Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93101 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Possible Keylogger or spyware issue


  • This topic is locked This topic is locked
22 replies to this topic

#1 DLong

DLong

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 29 January 2006 - 05:06 PM

Hi,

A few days ago I received an email from PayPal indicating that my account had been put on a limited basis due in part to a third party accessing my account. I logged on to the PayPal site and followed the directions to change my user name, password and location as directed by PayPal. The next day I received another email stating that my account had once again been limited. I immediately called PayPal and they indicated that it appeared that after I had changed my information a third party accessed my account again using the new information I had changed the day before. I had PayPal closed the account.

So it would appear that I have a keylogger or spyware of some kind. I currently utilize ZoneAlarms Security Suite and three adware/spyware programs (Webroot Spy Sweeper, Adware SE Plus, and SpyBot Search and Destroy) which I run everyday. My computer is a home/office computer so I or my family are the only ones who use it. I have run all three programs since this incident. Adware found mostly MRU's but Spybot detected several issues (see log below).
I also seem to be experiencing another issue that makes me believe that I have yet to find the issue using my current spyware and virus programs.

I currently utilize Anonymizer's Anonymous Surfing program. Anytime I access PCWorld web page, if I am not using my Anonymous Surfing I will be redirected to a search page with the following information below. But once I turn my Anonymous Surfing back on I am not re-directed. This seems to be the only website that this happens on except for a few times with the Drudge Report webpage.

I have tried to furnish all the info that I believe would be helpful to get one started.

Thanks in advance for the great work you guys provide.


Message that is displayed after I have been re-directed.
_____________________________

Sorry, we couldn't find http://ad.doubleclic....home/index;pos. Here are some related websites

http://www.google.co...st;ord=0234948;
___________________________________________________



Spybot Log

Possible extension hijack: Default screen saver handler (Registry change, nothing done)
HKEY_CLASSES_ROOT\scrfile\shell\open\command\!="%1" /S

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1242908175-3258453374-2344039644-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3


--- Spybot - Search && Destroy version: 1.3 ---
2004-05-12 Includes\Cookies.sbi
2004-05-12 Includes\Dialer.sbi
2004-05-12 Includes\Hijackers.sbi
2004-05-12 Includes\Keyloggers.sbi
2004-05-12 Includes\LSP.sbi
2004-05-12 Includes\Malware.sbi
2006-01-20 Includes\PUPS.sbi
2004-05-12 Includes\Revision.sbi
2004-05-12 Includes\Security.sbi
2004-05-12 Includes\Spybots.sbi
2004-05-12 Includes\Tracks.uti
2004-05-12 Includes\Trojans.sbi



_____________________________________________________________

Logfile of HijackThis v1.99.1
Scan saved at 3:39:30 PM, on 1/29/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\iolo\System Mechanic 6\IoloSGCtrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Anonymizer\Anonymizer Software\Anonymizer.exe
c:\program files\anonymizer\anonymizer software\common\AnonProxy.exe
C:\Documents and Settings\Dawl\Desktop\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com...rue&lcode=en-us
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [BuildBU] c:\dell\bldbubg.exe
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe"
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} (McAfee Virtual Technician Control Class) - http://us-download.m...ted/mvt/mvt.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zone...canner37540.cab
O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com...ScannerCtrl.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.c.../cpcScanner.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...682/mcfscan.cab
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic 6\IoloSGCtrl.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    Advertisements

Register to Remove


#2 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 05 February 2006 - 02:24 PM

Download Ewido Security Suite it is a trial version of the program.
  • Install ewido security suite
  • Launch ewido, there should be an icon on your desktop double-click it.
  • The program will now go to the main screen
You will need to update ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Then click on Start Update
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update Ewido.
Ewido manual updates

Once the updates are installed do the following:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • During some scans with ewido it is finding cases of false positives.
  • You will need to step through the process of cleaning files one-by-one.
  • If ewido detects a file you KNOW to be legitimate, select none as the action.
  • DO NOT select "Perform action on all infections"
  • If you are unsure of any entry found select none for now.
Once the scan has completed, there will be a button located on the bottom of the screen named Save report
Click Save report.
Save the report .txt file to your desktop.
Now close ewido security suite and post the results here.

Then Click start > control panel > user accounts > change the way users log on or off > uncheck fast user switching > restart you computor.

Download, unzip and run 'RootkitRevealer' from Sysinternals:
http://www.sysintern...itRevealer.html
Once the program has started, press Scan and let it run.
When the scan is done, use 'File > Save' to place the logfile in a convenient location (such as the desktop). The default filename will be 'RootkitReveal.txt'.

Save your Log File
Copy/Paste the contecnts of that logfile into your next reply

NOT touch the PC at ALL for Whatever reason/s until it has 100% completed its scan, or attempted scan in case of some error etc !

That way you should have a much simpler and clearer log file in which to peruse and evaluate.

#3 DLong

DLong

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 05 February 2006 - 03:59 PM

--------------------------------------------------------- ewido anti-malware - Scan report --------------------------------------------------------- + Created on: 3:39:28 PM, 2/5/2006 + Report-Checksum: 95361CC2 + Scan result: No infected objects found. ::Report End I will start the second part of your request and will post the results as soon as they are available. BTW I have been doing alot of reading on this forum since I posted my original request and have removed several high rated viruses as well as spyware/adware. I have downloaded most if not all of the antivirus/spyware programs that this site uses. So I believe that my system is far more secure than it was on the 29th of Jan. I am not saying it is 100%. There is one issue that still continues to pop-up when I reboot my computer and run Ad-Aware SE Plus. See below. Ad-Aware finds a change in the registry that involves notepad. I'll start to work on the other requests now. Thanks for your help. Ad-Aware event log 2/5/2006 12:07:01 PM> Registry modification detected 2/5/2006 12:07:01 PM> 2/5/2006 12:07:01 PM> Root:HKEY_LOCAL_MACHINE 2/5/2006 12:07:01 PM> Key:SOFTWARE\Classes\regfile\shell\open\command 2/5/2006 12:07:01 PM> Value: 2/5/2006 12:07:01 PM> Data:regedit.exe "%1" 2/5/2006 12:07:01 PM> New Data:NOTEPAD.EXE %1 2/5/2006 12:07:01 PM> 2/5/2006 2:54:41 PM> Registry modification detected 2/5/2006 2:54:41 PM> 2/5/2006 2:54:41 PM> Root:HKEY_LOCAL_MACHINE 2/5/2006 2:54:41 PM> Key:SOFTWARE\Classes\regfile\shell\open\command 2/5/2006 2:54:41 PM> Value: 2/5/2006 2:54:41 PM> Data:regedit.exe "%1" 2/5/2006 2:54:41 PM> New Data:NOTEPAD.EXE %1 2/5/2006 2:54:41 PM> 2/5/2006 2:56:07 PM> Registry modification detected 2/5/2006 2:56:07 PM> 2/5/2006 2:56:07 PM> Root:HKEY_LOCAL_MACHINE 2/5/2006 2:56:07 PM> Key:SOFTWARE\Classes\regfile\shell\open\command 2/5/2006 2:56:07 PM> Value: 2/5/2006 2:56:07 PM> Data:regedit.exe "%1" 2/5/2006 2:56:07 PM> New Data:NOTEPAD.EXE %1 2/5/2006 2:56:07 PM> 2/5/2006 2:58:44 PM> Registry modification detected 2/5/2006 2:58:44 PM> 2/5/2006 2:58:44 PM> Root:HKEY_LOCAL_MACHINE 2/5/2006 2:58:44 PM> Key:SOFTWARE\Classes\regfile\shell\open\command 2/5/2006 2:58:44 PM> Value: 2/5/2006 2:58:44 PM> Data:regedit.exe "%1" 2/5/2006 2:58:44 PM> New Data:NOTEPAD.EXE %1 2/5/2006 2:58:44 PM>

#4 DLong

DLong

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 05 February 2006 - 06:19 PM

Little Eagle, I ran RootKitRevealer and let it run as requested. It seems to be hung-up on a cleaning-up mode and has been that way for about 1.5 hrs. I shut down my spyware/adware and firewall programs, unhooked from my network and let it run. Do I need to let it run or abort and try something else?

#5 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 05 February 2006 - 10:09 PM

Sorry for the delay I hope you let it run. :blink: have seen it take more than two hours depending on the speed of the PC.

#6 DLong

DLong

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 06 February 2006 - 03:58 PM

little eagle, There is an issue I am experiencing with the save feature. I let the program run as requested. After 5 hrs it ended and said Scan complete: 1 discrepancy found. I saved it to my desktop. But it never appeared. I searched my entire computer but the file does not exist. I had closed the program, so I ran another scan and after 4.5 hrs it completed. I tried again to save it to my desktop as well as other locations. The Rootkit save window will show the txt file on my desktop, but it is not there. Please advise.

#7 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 07 February 2006 - 12:29 AM

Can you do a search for RootkitReveal.txt Then post another log from hijackthis also.

#8 DLong

DLong

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 07 February 2006 - 06:47 AM

I did a another search as you requested but found nothing. I even re-downloaded and ran the program again, but with the same results. I also downloaded and ran TroganHunter and it found nothing.


Logfile of HijackThis v1.99.1
Scan saved at 6:27:09 AM, on 2/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Dawl\Desktop\Hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com...rue&lcode=en-us
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [BuildBU] c:\dell\bldbubg.exe
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe"
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: LaunchU3.exe.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1138592096093
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} (McAfee Virtual Technician Control Class) - http://us-download.m...ted/mvt/mvt.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zone...canner37540.cab
O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com...ScannerCtrl.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.c.../cpcScanner.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...682/mcfscan.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by104fd.bay10...ex/HMAtchmt.ocx
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect Helper - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\rthlpsvc.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#9 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 07 February 2006 - 10:15 AM

You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

Please download AproposFix © Swandog46 from here:
http://swandog46.gee.../aproposfix.exe

Save it to your desktop but do NOT run it yet.

Then please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.


Once in Safe Mode, please double-click aproposfix.exe and unzip it to the desktop. Open the aproposfix folder on your desktop and run RunThis.bat. Follow the prompts.

When the tool is finished, please reboot back into normal mode, and post a new HijackThis log, along with the entire contents of the log.txt file in the aproposfix folder.

#10 DLong

DLong

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 07 February 2006 - 11:59 AM

Log of AproposFix v1.1

************

Running from directory:
C:\Documents and Settings\Dawl\Desktop\aproposfix

************



Registry entries found:


************

No service found!

Removing hidden folder:
No folder found!

Deleting files:


Backing up files:
Done!

Removing registry entries:

REGEDIT4


Done!

Finished!


Logfile of HijackThis v1.99.1
Scan saved at 11:55:31 AM, on 2/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Dawl\Desktop\Hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com...rue&lcode=en-us
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [BuildBU] c:\dell\bldbubg.exe
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe"
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: LaunchU3.exe.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1138592096093
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} (McAfee Virtual Technician Control Class) - http://us-download.m...ted/mvt/mvt.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zone...canner37540.cab
O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com...ScannerCtrl.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.c.../cpcScanner.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...682/mcfscan.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by104fd.bay10...ex/HMAtchmt.ocx
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect Helper - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\rthlpsvc.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    Advertisements

Register to Remove


#11 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 08 February 2006 - 12:07 AM

Remove spybot. Download the new version of spybot
Update it but do not run it yet.

In add and remove programs remove Webroot's Spy Sweeper, and Lavasoft's Ad-Aware SE Plus.
You have both of them running guards protecting your system.
They can be reinstalled latter.

Then run spybot and post the results of the scan here.

#12 DLong

DLong

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 08 February 2006 - 07:47 PM

1st Part of Log


-- Search result list ---
Congratulations!: No immediate threats were found. ()



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-02-08 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-02-03 Includes\Cookies.sbi (*)
2006-02-03 Includes\Dialer.sbi (*)
2006-02-03 Includes\Hijackers.sbi (*)
2006-02-03 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-02-03 Includes\Malware.sbi (*)
2006-02-03 Includes\PUPS.sbi (*)
2006-02-03 Includes\Revision.sbi (*)
2006-02-03 Includes\Security.sbi (*)
2006-02-03 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-02-03 Includes\Trojans.sbi (*)



--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB887998)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ Media Center 2005 / SP4: Update Rollup 2 for Windows XP Media Center Edition 2005
/ Windows Media Player 10 / SP0: Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Microsoft .NET Framework 1.0 Hotfix (KB887998)
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Windows XP Hotfix - KB888310
/ Windows XP / SP3: Hotfix for Windows XP (KB888795)
/ Windows XP / SP3: Windows XP Hotfix - KB889673
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB890927
/ Windows XP / SP3: Hotfix for Windows XP (KB891593)
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Hotfix for Windows XP (KB896256)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Security Update for Windows XP (KB896688)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Hotfix for Windows XP (KB899337)
/ Windows XP / SP3: Hotfix for Windows XP (KB899510)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899588)
/ Windows XP / SP3: Security Update for Windows XP (KB899589)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Hotfix for Windows XP (KB902841)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Hotfix for Windows XP (KB906569)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221


--- Startup entries list ---
Located: HK_LM:Run, AudioDrvEmulator
command: "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
file: C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
size: 49152
MD5: 54b3827a5e5b2abd546d4cf059e4a742

Located: HK_LM:Run, BuildBU
command: c:\dell\bldbubg.exe
file: c:\dell\bldbubg.exe
size: 61440
MD5: 5954c0a3d5ffadbe17aa7530c66e90aa

Located: HK_LM:Run, CTHelper
command: CTHELPER.EXE
file: C:\WINDOWS\CTHELPER.EXE
size: 16384
MD5: 7cd6c8181bd89eac664f84f3ead08dd2

Located: HK_LM:Run, CTxfiHlp
command: CTXFIHLP.EXE
file: C:\WINDOWS\system32\CTXFIHLP.EXE
size: 19968
MD5: e845fdb1ce5f0850fdb61dfd7cdda520

Located: HK_LM:Run, CTXFIREG
command: CTxfiReg.exe
file:

Located: HK_LM:Run, dla
command: C:\WINDOWS\system32\dla\tfswctrl.exe
file: C:\WINDOWS\system32\dla\tfswctrl.exe
size: 127035
MD5: 2ca827ba68d0cdb5437c40c6f53d7f20

Located: HK_LM:Run, DLCCCATS
command: rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
file:

Located: HK_LM:Run, dlccmon.exe
command: "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
file: C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
size: 425984
MD5: 33e5ef1822526e523d22f051dbdf0e29

Located: HK_LM:Run, DVDLauncher
command: "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
file: C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
size: 53248
MD5: 2e328a12c7c82919004953c08e094e0e

Located: HK_LM:Run, ehTray
command: C:\WINDOWS\ehome\ehtray.exe
file: C:\WINDOWS\ehome\ehtray.exe
size: 67584
MD5: 7e48b4958c131e9643ddcd2e7ca3fe9f

Located: HK_LM:Run, IAAnotif
command: C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
file: C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
size: 139264
MD5: 6ca4cc14fda11978617057e73d588475

Located: HK_LM:Run, ISUSPM Startup
command: "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
file: C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
size: 249856
MD5: 9e109b03018763fdcb075ce74547be22

Located: HK_LM:Run, ISUSScheduler
command: "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
file: C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
size: 81920
MD5: 583b7d111304be63d7d9cb65482d2187

Located: HK_LM:Run, Logitech Hardware Abstraction Layer
command: KHALMNPR.EXE
file: C:\WINDOWS\KHALMNPR.EXE
size: 28160
MD5: 60c2d0115b1b1fac72a194cff1a56494

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, VolPanel
command: "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
file: C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
size: 122880
MD5: 41e9661915eb682362adbe84c547d909

Located: HK_LM:Run, WD Button Manager
command: WDBtnMgr.exe
file: C:\WINDOWS\system32\WDBtnMgr.exe
size: 335872
MD5: 926cf712448fea216deb1d30e708275c

Located: HK_LM:Run, Zone Labs Client
command: "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
file: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
size: 755472
MD5: e85c5dc2659f562c496e839649aa7200

Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8

Located: Startup (common), Digital Line Detect.lnk
command: C:\Program Files\Digital Line Detect\DLG.exe
file: C:\Program Files\Digital Line Detect\DLG.exe
size: 24576
MD5: b66e56733e2cd6a10fda5919625fbf46

Located: Startup (common), LaunchU3.exe.lnk
command: C:\WINDOWS\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe
file: C:\WINDOWS\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe
size: 1078
MD5: 4a51c88a71806b8fbe36922f4aa23a17

Located: Startup (common), Logitech SetPoint.lnk
command: C:\Program Files\Logitech\SetPoint\SetPoint.exe
file: C:\Program Files\Logitech\SetPoint\SetPoint.exe
size: 450560
MD5: 57781b2d6c4ddbf753d820472462e445

Located: Startup (common), QuickBooks Update Agent.lnk
command: C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
file: C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
size: 806912
MD5: 27c92fcfd6a5991aa1262b49dde1b9ae

Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll

Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll

Located: WinLogon, WRNotifier
command: WRLogonNTF.dll
file: WRLogonNTF.dll



--- Browser helper object list ---
{5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
BHO name:
CLSID name: DriveLetterAccess
description: Hewlett-Packard's DLA software
classification: Unknown
known filename: tfswshx.dll
info link:
info source: TonyKlein
Path: C:\WINDOWS\system32\dla\
Long name: tfswshx.dll
Short name:
Date (created): 1/6/2006 9:13:34 AM
Date (last access): 2/8/2006 7:04:30 PM
Date (last write): 12/6/2004 1:05:00 AM
Filesize: 118842
Attributes: archive
MD5: 37943B990D318145D1EFCBEEF8F9566A
CRC32: C6D87067
Version: 1.4.8.0

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: ssv.dll
Short name:
Date (created): 11/10/2005 1:03:56 PM
Date (last access): 2/8/2006 7:04:30 PM
Date (last write): 11/10/2005 1:22:10 PM
Filesize: 184423
Attributes: archive
MD5: F01726F7CA8538FDD4663C9DB8FEAEDC
CRC32: 0111B892
Version: 5.0.60.5



--- ActiveX list ---
{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://go.microsoft....k/?linkid=39204
Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.DLL
Short name: LEGITC~1.DLL
Date (created): 7/12/2005 6:04:22 PM
Date (last access): 2/8/2006 7:04:14 PM
Date (last write): 1/12/2006 11:32:12 AM
Filesize: 543496
Attributes: archive
MD5: 0879BA2D2688BFBD6BB6DDCE3D26B201
CRC32: 2F243889
Version: 1.4.410.0

{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine)
DPF name:
CLSID name: Office Update Installation Engine
Installer: C:\WINDOWS\Downloaded Program Files\opuc.inf
Codebase: http://office.micros...ntent/opuc3.cab
Path: C:\WINDOWS\
Long name: opuc.dll
Short name:
Date (created): 11/17/2005 11:12:26 PM
Date (last access): 2/8/2006 7:20:44 PM
Date (last write): 11/17/2005 11:12:26 PM
Filesize: 533504
Attributes: archive
MD5: 24F3058766D5FC3FD0F37F6D6EE6FE9B
CRC32: F1FAEDE3
Version: 12.0.3208.1014

{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class)
DPF name:
CLSID name: McAfee.com Operating System Class
Installer: C:\WINDOWS\Downloaded Program Files\mcinsctl.inf
Codebase: http://download.mcaf...01/mcinsctl.cab
Path: C:\WINDOWS\system32\
Long name: mcinsctl.dll
Short name:
Date (created): 1/11/2006 3:50:44 PM
Date (last access): 2/7/2006 2:19:24 PM
Date (last write): 10/18/2005 11:08:04 AM
Filesize: 349760
Attributes: archive
MD5: 4BCCCA6CBD89CE29DD7FE0BB1E0DCDD3
CRC32: FF5BF715
Version: 4.0.0.101

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
DPF name:
CLSID name: MUWebControl Class
Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf
Codebase: http://update.micros...b?1138592096093
Path: C:\WINDOWS\system32\
Long name: muweb.dll
Short name:
Date (created): 5/26/2005 4:19:32 AM
Date (last access): 2/8/2006 7:15:52 PM
Date (last write): 5/26/2005 4:19:32 AM
Filesize: 178408
Attributes: archive
MD5: EE37AA2C0700221CD8B02FADCD4C7FB5
CRC32: F5494B06
Version: 5.8.0.2469

{78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} (McAfee Virtual Technician Control Class)
DPF name:
CLSID name: McAfee Virtual Technician Control Class
Installer: C:\WINDOWS\Downloaded Program Files\mvt.inf
Codebase: http://us-download.m...ted/mvt/mvt.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MVT.dll
Short name:
Date (created): 12/12/2005 4:19:20 PM
Date (last access): 2/8/2006 7:20:32 PM
Date (last write): 12/12/2005 4:19:20 PM
Filesize: 651264
Attributes: archive
MD5: B957C798E59ACA85FE0A47857F850B86
CRC32: 55CC2431
Version: 2.2.0.0

{7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class)
DPF name:
CLSID name: ICSScanner Class
Installer: C:\WINDOWS\Downloaded Program Files\ICSScanner.inf
Codebase: http://download.zone...canner37540.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ICSScan.dll
Short name:
Date (created): 1/13/2006 2:50:18 PM
Date (last access): 2/8/2006 7:20:32 PM
Date (last write): 1/13/2006 2:50:18 PM
Filesize: 1283832
Attributes: archive
MD5: 44D58901C127FCB7CCF8163290F044D3
CRC32: E8E0D4EA
Version: 3.7.54.0

{9C024426-7859-4B2D-AB4C-B1E370AE7549} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\WscWlanScannerCtrl_cab.inf
Codebase: http://us.mcafee.com...ScannerCtrl.cab

{A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan)
DPF name:
CLSID name: Crucial cpcScan
Installer:
Codebase: http://www.crucial.c.../cpcScanner.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: cpcScan.dll
Short name:
Date (created): 8/23/2005 4:35:16 PM
Date (last access): 2/8/2006 7:20:32 PM
Date (last write): 8/23/2005 4:35:16 PM
Filesize: 241664
Attributes: archive
MD5: 8851BC22AEC057A08E6F55DFD96660A7
CRC32: 0F22CE6E
Version: 2.2.0.1

{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_03
Installer:
Codebase: http://java.sun.com/...indows-i586.cab
Path: C:\Program Files\Java\j2re1.4.2_03\bin\
Long name: NPJPI142_03.dll
Short name: NPJPI1~1.DLL
Date (created): 11/19/2003 5:48:18 PM
Date (last access): 2/7/2006 12:28:26 PM
Date (last write): 11/19/2003 5:48:12 PM
Filesize: 65650
Attributes: archive
MD5: 2AD31341BE41AC9B086128AD86A2B53F
CRC32: 081CFB35
Version: 1.4.2.30

{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/...indows-i586.cab
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 11/10/2005 1:03:56 PM
Date (last access): 2/7/2006 12:28:30 PM
Date (last write): 11/10/2005 1:22:10 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/...indows-i586.cab
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 11/10/2005 1:03:56 PM
Date (last access): 2/8/2006 7:26:26 PM
Date (last write): 11/10/2005 1:22:10 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

{EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class)
DPF name:
CLSID name: McFreeScan Class
Installer: C:\WINDOWS\Downloaded Program Files\mcfscan.inf
Codebase: http://download.mcaf...682/mcfscan.cab
Path: C:\WINDOWS\McAfee.com\FreeScan\
Long name: mcfscan.dll
Short name:
Date (created): 1/11/2006 9:05:56 AM
Date (last access): 2/7/2006 7:33:18 PM
Date (last write): 1/25/2006 10:39:58 AM
Filesize: 116288
Attributes: archive
MD5: BFA10E8D9F6A080239A98B5C9CBDCD85
CRC32: CB4355DA
Version: 2.1.0.4682

{F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control)
DPF name:
CLSID name: Hotmail Attachments Control
Installer:
Codebase: http://by104fd.bay10...ex/HMAtchmt.ocx
Path: C:\WINDOWS\Downloaded Program Files\
Long name: HMAtchmt.ocx
Short name:
Date (created): 2/1/2006 6:01:14 AM
Date (last access): 2/7/2006 7:44:28 PM
Date (last write): 2/1/2006 6:01:16 AM
Filesize: 113408
Attributes: archive
MD5: 08E21249E03578574C8461C9E09C46A8
CRC32: FB8E11FD
Version: 1.5.0.5



--- Process list ---
PID: 0 ( 0) [System]
PID: 868 ( 4) \SystemRoot\System32\smss.exe
PID: 1144 ( 868) \??\C:\WINDOWS\system32\csrss.exe
PID: 1184 ( 868) \??\C:\WINDOWS\system32\winlogon.exe
PID: 1260 (1184) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 1272 (1184) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 1532 (1260) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1656 (1260) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1752 (1260) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1840 (1260) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1996 (1260) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 324 (1260) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 512 ( 496) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 636 ( 512) C:\WINDOWS\ehome\ehtray.exe
size: 67584
MD5: 7E48B4958C131E9643DDCD2E7CA3FE9F
PID: 668 ( 512) C:\WINDOWS\CTHELPER.EXE
size: 16384
MD5: 7CD6C8181BD89EAC664F84F3EAD08DD2
PID: 676 ( 512) C:\WINDOWS\system32\CTXFIHLP.EXE
size: 19968
MD5: E845FDB1CE5F0850FDB61DFD7CDDA520
PID: 688 ( 512) C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
size: 139264
MD5: 6CA4CC14FDA11978617057E73D588475
PID: 700 ( 512) C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
size: 53248
MD5: 2E328A12C7C82919004953C08E094E0E
PID: 720 ( 512) C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
size: 122880
MD5: 41E9661915EB682362ADBE84C547D909
PID: 744 ( 512) C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
size: 49152
MD5: 54B3827A5E5B2ABD546D4CF059E4A742
PID: 760 ( 512) C:\WINDOWS\system32\dla\tfswctrl.exe
size: 127035
MD5: 2CA827BA68D0CDB5437C40C6F53D7F20
PID: 768 (1532) C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
size: 1212416
MD5: 47788C8BB7DC00A4BCCDAB60B1475E9C
PID: 792 ( 512) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
size: 81920
MD5: 583B7D111304BE63D7D9CB65482D2187
PID: 844 ( 512) C:\WINDOWS\system32\WDBtnMgr.exe
size: 335872
MD5: 926CF712448FEA216DEB1D30E708275C
PID: 960 ( 512) C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
size: 425984
MD5: 33E5EF1822526E523D22F051DBDF0E29
PID: 984 ( 512) C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
size: 755472
MD5: E85C5DC2659F562C496E839649AA7200
PID: 896 ( 512) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
PID: 1084 ( 512) C:\Program Files\Digital Line Detect\DLG.exe
size: 24576
MD5: B66E56733E2CD6A10FDA5919625FBF46
PID: 1344 ( 512) C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
size: 925696
MD5: B632D45D680EF08E657062A375556574
PID: 1412 ( 512) C:\Program Files\Logitech\SetPoint\SetPoint.exe
size: 450560
MD5: 57781B2D6C4DDBF753D820472462E445
PID: 1572 ( 512) C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
size: 806912
MD5: 27C92FCFD6A5991AA1262B49DDE1B9AE
PID: 1692 (1412) C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
size: 28160
MD5: 60C2D0115B1B1FAC72A194CFF1A56494
PID: 1236 (1260) C:\WINDOWS\system32\ZoneLabs\isafe.exe
size: 188416
MD5: F2AA32E37D59A5480A9C98B3C1D6A9B2
PID: 1440 (1260) C:\WINDOWS\system32\CTsvcCDA.EXE
size: 44032
MD5: 3C8B6609712F4FF78E521F6DCFC4032B
PID: 1504 (1260) C:\WINDOWS\eHome\ehRecvr.exe
size: 237568
MD5: 8301243BDE5B6CD316D79C0191D50D9A
PID: 1740 (1260) C:\WINDOWS\eHome\ehSched.exe
size: 102912
MD5: A53243709439AC2A4C216B817F8D7411
PID: 1968 (1260) C:\Program Files\ewido anti-malware\ewidoctrl.exe
size: 13888
MD5: 26830B750372AB1BF29C95DEEBEB802F
PID: 1984 (1260) C:\Program Files\ewido anti-malware\ewidoguard.exe
size: 151616
MD5: 34A50717AD686900F078F5208F8E908E
PID: 2136 (1260) C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
size: 86140
MD5: D43E91E271C041BB86A6223462A41D28
PID: 2160 (1260) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
size: 322120
MD5: 11F714F85530A2BD134074DC30E99FCA
PID: 2476 (1260) C:\WINDOWS\system32\nvsvc32.exe
size: 127043
MD5: 153C0BA143A174B38CB06338C6EF4CC5
PID: 2560 (1260) C:\Program Files\Dantz\Retrospect\retrorun.exe
size: 49152
MD5: 6FB9B33D20A2AAC7C89884246A0E25FB
PID: 2760 (1260) C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
size: 46592
MD5: 6F5386267113FE4E0F87A882DE48C577
PID: 2832 (1260) C:\WINDOWS\System32\snmp.exe
size: 32768
MD5: D923BF27723E28E3C121B77F52DB4BCE
PID: 2904 (1260) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 2988 (1260) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 3144 (1260) C:\WINDOWS\system32\ZoneLabs\vsmon.exe
size: 1693448
MD5: 7E9C8F0BF97910E04A078799837BB6F2
PID: 3392 (1260) C:\WINDOWS\ehome\mcrdsvc.exe
size: 99328
MD5: DF0A511F38F16016BF658FCA0090CB87
PID: 3528 (1260) C:\Program Files\Raxco\PerfectDisk\PDSched.exe
size: 241731
MD5: 5AB37FA77C0E6E382CA16299F4A198BA
PID: 944 (1260) C:\WINDOWS\system32\dlcccoms.exe
size: 491520
MD5: FFA104BF98B9677516B38421EE2810EE
PID: 2424 (1532) C:\WINDOWS\eHome\ehmsas.exe
size: 46592
MD5: 03A905FBA1D62317087DB5C21C0F8F62
PID: 2600 (1260) C:\WINDOWS\system32\dllhost.exe
size: 5120
MD5: DD87DB7387B9EB441C5674888A0D840C
PID: 3288 (1260) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 340 (1860) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 2/8/2006 7:26:26 PM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft...=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://ie.search.msn...st/srchasst.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft...er=6&ar=msnhome
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.google.com/ig/dell?hl=en
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn...st/srchasst.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn...st/srchcust.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.microsoft...=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft...=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.dell.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft...er=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft...=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn...st/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn...st/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: imslsp/1136867532 over [MSAFD Tcpip [RAW/IP]]
GUID: {2C27B985-9436-49F4-ACAB-415B4B978E05}
Filename: C:\WINDOWS\system32\imslsp.dll

Protocol 1: CA ISafe LSP over [MSAFD Tcpip [RAW/IP]]
GUID: {B66DB0DB-17B0-44A2-B4D2-9C7784DDAA77}
Filename: C:\WINDOWS\system32\ZoneLabs\vetredir.dll

Protocol 17: CA ISafe LSP
GUID: {AE2578B4-F478-4313-9A3E-1B83F7A643DF}
Filename: C:\WINDOWS\system32\ZoneLabs\vetredir.dll

Protocol 18: imslsp/1136867532
GUID: {62830337-B09A-427B-91EF-F8DFEE85AF63}
Filename: C:\WINDOWS\system32\imslsp.dll



--- Uninstall list ---
(3DMIDI)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x9 /remove

(AddressBook)

(AudioCS)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove

(AudioPlugin.dll)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}

(Branding)

(CADI)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove

Conexant D850 56K V.9x DFVc Modem (CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -Idel200fk.inf

(Connection Manager)

(CopyNow.dll)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}

(Creative Audio Creation Mode Console)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x9 /remove

(Creative Audio Device Selection)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9 /remove

(Creative Console Launcher Component)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x9 /remove

(Creative Entertainment Mode Console)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x9 /remove

(Creative Game Mode Console)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x9 /remove

(CREATIVE KARAOKE PLAYER)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B49BCFF0-64CC-4E0E-AD9D-91BFBD344BAE}\setup.exe" -l0x9 /remove

(Creative MediaSource)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9 /remove

(Creative MediaSource Detector)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9 /remove

(Creative MediaSource DVD-Audio Player)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe" -l0x9 /remove

(Creative MediaSource Go!)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9 /remove

(Creative MediaSource MiniDisc Plugin)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9 /remove

(Creative MediaSource Player Skin Pack)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9 /remove

(Creative Music Store Plugin)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DAAC5938-8026-4D0C-A476-D1954917B7F5}\setup.exe" -l0x9 /remove

(Creative Speaker Connection Wizard)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe" -l0x9 /remove

(Creative Volume Panel)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}\setup.exe" -l0x9 /remove

(Creative WaveStudio)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9 /remove

(DataPlugin.dll)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}

Dell Digital Jukebox Driver (Dell Digital Jukebox Driver)
uninstall cmd: C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s

Dell Photo AIO Printer 924 (Dell Photo AIO Printer 924)
uninstall cmd: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\dlccUNST.EXE -NOLICENSE

(Diagnostics 4_5)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove

(DirectAnimation)

(DirectDrawEx)

(dlatray.exe)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}

(DXM_Runtime)

Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] (EmeraldQFE2)
uninstall cmd: C:\WINDOWS\$NtUninstallEmeraldQFE2$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=2

ESPNMotion 2.1.6.0011 (ESPNMotion)
uninstall cmd: C:\PROGRA~1\ESPNMO~1\UNWISE.EXE /u C:\PROGRA~1\ESPNMO~1\INSTALL.LOG
publisher: ESPN Internet Ventures

ewido anti-malware (ewidoantimalware)
install location: C:\Program Files\ewido anti-malware
uninstall cmd: C:\Program Files\ewido anti-malware\Uninstall.exe
publisher: ewido networks
help link: http://www.ewido.net

(Fontcore)

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Documents and Settings\Dawl\Desktop\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

(ICW)

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

(InstallShield Uninstall Information)

iTunes 6.0.2.23 (InstallShield_{501BADCD-F8F7-44CB-AC3F-6ED25C1A28B5})
version: 100663298
version (major): 6
estimated size: 34690
install date: 20060116
install location: C:\Program Files\iTunes\
install source: C:\WINDOWS\Downloaded Installations\{501BADCD-F8F7-44CB-AC3F-6ED25C1A28B5}\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{501BADCD-F8F7-44CB-AC3F-6ED25C1A28B5} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273

QuickTime 7.0.4 (InstallShield_{929408E6-D265-4174-805F-81D1D914E2A4})
version: 117440516
version (major): 7
estimated size: 66739
install date: 20060116
install location: C:\Program Files\QuickTime\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{929408E6-D265-4174-805F-81D1D914E2A4} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273

Jasc Paint Shop Pro Studio GDI+ Patch (Jasc Paint Shop Pro Studio GDI+ Patch)
uninstall cmd: C:\Program Files\Jasc Software Inc\Paint Shop Pro Studio\Unwise.exe /R /U C:\PROGRA~1\JASCSO~1\PAINTS~2\INSTALL.LOG

Jasc Paint Shop Pro Studio.01 , Dell Edition Patch (Jasc Paint Shop Pro Studio.01 , Dell Edition Patch)
uninstall cmd: C:\Program Files\Jasc Software Inc\Paint Shop Pro Studio\Unwise.exe /R /U C:\PROGRA~1\JASCSO~1\PAINTS~2\INSTALL.LOG

High Definition Audio Driver Package - KB835221 20040219.000000 (KB835221WXP)
uninstall cmd: C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...m?kbid=KB835221

Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=873339

(KB884016)

Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=885250

Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=885835

Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=885836

Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=886185

Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=887472

Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=887742

Microsoft .NET Framework 1.0 Hotfix (KB887998) (KB887998)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB887998$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=888113

Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=888302

Windows XP Hotfix - KB888310 20041027.095746 (KB888310)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=888310

Hotfix for Windows XP (KB888795) 3 (KB888795)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB888795$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=888795

Windows XP Hotfix - KB889673 20041116.085848 (KB889673)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=889673

Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=890046

Windows XP Hotfix - KB890175 20041201.233338 (KB890175)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=890175

Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=890859

Windows XP Hotfix - KB890927 20050111.122717 (KB890927)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890927$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=890927

Hotfix for Windows XP (KB891593) 1 (KB891593)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB891593$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=891593

Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=891781

Security Update for Windows XP (KB893066) 2 (KB893066)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=893066

Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=893756

3.1 (KB893803)
help link: http://go.microsoft....k/?LinkId=42467

Windows Installer 3.1 (KB893803) (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft....k/?LinkId=42467

Update for Windows XP (KB894391) 1 (KB894391)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=894391

Windows Media Player 10 Hotfix - KB895316 (KB895316)
uninstall cmd: "C:\WINDOWS\$NtUninstallKB895316$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=895316

Hotfix for Windows XP (KB895961) 1 (KB895961)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB895961$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=895961

Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896358

Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896424

Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896428

Update for Windows XP (KB898461) 1 (KB898461)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=898461

Hotfix for Windows XP (KB899337) 5 (KB899337)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899337$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=899337

Hotfix for Windows XP (KB899510) 1 (KB899510)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899510$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=899510

Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=899587

Security Update for Windows XP (KB899589) 1 (KB899589)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=899589

Update Rollup 2 for Windows XP Media Center Edition 2005 (KB900325)
uninstall cmd: C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=900325

Security Update for Windows XP (KB900725) 1 (KB900725)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=900725

Security Update for Windows XP (KB901017) 1 (KB901017)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=901017

Security Update for Windows XP (KB902400) 1 (KB902400)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=902400

Hotfix for Windows XP (KB902841) 1 (KB902841)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902841$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=902841

Hotfix for Windows Media Player 10 (KB903157) (KB903157)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=903157

Security Update for Windows XP (KB905414) 1 (KB905414)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=905414

Security Update for Windows XP (KB905749) 1 (KB905749)
install date: 20060109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=905749

Security Update for Windows XP (KB905915) 1 (KB905915)
install date: 20060110
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=905915

Windows XP Media Center Edition 2005 KB908246 (KB908246)
install date: 20060106
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=908246

Security Update for Windows XP (KB908519) 1 (KB908519)
install date: 20060111
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=908519

Update for Windows Media Player 10 (KB910393) (KB910393)
instal

#13 DLong

DLong

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 08 February 2006 - 07:55 PM

2nd part


Update for Windows Media Player 10 (KB910393) (KB910393)
install date: 20060125
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=910393

Update for Windows XP (KB910437) 1 (KB910437)
install date: 20060110
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=910437

Security Update for Windows XP (KB912919) 1 (KB912919)
install date: 20060110
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=912919

(KBKB895961)

Microsoft .NET Framework 1.1 Hotfix (KB886903) (M886903)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"

4.8.0.6787 (MailFrontier Desktop)
publisher: MailFrontier

Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

(MobileOptionPack)

(Mode Switcher)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}\setup.exe" -l0x9 /remove

(MPlayer2)

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

(NetMeeting)

NVIDIA Drivers (NVIDIA Drivers)
uninstall cmd: C:\WINDOWS\system32\nvudisp.exe UninstallGUI

(On Screen Display)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9 /remove

(OutlookExpress)

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Intel® PRO Network Connections Drivers (PROSet)
uninstall cmd: Prounstl.exe

RealPlayer Basic (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0

(SchedulingAgent)

(SFBM)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove

Macromedia Flash Player 8 8 (ShockwaveFlash)
uninstall cmd: RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
publisher: Macromedia
help link: http://www.macromedi...player_support/

(Smart Recorder)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9 /remove

(Sound Blaster X-Fi)

(Sound Blaster X-Fi Windows Drivers)
uninstall cmd: "C:\Program Files\Creative\Sound Blaster X-Fi\Program\SETUP.EXE" /S /U /W

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

SpywareBlaster v3.5.1 3.5.1 (SpywareBlaster_is1)
install location: C:\Program Files\SpywareBlaster\
uninstall cmd: "C:\Program Files\SpywareBlaster\unins000.exe"
publisher: Javacool Software LLC

Learn2 Player (Uninstall Only) (StreetPlugin)
uninstall cmd: C:\Program Files\Learn2.com\StRunner\stuninst.exe

iolo technologies' System Mechanic 6 6.0s (System Mechanic 6_is1)
install location: C:\Program Files\iolo\System Mechanic 6\
uninstall cmd: "C:\Program Files\iolo\System Mechanic 6\unins000.exe"
publisher: iolo technologies, LLC
comments: Copyright 1998-2005 iolo technologies, LLC
contact: http://www.iolo.com

(THX_Console)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x9 /remove

TrojanHunter 4.2 4.2 (TrojanHunter_is1)
uninstall cmd: "C:\Program Files\TrojanHunter 4.2\unins000.exe"
publisher: Mischel Internet Security
help link: http://www.misec.net

(Vienna SoundFont Studio)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe" -l0x9 /remove

Viewpoint Media Player (ViewpointMediaPlayer)
uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u

WebCyberCoach 3.2 Dell (WebCyberCoach_wtrb)
uninstall cmd: "C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe" "WebCyberCoach ext\wtrb" /inf "engine.inf,RealUninstallSection,,4" /infcfg "enginecf.inf,RealUninstallSection,,4"

Windows Media Format Runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

(X-Fi Splash)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5AF6143-E738-4768-A5E6-C07C68A464A4}\setup.exe" -l0x9 /remove

ZoneAlarm Security Suite 6.1.737.000 (ZoneAlarm Security Suite)
uninstall cmd: C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
publisher: Zone Labs, Inc
help link: C:\Program Files\Zone Labs\ZoneAlarm\Help\zaclients.chm

Macromedia Flash Player 7.0.19.0 ({0456ebd7-5f67-4ab6-852e-63781e3f389c})
version: 117440531
version (major): 7
install date: 20060106
uninstall cmd: MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
publisher: Macromedia, Inc.

1.00 ({06E3E953-0570-4DFF-A7B5-46114C390228})
version: 16777216
install location: C:\Program Files\Creative\Sound Blaster X-Fi\3DMIDI Player
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x9

Sonic RecordNow Data 2.0.0.1 ({075473F5-846A-448B-BCB3-104AA1760205})
version: 33554432
version (major): 2
estimated size: 11884
install date: 20060205
install source: C:\DOCUME~1\Dawl\LOCALS~1\Temp\pft4D.tmp\
uninstall cmd: MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
publisher: Sonic Solutions

3.00 ({0B095086-7205-4D48-90DF-DCD16613C6D4})
version: 50331648
install location: C:\Program Files\Creative\MediaSource\Detector
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9

1.00 ({0E5AA361-4B16-4282-B639-9E5B2B6A2EC8})
version: 16777216
install location: C:\Program Files\Creative\Sound Blaster X-Fi\Console Launcher
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x9

Microsoft Plus! Photo Story 2 LE 1.1.0.3463 ({0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B})
version: 16842752
version (major): 1
version (minor): 1
install date: 20060106
uninstall cmd: MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
publisher: Microsoft Corporation
readme: C:\Program Files\Microsoft Plus! Photo Story 2 LE\Readme.htm

3.00 ({103BCDA0-E063-46AC-8028-64E78722ABA7})
version: 50331648
install location: C:\Program Files\Creative\MediaSource
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9

Sonic DLA 4.95 ({1206EF92-2E83-4859-ACCB-2048C3CB7DA6})
version: 73334784
version (major): 4
version (minor): 95
install date: 20060106
uninstall cmd: MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
publisher: Sonic Solutions
help link: http://support.sonic.com/

QuickBooks Pro 2005 ({14374622-0900-4056-BA06-C87C900AF9E6})
install location: C:\Program Files\Intuit\QuickBooks 2005\
uninstall cmd: msiexec.exe /I {F543B12A-13F5-487E-9314-F7D25E1BBE3E} UNIQUE_NAME="pro" QBFULLNAME="QuickBooks Pro 2005" ADDREMOVE=1
comments: To repair this program, click on Change/Remove button.
contact: Customer Support Department
help link: http://www.quickbooks.com/support/
help telephone: 1-888-320-7276

2.00 ({17E96A7F-AFE3-4171-87B1-583E376319E8})
version: 33554432
install location: C:\Program Files\Creative\Sound Blaster X-Fi\AudioCS
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9

Sound Blaster X-Fi 1.0 ({18F11181-EA1A-42AE-AF89-4867C7F7A6FA})
version: 16777216
install location: C:\Program Files\Creative\Sound Blaster X-Fi
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}\setup.exe" -l0x9 /remove
help link: http://www.creative.com/support

1.00 ({1EF644C7-1A0D-4B94-9AF5-AD04702094A4})
version: 16777216
install location: C:\Program Files\Creative\Shared Files\Module Loader\OSD
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9

Sonic MyDVD LE 6.1.1 ({21657574-BD54-48A2-9450-EB03B2C7FC29})
version: 100728833
version (major): 6
version (minor): 1
install date: 20060106
uninstall cmd: MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
publisher: Sonic Solutions
help link: http://support.sonic.com/

1.10 ({2616B36E-38CE-4357-8AB5-8B3EE9B1C117})
version: 17432576
install location: C:\Program Files\Creative\MediaSource
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9

Anonymous Surfing 1.0.0 ({2989FF05-0673-4C00-9268-97AA364269E1})
version: 16777216
version (major): 1
estimated size: 284
install date: 20060109
install source: C:\Program Files\Common Files\Wise Installation Wizard\
uninstall cmd: MsiExec.exe /X{2989FF05-0673-4C00-9268-97AA364269E1}
publisher: Anonymizer, Inc.
help link: http://support.anonymizer.com

Creative MediaSource 3.00 ({2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC})
version: 50331648
install location: C:\Program Files\Creative\MediaSource
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}\setup.exe" -l0x9 /remove
help link: http://www.creative.com/support

Logitech SetPoint 2.40 ({2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3})
version: 36175872
install date: 20060110
install location: C:\Program Files\Logitech\SetPoint
install source: D:\1-SetPoint\32-bit\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9 -removeonly
publisher: Logitech

Sonic Update Manager 3.0.0 ({30465B6C-B53F-49A1-9EBA-A3F187AD502E})
version: 50331648
version (major): 3
install date: 20060106
uninstall cmd: MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
publisher: Sonic Solutions

J2SE Runtime Environment 5.0 Update 6 1.5.0.60 ({3248F0A8-6813-11D6-A77B-00B0D0150060})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 122273
install date: 20060110
install source: http://jdl.sun.com/w.../windows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_06\README.txt

1.00 ({32903944-19A2-418C-901D-4BBAF4C55ABA})
version: 16777216
install location: C:\Program Files\Creative\Sound Blaster X-Fi\Console Launcher\Entertainment
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x9

Windows Media Player 10 9.00.3636 ({33BB4982-DC52-4886-A03B-F4C5C80BEE89})
version: 150998580
version (major): 9
install date: 20060106
uninstall cmd: MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89}
publisher: Microsoft Corporation
help link: http://go.microsoft....nk/?LinkId=9647

WebFldrs XP 9.50.7523 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2456
install date: 20050816
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows

NetWaiting 2.5.12 ({3F92ABBB-6BBF-11D5-B229-002078017FBF})
version (major): 2
version (minor): 5
install location: C:\Program Files\NetWaiting
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
publisher: BVRP Software, Inc

8.00.0005 ({403EF592-953B-4794-BCEF-ECAB835C2095})
version: 134217733
version (major): 8
install date: 20060106
uninstall cmd: MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
publisher: Intel
comments: Pseudo NCS Install
contact: Customer Support Department
help link: http://www.intel.com
help telephone: 1-555-555-4505

Jasc Paint Shop Photo Album 5 5.21 ({4192EAC0-6B36-4723-B216-D0E86E7757AC})
version: 85262336
version (major): 5
version (minor): 21
estimated size: 125565
install date: 20060111
install source: D:\PhApps\PSAlbum\ENGLISH\
uninstall cmd: MsiExec.exe /I{4192EAC0-6B36-4723-B216-D0E86E7757AC}
publisher: Jasc Software, Inc.
comments:
contact: Customer Support Department
help link: http://www.jasc.com
help telephone: (952) 930 - 9171
readme: readme.html

2.00 ({44267176-A318-447F-A62A-0A5FD608C34F})
version: 33554432
install location: C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe" -l0x9

Intel® PROSet for Wired Connections 9.30.0000 ({4CEA6811-DFAD-4892-828D-49941FE3B779})
version: 152961024
version (major): 9
version (minor): 30
estimated size: 14914
install date: 20060106
uninstall cmd: MsiExec.exe /I{4CEA6811-DFAD-4892-828D-49941FE3B779}
publisher: Dell
comments: Intel® PROSet installation package
contact: Dell Customer Support
help link: http://support.dell.com

1.00 ({4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3})
version: 16777216
install location: C:\Program Files\Creative\Sound Blaster X-Fi\Console Launcher\AudioCreation
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x9

iTunes 6.0.2.23 ({501BADCD-F8F7-44CB-AC3F-6ED25C1A28B5})
version: 100663298
version (major): 6
estimated size: 34690
install date: 20060116
install location: C:\Program Files\iTunes\
install source: C:\WINDOWS\Downloaded Installations\{501BADCD-F8F7-44CB-AC3F-6ED25C1A28B5}\
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273

Dell Support 3.1 5.1.760 ({548EEA8E-8299-497F-8057-811D2D7097DC})
version: 83952376
version (major): 5
version (minor): 1
install date: 20060106
install location: C:\Program Files\Dell Support\
uninstall cmd: MsiExec.exe /X{548EEA8E-8299-497F-8057-811D2D7097DC}
publisher: Dell
help link: http://support.dell....ment?dn=1091989

6.00 ({569A9538-86EC-44C3-8EE4-C68B165F2A75})
version: 100663296
install location: C:\Program Files\Creative\Sound Blaster X-Fi\WaveStudio
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9

Dell Driver Reset Tool 1.02.0000 ({5905F42D-3F5F-4916-ADA6-94A3646AEE76})
version: 16908288
version (major): 1
version (minor): 2
install date: 20060106
uninstall cmd: MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
publisher: Dell Inc.
comments:
contact: Customer Support Department
help link: http://support.dell.com
help telephone:

Anonymizer Software 1.0.0 ({59366175-55F2-411B-9911-3D71D46CD073})
version: 16777216
version (major): 1
estimated size: 10817
install date: 20060109
install source: C:\Program Files\Common Files\Wise Installation Wizard\
uninstall cmd: MsiExec.exe /X{59366175-55F2-411B-9911-3D71D46CD073}
publisher: Anonymizer, Inc.
help link: http://support.anonymizer.com

({5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977})

AOLIcon 1.00.0000 ({62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C})
version: 16777216
version (major): 1
install date: 20060106
uninstall cmd: MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
publisher: Dell
comments: Your Comments
contact: Customer Support Department
help link: http://www.yourcompany.com/help
help telephone: 1-555-555-4505

1.00 ({6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1})
version: 16777216
install location: C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}\setup.exe" -l0x9

Windows Genuine Advantage v1.3.0254.0 1.3.0254.0 ({63569CE9-FA00-469C-AF5C-E5D4D93ACF91})
version: 16974078
version (major): 1
version (minor): 3
estimated size: 519
install date: 20060129
install source: C:\DOCUME~1\Dawl\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
publisher: Microsoft
comments: Your Comments
contact: Customer Support Department
help link: http://www.microsoft...idate.aspx/help
help telephone: 1-425.882.8080

PowerDVD 5.6 ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall

1.00 ({6BF90A01-FA3F-42B9-A071-7D744409967E})
version: 16777216
install location: C:\Program Files\Creative\Sound Blaster X-Fi\Console Launcher\Game
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x9

Digital Content Portal 1.00.0000 ({6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33})
version: 16777216
version (major): 1
install date: 20060106
uninstall cmd: MsiExec.exe /I{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}
publisher: Dell
comments: Dell Download Center
contact: Customer Support Department
help link: http://support.dell.com/
help telephone: http://support.dell.com/

Microsoft Plus! Digital Media Edition Installer 1.1.0.3514 ({6E45BA47-383C-4C1E-8ED0-0D4845C293D7})
version: 16842752
version (major): 1
version (minor): 1
install date: 20060106
uninstall cmd: MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
publisher: Microsoft Corporation

1.03 ({700932B3-A964-4878-82A2-96054622A1F7})
version: 16973824
install location: C:\Program Files\Creative\ShareDLL\CADI
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9

Java 2 Runtime Environment, SE v1.4.2_03 1.4.2_03 ({7148F0A8-6813-11D6-A77B-00B0D0142030})
version (major): 1
version (minor): 4
estimated size: 139992
install date: 20060106
install source: C:\Documents and Settings\Administrator\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}\
uninstall cmd: MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
publisher: Sun Microsystems, Inc.
comments: http://www.java.com
contact: http://www.java.com
help link: http://www.java.com
help telephone: http://www.java.com
readme: Readme.txt

3.00 ({73919E2B-725C-4FAA-8473-45E063A3575F})
version: 50331648
install location: C:\Program Files\Creative\Sound Blaster X-Fi\SFBM
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9

Retrospect 6.5 6.50.0000 ({73B69C5C-87D6-471E-B695-0BD736C4B644})
version: 103940096
version (major): 6
version (minor): 50
estimated size: 18128
install date: 20060109
install location: C:\Program Files\Dantz\Retrospect\
install source: D:\English\Installer\
uninstall cmd: MsiExec.exe /I{73B69C5C-87D6-471E-B695-0BD736C4B644}
publisher: Dantz Development Corp.
comments:
contact: 888-777-5664
help link: http://www.dantz.com/support
help telephone: 888-777-5664

Dell System Restore 2.00.0000 ({74F7662C-B1DB-489E-A8AC-07A06B24978B})
version: 33554432
version (major): 2
install date: 20060106
publisher: Dell Inc.
comments: N/A
contact: Customer Support Department
help link: http://support.dell.com
help telephone: 1-800-624-9896

Jasc Paint Shop Pro Studio, Dell Editon 1.00.0000 ({78C496B9-5A6B-4692-8C2E-AFFFC34E4961})
version: 16777216
version (major): 1
estimated size: 176149
install date: 20060111
install source: D:\PhApps\Studio\ENGLISH\
uninstall cmd: MsiExec.exe /I{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}
publisher: Jasc Software Inc
comments: Jasc Software Inc Jasc Paint Shop Pro Studio
contact: Customer Support Department
help link: http://www.jasc.com
help telephone: (952) 930-9171

3.00 ({7AFFF09F-386B-4F7A-B3E0-EC24C13893AA})
version: 50331648
install location: C:\Program Files\Creative\MediaSource
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9

Modem Helper 2.40 ({7F142D56-3326-11D5-B229-002078017FBF})
install location: C:\Program Files\Modem Helper
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
publisher: BVRP Software

4.00 ({84F573D3-0F71-4768-978A-D35310E3FBA6})
version: 67108864
install location: C:\Program Files\Creative\Sound Blaster X-Fi\Diagnostics
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9

Musicmatch® Jukebox 10.10.1028 ({85D3CC30-8859-481A-9654-FD9B74310BEF})
version: 168428548
install location: C:\Program Files\Musicmatch\Musicmatch Jukebox
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9 -uninst

3.0 ({8A3F2ADE-DEF2-4A50-866A-6B9357B5590F})
version: 50331648
install location: C:\Program Files\Creative\MediaSource\Go
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9

Corel Photo Album 6 6.31 ({8A9B8148-DDD7-448F-BD6C-358386D32354})
version: 102694912
version (major): 6
version (minor): 31
estimated size: 1239
install date: 20060110
uninstall cmd: MsiExec.exe /X{8A9B8148-DDD7-448F-BD6C-358386D32354}
publisher: Corel, Inc.
comments: Installs Corel Photo Album 6
contact: Corel Customer Service
help link: http://www.corel.com/support
help telephone: U.S. 1-800-772-6735 Outside U.S. +441628 581601, UK: 0870 774 0202

2.40 ({8B026740-A400-48FF-8F6B-B37C4F61C937})
version: 36175872
install location: C:\Program Files\Creative\Sound Blaster X-Fi\Vienna
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe" -l0x9

Intel Matrix Storage Manager ({9068B2BE-D93A-4C0A-861C-5E35E2C0E09E})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}\setup.exe" -l0409 -INTELUNINST

Microsoft Office Basic Edition 2003 11.0.7969.0 ({91130409-6000-11D3-8CFE-0150048383C9})
version: 184557345
version (major): 11
estimated size: 67460
install date: 20060129
uninstall cmd: MsiExec.exe /I{91130409-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\OFFICE11\1033\OFREADME.HTM

QuickTime 7.0.4 ({929408E6-D265-4174-805F-81D1D914E2A4})
version: 117440516
version (major): 7
estimated size: 66739
install date: 20060116
install location: C:\Program Files\QuickTime\
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273

Sonic Encoders 1.00 ({9941F0AA-B903-4AF4-A055-83A9815CC011})
version: 16777216
version (major): 1
estimated size: 4037
install date: 20050816
install source: d:\OEM\CONTENT\Extras\Sonic\
uninstall cmd: MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
publisher: Sonic Solutions

EducateU 1.00.0000 ({A683A2C0-821C-486F-858C-FA634DB5E864})
version: 16777216
version (major): 1
install date: 20060106
uninstall cmd: MsiExec.exe /I{A683A2C0-821C-486F-858C-FA634DB5E864}
publisher: Dell
comments: Your Comments
contact: Customer Support Department
help link: http://support.dell.com
help telephone: http://support.dell.com

2.00 ({A82F10CB-18B5-4EAC-AEF2-FA49CD565626})
version: 33554432
install location: C:\Program Files\Creative\Shared Files
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9

Sonic RecordNow Audio 2.0.0 ({AB708C9B-97C8-4AC9-899B-DBF226AC9382})
version: 33554432
version (major): 2
install date: 20060106
uninstall cmd: MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
publisher: Sonic Solutions

Adobe Acrobat - Reader 6.0.2 Update 6.0.2 ({AC76BA86-0000-0000-0000-6028747ADE01})
version: 100663298
version (major): 6
estimated size: 5780
install date: 20060106
install source: C:\Program Files\Adobe\{AC76BA86-0000-0000-7AC5-6028747ADE00}\
uninstall cmd: MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
publisher: Adobe Systems
comments: Adobe Acrobat - Reader 6.0.2 Update
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-800-833-6687

Adobe Reader 6.0.1 006.000.001 ({AC76BA86-7AD7-1033-7B44-A00000000001})
version: 100663297
version (major): 6
install date: 20060106
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
publisher: Adobe Systems Incorporated
comments:
contact: Customer Support Department
help link: http://www.adobe.com/support/main.html
help telephone:
readme: C:\Program Files\Adobe\Acrobat 6.0\Reader\Readme.htm

Sonic RecordNow Copy 2.0.0 ({B12665F4-4E93-4AB4-B7FC-37053B524629})
version: 33554432
version (major): 2
install date: 20060106
uninstall cmd: MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
publisher: Sonic Solutions

2.00 ({B49BCFF0-64CC-4E0E-AD9D-91BFBD344BAE})
version: 33554432
install location: C:\Program Files\Creative\Sound Blaster X-Fi\Karaoke Player
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B49BCFF0-64CC-4E0E-AD9D-91BFBD344BAE}\setup.exe" -l0x9

1.00 ({B5AF6143-E738-4768-A5E6-C07C68A464A4})
version: 16777216
install location: C:\Program Files\Creative\Sound Blaster X-Fi\X-Fi Splash
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5AF6143-E738-4768-A5E6-C07C68A464A4}\setup.exe" -l0x9

1.00 ({B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2})
version: 16777216
install location: C:\Program Files\Creative\Sound Blaster X-Fi\Console Launcher
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}\setup.exe" -l0x9

2.20 ({BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE})
version: 34865152
install location: C:\Program Files\Creative\Sound Blaster X-Fi\Smart Recorder
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9

PerfectDisk 7.00.046 ({C190CB55-817E-4713-84F4-0BBB8961CED9})
version: 117440558
version (major): 7
estimated size: 5002
install date: 20060110
install source: C:\Program Files\RAXCO\PD70Install\ia32\
uninstall cmd: MsiExec.exe /I{C190CB55-817E-4713-84F4-0BBB8961CED9}
publisher: Raxco
comments: PerfectDisk defragmentation utility
contact: http://www.raxco.com...rt/nt_email.cfm
help link: http://www.raxco.com/support/windows/
help telephone: 1-301-527-0803
readme: 0

2.10 ({C229589D-CC1A-43FF-9507-CDED3AB85325})
version: 34209792
install location: C:\Program Files\Creative\Sound Blaster X-Fi\THX Console
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x9

e-Sword 7.01.0000 ({C43C58AF-23B8-4B33-A08E-8FD335675A0A})
version: 117506048
version (major): 7
version (minor): 1
estimated size: 109513
install date: 20060112
install source: D:\
uninstall cmd: MsiExec.exe /I{C43C58AF-23B8-4B33-A08E-8FD335675A0A}
publisher: Rick Meyers
contact: support@e-sword.net
help link: http://www.e-sword.net/feedback.html

Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 79407
install date: 20060109
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

1.01 ({CB99E420-8071-48F9-9567-4A53BE7569C4})
version: 16842752
install location: C:\Program Files\Creative\Sound Blaster X-Fi\Audio Device Selection
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9

MCU 1.00.0000 ({D2988E9B-C73F-422C-AD4B-A66EBE257120})
version: 16777216
version (major): 1
install date: 20060106
uninstall cmd: MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120}
publisher: Dell
comments: Your Comments
contact: Customer Support Department
help link: http://www.yourcompany.com/help
help telephone: http://support.dell.com/

1.00 ({D8A544F4-AC5F-4B67-9C74-F3E976798797})
version: 16777216
install location: C:\Program Files\Creative\Sound Blaster X-Fi\SpeakerWizard
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe" -l0x9

U3Launcher 1.0.0 ({D8E363A7-88B7-446D-B2C0-E26CE4DC8E54})
version: 16777216
version (major): 1
estimated size: 892
install date: 20060202
install source: C:\Documents and Settings\Dawl\Application Data\U3\0D701950D2839A72\
uninstall cmd: MsiExec.exe /I{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}
publisher: U3

1.00 ({DAAC5938-8026-4D0C-A476-D1954917B7F5})
version: 16777216
install location: C:\Program Files\Creative\MediaSource
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DAAC5938-8026-4D0C-A476-D1954917B7F5}\setup.exe" -l0x9

Digital Line Detect 1.10 ({E646DCF0-5A68-11D5-B229-002078017FBF})
version (major): 1
version (minor): 10
install location: C:\Program Files\Digital Line Detect
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
publisher: BVRP Software, Inc

Musicmatch for Windows Media Player 0.00.000 ({E93E5EF6-D361-481E-849D-F16EF5C78EBC})
install location: C:\Program Files\Musicmatch\MUSICMATCH Music Services
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}\setup.exe" -l0x9 remove

15.0.4007.469 ({F543B12A-13F5-487E-9314-F7D25E1BBE3E})
version: 251662247
version (major): 15
estimated size: 294081
install date: 20060113
install source: D:\qbooks\
uninstall cmd: MsiExec.exe /I{F543B12A-13F5-487E-9314-F7D25E1BBE3E}
publisher: Intuit Inc.
comments: To repair this program, click on Change/Remove button.
contact: Customer Support Department
help link: http://www.quickbooks.com/support/
help telephone: 1-888-320-7276



--- System Services ---
Service (registry key): .NET CLR Data
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET CLR Networking
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NETFramework
Start: 0
Type: 0
Error Control: 0

#14 DLong

DLong

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 08 February 2006 - 07:56 PM

3rd Part Service (registry key): Abiosdsk Start: 4 Type: 1 Error Control: 0 Service (registry key): abp480n5 Display name: abp480n5 Image path: \SystemRoot\system32\DRIVERS\ABP480N5.SYS Start: 4 Type: 1 Error Control: 1 Service (registry key): ACPI Display name: Microsoft ACPI Driver Image path: system32\DRIVERS\ACPI.sys Image size: 187776 Image MD5: A10C7534F7223F4A73A948967D00E69B Start: 0 Type: 1 Error Control: 1 Service (registry key): ACPIEC Start: 4 Type: 1 Error Control: 1 Service (registry key): adpu160m Display name: adpu160m Image path: \SystemRoot\system32\DRIVERS\adpu160m.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): aec Display name: Microsoft Kernel Acoustic Echo Canceller Image path: system32\drivers\aec.sys Image size: 142464 Image MD5: 841F385C6CFAF66B58FBD898722BB4F0 Start: 3 Type: 1 Error Control: 1 Service (registry key): AFD Display name: AFD Description: AFD Networking Support Environment Image path: \SystemRoot\System32\drivers\afd.sys Start: 1 Type: 1 Error Control: 1 Service (registry key): agp440 Display name: Intel AGP Bus Filter Image path: \SystemRoot\system32\DRIVERS\agp440.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): agpCPQ Display name: Compaq AGP Bus Filter Image path: \SystemRoot\system32\DRIVERS\agpCPQ.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): Aha154x Display name: Aha154x Image path: \SystemRoot\system32\DRIVERS\aha154x.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): aic78u2 Display name: aic78u2 Image path: \SystemRoot\system32\DRIVERS\aic78u2.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): aic78xx Display name: aic78xx Image path: \SystemRoot\system32\DRIVERS\aic78xx.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): Alerter Display name: Alerter Description: Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 4 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): ALG Display name: Application Layer Gateway Service Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\alg.exe Image size: 44544 Image MD5: F1958FBF86D5C004CF19A5951A9514B7 Start: 3 Type: 16 Error Control: 1 Service (registry key): AliIde Display name: AliIde Image path: \SystemRoot\system32\DRIVERS\aliide.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): alim1541 Display name: ALI AGP Bus Filter Image path: \SystemRoot\system32\DRIVERS\alim1541.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): amdagp Display name: AMD AGP Bus Filter Driver Image path: \SystemRoot\system32\DRIVERS\amdagp.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): amsint Display name: amsint Image path: \SystemRoot\system32\DRIVERS\amsint.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): AppMgmt Display name: Application Management Description: Provides software installation services such as Assign, Publish, and Remove. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 3 Type: 32 Error Control: 1 Service (registry key): Arp1394 Display name: 1394 ARP Client Protocol Description: 1394 ARP Client Protocol Image path: system32\DRIVERS\arp1394.sys Image size: 60800 Image MD5: F0D692B0BFFB46E30EB3CEA168BBC49F Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): asc Display name: asc Image path: \SystemRoot\system32\DRIVERS\asc.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): asc3350p Display name: asc3350p Image path: \SystemRoot\system32\DRIVERS\asc3350p.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): asc3550 Display name: asc3550 Image path: \SystemRoot\system32\DRIVERS\asc3550.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): ASCTRM Display name: ASCTRM Start: 2 Type: 1 Error Control: 1 Service (registry key): ASP.NET Start: 0 Type: 0 Error Control: 0 Service (registry key): ASP.NET_1.1.4322 Start: 0 Type: 0 Error Control: 0 Service (registry key): aspnet_state Display name: ASP.NET State Service Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe Image size: 32768 Image MD5: E1A1206A4FB19B675E947B29CCD25FBA Start: 3 Type: 16 Error Control: 1 Service (registry key): aswTdi Start: 0 Type: 0 Error Control: 0 Service (registry key): AsyncMac Display name: RAS Asynchronous Media Driver Description: RAS Asynchronous Media Driver Image path: system32\DRIVERS\asyncmac.sys Image size: 14336 Image MD5: 02000ABF34AF4C218C35D257024807D6 Start: 3 Type: 1 Error Control: 1 Service (registry key): atapi Display name: Standard IDE/ESDI Hard Disk Controller Image path: system32\DRIVERS\atapi.sys Image size: 95360 Image MD5: CDFE4411A69C224BD1D11B2DA92DAC51 Start: 0 Type: 1 Error Control: 1 Service (registry key): Atdisk Start: 4 Type: 1 Error Control: 0 Service (registry key): Atmarpc Display name: ATM ARP Client Protocol Description: ATM ARP Client Protocol Image path: system32\DRIVERS\atmarpc.sys Image size: 59904 Image MD5: EC88DA854AB7D7752EC8BE11A741BB7F Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): AudioSrv Display name: Windows Audio Description: Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: PlugPlay,RpcSs Service (registry key): audstub Display name: Audio Stub Driver Image path: system32\DRIVERS\audstub.sys Image size: 3072 Image MD5: D9F724AA26C010A217C97606B160ED68 Start: 3 Type: 1 Error Control: 1 Service (registry key): BattC Start: 0 Type: 0 Error Control: 0 Service (registry key): Beep Start: 1 Type: 1 Error Control: 1 Service (registry key): BITS Display name: Background Intelligent Transfer Service Description: Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): Browser Display name: Computer Browser Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation,LanmanServer Service (registry key): bvrp_pci Start: 3 Type: 1 Error Control: 1 Service (registry key): CAISafe Display name: CA ISafe Object name: LocalSystem Image path: C:\WINDOWS\system32\ZoneLabs\isafe.exe Image size: 188416 Image MD5: F2AA32E37D59A5480A9C98B3C1D6A9B2 Start: 2 Type: 16 Error Control: 1 Service (registry key): cbidf Display name: cbidf Image path: \SystemRoot\system32\DRIVERS\cbidf2k.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): cbidf2k Start: 4 Type: 1 Error Control: 1 Service (registry key): cd20xrnt Display name: cd20xrnt Image path: \SystemRoot\system32\DRIVERS\cd20xrnt.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): Cdaudio Start: 1 Type: 1 Error Control: 0 Service (registry key): Cdfs Start: 4 Type: 2 Error Control: 1 Depends On group: "SCSI CDROM Class" Service (registry key): Cdrom Display name: CD-ROM Driver Image path: system32\DRIVERS\cdrom.sys Image size: 49536 Image MD5: AF9C19B3100FE010496B1A27181FBF72 Start: 1 Type: 1 Error Control: 1 Depends On group: "SCSI miniport" Service (registry key): Changer Start: 1 Type: 1 Error Control: 0 Service (registry key): CiSvc Display name: Indexing Service Description: Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language. Object name: LocalSystem Image path: %SystemRoot%\system32\cisvc.exe Image size: 5632 Image MD5: 3192BD04D032A9C4A85A3278C268A13A Start: 3 Type: 288 Error Control: 1 Depends On services: RPCSS Service (registry key): ClipSrv Display name: ClipBook Description: Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\clipsrv.exe Image size: 33280 Image MD5: C8DEC22C4137D7A90F8BDF41CA4B82AE Start: 4 Type: 16 Error Control: 1 Depends On services: NetDDE Service (registry key): CmdIde Display name: CmdIde Image path: \SystemRoot\system32\DRIVERS\cmdide.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): COMSysApp Display name: COM+ System Application Description: Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} Image size: 5120 Image MD5: DD87DB7387B9EB441C5674888A0D840C Start: 3 Type: 16 Error Control: 1 Depends On services: rpcss Service (registry key): ContentFilter Start: 0 Type: 0 Error Control: 0 Service (registry key): ContentIndex Start: 0 Type: 0 Error Control: 0 Service (registry key): Cpqarray Display name: Cpqarray Image path: \SystemRoot\system32\DRIVERS\cpqarray.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): Creative Service for CDROM Access Display name: Creative Service for CDROM Access Object name: LocalSystem Image path: C:\WINDOWS\system32\CTsvcCDA.EXE Image size: 44032 Image MD5: 3C8B6609712F4FF78E521F6DCFC4032B Start: 2 Type: 16 Error Control: 1 Service (registry key): CryptSvc Display name: Cryptographic Services Description: Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): ctac32k Display name: Creative AC3 Software Decoder Image path: system32\drivers\ctac32k.sys Image size: 501760 Image MD5: 595854931858CBAD4B17C2D4681E65A1 Start: 3 Type: 1 Error Control: 1 Service (registry key): ctaud2k Display name: Creative Audio Driver (WDM) Image path: system32\drivers\ctaud2k.sys Image size: 439424 Image MD5: 30A2B412A17D15C895047EBFEE04774B Start: 3 Type: 1 Error Control: 1 Service (registry key): ctdvda2k Display name: Creative DVD-Audio Device Driver Image path: system32\drivers\ctdvda2k.sys Image size: 340704 Image MD5: 5A0EEB00B02FC78605AA9D3590B24978 Start: 3 Type: 1 Error Control: 1 Service (registry key): ctprxy2k Display name: Creative Proxy Driver Image path: system32\drivers\ctprxy2k.sys Image size: 7168 Image MD5: BA73E372305F208BF91983B131DDA42C Start: 3 Type: 1 Error Control: 1 Service (registry key): ctsfm2k Display name: Creative SoundFont Management Device Driver Image path: system32\drivers\ctsfm2k.sys Image size: 142848 Image MD5: 3E587E7E749ED072160A4689D3A383A6 Start: 3 Type: 1 Error Control: 1 Service (registry key): dac2w2k Display name: dac2w2k Image path: \SystemRoot\system32\DRIVERS\dac2w2k.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): dac960nt Display name: dac960nt Image path: \SystemRoot\system32\DRIVERS\dac960nt.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): DcomLaunch Display name: DCOM Server Process Launcher Description: Provides launch functionality for DCOM services. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost -k DcomLaunch Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Service (registry key): Defrag32 Display name: Defrag32 Start: 2 Type: 2 Error Control: 1 Service (registry key): Defrag32b Display name: Defrag32Boot Start: 0 Type: 1 Error Control: 1 Service (registry key): Dhcp Display name: DHCP Client Description: Manages network configuration by registering and updating IP addresses and DNS names. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: Tcpip,Afd,NetBT Service (registry key): Disk Display name: Disk Driver Image path: system32\DRIVERS\disk.sys Image size: 36352 Image MD5: 00CA44E4534865F8A3B64F7C0984BFF0 Start: 0 Type: 1 Error Control: 1 Depends On group: "SCSI miniport" Service (registry key): dlcc_device Display name: dlcc_device Object name: LocalSystem Image path: C:\WINDOWS\system32\dlcccoms.exe -service Image size: 491520 Image MD5: FFA104BF98B9677516B38421EE2810EE Start: 3 Type: 272 Error Control: 1 Service (registry key): dmadmin Display name: Logical Disk Manager Administrative Service Description: Configures hard disk drives and volumes. The service only runs for configuration processes and then stops. Object name: LocalSystem Image path: %SystemRoot%\System32\dmadmin.exe /com Image size: 224768 Image MD5: 554C7CB178FE3BD12450B81AD63ADBC3 Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs,PlugPlay,DmServer Service (registry key): dmboot Image path: System32\drivers\dmboot.sys Image size: 799744 Image MD5: C0FBB516E06E243F0CF31F597E7EBF7D Start: 4 Type: 1 Error Control: 1 Service (registry key): dmio Display name: Logical Disk Manager Driver Image path: System32\drivers\dmio.sys Image size: 153344 Image MD5: F5E7B358A732D09F4BCF2824B88B9E28 Start: 0 Type: 1 Error Control: 1 Service (registry key): dmload Image path: System32\drivers\dmload.sys Image size: 5888 Image MD5: E9317282A63CA4D188C0DF5E09C6AC5F Start: 0 Type: 1 Error Control: 1 Service (registry key): dmserver Display name: Logical Disk Manager Description: Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs,PlugPlay Service (registry key): DMusic Display name: Microsoft Kernel DLS Syntheiszer Image path: system32\drivers\DMusic.sys Image size: 52864 Image MD5: A6F881284AC1150E37D9AE47FF601267 Start: 3 Type: 1 Error Control: 1 Service (registry key): Dnscache Display name: DNS Client Description: Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\system32\svchost.exe -k NetworkService Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: Tcpip Service (registry key): dpti2o Display name: dpti2o Image path: \SystemRoot\system32\DRIVERS\dpti2o.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): drmkaud Display name: Microsoft Kernel DRM Audio Descrambler Image path: system32\drivers\drmkaud.sys Image size: 2944 Image MD5: 1ED4DBBAE9F5D558DBBA4CC450E3EB2E Start: 3 Type: 1 Error Control: 1 Service (registry key): drvmcdb Image path: system32\drivers\drvmcdb.sys Image size: 87488 Image MD5: E814854E6B246CCF498874839AB64D77 Start: 0 Type: 1 Error Control: 0 Service (registry key): drvncdb Start: 0 Type: 0 Error Control: 0 Service (registry key): drvnddm Image path: system32\drivers\drvnddm.sys Image size: 40480 Image MD5: EE83A4EBAE70BC93CF14879D062F548B Start: 2 Type: 2 Error Control: 0 Service (registry key): E100B Display name: Intel® PRO Adapter Driver Image path: system32\DRIVERS\e100b325.sys Image size: 117760 Image MD5: 3FCA03CBCA11269F973B70FA483C88EF Start: 3 Type: 1 Error Control: 1 Service (registry key): e1express Display name: Intel® PRO/1000 PCI Express Network Connection Driver Image path: system32\DRIVERS\e1e5132.sys Image size: 180736 Image MD5: 0849EACDC01487573ADD86F5E470806C Start: 3 Type: 1 Error Control: 1 Service (registry key): ehRecvr Display name: Media Center Receiver Service Description: Media Center Service for TV and FM broadcast reception Object name: LocalSystem Image path: C:\WINDOWS\eHome\ehRecvr.exe Image size: 237568 Image MD5: 8301243BDE5B6CD316D79C0191D50D9A Start: 2 Type: 16 Error Control: 0 Depends On services: RPCSS Service (registry key): ehSched Display name: Media Center Scheduler Service Object name: LocalSystem Image path: C:\WINDOWS\eHome\ehSched.exe Image size: 102912 Image MD5: A53243709439AC2A4C216B817F8D7411 Start: 2 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): emupia Display name: E-mu Plug-in Architecture Driver Image path: system32\drivers\emupia2k.sys Image size: 77824 Image MD5: F619495027664E696ACC47522E4D8B44 Start: 3 Type: 1 Error Control: 1 Service (registry key): ERSvc Display name: Error Reporting Service Description: Allows error reporting for services and applictions running in non-standard environments. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 0 Depends On services: RpcSs Service (registry key): Eventlog Display name: Event Log Description: Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped. Object name: LocalSystem Image path: %SystemRoot%\system32\services.exe Image size: 108032 Image MD5: C6CE6EEC82F187615D1002BB3BB50ED4 Start: 2 Type: 32 Error Control: 1 Service (registry key): EventSystem Display name: COM+ Event System Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: C:\WINDOWS\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 3 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): ewido security suite control Display name: ewido security suite control Object name: LocalSystem Image path: C:\Program Files\ewido anti-malware\ewidoctrl.exe Image size: 13888 Image MD5: 26830B750372AB1BF29C95DEEBEB802F Start: 2 Type: 272 Error Control: 0 Service (registry key): ewido security suite driver Display name: ewido security suite driver Image path: \??\C:\Program Files\ewido anti-malware\guard.sys Image size: 3072 Image MD5: 2FF233E31AEFFF332F187E8E2ABFA6C5 Start: 1 Type: 1 Error Control: 0 Service (registry key): ewido security suite guard Display name: ewido security suite guard Object name: LocalSystem Image path: C:\Program Files\ewido anti-malware\ewidoguard.exe Image size: 151616 Image MD5: 34A50717AD686900F078F5208F8E908E Start: 2 Type: 272 Error Control: 0 Service (registry key): Fastfat Start: 4 Type: 2 Error Control: 1 Service (registry key): FastUserSwitchingCompatibility Display name: Fast User Switching Compatibility Description: Provides management for applications that require assistance in a multiple user environment. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 3 Type: 32 Error Control: 1 Depends On services: TermService Service (registry key): Fax Display name: Fax Description: Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network. Object name: LocalSystem Image path: %systemroot%\system32\fxssvc.exe Image size: 267776 Image MD5: FCBD571FA0EE8DC238944AE5FAB74461 Start: 2 Type: 16 Error Control: 1 Depends On services: TapiSrv,RpcSs,PlugPlay,Spooler Service (registry key): Fdc Display name: Floppy Disk Controller Driver Image path: system32\DRIVERS\fdc.sys Image size: 27392 Image MD5: CED2E8396A8838E59D8FD529C680E02C Start: 3 Type: 1 Error Control: 1 Service (registry key): Fips Start: 1 Type: 1 Error Control: 1 Service (registry key): Flpydisk Display name: Floppy Disk Driver Image path: system32\DRIVERS\flpydisk.sys Image size: 20480 Image MD5: 0DD1DE43115B93F4D85E889D7A86F548 Start: 3 Type: 1 Error Control: 1 Service (registry key): FltMgr Display name: FltMgr Description: File System Filter Manager Driver Image path: system32\DRIVERS\fltMgr.sys Image size: 124800 Image MD5: 157754F0DF355A9E0A6F54721914F9C6 Start: 0 Type: 2 Error Control: 1 Service (registry key): Fs_Rec Start: 1 Type: 8 Error Control: 0 Service (registry key): Ftdisk Display name: Volume Manager Driver Image path: system32\DRIVERS\ftdisk.sys Image size: 125056 Image MD5: 6AC26732762483366C3969C9E4D2259D Start: 0 Type: 1 Error Control: 1 Service (registry key): GEARAspiWDM Display name: GEARAspiWDM Image path: System32\Drivers\GEARAspiWDM.sys Image size: 14408 Image MD5: 32A73A8952580B284A47290ADB62032A Start: 3 Type: 1 Error Control: 1 Service (registry key): Gpc Display name: Generic Packet Classifier Description: Generic Packet Classifier Image path: system32\DRIVERS\msgpc.sys Image size: 35072 Image MD5: C0F1D4A21DE5A415DF8170616703DEBF Start: 3 Type: 1 Error Control: 1 Service (registry key): ha20x2k Display name: Creative 20X HAL Driver Image path: system32\drivers\ha20x2k.sys Image size: 1093632 Image MD5: F66DFA0E91672E87708AA98162777ADD Start: 3 Type: 1 Error Control: 1 Service (registry key): helpsvc Display name: Help and Support Description: Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): HidServ Display name: HID Input Service Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): HidUsb Display name: Microsoft HID Class Driver Image path: system32\DRIVERS\hidusb.sys Image size: 9600 Image MD5: 1DE6783B918F540149AA69943BDFEBA8 Start: 3 Type: 1 Error Control: 0 Service (registry key): hpn Display name: hpn Image path: \SystemRoot\system32\DRIVERS\hpn.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): HSFHWBS2 Image path: system32\DRIVERS\HSFHWBS2.sys Image size: 212224 Image MD5: 77E4FF0B73BC0AEAAF39BF0C8104231F Start: 3 Type: 1 Error Control: 0 Service (registry key): HSF_DP Image path: system32\DRIVERS\HSF_DP.sys Image size: 1042432 Image MD5: 60E1604729A15EF4A3B05F298427B3B1 Start: 3 Type: 1 Error Control: 0 Service (registry key): HTTP Display name: HTTP Description: This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start. Image path: System32\Drivers\HTTP.sys Image size: 262400 Image MD5: BFB7B73C942E816C4FB4A5A7BAE87136 Start: 3 Type: 1 Error Control: 1 Service (registry key): HTTPFilter Display name: HTTP SSL Description: This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k HTTPFilter Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 3 Type: 32 Error Control: 1 Depends On services: HTTP Service (registry key): i2omgmt Start: 1 Type: 1 Error Control: 1 Service (registry key): i2omp Display name: i2omp Image path: \SystemRoot\system32\DRIVERS\i2omp.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): i8042prt Display name: i8042 Keyboard and PS/2 Mouse Port Driver Image path: system32\DRIVERS\i8042prt.sys Image size: 52736 Image MD5: 5502B58EEF7486EE6F93F3F164DCB808 Start: 1 Type: 1 Error Control: 1 Service (registry key): IAANTMon Display name: Intel® Matrix Storage Event Monitor Object name: LocalSystem Image path: C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe Image size: 86140 Image MD5: D43E91E271C041BB86A6223462A41D28 Start: 2 Type: 16 Error Control: 0 Service (registry key): iastor Display name: Intel AHCI Controller Image path: system32\drivers\iastor.sys Image size: 872064 Image MD5: 9A65E42664D1534B68512CAAD0EFE963 Start: 0 Type: 1 Error Control: 1 Service (registry key): IDriverT Display name: InstallDriver Table Manager Description: Provides support for the Running Object Table for InstallShield Drivers Object name: LocalSystem Image path: "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" Image size: 69632 Image MD5: 1CF03C69B49ACB70C722DF92755C0C8C Start: 3 Type: 16 Error Control: 0 Service (registry key): ILADFtmi Start: 0 Type: 0 Error Control: 0 Service (registry key): Imapi Display name: CD-Burning Filter Driver Image path: system32\DRIVERS\imapi.sys Image size: 41856 Image MD5: F8AA320C6A0409C0380E5D8A99D76EC6 Start: 1 Type: 1 Error Control: 1 Service (registry key): ImapiService Display name: IMAPI CD-Burning COM Service Description: Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: C:\WINDOWS\system32\imapi.exe Image size: 150016 Image MD5: FA788520BCAC0F5D9D5CDE5615C0D931 Start: 3 Type: 16 Error Control: 1 Service (registry key): inetaccs Start: 0 Type: 0 Error Control: 0 Service (registry key): ini910u Display name: ini910u Image path: \SystemRoot\system32\DRIVERS\ini910u.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): Inport Start: 0 Type: 0 Error Control: 0 Service (registry key): IntelIde Display name: IntelIde Image path: \SystemRoot\system32\DRIVERS\intelide.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): intelppm Display name: Intel Processor Driver Image path: system32\DRIVERS\intelppm.sys Image size: 36096 Image MD5: 279FB78702454DFF2BB445F238C048D2 Start: 1 Type: 1 Error Control: 1 Service (registry key): Ip6Fw Display name: IPv6 Windows Firewall Driver Description: Provides intrusion prevention service for a home or small office network. Image path: system32\DRIVERS\Ip6Fw.sys Image size: 29056 Image MD5: 4448006B6BC60E6C027932CFC38D6855 Start: 3 Type: 1 Error Control: 1 Service (registry key): IpFilterDriver Display name: IP Traffic Filter Driver Description: IP Traffic Filter Driver Image path: System32\DRIVERS\ipfltdrv.sys Image size: 32896 Image MD5: 731F22BA402EE4B62748ADAF6363C182 Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): IpInIp Display name: IP in IP Tunnel Driver Description: IP in IP Tunnel Driver Image path: system32\DRIVERS\ipinip.sys Image size: 20992 Image MD5: E1EC7F5DA720B640CD8FB8424F1B14BB Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): IpNat Display name: IP Network Address Translator Description: IP Network Address Translator Image path: system32\DRIVERS\ipnat.sys Image size: 134912 Image MD5: E2168CBC7098FFE963C6F23F472A3593 Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): iPodService Display name: iPodService Description: iPod hardware management services Object name: LocalSystem Image path: C:\Program Files\iPod\bin\iPodService.exe Image size: 323584 Image MD5: EDA049739349F0E837D4F55E8879D665 Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): IPSec Display name: IPSEC driver Description: IPSEC driver Image path: system32\DRIVERS\ipsec.sys Image size: 74752 Image MD5: 64537AA5C003A6AFEEE1DF819062D0D1 Start: 1 Type: 1 Error Control: 1 Service (registry key): IRENUM Display name: IR Enumerator Service Image path: system32\DRIVERS\irenum.sys Image size: 11264 Image MD5: 50708DAA1B1CBB7D6AC1CF8F56A24410 Start: 3 Type: 1 Error Control: 1 Service (registry key): ISAPISearch Start: 0 Type: 0 Error Control: 0 Service (registry key): isapnp Display name: PnP ISA/EISA Bus Driver Image path: system32\DRIVERS\isapnp.sys Image size: 35840 Image MD5: E504F706CCB699C2596E9A3DA1596E87 Start: 0 Type: 1 Error Control: 3 Service (registry key): Kbdclass Display name: Keyboard Class Driver Image path: system32\DRIVERS\kbdclass.sys Image size: 24576 Image MD5: EBDEE8A2EE5393890A1ACEE971C4C246 Start: 1 Type: 1 Error Control: 1 Service (registry key): kbdhid Display name: Keyboard HID Driver Image path: system32\DRIVERS\kbdhid.sys Image size: 14848 Image MD5: E182FA8E49E8EE41B4ADC53093F3C7E6 Start: 1 Type: 1 Error Control: 0 Service (registry key): kmixer Display name: Microsoft Kernel Wave Audio Mixer Image path: system32\drivers\kmixer.sys Image size: 171776 Image MD5: D93CAD07C5683DB066B0B2D2D3790EAD Start: 3 Type: 1 Error Control: 1 Service (registry key): KSecDD Start: 0 Type: 1 Error Control: 1 Service (registry key): lanmanserver Display name: Server Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Service (registry key): lanmanworkstation Display name: Workstation Description: Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Service (registry key): lbrtfdc Start: 1 Type: 1 Error Control: 0 Service (registry key): ldap Start: 0 Type: 0 Error Control: 0

#15 DLong

DLong

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 08 February 2006 - 07:58 PM

4th and final part Service (registry key): LHidKe Display name: Logitech SetPoint HID Mouse Filter Driver Image path: system32\DRIVERS\LHidKE.Sys Image size: 25600 Image MD5: 31B582394DA3290DFF300F10952E9A4D Start: 3 Type: 1 Error Control: 1 Service (registry key): LicenseService Start: 0 Type: 0 Error Control: 0 Service (registry key): LmHosts Display name: TCP/IP NetBIOS Helper Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: NetBT,Afd Service (registry key): LMouKE Display name: Logitech SetPoint Mouse Filter Driver Image path: system32\DRIVERS\LMouKE.Sys Image size: 68352 Image MD5: 90A794D0A0BF3531C4BA1C0510449629 Start: 3 Type: 1 Error Control: 1 Service (registry key): McrdSvc Display name: Media Center Extender Service Object name: NT AUTHORITY\LocalService Image path: C:\WINDOWS\ehome\mcrdsvc.exe Image size: 99328 Image MD5: DF0A511F38F16016BF658FCA0090CB87 Start: 2 Type: 16 Error Control: 1 Depends On services: RPCSS,SSDPSRV Service (registry key): MDM Display name: Machine Debug Manager Description: Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly. Object name: LocalSystem Image path: "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE" Image size: 322120 Image MD5: 11F714F85530A2BD134074DC30E99FCA Start: 2 Type: 272 Error Control: 1 Depends On services: RPCSS Service (registry key): mdmxsdk Image path: system32\DRIVERS\mdmxsdk.sys Image size: 11043 Image MD5: EEAEA6514BA7C9D273B5E87C4E1AAB30 Start: 2 Type: 1 Error Control: 0 Service (registry key): Messenger Display name: Messenger Description: Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 4 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation,NetBIOS,PlugPlay,RpcSS Service (registry key): MHN Display name: MHN Description: Multimedia Home Networking (MHN) is a networking platform for Audio Video (AV) streaming applications on IP home networks. MHN enhances AV streaming performance and reliability by ensuring network quality-of-service (QoS) for AV applications by providing mechanisms for admission control, run time monitoring and enforcement, application feedback, and traffic prioritization. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 3 Type: 32 Error Control: 1 Depends On services: TcpIp,Afd,RpcSs,mhndrv Service (registry key): MHNDRV Display name: MHN driver Description: Multimedia Home Network component driver Image path: system32\DRIVERS\mhndrv.sys Image size: 11008 Image MD5: 7F2F1D2815A6449D346FCCCBC569FBD6 Start: 3 Type: 1 Error Control: 1 Service (registry key): mnmdd Start: 1 Type: 1 Error Control: 0 Service (registry key): mnmsrvc Display name: NetMeeting Remote Desktop Sharing Description: Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: C:\WINDOWS\system32\mnmsrvc.exe Image size: 32768 Image MD5: F6415361201915B9FE3896B0E4E724FF Start: 3 Type: 272 Error Control: 1 Service (registry key): Modem Start: 3 Type: 1 Error Control: 0 Service (registry key): MODEMCSA Display name: Unimodem Streaming Filter Device Image path: system32\drivers\MODEMCSA.sys Image size: 16128 Image MD5: 1992E0D143B09653AB0F9C5E04B0FD65 Start: 3 Type: 1 Error Control: 1 Service (registry key): Mouclass Display name: Mouse Class Driver Image path: system32\DRIVERS\mouclass.sys Image size: 23040 Image MD5: 34E1F0031153E491910E12551400192C Start: 1 Type: 1 Error Control: 1 Service (registry key): mouhid Display name: Mouse HID Driver Image path: system32\DRIVERS\mouhid.sys Image size: 12160 Image MD5: B1C303E17FB9D46E87A98E4BA6769685 Start: 3 Type: 1 Error Control: 0 Service (registry key): MountMgr Start: 0 Type: 1 Error Control: 1 Service (registry key): mraid35x Display name: mraid35x Image path: \SystemRoot\system32\DRIVERS\mraid35x.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): MRxDAV Display name: WebDav Client Redirector Description: WebDav Client Redirector Image path: system32\DRIVERS\mrxdav.sys Image size: 181248 Image MD5: 46EDCC8F2DB2F322C24F48785CB46366 Start: 3 Type: 2 Error Control: 1 Service (registry key): MRxSmb Display name: MRXSMB Description: MRXSMB Image path: system32\DRIVERS\mrxsmb.sys Image size: 451584 Image MD5: 5DDC9A1B2EB5A4BF010CE8C019A18C1F Start: 1 Type: 2 Error Control: 1 Service (registry key): MSDTC Display name: Distributed Transaction Coordinator Description: Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT AUTHORITY\NetworkService Image path: C:\WINDOWS\system32\msdtc.exe Image size: 6144 Image MD5: C7C3D89EB0A6F3DBA622EA737FA335B1 Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS,SamSS Service (registry key): Msfs Start: 1 Type: 2 Error Control: 1 Service (registry key): MSIServer Display name: Windows Installer Description: Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: C:\WINDOWS\system32\msiexec.exe /V Image size: 78848 Image MD5: F5F0146580E7023ADB963879840777F8 Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): MSKSSRV Display name: Microsoft Streaming Service Proxy Image path: system32\drivers\MSKSSRV.sys Image size: 7552 Image MD5: AE431A8DD3C1D0D0610CDBAC16057AD0 Start: 3 Type: 1 Error Control: 1 Service (registry key): MSPCLOCK Display name: Microsoft Streaming Clock Proxy Image path: system32\drivers\MSPCLOCK.sys Image size: 5376 Image MD5: 13E75FEF9DFEB08EEDED9D0246E1F448 Start: 3 Type: 1 Error Control: 1 Service (registry key): MSPQM Display name: Microsoft Streaming Quality Manager Proxy Image path: system32\drivers\MSPQM.sys Image size: 4992 Image MD5: 1988A33FF19242576C3D0EF9CE785DA7 Start: 3 Type: 1 Error Control: 1 Service (registry key): mssmbios Display name: Microsoft System Management BIOS Driver Image path: system32\DRIVERS\mssmbios.sys Image size: 15488 Image MD5: 469541F8BFD2B32659D5D463A6714BCE Start: 3 Type: 1 Error Control: 1 Service (registry key): Mup Display name: Mup Start: 0 Type: 2 Error Control: 1 Service (registry key): NDIS Display name: NDIS System Driver Start: 0 Type: 1 Error Control: 1 Service (registry key): NdisTapi Display name: Remote Access NDIS TAPI Driver Description: Remote Access NDIS TAPI Driver Image path: system32\DRIVERS\ndistapi.sys Image size: 9600 Image MD5: 08D43BBDACDF23F34D79E44ED35C1B4C Start: 3 Type: 1 Error Control: 1 Service (registry key): Ndisuio Display name: NDIS Usermode I/O Protocol Description: NDIS Usermode I/O Protocol Image path: system32\DRIVERS\ndisuio.sys Image size: 14592 Image MD5: EEFA1CE63805D2145978621BE5C6D955 Start: 3 Type: 1 Error Control: 1 Service (registry key): NdisWan Display name: Remote Access NDIS WAN Driver Description: Remote Access NDIS WAN Driver Image path: system32\DRIVERS\ndiswan.sys Image size: 91776 Image MD5: 0B90E255A9490166AB368CD55A529893 Start: 3 Type: 1 Error Control: 1 Service (registry key): NDProxy Start: 3 Type: 1 Error Control: 1 Service (registry key): NetBIOS Display name: NetBIOS Interface Description: NetBIOS Interface Image path: system32\DRIVERS\netbios.sys Image size: 34560 Image MD5: 3A2ACA8FC1D7786902CA434998D7CEB4 Start: 1 Type: 2 Error Control: 1 Service (registry key): NetBT Display name: NetBios over Tcpip Description: NetBios over Tcpip Image path: system32\DRIVERS\netbt.sys Image size: 162816 Image MD5: 0C80E410CD2F47134407EE7DD19CC86B Start: 1 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): NetDDE Display name: Network DDE Description: Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\netdde.exe Image size: 111104 Image MD5: 05AFB5AD06462257BEA7495283C86D50 Start: 4 Type: 32 Error Control: 1 Depends On services: NetDDEDSDM Service (registry key): NetDDEdsdm Display name: Network DDE DSDM Description: Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\netdde.exe Image size: 111104 Image MD5: 05AFB5AD06462257BEA7495283C86D50 Start: 4 Type: 32 Error Control: 1 Service (registry key): Netlogon Display name: Net Logon Description: Supports pass-through authentication of account logon events for computers in a domain. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: 84885F9B82F4D55C6146EBF6065D75D2 Start: 3 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): Netman Display name: Network Connections Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 3 Type: 288 Error Control: 1 Depends On services: RpcSs Service (registry key): NetSvc Display name: Intel NCS NetService Description: Supports Intel® PROSet for Wired Connections. Object name: LocalSystem Image path: C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe Image size: 147456 Image MD5: 9DA26B773BD04B867A8E9F427CD048FC Start: 3 Type: 272 Error Control: 1 Depends On services: RPCSS Service (registry key): NIC1394 Display name: 1394 Net Driver Image path: system32\DRIVERS\nic1394.sys Image size: 61824 Image MD5: 5C5C53DB4FEF16CF87B9911C7E8C6FBC Start: 3 Type: 1 Error Control: 1 Service (registry key): Nla Display name: Network Location Awareness (NLA) Description: Collects and stores network configuration and location information, and notifies applications when this information changes. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 3 Type: 32 Error Control: 1 Depends On services: Tcpip,Afd Service (registry key): Npfs Start: 1 Type: 2 Error Control: 1 Service (registry key): Ntfs Start: 4 Type: 2 Error Control: 1 Service (registry key): NtLmSsp Display name: NT LM Security Support Provider Description: Provides security to remote procedure call (RPC) programs that use transports other than named pipes. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: 84885F9B82F4D55C6146EBF6065D75D2 Start: 3 Type: 32 Error Control: 1 Service (registry key): NtmsSvc Display name: Removable Storage Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): Null Start: 1 Type: 1 Error Control: 1 Service (registry key): nv Image path: system32\DRIVERS\nv4_mini.sys Image size: 3198304 Image MD5: 0A83977B8909FDA12E45112575A59BA7 Start: 3 Type: 1 Error Control: 0 Service (registry key): NVSvc Display name: NVIDIA Display Driver Service Description: Provides system and desktop level support to the NVIDIA display driver Object name: LocalSystem Image path: %SystemRoot%\system32\nvsvc32.exe Image size: 127043 Image MD5: 153C0BA143A174B38CB06338C6EF4CC5 Start: 2 Type: 16 Error Control: 1 Service (registry key): NwlnkFlt Display name: IPX Traffic Filter Driver Description: IPX Traffic Filter Driver Image path: system32\DRIVERS\nwlnkflt.sys Image size: 12416 Image MD5: B305F3FAD35083837EF46A0BBCE2FC57 Start: 3 Type: 1 Error Control: 1 Depends On services: NwlnkFwd Service (registry key): NwlnkFwd Display name: IPX Traffic Forwarder Driver Description: IPX Traffic Forwarder Driver Image path: system32\DRIVERS\nwlnkfwd.sys Image size: 32512 Image MD5: C99B3415198D1AAB7227F2C88FD664B9 Start: 3 Type: 1 Error Control: 1 Service (registry key): ohci1394 Display name: OHCI Compliant IEEE 1394 Host Controller Image path: system32\DRIVERS\ohci1394.sys Image size: 61056 Image MD5: 0951DB8E5823EA366B0E408D71E1BA2A Start: 0 Type: 1 Error Control: 1 Service (registry key): ose Display name: Office Source Engine Description: Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports. Object name: LocalSystem Image path: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" Image size: 89136 Image MD5: 7A56CF3E3F12E8AF599963B16F50FB6A Start: 3 Type: 16 Error Control: 1 Service (registry key): ossrv Display name: Creative OS Services Driver Image path: system32\drivers\ctoss2k.sys Image size: 114688 Image MD5: 1752C4130471B5D0BDE3CA21DD0C9088 Start: 3 Type: 1 Error Control: 1 Service (registry key): Outlook Start: 0 Type: 0 Error Control: 0 Service (registry key): Parport Display name: Parallel port driver Image path: system32\DRIVERS\parport.sys Image size: 80128 Image MD5: 29744EB4CE659DFE3B4122DEB45BC478 Start: 3 Type: 1 Error Control: 0 Service (registry key): PartMgr Start: 0 Type: 1 Error Control: 1 Service (registry key): ParVdm Start: 4 Type: 1 Error Control: 0 Depends On services: Parport Depends On group: "Parallel arbitrator" Service (registry key): PCI Display name: PCI Bus Driver Image path: system32\DRIVERS\pci.sys Image size: 68224 Image MD5: 8086D9979234B603AD5BC2F5D890B234 Start: 0 Type: 1 Error Control: 3 Service (registry key): PCIDump Start: 1 Type: 1 Error Control: 0 Service (registry key): PCIIde Image path: system32\DRIVERS\pciide.sys Image size: 3328 Image MD5: CCF5F451BB1A5A2A522A76E670000FF0 Start: 0 Type: 1 Error Control: 1 Service (registry key): Pcmcia Start: 4 Type: 1 Error Control: 1 Service (registry key): PDCOMP Start: 3 Type: 1 Error Control: 0 Service (registry key): PDEngine Display name: PDEngine Object name: LocalSystem Image path: "C:\Program Files\Raxco\PerfectDisk\PDEngine.exe" Image size: 483397 Image MD5: 97490FE14E2F0240D61D580B92766B88 Start: 3 Type: 272 Error Control: 1 Depends On services: RPCSS Service (registry key): PDFRAME Start: 3 Type: 1 Error Control: 0 Service (registry key): PDRELI Start: 3 Type: 1 Error Control: 0 Service (registry key): PDRFRAME Start: 3 Type: 1 Error Control: 0 Service (registry key): PDSched Display name: PDScheduler Object name: LocalSystem Image path: "C:\Program Files\Raxco\PerfectDisk\PDSched.exe" Image size: 241731 Image MD5: 5AB37FA77C0E6E382CA16299F4A198BA Start: 2 Type: 272 Error Control: 1 Depends On services: PDEngine Service (registry key): perc2 Display name: perc2 Image path: \SystemRoot\system32\DRIVERS\perc2.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): perc2hib Display name: perc2hib Image path: \SystemRoot\system32\DRIVERS\perc2hib.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): PerfDisk Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfNet Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfOS Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfProc Start: 0 Type: 0 Error Control: 0 Service (registry key): PlugPlay Display name: Plug and Play Description: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability. Object name: LocalSystem Image path: %SystemRoot%\system32\services.exe Image size: 108032 Image MD5: C6CE6EEC82F187615D1002BB3BB50ED4 Start: 2 Type: 32 Error Control: 1 Service (registry key): PolicyAgent Display name: IPSEC Services Description: Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: 84885F9B82F4D55C6146EBF6065D75D2 Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS,Tcpip,IPSec Service (registry key): PptpMiniport Display name: WAN Miniport (PPTP) Description: WAN Miniport (PPTP) Image path: system32\DRIVERS\raspptp.sys Image size: 48384 Image MD5: 1C5CC65AAC0783C344F16353E60B72AC Start: 3 Type: 1 Error Control: 1 Service (registry key): ProtectedStorage Display name: Protected Storage Description: Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: 84885F9B82F4D55C6146EBF6065D75D2 Start: 2 Type: 288 Error Control: 1 Depends On services: RpcSs Service (registry key): PSched Display name: QoS Packet Scheduler Description: QoS Packet Scheduler Image path: system32\DRIVERS\psched.sys Image size: 69120 Image MD5: 48671F327553DCF1D27F6197F622A668 Start: 3 Type: 1 Error Control: 1 Depends On services: Gpc Service (registry key): Ptilink Display name: Direct Parallel Link Driver Description: Direct Parallel Link Driver Image path: system32\DRIVERS\ptilink.sys Image size: 17792 Image MD5: 80D317BD1C3DBC5D4FE7B1678C60CADD Start: 3 Type: 1 Error Control: 1 Service (registry key): PxHelp20 Display name: PxHelp20 Image path: System32\Drivers\PxHelp20.sys Image size: 20640 Image MD5: 86724469CD077901706854974CD13C3E Start: 0 Type: 1 Error Control: 1 Service (registry key): ql1080 Display name: ql1080 Image path: \SystemRoot\system32\DRIVERS\ql1080.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): Ql10wnt Display name: Ql10wnt Image path: \SystemRoot\system32\DRIVERS\ql10wnt.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): ql12160 Display name: ql12160 Image path: \SystemRoot\system32\DRIVERS\ql12160.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): ql1240 Display name: ql1240 Image path: \SystemRoot\system32\DRIVERS\ql1240.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): ql1280 Display name: ql1280 Image path: \SystemRoot\system32\DRIVERS\ql1280.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): RasAcd Display name: Remote Access Auto Connection Driver Description: Remote Access Auto Connection Driver Image path: system32\DRIVERS\rasacd.sys Image size: 8832 Image MD5: FE0D99D6F31E4FAD8159F690D68DED9C Start: 1 Type: 1 Error Control: 1 Service (registry key): RasAuto Display name: Remote Access Auto Connection Manager Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 3 Type: 32 Error Control: 1 Depends On services: RasMan,Tapisrv Service (registry key): Rasl2tp Display name: WAN Miniport (L2TP) Description: WAN Miniport (L2TP) Image path: system32\DRIVERS\rasl2tp.sys Image size: 51328 Image MD5: 98FAEB4A4DCF812BA1C6FCA4AA3E115C Start: 3 Type: 1 Error Control: 1 Service (registry key): RasMan Display name: Remote Access Connection Manager Description: Creates a network connection. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 3 Type: 32 Error Control: 1 Depends On services: Tapisrv Service (registry key): RasPppoe Display name: Remote Access PPPOE Driver Description: Remote Access PPPOE Driver Image path: system32\DRIVERS\raspppoe.sys Image size: 41472 Image MD5: 7306EEED8895454CBED4669BE9F79FAA Start: 3 Type: 1 Error Control: 1 Service (registry key): Raspti Display name: Direct Parallel Description: Direct Parallel Image path: system32\DRIVERS\raspti.sys Image size: 16512 Image MD5: FDBB1D60066FCFBB7452FD8F9829B242 Start: 3 Type: 1 Error Control: 1 Service (registry key): Rdbss Display name: Rdbss Description: Rdbss Image path: system32\DRIVERS\rdbss.sys Image size: 174592 Image MD5: 809CA45CAA9072B3176AD44579D7F688 Start: 1 Type: 2 Error Control: 1 Service (registry key): RDPCDD Image path: System32\DRIVERS\RDPCDD.sys Image size: 4224 Image MD5: 4912D5B403614CE99C28420F75353332 Start: 1 Type: 1 Error Control: 0 Service (registry key): RDPDD Start: 0 Type: 0 Error Control: 0 Service (registry key): rdpdr Display name: Terminal Server Device Redirector Driver Image path: system32\DRIVERS\rdpdr.sys Image size: 196864 Image MD5: A2CAE2C60BC37E0751EF9DDA7CEAF4AD Start: 3 Type: 1 Error Control: 1 Service (registry key): RDPNP Start: 0 Type: 0 Error Control: 0 Service (registry key): RDPWD Start: 3 Type: 1 Error Control: 0 Service (registry key): RDSessMgr Display name: Remote Desktop Help Session Manager Description: Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box. Object name: LocalSystem Image path: C:\WINDOWS\system32\sessmgr.exe Image size: 140800 Image MD5: 729798E0933076B8FCFCD9934698F164 Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): redbook Display name: Digital CD Audio Playback Filter Driver Image path: system32\DRIVERS\redbook.sys Image size: 57472 Image MD5: B31B4588E4086D8D84ADBF9845C2402B Start: 1 Type: 1 Error Control: 1 Service (registry key): RemoteAccess Display name: Routing and Remote Access Description: Offers routing services to businesses in local area and wide area network environments. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 4 Type: 32 Error Control: 1 Depends On services: RpcSS Depends On group: NetBIOSGroup Service (registry key): RemoteRegistry Display name: Remote Registry Description: Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 4 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): RetroLauncher Display name: Retrospect Launcher Description: Launches Retrospect automatically when scripts are waiting to run. Object name: LocalSystem Image path: C:\Program Files\Dantz\Retrospect\retrorun.exe Image size: 49152 Image MD5: 6FB9B33D20A2AAC7C89884246A0E25FB Start: 2 Type: 272 Error Control: 1 Service (registry key): Retrospect Helper Display name: Retrospect Helper Description: Helps Retrospect with various tasks. Object name: LocalSystem Image path: "C:\Program Files\Dantz\Retrospect\rthlpsvc.exe" Image size: 110592 Image MD5: 5B767DF028DC39D4246F09F5628D7FDD Start: 2 Type: 272 Error Control: 1 Service (registry key): RetroWDSvc Display name: Retrospect WD Service Description: Provide Retrospect interface to Western Digital drives. Object name: LocalSystem Image path: C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe Image size: 46592 Image MD5: 6F5386267113FE4E0F87A882DE48C577 Start: 2 Type: 272 Error Control: 1 Service (registry key): RpcLocator Display name: Remote Procedure Call (RPC) Locator Description: Manages the RPC name service database. Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\system32\locator.exe Image size: 75264 Image MD5: 793F04A09B15E7C6C11DBDFFAF06C0AB Start: 3 Type: 16 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): RpcSs Display name: Remote Procedure Call (RPC) Description: Provides the endpoint mapper and other miscellaneous RPC services. Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\system32\svchost -k rpcss Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Service (registry key): RSVP Display name: QoS RSVP Description: Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets. Object name: LocalSystem Image path: %SystemRoot%\system32\rsvp.exe Image size: 132608 Image MD5: 471B3F9741D762ABE75E9DEEA4787E47 Start: 3 Type: 16 Error Control: 1 Depends On services: TcpIp,Afd,RpcSs Service (registry key): SamSs Display name: Security Accounts Manager Description: Stores security information for local user accounts. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: 84885F9B82F4D55C6146EBF6065D75D2 Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): SCardSvr Display name: Smart Card Description: Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\SCardSvr.exe Image size: 95744 Image MD5: 25D8DE134DF108E3DBC8D7D23B1AA58E Start: 3 Type: 32 Error Control: 0 Depends On services: PlugPlay Service (registry key): Schedule Display name: Task Scheduler Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): Secdrv Display name: Secdrv Description: SafeDisc driver Image path: system32\DRIVERS\secdrv.sys Image size: 27440 Image MD5: D26E26EA516450AF9D072635C60387F4 Start: 3 Type: 1 Error Control: 1 Service (registry key): seclogon Display name: Secondary Logon Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 288 Error Control: 0 Service (registry key): SENS Display name: System Event Notification Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: EventSystem Service (registry key): serenum Display name: Serenum Filter Driver Image path: system32\DRIVERS\serenum.sys Image size: 15488 Image MD5: A2D868AEEFF612E70E213C451A70CAFB Start: 3 Type: 1 Error Control: 1 Service (registry key): Serial Display name: Serial port driver Image path: system32\DRIVERS\serial.sys Image size: 64896 Image MD5: CD9404D115A00D249F70A371B46D5A26 Start: 1 Type: 1 Error Control: 0 Service (registry key): Sfloppy Start: 1 Type: 1 Error Control: 0 Depends On group: "SCSI miniport" Service (registry key): SharedAccess Display name: Windows Firewall/Internet Connection Sharing (ICS) Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: Netman,WinMgmt Service (registry key): ShellHWDetection Display name: Shell Hardware Detection Description: Provides notifications for AutoPlay hardware events. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 0 Depends On services: RpcSs Service (registry key): Simbad Start: 4 Type: 1 Error Control: 1 Service (registry key): sisagp Display name: SIS AGP Bus Filter Image path: \SystemRoot\system32\DRIVERS\sisagp.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): SNMP Display name: SNMP Service Description: Includes agents that monitor the activity in network devices and report to the network console workstation. Object name: LocalSystem Image path: %SystemRoot%\System32\snmp.exe Image size: 32768 Image MD5: D923BF27723E28E3C121B77F52DB4BCE Start: 2 Type: 16 Error Control: 1 Depends On services: EventLog Service (registry key): SNMPTRAP Display name: SNMP Trap Service Description: Receives trap messages generated by local or remote SNMP agents and forwards the messages to SNMP management programs running on this computer. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\snmptrap.exe Image size: 8704 Image MD5: 6F591DBEFD11F7697042907B516F1212 Start: 3 Type: 16 Error Control: 1 Depends On services: EventLog Service (registry key): Sparrow Display name: Sparrow Image path: \SystemRoot\system32\DRIVERS\sparrow.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): splitter Display name: Microsoft Kernel Audio Splitter Image path: system32\drivers\splitter.sys Image size: 6400 Image MD5: 8E186B8F23295D1E42C573B82B80D548 Start: 3 Type: 1 Error Control: 1 Service (registry key): Spooler Display name: Print Spooler Description: Loads files to memory for later printing. Object name: LocalSystem Image path: %SystemRoot%\system32\spoolsv.exe Image size: 57856 Image MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F Start: 2 Type: 272 Error Control: 1 Depends On services: RPCSS Service (registry key): sr Display name: System Restore Filter Driver Image path: system32\DRIVERS\sr.sys Image size: 73472 Image MD5: E41B6D037D6CD08461470AF04500DC24 Start: 0 Type: 2 Error Control: 1 Service (registry key): srservice Display name: System Restore Service Description: Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): Srv Display name: Srv Description: Srv Image path: system32\DRIVERS\srv.sys Image size: 332544 Image MD5: 553007ECCE7F6565BBE645BEB66D3B69 Start: 3 Type: 2 Error Control: 1 Service (registry key): sscdbhk5 Image path: system32\drivers\sscdbhk5.sys Image size: 5627 Image MD5: D7968049BE0ADBB6A57CEE3960320911 Start: 1 Type: 2 Error Control: 0 Service (registry key): SSDPSRV Display name: SSDP Discovery Service Description: Enables discovery of UPnP devices on your home network. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 16 Error Control: 1 Depends On services: HTTP Service (registry key): ssrtln Image path: system32\drivers\ssrtln.sys Image size: 23545 Image MD5: C3FFD65ABFB6441E7606CF74F1155273 Start: 1 Type: 2 Error Control: 0 Service (registry key): stisvc Display name: Windows Image Acquisition (WIA) Description: Provides image acquisition services for scanners and cameras. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k imgsvc Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): swenum Display name: Software Bus Driver Image path: system32\DRIVERS\swenum.sys Image size: 4352 Image MD5: 03C1BAE4766E2450219D20B993D6E046 Start: 3 Type: 1 Error Control: 1 Service (registry key): swmidi Display name: Microsoft Kernel GS Wavetable Synthesizer Image path: system32\drivers\swmidi.sys Image size: 54272 Image MD5: 94ABC808FC4B6D7D2BBF42B85E25BB4D Start: 3 Type: 1 Error Control: 1 Service (registry key): SwPrv Display name: MS Software Shadow Copy Provider Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{6F6160A9-C71A-4D34-91A0-5B9E71074979} Image size: 5120 Image MD5: DD87DB7387B9EB441C5674888A0D840C Start: 3 Type: 16 Error Control: 0 Depends On services: rpcss Service (registry key): symc810 Display name: symc810 Image path: \SystemRoot\system32\DRIVERS\symc810.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): symc8xx Display name: symc8xx Image path: \SystemRoot\system32\DRIVERS\symc8xx.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): sym_hi Display name: sym_hi Image path: \SystemRoot\system32\DRIVERS\sym_hi.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): sym_u3 Display name: sym_u3 Image path: \SystemRoot\system32\DRIVERS\sym_u3.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): sysaudio Display name: Microsoft Kernel System Audio Device Image path: system32\drivers\sysaudio.sys Image size: 60800 Image MD5: 650AD082D46BAC0E64C9C0E0928492FD Start: 3 Type: 1 Error Control: 1 Service (registry key): SysmonLog Display name: Performance Logs and Alerts Description: Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT Authority\NetworkService Image path: %SystemRoot%\system32\smlogsvc.exe Image size: 89600 Image MD5: 8B54AA346D1B1B113FFAA75501B8B1B2 Start: 3 Type: 16 Error Control: 1 Service (registry key): TapiSrv Display name: Telephony Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 3 Type: 32 Error Control: 1 Depends On services: PlugPlay,RpcSs Service (registry key): Tcpip Display name: TCP/IP Protocol Driver Description: TCP/IP Protocol Driver Image path: system32\DRIVERS\tcpip.sys Image size: 359808 Image MD5: 88763A98A4C26C409741B4AA162720C9 Start: 1 Type: 1 Error Control: 1 Depends On services: IPSec Service (registry key): TDPIPE Start: 3 Type: 1 Error Control: 0 Service (registry key): TDTCP Start: 3 Type: 1 Error Control: 0 Service (registry key): TermDD Display name: Terminal Device Driver Image path: system32\DRIVERS\termdd.sys Image size: 40840 Image MD5: A540A99C281D933F3D69D55E48727F47 Start: 1 Type: 1 Error Control: 1 Service (registry key): TermService Display name: Terminal Services Description: Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost -k DComLaunch Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 3 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): tfsnboio Image path: system32\dla\tfsnboio.sys Image size: 25883 Image MD5: 30698355067D07DA5F9EB81132C9FDD6 Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsncofs Image path: system32\dla\tfsncofs.sys Image size: 34843 Image MD5: FB9D825BB4A2ABDF24600F7505050E2B Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsndrct Image path: system32\dla\tfsndrct.sys Image size: 4123 Image MD5: CAFD8CCA11AA1E8B6D2EA1BA8F70EC33 Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsndres Image path: system32\dla\tfsndres.sys Image size: 2239 Image MD5: 8DB1E78FBF7C426D8EC3D8F1A33D6485 Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsnifs Image path: system32\dla\tfsnifs.sys Image size: 86586 Image MD5: B92F67A71CC8176F331B8AA8D9F555AD Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsnopio Image path: system32\dla\tfsnopio.sys Image size: 15227 Image MD5: 85985FAA9A71E2358FCC2EDEFC2A3C5C Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsnpool Image path: system32\dla\tfsnpool.sys Image size: 6363 Image MD5: BBA22094F0F7C210567EFDAF11F64495 Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsnudf Image path: system32\dla\tfsnudf.sys Image size: 98714 Image MD5: 81340BEF80B9811E98CE64611E67E3FF Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsnudfa Image path: system32\dla\tfsnudfa.sys Image size: 100603 Image MD5: C035FD116224CCC8325F384776B6A8BB Start: 2 Type: 2 Error Control: 0 Service (registry key): Themes Display name: Themes Description: Provides user experience theme management. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Service (registry key): TlntSvr Display name: Telnet Description: Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: C:\WINDOWS\system32\tlntsvr.exe Image size: 73216 Image MD5: 37DB0A7D097310E8B4DE803FC3119C78 Start: 4 Type: 16 Error Control: 1 Depends On services: RPCSS,TCPIP,NTLMSSP Service (registry key): TosIde Display name: TosIde Image path: \SystemRoot\system32\DRIVERS\toside.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): TrkWks Display name: Distributed Link Tracking Client Description: Maintains links between NTFS files within a computer or across computers in a network domain. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): TSDDD Start: 0 Type: 0 Error Control: 0 Service (registry key): Udfs Start: 4 Type: 2 Error Control: 1 Service (registry key): ultra Display name: ultra Image path: \SystemRoot\system32\DRIVERS\ultra.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): UMWdf Display name: Windows User Mode Driver Framework Description: Enables Windows user mode drivers. Object name: NT AUTHORITY\LocalService Image path: C:\WINDOWS\system32\wdfmgr.exe Image size: 38912 Image MD5: 6634C460C56EC7E48D6BE20B745DC03A Start: 3 Type: 16 Error Control: 1 Depends On services: RpcSs Service (registry key): Update Display name: Microcode Update Driver Image path: system32\DRIVERS\update.sys Image size: 209408 Image MD5: AFF2E5045961BBC0A602BB6F95EB1345 Start: 3 Type: 1 Error Control: 1 Service (registry key): upnphost Display name: Universal Plug and Play Device Host Description: Provides support to host Universal Plug and Play devices. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 3 Type: 32 Error Control: 1 Depends On services: SSDPSRV,HTTP Service (registry key): UPS Display name: Uninterruptible Power Supply Description: Manages an uninterruptible power supply (UPS) connected to the computer. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\ups.exe Image size: 18432 Image MD5: 3F5DF65B0758675F95A2D43918A740A3 Start: 3 Type: 16 Error Control: 1 Service (registry key): usb Start: 0 Type: 0 Error Control: 0 Service (registry key): usbccgp Display name: Microsoft USB Generic Parent Driver Image path: system32\DRIVERS\usbccgp.sys Image size: 31616 Image MD5: BFFD9F120CC63BCBAA3D840F3EEF9F79 Start: 3 Type: 1 Error Control: 1 Service (registry key): usbehci Display name: Microsoft USB 2.0 Enhanced Host Controller Miniport Driver Image path: system32\DRIVERS\usbehci.sys Image size: 26624 Image MD5: 15E993BA2F6946B2BFBBFCD30398621E Start: 3 Type: 1 Error Control: 1 Service (registry key): usbhub Display name: Microsoft USB Standard Hub Driver Image path: system32\DRIVERS\usbhub.sys Image size: 57600 Image MD5: C72F40947F92CEA56A8FB532EDF025F1 Start: 3 Type: 1 Error Control: 1 Service (registry key): usbprint Display name: Microsoft USB PRINTER Class Image path: system32\DRIVERS\usbprint.sys Image size: 25856 Image MD5: A42369B7CD8886CD7C70F33DA6FCBCF5 Start: 3 Type: 1 Error Control: 1 Service (registry key): usbscan Display name: USB Scanner Driver Image path: system32\DRIVERS\usbscan.sys Image size: 15104 Image MD5: A6BC71402F4F7DD5B77FD7F4A8DDBA85 Start: 3 Type: 1 Error Control: 1 Service (registry key): USBSTOR Display name: USB Mass Storage Driver Image path: system32\DRIVERS\USBSTOR.SYS Image size: 26496 Image MD5: 6CD7B22193718F1D17A47A1CD6D37E75 Start: 3 Type: 1 Error Control: 1 Service (registry key): usbuhci Display name: Microsoft USB Universal Host Controller Miniport Driver Image path: system32\DRIVERS\usbuhci.sys Image size: 20480 Image MD5: F8FD1400092E23C8F2F31406EF06167B Start: 3 Type: 1 Error Control: 1 Service (registry key): VET-FILT Display name: VET File System Filter Start: 1 Type: 1 Error Control: 1 Service (registry key): VET-REC Display name: VET File System Recognizer Start: 1 Type: 1 Error Control: 1 Service (registry key): VETFDDNT Display name: VET Floppy Boot Sector Monitor Start: 1 Type: 1 Error Control: 1 Service (registry key): VETMONNT Display name: VET File and Macro Monitor Start: 1 Type: 1 Error Control: 1 Service (registry key): VgaSave Image path: \SystemRoot\System32\drivers\vga.sys Start: 1 Type: 1 Error Control: 0 Service (registry key): viaagp Display name: VIA AGP Bus Filter Image path: \SystemRoot\system32\DRIVERS\viaagp.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): ViaIde Display name: ViaIde Image path: \SystemRoot\system32\DRIVERS\viaide.sys Start: 4 Type: 1 Error Control: 1 Service (registry key): VolSnap Start: 0 Type: 1 Error Control: 1 Service (registry key): vsdatant Display name: vsdatant Image path: System32\vsdatant.sys Image size: 372816 Image MD5: 3B169081214C8C39E0A36E590D934C32 Start: 1 Type: 1 Error Control: 1 Depends On services: TCPIP Service (registry key): vsmon Display name: TrueVector Internet Monitor Description: Monitors internet traffic and generates alerts for disallowed access. Object name: LocalSystem Image path: C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service Image size: 1693448 Image MD5: 7E9C8F0BF97910E04A078799837BB6F2 Start: 2 Type: 272 Error Control: 1 Depends On services: Afd,RpcSs,vsdatant Service (registry key): VSS Display name: Volume Shadow Copy Description: Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\vssvc.exe Image size: 289792 Image MD5: 3EE00364AE0FD8D604F46CBAF512838A Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): w32time Display name: Windows Time Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Service (registry key): W3SVC Start: 0 Type: 0 Error Control: 0 Service (registry key): Wanarp Display name: Remote Access IP ARP Driver Description: Remote Access IP ARP Driver Image path: system32\DRIVERS\wanarp.sys Image size: 34560 Image MD5: 984EF0B9788ABF89974CFED4BFBAACBC Start: 3 Type: 1 Error Control: 1 Service (registry key): wanatw Display name: WAN Miniport (ATW) Image path: system32\DRIVERS\wanatw4.sys Start: 3 Type: 1 Error Control: 1 Service (registry key): WDICA Start: 3 Type: 1 Error Control: 0 Service (registry key): wdmaud Display name: Microsoft WINMM WDM Audio Compatibility Driver Image path: system32\drivers\wdmaud.sys Image size: 82944 Image MD5: 2797F33EBF50466020C430EE4F037933 Start: 3 Type: 1 Error Control: 1 Service (registry key): WebClient Display name: WebClient Description: Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 1 Depends On services: MRxDAV Service (registry key): winachsf Image path: system32\DRIVERS\HSF_CNXT.sys Image size: 680704 Image MD5: F59ED5A43B988A18EF582BB07B2327A7 Start: 3 Type: 1 Error Control: 0 Service (registry key): winmgmt Display name: Windows Management Instrumentation Description: Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 8F078AE4ED187AAABC0A305146DE6716 Start: 2 Type: 32 Error Control: 0 Depends On services: RPCSS Service (registry key): Winsock Start: 3 Type: 4 Error Control: 1 Service (registry key): WinSock2 Start: 0 Type: 0 Error Control: 0 Service (registry key): WinTrust Start: 0 Type: 0 Error Control: 0 Service (registry key): WmdmPmS

Related Topics



1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users