Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

mouse trap. more windows than one can close

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: mouse trap. more windows than one can close

Unread postby ejames82 » February 7th, 2012, 5:40 pm

torreattack,

I installed erunt and made the registry backup. I have used it many times before.

the problem with the keyboard not working isn't strictly associated with scans. any time I copy and paste it doesn't type.

I have a question about this (below) and I am not going to go on until I get an answer. ;)


2. OTL fix
Please make sure OTL.exe is on your Desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop

Right click on OTL.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it.
Copy the following text... do not include the quote box title

what about the avast antivirus? (because that pops up) do I need to disable shields control (don't worry I know how to do this proficiently), then enable shields control when I am finished? (click on 'fix it')

thank you.
ejames82
Regular Member
 
Posts: 54
Joined: December 2nd, 2007, 4:34 pm
Location: syracuse, new york
Advertisement
Register to Remove

Re: mouse trap. more windows than one can close

Unread postby torreattack » February 8th, 2012, 6:13 am

Hi ejames82:

Please temporary disable avast while you are using OTL. You may re-enable it when finish.

Thanks,
torreattack
torreattack
Retired Graduate
 
Posts: 940
Joined: July 27th, 2008, 1:36 am

Re: mouse trap. more windows than one can close

Unread postby ejames82 » February 8th, 2012, 10:11 am

very good.

I am pressing forward with your instructions.
ejames82
Regular Member
 
Posts: 54
Joined: December 2nd, 2007, 4:34 pm
Location: syracuse, new york

Re: mouse trap. more windows than one can close

Unread postby ejames82 » February 8th, 2012, 11:27 am

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3780860486-297848617-718311817-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check folder moved successfully.
C:\ProgramData\~5DrSpjUPng4J6D moved successfully.
C:\ProgramData\~5DrSpjUPng4J6Dr moved successfully.
C:\Users\Jason\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk moved successfully.
C:\Users\Jason\AppData\Local\137132d1d242g542m314v1qhj6n6 moved successfully.
C:\ProgramData\137132d1d242g542m314v1qhj6n6 moved successfully.
========== FILES ==========
C:\Users\Jason\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\2688b442-48617f8a moved successfully.
C:\Users\Jason\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\70e83d9f-4dc1eca6 moved successfully.
C:\Users\Jason\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\2ac74c85-46862f60 moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Jason\Desktop\cmd.bat deleted successfully.
C:\Users\Jason\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 02082012_095020
ejames82
Regular Member
 
Posts: 54
Joined: December 2nd, 2007, 4:34 pm
Location: syracuse, new york

Re: mouse trap. more windows than one can close

Unread postby ejames82 » February 8th, 2012, 11:52 am

OTL logfile created on: 2/8/2012 10:32:49 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jason\Desktop
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.42 Mb Total Physical Memory | 430.63 Mb Available Physical Memory | 42.49% Memory free
1.99 Gb Paging File | 1.36 Gb Available in Paging File | 68.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.19 Gb Total Space | 116.77 Gb Free Space | 83.89% Space Free | Partition Type: NTFS

Computer Name: JASON-PC | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Jason\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Macrium\Reflect\ReflectService.exe ()
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
PRC - C:\Program Files\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
PRC - C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files\WSED\WSED.exe (Dell)
PRC - C:\Program Files\Battery Meter\BTMeter.exe (Dell)
PRC - C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
PRC - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\CapsLKNotify\CapsLKNotify.exe (Compal Electronics, Inc)
PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\422f7ea3d1defd478d9884a996503aa8\MenuSkinning.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\d3eb0a9a0fc0fb9b5c8f8d06b33ff761\VistaBridgeLibrary.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\327d77ec9cc0680dd2ca8e19f748d701\DellDock.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\abe2c0a38744e2b1fb5c391237d05c03\MyDock.Util.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\31fce331fded94dd06627603f6fe4562\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
MOD - C:\Windows\System32\EMSC.DLL ()


========== Win32 Services (SafeList) ==========

SRV - (ReflectService.exe) -- C:\Program Files\Macrium\Reflect\ReflectService.exe ()
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (SftService) -- C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation)
SRV - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)


========== Driver Services (SafeList) ==========

DRV - (pssnap) -- C:\Windows\system32\DRIVERS\pssnap.sys (Macrium Software)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (RTL8192Ce) -- C:\Windows\System32\drivers\rtl8192ce.sys (Realtek Semiconductor Corporation )
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (EMSC) -- C:\Windows\system32\DRIVERS\EMSC.SYS (Windows (R) Win 7 DDK provider)
DRV - (CtClsFlt) -- C:\Windows\System32\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3780860486-297848617-718311817-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Jason\Desktop
IE - HKU\S-1-5-21-3780860486-297848617-718311817-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-3780860486-297848617-718311817-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3780860486-297848617-718311817-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



O1 HOSTS File: ([2012/02/08 09:50:23 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BTMeter] C:\Program Files\Battery Meter\BTMeter.exe (Dell)
O4 - HKLM..\Run: [CapsLKNotify] C:\Program Files\CapsLKNotify\CapsLKNotify.exe (Compal Electronics, Inc)
O4 - HKLM..\Run: [WSED] C:\Program Files\WSED\WSED.exe (Dell)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{294B54CD-9A79-442E-9C06-427C363FA3D1}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9F4F60C-45F4-43F2-A5B5-4D1E1EC7566A}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{385a522a-21c8-11e1-af7d-5c260a0e0ee8}\Shell - "" = AutoRun
O33 - MountPoints2\{385a522a-21c8-11e1-af7d-5c260a0e0ee8}\Shell\AutoRun\command - "" = D:\TL-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-3780860486-297848617-718311817-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2012/02/08 09:50:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/07 16:13:12 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/02/07 16:11:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/02/07 16:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/02/06 20:48:54 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2012/02/06 09:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/02/05 04:55:32 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Malwarebytes
[2012/02/05 04:55:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/05 04:55:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/02/05 04:55:21 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/02/05 04:55:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/02/02 09:35:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
[2012/01/30 01:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/01/29 11:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/01/29 11:41:34 | 000,314,456 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/01/29 11:41:34 | 000,020,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/01/29 11:41:30 | 000,052,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/01/29 11:41:30 | 000,034,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012/01/29 11:41:29 | 000,435,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/01/29 11:41:25 | 000,055,128 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/01/29 11:40:07 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/01/29 11:40:06 | 000,199,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/01/29 11:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/01/29 11:39:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/01/27 18:54:31 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2012/01/27 18:54:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2012/01/27 17:45:07 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\Reflect
[2012/01/27 17:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrium
[2012/01/27 17:31:50 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macrium
[2012/01/27 17:31:49 | 000,000,000 | ---D | C] -- C:\Program Files\Macrium
[2012/01/27 17:26:08 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2012/01/26 02:52:57 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\SoftGrid Client
[2012/01/26 02:52:53 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\SoftGrid Client
[2012/01/26 02:51:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012/01/26 02:51:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Application Virtualization Client
[2012/01/26 02:50:46 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\TP
[2012/01/26 00:28:48 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/01/26 00:28:47 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012/01/21 18:29:16 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/01/21 18:29:16 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/01/21 18:29:16 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/01/21 18:29:16 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/01/21 18:29:16 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/01/21 18:29:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/01/21 18:29:16 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/01/21 18:29:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/01/21 18:29:16 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/01/21 18:29:16 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/01/21 18:29:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/01/21 18:29:15 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/01/21 18:29:14 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/01/21 18:29:14 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/01/21 18:29:14 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/01/21 18:29:14 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/01/21 18:29:14 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/01/21 18:29:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/01/21 18:29:14 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/01/21 18:29:14 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/01/21 18:29:14 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/01/21 18:29:14 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/01/21 18:29:12 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/01/21 18:29:12 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/01/21 18:29:12 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/01/21 18:29:12 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/01/21 18:29:12 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/01/21 18:29:12 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/01/21 18:29:11 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/01/21 18:29:11 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/01/21 18:29:10 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/01/21 18:29:10 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/01/21 18:29:10 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/01/21 18:29:10 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/01/21 18:29:10 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/01/21 18:29:10 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/01/21 18:29:10 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/01/21 17:01:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012/01/21 16:39:33 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/01/19 00:49:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/01/11 16:41:43 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/11 16:41:40 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/11 16:41:39 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/01/11 05:11:16 | 000,000,000 | ---D | C] -- C:\437f678f23918983676b9187

========== Files - Modified Within 30 Days ==========

[2012/02/08 10:30:15 | 000,000,734 | ---- | M] () -- C:\Users\Jason\Desktop\MalWare Removal • Malware Removal - Website Home Page..website
[2012/02/08 09:59:59 | 000,009,696 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/08 09:59:59 | 000,009,696 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/08 09:51:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/08 09:51:52 | 796,987,392 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/08 09:50:23 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/02/07 16:12:00 | 000,000,877 | ---- | M] () -- C:\Users\Jason\Desktop\ERUNT.lnk
[2012/02/06 20:15:26 | 000,624,622 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/06 20:15:26 | 000,106,708 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/05 04:55:24 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/01 13:07:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2012/01/30 00:05:49 | 000,000,408 | ---- | M] () -- C:\Users\Jason\Desktop\VirusTotal - Free Online Virus, Malware and URL Scanner.website
[2012/01/29 11:41:35 | 000,001,996 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/01/29 11:41:25 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/01/27 17:31:50 | 000,002,929 | ---- | M] () -- C:\Users\Jason\Desktop\Reflect.lnk
[2012/01/26 00:28:48 | 000,001,224 | ---- | M] () -- C:\Users\Jason\Desktop\Revo Uninstaller.lnk
[2012/01/22 18:29:53 | 000,257,736 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/21 20:12:21 | 000,001,409 | ---- | M] () -- C:\Users\Jason\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/21 18:29:16 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/01/21 18:29:16 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/01/21 18:29:16 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/01/21 18:29:16 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/01/21 18:29:16 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/01/21 18:29:16 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/01/21 18:29:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/01/21 18:29:16 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/01/21 18:29:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/01/21 18:29:16 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/01/21 18:29:16 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/01/21 18:29:15 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/01/21 18:29:14 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/01/21 18:29:14 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/01/21 18:29:14 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/01/21 18:29:14 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/01/21 18:29:14 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/01/21 18:29:14 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/01/21 18:29:14 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/01/21 18:29:14 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/01/21 18:29:14 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/01/21 18:29:14 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/01/21 18:29:14 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/01/21 18:29:14 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/01/21 18:29:12 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/01/21 18:29:12 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/01/21 18:29:12 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/01/21 18:29:12 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/01/21 18:29:12 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/01/21 18:29:11 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/01/21 18:29:11 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/01/21 18:29:10 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/01/21 18:29:10 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/01/21 18:29:10 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/01/21 18:29:10 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/01/21 18:29:10 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/01/21 18:29:10 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/01/21 18:29:10 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/01/21 17:41:43 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2012/01/21 16:40:31 | 000,003,368 | ---- | M] () -- C:\bootsqm.dat
[2012/01/17 11:49:26 | 000,001,986 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

========== Files Created - No Company Name ==========

[2012/02/07 16:12:00 | 000,000,877 | ---- | C] () -- C:\Users\Jason\Desktop\ERUNT.lnk
[2012/02/05 04:55:24 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/01 10:45:01 | 000,000,734 | ---- | C] () -- C:\Users\Jason\Desktop\MalWare Removal • Malware Removal - Website Home Page..website
[2012/01/30 00:05:49 | 000,000,408 | ---- | C] () -- C:\Users\Jason\Desktop\VirusTotal - Free Online Virus, Malware and URL Scanner.website
[2012/01/29 11:41:35 | 000,001,996 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/01/27 17:31:50 | 000,002,929 | ---- | C] () -- C:\Users\Jason\Desktop\Reflect.lnk
[2012/01/26 00:28:48 | 000,001,224 | ---- | C] () -- C:\Users\Jason\Desktop\Revo Uninstaller.lnk
[2012/01/21 20:12:20 | 000,001,415 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/01/21 18:29:14 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/01/21 16:40:31 | 000,003,368 | ---- | C] () -- C:\bootsqm.dat
[2012/01/17 11:49:26 | 000,001,986 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/01/17 11:49:25 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2010/09/30 04:25:14 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2010/09/30 04:12:21 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2010/09/30 04:11:02 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/09/09 20:18:28 | 000,577,536 | ---- | C] () -- C:\Windows\System32\EMSC.DLL
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,257,736 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,624,622 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,106,708 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >
ejames82
Regular Member
 
Posts: 54
Joined: December 2nd, 2007, 4:34 pm
Location: syracuse, new york

Re: mouse trap. more windows than one can close

Unread postby torreattack » February 9th, 2012, 12:48 pm

Hi ejames82 :


Let update some application,

1. Uninstall programs
  • Click on Start.
  • All programs.
  • Accessories.
  • Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the following
Java(TM) 6 Update 20
Java Auto Updater
Adobe Reader 9.5.0
Spelling Dictionaries Support For Adobe Reader 9



2. Java SE Runtime Environment (JRE).
Please download from HERE
  • Find Java SE 7u2, (JRE) Java SE 7.
  • Click the Download JRE button to the right.
  • check the box that says Accept License Agreement. Next, click the correct Product / File Description (in your case the jre-7u2-windows-i586.exe).
  • Save the file to your desktop.
  • Close all active windows.
  • Install the program.
  • Note: remember to Uncheck any extra software downloads you may be offered (optional)


3. Update Adobe Reader
  • You should Download and Install the newest version of Adobe Reader for reading pdf files.
  • Older versions may have vulnerabilities that malware can use to infect your system.
  • Go Here to download and install Adobe Reader X (10.1.2).
  • Note: remember to Uncheck any extra software downloads you may be offered (optional)


4. Checklist
Please post:
  • An update on your problems
  • Any other problems


Thanks,
torreattack
torreattack
Retired Graduate
 
Posts: 940
Joined: July 27th, 2008, 1:36 am

Re: mouse trap. more windows than one can close

Unread postby ejames82 » February 9th, 2012, 3:37 pm

torreattack,

Hello,

everything that you said was carried out except for Java Auto Updater. It was not on the list (programs and features?).
uninstalled:
Java(TM) 6 Update 20
Adobe Reader 9.5.0
Spelling Dictionaries Support For Adobe Reader 9

installed:

Java SE 7u2, (JRE) Java SE 7
Adobe Reader X (10.1.2).


it seems that since the OTLfix that the mousepad has not been as touchy 'for now'. :) the fix definitely did not have a bad effect on the pc. as for the copy, paste and type problem, I haven't had to do those things at the same time, so I can't say if that problem has improved. the mini doesn't get used at all other than for this cleaning procedure.

I did notice other unwanted software on the mini as well. I have left it alone, untouched, until the procedure is complete.
as I stated in my opening post, I had just bought the pc from my sister, so I have no attachment to any data on it. I will gladly delete any data at your request. Just say it, and it will be done. :)

thank you.
ejames82
Regular Member
 
Posts: 54
Joined: December 2nd, 2007, 4:34 pm
Location: syracuse, new york

Re: mouse trap. more windows than one can close

Unread postby torreattack » February 11th, 2012, 12:02 pm

Hi ejames82:

Sorry for being late.

1. Please download Farbar Service Scanner© by farbar and save it to your desktop. Click here.
  • Right click on FSS.exe and select "run as administrator" to run it.
  • Check (tick) all options:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Click on the Scan button. A log will open.
  • Please post the contents of this log. It can also be found on the desktop as FSS.txt.

2. How was the keyboard, does it "ok" now?

Thanks,
torreattack
torreattack
Retired Graduate
 
Posts: 940
Joined: July 27th, 2008, 1:36 am

Re: mouse trap. more windows than one can close

Unread postby ejames82 » February 11th, 2012, 1:20 pm

torreattack,

Hello,

to answer your question about the keyboard, it either works flawlessly, or not at all (which is when I have something in the clipboard).

I will now give you what you require. I really appreciate your time and effort and you're doing a great job. :)

thanks.
ejames82
Regular Member
 
Posts: 54
Joined: December 2nd, 2007, 4:34 pm
Location: syracuse, new york

Re: mouse trap. more windows than one can close

Unread postby ejames82 » February 11th, 2012, 1:36 pm

Farbar Service Scanner Version: 10-02-2012
Ran by Jason (administrator) on 11-02-2012 at 12:33:46
Running from "C:\Users\Jason\Desktop"
Microsoft Windows 7 Starter Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: Attention! Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to retrieve start type of bfe. The value does not exist.
Checking ImagePath: Attention! Unable to retrieve ImagePath of bfe. The value does not exist.
Unable to retrieve ServiceDll of bfe. The value does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to retrieve start type of wscsvc. The value does not exist.
Checking ImagePath: Attention! Unable to retrieve ImagePath of wscsvc. The value does not exist.
Unable to retrieve ServiceDll of wscsvc. The value does not exist.


Windows Update:
============

File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
ejames82
Regular Member
 
Posts: 54
Joined: December 2nd, 2007, 4:34 pm
Location: syracuse, new york

Re: mouse trap. more windows than one can close

Unread postby torreattack » February 13th, 2012, 11:19 am

Hi ejames82 :

Sorry again for being late.

Export Service Key with Farbar Service Scanner (FSS)
  1. Please right click on FSS.exe and select "Run As Administrator". If UAC prompts, allow it.
  2. Please copy and paste the following in the Search text box
    mpsdrv
    MpsSvc
    bfe
    wscsvc
  3. Press the Export Service" button.
    When finished a text file named FSS.txt will be created on your desktop. (Same folder the tool is run).
  4. Please copy and paste the contents of the FSS.txt log to your reply.


thanks,
torreattack
torreattack
Retired Graduate
 
Posts: 940
Joined: July 27th, 2008, 1:36 am

Re: mouse trap. more windows than one can close

Unread postby ejames82 » February 13th, 2012, 2:08 pm

I have to break it up into sections. it's too big for one post.

thank you.
ejames82
Regular Member
 
Posts: 54
Joined: December 2nd, 2007, 4:34 pm
Location: syracuse, new york

Re: mouse trap. more windows than one can close

Unread postby ejames82 » February 13th, 2012, 2:11 pm

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\mpsdrv]
"DisplayName"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23092"
"Group"="network"
"ImagePath"=hex(2):53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,\
72,00,69,00,76,00,65,00,72,00,73,00,5c,00,6d,00,70,00,73,00,64,00,72,00,76,\
00,2e,00,73,00,79,00,73,00,00,00
"Description"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23093"
"ErrorControl"=dword:00000001
"Start"=dword:00000003
"Type"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\mpsdrv\Enum]
"0"="Root\\LEGACY_MPSDRV\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc\Parameters]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc\Parameters\PortKeywords]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc\Parameters\PortKeywords\DHCP]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc\Parameters\PortKeywords\IPTLSIn]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc\Parameters\PortKeywords\IPTLSOut]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc\Parameters\PortKeywords\RPC-EPMap]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc\Parameters\PortKeywords\Teredo]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\MpsSvc\Security]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\BootTime]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\BootTime\Filter]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\Persistent]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\Persistent\Filter]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\Persistent\Provider]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\bfe\Parameters\Policy\Persistent\SubLayer]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\wscsvc]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\wscsvc\Parameters]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NET CLR Data]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NET CLR Data\Linkage]
"Export"="2e,00,4e,00,45,00,54,00,20,00,43,00,4c,00,52,00,20,00,44,00,61,00,74,00,61,00,00,00,00,00"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NET CLR Data\Performance]
"IsMultiInstance"=dword:00000001
"CategoryOptions"=dword:00000001
"Open"="OpenPerformanceData"
"Collect"="CollectPerformanceData"
"Close"="ClosePerformanceData"
"Library"="netfxperf.dll"
"Counter Types"=hex:36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,\
00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,\
36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,\
00,00,00,00,00
"Counter Names"=hex:53,00,71,00,6c,00,43,00,6c,00,69,00,65,00,6e,00,74,00,3a,\
00,20,00,43,00,75,00,72,00,72,00,65,00,6e,00,74,00,20,00,23,00,20,00,70,00,\
6f,00,6f,00,6c,00,65,00,64,00,20,00,61,00,6e,00,64,00,20,00,6e,00,6f,00,6e,\
00,70,00,6f,00,6f,00,6c,00,65,00,64,00,20,00,63,00,6f,00,6e,00,6e,00,65,00,\
63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,53,00,71,00,6c,00,43,00,6c,00,69,\
00,65,00,6e,00,74,00,3a,00,20,00,43,00,75,00,72,00,72,00,65,00,6e,00,74,00,\
20,00,23,00,20,00,70,00,6f,00,6f,00,6c,00,65,00,64,00,20,00,63,00,6f,00,6e,\
00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,53,00,71,00,6c,00,\
43,00,6c,00,69,00,65,00,6e,00,74,00,3a,00,20,00,43,00,75,00,72,00,72,00,65,\
00,6e,00,74,00,20,00,23,00,20,00,63,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,\
69,00,6f,00,6e,00,20,00,70,00,6f,00,6f,00,6c,00,73,00,00,00,53,00,71,00,6c,\
00,43,00,6c,00,69,00,65,00,6e,00,74,00,3a,00,20,00,50,00,65,00,61,00,6b,00,\
20,00,23,00,20,00,70,00,6f,00,6f,00,6c,00,65,00,64,00,20,00,63,00,6f,00,6e,\
00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,53,00,71,00,6c,00,\
43,00,6c,00,69,00,65,00,6e,00,74,00,3a,00,20,00,54,00,6f,00,74,00,61,00,6c,\
00,20,00,23,00,20,00,66,00,61,00,69,00,6c,00,65,00,64,00,20,00,63,00,6f,00,\
6e,00,6e,00,65,00,63,00,74,00,73,00,00,00,53,00,71,00,6c,00,43,00,6c,00,69,\
00,65,00,6e,00,74,00,3a,00,20,00,54,00,6f,00,74,00,61,00,6c,00,20,00,23,00,\
20,00,66,00,61,00,69,00,6c,00,65,00,64,00,20,00,63,00,6f,00,6d,00,6d,00,61,\
00,6e,00,64,00,73,00,00,00,00,00
"InstallType"=dword:00000001
"PerfIniFile"="_DataPerfCounters_D.ini"
"First Counter"=dword:0000106a
"Last Counter"=dword:00001076
"First Help"=dword:0000106b
"Last Help"=dword:00001077
"Object List"="4202"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NET CLR Networking]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NET CLR Networking\Linkage]
"Export"="2e,00,4e,00,45,00,54,00,20,00,43,00,4c,00,52,00,20,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,69,00,6e,00,67,00,00,00,00,00"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NET CLR Networking\Performance]
"IsMultiInstance"=dword:00000001
"FileMappingSize"=dword:00020000
"CategoryOptions"=dword:00000003
"Collect"="CollectPerformanceData"
"Close"="ClosePerformanceData"
"Library"="netfxperf.dll"
"Counter Types"=hex:36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,37,00,39,\
00,32,00,00,00,36,00,35,00,37,00,39,00,32,00,00,00,36,00,35,00,35,00,33,00,\
36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,00,00
"Open"="OpenPerformanceData"
"Counter Names"=hex:43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,\
00,73,00,20,00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,00,68,00,65,00,\
64,00,00,00,42,00,79,00,74,00,65,00,73,00,20,00,52,00,65,00,63,00,65,00,69,\
00,76,00,65,00,64,00,00,00,42,00,79,00,74,00,65,00,73,00,20,00,53,00,65,00,\
6e,00,74,00,00,00,44,00,61,00,74,00,61,00,67,00,72,00,61,00,6d,00,73,00,20,\
00,52,00,65,00,63,00,65,00,69,00,76,00,65,00,64,00,00,00,44,00,61,00,74,00,\
61,00,67,00,72,00,61,00,6d,00,73,00,20,00,53,00,65,00,6e,00,74,00,00,00,00,\
00
"InstallType"=dword:00000001
"PerfIniFile"="_Networkingperfcounters_D.ini"
"First Counter"=dword:00001040
"Last Counter"=dword:0000104a
"First Help"=dword:00001041
"Last Help"=dword:0000104b
"Object List"="4160"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NET CLR Networking 4.0.0.0]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NET CLR Networking 4.0.0.0\Linkage]
"Export"=hex(7):2e,00,4e,00,45,00,54,00,20,00,43,00,4c,00,52,00,20,00,4e,00,65,\
00,74,00,77,00,6f,00,72,00,6b,00,69,00,6e,00,67,00,20,00,34,00,2e,00,30,00,\
2e,00,30,00,2e,00,30,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NET CLR Networking 4.0.0.0\Performance]
"Counter Names"=hex(7):43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,\
6e,00,73,00,20,00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,00,68,00,65,\
00,64,00,00,00,42,00,79,00,74,00,65,00,73,00,20,00,52,00,65,00,63,00,65,00,\
69,00,76,00,65,00,64,00,00,00,42,00,79,00,74,00,65,00,73,00,20,00,53,00,65,\
00,6e,00,74,00,00,00,44,00,61,00,74,00,61,00,67,00,72,00,61,00,6d,00,73,00,\
20,00,52,00,65,00,63,00,65,00,69,00,76,00,65,00,64,00,00,00,44,00,61,00,74,\
00,61,00,67,00,72,00,61,00,6d,00,73,00,20,00,53,00,65,00,6e,00,74,00,00,00,\
48,00,74,00,74,00,70,00,57,00,65,00,62,00,52,00,65,00,71,00,75,00,65,00,73,\
00,74,00,73,00,20,00,43,00,72,00,65,00,61,00,74,00,65,00,64,00,2f,00,53,00,\
65,00,63,00,00,00,48,00,74,00,74,00,70,00,57,00,65,00,62,00,52,00,65,00,71,\
00,75,00,65,00,73,00,74,00,73,00,20,00,41,00,76,00,65,00,72,00,61,00,67,00,\
65,00,20,00,4c,00,69,00,66,00,65,00,74,00,69,00,6d,00,65,00,00,00,48,00,74,\
00,74,00,70,00,57,00,65,00,62,00,52,00,65,00,71,00,75,00,65,00,73,00,74,00,\
73,00,20,00,41,00,76,00,65,00,72,00,61,00,67,00,65,00,20,00,4c,00,69,00,66,\
00,65,00,74,00,69,00,6d,00,65,00,20,00,42,00,61,00,73,00,65,00,00,00,48,00,\
74,00,74,00,70,00,57,00,65,00,62,00,52,00,65,00,71,00,75,00,65,00,73,00,74,\
00,73,00,20,00,51,00,75,00,65,00,75,00,65,00,64,00,2f,00,53,00,65,00,63,00,\
00,00,48,00,74,00,74,00,70,00,57,00,65,00,62,00,52,00,65,00,71,00,75,00,65,\
00,73,00,74,00,73,00,20,00,41,00,76,00,65,00,72,00,61,00,67,00,65,00,20,00,\
51,00,75,00,65,00,75,00,65,00,20,00,54,00,69,00,6d,00,65,00,00,00,48,00,74,\
00,74,00,70,00,57,00,65,00,62,00,52,00,65,00,71,00,75,00,65,00,73,00,74,00,\
73,00,20,00,41,00,76,00,65,00,72,00,61,00,67,00,65,00,20,00,51,00,75,00,65,\
00,75,00,65,00,20,00,54,00,69,00,6d,00,65,00,20,00,42,00,61,00,73,00,65,00,\
00,00,48,00,74,00,74,00,70,00,57,00,65,00,62,00,52,00,65,00,71,00,75,00,65,\
00,73,00,74,00,73,00,20,00,41,00,62,00,6f,00,72,00,74,00,65,00,64,00,2f,00,\
53,00,65,00,63,00,00,00,48,00,74,00,74,00,70,00,57,00,65,00,62,00,52,00,65,\
00,71,00,75,00,65,00,73,00,74,00,73,00,20,00,46,00,61,00,69,00,6c,00,65,00,\
64,00,2f,00,53,00,65,00,63,00,00,00,00,00
"Counter Types"=hex(7):36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,37,00,\
39,00,32,00,00,00,36,00,35,00,37,00,39,00,32,00,00,00,36,00,35,00,35,00,33,\
00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,34,00,31,00,39,00,35,00,\
33,00,32,00,38,00,00,00,31,00,30,00,37,00,33,00,38,00,37,00,34,00,31,00,37,\
00,36,00,00,00,31,00,30,00,37,00,33,00,39,00,33,00,39,00,34,00,35,00,38,00,\
00,00,34,00,31,00,39,00,35,00,33,00,32,00,38,00,00,00,31,00,30,00,37,00,33,\
00,38,00,37,00,34,00,31,00,37,00,36,00,00,00,31,00,30,00,37,00,33,00,39,00,\
33,00,39,00,34,00,35,00,38,00,00,00,34,00,31,00,39,00,35,00,33,00,32,00,38,\
00,00,00,34,00,31,00,39,00,35,00,33,00,32,00,38,00,00,00,00,00
"Library"="netfxperf.dll"
"Close"="ClosePerformanceData"
"Collect"="CollectPerformanceData"
"Open"="OpenPerformanceData"
"IsMultiInstance"=dword:00000001
"FileMappingSize"=dword:00020000
"CategoryOptions"=dword:00000003
"PerfIniFile"="_Networkingperfcounters.ini"
"Last Counter"=dword:000015e0
"Last Help"=dword:000015e1
"First Counter"=dword:000015c6
"First Help"=dword:000015c7
"Object List"="5574"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NET Data Provider for Oracle]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NET Data Provider for Oracle\Linkage]
"Export"="2e,00,4e,00,45,00,54,00,20,00,44,00,61,00,74,00,61,00,20,00,50,00,72,00,6f,00,76,00,69,00,64,00,65,00,72,00,20,00,66,00,6f,00,72,00,20,00,4f,00,72,00,61,00,63,00,6c,00,65,00,00,00,00,00"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NET Data Provider for Oracle\Performance]
"Close"="ClosePerformanceData"
"Counter Names"=hex:48,00,61,00,72,00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,\
00,74,00,73,00,50,00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,\
48,00,61,00,72,00,64,00,44,00,69,00,73,00,63,00,6f,00,6e,00,6e,00,65,00,63,\
00,74,00,73,00,50,00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,\
53,00,6f,00,66,00,74,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,73,00,50,\
00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,53,00,6f,00,66,00,\
74,00,44,00,69,00,73,00,63,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,73,00,50,\
00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,4e,00,75,00,6d,00,\
62,00,65,00,72,00,4f,00,66,00,4e,00,6f,00,6e,00,50,00,6f,00,6f,00,6c,00,65,\
00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,\
00,00,4e,00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,50,00,6f,00,6f,00,6c,\
00,65,00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,\
73,00,00,00,4e,00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,41,00,63,00,74,\
00,69,00,76,00,65,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,\
6e,00,50,00,6f,00,6f,00,6c,00,47,00,72,00,6f,00,75,00,70,00,73,00,00,00,4e,\
00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,49,00,6e,00,61,00,63,00,74,00,\
69,00,76,00,65,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,\
00,50,00,6f,00,6f,00,6c,00,47,00,72,00,6f,00,75,00,70,00,73,00,00,00,4e,00,\
75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,41,00,63,00,74,00,69,00,76,00,65,\
00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,50,00,6f,00,\
6f,00,6c,00,73,00,00,00,4e,00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,49,\
00,6e,00,61,00,63,00,74,00,69,00,76,00,65,00,43,00,6f,00,6e,00,6e,00,65,00,\
63,00,74,00,69,00,6f,00,6e,00,50,00,6f,00,6f,00,6c,00,73,00,00,00,4e,00,75,\
00,6d,00,62,00,65,00,72,00,4f,00,66,00,41,00,63,00,74,00,69,00,76,00,65,00,\
43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,4e,\
00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,46,00,72,00,65,00,65,00,43,00,\
6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,4e,00,75,\
00,6d,00,62,00,65,00,72,00,4f,00,66,00,53,00,74,00,61,00,73,00,69,00,73,00,\
43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,4e,\
00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,52,00,65,00,63,00,6c,00,61,00,\
69,00,6d,00,65,00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,\
00,6e,00,73,00,00,00,00,00
"IsMultiInstance"=dword:00000001
"Collect"="CollectPerformanceData"
"Open"="OpenPerformanceData"
"Library"="netfxperf.dll"
"Counter Types"=hex:32,00,37,00,32,00,36,00,39,00,36,00,33,00,32,00,30,00,00,\
00,32,00,37,00,32,00,36,00,39,00,36,00,33,00,32,00,30,00,00,00,32,00,37,00,\
32,00,36,00,39,00,36,00,33,00,32,00,30,00,00,00,32,00,37,00,32,00,36,00,39,\
00,36,00,33,00,32,00,30,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,\
35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,\
00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,\
35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,\
00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,\
33,00,36,00,00,00,00,00
"FileMappingSize"=dword:00020000
"CategoryOptions"=dword:00000003
"InstallType"=dword:00000001
"PerfIniFile"="_DataOracleClientPerfCounters_shared12_neutral_D.ini"
"First Counter"=dword:00001128
"Last Counter"=dword:00001144
"First Help"=dword:00001129
"Last Help"=dword:00001145
"Object List"="4392"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NET Data Provider for SqlServer]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NET Data Provider for SqlServer\Linkage]
"Export"="2e,00,4e,00,45,00,54,00,20,00,44,00,61,00,74,00,61,00,20,00,50,00,72,00,6f,00,76,00,69,00,64,00,65,00,72,00,20,00,66,00,6f,00,72,00,20,00,53,00,71,00,6c,00,53,00,65,00,72,00,76,00,65,00,72,00,00,00,00,00"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NET Data Provider for SqlServer\Performance]
"Open"="OpenPerformanceData"
"CategoryOptions"=dword:00000003
"Counter Names"=hex:48,00,61,00,72,00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,\
00,74,00,73,00,50,00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,\
48,00,61,00,72,00,64,00,44,00,69,00,73,00,63,00,6f,00,6e,00,6e,00,65,00,63,\
00,74,00,73,00,50,00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,\
53,00,6f,00,66,00,74,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,73,00,50,\
00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,53,00,6f,00,66,00,\
74,00,44,00,69,00,73,00,63,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,73,00,50,\
00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,4e,00,75,00,6d,00,\
62,00,65,00,72,00,4f,00,66,00,4e,00,6f,00,6e,00,50,00,6f,00,6f,00,6c,00,65,\
00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,\
00,00,4e,00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,50,00,6f,00,6f,00,6c,\
00,65,00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,\
73,00,00,00,4e,00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,41,00,63,00,74,\
00,69,00,76,00,65,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,\
6e,00,50,00,6f,00,6f,00,6c,00,47,00,72,00,6f,00,75,00,70,00,73,00,00,00,4e,\
00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,49,00,6e,00,61,00,63,00,74,00,\
69,00,76,00,65,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,\
00,50,00,6f,00,6f,00,6c,00,47,00,72,00,6f,00,75,00,70,00,73,00,00,00,4e,00,\
75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,41,00,63,00,74,00,69,00,76,00,65,\
00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,50,00,6f,00,\
6f,00,6c,00,73,00,00,00,4e,00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,49,\
00,6e,00,61,00,63,00,74,00,69,00,76,00,65,00,43,00,6f,00,6e,00,6e,00,65,00,\
63,00,74,00,69,00,6f,00,6e,00,50,00,6f,00,6f,00,6c,00,73,00,00,00,4e,00,75,\
00,6d,00,62,00,65,00,72,00,4f,00,66,00,41,00,63,00,74,00,69,00,76,00,65,00,\
43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,4e,\
00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,46,00,72,00,65,00,65,00,43,00,\
6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,4e,00,75,\
00,6d,00,62,00,65,00,72,00,4f,00,66,00,53,00,74,00,61,00,73,00,69,00,73,00,\
43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,4e,\
00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,52,00,65,00,63,00,6c,00,61,00,\
69,00,6d,00,65,00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,\
00,6e,00,73,00,00,00,00,00
"Close"="ClosePerformanceData"
"Library"="netfxperf.dll"
"Counter Types"=hex:32,00,37,00,32,00,36,00,39,00,36,00,33,00,32,00,30,00,00,\
00,32,00,37,00,32,00,36,00,39,00,36,00,33,00,32,00,30,00,00,00,32,00,37,00,\
32,00,36,00,39,00,36,00,33,00,32,00,30,00,00,00,32,00,37,00,32,00,36,00,39,\
00,36,00,33,00,32,00,30,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,\
35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,\
00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,\
35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,\
00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,\
33,00,36,00,00,00,00,00
"IsMultiInstance"=dword:00000001
"FileMappingSize"=dword:00020000
"Collect"="CollectPerformanceData"
"InstallType"=dword:00000001
"PerfIniFile"="_dataperfcounters_shared12_neutral_D.ini"
"First Counter"=dword:0000104c
"Last Counter"=dword:00001068
"First Help"=dword:0000104d
"Last Help"=dword:00001069
"Object List"="4172"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NETFramework]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\.NETFramework\Performance]
"Close"="CloseCtrs"
"Collect"="CollectCtrs"
"Open"="OpenCtrs"
"Library"="mscoree.dll"
"InstallType"=dword:00000001
"PerfIniFile"="corperfmonsymbols_D.ini"
"First Counter"=dword:00001078
"Last Counter"=dword:00001126
"First Help"=dword:00001079
"Last Help"=dword:00001127

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\1394ohci]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,31,00,33,00,39,00,34,00,6f,00,68,00,\
63,00,69,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="1394 OHCI Compliant Host Controller"
"DriverPackageId"="1394.inf_x86_neutral_3fdff0af299d9ddf"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\ACPI]
"Start"=dword:00000000
"Type"=dword:00000001
"ErrorControl"=dword:00000003
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,\
72,00,69,00,76,00,65,00,72,00,73,00,5c,00,41,00,43,00,50,00,49,00,2e,00,73,\
00,79,00,73,00,00,00
"DisplayName"="Microsoft ACPI Driver"
"Group"="Boot Bus Extender"
"DriverPackageId"="acpi.inf_x86_neutral_ddd3c514822f1b21"
"Tag"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\ACPI\Parameters]
"WHEAOSCImplemented"=hex:00,00,00,00
"AMLIMaxCTObjs"=hex:00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\ACPI\Parameters\WakeUp]
"FixedEventMask"=hex:20,05
"FixedEventStatus"=hex:00,80
"GenericEventMask"=hex:00,00,00,20
"GenericEventStatus"=hex:00,00,ff,fc

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\ACPI\Enum]
"0"="ACPI_HAL\\PNP0C08\\0"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AcpiPmi]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,61,00,63,00,70,00,69,00,70,00,6d,00,\
69,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="ACPI Power Meter Driver"
"DriverPackageId"="acpipmi.inf_x86_neutral_6d097192944e747a"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AdobeARMservice]
"Type"=dword:00000010
"Start"=dword:00000002
"ErrorControl"=dword:00000000
"ImagePath"=hex(2):22,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,\
6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,43,00,6f,00,6d,00,6d,00,6f,\
00,6e,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,64,00,6f,00,62,00,\
65,00,5c,00,41,00,52,00,4d,00,5c,00,31,00,2e,00,30,00,5c,00,61,00,72,00,6d,\
00,73,00,76,00,63,00,2e,00,65,00,78,00,65,00,22,00,00,00
"DisplayName"="Adobe Acrobat Update Service"
"ObjectName"="LocalSystem"
"Description"="Adobe Acrobat Updater keeps your Adobe software up to date."

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\adp94xx]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,61,00,64,00,70,00,39,00,34,00,78,00,\
78,00,2e,00,73,00,79,00,73,00,00,00
"Group"="SCSI Miniport"
"DriverPackageId"="adp94xx.inf_x86_neutral_4928c8870f6a1577"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\adp94xx\Parameters]
"BusType"=dword:00000008

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\adp94xx\Parameters\Device]
"DriverParameter"="DisableIoctl=1;"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\adp94xx\Parameters\PnpInterface]
"5"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\adpahci]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,61,00,64,00,70,00,61,00,68,00,63,00,\
69,00,2e,00,73,00,79,00,73,00,00,00
"Group"="SCSI Miniport"
"DriverPackageId"="adpahci.inf_x86_neutral_b082e95ec9f8c3f9"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\adpahci\Parameters]
"BusType"=dword:00000008

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\adpahci\Parameters\Device]
"DriverParameter"="DisableIoctl=1;"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\adpahci\Parameters\PnpInterface]
"5"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\adpu320]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,61,00,64,00,70,00,75,00,33,00,32,00,\
30,00,2e,00,73,00,79,00,73,00,00,00
"Group"="SCSI Miniport"
"DriverPackageId"="adpu320.inf_x86_neutral_4ea3d42a9839982a"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\adpu320\Parameters]
"BusType"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\adpu320\Parameters\Device]
"DriverParameter"="/MAXTAGS=64"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\adpu320\Parameters\PnpInterface]
"5"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\adsi]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\adsi\Cache]
"PerMachine"=dword:00000000

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\adsi\tracing]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AeLookupSvc]
"DisplayName"="@%SystemRoot%\\system32\\aelupsvc.dll,-1"
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"Description"="@%SystemRoot%\\system32\\aelupsvc.dll,-2"
"ObjectName"="localSystem"
"ErrorControl"=dword:00000001
"Start"=dword:00000003
"Type"=dword:00000020
"RequiredPrivileges"=hex(7):53,00,65,00,54,00,63,00,62,00,50,00,72,00,69,00,76,\
00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,\
72,00,73,00,6f,00,6e,00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,\
00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,60,ea,00,00,01,00,00,00,60,ea,00,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AeLookupSvc\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
61,00,65,00,6c,00,75,00,70,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,\
00
"ServiceDllUnloadOnStop"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AeLookupSvc\TriggerInfo]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AeLookupSvc\TriggerInfo\0]
"Type"=dword:00000014
"Action"=dword:00000001
"GUID"=hex:fd,a5,f4,18,3b,fd,a5,40,8f,c2,e5,d2,61,c5,d0,2e

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AERTFilters]
"Type"=dword:00000010
"Start"=dword:00000002
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,\
20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,52,00,65,00,61,00,6c,00,74,00,65,\
00,6b,00,5c,00,41,00,75,00,64,00,69,00,6f,00,5c,00,48,00,44,00,41,00,5c,00,\
41,00,45,00,52,00,54,00,53,00,72,00,76,00,2e,00,65,00,78,00,65,00,00,00
"DisplayName"="Andrea RT Filters Service"
"ObjectName"="LocalSystem"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AFD]
"BootFlags"=dword:00000001
"DisplayName"="@%systemroot%\\system32\\drivers\\afd.sys,-1000"
"Group"="PNP_TDI"
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,61,00,66,00,64,00,2e,00,73,00,79,00,\
73,00,00,00
"Description"="@%systemroot%\\system32\\drivers\\afd.sys,-1000"
"ErrorControl"=dword:00000001
"Start"=dword:00000001
"Type"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AFD\Parameters]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AFD\Enum]
"0"="Root\\LEGACY_AFD\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\agp440]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,61,00,67,00,70,00,34,00,34,00,30,00,\
2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Intel AGP Bus Filter"
"Group"="PnP Filter"
"DriverPackageId"="machine.inf_x86_neutral_65848c2d7375a720"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\agp440\Parameters]
"3D3D07A1"=hex:04,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aic78xx]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,64,00,6a,00,73,00,76,00,73,00,2e,00,\
73,00,79,00,73,00,00,00
"Group"="SCSI Miniport"
"DriverPackageId"="djsvs.inf_x86_neutral_836a3a3240941631"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aic78xx\Parameters]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aic78xx\Parameters\PnpInterface]
"5"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\ALG]
"DisplayName"="@%SystemRoot%\\system32\\Alg.exe,-112"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,61,\
00,6c,00,67,00,2e,00,65,00,78,00,65,00,00,00
"Description"="@%SystemRoot%\\system32\\Alg.exe,-113"
"ObjectName"="NT AUTHORITY\\LocalService"
"ErrorControl"=dword:00000001
"Start"=dword:00000003
"Type"=dword:00000010
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\
00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,53,00,65,00,43,00,72,00,65,00,61,00,74,00,65,00,47,00,6c,\
00,6f,00,62,00,61,00,6c,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,\
65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,\
00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,\
00,00
"FailureActions"=hex:84,03,00,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aliide]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000003
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,61,00,6c,00,69,00,69,00,64,00,65,00,\
2e,00,73,00,79,00,73,00,00,00
"Group"="System Bus Extender"
"DriverPackageId"="mshdc.inf_x86_neutral_f64b9c35a3a5be81"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\amdagp]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,61,00,6d,00,64,00,61,00,67,00,70,00,\
2e,00,73,00,79,00,73,00,00,00
"DisplayName"="AMD AGP Bus Filter Driver"
"Group"="PnP Filter"
"DriverPackageId"="machine.inf_x86_neutral_65848c2d7375a720"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\amdagp\Parameters]
"10DE002D"=hex:00,00,10,00,8f,fa,84,d5
"102B0525"=hex:00,00,10,00,8e,f8,83,a5
"53338A22"=hex:00,00,10,00,8e,f8,83,a5

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\amdide]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000003
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,61,00,6d,00,64,00,69,00,64,00,65,00,\
2e,00,73,00,79,00,73,00,00,00
"Group"="System Bus Extender"
"DriverPackageId"="mshdc.inf_x86_neutral_f64b9c35a3a5be81"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AmdK8]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,61,00,6d,00,64,00,6b,00,38,00,2e,00,\
73,00,79,00,73,00,00,00
"DisplayName"="AMD K8 Processor Driver"
"Group"="Extended Base"
"DriverPackageId"="cpu.inf_x86_neutral_729b871528391032"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AmdPPM]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,61,00,6d,00,64,00,70,00,70,00,6d,00,\
2e,00,73,00,79,00,73,00,00,00
"DisplayName"="AMD Processor Driver"
"Group"="Extended Base"
"DriverPackageId"="cpu.inf_x86_neutral_729b871528391032"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\amdsata]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,61,00,6d,00,64,00,73,00,61,00,74,00,\
61,00,2e,00,73,00,79,00,73,00,00,00
"Group"="SCSI miniport"
"DriverPackageId"="amdsata.inf_x86_neutral_fa9a4835d180b5fc"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\amdsata\Parameters]
"BusType"=dword:0000000b

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\amdsata\Parameters\Device]
"AmdSataFua"=dword:000000ff
"AmdSataChannelFlags"=dword:00000001
"AmdSataWMI"=dword:00000000
"AmdSataPassThru"=dword:00000001
"AmdSataPMDisabled"=dword:000000ff
"AmdSataCCC"=dword:0000003f
"AmdSataCCCTV"=dword:0000ffff
"AmdSataCCCCC"=dword:00000020
"EnableQueryAccessAlignment"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\amdsata\Parameters\PnpInterface]
"5"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\amdsbs]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,61,00,6d,00,64,00,73,00,62,00,73,00,\
2e,00,73,00,79,00,73,00,00,00
"Group"="SCSI Miniport"
"DriverPackageId"="amdsbs.inf_x86_neutral_5cae6933bef20aa8"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\amdsbs\Parameters]
"BusType"=dword:00000008

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\amdsbs\Parameters\PnpInterface]
"5"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\amdsbs\Settings]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\amdsbs\Settings\CAM]
"EnableALPEDisableHotplug"=dword:00000000
"EnableCCC"=dword:00000000
"CCCTimeoutValue"=dword:0000000a
"CCCCompletionValue"=dword:00000020
"NCQEnableDiskIDBits"=dword:00000000
"EnableHIPM"=dword:00000000
"EnableDIPM"=dword:00000000
"EnableHDDParking"=dword:00000001
"CAMTimeOutValue"=dword:00000005

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\amdxata]
"Start"=dword:00000000
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,\
72,00,69,00,76,00,65,00,72,00,73,00,5c,00,61,00,6d,00,64,00,78,00,61,00,74,\
00,61,00,2e,00,73,00,79,00,73,00,00,00
"Group"="SCSI miniport"
"DriverPackageId"="amdsata.inf_x86_neutral_fa9a4835d180b5fc"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AppID]
"DisplayName"="@%systemroot%\\system32\\appidsvc.dll,-102"
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,61,00,70,00,70,00,69,00,64,00,2e,00,\
73,00,79,00,73,00,00,00
"Description"="@%systemroot%\\system32\\appidsvc.dll,-103"
"ErrorControl"=dword:00000001
"Start"=dword:00000003
"Type"=dword:00000001
"DependOnService"=hex(7):46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,44,00,69,00,\
73,00,43,00,61,00,63,00,68,00,65,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AppID\Parameters]
"DebugFlags"=dword:00000000

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AppIDSvc]
"DisplayName"="@%systemroot%\\system32\\appidsvc.dll,-100"
"Group"="ProfSvc_Group"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,41,00,6e,00,64,00,4e,00,6f,00,49,00,6d,00,70,00,65,00,72,00,73,00,\
6f,00,6e,00,61,00,74,00,69,00,6f,00,6e,00,00,00
"Description"="@%systemroot%\\system32\\appidsvc.dll,-101"
"ObjectName"="NT Authority\\LocalService"
"ErrorControl"=dword:00000001
"Start"=dword:00000003
"Type"=dword:00000020
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,41,00,70,00,70,00,\
49,00,44,00,00,00,43,00,72,00,79,00,70,00,74,00,53,00,76,00,63,00,00,00,00,\
00
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\
00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AppIDSvc\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
61,00,70,00,70,00,69,00,64,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,\
00
"ServiceDllUnloadOnStop"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AppIDSvc\TriggerInfo]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AppIDSvc\TriggerInfo\0]
"Type"=dword:00000014
"Action"=dword:00000001
"GUID"=hex:27,9c,2a,d0,b8,79,d6,40,9b,97,cf,3f,8b,7b,5d,60

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\Appinfo]
"DisplayName"="@%systemroot%\\system32\\appinfo.dll,-100"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"Description"="@%systemroot%\\system32\\appinfo.dll,-101"
"ObjectName"="LocalSystem"
"ErrorControl"=dword:00000001
"Start"=dword:00000003
"Type"=dword:00000020
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,50,00,72,00,6f,00,\
66,00,53,00,76,00,63,00,00,00,00,00
"RequiredPrivileges"=hex(7):53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,50,\
00,72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,\
72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6e,\
00,63,00,72,00,65,00,61,00,73,00,65,00,51,00,75,00,6f,00,74,00,61,00,50,00,\
72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,54,00,63,\
00,62,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,\
65,00,42,00,61,00,63,00,6b,00,75,00,70,00,50,00,72,00,69,00,76,00,69,00,6c,\
00,65,00,67,00,65,00,00,00,53,00,65,00,52,00,65,00,73,00,74,00,6f,00,72,00,\
65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,\
00,44,00,65,00,62,00,75,00,67,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,53,00,65,00,41,00,75,00,64,00,69,00,74,00,50,00,72,00,69,\
00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,43,00,68,00,61,00,\
6e,00,67,00,65,00,4e,00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,\
00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,\
72,00,73,00,6f,00,6e,00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,\
00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:ff,ff,ff,ff,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\Appinfo\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
61,00,70,00,70,00,69,00,6e,00,66,00,6f,00,2e,00,64,00,6c,00,6c,00,00,00
"ServiceDllUnloadOnStop"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\Appinfo\Security]
"Security"=hex:01,00,14,80,a0,00,00,00,ac,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,70,00,05,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,\
00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,14,00,00,01,\
00,00,01,01,00,00,00,00,00,05,0b,00,00,00,01,01,00,00,00,00,00,05,12,00,00,\
00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\arc]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,61,00,72,00,63,00,2e,00,73,00,79,00,\
73,00,00,00
"Group"="SCSI Miniport"
"DriverPackageId"="arc.inf_x86_neutral_11b52dec8e94d9aa"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\arc\Parameters]
"BusType"=dword:00000008

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\arc\Parameters\PnpInterface]
"5"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\arcsas]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,61,00,72,00,63,00,73,00,61,00,73,00,\
2e,00,73,00,79,00,73,00,00,00
"Group"="SCSI miniport"
"DriverPackageId"="arcsas.inf_x86_neutral_c763887719bed95d"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\arcsas\Parameters]
"BusType"=dword:00000008

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\arcsas\Parameters\Device]
"NumberOfRequests"=dword:000000fe
"DriverParameter"="BLEDCheck=1"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\arcsas\Parameters\PnpInterface]
"5"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswFsBlk]
"Type"=dword:00000002
"Start"=dword:00000002
"ErrorControl"=dword:00000001
"DisplayName"="aswFsBlk"
"Group"="FSFilter Activity Monitor"
"DependOnService"=hex(7):46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,00,00
"Description"="avast! mini-filter driver (aswFsBlk)"
"Tag"=dword:00000002

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswFsBlk\Instances]
"DefaultInstance"="aswFsBlk Instance"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswFsBlk\Instances\aswFsBlk Instance]
"Altitude"="388400"
"Flags"=dword:00000000

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswFsBlk\Enum]
"0"="Root\\LEGACY_ASWFSBLK\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswMonFlt]
"Type"=dword:00000002
"Start"=dword:00000002
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,3f,00,3f,00,5c,00,43,00,3a,00,5c,00,57,00,69,00,6e,00,\
64,00,6f,00,77,00,73,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,\
00,5c,00,64,00,72,00,69,00,76,00,65,00,72,00,73,00,5c,00,61,00,73,00,77,00,\
4d,00,6f,00,6e,00,46,00,6c,00,74,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="aswMonFlt"
"Group"="FSFilter Anti-Virus"
"DependOnService"=hex(7):46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,00,00
"Description"="avast! mini-filter driver (aswMonFlt)"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswMonFlt\Instances]
"DefaultInstance"="aswMonFlt Instance"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswMonFlt\Instances\aswMonFlt Instance]
"Altitude"="320700"
"Flags"=dword:00000000

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswMonFlt\Enum]
"0"="Root\\LEGACY_ASWMONFLT\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswRdr]
"Type"=dword:00000001
"Start"=dword:00000001
"ErrorControl"=dword:00000001
"DisplayName"="aswRdr"
"Group"="PNP_TDI"
"DependOnService"=hex(7):74,00,63,00,70,00,69,00,70,00,00,00,00,00
"Description"="avast! TDI Redirect driver"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswRdr\Parameters]
"MSIgnoreLSPDefault"=""
"WSIgnoreLSPDefault"="nl_lsp.dll,imon.dll,xfire_lsp.dll,mslsp.dll,mssplsp.dll,cwhook.dll,spi.dll,bmnet.dll,winsflt.dll"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswRdr\Enum]
"0"="Root\\LEGACY_ASWRDR\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswSnx]
"Type"=dword:00000002
"Start"=dword:00000001
"ErrorControl"=dword:00000001
"DisplayName"="aswSnx"
"Group"="FSFilter Virtualization"
"DependOnService"=hex(7):46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,00,00
"Description"="avast! virtualization driver (aswSnx)"
"Tag"=dword:00000002

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswSnx\Instances]
"DefaultInstance"="aswSnx Instance"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswSnx\Instances\aswSnx Instance]
"Altitude"="137600"
"Flags"=dword:00000000

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswSnx\Parameters]
"ProgramFolder"="\\DosDevices\\C:\\Program Files\\AVAST Software\\Avast"
"DataFolder"="\\DosDevices\\C:\\ProgramData\\AVAST Software\\Avast"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswSnx\Enum]
"0"="Root\\LEGACY_ASWSNX\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswSP]
"Type"=dword:00000001
"Start"=dword:00000001
"ErrorControl"=dword:00000001
"DisplayName"="aswSP"
"Description"="avast! Self Protection"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswSP\Parameters]
"BehavShield"=dword:00000001
"ProgramFolder"="\\DosDevices\\C:\\Program Files\\AVAST Software\\Avast"
"DataFolder"="\\DosDevices\\C:\\ProgramData\\AVAST Software\\Avast"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswSP\Enum]
"0"="Root\\LEGACY_ASWSP\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswTdi]
"Type"=dword:00000001
"Start"=dword:00000001
"ErrorControl"=dword:00000001
"DisplayName"="avast! Network Shield Support"
"Group"="PNP_TDI"
"DependOnService"=hex(7):74,00,63,00,70,00,69,00,70,00,00,00,00,00
"Description"="avast! Network Shield TDI driver"
"Tag"=dword:0000000b

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\aswTdi\Enum]
"0"="Root\\LEGACY_ASWTDI\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AsyncMac]
"Type"=dword:00000001
"Start"=dword:00000003
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,61,00,73,00,79,00,6e,00,63,00,6d,\
00,61,00,63,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="@%systemroot%\\system32\\rascfg.dll,-32000"
"Description"="@%systemroot%\\system32\\rascfg.dll,-32000"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\atapi]
"Start"=dword:00000000
"Type"=dword:00000001
"ErrorControl"=dword:00000003
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,\
72,00,69,00,76,00,65,00,72,00,73,00,5c,00,61,00,74,00,61,00,70,00,69,00,2e,\
00,73,00,79,00,73,00,00,00
"DisplayName"="IDE Channel"
"Group"="SCSI Miniport"
"DriverPackageId"="mshdc.inf_x86_neutral_f64b9c35a3a5be81"
"Tag"=dword:00000021

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\atapi\Enum]
"0"="Root\\LEGACY_ATAPI\\0000"
"Count"=dword:00000005
"NextInstance"=dword:00000005
"1"="PCIIDE\\IDEChannel\\4&34f24b8b&0&0"
"2"="PCIIDE\\IDEChannel\\4&34f24b8b&0&1"
"3"="PCIIDE\\IDEChannel\\4&34f24b8b&0&2"
"4"="PCIIDE\\IDEChannel\\4&34f24b8b&0&3"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AudioEndpointBuilder]
"DisplayName"="@%SystemRoot%\\system32\\audiosrv.dll,-204"
"Group"="AudioGroup"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,79,00,73,00,74,00,65,00,6d,\
00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,52,00,65,00,73,00,74,00,72,00,\
69,00,63,00,74,00,65,00,64,00,00,00
"Description"="@%SystemRoot%\\System32\\audiosrv.dll,-205"
"ObjectName"="LocalSystem"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"Type"=dword:00000020
"DependOnService"=hex(7):50,00,6c,00,75,00,67,00,50,00,6c,00,61,00,79,00,00,00,\
00,00
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\
00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,60,ea,00,00,01,00,00,00,c0,d4,01,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AudioEndpointBuilder\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
41,00,75,00,64,00,69,00,6f,00,73,00,72,00,76,00,2e,00,64,00,6c,00,6c,00,00,\
00
"ServiceDllUnloadOnStop"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\Audiosrv]
"DisplayName"="@%SystemRoot%\\system32\\audiosrv.dll,-200"
"Group"="AudioGroup"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,52,00,65,00,73,00,74,00,\
72,00,69,00,63,00,74,00,65,00,64,00,00,00
"Description"="@%SystemRoot%\\System32\\audiosrv.dll,-201"
"ObjectName"="NT AUTHORITY\\LocalService"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"Type"=dword:00000020
"DependOnService"=hex(7):41,00,75,00,64,00,69,00,6f,00,45,00,6e,00,64,00,70,00,\
6f,00,69,00,6e,00,74,00,42,00,75,00,69,00,6c,00,64,00,65,00,72,00,00,00,52,\
00,70,00,63,00,53,00,73,00,00,00,4d,00,4d,00,43,00,53,00,53,00,00,00,00,00
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\
00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,\
00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
00,00,53,00,65,00,49,00,6e,00,63,00,72,00,65,00,61,00,73,00,65,00,57,00,6f,\
00,72,00,6b,00,69,00,6e,00,67,00,53,00,65,00,74,00,50,00,72,00,69,00,76,00,\
69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,60,ea,00,00,01,00,00,00,c0,d4,01,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\Audiosrv\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
41,00,75,00,64,00,69,00,6f,00,73,00,72,00,76,00,2e,00,64,00,6c,00,6c,00,00,\
00
"ServiceDllUnloadOnStop"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\avast! Antivirus]
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):22,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,\
6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,56,00,41,00,53,00,54,\
00,20,00,53,00,6f,00,66,00,74,00,77,00,61,00,72,00,65,00,5c,00,41,00,76,00,\
61,00,73,00,74,00,5c,00,41,00,76,00,61,00,73,00,74,00,53,00,76,00,63,00,2e,\
00,65,00,78,00,65,00,22,00,00,00
"DisplayName"="avast! Antivirus"
"Group"="ShellSvcGroup"
"DependOnService"=hex(7):61,00,73,00,77,00,4d,00,6f,00,6e,00,46,00,6c,00,74,00,\
00,00,52,00,70,00,63,00,53,00,53,00,00,00,00,00
"ObjectName"="LocalSystem"
"ServiceSidType"=dword:00000001
"Description"="Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler."
"FailureActions"=hex:10,0e,00,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,88,13,00,00,01,00,00,00,88,13,00,00,00,00,00,00,88,13,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AxInstSV]
"DisplayName"="@%SystemRoot%\\system32\\AxInstSV.dll,-103"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,41,00,78,00,49,00,6e,00,73,00,74,00,53,00,56,00,47,00,72,00,6f,\
00,75,00,70,00,00,00
"Start"=dword:00000003
"Type"=dword:00000020
"Description"="@%SystemRoot%\\system32\\AxInstSV.dll,-104"
"DependOnService"=hex(7):72,00,70,00,63,00,73,00,73,00,00,00,00,00
"ObjectName"="LocalSystem"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,50,\
00,72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,\
72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6e,\
00,63,00,72,00,65,00,61,00,73,00,65,00,51,00,75,00,6f,00,74,00,61,00,50,00,\
72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,54,00,63,\
00,62,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,\
65,00,42,00,61,00,63,00,6b,00,75,00,70,00,50,00,72,00,69,00,76,00,69,00,6c,\
00,65,00,67,00,65,00,00,00,53,00,65,00,52,00,65,00,73,00,74,00,6f,00,72,00,\
65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,\
00,41,00,75,00,64,00,69,00,74,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,00,6f,\
00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,\
65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,\
00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,\
00,00
"FailureActions"=hex:84,03,00,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\AxInstSV\Parameters]
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
41,00,78,00,49,00,6e,00,73,00,74,00,53,00,56,00,2e,00,64,00,6c,00,6c,00,00,\
00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\b06bdrv]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,62,00,78,00,76,00,62,00,64,00,78,00,\
2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Broadcom NetXtreme II VBD"
"Group"="base"
"DriverPackageId"="netbvbdx.inf_x86_neutral_6d29499ebc7c7338"
"BootFlags"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\b57nd60x]
"Type"=dword:00000001
"Start"=dword:00000003
"ErrorControl"=dword:00000001
"Tag"=dword:00000011
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,62,00,35,00,37,00,6e,00,64,00,36,\
00,30,00,78,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0"
"Group"="NDIS"
"NdisMajorVersion"=dword:00000006
"NdisMinorVersion"=dword:00000014
"BootFlags"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BattC]
"MofImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,\
00,72,00,69,00,76,00,65,00,72,00,73,00,5c,00,62,00,61,00,74,00,74,00,63,00,\
2e,00,73,00,79,00,73,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BBSvc]
"Type"=dword:00000010
"Start"=dword:00000002
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):22,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,\
6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,4d,00,69,00,63,00,72,00,6f,\
00,73,00,6f,00,66,00,74,00,5c,00,42,00,69,00,6e,00,67,00,42,00,61,00,72,00,\
5c,00,42,00,42,00,53,00,76,00,63,00,2e,00,45,00,58,00,45,00,22,00,00,00
"DisplayName"="Bing Bar Update Service"
"ObjectName"="LocalSystem"
"Description"="Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar."

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BBUpdate]
"Type"=dword:00000010
"Start"=dword:00000002
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):22,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,\
6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,4d,00,69,00,63,00,72,00,6f,\
00,73,00,6f,00,66,00,74,00,5c,00,42,00,69,00,6e,00,67,00,42,00,61,00,72,00,\
5c,00,53,00,65,00,61,00,50,00,6f,00,72,00,74,00,2e,00,45,00,58,00,45,00,22,\
00,00,00
"DisplayName"="BBUpdate"
"ObjectName"="LocalSystem"
"Description"="Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar."

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BDESVC]
"DisplayName"="@%SystemRoot%\\system32\\bdesvc.dll,-100"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"Start"=dword:00000003
"Type"=dword:00000020
"Description"="@%SystemRoot%\\system32\\bdesvc.dll,-101"
"ObjectName"="localSystem"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\
00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,\
00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
00,00,00,00
"FailureActions"=hex:84,03,00,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,60,ea,00,00,01,00,00,00,60,ea,00,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BDESVC\Parameters]
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
62,00,64,00,65,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BDESVC\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,00,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,60,00,04,00,00,00,00,00,14,00,ff,00,0e,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,00,0e,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,18,00,9d,00,02,00,01,02,00,00,00,00,00,05,20,00,00,00,21,\
02,00,00,00,00,14,00,9d,00,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,01,01,\
00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BDESVC\State]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BDESVC\TriggerInfo]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BDESVC\TriggerInfo\0]
"Type"=dword:00000014
"Action"=dword:00000001
"GUID"=hex:57,e1,6a,9e,f7,d9,e5,47,8c,6d,b1,7b,b6,c8,2a,27

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\Beep]
"DisplayName"="Beep"
"Group"="Base"
"ErrorControl"=dword:00000001
"Start"=dword:00000001
"Tag"=dword:00000002
"Type"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\Beep\Enum]
"0"="Root\\LEGACY_BEEP\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BFE]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BFE\Parameters]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BFE\Parameters\Policy]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BFE\Parameters\Policy\BootTime]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BFE\Parameters\Policy\BootTime\Filter]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BFE\Parameters\Policy\Persistent]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BFE\Parameters\Policy\Persistent\Filter]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BFE\Parameters\Policy\Persistent\Provider]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BFE\Parameters\Policy\Persistent\SubLayer]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BITS]
"DisplayName"="@%SystemRoot%\\system32\\qmgr.dll,-1000"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"Description"="@%SystemRoot%\\system32\\qmgr.dll,-1001"
"ObjectName"="LocalSystem"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"DelayedAutoStart"=dword:00000001
"Type"=dword:00000020
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,45,00,76,00,65,00,\
6e,00,74,00,53,00,79,00,73,00,74,00,65,00,6d,00,00,00,00,00
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,72,00,65,00,61,00,74,00,65,00,47,\
00,6c,00,6f,00,62,00,61,00,6c,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,\
00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
00,00,53,00,65,00,54,00,63,00,62,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,\
00,67,00,65,00,00,00,53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,50,00,\
72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,72,\
00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6e,00,\
63,00,72,00,65,00,61,00,73,00,65,00,51,00,75,00,6f,00,74,00,61,00,50,00,72,\
00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,60,ea,00,00,01,00,00,00,c0,d4,01,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BITS\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
71,00,6d,00,67,00,72,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BITS\Performance]
"Library"="bitsperf.dll"
"Open"="PerfMon_Open"
"Collect"="PerfMon_Collect"
"Close"="PerfMon_Close"
"InstallType"=dword:00000001
"PerfIniFile"="bitsctrs.ini"
"First Counter"=dword:000007d2
"Last Counter"=dword:000007e2
"First Help"=dword:000007d3
"Last Help"=dword:000007e3
"Object List"="2002"
"PerfMMFileName"="Global\\MMF_BITS_s"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BITS\Security]
"Security"=hex:01,00,14,80,90,00,00,00,a0,00,00,00,14,00,00,00,34,00,00,00,02,\
00,20,00,01,00,00,00,02,c0,18,00,00,00,0c,00,01,02,00,00,00,00,00,05,20,00,\
00,00,20,02,00,00,02,00,5c,00,04,00,00,00,00,02,14,00,ff,01,0f,00,01,01,00,\
00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,\
20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,04,\
00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,01,02,\
00,00,00,00,00,05,20,00,00,00,20,02,00,00,01,02,00,00,00,00,00,05,20,00,00,\
00,20,02,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\blbdrive]
"Start"=dword:00000001
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,62,00,6c,00,62,00,64,00,72,00,69,00,\
76,00,65,00,2e,00,73,00,79,00,73,00,00,00
"DriverPackageId"="blbdrive.inf_x86_neutral_1aa816fe7dc98c3f"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\blbdrive\Enum]
"0"="Root\\blbdrive\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\bowser]
"DisplayName"="@%systemroot%\\system32\\browser.dll,-102"
"Group"="Network"
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,62,00,6f,00,77,00,73,00,65,00,72,\
00,2e,00,73,00,79,00,73,00,00,00
"Description"="@%systemroot%\\system32\\browser.dll,-103"
"ErrorControl"=dword:00000001
"Start"=dword:00000003
"Tag"=dword:00000005
"Type"=dword:00000002

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\bowser\Enum]
"0"="Root\\LEGACY_BOWSER\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BrFiltLo]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,42,00,72,00,46,00,69,00,6c,00,74,00,\
4c,00,6f,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Brother USB Mass-Storage Lower Filter Driver"
"Group"="extended base"
"DriverPackageId"="brmfcsto.inf_x86_neutral_39ae61431a44cded"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BrFiltLo\Parameters]
"AdapterSettings"="/GR=OFF /TO=10 /OW=30"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BrFiltUp]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,42,00,72,00,46,00,69,00,6c,00,74,00,\
55,00,70,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Brother USB Mass-Storage Upper Filter Driver"
"Group"="extended base"
"DriverPackageId"="brmfcsto.inf_x86_neutral_39ae61431a44cded"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\Browser]
"DisplayName"="@%systemroot%\\system32\\browser.dll,-100"
"Group"="NetworkProvider"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"Description"="@%systemroot%\\system32\\browser.dll,-101"
"ObjectName"="LocalSystem"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"Type"=dword:00000020
"DependOnService"=hex(7):4c,00,61,00,6e,00,6d,00,61,00,6e,00,57,00,6f,00,72,00,\
6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,6e,00,00,00,4c,00,61,00,6e,00,6d,\
00,61,00,6e,00,53,00,65,00,72,00,76,00,65,00,72,00,00,00,00,00
"FailureActions"=hex:84,03,00,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\Browser\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
62,00,72,00,6f,00,77,00,73,00,65,00,72,00,2e,00,64,00,6c,00,6c,00,00,00
"ServiceDllUnloadOnStop"=dword:00000001
"MaintainServerList"="Auto"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\Browser\TriggerInfo]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\Browser\TriggerInfo\0]
"Type"=dword:00000004
"Action"=dword:00000001
"GUID"=hex:07,9e,56,b7,21,84,e0,4e,ad,10,86,91,5a,fd,ad,09
"Data0"=hex:31,00,33,00,39,00,00,00,54,00,43,00,50,00,00,00,53,00,79,00,73,00,\
74,00,65,00,6d,00,00,00,00,00
"DataType0"=dword:00000002
"Data1"=hex:31,00,33,00,37,00,00,00,55,00,44,00,50,00,00,00,53,00,79,00,73,00,\
74,00,65,00,6d,00,00,00,00,00
"DataType1"=dword:00000002
"Data2"=hex:31,00,33,00,38,00,00,00,55,00,44,00,50,00,00,00,53,00,79,00,73,00,\
74,00,65,00,6d,00,00,00,00,00
"DataType2"=dword:00000002

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\Browser\TriggerInfo\1]
"Type"=dword:00000004
"Action"=dword:00000002
"GUID"=hex:38,ed,44,a1,12,8e,e4,4d,9d,96,e6,47,40,b1,a5,24
"Data0"=hex:31,00,33,00,39,00,00,00,54,00,43,00,50,00,00,00,53,00,79,00,73,00,\
74,00,65,00,6d,00,00,00,00,00
"DataType0"=dword:00000002
"Data1"=hex:31,00,33,00,37,00,00,00,55,00,44,00,50,00,00,00,53,00,79,00,73,00,\
74,00,65,00,6d,00,00,00,00,00
"DataType1"=dword:00000002
"Data2"=hex:31,00,33,00,38,00,00,00,55,00,44,00,50,00,00,00,53,00,79,00,73,00,\
74,00,65,00,6d,00,00,00,00,00
"DataType2"=dword:00000002

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\Brserid]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,42,00,72,00,73,00,65,00,72,00,69,00,\
64,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Brother MFC Serial Port Interface Driver (WDM)"
"DriverPackageId"="brmfport.inf_x86_neutral_401d08f12a7f8ee1"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BrSerWdm]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,42,00,72,00,53,00,65,00,72,00,57,00,\
64,00,6d,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Brother WDM Serial driver"
"DriverPackageId"="brmfport.inf_x86_neutral_401d08f12a7f8ee1"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BrUsbMdm]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,42,00,72,00,55,00,73,00,62,00,4d,00,\
64,00,6d,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Brother MFC USB Fax Only Modem"
"DriverPackageId"="brmfcumd.inf_x86_neutral_e78e46b32f6347a3"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BrUsbSer]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,42,00,72,00,55,00,73,00,62,00,53,00,\
65,00,72,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Brother MFC USB Serial WDM Driver"
"DriverPackageId"="brmfport.inf_x86_neutral_401d08f12a7f8ee1"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BthEnum]
"Type"=dword:00000001
"Start"=dword:00000003
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,42,00,74,00,68,00,45,00,6e,00,75,00,\
6d,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Bluetooth Request Block Driver"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHMODEM]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,62,00,74,00,68,00,6d,00,6f,00,64,00,\
65,00,6d,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Bluetooth Serial Communications Driver"
"DriverPackageId"="bthspp.inf_x86_neutral_c702854f7c2d88b2"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BthPan]
"Type"=dword:00000001
"Start"=dword:00000003
"ErrorControl"=dword:00000001
"Tag"=dword:00000016
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,62,00,74,00,68,00,70,00,61,00,6e,\
00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Bluetooth Device (Personal Area Network)"
"Group"="NDIS"
"Description"="Bluetooth Device (Personal Area Network)"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT]
"Type"=dword:00000001
"Start"=dword:00000003
"ErrorControl"=dword:00000001
"Tag"=dword:00000007
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,42,00,54,00,48,00,70,00,6f,00,72,00,\
74,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Bluetooth Port Driver"
"Group"="PNP Filter"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters]
"Slave Role COD Masks"=hex:00,00,1f,00,00,00,04,00,00,20,00,00,00,20,00,00,00,\
04,00,00,00,04,00,00
"SecurityLevel"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\Devices]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\ExceptionDB]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\ExceptionDB\VidPids]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\ExceptionDB\VidPids\1045e_007c]
"Flag"=dword:0000000c

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\ExceptionDB\VidPids\2045e_0098]
"Flag"=dword:0000000c

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\ExceptionDB\VidPids\2045e_0701]
"Flag"=dword:0000000c

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\ExceptionDB\VidPids\2045e_0702]
"Flag"=dword:0000000c

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\ExceptionDB\VidPids\20471_206b]
"Flag"=dword:00000010

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\ExceptionDB\VidPids\20a5c_0001]
"Flag"=dword:0000000c

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\LocalServices]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\LocalServices\{00001101-0000-1000-8000-00805f9b34fb}]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\PerDevices]
@=""

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\PnpId]
"RFCOMM"="MS_RFCOMM"
"BTHBRB"="MS_BTHBRB"
"BTHPAN"="MS_BTHPAN"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\Restrictions]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\Restrictions\COD Major 05 Minor 10]
"DontAddIncomingSPPInWizard"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\Restrictions\COD Major 05 Minor 20]
"DontAddIncomingSPPInWizard"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\Restrictions\COD Major 05 Minor 30]
"DontAddIncomingSPPInWizard"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\Restrictions\COD Major 06 Minor 20]
"DontAddIncomingSPPInWizard"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\ServiceGroups]
"MonoAudio"=hex(7):7b,00,30,00,30,00,30,00,30,00,31,00,31,00,31,00,65,00,2d,00,\
30,00,30,00,30,00,30,00,2d,00,31,00,30,00,30,00,30,00,2d,00,38,00,30,00,30,\
00,30,00,2d,00,30,00,30,00,38,00,30,00,35,00,66,00,39,00,62,00,33,00,34,00,\
66,00,62,00,7d,00,00,00,7b,00,30,00,30,00,30,00,30,00,31,00,31,00,30,00,38,\
00,2d,00,30,00,30,00,30,00,30,00,2d,00,31,00,30,00,30,00,30,00,2d,00,38,00,\
30,00,30,00,30,00,2d,00,30,00,30,00,38,00,30,00,35,00,66,00,39,00,62,00,33,\
00,34,00,66,00,62,00,7d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\Services]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\Services\{00001000-0000-1000-8000-00805f9b34fb}]
"SecurityFlags"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\Services\{00001115-0000-1000-8000-00805f9b34fb}]
"SecurityFlags"=dword:00000002

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\SupportedServices]
"{00001124-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{00001126-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{00001103-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{00001101-0000-1000-8000-00805f9b34fb}"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHPORT\Parameters\UnsupportedServices]
"{00001200-0000-1000-8000-00805F9B34FB}"=dword:00000001
"{00001000-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{00001001-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{00001002-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{00001115-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{00001105-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{00001106-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{00001107-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{00001116-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{00001117-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{0000110a-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{0000110C-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{00001112-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{0000111f-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{00001104-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{0000112d-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{0000112e-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{0000112f-0000-1000-8000-00805f9b34fb}"=dword:00000001
"{00001111-0000-1000-8000-00805f9b34fb}"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\bthserv]
"DisplayName"="@%SystemRoot%\\System32\\bthserv.dll,-101"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,62,00,74,00,68,00,73,00,76,00,63,00,73,00,00,00
"Start"=dword:00000003
"Type"=dword:00000020
"Description"="@%SystemRoot%\\System32\\bthserv.dll,-102"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00
"ObjectName"="NT AUTHORITY\\LocalService"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\
00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,53,00,65,00,43,00,72,00,65,00,61,00,74,00,65,00,47,00,6c,\
00,6f,00,62,00,61,00,6c,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,\
65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,\
00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,\
00,00
"FailureActions"=hex:84,03,00,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\bthserv\Parameters]
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
62,00,74,00,68,00,73,00,65,00,72,00,76,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\bthserv\Parameters\BluetoothControlPanelTasks]
"State"=dword:00000000

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\bthserv\TriggerInfo]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\bthserv\TriggerInfo\0]
"Type"=dword:00000001
"Action"=dword:00000001
"GUID"=hex:2a,30,50,08,44,b3,da,4f,9b,e9,90,57,6b,8d,46,f0

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\BTHUSB]
"Type"=dword:00000001
"Start"=dword:00000003
"ErrorControl"=dword:00000001
"Tag"=dword:00000006
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,42,00,54,00,48,00,55,00,53,00,42,00,\
2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Bluetooth Radio USB Driver"
"Group"="PNP Filter"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\cdfs]
"DisplayName"="CD/DVD File System Reader"
"Group"="Boot File System"
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,63,00,64,00,66,00,73,00,2e,00,73,\
00,79,00,73,00,00,00
"Description"="ISO9660/Joliet File System Reader for CD/DVDs. (Core) (All pieces)"
"ErrorControl"=dword:00000001
"Start"=dword:00000004
"Type"=dword:00000002
"DependOnGroup"=hex(7):53,00,43,00,53,00,49,00,20,00,43,00,44,00,52,00,4f,00,\
4d,00,20,00,43,00,6c,00,61,00,73,00,73,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\cdfs\Enum]
"0"="Root\\LEGACY_CDFS\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\cdrom]
"Start"=dword:00000001
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,63,00,64,00,72,00,6f,00,6d,00,2e,00,\
73,00,79,00,73,00,00,00
"Group"="SCSI CDROM Class"
"DriverPackageId"="cdrom.inf_x86_neutral_db87d184bc84f910"
"AutoRun"=dword:00000001
"AutoRunAlwaysDisable"=hex(7):4e,00,45,00,43,00,20,00,20,00,20,00,20,00,20,00,\
4d,00,42,00,52,00,2d,00,37,00,20,00,20,00,20,00,00,00,4e,00,45,00,43,00,20,\
00,20,00,20,00,20,00,20,00,4d,00,42,00,52,00,2d,00,37,00,2e,00,34,00,20,00,\
00,00,50,00,49,00,4f,00,4e,00,45,00,45,00,52,00,20,00,43,00,48,00,41,00,4e,\
00,47,00,52,00,20,00,44,00,52,00,4d,00,2d,00,31,00,38,00,30,00,34,00,58,00,\
00,00,50,00,49,00,4f,00,4e,00,45,00,45,00,52,00,20,00,43,00,44,00,2d,00,52,\
00,4f,00,4d,00,20,00,44,00,52,00,4d,00,2d,00,36,00,33,00,32,00,34,00,58,00,\
00,00,50,00,49,00,4f,00,4e,00,45,00,45,00,52,00,20,00,43,00,44,00,2d,00,52,\
00,4f,00,4d,00,20,00,44,00,52,00,4d,00,2d,00,36,00,32,00,34,00,58,00,20,00,\
00,00,54,00,4f,00,52,00,69,00,53,00,41,00,4e,00,20,00,43,00,44,00,2d,00,52,\
00,4f,00,4d,00,20,00,43,00,44,00,52,00,5f,00,43,00,33,00,36,00,00,00,00,00
"Tag"=dword:00000003
"DisplayName"="CD-ROM Driver"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\cdrom\Parameters]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\\cdrom\Enum]
"Count"=dword:00000000
"NextInstance"=dword:00000000
"INITSTARTFAILED"=dword:00000001
ejames82
Regular Member
 
Posts: 54
Joined: December 2nd, 2007, 4:34 pm
Location: syracuse, new york

Re: mouse trap. more windows than one can close

Unread postby ejames82 » February 13th, 2012, 4:20 pm

torreattack,

are you sure you want the FSS.exe copied and pasted? it is your good forum and I will comply, but this file is going to be perhaps twenty to thirty replies alone, maybe even more. It is monstrous in size. first I tried submitting the whole thing and obviously was not allowed to do so. then tried less and less, until I found an acceptable amount and there is still an unbelieveable amount of file left. maybe something went wrong (or maybe I did something wrong, but I doubt it because I followed your instructions to a tee) and what I have is not what I should have, and that's why I am bringing it to your attention at this time. you have a portion of it already.
Is an attachment never allowed?

anyway, I will happily await your response before going further. :)
ejames82
Regular Member
 
Posts: 54
Joined: December 2nd, 2007, 4:34 pm
Location: syracuse, new york

Re: mouse trap. more windows than one can close

Unread postby torreattack » February 15th, 2012, 5:27 am

Hi ejames82 :

We have reach a stage where I can say that your computer is free from malware, but unfortunately the later logs showed that there are some issues with some important and critical services.

Since many services are "customised" to the particular computer they are installed on and it is too complex to restore them manually, my suggestion is to reinstall Windows.

That way, we could be sure the computer will be secure as any misconfiguration when trying to fix the services will cause security vulnerabilities.

If you need help to reinstall Windows, just let me know.


Sorry, :oops:
torreattack
torreattack
Retired Graduate
 
Posts: 940
Joined: July 27th, 2008, 1:36 am
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: random/random and 67 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware