upnphost.dll,-214
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: SSDPSRV,HTTP

Service (registry key): usb
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): usbccgp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Generic Parent Driver
Image path: system32\DRIVERS\usbccgp.sys
Image size: 73216
Image MD5: 8BD3AE150D97BA4E633C6C5C51B41AE1
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbcir
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: eHome Infrared Receiver (USBCIR)
Image path: \SystemRoot\system32\drivers\usbcir.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): usbehci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB 2.0 Enhanced Host Controller Miniport Driver
Image path: system32\DRIVERS\usbehci.sys
Image size: 38400
Image MD5: 63FE924D8A1113C3BA6750693FBEC7D3
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbhub
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Standard Hub Driver
Image path: system32\DRIVERS\usbhub.sys
Image size: 191488
Image MD5: 5EDEC5510592C905E91817707DCE62A2
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbohci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Open Host Controller Miniport Driver
Image path: \SystemRoot\system32\drivers\usbohci.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): usbprint
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB PRINTER Class
Image path: system32\DRIVERS\usbprint.sys
Image size: 18944
Image MD5: B51E52ACF758BE00EF3A58EA452FE360
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): USBSTOR
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB Mass Storage Driver
Image path: system32\DRIVERS\USBSTOR.SYS
Image size: 55296
Image MD5: 7887CE56934E7F104E98C975F47353C5
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbuhci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Universal Host Controller Miniport Driver
Image path: system32\DRIVERS\usbuhci.sys
Image size: 22528
Image MD5: 325DBBACB8A36AF9988CCF40EAC228CC
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): UxSms
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\dwm.exe,-2000
Description: @%SystemRoot%\system32\dwm.exe,-2001
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): VComm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Virtual Serial port driver
Image path: system32\DRIVERS\VComm.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): VcommMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth VComm Manager Service
Image path: System32\Drivers\VcommMgr.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): vds
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\vds.exe,-100
Description: @%SystemRoot%\system32\vds.exe,-101
Object name: LocalSystem
Image path: %SystemRoot%\System32\vds.exe
Image size: 392704
Image MD5: C9D0BAFEE0D0A2681F048CA61BC0DA96
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RpcSs,PlugPlay

Service (registry key): vga
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\vgapnp.sys
Image size: 26112
Image MD5: 7D92BE0028ECDEDEC74617009084B5EF
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): VgaSave
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\System32\drivers\vga.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): viaagp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: VIA AGP Bus Filter
Image path: \SystemRoot\system32\drivers\viaagp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ViaC7
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: VIA C7 Processor Driver
Image path: \SystemRoot\system32\drivers\viac7.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): viaide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\viaide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): volmgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Volume Manager Driver
Image path: system32\drivers\volmgr.sys
Image size: 50280
Image MD5: 103E84C95832D0ED93507997CC7B54E8
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): volmgrx
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Dynamic Volume Manager
Description: Extension of the volume manager driver that manages software RAID volumes (spanned, striped, mirrored, RAID-5) on dynamic disks
Image path: System32\drivers\volmgrx.sys
Image size: 290408
Image MD5: 294DA8D3F965F6A8DB934A83C7B461FF
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): volsnap
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Storage volumes
Image path: system32\drivers\volsnap.sys
Image size: 211000
Image MD5: 80DC0C9BCB579ED9815001A4D37CBFD5
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): vsmraid
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\vsmraid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): VSS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\vssvc.exe,-102
Description: @%systemroot%\system32\vssvc.exe,-101
Object name: LocalSystem
Image path: %systemroot%\system32\vssvc.exe
Image size: 924160
Image MD5: E0E29D9EF2524ABD11749C7C2FD7F607
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): VSTHWBS2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\VSTBS23.SYS
Image size: 251904
Image MD5: C466021D31FF6C0A6069D12299D80C0B
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): VST_DPV
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\VSTDPV3.SYS
Image size: 987648
Image MD5: EC36F1D542ED4252390D446BF6D4DFD0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): W32Time
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\w32time.dll,-200
Description: @%SystemRoot%\system32\w32time.dll,-201
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): W3SVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): WacomPen
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Wacom Serial Pen HID Driver
Image path: \SystemRoot\system32\drivers\wacompen.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Wanarp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Image path: system32\DRIVERS\wanarp.sys
Image size: 61952
Image MD5: 6798C1209A53B5A0DED8D437C45145FF
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Wanarpv6
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Image path: system32\DRIVERS\wanarp.sys
Image size: 61952
Image MD5: 6798C1209A53B5A0DED8D437C45145FF
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): wcncsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\wcncsvc.dll,-3
Description: @%SystemRoot%\system32\wcncsvc.dll,-4
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: rpcss

Service (registry key): WcsPlugInService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\WcsPlugInService.dll,-200
Description: @%SystemRoot%\system32\WcsPlugInService.dll,-201
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k wcssvc
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Wd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Watchdog Timer Driver
Image path: \SystemRoot\system32\drivers\wd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Wdf01000
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Kernel Mode Driver Frameworks service
Image path: system32\drivers\Wdf01000.sys
Image size: 495160
Image MD5: 7B5F66E4A2219C7D9DAF9E738480E534
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): WdiServiceHost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\wdi.dll,-502
Description: @%systemroot%\system32\wdi.dll,-503
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k wdisvc
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): WdiSystemHost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\wdi.dll,-500
Description: @%systemroot%\system32\wdi.dll,-501
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): WebClient
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\webclnt.dll,-100
Description: @%systemroot%\system32\webclnt.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: MRxDAV

Service (registry key): Wecsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\wecsvc.dll,-200
Description: @%SystemRoot%\system32\wecsvc.dll,-201
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): wercplsupport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\wercplsupport.dll,-101
Description: @%SystemRoot%\System32\wercplsupport.dll,-100
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): WerSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\wersvc.dll,-100
Description: @%SystemRoot%\System32\wersvc.dll,-101
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k WerSvcGroup
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0

Service (registry key): winachsf
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\HSX_CNXT.sys
Image size: 659968
Image MD5: 6D2350BB6E77E800FC4BE4E5B7A2E89A
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): WinDefend
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103
Description: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-3068
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k secsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Windows Workflow Foundation 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): WinHttpAutoProxySvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\winhttp.dll,-100
Description: @%SystemRoot%\system32\winhttp.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Dhcp

Service (registry key): Winmgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%Systemroot%\system32\wbem\wmisvc.dll,-205
Description: @%Systemroot%\system32\wbem\wmisvc.dll,-204
Object name: localSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS

Service (registry key): WinRM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%Systemroot%\system32\wsmsvc.dll,-101
Description: @%Systemroot%\system32\wsmsvc.dll,-102
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\System32\svchost.exe -k NetworkService
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RPCSS,HTTP

Service (registry key): Winsock
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 4
Error Control: 1

Service (registry key): WinSock2
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Wlansvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\wlansvc.dll,-257
Description: @%SystemRoot%\System32\wlansvc.dll,-258
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: nativewifip,RpcSs,Ndisuio,Eaphost

Service (registry key): WmiAcpi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Windows Management Interface for ACPI
Image path: \SystemRoot\system32\drivers\wmiacpi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): WmiApRpl
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): wmiApSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110
Description: @%Systemroot%\system32\wbem\wmiapsrv.exe,-111
Object name: localSystem
Image path: %systemroot%\system32\wbem\WmiApSrv.exe
Image size: 137216
Image MD5: A279323BEE5FFFAFDA222910BCE92132
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): WMPNetworkSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101
Description: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-102
Object name: NT AUTHORITY\NetworkService
Image path: "%ProgramFiles%\Windows Media Player\wmpnetwk.exe"
Image size: 895488
Image MD5: ACB2E63D50157E3EA7140F29D9E76A48
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: UPnPHost,http

Service (registry key): WPCSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\wpcsvc.dll,-100
Description: @%SystemRoot%\system32\wpcsvc.dll,-101
Object name: NT Authority\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): WPDBusEnum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\wpdbusenum.dll,-100
Description: @%SystemRoot%\system32\wpdbusenum.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): ws2ifsl
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Winsock IFS driver
Description: Winsock IFS driver
Image path: \SystemRoot\system32\drivers\ws2ifsl.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): wscsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\wscsvc.dll,-200
Description: @%SystemRoot%\System32\wscsvc.dll,-201
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,WinMgmt

Service (registry key): WSearch
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\SearchIndexer.exe,-103
Description: @%systemroot%\system32\SearchIndexer.exe,-104
Object name: LocalSystem
Image path: %systemroot%\system32\SearchIndexer.exe /Embedding
Image size: 287744
Image MD5: 5DE40982E3AE45DC00586A93637B351B
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): WSearchIdxPi
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): wuauserv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\wuaueng.dll,-105
Description: @%systemroot%\system32\wuaueng.dll,-106
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: rpcss

Service (registry key): WudfPf
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Driver Foundation - User-mode Driver Framework Platform Driver
Description: Provide communciation services for UMDF components.
Image path: system32\DRIVERS\WudfPf.sys
Image size: 51712
Image MD5: 3D80328AA84D9FE130D869CF83923D74
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): WudfRd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Driver Foundation - User-mode Driver Framework Reflector
Description: Reflect device requests to user-mode driver drivers
Image path: system32\DRIVERS\wudfrd.sys
Image size: 82560
Image MD5: A2AAFCC8A204736296D937C7C545B53F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): wudfsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\wudfsvc.dll,-1000
Description: @%SystemRoot%\system32\wudfsvc.dll,-1001
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 22016
Image MD5: 10DA15933D582D2FEDCF705EFE394B09
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay

Service (registry key): XAudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\xaudio.sys
Image size: 8192
Image MD5: 5A7FF9A18FF6D7E0527FE3ABF9204EF8
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0

Service (registry key): XAudioService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: XAudioService
Description: User-mode gate for Modem Speakephone
Object name: LocalSystem
Image path: %SystemRoot%\system32\DRIVERS\xaudio.exe
Image size: 386560
Image MD5: 28DC5D626E036A75A572556F0A6EB1F6
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 1

Service (registry key): xmlprov
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): {08D5E4ED-2308-4DBF-B56F-C6443D25C1E1}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): {57333FCF-42C6-4B97-B8D5-F8E5BC46945C}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): {BEE1C99B-6BAA-43B1-917A-C7CEEB7ACB71}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

As soon as I get a chance, I'll post the SuperAnti log.
--Grifter
grifter
Regular Member
 
Posts: 15
Joined: November 10th, 2005, 2:05 am

Re: Vicious Trojan Keeps Resurfacing!

Unread postby grifter » December 15th, 2008, 4:45 pm

Here is the SuperAntiSpyware log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/15/2008 at 01:30 PM

Application Version : 4.23.1006

Core Rules Database Version : 3675
Trace Rules Database Version: 1654

Scan type : Complete Scan
Total Scan Time : 00:38:04

Memory items scanned : 543
Memory threats detected : 0
Registry items scanned : 9542
Registry threats detected : 0
File items scanned : 35699
File threats detected : 3

Adware.Tracking Cookie
C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Cookies\joe@revsci[1].txt
C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Cookies\joe@atdmt[2].txt
C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Cookies\joe@questionmarket[1].txt

Please let me know if there is anything else you need.

Thanks again, Shaba
--Grifter
grifter
Regular Member
 
Posts: 15
Joined: November 10th, 2005, 2:05 am

Re: Vicious Trojan Keeps Resurfacing!

Unread postby Shaba » December 16th, 2008, 2:00 am

It looks like that your router might be hacked and needs to be resetted.

What router you have (brand/model)?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Vicious Trojan Keeps Resurfacing!

Unread postby grifter » December 16th, 2008, 11:53 am

I have a Netgear router model WPN 824v2. Should I reset it?
grifter
Regular Member
 
Posts: 15
Joined: November 10th, 2005, 2:05 am

Re: Vicious Trojan Keeps Resurfacing!

Unread postby Shaba » December 16th, 2008, 11:56 am

Yes.

Please do this:

1. Reset your router

2. Change default password of router and check that DHCP settings are fine.

3. Re-run malwarebytes and let it remove what it finds.

Post back:

- malwarebytes log
- a fresh HijackThis log.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Vicious Trojan Keeps Resurfacing!

Unread postby grifter » December 17th, 2008, 1:55 am

Here's the Malwarebytes log:

Malwarebytes' Anti-Malware 1.31
Database version: 1502
Windows 6.0.6000

12/16/2008 9:31:06 PM
mbam-log-2008-12-16 (21-31-06).txt

Scan type: Full Scan (C:\|D:\|F:\|)
Objects scanned: 235781
Time elapsed: 1 hour(s), 0 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

So far, so good! Thanks Shaba! I'll post the new Hijackthis log as soon as I get a chance.
--Grifter
grifter
Regular Member
 
Posts: 15
Joined: November 10th, 2005, 2:05 am

Re: Vicious Trojan Keeps Resurfacing!

Unread postby grifter » December 17th, 2008, 1:58 am

And here's the Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:55:53 PM, on 12/16/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\stsystra.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=6061102
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=6061102
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-3285236039-3022485011-2099142154-1006\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O13 - Gopher Prefix:
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 4056572984
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: SCM_Service - Unknown owner - C:\Windows\System32\WinService.exe

--
End of file - 9044 bytes

My computer... feels good. I'm going to reset it and make sure everything's still clear. I'll run Malwarebytes one more time after the restart and let you know how everything turns out. Any idea of how a virus could infect my router!? Was it something I downloaded somewhere, or could an attack like that come from visiting a certain type of website? Anyway, thanks for your help.

--Grifter
grifter
Regular Member
 
Posts: 15
Joined: November 10th, 2005, 2:05 am

Re: Vicious Trojan Keeps Resurfacing!

Unread postby Shaba » December 17th, 2008, 5:22 am

It can come from website or from bad download.

Let's run this next:

Please go to Kaspersky website and perform an online antivirus scan.

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  1. Read through the requirements and privacy statement and click on Accept button.
  2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  3. When the downloads have finished, click on Settings.
  4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
  5. Click on My Computer under Scan.
  6. Once the scan is complete, it will display the results. Click on View Scan Report.
  7. You will see a list of infected items there. Click on Save Report As....
  8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  9. Please post this log in your next reply along with a fresh HijackThis log.

If you need a tutorial, see here
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Vicious Trojan Keeps Resurfacing!

Unread postby grifter » December 18th, 2008, 6:23 pm

The Kaspersky Scan found no malicious software.

Here is my latest Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:20:46 PM, on 12/18/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\stsystra.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cli ... bd=6061102
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cli ... bd=6061102
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-3285236039-3022485011-2099142154-1006\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O13 - Gopher Prefix:
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 4056572984
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: SCM_Service - Unknown owner - C:\Windows\System32\WinService.exe

--
End of file - 8908 bytes

Everything appears to be running normally once I reset the router. Thank you so much for your help, Shaba. Let me know if there's anything else I need to do.
--Grifter
You do not have the required permissions to view the files attached to this post.
grifter
Regular Member
 
Posts: 15
Joined: November 10th, 2005, 2:05 am

Re: Vicious Trojan Keeps Resurfacing!

Unread postby Shaba » December 19th, 2008, 4:29 am

Great :)

Still some problems?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Vicious Trojan Keeps Resurfacing!

Unread postby grifter » December 22nd, 2008, 5:19 pm

Nope, everything appears to be working perfectly. Thanks for your help. I had never heard of a virus that could infect a router!

Take care, Shaba. Thanks for all your help,
--Grifter
grifter
Regular Member
 
Posts: 15
Joined: November 10th, 2005, 2:05 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 53 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware