Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Winantispyware/virtumonde


  • Please log in to reply
9 replies to this topic

#1 raerae

raerae

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 17 August 2007 - 07:24 PM

I ran SpyBot and there was a file it could not delete.

C:\Windows\system32\ssttt.dll

Also I ran hijack this...here's my log. Can someone please help me identify any problems and assist me in correcting.

This all started as a result of Winantispyware installing itself on my computer. I deleted it via the control panel and am trying to ensure that it doesn't resurface. Also, Spybot detected Virtumonde. Hope this post isn't all over the place. Thanks for any help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:15:13 PM, on 8/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MSN\howykow22011.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Raven\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.houstonisd.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [{2B-B9-9C-C4-ZN}] C:\DOCUME~1\Raven\LOCALS~1\Temp\thinksnet.exe CHD003
O4 - HKLM\..\Run: [howykow] C:\Program Files\MSN\howykow22011.exe
O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "C:\WINDOWS\system32\aeucsulo.dll",forkonce
O4 - HKLM\..\RunOnce: [SpybotDeletingA9712] command /c del "C:\WINDOWS\system32\ssttt.dll_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingC229] cmd /c del "C:\WINDOWS\system32\ssttt.dll_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB3318] command /c del "C:\WINDOWS\system32\ssttt.dll_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingD103] cmd /c del "C:\WINDOWS\system32\ssttt.dll_tobedeleted"
O4 - Startup: TA_Start.lnk = C:\Documents and Settings\Raven\Local Settings\Temp\thinksnet.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\MSN Gaming Zone\prokyc.html

--
End of file - 8056 bytes

BC AdBot (Login to Remove)

 


#2 Nuppi

Nuppi

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:10:15 PM

Posted 18 August 2007 - 03:20 AM

Hi raerae,

and welcome Bleeping computer.

I'm Nuppi and i'll help you to get rid off vundo.

1. Please rename hijackthis.exe to scanner.exe

2.
Please download VundoFix.exe to your desktop.
  • And VirtumundoBegone and save it to your desktop.

    3.
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log.
Important note -- It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.




4. Now reboot into Safe Mode.

4.1. This can be done tapping the F8 key as soon as you start your computer

4.2. You will be brought to a menu where you can choose to boot into safe mode.

4.3. Select safe mode with networking using your arrow keys on the keyboard and then press enter.

4.4. When you computer reaches the desktop make sure you log in as the same user which you had performed the previous steps,

5. Once you are logged into safe mode, double-click VirtumundoBeGone.exe file you just downloaded and follow the instructions.

6. Exit when it has finished, and reboot back to normal mode.

virtumundobecone makes VBG.TXT to your desktop.

Please add its text to your reply.

Please send follows:

A fresh hijackthis log (scanner)
vundofix.txt
VBG.TXT
Hi there :D
Posted Image

#3 raerae

raerae
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 18 August 2007 - 08:26 AM

Thank you for replying!

Here is the information you requested.


VBG.TXT
[08/18/2007, 8:16:04] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Raven\Desktop\VirtumundoBeGone.exe" )
[08/18/2007, 8:16:07] - Detected System Information:
[08/18/2007, 8:16:07] - Windows Version: 5.1.2600, Service Pack 2
[08/18/2007, 8:16:07] - Current Username: Raven (Admin)
[08/18/2007, 8:16:08] - Windows is in SAFE mode.
[08/18/2007, 8:16:08] - Searching for Browser Helper Objects:
[08/18/2007, 8:16:08] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[08/18/2007, 8:16:08] - BHO 2: {27ECD6A2-68B2-477C-A7EA-3A12863BEBDF} ()
[08/18/2007, 8:16:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/18/2007, 8:16:08] - Checking for HKLM\...\Winlogon\Notify\ssttt
[08/18/2007, 8:16:08] - Key not found: HKLM\...\Winlogon\Notify\ssttt, continuing.
[08/18/2007, 8:16:08] - BHO 3: {5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
[08/18/2007, 8:16:08] - BHO 4: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[08/18/2007, 8:16:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/18/2007, 8:16:08] - No filename found. Continuing.
[08/18/2007, 8:16:08] - BHO 5: {AB9D3341-2267-4E67-53B1-30ED43859B35} ()
[08/18/2007, 8:16:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/18/2007, 8:16:08] - Checking for HKLM\...\Winlogon\Notify\labun545
[08/18/2007, 8:16:08] - Key not found: HKLM\...\Winlogon\Notify\labun545, continuing.
[08/18/2007, 8:16:08] - Finished Searching Browser Helper Objects
[08/18/2007, 8:16:08] - Finishing up...
[08/18/2007, 8:16:08] - Nothing found! Exiting...


Vundofix.txt

VundoFix V6.5.7

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Scan started at 5:36:58 PM 8/17/2007

Listing files found while scanning....

C:\windows\system32\gebcawt.dll
C:\windows\system32\ssqnmjg.dll
C:\WINDOWS\system32\ssttt.dll
C:\WINDOWS\system32\tttss.bak1
C:\WINDOWS\system32\tttss.ini

Beginning removal...

Attempting to delete C:\windows\system32\gebcawt.dll
C:\windows\system32\gebcawt.dll Has been deleted!

Attempting to delete C:\windows\system32\ssqnmjg.dll
C:\windows\system32\ssqnmjg.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ssttt.dll
C:\WINDOWS\system32\ssttt.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\tttss.bak1
C:\WINDOWS\system32\tttss.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\tttss.ini
C:\WINDOWS\system32\tttss.ini Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.5.7

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Scan started at 5:40:48 PM 8/17/2007

Listing files found while scanning....

No infected files were found.


VundoFix V6.5.7

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Scan started at 8:09:27 AM 8/18/2007

Listing files found while scanning....

C:\windows\system32\aeucsulo.dll
C:\WINDOWS\system32\gakmkipa.dll
C:\WINDOWS\system32\oluscuea.ini
C:\WINDOWS\system32\ssttt.dll

Beginning removal...

Attempting to delete C:\windows\system32\aeucsulo.dll
C:\windows\system32\aeucsulo.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\gakmkipa.dll
C:\WINDOWS\system32\gakmkipa.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\oluscuea.ini
C:\WINDOWS\system32\oluscuea.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ssttt.dll
C:\WINDOWS\system32\ssttt.dll Has been deleted!

Performing Repairs to the registry.
Done!

Hijackthis Log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:25:34 AM, on 8/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MSN\howykow22011.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Raven\Desktop\scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.houstonisd.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {27ECD6A2-68B2-477C-A7EA-3A12863BEBDF} - C:\WINDOWS\system32\ssttt.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: 0 - {AB9D3341-2267-4E67-53B1-30ED43859B35} - C:\Program Files\MSN Gaming Zone\labun545.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [{2B-B9-9C-C4-ZN}] C:\DOCUME~1\Raven\LOCALS~1\Temp\thinksnet.exe CHD003
O4 - HKLM\..\Run: [howykow] C:\Program Files\MSN\howykow22011.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: TA_Start.lnk = C:\Documents and Settings\Raven\Local Settings\Temp\thinksnet.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\MSN Gaming Zone\prokyc.html

--
End of file - 8173 bytes

Edited by raerae, 18 August 2007 - 08:26 AM.


#4 Nuppi

Nuppi

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:10:15 PM

Posted 18 August 2007 - 10:44 AM

Hi it's gone :D

Please Disable teatimer:

Spybot S&D (Teatimer)

1. Run Spybot-S&D in Advanced Mode.
2. If it is not already set to do this Go to the Mode menu select "Advanced Mode"
3. On the left hand side, Click on Tools
4. Then click on the Resident Icon in the List
5. Uncheck "Resident TeaTimer" and OK any prompts.
6. Restart your computer.



However, you do not have a software Firewall on your computer, please download one of the following - they are Free!.

Comodo
Zone Alarm
Sunbelt Kerio PF
Outpost Firewall

Firewalls provide protection against outside attackers by shielding your computer or network from malicious or unnecessary Internet traffic.

We do not recommend using Microsoft's built-in Firewall in XP SP2 as it only blocks incoming traffic and not outgoing.
This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at any time.


=====

Getting an Anti-Virus program!

Just like a Firewall is important for blocking malicious and unnecessary traffic, an Anti-Virus program is important for detecting and removing Viruses, Trojans and Worms.

However, if you do not wish to pay for an Anti-Virus program, there are free ones available. Please choose one Free Anti-Virus program below:

AntiVir
AVG Free Edition
avast! 4 Home Edition

=====

Download ATF-Cleaner by Atribune to your desktop.

Run ATF Cleaner Under Main choose: Select All
Click the Empty Selected button.

If you use Firefox browser Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.



Please download AVG Anti-Spyware to your Desktop or to your usual Download Folder.
http://www.ewido.net/en/download/
  • Install AVG Anti-Spyware by double clicking the installer.
  • Follow the prompts. Make sure that Launch AVG Anti-Spyware is checked.
  • On the main screen under Your Computer's security.
    • Click on Change state next to Resident shield. It should now change to inactive.
    • Click on Change state next to Automatic updates. It should now change to inactive.
    • Next to Last Update, click on Update now. (You will need an active internet connection to perform this)
    • Wait until you see the Update succesfull message.
  • Right-click the AVG Anti-Spyware Tray Icon and uncheck Start with Windows.
  • Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
If you are having problems with the updater, you can use this link to manually update ewido.
AVG Anti-Spyware manual updates.
Download the Full database to your Desktop or to your usual Download Folder and install it by double clicking the file. Make sure that AVG Anti-Spyware is closed before installing the update. Do not scan yet. Close Avg antispyware.

Run hijackthis and check :

O2 - BHO: (no name) - {27ECD6A2-68B2-477C-A7EA-3A12863BEBDF} - C:\WINDOWS\system32\ssttt.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [{2B-B9-9C-C4-ZN}] C:\DOCUME~1\Raven\LOCALS~1\Temp\thinksnet.exe CHD003
O4 - HKLM\..\Run: [howykow] C:\Program Files\MSN\howykow22011.exe

Close all rpograms exept hijackthis and click fix checked.


Reboot your computer in Safe Mode.
  • If the computer is running, shut down Windows, and then turn off the power.
  • Wait 30 seconds, and then turn the computer on.
  • Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
  • Ensure that the Safe Mode option is selected.
  • Press Enter. The computer then begins to start in Safe mode.
  • Login on your usual account.
Once in Safe Mode:

Delete that files :

C:\DOCUME~1\Raven\LOCALS~1\Temp\thinksnet.exe
C:\Program Files\MSN\howykow22011.exe

Close ALL open Windows / Programs / Folders. Please start AVG Anti-Spyware and run a full scan.
  • Click on Scanner on the toolbar.
  • Click on the Settings tab.
    • Under How to act?
      • Click on Recommended Action and choose Quarantine from the popup menu.
    • Under How to scan?
      • All checkboxes should be ticked.
    • Under Possibly unwanted software:
      • All checkboxes should be ticked.
    • Under Reports:
      • DEselect Automatically generate report after every scan and uncheck Only if threats were found.
    • Under What to scan?
      • Select Scan every file.
  • Click on the Scan tab.
  • Click on Complete System Scan to start the scan process.
  • Let the program scan the machine.
  • When the scan has finished, follow the instructions below.
    IMPORTANT : Don't click on the "Save Scan Report" button before you did hit the "Apply all Actions" button.
    • Make sure that Set all elements to: shows Quarantine (1), if not click on the link and choose Quarantine from the popup menu. (2)
    • At the bottom of the window click on the Apply all Actions button. (3)
      Posted Image
  • When done, click the Save Scan Report button. (4)
    • Click the Save Report as button.
    • Save the report to your Desktop.
  • Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
Reboot back into Normal Mode, and post a new HJT log, along with the AVG Anti-Spyware report.

Edited by Nuppi, 18 August 2007 - 11:06 AM.

Hi there :D
Posted Image

#5 raerae

raerae
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 18 August 2007 - 02:01 PM

I just spybot s&D and the only problem found was virtumonde. Also I keep getting a window to pop up when I'm not online that says "Web page unavailable while offline: the Web page you requested is not available offline. to view this page click Connect." It gives the option to Connect or Stay Offline.

I will continue with the rest of the steps you prescribed but I wanted some help with the above problem in the meantime. I really appreciate all your help.

#6 Nuppi

Nuppi

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:10:15 PM

Posted 18 August 2007 - 02:55 PM

Hi ,

I'll wait. :D
Hi there :D
Posted Image

#7 raerae

raerae
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 19 August 2007 - 08:03 AM

Heres the info you requested....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:48:28 AM, on 8/19/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Documents and Settings\Raven\Desktop\scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.houstonisd.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: 0 - {AB9D3341-2267-4E67-53B1-30ED43859B35} - C:\Program Files\MSN Gaming Zone\labun545.dll (file missing)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: TA_Start.lnk = C:\Documents and Settings\Raven\Local Settings\Temp\thinksnet.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\MSN Gaming Zone\prokyc.html

--
End of file - 8833 bytes


AVG Report

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:43:39 AM 8/19/2007

+ Scan result:



C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP273\A0023113.exe -> Downloader.Agent.alr : Cleaned.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP273\A0023133.exe -> Downloader.Agent.bls : Cleaned.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP273\A0023129.exe -> Downloader.PurityScan.eg : Cleaned.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP275\A0024256.dll -> Hijacker.StartPage : Cleaned.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP275\A0024258.dll -> Hijacker.StartPage : Cleaned.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP275\A0024259.dll -> Hijacker.StartPage : Cleaned.
C:\WINDOWS\Downloaded Program Files\UWA7P_0001_N91M0809NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Cleaned.
:mozilla.122:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.12:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.139:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.13:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.146:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.14:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.15:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.16:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.17:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.188:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.18:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.19:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.20:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.21:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.22:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.23:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.24:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.28:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.29:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.30:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.31:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.32:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.33:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.34:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.35:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.36:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.76:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.78:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\LocalService\Cookies\system@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@www.abcsearch[1].txt -> TrackingCookie.Abcsearch : Cleaned.
:mozilla.41:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.42:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.43:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@adengage[1].txt -> TrackingCookie.Adengage : Cleaned.
:mozilla.45:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.46:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.60:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@cc.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.71:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.7:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@enhance[2].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.59:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned.
:mozilla.217:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.227:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.160:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.161:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@data4.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@overture[2].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.256:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@www.paypal[1].txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.44:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.164:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@guide.real[1].txt -> TrackingCookie.Real : Cleaned.
:mozilla.165:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.6:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.8:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@revsci[1].txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.111:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.80:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.81:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.82:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.83:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.84:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.85:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.86:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.87:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.88:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.89:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.90:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.91:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.92:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.93:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.94:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.95:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.96:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.97:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.98:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.99:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.177:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.183:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.184:C:\Documents and Settings\Raven\Application Data\Mozilla\Firefox\Profiles\n9fwnvt2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Raven\Cookies\raven@m.webtrends[1].txt -> TrackingCookie.Webtrends : Cleaned.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP273\A0023098.exe -> Trojan.Fakealert.fb : Cleaned.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP273\A0023125.exe -> Trojan.Small : Cleaned.


::Report end

#8 Nuppi

Nuppi

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:10:15 PM

Posted 19 August 2007 - 01:41 PM

Hi,

Please rescan with spybot and if it founds anything, save report and send it to reply.

There is lot off programs, which do not need to start in startup. If you want faster startup, please inform me :D
Hi there :D
Posted Image

#9 raerae

raerae
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 19 August 2007 - 07:45 PM

Faster startup would be nice...

Ran spybot...two problems found. I fixed them.


--- Search result list ---
Advertising.com: Tracking cookie (Internet Explorer: Raven) (Cookie, nothing done)


DoubleClick: Tracking cookie (Internet Explorer: Raven) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-08-17 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-05-23 advcheck.dll (1.5.3.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-07-31 Tools.dll (2.1.2.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-08-15 Includes\Cookies.sbi (*)
2007-07-25 Includes\Dialer.sbi (*)
2007-08-15 Includes\DialerC.sbi (*)
2007-07-11 Includes\Hijackers.sbi (*)
2007-08-15 Includes\HijackersC.sbi (*)
2007-07-25 Includes\Keyloggers.sbi (*)
2007-08-15 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2007-08-01 Includes\Malware.sbi (*)
2007-08-15 Includes\MalwareC.sbi (*)
2007-08-08 Includes\PUPS.sbi (*)
2007-08-15 Includes\PUPSC.sbi (*)
2007-08-15 Includes\Revision.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-08-15 Includes\SecurityC.sbi (*)
2007-08-01 Includes\Spybots.sbi (*)
2007-08-15 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti
2007-08-01 Includes\Trojans.sbi (*)
2007-08-15 Includes\TrojansC.sbi (*)
2007-06-06 Plugins\TCPIPAddress.dll



--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB923723)
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows Media Player 11: Security Update for Windows Media Player 11 (KB936782)
/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Security Update for Windows XP (KB883939)
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB885855
/ Windows XP / SP3: Windows XP Hotfix - KB885884
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Windows XP Hotfix - KB888310
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Hotfix for Windows XP (KB906569)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Security Update for Windows XP (KB916281)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917159)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917422)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918118)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
/ Windows XP / SP3: Security Update for Windows XP (KB918899)
/ Windows XP / SP3: Security Update for Windows XP (KB919007)
/ Windows XP / SP3: Security Update for Windows XP (KB920213)
/ Windows XP / SP3: Security Update for Windows XP (KB920214)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB920685)
/ Windows XP / SP3: Update for Windows XP (KB920872)
/ Windows XP / SP3: Security Update for Windows XP (KB921398)
/ Windows XP / SP3: Security Update for Windows XP (KB921503)
/ Windows XP / SP3: Security Update for Windows XP (KB921883)
/ Windows XP / SP3: Update for Windows XP (KB922582)
/ Windows XP / SP3: Security Update for Windows XP (KB922616)
/ Windows XP / SP3: Security Update for Windows XP (KB922760)
/ Windows XP / SP3: Security Update for Windows XP (KB922819)
/ Windows XP / SP3: Security Update for Windows XP (KB923191)
/ Windows XP / SP3: Security Update for Windows XP (KB923414)
/ Windows XP / SP3: Security Update for Windows XP (KB923694)
/ Windows XP / SP3: Security Update for Windows XP (KB923980)
/ Windows XP / SP3: Security Update for Windows XP (KB924191)
/ Windows XP / SP3: Security Update for Windows XP (KB924270)
/ Windows XP / SP3: Security Update for Windows XP (KB924496)
/ Windows XP / SP3: Security Update for Windows XP (KB924667)
/ Windows XP / SP3: Security Update for Windows XP (KB925454)
/ Windows XP / SP3: Security Update for Windows XP (KB925486)
/ Windows XP / SP3: Security Update for Windows XP (KB925902)
/ Windows XP / SP3: Hotfix for Windows XP (KB926239)
/ Windows XP / SP3: Security Update for Windows XP (KB926255)
/ Windows XP / SP3: Security Update for Windows XP (KB926436)
/ Windows XP / SP3: Security Update for Windows XP (KB927779)
/ Windows XP / SP3: Security Update for Windows XP (KB927802)
/ Windows XP / SP3: Update for Windows XP (KB927891)
/ Windows XP / SP3: Security Update for Windows XP (KB928090)
/ Windows XP / SP3: Security Update for Windows XP (KB928255)
/ Windows XP / SP3: Security Update for Windows XP (KB928843)
/ Windows XP / SP3: Security Update for Windows XP (KB929123)
/ Windows XP / SP3: Update for Windows XP (KB929338)
/ Windows XP / SP3: Security Update for Windows XP (KB929969)
/ Windows XP / SP3: Security Update for Windows XP (KB930178)
/ Windows XP / SP3: Update for Windows XP (KB930916)
/ Windows XP / SP3: Security Update for Windows XP (KB931261)
/ Windows XP / SP3: Security Update for Windows XP (KB931768)
/ Windows XP / SP3: Security Update for Windows XP (KB931784)
/ Windows XP / SP3: Update for Windows XP (KB931836)
/ Windows XP / SP3: Security Update for Windows XP (KB932168)
/ Windows XP / SP3: Security Update for Windows XP (KB933566)
/ Windows XP / SP3: Security Update for Windows XP (KB935839)
/ Windows XP / SP3: Security Update for Windows XP (KB935840)
/ Windows XP / SP3: Security Update for Windows XP (KB936021)
/ Windows XP / SP3: Update for Windows XP (KB936357)
/ Windows XP / SP3: Security Update for Windows XP (KB937143)
/ Windows XP / SP3: Security Update for Windows XP (KB938127)
/ Windows XP / SP3: Update for Windows XP (KB938828)
/ Windows XP / SP3: Security Update for Windows XP (KB938829)
/ Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221


--- Startup entries list ---
Located: HK_LM:Run, AVG7_CC
command: C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
file: C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
size: 416256
MD5: cfd25854e90909ae02b5aabd58e3775f

Located: HK_LM:Run, COMODO Firewall Pro
command: "C:\Program Files\Comodo\Firewall\CPF.exe" /background
file: C:\Program Files\Comodo\Firewall\CPF.exe
size: 1115728
MD5: 1f5882037bad07e9926f47a3a32f0931

Located: HK_LM:Run, Dell QuickSet
command: C:\Program Files\Dell\QuickSet\quickset.exe
file: C:\Program Files\Dell\QuickSet\quickset.exe
size: 610304
MD5: 13fdc68b84610381ee492003b9b9ebab

Located: HK_LM:Run, Dell Wireless Manager UI
command: C:\WINDOWS\system32\WLTRAY
file: C:\WINDOWS\system32\WLTRAY.exe
size: 696425
MD5: 4998b9dce09c712627f67dc84413086e

Located: HK_LM:Run, dla
command: C:\WINDOWS\system32\dla\tfswctrl.exe
file: C:\WINDOWS\system32\dla\tfswctrl.exe
size: 127035
MD5: 2ca827ba68d0cdb5437c40c6f53d7f20

Located: HK_LM:Run, DMXLauncher
command: C:\Program Files\Dell\Media Experience\DMXLauncher.exe
file: C:\Program Files\Dell\Media Experience\DMXLauncher.exe
size: 86016
MD5: 526874efe8d1f0ec1b7bbb87d5c433e6

Located: HK_LM:Run, DVDLauncher
command: "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
file: C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
size: 53248
MD5: b3e3c57fd22e71ce20389372d972c6dc

Located: HK_LM:Run, HP Software Update
command: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
file: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 65ed174c0b836d4cfa489712278cef7b

Located: HK_LM:Run, igfxhkcmd
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 77824
MD5: 42344ddf30337979216ea6afa58bb42a

Located: HK_LM:Run, igfxpers
command: C:\WINDOWS\system32\igfxpers.exe
file: C:\WINDOWS\system32\igfxpers.exe
size: 114688
MD5: 4b10675852fe8862521024778e264d5f

Located: HK_LM:Run, igfxtray
command: C:\WINDOWS\system32\igfxtray.exe
file: C:\WINDOWS\system32\igfxtray.exe
size: 94208
MD5: 6e5a178e359ee42f748186a14449d848

Located: HK_LM:Run, ISUSPM Startup
command: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
file: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
size: 221184
MD5: fb9e5c251cf6c37749f296bacb34a69b

Located: HK_LM:Run, ISUSScheduler
command: "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
file: C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
size: 81920
MD5: 763dab43bdab27316dbf3373192823d7

Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 270648
MD5: 018c1b1379d326abfaa89eda7e43f95a

Located: HK_LM:Run, mmtask
command: C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
file: C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
size: 53248
MD5: ddded6213d8e8cb91a9bf3107114b335

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
file: C:\Program Files\QuickTime\QTTask.exe
size: 286720
MD5: 49ccfbe5d5225b9d3cc78c09dee147d0

Located: HK_LM:Run, SigmatelSysTrayApp
command: stsystra.exe
file: C:\WINDOWS\stsystra.exe
size: 393216
MD5: b6f3304c0f64a533d28c5356829f8231

Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
file: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
size: 32881
MD5: ed85b344e6edc30c1bc57ec1a2a56bf3

Located: HK_LM:Run, SynTPEnh
command: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
file: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 729178
MD5: b1e057b34eba80ec53d191d8f8c604ff

Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 185896
MD5: 1eda1c63e0d2ae1aebdf98083454079c

Located: HK_CU:Run, Aim6
command:
file:

Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8

Located: HK_CU:Run, DellSupport
command: "C:\Program Files\DellSupport\DSAgnt.exe" /startup
file: C:\Program Files\DellSupport\DSAgnt.exe
size: 460784
MD5: b75fdbf14073d72c50624cc8338dd534

Located: HK_CU:Run, ModemOnHold
command: C:\Program Files\NetWaiting\netWaiting.exe
file: C:\Program Files\NetWaiting\netWaiting.exe
size: 20480
MD5: 676b1d0bfa5ef8005395ab43f33de1f1

Located: Startup (common), America Online 9.0 Tray Icon.lnk
command: C:\Program Files\America Online 9.0\aoltray.exe
file: C:\Program Files\America Online 9.0\aoltray.exe
size: 156784
MD5: d3e103e5b79a6e8ba5b58e0a7c21523b

Located: Startup (common), Digital Line Detect.lnk
command: C:\Program Files\Digital Line Detect\DLG.exe
file: C:\Program Files\Digital Line Detect\DLG.exe
size: 24576
MD5: b66e56733e2cd6a10fda5919625fbf46

Located: Startup (common), HP Digital Imaging Monitor.lnk
command: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 282624
MD5: a9d65ceeec7844c9a0c6b445bcbe7823

Located: Startup (common), Last.fm Helper.lnk
command: C:\Program Files\Last.fm\LastFMHelper.exe
file: C:\Program Files\Last.fm\LastFMHelper.exe
size: 65536
MD5: e8ac9812749f9433cb7adfffc0fc7a23

Located: Startup (common), Microsoft Office.lnk
command: C:\Program Files\Microsoft Office\Office10\OSA.EXE
file: C:\Program Files\Microsoft Office\Office10\OSA.EXE
size: 83360
MD5: 5bc65464354a9fd3beaa28e18839734a

Located: Startup (user), TA_Start.lnk
command: C:\Documents and Settings\Raven\Local Settings\Temp\thinksnet.exe
file:

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, igfxcui
command: igfxdev.dll
file: igfxdev.dll

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll



--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 11/3/2003 2:17:44 PM
Date (last access): 8/19/2007 7:53:00 PM
Date (last write): 11/3/2003 2:17:44 PM
Filesize: 54248
Attributes: archive
MD5: FC7850324464E4D19A24A03D882B5CC4
CRC32: 452E8571
Version: 6.0.1.1091

{5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
BHO name:
CLSID name: DriveLetterAccess
description: Hewlett-Packard's DLA software
classification: Unknown
known filename: tfswshx.dll
info link:
info source: TonyKlein
Path: C:\WINDOWS\system32\dla\
Long name: tfswshx.dll
Short name:
Date (created): 10/6/2005 6:32:28 PM
Date (last access): 8/19/2007 7:53:00 PM
Date (last write): 12/6/2004 1:05:00 AM
Filesize: 118842
Attributes: archive
MD5: 37943B990D318145D1EFCBEEF8F9566A
CRC32: C6D87067
Version: 1.4.8.0

{AB9D3341-2267-4E67-53B1-30ED43859B35} (0)
BHO name: 0
CLSID name:
Path: C:\Program Files\MSN Gaming Zone\
Long name: labun545.dll



--- ActiveX list ---
{02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control)
DPF name:
CLSID name: Microsoft Office Template and Media Control
Installer: C:\WINDOWS\Downloaded Program Files\ieawsdc.inf
Codebase: http://office.microsoft.com/templates/ieawsdc.cab
description:
classification: Legitimate
known filename: IEAWSDC.DLL
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: IEAWSDC.DLL
Short name:
Date (created): 2/9/2007 7:15:26 AM
Date (last access): 8/19/2007 7:56:36 PM
Date (last write): 2/9/2007 7:15:26 AM
Filesize: 175968
Attributes: archive
MD5: 1C33677DA385ACFDB263A8995303303F
CRC32: 0FA31421
Version: 12.0.6026.0

{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://go.microsoft.com/fwlink/?linkid=39204
description:
classification: Legitimate
known filename: LegitCheckControl.DLL
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.DLL
Short name: LEGITC~1.DLL
Date (created): 3/15/2007 6:19:28 PM
Date (last access): 8/19/2007 12:44:06 PM
Date (last write): 4/24/2007 11:32:06 AM
Filesize: 1485696
Attributes: archive
MD5: F41FA54CD85AF8AACF8C7E084F6742F4
CRC32: 6328586B
Version: 1.7.36.0

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_03
Installer:
Codebase: http://java.sun.com/products/plugin/autodl...indows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\j2re1.4.2_03\bin\
Long name: NPJPI142_03.dll
Short name: NPJPI1~1.DLL
Date (created): 11/19/2003 5:48:18 PM
Date (last access): 8/19/2007 2:22:26 AM
Date (last write): 11/19/2003 5:48:12 PM
Filesize: 65650
Attributes: archive
MD5: 2AD31341BE41AC9B086128AD86A2B53F
CRC32: 081CFB35
Version: 1.4.2.30

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab
description:
classification: Open for discussion
known filename:
info link:
info source: Safer Networking Ltd.

{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_03
Installer:
Codebase: http://java.sun.com/products/plugin/autodl...indows-i586.cab
description:
classification: Legitimate
known filename: npjpi142_03.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\j2re1.4.2_03\bin\
Long name: NPJPI142_03.dll
Short name: NPJPI1~1.DLL
Date (created): 11/19/2003 5:48:18 PM
Date (last access): 8/19/2007 8:36:02 PM
Date (last write): 11/19/2003 5:48:12 PM
Filesize: 65650
Attributes: archive
MD5: 2AD31341BE41AC9B086128AD86A2B53F
CRC32: 081CFB35
Version: 1.4.2.30

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9d.ocx
Short name:
Date (created): 6/11/2007 3:04:30 PM
Date (last access): 8/19/2007 7:48:34 PM
Date (last write): 6/11/2007 3:04:30 PM
Filesize: 2267368
Attributes: readonly archive
MD5: B01E2A41389FBA42B7B5A026EA88C9B7
CRC32: 8980B6EC
Version: 9.0.47.0



--- Process list ---
PID: 0 ( 0) [System]
PID: 752 ( 4) \SystemRoot\System32\smss.exe
PID: 800 ( 752) \??\C:\WINDOWS\system32\csrss.exe
PID: 824 ( 752) \??\C:\WINDOWS\system32\winlogon.exe
PID: 868 ( 824) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 880 ( 824) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 1048 ( 868) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1092 ( 868) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1128 ( 868) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1184 ( 868) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1364 ( 868) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1708 (1680) C:\WINDOWS\Explorer.EXE
size: 1033216
MD5: 97BD6515465659FF8F3B7BE375B2EA87
PID: 1720 ( 868) C:\WINDOWS\System32\wltrysvc.exe
size: 65536
MD5: 61490BFA6558C8DD3027E130D9A02D4B
PID: 1732 (1720) C:\WINDOWS\System32\bcmwltry.exe
size: 872556
MD5: 72D58BB02CD83E6B7B9A97E06B3F0F43
PID: 1820 ( 868) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1928 ( 868) C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
size: 1135728
MD5: 8FA646F0E639D9A8C8B98E217D471DC0
PID: 1940 ( 868) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
size: 106496
MD5: 2ACFC9242BE81AE2356E14E5E05C02BB
PID: 1952 ( 868) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
size: 312880
MD5: 5DCD235C061022BCDA9AA48670B64211
PID: 1972 ( 868) C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
size: 353280
MD5: 5F4ED1DBA7E1EAECBA443A53DA176485
PID: 2020 ( 868) C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
size: 49664
MD5: 30A14F65DB477DC00A64A5A24E96919C
PID: 2032 ( 868) C:\Program Files\Comodo\Firewall\cmdagent.exe
size: 361040
MD5: 2EDB74E72FEEB39C8906E4C8C54D91A5
PID: 232 ( 868) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
size: 270336
MD5: 0EFEE4F2D23BA2D8B27FBA942106E0E1
PID: 452 ( 868) C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
size: 356352
MD5: 23EEB337BF684589D261F2359E19C72C
PID: 596 ( 868) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1644 (1708) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 729178
MD5: B1E057B34EBA80EC53D191D8F8C604FF
PID: 1664 (1708) C:\WINDOWS\system32\hkcmd.exe
size: 77824
MD5: 42344DDF30337979216EA6AFA58BB42A
PID: 1692 (1708) C:\WINDOWS\system32\igfxpers.exe
size: 114688
MD5: 4B10675852FE8862521024778E264D5F
PID: 1696 (1708) C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
size: 32881
MD5: ED85B344E6EDC30C1BC57EC1A2A56BF3
PID: 1416 (1708) C:\WINDOWS\stsystra.exe
size: 393216
MD5: B6F3304C0F64A533D28C5356829F8231
PID: 1876 (1708) C:\WINDOWS\system32\WLTRAY.exe
size: 696425
MD5: 4998B9DCE09C712627F67DC84413086E
PID: 1948 (1708) C:\Program Files\Dell\QuickSet\quickset.exe
size: 610304
MD5: 13FDC68B84610381EE492003B9B9EBAB
PID: 988 (1708) C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
size: 53248
MD5: B3E3C57FD22E71CE20389372D972C6DC
PID: 228 (1708) C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
size: 53248
MD5: DDDED6213D8E8CB91A9BF3107114B335
PID: 248 (1708) C:\WINDOWS\system32\dla\tfswctrl.exe
size: 127035
MD5: 2CA827BA68D0CDB5437C40C6F53D7F20
PID: 312 (1708) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
size: 81920
MD5: 763DAB43BDAB27316DBF3373192823D7
PID: 328 (1708) C:\Program Files\Dell\Media Experience\DMXLauncher.exe
size: 86016
MD5: 526874EFE8D1F0EC1B7BBB87D5C433E6
PID: 448 (1708) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 65ED174C0B836D4CFA489712278CEF7B
PID: 464 (1708) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 185896
MD5: 1EDA1C63E0D2AE1AEBDF98083454079C
PID: 496 (1708) C:\Program Files\iTunes\iTunesHelper.exe
size: 270648
MD5: 018C1B1379D326ABFAA89EDA7E43F95A
PID: 532 (1708) C:\Program Files\Comodo\Firewall\CPF.exe
size: 1115728
MD5: 1F5882037BAD07E9926F47A3A32F0931
PID: 1480 (1708) C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
size: 416256
MD5: CFD25854E90909AE02B5AABD58E3775F
PID: 604 (1708) C:\Program Files\NetWaiting\netWaiting.exe
size: 20480
MD5: 676B1D0BFA5EF8005395AB43F33DE1F1
PID: 560 (1708) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
PID: 704 (1708) C:\Program Files\DellSupport\DSAgnt.exe
size: 460784
MD5: B75FDBF14073D72C50624CC8338DD534
PID: 744 (1708) C:\Program Files\Digital Line Detect\DLG.exe
size: 24576
MD5: B66E56733E2CD6A10FDA5919625FBF46
PID: 1400 (1048) C:\WINDOWS\system32\igfxsrvc.exe
size: 159744
MD5: 476A0876C16D2CC3F5A46697CF37BEE7
PID: 2412 (1048) C:\WINDOWS\system32\wbem\wmiprvse.exe
size: 218112
MD5: 075EA6C849AB0FE416A3D6DD65C3CF41
PID: 2496 (1708) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 282624
MD5: A9D65CEEEC7844C9A0C6B445BCBE7823
PID: 2504 (1708) C:\Program Files\Last.fm\LastFMHelper.exe
size: 65536
MD5: E8AC9812749F9433CB7ADFFFC0FC7A23
PID: 3148 ( 868) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 1392 (2496) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
size: 204800
MD5: 0313129323AAEFADB820082D014F4DAC
PID: 1800 ( 868) C:\Program Files\iPod\bin\iPodService.exe
size: 501048
MD5: 83CD5F746B260457DEF125AEB8783B46
PID: 1508 (1708) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 2568 (1708) C:\Program Files\Mozilla Firefox\firefox.exe
size: 7644520
MD5: E169EEF3C383D7A86F11B60220822A34
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 8/19/2007 8:36:03 PM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DE
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.houstonisd.org/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.dell4me.com/myway
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
http://red.clientapps.yahoo.com/customize/.../search/ie.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.dell4me.com/myway
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.dell4me.com/myway
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FF3336D5-0629-4B47-90B6-B67C92B87BDF}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FF3336D5-0629-4B47-90B6-B67C92B87BDF}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{62B13544-1A6B-4114-94D6-5FCE487F6ABC}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{62B13544-1A6B-4114-94D6-5FCE487F6ABC}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{CFDCB081-6EE8-4244-AA69-908509D036A8}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{CFDCB081-6EE8-4244-AA69-908509D036A8}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2810EB22-763D-4D0C-9450-64BBD1758685}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2810EB22-763D-4D0C-9450-64BBD1758685}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{531D3D38-B38F-4A40-9052-52EFBA55506B}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{531D3D38-B38F-4A40-9052-52EFBA55506B}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EADC67BE-FD77-4EFE-9F43-3EF991DD4A2A}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EADC67BE-FD77-4EFE-9F43-3EF991DD4A2A}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2C96C3DD-5D0E-4177-BF76-CA81196FB088}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2C96C3DD-5D0E-4177-BF76-CA81196FB088}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace



--- Uninstall list ---
7-Zip 4.42 (7-Zip)
uninstall cmd: "C:\Program Files\7-Zip\Uninstall.exe"

Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com

(AddressBook)

Adobe Flash Player ActiveX 9.0.47.0 (Adobe Flash Player ActiveX)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
publisher: Adobe Systems Incorporated
help link: http://www.adobe.com/go/flashplayer_support/

AIM 6 (AIM_6)
uninstall cmd: C:\Program Files\AIM6\uninst.exe

AOL Connectivity Services (AOL Connectivity Services)
uninstall cmd: C:\PROGRA~1\COMMON~1\AOL\ACS\AcsUninstall.exe /c

AOL Uninstaller (Choose which Products to Remove) (AOL Uninstaller)
uninstall cmd: C:\Program Files\Common Files\AOL\uninstaller.exe

AOL Coach Version 1.0(Build:20040229.1 en) (AOLCoach)
uninstall cmd: C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe

(AOLOCP_Y)

(AudioPlugin.dll)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}

AVG 7.5 (AVG7Uninstall)
uninstall cmd: C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL

AVG Anti-Spyware 7.5 (AVGAntiSpyware75)
install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5
uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
publisher: Grisoft Ltd.
help link: http://www.grisoft.com

(Branding)

Dell Wireless WLAN Card (Broadcom 802.11b Network Adapter)
uninstall cmd: C:\WINDOWS\system32\BCMWLU00.exe verbose

Conexant HDA D110 MDC V.92 Modem (CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -Idel1028k.inf

COMODO Firewall Pro 2.4.1.92 (COMODO Firewall Pro)
uninstall cmd: C:\Program Files\Comodo\Firewall\fwconfig.exe -uninstalln
publisher: COMODO
comments: A product from COMODO.
contact: personalfirewall@comodo.com

(Connection Manager)

(CopyNow.dll)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}

(DataPlugin.dll)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}

(DirectAnimation)

(DirectDrawEx)

DivX Content Uploader 1.0.0 (DivX Content Uploader)
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
publisher: DivX, Inc.

(dlatray.exe)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}

(DXM_Runtime)

(Fontcore)

HijackThis 2.0.2 2.0.2 (HijackThis)
uninstall cmd: "C:\Documents and Settings\Raven\Desktop\HijackThis.exe" /uninstall
publisher: TrendMicro

HP Imaging Device Functions 6.1 6.1 (HP Imaging Device Functions)
uninstall cmd: C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
publisher: HP
help link: http://www.hp.com/support

HP Solution Center and Imaging Support Tools 6.1 6.1 (HP Solution Center & Imaging Support Tools)
uninstall cmd: C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
publisher: HP
help link: http://www.hp.com/support

(ICW)

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

(InstallShield Uninstall Information)

PC Camera 0.1.1.9 (InstallShield_{5383D15F-68A1-4F67-A73E-E6F94949BFEE})
version: 65537
version (minor): 1
estimated size: 1849
install date: 20060725
install location: C:\Program Files\PC Camera\PC Camera\
install source: C:\DOCUME~1\Raven\LOCALS~1\Temp\_is1F1\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{5383D15F-68A1-4F67-A73E-E6F94949BFEE}
publisher: PC Camera

Jasc Paint Shop Pro Studio.01 , Dell Edition 1.0.1.1 Patch (Jasc Paint Shop Pro Studio.01 , Dell Edition 1.0.1.1 Patch)
uninstall cmd: C:\Program Files\Jasc Software Inc\Paint Shop Pro Studio\Unwise.exe /R /U C:\PROGRA~1\JASCSO~1\PAINTS~1\INSTALL.LOG

High Definition Audio Driver Package - KB835221 20040219.000000 (KB835221WXP)
uninstall cmd: C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=KB835221

Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339

Security Update for Windows XP (KB883939) 1 (KB883939)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=883939

(KB884016)

(KB884267)

Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885250

(KB885353)

Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835

Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836

Windows XP Hotfix - KB885855 20040930.104104 (KB885855)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885855

Windows XP Hotfix - KB885884 20040924.025457 (KB885884)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885884

Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185

(KB886612)

(KB887078)

Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472

(KB887626)

Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887742

Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888113

Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302

Windows XP Hotfix - KB888310 20041027.095746 (KB888310)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888310

(KB888656)

(KB889858)

Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20060523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046

Windows XP Hotfix - KB890175 20041201.233338 (KB890175)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890175

Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20060523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859

(KB891122)

Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781

(KB892313)

(KB893240)

(KB893241)

Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20060523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756

(KB893803)

Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467

Update for Windows XP (KB894391) 1 (KB894391)
install date: 20060521
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391

(KB895181)

(KB895316)

(KB895572)

Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20060523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358

Security Update for Windows XP (KB896422) 1 (KB896422)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422

Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20060520
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423

Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20060523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896424

Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20060521
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428

(KB897586)

Security Update for Step By Step Interactive Training (KB898458) 20050502.101010 (KB898458)
install date: 20060521
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/898458

Update for Windows XP (KB898461) 1 (KB898461)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461

(KB898549)

Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20060523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587

Security Update for Windows XP (KB899591) 1 (KB899591)
install date: 20060523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591

(KB900399)

Update for Windows XP (KB900485) 2 (KB900485)
install date: 20060523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900485

Security Update for Windows XP (KB900725) 1 (KB900725)
install date: 20060523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900725

Security Update for Windows XP (KB901017) 1 (KB901017)
install date: 20060523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901017

Security Update for Windows XP (KB901214) 1 (KB901214)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214

(KB902344)

Security Update for Windows XP (KB902400) 1 (KB902400)
install date: 20060523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902400

Security Update for Windows XP (KB904706) 2 (KB904706)
install date: 20060521
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904706

Security Update for Windows XP (KB905414) 1 (KB905414)
install date: 20060521
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905414

Security Update for Windows XP (KB905749) 1 (KB905749)
install date: 20060521
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905749

Hotfix for Windows XP (KB906569) 2 (KB906569)
install date: 20070808
uninstall cmd: "C:\WINDOWS\$NtUninstallKB906569$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=906569

(KB907658)

Security Update for Windows XP (KB908519) 1 (KB908519)
install date: 20060521
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908519

Update for Windows XP (KB908531) 2 (KB908531)
install date: 20060521
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908531

Update for Windows XP (KB910437) 1 (KB910437)
install date: 20060521
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=910437

Update for Windows XP (KB911280) 2 (KB911280)
install date: 20060627
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911280

Security Update for Windows XP (KB911562) 1 (KB911562)
install date: 20060523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911562

Security Update for Windows Media Player (KB911564) (KB911564)
install date: 20060521
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911564

Security Update for Windows Media Player 10 (KB911565) (KB911565)
install date: 20060521
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911565

Security Update for Windows XP (KB911567) 1 (KB911567)
install date: 20060521
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911567

(KB911854)

Security Update for Windows XP (KB911927) 1 (KB911927)
install date: 20060523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911927

Security Update for Windows XP (KB912812) 1 (KB912812)
install date: 20060523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912812

Security Update for Windows XP (KB912919) 1 (KB912919)
install date: 20060521
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912919

Security Update for Windows XP (KB913446) 1 (KB913446)
install date: 20060521
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913446

Security Update for Windows XP (KB913580) 1 (KB913580)
install date: 20060521
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913580

Security Update for Windows XP (KB914388) 1 (KB914388)
install date: 20060716
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914388

Security Update for Windows XP (KB914389) 1 (KB914389)
install date: 20060619
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914389

Security Update for Windows XP (KB916281) 1 (KB916281)
install date: 20060619
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916281

Update for Windows XP (KB916595) 1 (KB916595)
install date: 20060716
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916595

Security Update for Windows XP (KB917159) 1 (KB917159)
install date: 20060716
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917159

Security Update for Windows XP (KB917344) 1 (KB917344)
install date: 20060619
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917344

Security Update for Windows XP (KB917422) 1 (KB917422)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917422

Security Update for Windows XP (KB917953) 1 (KB917953)
install date: 20060619
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917953

Security Update for Windows XP (KB918118) 1 (KB918118)
install date: 20070215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918118

Security Update for Windows XP (KB918439) 1 (KB918439)
install date: 20060619
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918439

Security Update for Windows XP (KB918899) 1 (KB918899)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918899

Security Update for Windows XP (KB919007) 1 (KB919007)
install date: 20060915
uninstall cmd: "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=919007

Security Update for Windows XP (KB920213) 1 (KB920213)
install date: 20061115
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920213

Security Update for Windows XP (KB920214) 1 (KB920214)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920214

Security Update for Windows XP (KB920670) 1 (KB920670)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920670

Security Update for Windows XP (KB920683) 1 (KB920683)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920683

Security Update for Windows XP (KB920685) 1 (KB920685)
install date: 20060915
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920685

Update for Windows XP (KB920872) 1 (KB920872)
install date: 20060915
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920872

Security Update for Windows XP (KB921398) 1 (KB921398)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921398

Security Update for Windows XP (KB921503) 1 (KB921503)
install date: 20070815
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921503

Security Update for Windows XP (KB921883) 1 (KB921883)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921883

Update for Windows XP (KB922582) 1 (KB922582)
install date: 20060915
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922582

Security Update for Windows XP (KB922616) 1 (KB922616)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922616

Security Update for Windows XP (KB922760) 1 (KB922760)
install date: 20061115
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922760

Security Update for Windows XP (KB922819) 1 (KB922819)
install date: 20061014
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922819

Security Update for Windows XP (KB923191) 1 (KB923191)
install date: 20061014
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923191

Security Update for Windows XP (KB923414) 1 (KB923414)
install date: 20061014
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923414

Security Update for Windows XP (KB923694) 1 (KB923694)
install date: 20061215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923694

Security Update for Step By Step Interactive Training (KB923723) 20050502.101010 (KB923723)
install date: 20070215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/923723

Security Update for Windows XP (KB923980) 1 (KB923980)
install date: 20061115
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923980

Security Update for Windows XP (KB924191) 1 (KB924191)
install date: 20061014
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924191

Security Update for Windows XP (KB924270) 1 (KB924270)
install date: 20061115
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924270

Security Update for Windows XP (KB924496) 1 (KB924496)
install date: 20061014
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924496

Security Update for Windows XP (KB924667) 1 (KB924667)
install date: 20070218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924667

Security Update for Windows Media Player 6.4 (KB925398) (KB925398_WMP64)
install date: 20061215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=925398

Security Update for Windows XP (KB925454) 1 (KB925454)
install date: 20061215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925454

Security Update for Windows XP (KB925486) 1 (KB925486)
install date: 20060928
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925486

Security Update for Windows XP (KB925902) 1 (KB925902)
install date: 20070405
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925902

Hotfix for Windows XP (KB926239) 2 (KB926239)
install date: 20061129
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926239

Security Update for Windows XP (KB926255) 1 (KB926255)
install date: 20061215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926255

Security Update for Windows XP (KB926436) 1 (KB926436)
install date: 20070218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926436

Security Update for Windows XP (KB927779) 1 (KB927779)
install date: 20070218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=927779

Security Update for Windows XP (KB927802) 1 (KB927802)
install date: 20070218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=927802

Update for Windows XP (KB927891) 3 (KB927891)
install date: 20070523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=927891

Security Update for Windows XP (KB928090) 1 (KB928090)
install date: 20070218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928090

Security Update for Windows XP (KB928255) 1 (KB928255)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928255

Security Update for Windows XP (KB928843) 1 (KB928843)
install date: 20070218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928843

Security Update for Windows XP (KB929123) 1 (KB929123)
install date: 20070614
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929123

Update for Windows XP (KB929338) 1 (KB929338)
install date: 20070320
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929338

Hotfix for Windows Media Format 11 SDK (KB929399) (KB929399)
install date: 20070323
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=929399

Security Update for Windows XP (KB929969) 1 (KB929969)
install date: 20070112
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929969

Security Update for Windows XP (KB930178) 1 (KB930178)
install date: 20070411
uninstall cmd: "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=930178

Update for Windows XP (KB930916) 1 (KB930916)
install date: 20070522
uninstall cmd: "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=930916

Security Update for Windows XP (KB931261) 1 (KB931261)
install date: 20070412
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931261

Security Update for Windows XP (KB931768) 1 (KB931768)
install date: 20070522
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931768

Security Update for Windows XP (KB931784) 1 (KB931784)
install date: 20070412
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931784

Update for Windows XP (KB931836) 1 (KB931836)
install date: 20070218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931836

Security Update for Windows XP (KB932168) 1 (KB932168)
install date: 20070411
uninstall cmd: "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=932168

Security Update for Windows XP (KB933566) 1 (KB933566)
install date: 20070808
uninstall cmd: "C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=933566

Security Update for Windows XP (KB935839) 1 (KB935839)
install date: 20070614
uninstall cmd: "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=935839

Security Update for Windows XP (KB935840) 1 (KB935840)
install date: 20070614
uninstall cmd: "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=935840

Security Update for Windows XP (KB936021) 1 (KB936021)
install date: 20070815
uninstall cmd: "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=936021

Update for Windows XP (KB936357) 1 (KB936357)
install date: 20070716
uninstall cmd: "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=936357

Security Update for Windows Media Player 11 (KB936782) (KB936782_WMP11)
install date: 20070815
uninstall cmd: "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=936782

Security Update for Windows XP (KB937143) 1 (KB937143)
install date: 20070815
uninstall cmd: "C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=937143

Security Update for Windows XP (KB938127) 1 (KB938127)
install date: 20070815
uninstall cmd: "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=938127

Update for Windows XP (KB938828) 1 (KB938828)
install date: 20070815
uninstall cmd: "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=938828

Security Update for Windows XP (KB938829) 1 (KB938829)
install date: 20070815
uninstall cmd: "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=938829

Last.fm 1.3.1.1 (LastFM_is1)
install date: 20070714
install location: C:\Program Files\Last.fm\
uninstall cmd: "C:\Program Files\Last.fm\unins000.exe"
publisher: Last.fm
help link: http://www.last.fm

Microsoft .NET Framework 1.1 Hotfix (KB928366) (M928366)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"

Making the Grade (Making the Grade)
uninstall cmd: C:\WINDOWS\IsUninst.exe -fC:\MTG\Uninst.isu

Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

(Microsoft Interactive Training)
uninstall cmd: C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu

(MobileOptionPack)

Move Networks Player for Firefox (Move Player_is1)
install date: 20070325
install location: C:\Program Files\Mozilla Firefox\plugins\
uninstall cmd: "C:\Program Files\Mozilla Firefox\plugins\unins000.exe"
publisher: Move Networks
help link: http://www.movenetworks.com

Mozilla Firefox (1.5.0.12) 1.5.0.12 (en-US) (Mozilla Firefox (1.5.0.12))
install location: C:\PROGRA~1\MOZILL~1
uninstall cmd: C:\PROGRA~1\MOZILL~1\uninstall\uninstall.exe /ua "1.5.0.12 (en-US)"
publisher: Mozilla

Mozilla Firefox (2.0.0.6) 2.0.0.6 (en-US) (Mozilla Firefox (2.0.0.6))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe
publisher: Mozilla
comments: Mozilla Firefox

(MPlayer2)

Microsoft Compression Client Pack 1.0 for Windows XP 1 (MSCompPackV1)
install date: 20061129
uninstall cmd: "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=74087

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

(NetMeeting)

(OutlookExpress)

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

RealPlayer (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

(SchedulingAgent)

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

Learn2 Player (Uninstall Only) (StreetPlugin)
uninstall cmd: C:\Program Files\Learn2.com\StRunner\stuninst.exe

Synaptics Pointing Device Driver 8.0.14.0 (SynTPDeinstKey)
uninstall cmd: rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
publisher: Synaptics

Viewpoint Media Player (ViewpointMediaPlayer)
uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u

WebCyberCoach 3.2 Dell (WebCyberCoach_wtrb)
uninstall cmd: "C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe" "WebCyberCoach ext\wtrb" /inf "engine.inf,RealUninstallSection,,4" /infcfg "enginecf.inf,RealUninstallSection,,4"

Windows Genuine Advantage Notifications (KB905474) 1.7.0018.5 (WgaNotify)
install date: 20070323
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905474

Windows Media Format 11 runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
help link: http://go.microsoft.com/fwlink/?LinkId=62768

Windows Media Player 11 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows Media Format 11 runtime (WMFDist11)
install date: 20060619
uninstall cmd: "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

Windows Media Player 11 (wmp11)
install date: 20060619
uninstall cmd: "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

Microsoft User-Mode Driver Framework Feature Pack 1.0 (Wudf01000)
install date: 20060619
uninstall cmd: "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
comments: Build Number 5716

Sonic RecordNow Data 2.0.0 ({075473F5-846A-448B-BCB3-104AA1760205})
version: 33554432
version (major): 2
install date: 20051006
uninstall cmd: MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
publisher: Sonic Solutions

TrayApp 61.0.163.000 ({0BF5FBE7-3907-4A1F-9E48-8B66E52850D6})
version: 1023410339
version (major): 61
estimated size: 691
install date: 20060618
install source: d:\setup\TrayApp\
publisher: Hewlett-Packard

Microsoft Plus! Photo Story 2 LE 1.1.0.3463 ({0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B})
version: 16842752
version (major): 1
version (minor): 1
install date: 20051006
uninstall cmd: MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
publisher: Microsoft Corporation
readme: C:\Program Files\Microsoft Plus! Photo Story 2 LE\Readme.htm

Sonic DLA 4.95 ({1206EF92-2E83-4859-ACCB-2048C3CB7DA6})
version: 73334784
version (major): 4
version (minor): 95
install date: 20051006
uninstall cmd: MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
publisher: Sonic Solutions
help link: http://support.sonic.com/

AutoUpdate 1.1 ({18D10072035C4515918F7E37EAFAACFC})
install location: C:\Program Files\DivX

Status 61.0.163.000 ({1E1F1E70-14D8-4380-8652-BD1A895A7D65})
version: 1023410339
version (major): 61
estimated size: 2689
install date: 20060618
install source: d:\setup\Status\
publisher: Hewlett-Packard

Internal Network Card Power Management 1.7.1 ({1F528948-0E80-4C96-B455-DE4167CB1DF7})
version: 17235969
install location: C:\Program Files\Dell\NicConfigSvc
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F528948-0E80-4C96-B455-DE4167CB1DF7}\setup.exe" -l0x9 UNINSTALL APPDRVNT4

CP_Package_Variety2 61.0.163.000 ({23B35809-5E4A-4F14-8332-1CDEDDFAC089})
version: 1023410339
version (major): 61
estimated size: 8617
install date: 20060618
install source: d:\setup\CP_Package_Variety2\
publisher: Hewlett-Packard

Destinations 61.0.163.000 ({24BEBF2E-73F3-4599-840B-EDC612CCDD0D})
version: 1023410339
version (major): 61
estimated size: 17007
install date: 20060618
install source: d:\setup\Destinations\
publisher: Hewlett-Packard

Broadcom Management Programs 8.65.01 ({26E1BFB0-E87E-4696-9F89-B467F01F81E5})
version: 138477569
version (major): 8
version (minor): 65
estimated size: 2350
install date: 20051006
install location: C:\Program Files\Broadcom\
install source: C:\WINDOWS\Downloaded Installations\BMP\{88EB2295-59C3-4EB1-AF9F-B5BC941A45D4}\
uninstall cmd: MsiExec.exe /I{26E1BFB0-E87E-4696-9F89-B467F01F81E5}
publisher: Broadcom Corporation
comments: Broadcom Advanced Control Suite 2 (BACS)
contact: Dell Customer Support
help link: http://www.support.dell.com

Sonic Update Manager 3.0.0 ({30465B6C-B53F-49A1-9EBA-A3F187AD502E})
version: 50331648
version (major): 3
install date: 20051006
uninstall cmd: MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
publisher: Sonic Solutions

ScannerCopy 6.0.0.0 ({31263605-FC84-4787-B847-BA445B147E24})
version: 100663296
version (major): 6
estimated size: 5058
install date: 20060618
install source: d:\setup\ScannerCopy\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

Windows Media Player 10 9.00.3636 ({33BB4982-DC52-4886-A03B-F4C5C80BEE89})
version: 150998580
version (major): 9
install date: 20051006
uninstall cmd: MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=9647

Unload 6.0.0 ({34F3FCF1-817B-4D61-B6AF-19D9486AFEA0})
version: 100663296
version (major): 6
estimated size: 8873
install date: 20060618
install source: d:\setup\UnloadIntent\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

WebFldrs XP 9.50.7523 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2456
install date: 20040810
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows

Internet Explorer Default Page 1.00.03 ({35BDEFF1-A610-4956-A00D-15453C116395})
version: 16777219
version (major): 1
install date: 20051006
uninstall cmd: MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395}
publisher: Dell Inc.
comments: Your Comments
contact: Customer Support Department
help link: http://support.dell.com
help telephone: 0

MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F})
version: 68429425
version (major): 4
version (minor): 20
estimated size: 2625
install date: 20061114
install source: c:\ba91a9c366d9740c68b249\
uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/927978

NetWaiting 2.5.23 ({3F92ABBB-6BBF-11D5-B229-002078017FBF})
version (major): 2
version (minor): 5
install location: C:\Program Files\NetWaiting
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
publisher: BVRP Software, Inc

BufferChm 61.0.163.000 ({4041C245-7099-4C96-9738-5EBC23827B3C})
version: 1023410339
version (major): 61
estimated size: 4797
install date: 20060618
install source: d:\setup\BufferChm\
publisher: Hewlett-Packard

Jasc Paint Shop Photo Album 5 5.21 ({4192EAC0-6B36-4723-B216-D0E86E7757AC})
version: 85262336
version (major): 5
version (minor): 21
install date: 20051006
uninstall cmd: MsiExec.exe /I{4192EAC0-6B36-4723-B216-D0E86E7757AC}
publisher: Jasc Software, Inc.
comments:
contact: Customer Support Department
help link: http://www.jasc.com
help telephone: (952) 930 - 9171
readme: readme.html

SolutionCenter 61.0.163.000 ({4BE53DB2-C1F2-44D1-A9AB-1630BA7F2AF1})
version: 1023410339
version (major): 61
estimated size: 8384
install date: 20060618
install source: d:\setup\SolutionCenter\
publisher: Hewlett-Packard

CP_Package_Variety1 61.0.163.000 ({522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1})
version: 1023410339
version (major): 61
estimated size: 7401
install date: 20060618
install source: d:\setup\CP_Package_Variety1\
publisher: Hewlett-Packard

PC Camera 0.1.1.9 ({5383D15F-68A1-4F67-A73E-E6F94949BFEE})
version: 65537
version (minor): 1
estimated size: 1849
install date: 20060725
install location: C:\Program Files\PC Camera\PC Camera\
install source: C:\DOCUME~1\Raven\LOCALS~1\Temp\_is1F1\
publisher: PC Camera

Windows Live Messenger 8.1.0178.00 ({571700F0-DB9D-4B3A-B03D-35A14BB5939F})
version: 134283442
version (major): 8
version (minor): 1
estimated size: 31823
install date: 20070327
install source: C:\DOCUME~1\Raven\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
publisher: Microsoft Corporation

Dell Driver Reset Tool 1.02.0000 ({5905F42D-3F5F-4916-ADA6-94A3646AEE76})
version: 16908288
version (major): 1
version (minor): 2
install date: 20051006
uninstall cmd: MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
publisher: Dell Inc.
comments:
contact: Customer Support Department
help link: http://support.dell.com
help telephone:

4300 51.0.230.000 ({61B1A9C8-B2AD-4F54-B916-388FFD07BDE7})
version: 855638246
version (major): 51
estimated size: 263
install date: 20060618
install source: C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\Product\
publisher: Hewlett-Packard

({62369F2F77534556AEF4C58152E3BDE5})

AOLIcon 1.00.0000 ({62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C})
version: 16777216
version (major): 1
install date: 20051006
install source: C:\dell\KC999\
uninstall cmd: MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
publisher: Dell
comments: Your Comments
contact: Customer Support Department
help link: http://www.yourcompany.com/help
help telephone: 1-555-555-4505

eSupportQFolder 1.00.0000 ({66E6CE0C-5A1E-430C-B40A-0C90FF1804A8})
version: 16777216
version (major): 1
estimated size: 124
install date: 20060618
install source: d:\setup\QFolder\
publisher: Hewlett-Packard

PowerDVD 5.5 ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall

AiOSoftwareNPI 51.0.230.000 ({68763C27-235D-4165-A961-FDEA228CE504})
version: 855638246
version (major): 51
estimated size: 4546
install date: 20060618
install source: d:\setup\AiOSoftwarenpi\
publisher: Hewlett-Packard

Photo Click 1.0.0 ({6E179C77-7335-458D-9537-4F4EAC0181ED})
version: 16777216
version (major): 1
install date: 20051006
install location: C:\Program Files\Dell\Media Experience\Plugins\
uninstall cmd: MsiExec.exe /I{6E179C77-7335-458D-9537-4F4EAC0181ED}
publisher: Photo Click
comments:
contact: Customer Support Department
help link:
help telephone:

Microsoft Plus! Digital Media Edition Installer 1.1.0.3514 ({6E45BA47-383C-4C1E-8ED0-0D4845C293D7})
version: 16842752
version (major): 1
version (minor): 1
install date: 20051006
uninstall cmd: MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
publisher: Microsoft Corporation

Java 2 Runtime Environment, SE v1.4.2_03 1.4.2_03 ({7148F0A8-6813-11D6-A77B-00B0D0142030})
version (major): 1
version (minor): 4
estimated size: 139992
install date: 20051006
install source: C:\Documents and Settings\Owner\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}\
uninstall cmd: MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
publisher: Sun Microsystems, Inc.
comments: http://www.java.com
contact: http://www.java.com
help link: http://www.java.com
help telephone: http://www.java.com
readme: Readme.txt

Readme 51.0.230.000 ({736C803C-DD3B-4015-BC51-AFB9E67B9076})
version: 855638246
version (major): 51
estimated size: 36
install date: 20060618
install source: d:\setup\readme\
publisher: Hewlett-Packard

Apple Software Update 2.0.0.21 ({74EC78BC-B379-4E29-9006-8F161DCAABA6})
version: 33554432
version (major): 2
estimated size: 2204
install date: 20070801
install location: C:\Program Files\Apple Software Update\
install source: C:\DOCUME~1\Raven\LOCALS~1\Temp\IXP940.TMP\
uninstall cmd: MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Dell System Restore 2.00.0000 ({74F7662C-B1DB-489E-A8AC-07A06B24978B})
version: 33554432
version (major): 2
install date: 20051006
publisher: Dell Inc.
comments: N/A
contact: Customer Support Department
help link: http://support.dell.com
help telephone: 1-800-624-9896

6.2.1 ({7585478E9D9B42108671C12F8714CEFE})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
publisher: DivX, Inc.

Jasc Paint Shop Pro Studio, Dell Editon 1.01.0000 ({78C496B9-5A6B-4692-8C2E-AFFFC34E4961})
version: 16842752
version (major): 1
version (minor): 1
install date: 20051006
uninstall cmd: MsiExec.exe /I{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}
publisher: Jasc Software Inc
comments: Jasc Software Inc Jasc Paint Shop Pro Studio
contact: Customer Support Department
help link: http://www.jasc.com
help telephone: (952) 930-9171

DivX Codec 6.4.0 ({7B63B2922B174135AFC0E1377DD81EC2})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
publisher: DivX, Inc.

ProductContextNPI 51.0.230.000 ({7E7B7865-6C80-4373-8BC1-C2EB9431F9DE})
version: 855638246
version (major): 51
estimated size: 264
install date: 20060618
install source: C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\
publisher: Hewlett-Packard

DellSupport 6.0.3062 ({7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D})
version: 100666358
version (major): 6
estimated size: 15145
install date: 20070409
install location: C:\Program Files\DellSupport\
install source: C:\DOCUME~1\Raven\LOCALS~1\Temp\gac147.tmp.dir\Release_01_3062\
uninstall cmd: MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
publisher: Dell
comments: .
contact: .
help link: http://support.dell.com/support/topics/glo...ment?dn=1091989
help telephone: .

Modem Helper 3.01 ({7F142D56-3326-11D5-B229-002078017FBF})
install location: C:\Program Files\Modem Helper
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
publisher: BVRP Software

Intel® Graphics Media Accelerator Driver for Mobile 6.14.10.4363 ({8A708DD8-A5E6-11D4-A706-000629E95E20})
uninstall cmd: RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592

DivX Player 6.4 ({8ADFC4160D694100B5B8A22DE9DCABD9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
publisher: DivXNetworks, Inc.

URGE 1.0.8018.0 ({8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AE})
version: 16785234
version (major): 1
estimated size: 5810
install date: 20060618
install location: C:\Program Files\MTV Networks\URGE\
install source: C:\WINDOWS\Downloaded Installations\{4B710379-4CF6-4786-BC7D-D7F9820AA933}\
uninstall cmd: MsiExec.exe /I{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AE}
publisher: MTV Networks

Musicmatch® Jukebox 9.00.2028 ({8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26})
version: 150996972
install location: C:\Program Files\Musicmatch\Musicmatch Jukebox
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x9 -uninst

Microsoft Office XP Professional 10.0.2627.01 ({90110409-6000-11D3-8CFE-0050048383C9})
version: 167774787
version (major): 10
estimated size: 482849
install date: 20060516
install location: INSTALLLOCATION
install source: D:\
uninstall cmd: MsiExec.exe /I{90110409-6000-11D3-8CFE-0050048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\Office10\1033\OFREAD10.HTM

Microsoft Publisher 2002 10.0.2627.01 ({90190409-6000-11D3-8CFE-0050048383C9})
version: 167774787
version (major): 10
estimated size: 356589
install date: 20060516
install location: INSTALLLOCATION
install source: D:\
uninstall cmd: MsiExec.exe /I{90190409-6000-11D3-8CFE-0050048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\Office10\1033\OFREAD10.HTM

iTunes 7.3.1.3 ({9357AE3A-B2ED-4138-BB9B-0564352C3F0A})
version: 117637121
version (major): 7
version (minor): 3
estimated size: 58082
install date: 20070801
install location: C:\Program Files\iTunes\
install source: C:\DOCUME~1\Raven\LOCALS~1\Temp\IXP940.TMP\
uninstall cmd: MsiExec.exe /I{9357AE3A-B2ED-4138-BB9B-0564352C3F0A}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

QuickTime 7.2.0.240 ({95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC})
version: 117571584
version (major): 7
version (minor): 2
estimated size: 75787
install date: 20070801
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\Raven\LOCALS~1\Temp\IXP940.TMP\
uninstall cmd: MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Apple Mobile Device Support 1.0.1.2 ({A43B2A2F-1DB5-47F9-A608-F11A4835D7CB})
version: 16777217
version (major): 1
estimated size: 34325
install date: 20070801
install location: C:\Program Files\Common Files\Apple\Mobile Device Support\
install source: C:\DOCUME~1\Raven\LOCALS~1\Temp\IXP940.TMP\
uninstall cmd: MsiExec.exe /I{A43B2A2F-1DB5-47F9-A608-F11A4835D7CB}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

4300Trb 51.0.230.000 ({A744C7C3-76F5-42F5-9E15-497A3DFBC709})
version: 855638246
version (major): 51
estimated size: 249
install date: 20060618
install source: d:\Setup\AiOHelp\
publisher: Hewlett-Packard

DeviceManagementQFolder 1.00.0000 ({AB5D51AE-EBC3-438D-872C-705C7C2084B0})
version: 16777216
version (major): 1
estimated size: 124
install date: 20060618
install source: d:\setup\QFolder\
publisher: Hewlett-Packard

Sonic RecordNow Audio 2.0.0 ({AB708C9B-97C8-4AC9-899B-DBF226AC9382})
version: 33554432
version (major): 2
install date: 20051006
uninstall cmd: MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
publisher: Sonic Solutions

Dell Media Experience 3.00 ({AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B})
version: 50331648
version (major): 3
install date: 20051006
uninstall cmd: MsiExec.exe /I{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}
publisher: Dell

Adobe Acrobat - Reader 6.0.2 Update 6.0.2 ({AC76BA86-0000-0000-0000-6028747ADE01})
version: 100663298
version (major): 6
estimated size: 5780
install date: 20051006
install source: C:\Program Files\Adobe\{AC76BA86-0000-0000-7AC5-6028747ADE00}\
uninstall cmd: MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
publisher: Adobe Systems
comments: Adobe Acrobat - Reader 6.0.2 Update
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-800-833-6687

Adobe Reader 6.0.1 006.000.001 ({AC76BA86-7AD7-1033-7B44-A00000000001})
version: 100663297
version (major): 6
install date: 20051006
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
publisher: Adobe Systems Incorporated
comments:
contact: Customer Support Department
help link: http://www.adobe.com/support/main.html
help telephone:
readme: C:\Program Files\Adobe\Acrobat 6.0\Reader\Readme.htm

Dell Picture Studio v3.0 3.0.0 ({AF06CAE4-C134-44B1-B699-14FBDB63BD37})
version: 50331648
version (major): 3
install date: 20051006
install location: C:\Program Files\Dell Inc.\Dell Picture Studio v3.0\
uninstall cmd: MsiExec.exe /I{AF06CAE4-C134-44B1-B699-14FBDB63BD37}
publisher: Jasc Software, Inc.
comments:
contact:
help link: http://www.jasc.com
help telephone: (952) 930 - 9171

WordPerfect Office 12 12.01 ({AF19F291-F22F-4798-9662-525305AE9E48})
version: 201392128
version (major): 12
version (minor): 1
install date: 20051006
install location: C:\Program Files\WordPerfect Office 12\
uninstall cmd: MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48}
publisher: Corel Corporation
comments: Installs WordPerfect Office 12
contact: Corel Customer Service
help link: http://www.corel.com/support
readme: file:///C:\Program Files\WordPerfect Office 12\Programs\ReadMe.htm

Sonic RecordNow Copy 2.0.0 ({B12665F4-4E93-4AB4-B7FC-37053B524629})
version: 33554432
version (major): 2
install date: 20051006
uninstall cmd: MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
publisher: Sonic Solutions

DivX Converter 6.2.1 ({B13A7C41581B411290FBC0395694E2A9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
publisher: DivX, Inc.

CP_Package_Variety3 61.0.163.000 ({B57F2FF0-5A25-4332-B503-4592B370C02F})
version: 1023410339
version (major): 61
estimated size: 8617
install date: 20060618
install source: d:\setup\CP_Package_Variety3\
publisher: Hewlett-Packard

DivX Web Player 1.2.0 ({B7050CBDB2504B34BC2A9CA0A692CC29})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
publisher: DivX,Inc.

DocProc 6.0.0.0 ({BF4E9ED0-EF26-4A4C-A123-6A6A1ABEE411})
version: 100663296
version (major): 6
estimated size: 76210
install date: 20060618
install source: d:\setup\DocProc\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

MSXML 4.0 SP2 (KB936181) 4.20.9848.0 ({C04E32E0-0416-434D-AFB9-6969D703A9EF})
version: 68429432
version (major): 4
version (minor): 20
estimated size: 2680
install date: 20070815
install source: c:\18ee7f4c9e59cfb669\
uninstall cmd: MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/936181

QuickSet 3.9.9 ({C5074CC4-0E26-4716-A307-960272A90040})
version: 50921481
install location: C:\Program Files\Dell\QuickSet
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x9 UNINSTALL APPDRVNT4

Scan 6.0.0.0 ({C6812939-B117-48E6-A3BA-1709C14A3C8C})
version: 100663296
version (major): 6
estimated size: 9472
install date: 20060618
install source: d:\setup\Scan\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

AiO_Scan_CDA 51.0.230.000 ({C8753E28-2680-49BF-BD48-DD38FD086EFE})
version: 855638246
version (major): 51
estimated size: 586
install date: 20060618
install source: d:\setup\AiO_Scan\
publisher: Hewlett-Packard

Toolbox 61.0.163.000 ({C98E8D9D-21DE-4F87-A9B7-142BB89840FC})
version: 1023410339
version (major): 61
estimated size: 5409
install date: 20060618
install source: d:\setup\Toolbox\
publisher: Hewlett-Packard

Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 75255
install date: 20070715
install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

HP Photosmart Essential 1.8.0.26 ({D7CAE58E-26DE-49B7-A75D-EAEDF76726BE})
version: 17301504
version (major): 1
version (minor): 8
estimated size: 8910
install date: 20060618
install location: C:\Program Files\HP\Photosmart Essential\
install source: d:\setup\ImageZoneExpress\
uninstall cmd: MsiExec.exe /X{D7CAE58E-26DE-49B7-A75D-EAEDF76726BE}
publisher: HP

HPProductAssistant 61.0.163.000 ({DEBB2986-15B0-4D28-95FA-5C966A396589})
version: 1023410339
version (major): 61
estimated size: 3115
install date: 20060618
install source: d:\setup\hpproductassistant\
publisher: Hewlett-Packard

HP PSC & OfficeJet 6.1.A ({E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D})
uninstall cmd: "C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\setup\hpzscr01.exe" -datfile hposcr08.dat
publisher: HP
help link: http://www.hp.com/support

Digital Line Detect 1.15 ({E646DCF0-5A68-11D5-B229-002078017FBF})
version (major): 1
version (minor): 15
install location: C:\Program Files\Digital Line Detect
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
publisher: BVRP Software, Inc

4300_Help 51.0.230.000 ({E769999E-D0D9-4D51-AEFE-1BD44289E550})
version: 855638246
version (major): 51
estimated size: 5405
install date: 20060618
install source: d:\Setup\AiOHelp\
publisher: Hewlett-Packard

Musicmatch for Windows Media Player 0.00.000 ({E93E5EF6-D361-481E-849D-F16EF5C78EBC})
install location: C:\Program Files\Musicmatch\MUSICMATCH Music Services
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}\setup.exe" -l0x9 remove

WebReg 61.0.163.000 ({EC2715CE-C182-483C-84CC-81D7D914CF14})
version: 1023410339
version (major): 61
estimated size: 517
install date: 20060618
install source: d:\setup\WebReg\
publisher: Hewlett-Packard

HP Software Update 3.0.6.003 ({ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93})
version: 50331654
version (major): 3
estimated size: 3430
install date: 20060618
install source: d:\setup\HPSoftwareUpdate\
uninstall cmd: MsiExec.exe /X{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}
publisher: HEWLET~1|Hewlett-Packard
contact: http://www.hp.com/support

Fax_CDA 51.0.230.000 ({F6076EF9-08E1-442F-B6A2-BFB61B295A14})
version: 855638246
version (major): 51
estimated size: 21354
install date: 20060618
install source: d:\setup\fax\
publisher: Hewlett-Packard

NewCopy_CDA 51.0.230.000 ({FBB980B0-63F8-4B48-8D65-90F1D9F81D9F})
version: 855638246
version (major): 51
estimated size: 2492
install date: 20060618
install source: d:\setup\newcopy\
publisher: Hewlett-Packard



--- System Services ---
Service (registry key): .NET CLR Data
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET CLR Networking
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NETFramework
Start: 0
Type: 0
Error Control: 0

Service (registry key): Abiosdsk
Start: 4
Type: 1
Error Control: 0

Service (registry key): abp480n5
Display name: abp480n5
Image path: \SystemRoot\system32\DRIVERS\ABP480N5.SYS
Start: 4
Type: 1
Error Control: 1

Service (registry key): ACPI
Display name: Microsoft ACPI Driver
Image path: system32\DRIVERS\ACPI.sys
Image size: 187776
Image MD5: A10C7534F7223F4A73A948967D00E69B
Start: 0
Type: 1
Error Control: 1

Service (registry key): ACPIEC
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu160m
Display name: adpu160m
Image path: \SystemRoot\system32\DRIVERS\adpu160m.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): aec
Display name: Microsoft Kernel Acoustic Echo Canceller
Image path: system32\drivers\aec.sys
Image size: 142464
Image MD5: 1EE7B434BA961EF845DE136224C30FEC
Start: 3
Type: 1
Error Control: 1

Service (registry key): AegisP
Display name: AEGIS Protocol (IEEE 802.1x) v3.2.0.3
Description: AEGIS Protocol (IEEE 802.1x) v3.2.0.3
Image path: system32\DRIVERS\AegisP.sys
Image size: 17801
Image MD5: 2C5C22990156A1063E19AD162191DC1D
Start: 2
Type: 1
Error Control: 1

Service (registry key): AFD
Display name: AFD
Description: AFD Networking Support Environment
Image path: \SystemRoot\System32\drivers\afd.sys
Start: 1
Type: 1
Error Control: 1

Service (registry key): agp440
Display name: Intel AGP Bus Filter
Image path: \SystemRoot\system32\DRIVERS\agp440.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): agpCPQ
Display name: Compaq AGP Bus Filter
Image path: \SystemRoot\system32\DRIVERS\agpCPQ.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): Aha154x
Display name: Aha154x
Image path: \SystemRoot\system32\DRIVERS\aha154x.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78u2
Display name: aic78u2
Image path: \SystemRoot\system32\DRIVERS\aic78u2.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78xx
Display name: aic78xx
Image path: \SystemRoot\system32\DRIVERS\aic78xx.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): Alerter
Display name: Alerter
Description: Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): ALG
Display name: Application Layer Gateway Service
Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 44544
Image MD5: F1958FBF86D5C004CF19A5951A9514B7
Start: 3
Type: 16
Error Control: 1

Service (registry key): AliIde
Display name: AliIde
Image path: \SystemRoot\system32\DRIVERS\aliide.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): alim1541
Display name: ALI AGP Bus Filter
Image path: \SystemRoot\system32\DRIVERS\alim1541.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): amdagp
Display name: AMD AGP Bus Filter Driver
Image path: \SystemRoot\system32\DRIVERS\amdagp.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): amsint
Display name: amsint
Image path: \SystemRoot\system32\DRIVERS\amsint.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): AOL ACS
Display name: AOL Connectivity Service
Object name: LocalSystem
Image path: C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
Image size: 1135728
Image MD5: 8FA646F0E639D9A8C8B98E217D471DC0
Start: 2
Type: 272
Error Control: 1

Service (registry key): APPDRV
Display name: APPDRV
Image path: \SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS
Start: 1
Type: 1
Error Control: 1

Service (registry key): Apple Mobile Device
Display name: Apple Mobile Device
Description: Provides the interface to Apple mobile devices.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
Image size: 106496
Image MD5: 2ACFC9242BE81AE2356E14E5E05C02BB
Start: 2
Type: 16
Error Control: 1
Depends On services: Tcpip

Service (registry key): AppMgmt
Display name: Application Management
Description: Provides software installation services such as Assign, Publish, and Remove.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1

Service (registry key): asc
Display name: asc
Image path: \SystemRoot\system32\DRIVERS\asc.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3350p
Display name: asc3350p
Image path: \SystemRoot\system32\DRIVERS\asc3350p.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3550
Display name: asc3550
Image path: \SystemRoot\system32\DRIVERS\asc3550.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): ASP.NET
Start: 0
Type: 0
Error Control: 0

Service (registry key): ASP.NET_1.1.4322
Start: 0
Type: 0
Error Control: 0

Service (registry key): aspnet_state
Display name: ASP.NET State Service
Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
Image size: 32768
Image MD5: E1A1206A4FB19B675E947B29CCD25FBA
Start: 3
Type: 16
Error Control: 1

Service (registry key): AsyncMac
Display name: RAS Asynchronous Media Driver
Description: RAS Asynchronous Media Driver
Image path: system32\DRIVERS\asyncmac.sys
Image size: 14336
Image MD5: 02000ABF34AF4C218C35D257024807D6
Start: 3
Type: 1
Error Control: 1

Service (registry key): atapi
Display name: Standard IDE/ESDI Hard Disk Controller
Image path: system32\DRIVERS\atapi.sys
Image size: 95360
Image MD5: CDFE4411A69C224BD1D11B2DA92DAC51
Start: 0
Type: 1
Error Control: 1

Service (registry key): Atdisk
Start: 4
Type: 1
Error Control: 0

Service (registry key): Atmarpc
Display name: ATM ARP Client Protocol
Description: ATM ARP Client Protocol
Image path: system32\DRIVERS\atmarpc.sys
Image size: 59904
Image MD5: EC88DA854AB7D7752EC8BE11A741BB7F
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): AudioSrv
Display name: Windows Audio
Description: Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): audstub
Display name: Audio Stub Driver
Image path: system32\DRIVERS\audstub.sys
Image size: 3072
Image MD5: D9F724AA26C010A217C97606B160ED68
Start: 3
Type: 1
Error Control: 1

Service (registry key): AVG Anti-Spyware Driver
Display name: AVG Anti-Spyware Driver
Image path: \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
Image size: 11000
Image MD5: D6F4C1450699901048818B0C3AAF7A17
Start: 1
Type: 1
Error Control: 1

Service (registry key): AVG Anti-Spyware Guard
Display name: AVG Anti-Spyware Guard
Object name: LocalSystem
Image path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
Image size: 312880
Image MD5: 5DCD235C061022BCDA9AA48670B64211
Start: 2
Type: 16
Error Control: 1

Service (registry key): Avg7Alrt
Display name: AVG7 Alert Manager Server
Object name: LocalSystem
Image path: C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
Image size: 353280
Image MD5: 5F4ED1DBA7E1EAECBA443A53DA176485
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): Avg7Core
Display name: AVG7 Kernel
Image path: \SystemRoot\System32\Drivers\avg7core.sys
Start: 1
Type: 1
Error Control: 1

Service (registry key): Avg7RsW
Display name: AVG7 Wrap Driver
Image path: \SystemRoot\System32\Drivers\avg7rsw.sys
Start: 1
Type: 1
Error Control: 1

Service (registry key): Avg7RsXP
Display name: AVG7 Resident Driver XP
Image path: \SystemRoot\System32\Drivers\avg7rsxp.sys
Start: 1
Type: 1
Error Control: 1

Service (registry key): Avg7UpdSvc
Display name: AVG7 Update Service
Object name: LocalSystem
Image path: C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
Image size: 49664
Image MD5: 30A14F65DB477DC00A64A5A24E96919C
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): AvgAsCln
Display name: AVG Anti-Spyware Clean Driver
Image path: System32\DRIVERS\AvgAsCln.sys
Image size: 10872
Image MD5: 856B0CEE009946BF2D327E6B24FE7E3F
Start: 1
Type: 1
Error Control: 1

Service (registry key): AvgClean
Display name: AVG7 Clean Driver
Image path: \SystemRoot\System32\Drivers\avgclean.sys
Start: 1
Type: 1
Error Control: 1
Depends On services: Ntfs

Service (registry key): BattC
Start: 0
Type: 0
Error Control: 0

Service (registry key): BCM43XX
Display name: Dell Wireless WLAN Card Driver
Image path: system32\DRIVERS\bcmwl5.sys
Image size: 369024
Image MD5: C3AB2D6954C7B5103770832A3A6A591B
Start: 3
Type: 1
Error Control: 1

Service (registry key): bcm4sbxp
Display name: Broadcom 440x 10/100 Integrated Controller XP Driver
Image path: system32\DRIVERS\bcm4sbxp.sys
Image size: 45312
Image MD5: C768C8A463D32C219CE291645A0621A4
Start: 3
Type: 1
Error Control: 1

Service (registry key): BCMLogon
Start: 0
Type: 0
Error Control: 0

Service (registry key): Beep
Start: 1
Type: 1
Error Control: 1

Service (registry key): BITS
Display name: Background Intelligent Transfer Service
Description: Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Browser
Display name: Computer Browser
Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,LanmanServer

Service (registry key): cbidf
Display name: cbidf
Image path: \SystemRoot\system32\DRIVERS\cbidf2k.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): cbidf2k
Start: 4
Type: 1
Error Control: 1

Service (registry key): CCDECODE
Display name: Closed Caption Decoder
Image path: system32\DRIVERS\CCDECODE.sys
Image size: 17024
Image MD5: 6163ED60B684BAB19D3352AB22FC48B2
Start: 3
Type: 1
Error Control: 1

Service (registry key): cd20xrnt
Display name: cd20xrnt
Image path: \SystemRoot\system32\DRIVERS\cd20xrnt.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): Cdaudio
Start: 1
Type: 1
Error Control: 0

Service (registry key): Cdfs
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"

Service (registry key): Cdrom
Display name: CD-ROM Driver
Image path: system32\DRIVERS\cdrom.sys
Image size: 49536
Image MD5: AF9C19B3100FE010496B1A27181FBF72
Start: 1
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): Changer
Start: 1
Type: 1
Error Control: 0

Service (registry key): CiSvc
Display name: Indexing Service
Description: Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language.
Object name: LocalSystem
Image path: %SystemRoot%\system32\cisvc.exe
Image size: 5632
Image MD5: 3192BD04D032A9C4A85A3278C268A13A
Start: 3
Type: 288
Error Control: 1
Depends On services: RPCSS

Service (registry key): ClipSrv
Display name: ClipBook
Description: Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\clipsrv.exe
Image size: 33280
Image MD5: C8DEC22C4137D7A90F8BDF41CA4B82AE
Start: 4
Type: 16
Error Control: 1
Depends On services: NetDDE

Service (registry key): CmBatt
Display name: Microsoft ACPI Control Method Battery Driver
Image path: system32\DRIVERS\CmBatt.sys
Image size: 14080
Image MD5: 4266BE808F85826AEDF3C64C1E240203
Start: 3
Type: 1
Error Control: 1

Service (registry key): CmdAgent
Display name: Comodo Application Agent
Description: COMODO Firewall Pro Application Agent
Object name: LocalSystem
Image path: C:\Program Files\Comodo\Firewall\cmdagent.exe
Image size: 361040
Image MD5: 2EDB74E72FEEB39C8906E4C8C54D91A5
Start: 2
Type: 272
Error Control: 1

Service (registry key): CmdIde
Display name: CmdIde
Image path: \SystemRoot\system32\DRIVERS\cmdide.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): CmdMon
Display name: Comodo Application Engine
Description: COMODO Firewall Pro Application Engine
Image path: System32\DRIVERS\cmdmon.sys
Image size: 75520
Image MD5: 7399B62C07D2340826CCAD5B4D661D35
Start: 1
Type: 1
Error Control: 1
Depends On services: Tcpip,

Service (registry key): Compbatt
Display name: Microsoft Composite Battery Driver
Image path: system32\DRIVERS\compbatt.sys
Image size: 9344
Image MD5: DF1B1A24BF52D0EBC01ED4ECE8979F50
Start: 0
Type: 1
Error Control: 1

Service (registry key): COMSysApp
Display name: COM+ System Application
Description: Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Image size: 5120
Image MD5: DD87DB7387B9EB441C5674888A0D840C
Start: 3
Type: 16
Error Control: 1
Depends On services: rpcss

Service (registry key): ContentFilter
Start: 0
Type: 0
Error Control: 0

Service (registry key): ContentIndex
Start: 0
Type: 0
Error Control: 0

Service (registry key): Cpqarray
Display name: Cpqarray
Image path: \SystemRoot\system32\DRIVERS\cpqarray.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): CryptSvc
Display name: Cryptographic Services
Description: Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): dac2w2k
Display name: dac2w2k
Image path: \SystemRoot\system32\DRIVERS\dac2w2k.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): dac960nt
Display name: dac960nt
Image path: \SystemRoot\system32\DRIVERS\dac960nt.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): DcomLaunch
Display name: DCOM Server Process Launcher
Description: Provides launch functionality for DCOM services.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost -k DcomLaunch
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): Dhcp
Display name: DHCP Client
Description: Manages network configuration by registering and updating IP addresses and DNS names.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd,NetBT

Service (registry key): Disk
Display name: Disk Driver
Image path: system32\DRIVERS\disk.sys
Image size: 36352
Image MD5: 00CA44E4534865F8A3B64F7C0984BFF0
Start: 0
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): dmadmin
Display name: Logical Disk Manager Administrative Service
Description: Configures hard disk drives and volumes. The service only runs for configuration processes and then stops.
Object name: LocalSystem
Image path: %SystemRoot%\System32\dmadmin.exe /com
Image size: 224768
Image MD5: 554C7CB178FE3BD12450B81AD63ADBC3
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay,DmServer

Service (registry key): dmboot
Image path: System32\drivers\dmboot.sys
Image size: 799744
Image MD5: C0FBB516E06E243F0CF31F597E7EBF7D
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmio
Image path: System32\drivers\dmio.sys
Image size: 153344
Image MD5: F5E7B358A732D09F4BCF2824B88B9E28
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmload
Image path: System32\drivers\dmload.sys
Image size: 5888
Image MD5: E9317282A63CA4D188C0DF5E09C6AC5F
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmserver
Display name: Logical Disk Manager
Description: Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay

Service (registry key): DMusic
Display name: Microsoft Kernel DLS Syntheiszer
Image path: system32\drivers\DMusic.sys
Image size: 52864
Image MD5: A6F881284AC1150E37D9AE47FF601267
Start: 3
Type: 1
Error Control: 1

Service (registry key): Dnscache
Display name: DNS Client
Description: Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip

Service (registry key): dpti2o
Display name: dpti2o
Image path: \SystemRoot\system32\DRIVERS\dpti2o.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): drmkaud
Display name: Microsoft Kernel DRM Audio Descrambler
Image path: system32\drivers\drmkaud.sys
Image size: 2944
Image MD5: 1ED4DBBAE9F5D558DBBA4CC450E3EB2E
Start: 3
Type: 1
Error Control: 1

Service (registry key): drvmcdb
Image path: system32\drivers\drvmcdb.sys
Image size: 87488
Image MD5: E814854E6B246CCF498874839AB64D77
Start: 0
Type: 1
Error Control: 0

Service (registry key): drvncdb
Start: 0
Type: 0
Error Control: 0

Service (registry key): drvnddm
Image path: system32\drivers\drvnddm.sys
Image size: 40480
Image MD5: EE83A4EBAE70BC93CF14879D062F548B
Start: 2
Type: 2
Error Control: 0

Service (registry key): DSBrokerService
Display name: DSBrokerService
Object name: LocalSystem
Image path: "C:\Program Files\DellSupport\brkrsvc.exe"
Image size: 76848
Image MD5: FE80901578E7E3DA70299A5AEB2B7FBD
Start: 3
Type: 16
Error Control: 0

Service (registry key): DSproct
Display name: DSproct
Image path: \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
Image size: 4736
Image MD5: 413F2D5F9D802688242C23B38F767ECB
Start: 3
Type: 1
Error Control: 1

Service (registry key): dsunidrv
Display name: DellSupport UniDriver
Image path: system32\DRIVERS\dsunidrv.sys
Image size: 5376
Image MD5: DFEABB7CFFFADEA4A912AB95BDC3177A
Start: 2
Type: 1
Error Control: 0

Service (registry key): E100B
Display name: Intel® PRO Adapter Driver
Image path: system32\DRIVERS\e100b325.sys
Image size: 117760
Image MD5: 3FCA03CBCA11269F973B70FA483C88EF
Start: 3
Type: 1
Error Control: 1

Service (registry key): ERSvc
Display name: Error Reporting Service
Description: Allows error reporting for services and applictions running in non-standard environments.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSs

Service (registry key): Eventlog
Display name: Event Log
Description: Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 108032
Image MD5: C6CE6EEC82F187615D1002BB3BB50ED4
Start: 2
Type: 32
Error Control: 1

Service (registry key): EventSystem
Display name: COM+ Event System
Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): Fastfat
Start: 4
Type: 2
Error Control: 1

Service (registry key): FastUserSwitchingCompatibility
Display name: Fast User Switching Compatibility
Description: Provides management for applications that require assistance in a multiple user environment.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: TermService

Service (registry key): Fax
Display name: Fax
Description: Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network.
Object name: LocalSystem
Image path: %systemroot%\system32\fxssvc.exe
Image size: 267776
Image MD5: FCBD571FA0EE8DC238944AE5FAB74461
Start: 2
Type: 16
Error Control: 1
Depends On services: TapiSrv,RpcSs,PlugPlay,Spooler

Service (registry key): Fdc
Display name: Floppy Disk Controller Driver
Image path: system32\DRIVERS\fdc.sys
Image size: 27392
Image MD5: CED2E8396A8838E59D8FD529C680E02C
Start: 3
Type: 1
Error Control: 1

Service (registry key): Fips
Start: 1
Type: 1
Error Control: 1

Service (registry key): Flpydisk
Display name: Floppy Disk Driver
Image path: system32\DRIVERS\flpydisk.sys
Image size: 20480
Image MD5: 0DD1DE43115B93F4D85E889D7A86F548
Start: 3
Type: 1
Error Control: 1

Service (registry key): FltMgr
Display name: FltMgr
Description: File System Filter Manager Driver
Image path: system32\DRIVERS\fltMgr.sys
Image size: 128896
Image MD5: 3D234FB6D6EE875EB009864A299BEA29
Start: 0
Type: 2
Error Control: 1

Service (registry key): Fs_Rec
Start: 1
Type: 8
Error Control: 0

Service (registry key): Ftdisk
Display name: Volume Manager Driver
Image path: system32\DRIVERS\ftdisk.sys
Image size: 125056
Image MD5: 6AC26732762483366C3969C9E4D2259D
Start: 0
Type: 1
Error Control: 1

Service (registry key): GEARAspiWDM
Display name: GEARAspiWDM
Image path: System32\Drivers\GEARAspiWDM.sys
Image size: 15664
Image MD5: 4AC51459805264AFFD5F6FDFB9D9235F
Start: 3
Type: 1
Error Control: 1

Service (registry key): Gpc
Display name: Generic Packet Classifier
Description: Generic Packet Classifier
Image path: system32\DRIVERS\msgpc.sys
Image size: 35072
Image MD5: C0F1D4A21DE5A415DF8170616703DEBF
Start: 3
Type: 1
Error Control: 1

Service (registry key): HDAudBus
Display name: Microsoft UAA Bus Driver for High Definition Audio
Image path: system32\DRIVERS\HDAudBus.sys
Image size: 137728
Image MD5: E31363D186B3E1D7C4E9117884A6AEE5
Start: 3
Type: 1
Error Control: 1

Service (registry key): helpsvc
Display name: Help and Support
Description: Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): HidServ
Display name: Human Interface Device Access
Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): hpn
Display name: hpn
Image path: \SystemRoot\system32\DRIVERS\hpn.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): HPZid412
Display name: IEEE-1284.4 Driver HPZid412
Image path: system32\DRIVERS\HPZid412.sys
Image size: 49664
Image MD5: 30CA91E657CEDE2F95359D6EF186F650
Start: 3
Type: 1
Error Control: 1

Service (registry key): HPZipr12
Display name: Print Class Driver for IEEE-1284.4 HPZipr12
Image path: system32\DRIVERS\HPZipr12.sys
Image size: 16496
Image MD5: EFD31AFA752AA7C7BBB57BCBE2B01C78
Start: 3
Type: 1
Error Control: 1

Service (registry key): HPZius12
Display name: USB to IEEE-1284.4 Translation Driver HPZius12
Image path: system32\DRIVERS\HPZius12.sys
Image size: 21568
Image MD5: 7AC43C38CA8FD7ED0B0A4466F753E06E
Start: 3
Type: 1
Error Control: 1

Service (registry key): HSFHWAZL
Image path: system32\DRIVERS\HSFHWAZL.sys
Image size: 201600
Image MD5: 1C8CAA80E91FB71864E9426F9EED048D
Start: 3
Type: 1
Error Control: 0

Service (registry key): HSF_DPV
Image path: system32\DRIVERS\HSF_DPV.sys
Image size: 1035008
Image MD5: 698204D9C2832E53633E53A30A53FC3D
Start: 3
Type: 1
Error Control: 0

Service (registry key): HTTP
Display name: HTTP
Description: This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start.
Image path: System32\Drivers\HTTP.sys
Image size: 262784
Image MD5: CB77BB47E67E84DEB17BA29632501730
Start: 3
Type: 1
Error Control: 1

Service (registry key): HTTPFilter
Display name: HTTP SSL
Description: This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k HTTPFilter
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP

Service (registry key): i2omgmt
Start: 1
Type: 1
Error Control: 1

Service (registry key): i2omp
Display name: i2omp
Image path: \SystemRoot\system32\DRIVERS\i2omp.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): i8042prt
Display name: i8042 Keyboard and PS/2 Mouse Port Driver
Image path: system32\DRIVERS\i8042prt.sys
Image size: 52736
Image MD5: 5502B58EEF7486EE6F93F3F164DCB808
Start: 1
Type: 1
Error Control: 1

Service (registry key): ialm
Image path: system32\DRIVERS\ialmnt5.sys
Image size: 1049180
Image MD5: 240D0F5D7CAAFD87BD8D801A97BBE041
Start: 3
Type: 1
Error Control: 0

Service (registry key): Imapi
Display name: CD-Burning Filter Driver
Image path: system32\DRIVERS\imapi.sys
Image size: 41856
Image MD5: F8AA320C6A0409C0380E5D8A99D76EC6
Start: 1
Type: 1
Error Control: 1

Service (registry key): ImapiService
Display name: IMAPI CD-Burning COM Service
Description: Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\imapi.exe
Image size: 150016
Image MD5: FA788520BCAC0F5D9D5CDE5615C0D931
Start: 3
Type: 16
Error Control: 1

Service (registry key): inetaccs
Start: 0
Type: 0
Error Control: 0

Service (registry key): ini910u
Display name: ini910u
Image path: \SystemRoot\system32\DRIVERS\ini910u.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): Inport
Start: 0
Type: 0
Error Control: 0

Service (registry key): Inspect
Display name: Comodo Network Engine
Description: COMODO Firewall Pro Network Engine
Image path: System32\DRIVERS\inspect.sys
Image size: 51328
Image MD5: 76A44EA5960F2F7224F5E7C7A18A0E3B
Start: 0
Type: 1
Error Control: 1
Depends On services: NDIS,
Depends On group: "NDIS Wrapper",

Service (registry key): IntelIde
Image path: system32\DRIVERS\intelide.sys
Image size: 5504
Image MD5: 2D722B2B54AB55B2FA475EB58D7B2AAD
Start: 0
Type: 1
Error Control: 1

Service (registry key): intelppm
Display name: Intel Processor Driver
Image path: system32\DRIVERS\intelppm.sys
Image size: 36096
Image MD5: 279FB78702454DFF2BB445F238C048D2
Start: 1
Type: 1
Error Control: 1

Service (registry key): Ip6Fw
Display name: IPv6 Windows Firewall Driver
Description: Provides intrusion prevention service for a home or small office network.
Image path: system32\DRIVERS\Ip6Fw.sys
Image size: 29056
Image MD5: 4448006B6BC60E6C027932CFC38D6855
Start: 3
Type: 1
Error Control: 1

Service (registry key): IpFilterDriver
Display name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Image path: system32\DRIVERS\ipfltdrv.sys
Image size: 32896
Image MD5: 731F22BA402EE4B62748ADAF6363C182
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IpInIp
Display name: IP in IP Tunnel Driver
Description: IP in IP Tunnel Driver
Image path: system32\DRIVERS\ipinip.sys
Image size: 20992
Image MD5: E1EC7F5DA720B640CD8FB8424F1B14BB
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IpNat
Display name: IP Network Address Translator
Description: IP Network Address Translator
Image path: system32\DRIVERS\ipnat.sys
Image size: 134912
Image MD5: E2168CBC7098FFE963C6F23F472A3593
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): iPod Service
Display name: iPod Service
Description: iPod hardware management services
Object name: LocalSystem
Image path: "C:\Program Files\iPod\bin\iPodService.exe"
Image size: 501048
Image MD5: 83CD5F746B260457DEF125AEB8783B46
Start: 3
Type: 16
Error Control: 1
Depends On services: RpcSs

Service (registry key): IPSec
Display name: IPSEC driver
Description: IPSEC driver
Image path: system32\DRIVERS\ipsec.sys
Image size: 74752
Image MD5: 64537AA5C003A6AFEEE1DF819062D0D1
Start: 1
Type: 1
Error Control: 1

Service (registry key): IRENUM
Display name: IR Enumerator Service
Image path: system32\DRIVERS\irenum.sys
Image size: 11264
Image MD5: 50708DAA1B1CBB7D6AC1CF8F56A24410
Start: 3
Type: 1
Error Control: 1

Service (registry key): ISAPISearch
Start: 0
Type: 0
Error Control: 0

Service (registry key): isapnp
Display name: PnP ISA/EISA Bus Driver
Image path: system32\DRIVERS\isapnp.sys
Image size: 35840
Image MD5: E504F706CCB699C2596E9A3DA1596E87
Start: 0
Type: 1
Error Control: 3

Service (registry key): Kbdclass
Display name: Keyboard Class Driver
Image path: system32\DRIVERS\kbdclass.sys
Image size: 24576
Image MD5: EBDEE8A2EE5393890A1ACEE971C4C246
Start: 1
Type: 1
Error Control: 1

Service (registry key): kmixer
Display name: Microsoft Kernel Wave Audio Mixer
Image path: system32\drivers\kmixer.sys
Image size: 172416
Image MD5: BA5DEDA4D934E6288C2F66CAF58D2562
Start: 3
Type: 1
Error Control: 1

Service (registry key): KSecDD
Start: 0
Type: 1
Error Control: 1

Service (registry key): lanmanserver
Display name: Server
Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): lanmanworkstation
Display name: Workstation
Description: Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): lbrtfdc
Start: 1
Type: 1
Error Control: 0

Service (registry key): ldap
Start: 0
Type: 0
Error Control: 0

Service (registry key): LicenseService
Start: 0
Type: 0
Error Control: 0

Service (registry key): LmHosts
Display name: TCP/IP NetBIOS Helper
Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: NetBT,Afd

Service (registry key): MDC8021X
Display name: AEGIS Protocol (IEEE 802.1x) v2.3.1.9
Description: AEGIS Protocol (IEEE 802.1x) v2.3.1.9
Image path: system32\DRIVERS\mdc8021x.sys
Image size: 15781
Image MD5: D7010580BF4E45D5E793A1FE75758C69
Start: 2
Type: 1
Error Control: 1

Service (registry key): MDM
Display name: Machine Debug Manager
Description: Manages local and remote debugging for Visual Studio debuggers
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
Image size: 270336
Image MD5: 0EFEE4F2D23BA2D8B27FBA942106E0E1
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): mdmxsdk
Image path: system32\DRIVERS\mdmxsdk.sys
Image size: 13059
Image MD5: 3C318B9CD391371BED62126581EE9961
Start: 2
Type: 1
Error Control: 0

Service (registry key): Messenger
Display name: Messenger
Description: Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,NetBIOS,PlugPlay,RpcSS

Service (registry key): mnmdd
Start: 1
Type: 1
Error Control: 0

Service (registry key): mnmsrvc
Display name: NetMeeting Remote Desktop Sharing
Description: Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\mnmsrvc.exe
Image size: 32768
Image MD5: F6415361201915B9FE3896B0E4E724FF
Start: 3
Type: 272
Error Control: 1

Service (registry key): Modem
Start: 3
Type: 1
Error Control: 0

Service (registry key): Mouclass
Display name: Mouse Class Driver
Image path: system32\DRIVERS\mouclass.sys
Image size: 23040
Image MD5: 34E1F0031153E491910E12551400192C
Start: 1
Type: 1
Error Control: 1

Service (registry key): MountMgr
Start: 0
Type: 1
Error Control: 1

Service (registry key): mraid35x
Display name: mraid35x
Image path: \SystemRoot\system32\DRIVERS\mraid35x.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): MRxDAV
Display name: WebDav Client Redirector
Description: WebDav Client Redirector
Image path: system32\DRIVERS\mrxdav.sys
Image size: 181248
Image MD5: 46EDCC8F2DB2F322C24F48785CB46366
Start: 3
Type: 2
Error Control: 1

Service (registry key): MRxSmb
Display name: MRXSMB
Description: MRXSMB
Image path: system32\DRIVERS\mrxsmb.sys
Image size: 453120
Image MD5: 025AF03CE51645C62F3B6907A7E2BE5E
Start: 1
Type: 2
Error Control: 1

Service (registry key): MSDTC
Display name: Distributed Transaction Coordinator
Description: Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: C:\WINDOWS\system32\msdtc.exe
Image size: 6144
Image MD5: C7C3D89EB0A6F3DBA622EA737FA335B1
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS,SamSS

Service (registry key): Msfs
Start: 1
Type: 2
Error Control: 1

Service (registry key): MSIServer
Display name: Windows Installer
Description: Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\msiexec.exe /V
Image size: 78848
Image MD5: F5F0146580E7023ADB963879840777F8
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): MSKSSRV
Display name: Microsoft Streaming Service Proxy
Image path: system32\drivers\MSKSSRV.sys
Image size: 7552
Image MD5: AE431A8DD3C1D0D0610CDBAC16057AD0
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPCLOCK
Display name: Microsoft Streaming Clock Proxy
Image path: system32\drivers\MSPCLOCK.sys
Image size: 5376
Image MD5: 13E75FEF9DFEB08EEDED9D0246E1F448
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPQM
Display name: Microsoft Streaming Quality Manager Proxy
Image path: system32\drivers\MSPQM.sys
Image size: 4992
Image MD5: 1988A33FF19242576C3D0EF9CE785DA7
Start: 3
Type: 1
Error Control: 1

Service (registry key): mssmbios
Display name: Microsoft System Management BIOS Driver
Image path: system32\DRIVERS\mssmbios.sys
Image size: 15488
Image MD5: 469541F8BFD2B32659D5D463A6714BCE
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSTEE
Display name: Microsoft Streaming Tee/Sink-to-Sink Converter
Image path: system32\drivers\MSTEE.sys
Image size: 5504
Image MD5: BF13612142995096AB084F2DB7F40F77
Start: 3
Type: 1
Error Control: 1

Service (registry key): Mup
Display name: Mup
Start: 0
Type: 2
Error Control: 1

Service (registry key): NABTSFEC
Display name: NABTS/FEC VBI Codec
Image path: system32\DRIVERS\NABTSFEC.sys
Image size: 85376
Image MD5: 5C8DC6429C43DC6177C1FA5B76290D1A
Start: 3
Type: 1
Error Control: 1

Service (registry key): NDIS
Display name: NDIS System Driver
Start: 0
Type: 1
Error Control: 1

Service (registry key): NdisIP
Display name: Microsoft TV/Video Connection
Image path: system32\DRIVERS\NdisIP.sys
Image size: 10880
Image MD5: 520CE427A8B298F54112857BCF6BDE15
Start: 3
Type: 1
Error Control: 1

Service (registry key): NdisTapi
Display name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Image path: system32\DRIVERS\ndistapi.sys
Image size: 9600
Image MD5: 08D43BBDACDF23F34D79E44ED35C1B4C
Start: 3
Type: 1
Error Control: 1

Service (registry key): Ndisuio
Display name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Image path: system32\DRIVERS\ndisuio.sys
Image size: 12928
Image MD5: 34D6CD56409DA9A7ED573E1C90A308BF
Start: 3
Type: 1
Error Control: 1

Service (registry key): NdisWan
Display name: Remote Access NDIS WAN Driver
Description: Remote Access NDIS WAN Driver
Image path: system32\DRIVERS\ndiswan.sys
Image size: 91776
Image MD5: 0B90E255A9490166AB368CD55A529893
Start: 3
Type: 1
Error Control: 1

Service (registry key): NDProxy
Start: 3
Type: 1
Error Control: 1

Service (registry key): NetBIOS
Display name: NetBIOS Interface
Description: NetBIOS Interface
Image path: system32\DRIVERS\netbios.sys
Image size: 34560
Image MD5: 3A2ACA8FC1D7786902CA434998D7CEB4
Start: 1
Type: 2
Error Control: 1

Service (registry key): NetBT
Display name: NetBios over Tcpip
Description: NetBios over Tcpip
Image path: system32\DRIVERS\netbt.sys
Image size: 162816
Image MD5: 0C80E410CD2F47134407EE7DD19CC86B
Start: 1
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): NetDDE
Display name: Network DDE
Description: Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 111104
Image MD5: 05AFB5AD06462257BEA7495283C86D50
Start: 4
Type: 32
Error Control: 1
Depends On services: NetDDEDSDM

Service (registry key): NetDDEdsdm
Display name: Network DDE DSDM
Description: Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 111104
Image MD5: 05AFB5AD06462257BEA7495283C86D50
Start: 4
Type: 32
Error Control: 1

Service (registry key): Netlogon
Display name: Net Logon
Description: Supports pass-through authentication of account logon events for computers in a domain.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Start: 3
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): Netman
Display name: Network Connections
Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 288
Error Control: 1
Depends On services: RpcSs

Service (registry key): NICCONFIGSVC
Display name: NICCONFIGSVC
Description: Configure your Internal Network Card power management settings.
Object name: LocalSystem
Image path: C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
Image size: 356352
Image MD5: 23EEB337BF684589D261F2359E19C72C
Start: 2
Type: 272
Error Control: 1

Service (registry key): Nla
Display name: Network Location Awareness (NLA)
Description: Collects and stores network configuration and location information, and notifies applications when this information changes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd

Service (registry key): Npfs
Start: 1
Type: 2
Error Control: 1

Service (registry key): Ntfs
Start: 4
Type: 2
Error Control: 1

Service (registry key): NtLmSsp
Display name: NT LM Security Support Provider
Description: Provides security to remote procedure call (RPC) programs that use transports other than named pipes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Start: 3
Type: 32
Error Control: 1

Service (registry key): NtmsSvc
Display name: Removable Storage
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Null
Start: 1
Type: 1
Error Control: 1

Service (registry key): nv
Image path: system32\DRIVERS\nv4_mini.sys
Image size: 1897408
Image MD5: 2B298519EDBFCF451D43E0F1E8F1006D
Start: 3
Type: 1
Error Control: 0

Service (registry key): NwlnkFlt
Display name: IPX Traffic Filter Driver
Description: IPX Traffic Filter Driver
Image path: system32\DRIVERS\nwlnkflt.sys
Image size: 12416
Image MD5: B305F3FAD35083837EF46A0BBCE2FC57
Start: 3
Type: 1
Error Control: 1
Depends On services: NwlnkFwd

Service (registry key): NwlnkFwd
Display name: IPX Traffic Forwarder Driver
Description: IPX Traffic Forwarder Driver
Image path: system32\DRIVERS\nwlnkfwd.sys
Image size: 32512
Image MD5: C99B3415198D1AAB7227F2C88FD664B9
Start: 3
Type: 1
Error Control: 1

Service (registry key): Parport
Display name: Parallel port driver
Image path: system32\DRIVERS\parport.sys
Image size: 80128
Image MD5: 29744EB4CE659DFE3B4122DEB45BC478
Start: 3
Type: 1
Error Control: 0

Service (registry key): PartMgr
Start: 0
Type: 1
Error Control: 1

Service (registry key): ParVdm
Start: 4
Type: 1
Error Control: 0
Depends On services: Parport
Depends On group: "Parallel arbitrator"

Service (registry key): PCI
Display name: PCI Bus Driver
Image path: system32\DRIVERS\pci.sys
Image size: 68224
Image MD5: 8086D9979234B603AD5BC2F5D890B234
Start: 0
Type: 1
Error Control: 3

Service (registry key): PCIDump
Start: 1
Type: 1
Error Control: 0

Service (registry key): PCIIde
Image path: system32\DRIVERS\pciide.sys
Image size: 3328
Image MD5: CCF5F451BB1A5A2A522A76E670000FF0
Start: 0
Type: 1
Error Control: 1

Service (registry key): Pcmcia
Start: 4
Type: 1
Error Control: 1

Service (registry key): PDCOMP
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDFRAME
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDRELI
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDRFRAME
Start: 3
Type: 1
Error Control: 0

Service (registry key): perc2
Display name: perc2
Image path: \SystemRoot\system32\DRIVERS\perc2.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): perc2hib
Display name: perc2hib
Image path: \SystemRoot\system32\DRIVERS\perc2hib.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): PerfDisk
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfNet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfOS
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfProc
Start: 0
Type: 0
Error Control: 0

Service (registry key): PlugPlay
Display name: Plug and Play
Description: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 108032
Image MD5: C6CE6EEC82F187615D1002BB3BB50ED4
Start: 2
Type: 32
Error Control: 1

Service (registry key): Pml Driver HPZ12
Display name: Pml Driver HPZ12
Object name: LocalSystem
Image path: C:\WINDOWS\system32\HPZipm12.exe
Image size: 69632
Image MD5: A38B3CE68E7F126190CDE4AA3FDF050F
Start: 2
Type: 16
Error Control: 1

Service (registry key): PolicyAgent
Display name: IPSEC Services
Description: Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,Tcpip,IPSec

Service (registry key): PptpMiniport
Display name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Image path: system32\DRIVERS\raspptp.sys
Image size: 48384
Image MD5: 1C5CC65AAC0783C344F16353E60B72AC
Start: 3
Type: 1
Error Control: 1

Service (registry key): ProtectedStorage
Display name: Protected Storage
Description: Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Start: 2
Type: 288
Error Control: 1
Depends On services: RpcSs

Service (registry key): PSched
Display name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Image path: system32\DRIVERS\psched.sys
Image size: 69120
Image MD5: 48671F327553DCF1D27F6197F622A668
Start: 3
Type: 1
Error Control: 1
Depends On services: Gpc

Service (registry key): Ptilink
Display name: Direct Parallel Link Driver
Description: Direct Parallel Link Driver
Image path: system32\DRIVERS\ptilink.sys
Image size: 17792
Image MD5: 80D317BD1C3DBC5D4FE7B1678C60CADD
Start: 3
Type: 1
Error Control: 1

Service (registry key): PxHelp20
Display name: PxHelp20
Image path: System32\Drivers\PxHelp20.sys
Image size: 20640
Image MD5: 86724469CD077901706854974CD13C3E
Start: 0
Type: 1
Error Control: 1

Service (registry key): ql1080
Display name: ql1080
Image path: \SystemRoot\system32\DRIVERS\ql1080.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): Ql10wnt
Display name: Ql10wnt
Image path: \SystemRoot\system32\DRIVERS\ql10wnt.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql12160
Display name: ql12160
Image path: \SystemRoot\system32\DRIVERS\ql12160.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql1240
Display name: ql1240
Image path: \SystemRoot\system32\DRIVERS\ql1240.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql1280
Display name: ql1280
Image path: \SystemRoot\system32\DRIVERS\ql1280.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): RasAcd
Display name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Image path: system32\DRIVERS\rasacd.sys
Image size: 8832
Image MD5: FE0D99D6F31E4FAD8159F690D68DED9C
Start: 1
Type: 1
Error Control: 1

Service (registry key): RasAuto
Display name: Remote Access Auto Connection Manager
Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RasMan,Tapisrv

Service (registry key): Rasl2tp
Display name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Image path: system32\DRIVERS\rasl2tp.sys
Image size: 51328
Image MD5: 98FAEB4A4DCF812BA1C6FCA4AA3E115C
Start: 3
Type: 1
Error Control: 1

Service (registry key): RasMan
Display name: Remote Access Connection Manager
Description: Creates a network connection.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: Tapisrv

Service (registry key): RasPppoe
Display name: Remote Access PPPOE Driver
Description: Remote Access PPPOE Driver
Image path: system32\DRIVERS\raspppoe.sys
Image size: 41472
Image MD5: 7306EEED8895454CBED4669BE9F79FAA
Start: 3
Type: 1
Error Control: 1

Service (registry key): Raspti
Display name: Direct Parallel
Description: Direct Parallel
Image path: system32\DRIVERS\raspti.sys
Image size: 16512
Image MD5: FDBB1D60066FCFBB7452FD8F9829B242
Start: 3
Type: 1
Error Control: 1

Service (registry key): Rdbss
Display name: Rdbss
Description: Rdbss
Image path: system32\DRIVERS\rdbss.sys
Image size: 174592
Image MD5: 03B965B1CA47F6EF60EB5E51CB50E0AF
Start: 1
Type: 2
Error Control: 1

Service (registry key): RDPCDD
Image path: System32\DRIVERS\RDPCDD.sys
Image size: 4224
Image MD5: 4912D5B403614CE99C28420F75353332
Start: 1
Type: 1
Error Control: 0

Service (registry key): RDPDD
Start: 0
Type: 0
Error Control: 0

Service (registry key): rdpdr
Display name: Terminal Server Device Redirector Driver
Image path: system32\DRIVERS\rdpdr.sys
Image size: 196864
Image MD5: A2CAE2C60BC37E0751EF9DDA7CEAF4AD
Start: 3
Type: 1
Error Control: 1

Service (registry key): RDPNP
Start: 0
Type: 0
Error Control: 0

Service (registry key): RDPWD
Start: 3
Type: 1
Error Control: 0

Service (registry key): RDSessMgr
Display name: Remote Desktop Help Session Manager
Description: Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\sessmgr.exe
Image size: 140800
Image MD5: 729798E0933076B8FCFCD9934698F164
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): redbook
Display name: Digital CD Audio Playback Filter Driver
Image path: system32\DRIVERS\redbook.sys
Image size: 57472
Image MD5: B31B4588E4086D8D84ADBF9845C2402B
Start: 1
Type: 1
Error Control: 1

Service (registry key): RemoteAccess
Display name: Routing and Remote Access
Description: Offers routing services to businesses in local area and wide area network environments.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSS
Depends On group: NetBIOSGroup

Service (registry key): RpcLocator
Display name: Remote Procedure Call (RPC) Locator
Description: Manages the RPC name service database.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\locator.exe
Image size: 75264
Image MD5: 793F04A09B15E7C6C11DBDFFAF06C0AB
Start: 3
Type: 16
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): RpcSs
Display name: Remote Procedure Call (RPC)
Description: Provides the endpoint mapper and other miscellaneous RPC services.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost -k rpcss
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): RSVP
Display name: QoS RSVP
Description: Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets.
Object name: LocalSystem
Image path: %SystemRoot%\system32\rsvp.exe
Image size: 132608
Image MD5: 471B3F9741D762ABE75E9DEEA4787E47
Start: 3
Type: 16
Error Control: 1
Depends On services: TcpIp,Afd,RpcSs

Service (registry key): SamSs
Display name: Security Accounts Manager
Description: Stores security information for local user accounts.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): SCardSvr
Display name: Smart Card
Description: Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\SCardSvr.exe
Image size: 95744
Image MD5: 25D8DE134DF108E3DBC8D7D23B1AA58E
Start: 3
Type: 32
Error Control: 0
Depends On services: PlugPlay

Service (registry key): Schedule
Display name: Task Scheduler
Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Secdrv
Display name: Secdrv
Description: SafeDisc driver
Image path: system32\DRIVERS\secdrv.sys
Image size: 27440
Image MD5: D26E26EA516450AF9D072635C60387F4
Start: 3
Type: 1
Error Control: 1

Service (registry key): seclogon
Display name: Secondary Logon
Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 288
Error Control: 0

Service (registry key): SENS
Display name: System Event Notification
Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: EventSystem

Service (registry key): serenum
Display name: Serenum Filter Driver
Image path: system32\DRIVERS\serenum.sys
Image size: 15488
Image MD5: A2D868AEEFF612E70E213C451A70CAFB
Start: 3
Type: 1
Error Control: 1

Service (registry key): Serial
Display name: Serial port driver
Image path: system32\DRIVERS\serial.sys
Image size: 64896
Image MD5: CD9404D115A00D249F70A371B46D5A26
Start: 1
Type: 1
Error Control: 0

Service (registry key): Sfloppy
Start: 1
Type: 1
Error Control: 0
Depends On group: "SCSI miniport"

Service (registry key): SharedAccess
Display name: Windows Firewall/Internet Connection Sharing (ICS)
Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: Netman,WinMgmt

Service (registry key): ShellHWDetection
Display name: Shell Hardware Detection
Description: Provides notifications for AutoPlay hardware events.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSs

Service (registry key): Simbad
Start: 4
Type: 1
Error Control: 1

Service (registry key): sisagp
Display name: SIS AGP Bus Filter
Image path: \SystemRoot\system32\DRIVERS\sisagp.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): SLIP
Display name: BDA Slip De-Framer
Image path: system32\DRIVERS\SLIP.sys
Image size: 11136
Image MD5: 5CAEED86821FA2C6139E32E9E05CCDC9
Start: 3
Type: 1
Error Control: 1

Service (registry key): SoC PC-Camera Service
Display name: SoC PC-Camera
Image path: system32\DRIVERS\pfc027.sys
Image size: 123276
Image MD5: A3D484EBD8C1F6DB3739E892A6304951
Start: 3
Type: 1
Error Control: 1

Service (registry key): Sparrow
Display name: Sparrow
Image path: \SystemRoot\system32\DRIVERS\sparrow.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): splitter
Display name: Microsoft Kernel Audio Splitter
Image path: system32\drivers\splitter.sys
Image size: 6400
Image MD5: 0CE218578FFF5F4F7E4201539C45C78F
Start: 3
Type: 1
Error Control: 1

Service (registry key): Spooler
Display name: Print Spooler
Description: Loads files to memory for later printing.
Object name: LocalSystem
Image path: %SystemRoot%\system32\spoolsv.exe
Image size: 57856
Image MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): sr
Display name: System Restore Filter Driver
Image path: system32\DRIVERS\sr.sys
Image size: 73472
Image MD5: E41B6D037D6CD08461470AF04500DC24
Start: 0
Type: 2
Error Control: 1

Service (registry key): srservice
Display name: System Restore Service
Description: Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Srv
Display name: Srv
Description: Srv
Image path: system32\DRIVERS\srv.sys
Image size: 332928
Image MD5: EA554A3FFC3F536FE8320EB38F5E4843
Start: 3
Type: 2
Error Control: 1

Service (registry key): sscdbhk5
Image path: system32\drivers\sscdbhk5.sys
Image size: 5627
Image MD5: D7968049BE0ADBB6A57CEE3960320911
Start: 1
Type: 2
Error Control: 0

Service (registry key): SSDPSRV
Display name: SSDP Discovery Service
Description: Enables discovery of UPnP devices on your home network.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP

Service (registry key): ssrtln
Image path: system32\drivers\ssrtln.sys
Image size: 23545
Image MD5: C3FFD65ABFB6441E7606CF74F1155273
Start: 1
Type: 2
Error Control: 0

Service (registry key): STHDA
Display name: SigmaTel High Definition Audio CODEC
Image path: system32\drivers\sthda.sys
Image size: 1031720
Image MD5: 4D8AF5D86A8F7778B93069E0F2E30B33
Start: 3
Type: 1
Error Control: 1

Service (registry key): stisvc
Display name: Windows Image Acquisition (WIA)
Description: Provides image acquisition services for scanners and cameras.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k imgsvc
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): streamip
Display name: BDA IPSink
Image path: system32\DRIVERS\StreamIP.sys
Image size: 15360
Image MD5: 284C57DF5DC7ABCA656BC2B96A667AFB
Start: 3
Type: 1
Error Control: 1

Service (registry key): swenum
Display name: Software Bus Driver
Image path: system32\DRIVERS\swenum.sys
Image size: 4352
Image MD5: 03C1BAE4766E2450219D20B993D6E046
Start: 3
Type: 1
Error Control: 1

Service (registry key): swmidi
Display name: Microsoft Kernel GS Wavetable Synthesizer
Image path: system32\drivers\swmidi.sys
Image size: 54272
Image MD5: 94ABC808FC4B6D7D2BBF42B85E25BB4D
Start: 3
Type: 1
Error Control: 1

Service (registry key): SwPrv
Display name: MS Software Shadow Copy Provider
Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{A445BD1E-49EE-4607-B370-5CCA447377C4}
Image size: 5120
Image MD5: DD87DB7387B9EB441C5674888A0D840C
Start: 3
Type: 16
Error Control: 0
Depends On services: rpcss

Service (registry key): symc810
Display name: symc810
Image path: \SystemRoot\system32\DRIVERS\symc810.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): symc8xx
Display name: symc8xx
Image path: \SystemRoot\system32\DRIVERS\symc8xx.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): sym_hi
Display name: sym_hi
Image path: \SystemRoot\system32\DRIVERS\sym_hi.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): sym_u3
Display name: sym_u3
Image path: \SystemRoot\system32\DRIVERS\sym_u3.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): SynPS2Enable
Start: 0
Type: 0
Error Control: 0

Service (registry key): SynTP
Display name: Synaptics TouchPad Driver
Image path: system32\DRIVERS\SynTP.sys
Image size: 190560
Image MD5: 643B3E821A00B2B6A35CC099CB9653A1
Start: 3
Type: 1
Error Control: 1

Service (registry key): sysaudio
Display name: Microsoft Kernel System Audio Device
Image path: system32\drivers\sysaudio.sys
Image size: 60800
Image MD5: 650AD082D46BAC0E64C9C0E0928492FD
Start: 3
Type: 1
Error Control: 1

Service (registry key): SysmonLog
Display name: Performance Logs and Alerts
Description: Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\system32\smlogsvc.exe
Image size: 89600
Image MD5: 8B54AA346D1B1B113FFAA75501B8B1B2
Start: 3
Type: 16
Error Control: 1

Service (registry key): TapiSrv
Display name: Telephony
Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): Tcpip
Display name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Image path: system32\DRIVERS\tcpip.sys
Image size: 359808
Image MD5: 1DBF125862891817F374F407626967F4
Start: 1
Type: 1
Error Control: 1
Depends On services: IPSec

Service (registry key): TDPIPE
Start: 3
Type: 1
Error Control: 0

Service (registry key): TDTCP
Start: 3
Type: 1
Error Control: 0

Service (registry key): TermDD
Display name: Terminal Device Driver
Image path: system32\DRIVERS\termdd.sys
Image size: 40840
Image MD5: A540A99C281D933F3D69D55E48727F47
Start: 1
Type: 1
Error Control: 1

Service (registry key): TermService
Display name: Terminal Services
Description: Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost -k DComLaunch
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): tfsnboio
Image path: system32\dla\tfsnboio.sys
Image size: 25883
Image MD5: 30698355067D07DA5F9EB81132C9FDD6
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsncofs
Image path: system32\dla\tfsncofs.sys
Image size: 34843
Image MD5: FB9D825BB4A2ABDF24600F7505050E2B
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsndrct
Image path: system32\dla\tfsndrct.sys
Image size: 4123
Image MD5: CAFD8CCA11AA1E8B6D2EA1BA8F70EC33
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsndres
Image path: system32\dla\tfsndres.sys
Image size: 2239
Image MD5: 8DB1E78FBF7C426D8EC3D8F1A33D6485
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsnifs
Image path: system32\dla\tfsnifs.sys
Image size: 86586
Image MD5: B92F67A71CC8176F331B8AA8D9F555AD
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsnopio
Image path: system32\dla\tfsnopio.sys
Image size: 15227
Image MD5: 85985FAA9A71E2358FCC2EDEFC2A3C5C
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsnpool
Image path: system32\dla\tfsnpool.sys
Image size: 6363
Image MD5: BBA22094F0F7C210567EFDAF11F64495
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsnudf
Image path: system32\dla\tfsnudf.sys
Image size: 98714
Image MD5: 81340BEF80B9811E98CE64611E67E3FF
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsnudfa
Image path: system32\dla\tfsnudfa.sys
Image size: 100603
Image MD5: C035FD116224CCC8325F384776B6A8BB
Start: 2
Type: 2
Error Control: 0

Service (registry key): Themes
Display name: Themes
Description: Provides user experience theme management.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): TosIde
Display name: TosIde
Image path: \SystemRoot\system32\DRIVERS\toside.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): TrkWks
Display name: Distributed Link Tracking Client
Description: Maintains links between NTFS files within a computer or across computers in a network domain.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): TSDDD
Start: 0
Type: 0
Error Control: 0

Service (registry key): Udfs
Start: 4
Type: 2
Error Control: 1

Service (registry key): ultra
Display name: ultra
Image path: \SystemRoot\system32\DRIVERS\ultra.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): Update
Display name: Microcode Update Driver
Image path: system32\DRIVERS\update.sys
Image size: 364160
Image MD5: CED744117E91BDC0BEB810F7D8608183
Start: 3
Type: 1
Error Control: 1

Service (registry key): upnphost
Display name: Universal Plug and Play Device Host
Description: Provides support to host Universal Plug and Play devices.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: SSDPSRV,HTTP

Service (registry key): UPS
Display name: Uninterruptible Power Supply
Description: Manages an uninterruptible power supply (UPS) connected to the computer.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\ups.exe
Image size: 18432
Image MD5: 3F5DF65B0758675F95A2D43918A740A3
Start: 3
Type: 16
Error Control: 1

Service (registry key): usbccgp
Display name: Microsoft USB Generic Parent Driver
Image path: system32\DRIVERS\usbccgp.sys
Image size: 31616
Image MD5: BFFD9F120CC63BCBAA3D840F3EEF9F79
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbehci
Display name: Microsoft USB 2.0 Enhanced Host Controller Miniport Driver
Image path: system32\DRIVERS\usbehci.sys
Image size: 26624
Image MD5: 15E993BA2F6946B2BFBBFCD30398621E
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbhub
Display name: USB2 Enabled Hub
Image path: system32\DRIVERS\usbhub.sys
Image size: 57600
Image MD5: C72F40947F92CEA56A8FB532EDF025F1
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbprint
Display name: Microsoft USB PRINTER Class
Image path: system32\DRIVERS\usbprint.sys
Image size: 25856
Image MD5: A42369B7CD8886CD7C70F33DA6FCBCF5
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbscan
Display name: USB Scanner Driver
Image path: system32\DRIVERS\usbscan.sys
Image size: 15104
Image MD5: A6BC71402F4F7DD5B77FD7F4A8DDBA85
Start: 3
Type: 1
Error Control: 1

Service (registry key): USBSTOR
Display name: USB Mass Storage Driver
Image path: system32\DRIVERS\USBSTOR.SYS
Image size: 26496
Image MD5: 6CD7B22193718F1D17A47A1CD6D37E75
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbuhci
Display name: Microsoft USB Universal Host Controller Miniport Driver
Image path: system32\DRIVERS\usbuhci.sys
Image size: 20480
Image MD5: F8FD1400092E23C8F2F31406EF06167B
Start: 3
Type: 1
Error Control: 1

Service (registry key): usnjsvc
Display name: Messenger Sharing Folders USN Journal Reader service
Description: Service installed by Messenger to enable sharing scenarios
Object name: LocalSystem
Image path: "C:\Program Files\MSN Messenger\usnsvc.exe"
Image size: 97136
Image MD5: C5B70A6AA947667CE0E5FC84A05EC8B6
Start: 3
Type: 16
Error Control: 1
Depends On services: rpcss,eventlog

Service (registry key): VgaSave
Image path: \SystemRoot\System32\drivers\vga.sys
Start: 1
Type: 1
Error Control: 0

Service (registry key): viaagp
Display name: VIA AGP Bus Filter
Image path: \SystemRoot\system32\DRIVERS\viaagp.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): ViaIde
Display name: ViaIde
Image path: \SystemRoot\system32\DRIVERS\viaide.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): VolSnap
Start: 0
Type: 1
Error Control: 1

Service (registry key): VSS
Display name: Volume Shadow Copy
Description: Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\vssvc.exe
Image size: 289792
Image MD5: 3EE00364AE0FD8D604F46CBAF512838A
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): w32time
Display name: Windows Time
Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): W3SVC
Start: 0
Type: 0
Error Control: 0

Service (registry key): Wanarp
Display name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Image path: system32\DRIVERS\wanarp.sys
Image size: 34560
Image MD5: 984EF0B9788ABF89974CFED4BFBAACBC
Start: 3
Type: 1
Error Control: 1

Service (registry key): wanatw
Display name: WAN Miniport (ATW)
Image path: system32\DRIVERS\wanatw4.sys
Image size: 33588
Image MD5: 0A716C08CB13C3A8F4F51E882DBF7416
Start: 3
Type: 1
Error Control: 1

Service (registry key): WDICA
Start: 3
Type: 1
Error Control: 0

Service (registry key): wdmaud
Display name: Microsoft WINMM WDM Audio Compatibility Driver
Image path: system32\drivers\wdmaud.sys
Image size: 82944
Image MD5: EFD235CA22B57C81118C1AEB4798F1C1
Start: 3
Type: 1
Error Control: 1

Service (registry key): WebClient
Display name: WebClient
Description: Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: MRxDAV

Service (registry key): winachsf
Image path: system32\DRIVERS\HSF_CNXT.sys
Image size: 717952
Image MD5: 74CF3F2E4E40C4A2E18D39D6300A5C24
Start: 3
Type: 1
Error Control: 0

Service (registry key): winmgmt
Display name: Windows Management Instrumentation
Description: Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS

Service (registry key): Winsock
Start: 3
Type: 4
Error Control: 1

Service (registry key): WinSock2
Start: 0
Type: 0
Error Control: 0

Service (registry key): WinTrust
Start: 0
Type: 0
Error Control: 0

Service (registry key): wltrysvc
Display name: Dell Wireless WLAN Tray Service
Description: Provides 802.11 network connection during system startup
Object name: LocalSystem
Image path: %SystemRoot%\System32\wltrysvc.exe %SystemRoot%\System32\bcmwltry.exe
Image size: 65536
Image MD5: 61490BFA6558C8DD3027E130D9A02D4B
Start: 2
Type: 272
Error Control: 1

Service (registry key): WmdmPmSN
Display name: Portable Media Serial Number Service
Description: Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1

Service (registry key): WmiApRpl
Start: 0
Type: 0
Error Control: 0

Service (registry key): WmiApSrv
Display name: WMI Performance Adapter
Description: Provides performance library information from WMI HiPerf providers.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\wbem\wmiapsrv.exe
Image size: 126464
Image MD5: BA8CECC3E813E1F7C441B20393D4F86C
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): WMPNetworkSvc
Display name: Windows Media Player Network Sharing Service
Description: Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play
Object name: NT AUTHORITY\NetworkService
Image path: C:\Program Files\Windows Media Player\WMPNetwk.exe
Image size: 913408
Image MD5: F74E3D9A7FA9556C3BBB14D4E5E63D3B
Start: 3
Type: 16
Error Control: 1
Depends On services: upnphost,http,HTTPFilter

Service (registry key): WS2IFSL
Start: 1
Type: 0
Error Control: 0

Service (registry key): wscsvc
Display name: Security Center
Description: Monitors system security settings and configurations.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,winmgmt

Service (registry key): WSTCODEC
Display name: World Standard Teletext Codec
Image path: system32\DRIVERS\WSTCODEC.SYS
Image size: 19328
Image MD5: D5842484F05E12121C511AA93F6439EC
Start: 3
Type: 1
Error Control: 1

Service (registry key): wuauserv
Display name: Automatic Updates
Description: Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): WudfPf
Display name: Windows Driver Foundation - User-mode Driver Framework Platform Driver
Description: Provide communciation services for UMDF components.
Image path: system32\DRIVERS\WudfPf.sys
Image size: 77568
Image MD5: F15FEAFFFBB3644CCC80C5DA584E6311
Start: 3
Type: 1
Error Control: 1

Service (registry key): WudfRd
Display name: Windows Driver Foundation - User-mode Driver Framework Reflector
Description: Reflect device requests to user-mode driver drivers
Image path: system32\DRIVERS\wudfrd.sys
Image size: 82944
Image MD5: 28B524262BCE6DE1F7EF9F510BA3985B
Start: 3
Type: 1
Error Control: 1

Service (registry key): WudfSvc
Display name: Windows Driver Foundation - User-mode Driver Framework
Description: Manages user-mode driver host processes
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: PlugPlay

Service (registry key): WZCSVC
Display name: Wireless Zero Configuration
Description: Provides automatic configuration for the 802.11 adapters
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,Ndisuio

Service (registry key): xmlprov
Display name: Network Provisioning Service
Description: Manages XML configuration files on a domain basis for automatic network provisioning.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): {62B13544-1A6B-4114-94D6-5FCE487F6ABC}
Start: 0
Type: 0
Error Control: 0

Service (registry key): {CFDCB081-6EE8-4244-AA69-908509D036A8}
Start: 0
Type: 0
Error Control: 0

Service (registry key): {FF3336D5-0629-4B47-90B6-B67C92B87BDF}
Start: 0
Type: 0
Error Control: 0

Edited by raerae, 19 August 2007 - 08:43 PM.


#10 Nuppi

Nuppi

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:10:15 PM

Posted 20 August 2007 - 10:12 AM

Hi ,

Okei those was only cookies :D

this wasn't that report what i mean. When spybots scanning is finished, right click window where are foundings and select save .....

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Updating Java:

* Download the latest version of Java Runtime Environment (JRE) 6.2..
* and save to your desktop.
* Close any programs you may have running - especially your web browser.
* Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
* Check any item with Java Runtime Environment (JRE or J2SE) in the name.
- Examples of older versions in Add or Remove Programs:
o Java 2 Runtime Environment, SE v1.4.2.3
* Click the Remove or Change/Remove button.
* Repeat as many times as necessary to remove each Java versions.
* Reboot your computer once all Java components are removed.
* Then from your desktop double-click on jre-6-windows-i586.exe to install the newest version.


More Instructions


#
Now that you're clean, here are some tips how to stay clean.
#

#
-> Stand Up and Be Counted, Malware Complaints -> http://www.malwarecomplaints.info
#
The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.
#

#
-> Clear your system restore -> http://www.microsoft.com/windowsxp/using/h...ps/mcgill1.mspx
#
This will clear the system restore folders from possible malware that was left behind during the cleaning process. Remember to create a new restore point after the cleaning.
#

#
-> Use CCleaner -> http://www.ccleaner.com
#
Download and install CCleaner. Clean your registry and temporary files with it regularly.
#

#
-> Use Ad-Aware -> http://www.bleepingcomputer.com/forums/?showtutorial=48
#
Download and install Ad-Aware. Update it and scan your computer regularly with it.
#

#
-> Use Ewido -> http://www.ewido.net/en
#
Download and install Ewido. Update it and scan your computer regularly with it.
#

#
-> Install SpywareBlaster -> http://www.javacoolsoftware.com/spywareblaster.html
#
SpywareBlaster will prevent spyware from being installed to your computer.
#

#
-> Install MVPS Hosts file -> http://mvps.org/winhelp2002/hosts.htm
#
This prevents your computer from connecting to harmful sites.
#

#
-> Change your browser to Firefox -> http://www.mozilla.org
#
Firefox is faster, safer and quicker browser than Internet Explorer.
#

#
-> Keep your systen up-to-date -> http://windowsupdate.microsoft.com
#
Visit Windows Update regularly.
#

#
-> Keep your antivirus and firewall up-to-date
#
Scan your computer regularly with your antivirus.
#

#
-> Read this article by TonyKlein -> http://castlecops.com/postlite7736-.html
#
So how did I get infected in the first place?
#

#
Stay clean ;)
Hi there :D
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users