--- Search result list --- Hint of the Day: Click the bar at the right of this to see more information! () CouponBar: [SBI $3AE407AA] Library (File, nothing done) C:\WINDOWS\cpbrkpie.ocx CouponBar: [SBI $EFE6495E] Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C} CouponBar: [SBI $CB95FB49] Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC} CouponBar: [SBI $51FE8B2E] Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cpbrkpie.Coupon6Ctrl.1 CouponBar: [SBI $51FE8B2E] Class ID (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C} CouponBar: [SBI $7A5ACBCB] Interface (Registry key, nothing done) HKEY_CLASSES_ROOT\Interface\{6E780F0B-BCD6-40CB-B2DB-7AF47AB4D4A4} CouponBar: [SBI $7B15781E] Interface (Registry key, nothing done) HKEY_CLASSES_ROOT\Interface\{A138BE8B-F051-4802-9A3F-A750A6D862D4} CouponBar: [SBI $E3788A7B] Type library (Registry key, nothing done) HKEY_CLASSES_ROOT\TypeLib\{87255C51-CD7D-4506-B9AD-97606DAF53F3} Virantix: [SBI $017D6C71] Executable (File, nothing done) C:\WINDOWS\system32\braviax.exe XPSecurityCenter: [SBI $2EA75F78] Executable (File, nothing done) C:\WINDOWS\system32\winivstr.exe Delf.Spool.cn: [SBI $D357F13F] Executable (File, nothing done) C:\WINDOWS\system32\delself.bat PremiumSearch: [SBI $A27BCAFD] Settings (Registry value, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe\Debugger Virtumonde: [SBI $0FB400C8] Settings (Registry key, nothing done) HKEY_USERS\S-1-5-21-1922275950-1779413670-3725303808-1144\Software\wkey Win32.Winlagons.co: [SBI $C599E67C] Settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tcpsr Win32.Winlagons.co: [SBI $6A30ABB6] Settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tcpsr Zedo: Tracking cookie (Firefox: default) (Cookie, nothing done) AdRevolver: Tracking cookie (Firefox: default) (Cookie, nothing done) --- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) --- 2008-07-07 blindman.exe (1.0.0.8) 2008-07-07 SDFiles.exe (1.6.0.4) 2008-07-07 SDMain.exe (1.0.0.6) 2008-07-07 SDShred.exe (1.0.2.3) 2008-07-07 SDUpdate.exe (1.6.0.8) 2008-07-07 SDWinSec.exe (1.0.0.12) 2008-07-07 SpybotSD.exe (1.6.0.30) 2008-08-18 TeaTimer.exe (1.6.2.23) 2008-09-09 unins000.exe (51.49.0.0) 2008-07-07 Update.exe (1.6.0.7) 2008-07-07 advcheck.dll (1.6.1.12) 2007-04-02 aports.dll (2.1.0.0) 2008-06-14 DelZip179.dll (1.79.11.1) 2008-07-07 SDHelper.dll (1.6.0.12) 2008-06-19 sqlite3.dll 2008-07-07 Tools.dll (2.1.5.7) 2008-09-02 Includes\Adware.sbi (*) 2008-09-02 Includes\AdwareC.sbi (*) 2008-06-03 Includes\Cookies.sbi (*) 2008-09-02 Includes\Dialer.sbi (*) 2008-09-02 Includes\DialerC.sbi (*) 2008-07-23 Includes\HeavyDuty.sbi (*) 2008-09-02 Includes\Hijackers.sbi (*) 2008-09-02 Includes\HijackersC.sbi (*) 2008-09-02 Includes\Keyloggers.sbi (*) 2008-09-02 Includes\KeyloggersC.sbi (*) 2004-11-29 Includes\LSP.sbi (*) 2008-09-02 Includes\Malware.sbi (*) 2008-09-02 Includes\MalwareC.sbi (*) 2008-09-02 Includes\PUPS.sbi (*) 2008-09-02 Includes\PUPSC.sbi (*) 2007-11-07 Includes\Revision.sbi (*) 2008-06-18 Includes\Security.sbi (*) 2008-09-02 Includes\SecurityC.sbi (*) 2008-06-03 Includes\Spybots.sbi (*) 2008-06-03 Includes\SpybotsC.sbi (*) 2008-09-02 Includes\Spyware.sbi (*) 2008-09-02 Includes\SpywareC.sbi (*) 2008-06-03 Includes\Tracks.uti 2008-09-03 Includes\Trojans.sbi (*) 2008-09-02 Includes\TrojansC.sbi (*) 2008-03-04 Plugins\Chai.dll 2008-03-05 Plugins\Fennel.dll 2008-02-26 Plugins\Mate.dll 2007-12-24 Plugins\TCPIPAddress.dll --- System information --- Windows XP (Build: 2600) Service Pack 3 (5.1.2600) / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366) / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) / MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2 / MSXML4SP2: Security update for MSXML4 SP2 (KB936181) / Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458) / Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB923723) / Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565) / Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734) / Windows Media Player 10: Security Update for Windows Media Player 10 (KB936782) / Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398) / Windows XP: Security Update for Windows XP (KB923689) / Windows XP: Security Update for Windows XP (KB941569) / Windows XP / SP3: Windows XP Service Pack 3 / Windows XP / SP4: Security Update for Windows XP (KB946648) / Windows XP / SP4: Security Update for Windows XP (KB950759) / Windows XP / SP4: Security Update for Windows XP (KB950760) / Windows XP / SP4: Security Update for Windows XP (KB950762) / Windows XP / SP4: Security Update for Windows XP (KB950974) / Windows XP / SP4: Security Update for Windows XP (KB951066) / Windows XP / SP4: Update for Windows XP (KB951072-v2) / Windows XP / SP4: Security Update for Windows XP (KB951376) / Windows XP / SP4: Security Update for Windows XP (KB951376-v2) / Windows XP / SP4: Security Update for Windows XP (KB951698) / Windows XP / SP4: Security Update for Windows XP (KB951748) / Windows XP / SP4: Update for Windows XP (KB951978) / Windows XP / SP4: Hotfix for Windows XP (KB952287) / Windows XP / SP4: Security Update for Windows XP (KB952954) / Windows XP / SP4: Security Update for Windows XP (KB953838) / Windows XP / SP4: Security Update for Windows XP (KB953839) --- Startup entries list --- Located: HK_LM:Run, command: file: size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: HK_LM:Run, Adobe Photo Downloader command: "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" file: C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe size: 57344 MD5: 617FA5BE646B5E8D6670FD4710ACD2D3 Located: HK_LM:Run, Cpl32ver command: C:\WINDOWS\System32\Cpl32ver.exe file: C:\WINDOWS\System32\Cpl32ver.exe size: 16896 MD5: EA027D2FBF273A478A16379542436611 Located: HK_LM:Run, dla command: C:\WINDOWS\system32\dla\tfswctrl.exe file: C:\WINDOWS\system32\dla\tfswctrl.exe size: 127035 MD5: 2CA827BA68D0CDB5437C40C6F53D7F20 Located: HK_LM:Run, DVDLauncher command: "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" file: C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe size: 53248 MD5: B57B08FE0F58D6169156E6E659C59636 Located: HK_LM:Run, gcasServ command: "C:\Program Files\Security\AntiSpyware\Microsoft AntiSpyware\gcasServ.exe" file: C:\Program Files\Security\AntiSpyware\Microsoft AntiSpyware\gcasServ.exe size: 473928 MD5: E8177B5150CAB1509D2E9807C3F6366C Located: HK_LM:Run, HPWUTOOLBOX command: C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe "-i" file: C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe size: 352256 MD5: 2BEEF9A913ABFA2F520A84E16997E412 Located: HK_LM:Run, igfxhkcmd command: C:\WINDOWS\system32\hkcmd.exe file: C:\WINDOWS\system32\hkcmd.exe size: 77824 MD5: 01018F75F3F18CE629FAC9689954A2AE Located: HK_LM:Run, igfxpers command: C:\WINDOWS\system32\igfxpers.exe file: C:\WINDOWS\system32\igfxpers.exe size: 114688 MD5: 996ABAC2332DE28F3B6A179C6DA20205 Located: HK_LM:Run, igfxtray command: C:\WINDOWS\system32\igfxtray.exe file: C:\WINDOWS\system32\igfxtray.exe size: 94208 MD5: 3F2C8DD08549BB3419CDA372F5999FFA Located: HK_LM:Run, IntelliPoint command: "C:\Program Files\Microsoft IntelliPoint\point32.exe" file: C:\Program Files\Microsoft IntelliPoint\point32.exe size: 217088 MD5: 5D11CA6AF7A30878C58AA1DB12BCA082 Located: HK_LM:Run, iTunesHelper command: "C:\Program Files\Multimedia\iTunes\iTunesHelper.exe" file: C:\Program Files\Multimedia\iTunes\iTunesHelper.exe size: 267048 MD5: 020B109C1D515879C04A36D6BCA949B8 Located: HK_LM:Run, NGClient command: C:\Program Files\SYMANTEC\Ghost\ngctw32.exe file: C:\Program Files\SYMANTEC\Ghost\ngctw32.exe size: 651119 MD5: F560A0E9748FD5667D999FBA55C1033C Located: HK_LM:Run, QuickTime Task command: "C:\Program Files\QuickTime\qttask.exe" -atboottime file: C:\Program Files\QuickTime\qttask.exe size: 385024 MD5: BAFCF6CF19CE4882039C52DFA17BE35F Located: HK_LM:Run, SunJavaUpdateSched command: "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" file: C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe size: 144784 MD5: 6AB4C021FBD36DC6764924C312428D97 Located: HK_LM:Run, type32 command: "C:\Program Files\Microsoft IntelliType Pro\type32.exe" file: C:\Program Files\Microsoft IntelliType Pro\type32.exe size: 196608 MD5: 760C00A152DC010DD8E41969BE33DC8A Located: HK_LM:Run, UpdateManager command: "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r file: C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe size: 110592 MD5: 52B80C30225DE81D7AC989DFE7311877 Located: HK_LM:Run, vptray command: C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe file: C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe size: 90112 MD5: 4B954730657F43B88A308C41FE570331 Located: HK_LM:RunOnceEx, command: file: size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: HK_CU:RunOnce, RunNarrator where: .DEFAULT... command: Narrator.exe file: C:\WINDOWS\system32\Narrator.exe size: 53760 MD5: 21F839F2281473642AC2060F30E19DC7 Located: HK_CU:Run, ctfmon.exe where: S-1-5-21-1922275950-1779413670-3725303808-1144... command: C:\WINDOWS\system32\ctfmon.exe file: C:\WINDOWS\system32\ctfmon.exe size: 15360 MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3 Located: HK_CU:Run, MSMSGS where: S-1-5-21-1922275950-1779413670-3725303808-1144... command: "C:\Program Files\Messenger\msmsgs.exe" /background file: C:\Program Files\Messenger\msmsgs.exe size: 1695232 MD5: 3E930C641079443D4DE036167A69CAA2 Located: HK_CU:Run, RealPopup where: S-1-5-21-1922275950-1779413670-3725303808-1144... command: "C:\Program Files\Network\Chat\RealPopup\RealPopup.exe" BOOT file: C:\Program Files\Network\Chat\RealPopup\RealPopup.exe size: 237568 MD5: 2FD358FD03D90CCF7F8E8B58E25EC00E Located: HK_CU:Run, swg where: S-1-5-21-1922275950-1779413670-3725303808-1144... command: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe file: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe size: 68856 MD5: E616A6A6E91B0A86F2F6217CDE835FFE Located: HK_CU:Run, Weather where: S-1-5-21-1922275950-1779413670-3725303808-1144... command: C:\Program Files\AWS\WeatherBug\Weather.exe 1 file: C:\Program Files\AWS\WeatherBug\Weather.exe size: 1347584 MD5: 84D68C45074DDA46181382DCE9C35F4E Located: HK_CU:RunOnce, RunNarrator where: S-1-5-18... command: Narrator.exe file: C:\WINDOWS\system32\Narrator.exe size: 53760 MD5: 21F839F2281473642AC2060F30E19DC7 Located: Startup (common), Acrobat Assistant.lnk where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup... command: C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe file: C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe size: 217193 MD5: 78BFE3201ADA2FE02D1E35D2488E5F55 Located: Startup (common), Adobe Reader Speed Launch.lnk where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup... command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe size: 29696 MD5: 43362B96870CE8649F4F2EC893DA93F0 Located: Startup (common), Kodak EasyShare software.lnk where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup... command: C:\Program Files\Graphics\Kodak\Kodak EasyShare software\bin\EasyShare.exe file: C:\Program Files\Graphics\Kodak\Kodak EasyShare software\bin\EasyShare.exe size: 614531 MD5: BD01E18519665AA81AD8A80417CCA286 Located: Startup (common), KODAK Software Updater.lnk where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup... command: C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe file: C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe size: 16432 MD5: A4ABD04731982411A0E2CE5161D23051 Located: Startup (common), PGPtray.lnk where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup... command: C:\Program Files\Security\PGP Corporation\PGP for Windows XP\PGPtray.exe file: C:\Program Files\Security\PGP Corporation\PGP for Windows XP\PGPtray.exe size: 335872 MD5: 6080FE1AFEAFED75879DB088E9D39F7E Located: WinLogon, crypt32chain command: crypt32.dll file: crypt32.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, cryptnet command: cryptnet.dll file: cryptnet.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, cscdll command: cscdll.dll file: cscdll.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, dimsntfy command: %SystemRoot%\System32\dimsntfy.dll file: %SystemRoot%\System32\dimsntfy.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, igfxcui command: igfxdev.dll file: igfxdev.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, NavLogon command: C:\WINDOWS\system32\NavLogon.dll file: C:\WINDOWS\system32\NavLogon.dll size: 45056 MD5: 4F08576DA1C93A5EC62EB2AD6EC3D084 Located: WinLogon, ScCertProp command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, Schedule command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, sclgntfy command: sclgntfy.dll file: sclgntfy.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, SensLogn command: WlNotify.dll file: WlNotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, termsrv command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, WgaLogon command: WgaLogon.dll file: WgaLogon.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, wlballoon command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! --- Browser helper object list --- --- ActiveX list --- {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) DPF name: CLSID name: Windows Genuine Advantage Validation Tool Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf Codebase: http://go.microsoft.com/fwlink/?linkid=39204 description: classification: Legitimate known filename: LegitCheckControl.DLL info link: info source: Safer Networking Ltd. Path: C:\WINDOWS\system32\ Long name: LegitCheckControl.dll Short name: LEGITC~1.DLL Date (created): 7/12/2005 7:04:22 PM Date (last access): 9/9/2008 8:05:40 PM Date (last write): 3/15/2007 6:19:28 PM Filesize: 1476992 Attributes: archive MD5: D1CB99ADBA9397D7D02B0B2DCFE47F1A CRC32: ED982FE3 Version: 1.7.18.5 {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) DPF name: CLSID name: Microsoft RDP Client Control (redist) Installer: C:\WINDOWS\Downloaded Program Files\msrdp.inf Codebase: http://s/tsweb/msrdp.cab description: classification: Legitimate known filename: msrdp.ocx info link: info source: Safer Networking Ltd. Path: C:\WINDOWS\Downloaded Program Files\ Long name: msrdp.ocx Short name: Date (created): 3/25/2003 12:03:32 AM Date (last access): 9/8/2008 8:43:10 AM Date (last write): 3/25/2003 12:03:32 AM Filesize: 683008 Attributes: archive MD5: FCBE8CFB80B08BB731DC816F3261E4C7 CRC32: 504BF2EF Version: 5.2.3790.0 {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_07 Installer: Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab description: Sun Java classification: Legitimate known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll info link: info source: Patrick M. Kolla Path: C:\Program Files\Java\jre1.6.0_07\bin\ Long name: npjpi160_07.dll Short name: NPJPI1~1.DLL Date (created): 6/10/2008 2:32:34 AM Date (last access): 9/5/2008 10:32:52 AM Date (last write): 6/10/2008 4:27:02 AM Filesize: 132496 Attributes: archive MD5: 7C83A2809E13950359189767AC9D5DB8 CRC32: 925C2A88 Version: 6.0.70.6 {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) DPF name: CLSID name: cpbrkpie Control Installer: C:\WINDOWS\Downloaded Program Files\cpbrkpie.inf Codebase: http://a19.g.akamai.net/7/19/7125/4056/ftp.coupons.com/r3302/Coupons.cab description: classification: Confirmed as malware known filename: cpbrkpie.ocx info link: info source: Safer Networking Ltd. Path: C:\WINDOWS\ Long name: CouponPrinter.ocx Short name: COUPON~1.OCX Date (created): 3/24/2008 8:01:50 PM Date (last access): 9/4/2008 12:35:04 PM Date (last write): 4/2/2008 12:45:34 PM Filesize: 71008 Attributes: archive MD5: 812F21ABD5CB18BCA0A356BE55BC1893 CRC32: 98FBF075 Version: 4.0.0.3 {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2) DPF name: Java Runtime Environment 1.4.2 CLSID name: Java Plug-in 1.4.2_03 Installer: Codebase: http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab description: classification: Legitimate known filename: npjpi142_03.dll info link: info source: Safer Networking Ltd. Path: C:\Program Files\Java\j2re1.4.2_03\bin\ Long name: NPJPI142_03.dll Short name: NPJPI1~1.DLL Date (created): 11/19/2003 6:48:18 PM Date (last access): 8/26/2008 8:43:30 AM Date (last write): 11/19/2003 6:48:12 PM Filesize: 65650 Attributes: archive MD5: 2AD31341BE41AC9B086128AD86A2B53F CRC32: 081CFB35 Version: 1.4.2.30 {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) DPF name: Java Runtime Environment 1.5.0 CLSID name: Java Plug-in 1.5.0_05 Installer: Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab description: classification: Legitimate known filename: npjpi150_05.dll info link: info source: Safer Networking Ltd. Path: C:\Program Files\Java\jre1.5.0_05\bin\ Long name: NPJPI150_05.dll Short name: NPJPI1~1.DLL Date (created): 8/26/2005 7:14:48 PM Date (last access): 8/26/2008 8:43:30 AM Date (last write): 8/26/2005 7:33:54 PM Filesize: 69746 Attributes: archive MD5: 52A85771BE18C9C00732F475A2C192AE CRC32: 525AE3AD Version: 5.0.50.5 {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) DPF name: Java Runtime Environment 1.5.0 CLSID name: Java Plug-in 1.5.0_06 Installer: Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab description: classification: Legitimate known filename: npjpi150_06.dll info link: info source: Safer Networking Ltd. Path: C:\Program Files\Java\jre1.5.0_06\bin\ Long name: NPJPI150_06.dll Short name: NPJPI1~1.DLL Date (created): 11/10/2005 2:03:56 PM Date (last access): 9/3/2008 10:07:22 AM Date (last write): 11/10/2005 2:22:10 PM Filesize: 69746 Attributes: archive MD5: D2CF6BB5E9020E6707B62575F8083954 CRC32: 7F39DC54 Version: 5.0.60.5 {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_07 Installer: Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab Path: C:\Program Files\Java\jre1.6.0_07\bin\ Long name: npjpi160_07.dll Short name: NPJPI1~1.DLL Date (created): 6/10/2008 2:32:34 AM Date (last access): 9/9/2008 9:34:12 PM Date (last write): 6/10/2008 4:27:02 AM Filesize: 132496 Attributes: archive MD5: 7C83A2809E13950359189767AC9D5DB8 CRC32: 925C2A88 Version: 6.0.70.6 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_07 Installer: Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab description: classification: Legitimate known filename: npjpi150_06.dll info link: info source: Safer Networking Ltd. Path: C:\Program Files\Java\jre1.6.0_07\bin\ Long name: npjpi160_07.dll Short name: NPJPI1~1.DLL Date (created): 6/10/2008 2:32:34 AM Date (last access): 9/9/2008 9:34:12 PM Date (last write): 6/10/2008 4:27:02 AM Filesize: 132496 Attributes: archive MD5: 7C83A2809E13950359189767AC9D5DB8 CRC32: 925C2A88 Version: 6.0.70.6 {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) DPF name: CLSID name: Shockwave Flash Object Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf Codebase: http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab description: Macromedia Shockwave Flash Player classification: Legitimate known filename: info link: info source: Patrick M. Kolla Path: C:\WINDOWS\system32\Macromed\Flash\ Long name: Flash9b.ocx Short name: Date (created): 11/9/2006 6:46:26 PM Date (last access): 9/9/2008 7:21:56 PM Date (last write): 11/9/2006 6:46:26 PM Filesize: 2262648 Attributes: readonly archive MD5: F3B3EE66CA76C94510555ABE9D00A353 CRC32: A51F3CB4 Version: 9.0.28.0 {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} () DPF name: CLSID name: Installer: C:\WINDOWS\Downloaded Program Files\setup.inf Codebase: http://download.abacast.com/download/files/abasetup161.cab description: classification: Open for discussion known filename: info link: info source: Safer Networking Ltd. --- Process list --- PID: 0 ( 0) [System] PID: 596 ( 4) \SystemRoot\System32\smss.exe size: 50688 PID: 664 ( 596) \??\C:\WINDOWS\system32\csrss.exe size: 6144 PID: 688 ( 596) \??\C:\WINDOWS\system32\winlogon.exe size: 507904 PID: 732 ( 688) C:\WINDOWS\system32\services.exe size: 108544 MD5: 0E776ED5F7CC9F94299E70461B7B8185 PID: 744 ( 688) C:\WINDOWS\system32\lsass.exe size: 13312 MD5: BF2466B3E18E970D8A976FB95FC1CA85 PID: 936 ( 732) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 PID: 1004 ( 732) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 PID: 1092 ( 732) C:\WINDOWS\System32\svchost.exe size: 14336 MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 PID: 1144 ( 732) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 PID: 1200 ( 732) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 PID: 1356 ( 732) C:\WINDOWS\system32\spoolsv.exe size: 57856 MD5: D8E14A61ACC1D4A6CD0D38AEBAC7FA3B PID: 1476 ( 732) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe size: 110592 MD5: 3A4982DF893F198A2DFBCCD4CE10F93A PID: 1492 ( 732) C:\Program Files\Tanagra\Memeo\MemeoService.exe size: 192512 MD5: ACE1830AA4BFF102BA17E7754F258F1A PID: 1608 ( 732) C:\Program Files\Data Collector Agent\support\DCAServiceHC.exe size: 40960 MD5: 384A60C53B3719396975D9F3CF61D4F2 PID: 1636 ( 732) C:\Program Files\Data Collector Agent\DCAService.exe size: 2232320 MD5: 919C1D1CF1D5D1305DC7E603647948E1 PID: 1684 ( 732) C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe size: 32768 MD5: F8146A2B29866884A6C785FF40EB38A9 PID: 1724 ( 732) C:\Program Files\Network\File Transfer\FTP Voyager\FVScheduler.exe size: 634880 MD5: A6AA48AC81236ADC6DF7BFDC908199F6 PID: 1780 ( 732) C:\Program Files\Dell\OpenManage\Client\Iap.exe size: 155648 MD5: BE9A7EE5BFCFE8E3F11C98B892D8FEF5 PID: 1808 ( 732) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE size: 322120 MD5: 11F714F85530A2BD134074DC30E99FCA PID: 1840 ( 732) C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe size: 7544916 MD5: 1251256FEFC2B00A7BD603578241F0AD PID: 1924 ( 732) C:\Program Files\SYMANTEC\Ghost\NGCTW32.EXE size: 651119 MD5: F560A0E9748FD5667D999FBA55C1033C PID: 1948 ( 732) C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe size: 610304 MD5: AC37351CEF1D50C3010B04A73B27665C PID: 2004 ( 732) C:\Program Files\Network\SSH\OpenSSH\bin\cygrunsrv.exe size: 36864 MD5: 3D70B0630342132EBC1FF5CFF483E6C0 PID: 276 ( 732) C:\WINDOWS\system32\PGPsdkServ.exe size: 77824 MD5: 0D668B84F9747036798675D9186D99DF PID: 320 ( 304) C:\Program Files\Network\SSH\OpenSSH\usr\sbin\sshd.exe size: 277504 MD5: DE54BE4F416C06D8AC6A43106A6DF88E PID: 396 ( 732) C:\WINDOWS\system32\ScsiAccess.EXE size: 181312 MD5: ED9C5CF6CC611EC8AC4A77C3F58F0601 PID: 472 ( 732) C:\WINDOWS\system32\wdfmgr.exe size: 38912 MD5: AB0A7CA90D9E3D6A193905DC1715DED0 PID: 868 ( 936) C:\WINDOWS\system32\wbem\wmiprvse.exe size: 218112 MD5: 0FFAE66E6D5B1C87CBD22D1F3B6079FD PID: 2120 ( 732) C:\WINDOWS\System32\alg.exe size: 44544 MD5: 8C515081584A38AA007909CD02020B3D PID: 3500 ( 596) \??\C:\WINDOWS\system32\csrss.exe size: 6144 PID: 3524 ( 596) \??\C:\WINDOWS\system32\winlogon.exe size: 507904 PID: 3856 ( 688) C:\WINDOWS\system32\rdpclip.exe size: 62976 MD5: DCCF6ED915BC05C244801B550AD12B17 PID: 736 (4052) C:\WINDOWS\Explorer.EXE size: 1033728 MD5: 12896823FB95BFB3DC9B46BCAEDC9923 PID: 1332 ( 736) C:\Documents and Settings\All Users\Application Data\etavizol\oxgfgneb.exe size: 65536 MD5: 6B7587845E7A54E99960642C4DD630AB PID: 900 ( 736) C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe size: 144784 MD5: 6AB4C021FBD36DC6764924C312428D97 PID: 2644 ( 736) C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe size: 53248 MD5: B57B08FE0F58D6169156E6E659C59636 PID: 3040 ( 736) C:\WINDOWS\system32\dla\tfswctrl.exe size: 127035 MD5: 2CA827BA68D0CDB5437C40C6F53D7F20 PID: 2156 ( 736) C:\Program Files\Microsoft IntelliType Pro\type32.exe size: 196608 MD5: 760C00A152DC010DD8E41969BE33DC8A PID: 2100 ( 736) C:\Program Files\Microsoft IntelliPoint\point32.exe size: 217088 MD5: 5D11CA6AF7A30878C58AA1DB12BCA082 PID: 2068 ( 736) C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe size: 57344 MD5: 617FA5BE646B5E8D6670FD4710ACD2D3 PID: 3124 ( 936) C:\Program Files\Security\AntiSpyware\Microsoft AntiSpyware\gcasDtServ.exe size: 756552 MD5: 6287BD6D1CE9CE18EA02908BF415BCB0 PID: 3176 ( 736) C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe size: 352256 MD5: 2BEEF9A913ABFA2F520A84E16997E412 PID: 3192 ( 736) C:\Program Files\Multimedia\iTunes\iTunesHelper.exe size: 267048 MD5: 020B109C1D515879C04A36D6BCA949B8 PID: 456 ( 736) C:\WINDOWS\System32\Cpl32ver.exe size: 16896 MD5: EA027D2FBF273A478A16379542436611 PID: 2804 ( 456) \??\C:\WINDOWS\System32\svchost.exe size: 14336 PID: 3228 ( 736) C:\Program Files\Network\Chat\RealPopup\RealPopup.exe size: 237568 MD5: 2FD358FD03D90CCF7F8E8B58E25EC00E PID: 3268 (2804) C:\WINDOWS\System32\svchost.exe size: 14336 MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 PID: 3320 ( 736) C:\Program Files\Messenger\msmsgs.exe size: 1695232 MD5: 3E930C641079443D4DE036167A69CAA2 PID: 3432 (2804) C:\WINDOWS\System32\svchost.exe size: 14336 MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 PID: 3556 ( 736) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe size: 68856 MD5: E616A6A6E91B0A86F2F6217CDE835FFE PID: 3596 ( 736) C:\WINDOWS\system32\ctfmon.exe size: 15360 MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3 PID: 3360 ( 736) C:\Program Files\AWS\WeatherBug\Weather.exe size: 1347584 MD5: 84D68C45074DDA46181382DCE9C35F4E PID: 3632 ( 736) C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe size: 217193 MD5: 78BFE3201ADA2FE02D1E35D2488E5F55 PID: 3608 ( 732) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 PID: 3920 ( 736) C:\Program Files\Graphics\Kodak\Kodak EasyShare software\bin\EasyShare.exe size: 614531 MD5: BD01E18519665AA81AD8A80417CCA286 PID: 3952 ( 736) C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe size: 16432 MD5: A4ABD04731982411A0E2CE5161D23051 PID: 4060 ( 736) C:\Program Files\Security\PGP Corporation\PGP for Windows XP\PGPtray.exe size: 335872 MD5: 6080FE1AFEAFED75879DB088E9D39F7E PID: 2260 ( 732) C:\Program Files\iPod\bin\iPodService.exe size: 504104 MD5: E1BD28CA09EE8F30E8EDBD6C19F5579D PID: 536 (3524) C:\WINDOWS\system32\logon.scr size: 220672 MD5: 9FAD7DFF67555FF1E06BC4A3893024A7 PID: 516 ( 736) C:\Program Files\Security\AntiSpyware\Spybot - Search & Destroy\SpybotSD.exe size: 4891472 MD5: 3B1B5D09D3C9C4CD39D4DB06ED7A0855 PID: 540 ( 736) C:\Program Files\Internet Explorer\iexplore.exe size: 93184 MD5: 55794B97A7FAABD2910873C85274F409 PID: 2468 ( 936) C:\Program Files\Internet Explorer\iexplore.exe size: 93184 MD5: 55794B97A7FAABD2910873C85274F409 PID: 2116 (2468) C:\WINDOWS\system32\ctfmon.exe size: 15360 MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3 PID: 4 ( 0) System --- Browser start & search pages list --- Spybot - Search & Destroy browser pages report, 9/9/2008 9:34:13 PM HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page C:\WINDOWS\system32\blank.htm HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page http://www.google.com HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar http://www.google.com/ie HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page http://www.google.com/ HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant http://www.google.com/ie HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@ http://www.google.com/search?q=%s HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page %SystemRoot%\system32\blank.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page http://www.google.com HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page http://www.google.com HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL http://companyweb HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL http://www.google.com/ie HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant http://www.google.com/ie HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm --- Winsock Layered Service Provider list --- --- Uninstall list --- Abacast Client (Abacast Client) uninstall cmd: C:\PROGRA~1\Abacast\UNWISE.EXE C:\PROGRA~1\Abacast\client.LOG WebEx (ActiveTouchMeetingClient) uninstall cmd: C:\WINDOWS\DOWNLO~1\atcliun.exe (AddressBook) Adobe Download Manager 2.0 (Remove Only) 2.0 (AdobeESD) uninstall cmd: "C:\Program Files\Common Files\Adobe\ESD\uninst.exe" ArchiveIT (ArchiveIT) uninstall cmd: C:\WINDOWS\uninst.exe -f"C:\Program Files\Advance Business Systems\ArchiveIT\DeIsL1.isu" -c"C:\Program Files\Advance Business Systems\ArchiveIT\_ISREG32.DLL" Ask Toolbar (AskSBar Uninstall) uninstall cmd: rundll32 C:\PROGRA~1\AskSBar\bar\1.bin\AskSBar.dll,O publisher: Ask.com help link: http://ccbar.ask.com/help/searchbar.html (Branding) (Connection Manager) Coupon Printer for Windows 4.0 (Coupon Printer for Windows4.0) uninstall cmd: "C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml" publisher: Coupons, Inc. contact: Coupons, Inc. Support Department help link: http://www.coupons.com DESI Labeling System 2.5 (DESI Labeling System) uninstall cmd: C:\PROGRA~1\DESI\UNWISE.EXE C:\PROGRA~1\DESI\INSTALL.LOG publisher: DESI Telephone Labels, Inc. contact: Technical Support help telephone: 360-571-0713 (DirectAnimation) (DirectDrawEx) (dlatray.exe) uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} (DXM_Runtime) (Fontcore) FTP Voyager 12.3 (FTP Voyager_is1) install location: C:\Program Files\Network\File Transfer\FTP Voyager\ uninstall cmd: "C:\Program Files\Network\File Transfer\FTP Voyager\unins000.exe" publisher: RhinoSoft.com help link: http://www.ftpvoyager.com/support HP Officejet Pro K550 Series 1.4 (HP Officejet Pro K550 Series) uninstall cmd: C:\Program Files\HP\Digital Imaging\{2B01846C-C137-4e40-B1B2-BFA80DF1A632}\setup\hpzscr01.exe -datfile hpwscr03.dat -forcereboot publisher: HP help link: http://www.hp.com/support (ICW) (IE40) (IE4Data) (IE5BAKEX) (IEData) InCtrl5 (InCtrl5) uninstall cmd: C:\PROGRA~1\UTILIT~1\SysMgmt\InCtrl5\UNWISE.EXE C:\PROGRA~1\UTILIT~1\SysMgmt\InCtrl5\INSTALL.LOG Internet Password Recovery Toolbox 1.3 (Internet Password Recovery Toolbox_is1) uninstall cmd: "C:\Program Files\Security\Internet Password Recovery Toolbox\unins000.exe" (KB884016) Windows Media Format SDK Hotfix - KB891122 (KB891122) install date: 20051105 uninstall cmd: "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=891122 (KB893803) Security Update for Step By Step Interactive Training (KB898458) 20050502.101010 (KB898458) install date: 20051030 uninstall cmd: "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/kb/898458 Hotfix for Windows Media Format SDK (KB902344) (KB902344) install date: 20051105 uninstall cmd: "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=902344 Microsoft Base Smart Card Cryptographic Service Provider Package (KB909520) uninstall cmd: "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe" publisher: Microsoft Corporation Security Update for Windows Media Player (KB911564) (KB911564) install date: 20060222 publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=911564 Security Update for Windows Media Player 10 (KB911565) (KB911565) install date: 20060222 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=911565 Security Update for Windows Media Player 10 (KB917734) (KB917734_WMP10) install date: 20060803 uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=917734 Security Update for Windows XP (KB923689) (KB923689) install date: 20061218 publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=923689 Security Update for Step By Step Interactive Training (KB923723) 20050502.101010 (KB923723) install date: 20070220 uninstall cmd: "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/kb/923723 Security Update for Windows Media Player 6.4 (KB925398) (KB925398_WMP64) install date: 20061218 publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=925398 Security Update for Windows Media Player 10 (KB936782) (KB936782_WMP10) install date: 20070815 uninstall cmd: "C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=936782 Security Update for Windows XP (KB941569) (KB941569) install date: 20071218 uninstall cmd: "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=941569 Security Update for Windows XP (KB946648) 1 (KB946648) install date: 20080908 uninstall cmd: "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=946648 Security Update for Windows XP (KB950759) 1 (KB950759) install date: 20080908 uninstall cmd: "C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=950759 Security Update for Windows XP (KB950760) 1 (KB950760) install date: 20080611 uninstall cmd: "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=950760 Security Update for Windows XP (KB950762) 1 (KB950762) install date: 20080908 uninstall cmd: "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=950762 Security Update for Windows XP (KB950974) 1 (KB950974) install date: 20080908 uninstall cmd: "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=950974 Security Update for Windows XP (KB951066) 1 (KB951066) install date: 20080908 uninstall cmd: "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=951066 Update for Windows XP (KB951072-v2) 2 (KB951072-v2) install date: 20080818 uninstall cmd: "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=951072 Security Update for Windows XP (KB951376) 1 (KB951376) install date: 20080908 uninstall cmd: "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=951376 Security Update for Windows XP (KB951376-v2) 2 (KB951376-v2) install date: 20080908 uninstall cmd: "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=951376 Security Update for Windows XP (KB951698) 1 (KB951698) install date: 20080908 uninstall cmd: "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=951698 Security Update for Windows XP (KB951748) 1 (KB951748) install date: 20080908 uninstall cmd: "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=951748 Update for Windows XP (KB951978) 1 (KB951978) install date: 20080909 uninstall cmd: "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=951978 Hotfix for Windows XP (KB952287) 1 (KB952287) install date: 20080908 uninstall cmd: "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=952287 Security Update for Windows XP (KB952954) 1 (KB952954) install date: 20080908 uninstall cmd: "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=952954 Security Update for Windows XP (KB953838) 1 (KB953838) install date: 20080908 uninstall cmd: "C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=953838 Security Update for Windows XP (KB953839) 1 (KB953839) install date: 20080818 uninstall cmd: "C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=953839 LiveUpdate 1.80 (Symantec Corporation) 1.80.19.0 (LiveUpdate) install location: C:\Program Files\Symantec\LiveUpdate uninstall cmd: C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U publisher: Symantec Corporation Microsoft .NET Framework 1.1 Hotfix (KB928366) (M928366) uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033)) uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm (Microsoft Interactive Training) uninstall cmd: C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu Microsoft Visual Studio 2005 Tools for Office Runtime (Microsoft Visual Studio 2005 Tools for Office Runtime) install location: C:\Program Files\Common Files\Microsoft Shared\VSTO\8.0\ uninstall cmd: C:\Program Files\Common Files\Microsoft Shared\VSTO\8.0\Microsoft Visual Studio 2005 Tools for Office Runtime\install.exe publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=45396 (MobileOptionPack) Mozilla Firefox (1.0.7) 1.0.7 (en-US) (Mozilla Firefox (1.0.7)) install location: C:\Program Files\Network\Web\Firefox uninstall cmd: C:\WINDOWS\UninstallFirefox.exe /ua "1.0.7 (en-US)" publisher: Mozilla (MPlayer2) (MSI30-Beta1) (MSI30-Beta2) (MSI30-KB884016) (MSI30-RC1) (MSI30-RC2) (MSI30a-KB884016) (MSI31-Beta) (MSI31-RC1) (NetMeeting) OpenSSH for Windows (remove only) (OpenSSH) uninstall cmd: "C:\Program Files\Network\SSH\OpenSSH\uninstall.exe" publisher: Michael Johnson contact: youngmug@hotmail.com help link: http://sshwindows.sourceforge.net/ readme: C:\Program Files\Network\SSH\OpenSSH\docs\readme.txt (OutlookExpress) (PCHealth) uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Peachtree Complete Accounting (Peachtree Complete Accounting) uninstall cmd: C:\WINDOWS\IsUninst.exe -f"c:\program files\Peachw\DeisPT.isu" PGP 8.0.2 (PGP) uninstall cmd: C:\PROGRA~1\Security\PGPCOR~1\PGPFOR~1\PGPUNI~1\setup.exe PGP Intel(R) PRO Network Connections Drivers (PROSet) uninstall cmd: Prounstl.exe RealPopup 2.6 (RealPopup_is1) uninstall cmd: "C:\Program Files\Network\Chat\RealPopup\unins000.exe" publisher: Matro (RecordNow.exe) uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} (SchedulingAgent) (SGTRAY.EXE) uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature Adobe Flash Player 9 ActiveX 9 (ShockwaveFlash) uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete publisher: Adobe Systems Incorporated help link: http://www.adobe.com/go/flashplayer_support/ Stamps.com Internet Postage (Stamps.com Internet Postage) uninstall cmd: C:\PROGRA~1\STAMPS~1.COM\Uninst.exe C:\PROGRA~1\STAMPS~1.COM\UNWISE.EXE C:\PROGRA~1\STAMPS~1.COM\INSTALL.LOG Vim 6.4 (self-installing) (Vim 6.4) uninstall cmd: C:\Program Files\Editors\Vim\vim64\uninstall-gui.exe Windows Genuine Advantage Validation Tool (WGA) install date: 20060420 publisher: Microsoft Corporation help link: http://www.microsoft.com/genuine Windows Genuine Advantage Notifications (KB905474) 1.7.0018.5 (WgaNotify) install date: 20060803 publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=905474 (WIC) Windows Media Format Runtime (Windows Media Format Runtime) uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Player 10 (Windows Media Player) uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows XP Service Pack 3 20080414.031525 (Windows XP Service Pack) install date: 20080908 uninstall cmd: "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=936929 Windows Media Connect (WMCSetup) uninstall cmd: "C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=47544 Yahoo! Toolbar (Yahoo! Companion) uninstall cmd: C:\PROGRA~1\Yahoo!\Common\unyt.exe Yahoo! Toolbar (Yahoo! Toolbar) Notifier 3.01.0001.0002 ({0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 1233 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Notifier\ uninstall cmd: MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2} publisher: Eastman Kodak Company comments: _ contact: Customer Support Department help link: _ help telephone: _ aspi 3.00.0008.0000 ({015E4B8A-29B5-4AE3-BD08-38220FADFF4C}) version: 50331656 version (major): 3 estimated size: 217 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ASPI\ uninstall cmd: MsiExec.exe /I{015E4B8A-29B5-4AE3-BD08-38220FADFF4C} publisher: Eastman Kodak Company comments: _ contact: Customer Support Department help link: _ help telephone: _ iTunes 7.6.0.29 ({02DFB3FD-CF52-4183-8BCA-2A127D4888F4}) version: 117833728 version (major): 7 version (minor): 6 estimated size: 74100 install date: 20080218 install location: C:\Program Files\Multimedia\iTunes\ install source: C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{02DFB3FD-CF52-4183-8BCA-2A127D4888F4} publisher: Apple Inc. contact: AppleCare Support help link: http://www.apple.com/support/ help telephone: 1-800-275-2273 Sonic Update Manager 2.9 ({09DA4F91-2A09-4232-AB8C-6BC740096DE3}) version: 34144256 version (major): 2 version (minor): 9 install date: 20051009 uninstall cmd: MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3} publisher: Sonic Solutions OpenOffice.org Installer 1.0 1.0.9221 ({0D499481-22C6-4B25-8AC2-6D3F6C885FB9}) version: 16786437 version (major): 1 estimated size: 2444 install date: 20080905 install location: C:\Program Files\Sun\OpenOffice.org Installer 1.0\ install source: http://javadl-esd.sun.com/update/1.6.0/sp-1.6.0_07/sp3/ uninstall cmd: MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9} publisher: Sun Microsystems comments: OpenOffice.org Installer 1.0 (en-US) (OOG680m5(Build:9221))[CWS:c18v001] help link: http://www.sun.com/getopenoffice Symantec AntiVirus Client 8.1.0.825 ({0EFC6259-3AD8-4CD2-BC57-D4937AF5CC0E}) version: 134283264 version (major): 8 version (minor): 1 estimated size: 14973 install date: 20051106 install source: C:\WINDOWS\TEMP\~SMI9E51\SYMANT~1.MSI\ uninstall cmd: MsiExec.exe /X{0EFC6259-3AD8-4CD2-BC57-D4937AF5CC0E} publisher: Symantec Corporation contact: help link: http://www.symantec.com help telephone: readme: 0 Sonic DLA 4.95 ({1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) version: 73334784 version (major): 4 version (minor): 95 install date: 20051009 uninstall cmd: MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} publisher: Sonic Solutions help link: http://support.sonic.com/ ESSPCD 3.01.0001.0001 ({14D4ED84-6A9A-45A0-96F6-1753768C3CB5}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 317 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Sysext\ESSpcd\ uninstall cmd: MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5} publisher: Eastman Kodak Company comments: _ contact: Customer Support Department help link: _ help telephone: _ Data Collector Agent 3.1.11 ({1BD388A2-3EB7-4BCC-8F62-50B72BECD516}) version: 50397195 version (major): 3 version (minor): 1 estimated size: 2212 install date: 20080819 install source: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\ uninstall cmd: MsiExec.exe /I{1BD388A2-3EB7-4BCC-8F62-50B72BECD516} publisher: PrintFleet Inc contact: PrintFleet Inc Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F}) uninstall cmd: regsvr32 /u /s "c:\program files\google\googletoolbar4.dll" Shadow Copy Client 1.0.0 ({23E5032B-56CA-4C19-A72E-B50161DB82CA}) version: 16777216 version (major): 1 estimated size: 36 install date: 20051030 install source: \\s\clientapps\shadowcopy\ uninstall cmd: MsiExec.exe /I{23E5032B-56CA-4C19-A72E-B50161DB82CA} publisher: Microsoft J2SE Runtime Environment 5.0 Update 5 1.5.0.50 ({3248F0A8-6813-11D6-A77B-00B0D0150050}) version: 17104896 version (major): 1 version (minor): 5 estimated size: 128981 install date: 20051107 install source: http://jdl.sun.com/webapps/download/GetFile/1.5.0_05-b05/windows-i586// uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050} publisher: Sun Microsystems, Inc. contact: http://java.com help link: http://java.com readme: C:\Program Files\Java\jre1.5.0_05\README.txt J2SE Runtime Environment 5.0 Update 6 1.5.0.60 ({3248F0A8-6813-11D6-A77B-00B0D0150060}) version: 17104896 version (major): 1 version (minor): 5 estimated size: 129701 install date: 20060111 install source: http://jdl.sun.com/webapps/download/GetFile/1.5.0_06-b05/windows-i586// uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060} publisher: Sun Microsystems, Inc. contact: http://java.com help link: http://java.com readme: C:\Program Files\Java\jre1.5.0_06\README.txt Java(TM) 6 Update 7 1.6.0.70 ({3248F0A8-6813-11D6-A77B-00B0D0160070}) version: 17170432 version (major): 1 version (minor): 6 estimated size: 117050 install date: 20080905 install source: http://javadl.sun.com/webapps/download/GetFile/1.6.0_07-b06/windows-i586/ uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} publisher: Sun Microsystems, Inc. contact: http://java.com help link: http://java.com readme: C:\Program Files\Java\jre1.6.0_07\README.txt WebFldrs XP 9.50.7523 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) version: 154279267 version (major): 9 version (minor): 50 estimated size: 2456 install date: 20040811 install source: C:\WINDOWS\system32\ publisher: Microsoft Corporation help link: http://www.microsoft.com/windows MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F}) version: 68429425 version (major): 4 version (minor): 20 estimated size: 2625 install date: 20061204 install source: c:\10a9ef96141dc4a5c3\ uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} publisher: Microsoft Corporation help link: http://support.microsoft.com/kb/927978 Microsoft Visual Studio 2005 Tools for Office Runtime 8.0.50727.42 ({388E4B09-3E71-4649-8921-F44A3A2954A7}) version: 134268455 version (major): 8 estimated size: 6806 install date: 20070909 install source: C:\DOCUME~1\ADMINI~1.SOL\LOCALS~1\Temp\IXP000.TMP\ uninstall cmd: MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7} publisher: Microsoft Corporation ESSCAM 3.01.0001.0001 ({469730CC-78DF-4CD3-B286-562D459EA619}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 169 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Sysext\Esscam\ uninstall cmd: MsiExec.exe /I{469730CC-78DF-4CD3-B286-562D459EA619} publisher: Eastman Kodak Company comments: _ contact: Customer Support Department help link: _ help telephone: _ ESSvpot 3.01.0001.0001 ({48C82F7A-F100-4DAB-A310-8E18BF2159E1}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 85 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\ESSVPOT\ uninstall cmd: MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1} publisher: Eastman Kodak comments: contact: help link: help telephone: Adobe® Photoshop® Album Starter Edition 3.0 3.00.000 ({4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}) version: 50331648 version (major): 3 estimated size: 16717 install date: 20051204 install location: C:\Program Files\Adobe\Photoshop Album Starter Edition\ install source: C:\WINDOWS\Downloaded Installations\{8379D168-79F6-4394-81A2-BB1944E8F892}\ uninstall cmd: MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B} publisher: Adobe Systems, Inc. readme: C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\ReadMe.txt Microsoft AntiSpyware 1.0 ({536F7C74-844B-4683-B0C5-EA39E19A6FE3}) version: 16777216 version (major): 1 estimated size: 16439 install date: 20051219 install source: C:\WINDOWS\Downloaded Installations\{C0FA7138-477B-4FEC-8F23-640C21C2287B}\ uninstall cmd: MsiExec.exe /I{536F7C74-844B-4683-B0C5-EA39E19A6FE3} publisher: Microsoft Corporation contact: Microsoft Support help link: http://www.microsoft.com Microsoft IntelliType Pro 5.3 5.30.606.0 ({53C398FE-CD56-412E-B3C7-B27F4B8B07D1}) version: 85852766 version (major): 5 version (minor): 30 estimated size: 7072 install date: 20051113 install source: D:\itype\Setup\ publisher: Microsoft help link: http://microsoft.com/support/ digestIT 2004 3.0.2004 ({5B119660-1788-11D8-8EB8-0050BF643EE7}) version: 50333652 version (major): 3 estimated size: 77 install date: 20051030 install source: C:\Documents and Settings\Administrator.solutions\My Documents\Downloads\digestIT_2004\ uninstall cmd: MsiExec.exe /I{5B119660-1788-11D8-8EB8-0050BF643EE7} publisher: Kenneth Ballard help link: http://digestIT.kennethballard.com/ Microsoft IntelliPoint 5.3 5.30.606.0 ({5B39603F-2A77-40E6-950D-ED7B8307933D}) version: 85852766 version (major): 5 version (minor): 30 estimated size: 6236 install date: 20051113 install source: D:\ipoint\Setup\ publisher: Microsoft help link: http://microsoft.com/support/ HP Driver Diagnostics 1.02.0008 ({6314D540-E3C1-4F30-AEEB-4154C93375C3}) version: 16908296 version (major): 1 version (minor): 2 estimated size: 1901 install date: 20070328 install location: C:\Program Files\Hp\ install source: C:\DOCUME~1\ADMINI~1.SOL\LOCALS~1\Temp\_is21\ uninstall cmd: MsiExec.exe /X{6314D540-E3C1-4F30-AEEB-4154C93375C3} publisher: Your Company Name Windows Genuine Advantage v1.3.0254.0 1.3.0254.0 ({63569CE9-FA00-469C-AF5C-E5D4D93ACF91}) version: 16974078 version (major): 1 version (minor): 3 estimated size: 519 install date: 20051030 install source: C:\DOCUME~1\ADMINI~1.SOL\LOCALS~1\Temp\IXP000.TMP\ uninstall cmd: MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} publisher: Microsoft comments: Your Comments contact: Customer Support Department help link: http://www.microsoft.com/genuine/downloads/whyValidate.aspx/help help telephone: 1-425.882.8080 ESSBrwr 3.01.0001.0001 ({643EAE81-920C-4931-9F0B-4B343B225CA6}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 269 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Sysext\Essbrwr\ uninstall cmd: MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6} publisher: Eastman Kodak Company comments: _ contact: Customer Support Department help link: _ help telephone: _ Business Contact Manager for Outlook 2003 1.0.2002.1 ({66563AD8-637B-407F-BCA7-0233A16891AB}) version: 16779218 version (major): 1 estimated size: 172797 install date: 20051009 install source: C:\Dell\H3161\ uninstall cmd: MsiExec.exe /I{66563AD8-637B-407F-BCA7-0233A16891AB} publisher: Microsoft Corporation help link: http://www.microsoft.com/support readme: C:\Program Files\Microsoft Office\OFFICE11\Business Contact Manager\README.htm PowerDVD 5.1 ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall Apple Software Update 2.1.1.116 ({6956856F-B6B3-4BE0-BA0B-8F495BE32033}) version: 33619969 version (major): 2 version (minor): 1 estimated size: 2208 install date: 20080826 install location: C:\Program Files\Apple Software Update\ install source: C:\Documents and Settings\Jo Ann\Local Settings\Application Data\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} publisher: Apple Inc. contact: AppleCare Support help link: http://www.apple.com/support/ help telephone: 1-800-275-2273 PCDLNCH 3.01.0001.0001 ({69BD6399-3D8F-45B7-81D9-819361F5101D}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 62 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Sysext\PCDLNCH\ uninstall cmd: MsiExec.exe /I{69BD6399-3D8F-45B7-81D9-819361F5101D} publisher: Eastman Kodak Company comments: _ contact: Customer Support Department help link: _ help telephone: _ WeatherBug 6.8.1.1 ({70DECFBF-9119-4434-B2D3-A3C283D15E45}) version: 101187585 version (major): 6 version (minor): 8 estimated size: 4231 install date: 20080218 install location: C:\Program Files\AWS\ install source: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IJOLA5U7\ uninstall cmd: MsiExec.exe /X{70DECFBF-9119-4434-B2D3-A3C283D15E45} publisher: AWS Convergence Technologies Java 2 Runtime Environment, SE v1.4.2_03 1.4.2_03 ({7148F0A8-6813-11D6-A77B-00B0D0142030}) version (major): 1 version (minor): 4 estimated size: 139992 install date: 20051009 install source: C:\Documents and Settings\Administrator\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}\ uninstall cmd: MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030} publisher: Sun Microsystems, Inc. comments: http://www.java.com contact: http://www.java.com help link: http://www.java.com help telephone: http://www.java.com readme: Readme.txt OMCI 7.01.0382 ({73F1BDB7-11E1-11D5-9DC6-00C04F2FC33B}) version: 117506430 version (major): 7 version (minor): 1 install date: 20051009 uninstall cmd: MsiExec.exe /X{73F1BDB7-11E1-11D5-9DC6-00C04F2FC33B} publisher: Dell Inc. comments: Setup on Windows 2000 or later. Administrative privileges on the target system are required. contact: Customer Support Department help link: http://support.dell.com help telephone: readme: C:\Program Files\Dell\OpenManage\Client\Readme.htm ESShelp 3.01.0001.0001 ({87843A41-7808-4F2E-B13F-25C1E67CF2FD}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 2093 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\ESShelp\ uninstall cmd: MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD} publisher: Eastman Kodak Company comments: _ contact: _ help link: _ help telephone: _ Intel(R) Extreme Graphics 2 Driver 6.14.10.4396 ({8A708DD8-A5E6-11D4-A706-000629E95E20}) uninstall cmd: RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572 Gen4Systems 1.0.0 ({8D077169-61DE-494C-A73E-0FA368B06BBB}) version: 16777216 version (major): 1 estimated size: 7032 install date: 20070909 install source: D:\ uninstall cmd: MsiExec.exe /I{8D077169-61DE-494C-A73E-0FA368B06BBB} publisher: Gen4 Systems contact: Gen4 Systems ESSini 3.01.0001.0002 ({8E92D746-CD9F-4B90-9668-42B74C14F765}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 21 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\ESSini\ uninstall cmd: MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765} publisher: Eastman Kodak comments: contact: help link: help telephone: Compatibility Pack for the 2007 Office system 12.0.6215.1000 ({90120000-0020-0409-0000-0000000FF1CE}) version: 201332807 version (major): 12 estimated size: 137961 install date: 20080903 install source: C:\Program Files\MSECache\O2007Cnv\1033\ uninstall cmd: MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE} publisher: Microsoft Corporation help link: http://www.microsoft.com/support ESSgui 3.01.0001.0001 ({91517631-A9F3-4B7C-B482-43E0068FD55A}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 2505 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\ESSgui\ uninstall cmd: MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A} publisher: Eastman Kodak comments: contact: help link: help telephone: Microsoft Office Small Business Edition 2003 11.0.8173.0 ({91CA0409-6000-11D3-8CFE-0150048383C9}) version: 184557549 version (major): 11 estimated size: 758952 install date: 20080818 uninstall cmd: MsiExec.exe /I{91CA0409-6000-11D3-8CFE-0150048383C9} publisher: Microsoft Corporation help link: http://www.microsoft.com/support readme: C:\Program Files\Microsoft Office\OFFICE11\1033\OFREADME.HTM Time Zone Data Update Tool for Microsoft Office Outlook 12.0.4518.1029 ({95120000-0038-0409-0000-0000000FF1CE}) version: 201331110 version (major): 12 estimated size: 18457 install date: 20070312 install source: C:\Program Files\MSECache\TZMove\ uninstall cmd: MsiExec.exe /X{95120000-0038-0409-0000-0000000FF1CE} publisher: Microsoft Corporation help link: http://www.microsoft.com/support Sonic RecordNow! Plus 7.3 ({9541FED0-327F-4DF0-8B96-EF57EF622F19}) version: 117637120 version (major): 7 version (minor): 3 install date: 20051009 uninstall cmd: MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19} publisher: Sonic Solutions help link: http://support.sonic.com/ ESScore 3.01.0001.0003 ({9D8FEE90-0377-49A9-AEFB-525BDE549BA4}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 12250 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\ESScore\ uninstall cmd: MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4} publisher: Eastman Kodak comments: contact: help link: help telephone: ESSvpaht 3.01.0001.0001 ({A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 45 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\ESSvpaht\ uninstall cmd: MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69} publisher: Eastman Kodak comments: contact: help link: help telephone: ESSANUP 3.01.0001.0001 ({A6F18A67-B771-4191-8A33-36D2E742D6D9}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 293 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Sysext\ESSanup\ uninstall cmd: MsiExec.exe /I{A6F18A67-B771-4191-8A33-36D2E742D6D9} publisher: Eastman Kodak Company comments: _ contact: Customer Support Department help link: _ help telephone: _ Intel(R) PROSet 6.05.2001 ({A790BEB1-BCCF-4EC6-807B-5708B36E8A79}) version: 100992977 version (major): 6 version (minor): 5 install date: 20051009 uninstall cmd: MsiExec.exe /I{A790BEB1-BCCF-4EC6-807B-5708B36E8A79} publisher: Intel comments: Intel(R) PROSet installation package contact: Intel Customer Support help link: http://support.intel.com SFR2 3.00.0004.0000 ({ABE068DF-8DC4-4947-ABFC-DD2B40850225}) version: 50331652 version (major): 3 estimated size: 157 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\SysFiles\Sfr2\ uninstall cmd: MsiExec.exe /I{ABE068DF-8DC4-4947-ABFC-DD2B40850225} publisher: Eastman Kodak Company comments: _ contact: Customer Support Department help link: _ help telephone: _ UGuide 1.00.0000 ({AC60C8C1-855E-45AB-8D95-1D16F8A38E78}) version: 16777216 version (major): 1 estimated size: 529 install date: 20070328 install source: C:\Documents and Settings\Administrator.solutions\Local Settings\Temp\ojprok550ENsetup\setup\Docs\ publisher: Hewlett-Packard Adobe Acrobat 6.0 Standard 006.000.000 ({AC76BA86-1033-0000-BA7E-000000000001}) version: 100663296 version (major): 6 install date: 20051009 uninstall cmd: MsiExec.exe /I{AC76BA86-1033-0000-BA7E-000000000001} publisher: Adobe Systems comments: contact: Customer Support help link: http://www.adobe.com/support/main.html help telephone: readme: Readme.htm Adobe Reader 7.0.5 7.0.5 ({AC76BA86-7AD7-1033-7B44-A70500000002}) version: 117440517 version (major): 7 estimated size: 65621 install date: 20051204 install location: C:\Program Files\Adobe\Acrobat 7.0\Reader\ install source: C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig705\ENU\ uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002} publisher: Adobe Systems Incorporated comments: contact: help link: http://www.adobe.com/support/main.html help telephone: readme: C:\Program Files\Adobe\Acrobat 7.0\Reader\Readme.htm ESSCDBK 3.01.0001.0001 ({AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 537 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Sysext\Esscdbk\ uninstall cmd: MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD} publisher: Eastman Kodak Company comments: _ contact: Customer Support Department help link: _ help telephone: _ Spybot - Search & Destroy 1.6.0 ({B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) install date: 20080909 install location: C:\Program Files\Security\AntiSpyware\Spybot - Search & Destroy\ uninstall cmd: "C:\Program Files\Security\AntiSpyware\Spybot - Search & Destroy\unins000.exe" publisher: Safer Networking Limited help link: http://www.safer-networking.org/index.php?page=support Microsoft .NET Framework 2.0 Service Pack 1 2.1.21022 ({B508B3F1-A24A-32C0-B310-85786919EF28}) version: 33640990 version (major): 2 version (minor): 1 estimated size: 190934 install date: 20080416 install source: c:\25ed0d29fa8b7db7a8c86bd36ebe\wcu\dotnetframework\dotnetfx20\ uninstall cmd: MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=98073 KSU 612.7.0013.0000 ({B997C2A0-4383-41BF-B76E-9B8B7ECFB267}) version: 1678180365 version (major): 612 version (minor): 7 estimated size: 6378 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Ksu\ uninstall cmd: MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267} publisher: Eastman Kodak Compnay comments: _ contact: Customer Support Department help link: _ help telephone: _ readme: _ Misc 1.00.0000 ({BA7A3288-228D-4031-A93A-B5F6B3415E15}) version: 16777216 version (major): 1 estimated size: 2446 install date: 20070328 install source: C:\Documents and Settings\Administrator.solutions\Local Settings\Temp\ojprok550ENsetup\setup\Docs\ publisher: Hewlett-Packard QuickTime 7.4.1.14 ({BFD96B89-B769-4CD6-B11E-E79FFD46F067}) version: 117702657 version (major): 7 version (minor): 4 estimated size: 79408 install date: 20080218 install location: C:\Program Files\QuickTime\ install source: C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067} publisher: Apple Inc. contact: AppleCare Support help link: http://www.apple.com/support/ help telephone: 1-800-275-2273 MSXML 4.0 SP2 (KB936181) 4.20.9848.0 ({C04E32E0-0416-434D-AFB9-6969D703A9EF}) version: 68429432 version (major): 4 version (minor): 20 estimated size: 2680 install date: 20070815 install source: c:\2297087784c1ec34935a68\ uninstall cmd: MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} publisher: Microsoft Corporation help link: http://support.microsoft.com/kb/936181 SFR 3.01.0001.0001 ({C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 2602 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\SysFiles\Sfr1\ uninstall cmd: MsiExec.exe /I{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314} publisher: Eastman Kodak Company comments: _ contact: _ help link: _ help telephone: _ ESSTUTOR 3.01.0001.0002 ({CA60320D-6A16-49C8-A34F-84EEF4799567}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 17826 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\EZSTutor\ uninstall cmd: MsiExec.exe /I{CA60320D-6A16-49C8-A34F-84EEF4799567} publisher: Eastman Kodak Company comments: _ contact: _ help link: _ help telephone: _ HP Product Detection 4.00.0000 ({CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) version: 67108864 version (major): 4 estimated size: 478 install date: 20070328 install location: C:\Program Files\HP\Common\ install source: C:\WINDOWS\Downloaded Installations\{3ED77CC5-54D9-4067-BC5C-BEA2239FC183}\ uninstall cmd: MsiExec.exe /I{CAE7D1D9-3794-4169-B4DD-964ADBC534EE} publisher: Hewlett-Packard Company Bazooka Scanner ({CB0888EE-96D8-4713-84DC-36462C33AEB4}) install date: 10/30/2005 install location: C:\Program Files\Security\AntiSpyware\Bazooka Scanner install source: C:\Documents and Settings\Administrator.solutions\My Documents\Downloads uninstall cmd: "C:\Program Files\Security\AntiSpyware\Bazooka Scanner\Uninstall.exe" "C:\Program Files\Security\AntiSpyware\Bazooka Scanner\install.log" publisher: Kephyr Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) version: 16847074 version (major): 1 version (minor): 1 estimated size: 75255 install date: 20070718 install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\IXP000.TMP\ uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} publisher: Microsoft readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm ESSAdpt 3.01.0001.0001 ({D15E9DB5-6BEB-4534-901E-80C0A29BAB97}) version: 50397185 version (major): 3 version (minor): 1 estimated size: 458 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Sysext\Essadpt\ uninstall cmd: MsiExec.exe /I{D15E9DB5-6BEB-4534-901E-80C0A29BAB97} publisher: Eastman Kodak Company comments: _ contact: Customer Support Department help link: _ help telephone: _ Kodak EasyShare software ({D32470A1-B10C-4059-BA53-CF0486F68EBC}) uninstall cmd: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_3c0002_1c34218\Setup.exe /APR-REMOVE publisher: Eastman Kodak Company Memeo AutoBackup 1.90.2096 ({D62B60DA-774F-41BD-8E6F-96FECFDB0F89}) version: 22677552 version (major): 1 version (minor): 90 estimated size: 15328 install date: 20071013 install location: C:\Program Files\Tanagra\Memeo\ install source: C:\WINDOWS\Downloaded Installations\{3D15D80D-4783-4F20-8C64-533ACEB15960}\ publisher: Memeo Apple Mobile Device Support 1.1.3.26 ({D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}) version: 16842755 version (major): 1 version (minor): 1 estimated size: 34766 install date: 20080218 install location: C:\Program Files\Common Files\Apple\Mobile Device Support\ install source: C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4} publisher: Apple Inc. contact: AppleCare Support help link: http://www.apple.com/support/ help telephone: 1-800-275-2273 ({EA61CE20-860C-11D3-A05D-00104B6909D0}) Toolbox 1.00.0000 ({F1CD25A0-5401-40B2-BAA9-E267408B16DF}) version: 16777216 version (major): 1 estimated size: 5678 install date: 20070328 install source: C:\Documents and Settings\Administrator.solutions\Local Settings\Temp\ojprok550ENsetup\setup\Software\ publisher: Hewlett-Packard OTtBP 3.00.0007.0000 ({F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}) version: 50331655 version (major): 3 estimated size: 814 install date: 20060425 install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\OTTBP\ uninstall cmd: MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C} publisher: Eastman Kodak Company comments: Your Comments contact: Customer Support Department help link: http://www.yourcompany.com/help help telephone: 1-555-555-4505 ({F90DA605-4E92-11D4-A319-00104BCAB4AB}) HighMAT Extension to Microsoft Windows XP CD Writing Wizard 1.1.1905.1 ({FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}) version: 16844657 version (major): 1 version (minor): 1 estimated size: 2182 install date: 20051105 install location: C:\Program Files\HighMAT CD Writing Wizard\ install source: C:\WINDOWS\Downloaded Installations\{FD2229AC-448F-4803-A1F3-84960C10E61D}\ uninstall cmd: MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} publisher: Microsoft Corporation readme: C:\Program Files\HighMAT CD Writing Wizard\1033\\HighMAT_readme.htm --- System Services --- Service (registry key): .NET CLR Data Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NET CLR Networking Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NET Data Provider for Oracle Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NET Data Provider for SqlServer Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NETFramework Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Abiosdsk Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 0 Service (registry key): abp480n5 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: abp480n5 Image path: \SystemRoot\system32\DRIVERS\ABP480N5.SYS Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ACPI Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft ACPI Driver Image path: system32\DRIVERS\ACPI.sys Image size: 187776 Image MD5: 8FD99680A539792A30E97944FDAECF17 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): ACPIEC Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): adpu160m Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: adpu160m Image path: \SystemRoot\system32\DRIVERS\adpu160m.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): aeaudio Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\drivers\aeaudio.sys Image size: 4816 Image MD5: 11C04B17ED2ABBB4833694BCD644AC90 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): aec Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Kernel Acoustic Echo Canceller Image path: system32\drivers\aec.sys Image size: 142592 Image MD5: 8BED39E3C35D6A489438B8141717A557 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): AFD Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AFD Description: AFD Networking Support Environment Image path: \SystemRoot\System32\drivers\afd.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): agp440 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Intel AGP Bus Filter Image path: \SystemRoot\system32\DRIVERS\agp440.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): agpCPQ Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Compaq AGP Bus Filter Image path: \SystemRoot\system32\DRIVERS\agpCPQ.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Aha154x Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Aha154x Image path: \SystemRoot\system32\DRIVERS\aha154x.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): aic78u2 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: aic78u2 Image path: \SystemRoot\system32\DRIVERS\aic78u2.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): aic78xx Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: aic78xx Image path: \SystemRoot\system32\DRIVERS\aic78xx.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Alerter Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Alerter Description: Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): ALG Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Application Layer Gateway Service Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\alg.exe Image size: 44544 Image MD5: 8C515081584A38AA007909CD02020B3D Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): AliIde Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AliIde Image path: \SystemRoot\system32\DRIVERS\aliide.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): alim1541 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ALI AGP Bus Filter Image path: \SystemRoot\system32\DRIVERS\alim1541.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): amdagp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AMD AGP Bus Filter Driver Image path: \SystemRoot\system32\DRIVERS\amdagp.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): amsint Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: amsint Image path: \SystemRoot\system32\DRIVERS\amsint.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Apple Mobile Device Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Apple Mobile Device Description: Provides the interface to Apple mobile devices. Object name: LocalSystem Image path: "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" Image size: 110592 Image MD5: 3A4982DF893F198A2DFBCCD4CE10F93A Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: Tcpip Service (registry key): AppMgmt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Application Management Description: Provides software installation services such as Assign, Publish, and Remove. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): asc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: asc Image path: \SystemRoot\system32\DRIVERS\asc.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): asc3350p Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: asc3350p Image path: \SystemRoot\system32\DRIVERS\asc3350p.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): asc3550 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: asc3550 Image path: \SystemRoot\system32\DRIVERS\asc3550.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ASP.NET Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ASP.NET_1.1.4322 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ASP.NET_2.0.50727 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): aspnet_state Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ASP.NET State Service Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe Image size: 33800 Image MD5: 4EABF511B1AF176A971C3271E48FA3A8 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): AsyncMac Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: RAS Asynchronous Media Driver Description: RAS Asynchronous Media Driver Image path: system32\DRIVERS\asyncmac.sys Image size: 14336 Image MD5: B153AFFAC761E7F5FCFA822B9C4E97BC Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): atapi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Standard IDE/ESDI Hard Disk Controller Image path: system32\DRIVERS\atapi.sys Image size: 96512 Image MD5: 9F3A2F5AA6875C72BF062C712CFA2674 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): Atdisk Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 0 Service (registry key): Atmarpc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ATM ARP Client Protocol Description: ATM ARP Client Protocol Image path: system32\DRIVERS\atmarpc.sys Image size: 59904 Image MD5: 9916C1225104BA14794209CFA8012159 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): AudioSrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Audio Description: Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: PlugPlay,RpcSs Service (registry key): audstub Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Audio Stub Driver Image path: system32\DRIVERS\audstub.sys Image size: 3072 Image MD5: D9F724AA26C010A217C97606B160ED68 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): BattC Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Beep Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): BITS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Background Intelligent Transfer Service Description: Transfers files in the background using idle network bandwidth. If the service is stopped, features such as Windows Update, and MSN Explorer will be unable to automatically download programs and other information. If this service is disabled, any services that explicitly depend on it may fail to transfer files if they do not have a fail safe mechanism to transfer files directly through IE in case BITS has been disabled. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: Rpcss Service (registry key): BMUService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Memeo Description: Memeo protects your files by backing them up while you work. If this service is disabled, Memeo will not be able to protect your data. Object name: LocalSystem Image path: "C:\Program Files\Tanagra\Memeo\MemeoService.exe" Image size: 192512 Image MD5: ACE1830AA4BFF102BA17E7754F258F1A Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 1 Service (registry key): Browser Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Computer Browser Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation,LanmanServer Service (registry key): cbidf Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: cbidf Image path: \SystemRoot\system32\DRIVERS\cbidf2k.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): cbidf2k Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): cd20xrnt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: cd20xrnt Image path: \SystemRoot\system32\DRIVERS\cd20xrnt.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Cdaudio Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): Cdfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 2 Error Control: 1 Depends On group: "SCSI CDROM Class" Service (registry key): Cdrom Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: CD-ROM Driver Image path: system32\DRIVERS\cdrom.sys Image size: 62976 Image MD5: 1F4260CC5B42272D71F79E570A27A4FE Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Depends On group: "SCSI miniport" Service (registry key): Changer Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): CiSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Indexing Service Description: Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language. Object name: LocalSystem Image path: %SystemRoot%\system32\cisvc.exe Image size: 5632 Image MD5: 1CFE720EB8D93A7158A4EBC3AB178BDE Control Set: CurrentControlSet Start: 3 Type: 288 Error Control: 1 Depends On services: RPCSS Service (registry key): ClipSrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ClipBook Description: Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\clipsrv.exe Image size: 33280 Image MD5: 34CBE729F38138217F9C80212A2A0C82 Control Set: CurrentControlSet Start: 4 Type: 16 Error Control: 1 Depends On services: NetDDE Service (registry key): clr_optimization_v2.0.50727_32 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: .NET Runtime Optimization Service v2.0.50727_X86 Description: Microsoft .NET Framework NGEN Object name: LocalSystem Image path: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe Image size: 70144 Image MD5: 234B1BC2796483E1F5C3F26649FB3388 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 0 Service (registry key): CmdIde Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: CmdIde Image path: \SystemRoot\system32\DRIVERS\cmdide.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Compbatt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Composite Battery Driver Image path: system32\DRIVERS\compbatt.sys Image size: 10240 Image MD5: 6E4C9F21F0FAE8940661144F41B13203 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): COMSysApp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: COM+ System Application Description: Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} Image size: 5120 Image MD5: 0A9BA6AF531AFE7FA5E4FB973852D863 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: rpcss Service (registry key): ContentFilter Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ContentIndex Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Cpqarray Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Cpqarray Image path: \SystemRoot\system32\DRIVERS\cpqarray.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): CryptSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Cryptographic Services Description: Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): dac2w2k Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: dac2w2k Image path: \SystemRoot\system32\DRIVERS\dac2w2k.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): dac960nt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: dac960nt Image path: \SystemRoot\system32\DRIVERS\dac960nt.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): DCA Health Check Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: DCA Health Check Object name: LocalSystem Image path: C:\Program Files\Data Collector Agent\support\DCAServiceHC.exe Image size: 40960 Image MD5: 384A60C53B3719396975D9F3CF61D4F2 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 2 Service (registry key): DCA Service Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: DCA Service Description: DCA Service 3.1.11 Object name: LocalSystem Image path: C:\Program Files\Data Collector Agent\DCAService.exe Image size: 2232320 Image MD5: 919C1D1CF1D5D1305DC7E603647948E1 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 2 Service (registry key): DcomLaunch Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: DCOM Server Process Launcher Description: Provides launch functionality for DCOM services. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost -k DcomLaunch Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): DefWatch Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: DefWatch Object name: LocalSystem Image path: C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe Image size: 32768 Image MD5: F8146A2B29866884A6C785FF40EB38A9 Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 0 Service (registry key): Dhcp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: DHCP Client Description: Manages network configuration by registering and updating IP addresses and DNS names. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: Tcpip,Afd,NetBT Service (registry key): Disk Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Disk Driver Image path: system32\DRIVERS\disk.sys Image size: 36352 Image MD5: 044452051F3E02E7963599FC8F4F3E25 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Depends On group: "SCSI miniport" Service (registry key): dmadmin Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Logical Disk Manager Administrative Service Description: Configures hard disk drives and volumes. The service only runs for configuration processes and then stops. Object name: LocalSystem Image path: %SystemRoot%\System32\dmadmin.exe /com Image size: 224768 Image MD5: E46050330BD42F33609117F861E32D3C Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs,PlugPlay,DmServer Service (registry key): dmboot Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\drivers\dmboot.sys Image size: 799744 Image MD5: D992FE1274BDE0F84AD826ACAE022A41 Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): dmio Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Logical Disk Manager Driver Image path: System32\drivers\dmio.sys Image size: 153344 Image MD5: 7C824CF7BBDE77D95C08005717A95F6F Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): dmload Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\drivers\dmload.sys Image size: 5888 Image MD5: E9317282A63CA4D188C0DF5E09C6AC5F Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): dmserver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Logical Disk Manager Description: Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs,PlugPlay Service (registry key): DMusic Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Kernel DLS Syntheiszer Image path: system32\drivers\DMusic.sys Image size: 52864 Image MD5: 8A208DFCF89792A484E76C40E5F50B45 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Dnscache Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: DNS Client Description: Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\system32\svchost.exe -k NetworkService Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: Tcpip Service (registry key): Dot3svc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Wired AutoConfig Description: This service performs IEEE 802.1X authentication on Ethernet interfaces Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k dot3svc Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: Ndisuio,eaphost Service (registry key): dpti2o Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: dpti2o Image path: \SystemRoot\system32\DRIVERS\dpti2o.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): drmkaud Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Kernel DRM Audio Descrambler Image path: system32\drivers\drmkaud.sys Image size: 2944 Image MD5: 8F5FCFF8E8848AFAC920905FBD9D33C8 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): drvmcdb Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\drivers\drvmcdb.sys Image size: 87488 Image MD5: E814854E6B246CCF498874839AB64D77 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 0 Service (registry key): drvncdb Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): drvnddm Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\drivers\drvnddm.sys Image size: 40480 Image MD5: EE83A4EBAE70BC93CF14879D062F548B Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): E100B Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Intel(R) PRO Network Connection Driver Image path: system32\DRIVERS\e100b325.sys Image size: 155648 Image MD5: 95974E66D3DE4951D29E28E8BC0B644C Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): EapHost Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Extensible Authentication Protocol Service Description: Provides windows clients Extensible Authentication Protocol Service Object name: localSystem Image path: %SystemRoot%\System32\svchost.exe -k eapsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): eeCtrl Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Symantec Eraser Control driver Image path: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys Image size: 385072 Image MD5: E89CC1363CB7F5320AE3B41C1333D0C3 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Depends On services: FltMgr Service (registry key): ERSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Error Reporting Service Description: Allows error reporting for services and applictions running in non-standard environments. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Depends On services: RpcSs Service (registry key): Evb53 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\Drivers\Evb53.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 0 Service (registry key): Eventlog Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Event Log Description: Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped. Object name: LocalSystem Image path: %SystemRoot%\system32\services.exe Image size: 108544 Image MD5: 0E776ED5F7CC9F94299E70461B7B8185 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): EventSystem Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: COM+ Event System Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: C:\WINDOWS\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): Fastfat Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 2 Error Control: 1 Service (registry key): FastUserSwitchingCompatibility Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Fast User Switching Compatibility Description: Provides management for applications that require assistance in a multiple user environment. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: TermService Service (registry key): Fax Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Fax Description: Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network. Object name: LocalSystem Image path: %systemroot%\system32\fxssvc.exe Image size: 267776 Image MD5: E97D6A8684466DF94FF3BC24FB787A07 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: TapiSrv,RpcSs,PlugPlay,Spooler Service (registry key): Fdc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Floppy Disk Controller Driver Image path: system32\DRIVERS\fdc.sys Image size: 27392 Image MD5: 92CDD60B6730B9F50F6A1A0C1F8CDC81 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Fips Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): Flpydisk Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Floppy Disk Driver Image path: system32\DRIVERS\flpydisk.sys Image size: 20480 Image MD5: 9D27E7B80BFCDF1CDD9B555862D5E7F0 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): FltMgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: FltMgr Description: File System Filter Manager Driver Image path: system32\drivers\fltmgr.sys Image size: 129792 Image MD5: B2CF4B0786F8212CB92ED2B50C6DB6B0 Control Set: CurrentControlSet Start: 0 Type: 2 Error Control: 1 Service (registry key): Fs_Rec Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 8 Error Control: 0 Service (registry key): Ftdisk Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Volume Manager Driver Image path: system32\DRIVERS\ftdisk.sys Image size: 125056 Image MD5: 6AC26732762483366C3969C9E4D2259D Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): FVScheduler Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: FTP Voyager Scheduler Description: Allows you to schedule file transfers using FTP. Object name: LocalSystem Image path: C:\Program Files\Network\File Transfer\FTP Voyager\FVScheduler.exe -service Image size: 634880 Image MD5: A6AA48AC81236ADC6DF7BFDC908199F6 Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 1 Service (registry key): GEARAspiWDM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: GEARAspiWDM Image path: System32\Drivers\GEARAspiWDM.sys Image size: 15664 Image MD5: 4AC51459805264AFFD5F6FDFB9D9235F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): GhPostConfig Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Ghost Post-Configuration Driver Image path: System32\drivers\ghpcw2k.sys Image size: 323132 Image MD5: 5B1A83921CFBE754BCE91F9CC1890CF1 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 0 Service (registry key): GhPostConfig_Auto Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: GhostPostConfig - Auto Phase Driver Image path: \SystemRoot\System32\drivers\ghpcw2k.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 2 Type: 1 Error Control: 0 Service (registry key): Gpc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Generic Packet Classifier Description: Generic Packet Classifier Image path: system32\DRIVERS\msgpc.sys Image size: 35072 Image MD5: 0A02C63C8B144BD8C86B103DEE7C86A2 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Gvb33 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\Drivers\Gvb33.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 0 Service (registry key): helpsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Help and Support Description: Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): HidBatt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: HID UPS Battery Driver Image path: system32\DRIVERS\HidBatt.sys Image size: 20352 Image MD5: 748031FF4FE45CCC47546294905FEAB8 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): HidServ Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: HID Input Service Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): HidUsb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft HID Class Driver Image path: system32\DRIVERS\hidusb.sys Image size: 10368 Image MD5: CCF82C5EC8A7326C3066DE870C06DAF1 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): hkmsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Health Key and Certificate Management Service Description: Manages health certificates and keys (used by NAP) Object name: localSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): hpn Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: hpn Image path: \SystemRoot\system32\DRIVERS\hpn.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): HTTP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: HTTP Description: This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start. Image path: System32\Drivers\HTTP.sys Image size: 264832 Image MD5: F6AACF5BCE2893E0C1754AFEB672E5C9 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): HTTPFilter Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: HTTP SSL Description: This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k HTTPFilter Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: HTTP Service (registry key): i2omgmt Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): i2omp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: i2omp Image path: \SystemRoot\system32\DRIVERS\i2omp.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): i8042prt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: i8042 Keyboard and PS/2 Mouse Port Driver Image path: system32\DRIVERS\i8042prt.sys Image size: 52480 Image MD5: 4A0B06AA8943C1E332520F7440C0AA30 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): ialm Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\ialmnt5.sys Image size: 1302332 Image MD5: 9A883C3C4D91292C0D09DE7C728E781C Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): Iap Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Iap Object name: LocalSystem Image path: "C:\Program Files\Dell\OpenManage\Client\Iap.exe" Image size: 155648 Image MD5: BE9A7EE5BFCFE8E3F11C98B892D8FEF5 Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 0 Depends On services: RPCSS Service (registry key): IDriverT Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: InstallDriver Table Manager Description: Provides support for the Running Object Table for InstallShield Drivers Object name: LocalSystem Image path: "C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe" Image size: 69632 Image MD5: DAF66902F08796F9C694901660E5A64A Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 0 Service (registry key): Iks20 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\Drivers\Iks20.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 0 Service (registry key): ILADFtmi Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Imapi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: CD-Burning Filter Driver Image path: system32\DRIVERS\imapi.sys Image size: 42112 Image MD5: 083A052659F5310DD8B6A6CB05EDCF8E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): ImapiService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IMAPI CD-Burning COM Service Description: Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: C:\WINDOWS\system32\imapi.exe Image size: 150528 Image MD5: 30DEAF54A9755BB8546168CFE8A6B5E1 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): inetaccs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ini910u Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ini910u Image path: \SystemRoot\system32\DRIVERS\ini910u.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Inport Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): IntelIde Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\intelide.sys Image size: 5504 Image MD5: B5466A9250342A7AA0CD1FBA13420678 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): intelppm Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Intel Processor Driver Image path: system32\DRIVERS\intelppm.sys Image size: 36352 Image MD5: 8C953733D8F36EB2133F5BB58808B66B Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): Ip6Fw Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IPv6 Windows Firewall Driver Description: Provides intrusion prevention service for a home or small office network. Image path: system32\drivers\ip6fw.sys Image size: 36608 Image MD5: 3BB22519A194418D5FEC05D800A19AD0 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): IpFilterDriver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IP Traffic Filter Driver Description: IP Traffic Filter Driver Image path: system32\DRIVERS\ipfltdrv.sys Image size: 32896 Image MD5: 731F22BA402EE4B62748ADAF6363C182 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): IpInIp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IP in IP Tunnel Driver Description: IP in IP Tunnel Driver Image path: system32\DRIVERS\ipinip.sys Image size: 20864 Image MD5: B87AB476DCF76E72010632B5550955F5 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): IpNat Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IP Network Address Translator Description: IP Network Address Translator Image path: system32\DRIVERS\ipnat.sys Image size: 152832 Image MD5: CC748EA12C6EFFDE940EE98098BF96BB Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): iPod Service Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: iPod Service Description: iPod hardware management services Object name: LocalSystem Image path: "C:\Program Files\iPod\bin\iPodService.exe" Image size: 504104 Image MD5: E1BD28CA09EE8F30E8EDBD6C19F5579D Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RpcSs Service (registry key): IPSec Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IPSEC driver Description: IPSEC driver Image path: system32\DRIVERS\ipsec.sys Image size: 75264 Image MD5: 23C74D75E36E7158768DD63D92789A91 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): IRENUM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IR Enumerator Service Image path: system32\DRIVERS\irenum.sys Image size: 11264 Image MD5: C93C9FF7B04D772627A3646D89F7BF89 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): ISAPISearch Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): isapnp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: PnP ISA/EISA Bus Driver Image path: system32\DRIVERS\isapnp.sys Image size: 37248 Image MD5: 05A299EC56E52649B1CF2FC52D20F2D7 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): Kbdclass Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Keyboard Class Driver Image path: system32\DRIVERS\kbdclass.sys Image size: 24576 Image MD5: 463C1EC80CD17420A542B7F36A36F128 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): kbdhid Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Keyboard HID Driver Image path: system32\DRIVERS\kbdhid.sys Image size: 14592 Image MD5: 9EF487A186DEA361AA06913A75B3FA99 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): kmixer Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Kernel Wave Audio Mixer Image path: system32\drivers\kmixer.sys Image size: 172416 Image MD5: 692BCF44383D056AED41B045A323D378 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): KSecDD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): lanmanserver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Server Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): lanmanworkstation Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Workstation Description: Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): lbrtfdc Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): ldap Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): LicenseService Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): LmHosts Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: TCP/IP NetBIOS Helper Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: NetBT,Afd Service (registry key): MDM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Machine Debug Manager Description: Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly. Object name: LocalSystem Image path: "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE" Image size: 322120 Image MD5: 11F714F85530A2BD134074DC30E99FCA Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 1 Depends On services: RPCSS Service (registry key): Messenger Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Messenger Description: Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation,NetBIOS,PlugPlay,RpcSS Service (registry key): mnmdd Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): mnmsrvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NetMeeting Remote Desktop Sharing Description: Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: C:\WINDOWS\system32\mnmsrvc.exe Image size: 32768 Image MD5: D18F1F0C101D06A1C1ADF26EED16FCDD Control Set: CurrentControlSet Start: 3 Type: 272 Error Control: 1 Service (registry key): Modem Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): Mouclass Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Mouse Class Driver Image path: system32\DRIVERS\mouclass.sys Image size: 23040 Image MD5: 35C9E97194C8CFB8430125F8DBC34D04 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): mouhid Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Mouse HID Driver Image path: system32\DRIVERS\mouhid.sys Image size: 12160 Image MD5: B1C303E17FB9D46E87A98E4BA6769685 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): MountMgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Mount Point Manager Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): mraid35x Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: mraid35x Image path: \SystemRoot\system32\DRIVERS\mraid35x.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): MRxDAV Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WebDav Client Redirector Description: WebDav Client Redirector Image path: system32\DRIVERS\mrxdav.sys Image size: 180608 Image MD5: 11D42BB6206F33FBB3BA0288D3EF81BD Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Service (registry key): MRxSmb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: MRXSMB Description: MRXSMB Image path: system32\DRIVERS\mrxsmb.sys Image size: 456576 Image MD5: 68755F0FF16070178B54674FE5B847B0 Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): MSDTC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Distributed Transaction Coordinator Description: Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT AUTHORITY\NetworkService Image path: C:\WINDOWS\system32\msdtc.exe Image size: 6144 Image MD5: A137F1470499A205ABBB9AAFB3B6F2B1 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS,SamSS Service (registry key): Msfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): MSIServer Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Installer Description: Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: C:\WINDOWS\system32\msiexec.exe /V Image size: 78848 Image MD5: 5879D691E842574A20FE63817CB76DF9 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): MSKSSRV Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Streaming Service Proxy Image path: system32\drivers\MSKSSRV.sys Image size: 7552 Image MD5: D1575E71568F4D9E14CA56B7B0453BF1 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): MSPCLOCK Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Streaming Clock Proxy Image path: system32\drivers\MSPCLOCK.sys Image size: 5376 Image MD5: 325BB26842FC7CCC1FCCE2C457317F3E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): MSPQM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Streaming Quality Manager Proxy Image path: system32\drivers\MSPQM.sys Image size: 4992 Image MD5: BAD59648BA099DA4A17680B39730CB3D Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): mssmbios Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft System Management BIOS Driver Image path: system32\DRIVERS\mssmbios.sys Image size: 15488 Image MD5: AF5F4F3F14A8EA2C26DE30F7A1E17136 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): MSSQL$MICROSOFTBCM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: MSSQL$MICROSOFTBCM Object name: LocalSystem Image path: C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe -sMICROSOFTBCM Image size: 7544916 Image MD5: 1251256FEFC2B00A7BD603578241F0AD Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Service (registry key): MSSQLServerADHelper Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: MSSQLServerADHelper Object name: LocalSystem Image path: C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe Image size: 66112 Image MD5: CB7524C21727404BD3140DCA32DEB7DE Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): Mup Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Mup Control Set: CurrentControlSet Start: 0 Type: 2 Error Control: 1 Service (registry key): napagent Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Network Access Protection Agent Description: Allows windows clients to participate in Network Access Protection Object name: localSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): NAVAP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NAVAP Image path: \??\C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVAP.sys Image size: 224256 Image MD5: 37AC23B6A5FF044F9B84D14A4008556E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NAVAPEL Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NAVAPEL Image path: \??\C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS Image size: 30208 Image MD5: 287085EDFB3EAAD31B75F137B644994D Control Set: CurrentControlSet Start: 2 Type: 1 Error Control: 1 Service (registry key): NAVENG Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NAVENG Image path: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080908.036\NAVENG.sys Image size: 89104 Image MD5: D8F9E712479F2F8DC8C3524A62365F95 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NAVEX15 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NAVEX15 Image path: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080908.036\NAVEX15.sys Image size: 873552 Image MD5: 0B127BBE41300DEDE016E86E47329CDD Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NDIS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NDIS System Driver Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): NdisTapi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Remote Access NDIS TAPI Driver Description: Remote Access NDIS TAPI Driver Image path: system32\DRIVERS\ndistapi.sys Image size: 10112 Image MD5: 1AB3D00C991AB086E69DB84B6C0ED78F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Ndisuio Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NDIS Usermode I/O Protocol Description: NDIS Usermode I/O Protocol Image path: system32\DRIVERS\ndisuio.sys Image size: 14592 Image MD5: F927A4434C5028758A842943EF1A3849 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NdisWan Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Remote Access NDIS WAN Driver Description: Remote Access NDIS WAN Driver Image path: system32\DRIVERS\ndiswan.sys Image size: 91520 Image MD5: EDC1531A49C80614B2CFDA43CA8659AB Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NDProxy Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NetBIOS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NetBIOS Interface Description: NetBIOS Interface Image path: system32\DRIVERS\netbios.sys Image size: 34688 Image MD5: 5D81CF9A2F1A3A756B66CF684911CDF0 Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): NetBT Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NetBios over Tcpip Description: NetBios over Tcpip Image path: system32\DRIVERS\netbt.sys Image size: 162816 Image MD5: 74B2B2F5BEA5E9A3DC021D685551BD3D Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): NetDDE Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Network DDE Description: Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\netdde.exe Image size: 111104 Image MD5: B857BA82860D7FF85AE29B095645563B Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Depends On services: NetDDEDSDM Service (registry key): NetDDEdsdm Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Network DDE DSDM Description: Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\netdde.exe Image size: 111104 Image MD5: B857BA82860D7FF85AE29B095645563B Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Service (registry key): Netlogon Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Net Logon Description: Supports pass-through authentication of account logon events for computers in a domain. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: BF2466B3E18E970D8A976FB95FC1CA85 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): Netman Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Network Connections Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 288 Error Control: 1 Depends On services: RpcSs Service (registry key): NetSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Intel NCS NetService Object name: LocalSystem Image path: C:\Program Files\Intel\NCS\Sync\NetSvc.exe Image size: 143360 Image MD5: 737351F39FEF765234037770ABDD72BD Control Set: CurrentControlSet Start: 3 Type: 272 Error Control: 1 Depends On services: RPCSS Service (registry key): NGClient Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Symantec Ghost Client Agent Object name: LocalSystem Image path: C:\Program Files\SYMANTEC\Ghost\NGCTW32.EXE Image size: 651119 Image MD5: F560A0E9748FD5667D999FBA55C1033C Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 1 Service (registry key): Nla Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Network Location Awareness (NLA) Description: Collects and stores network configuration and location information, and notifies applications when this information changes. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: Tcpip,Afd Service (registry key): Norton AntiVirus Server Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Symantec AntiVirus Client Description: Provides real-time virus scanning, reporting, and management functionality for Symantec Client Security. Object name: LocalSystem Image path: C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe Image size: 610304 Image MD5: AC37351CEF1D50C3010B04A73B27665C Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 0 Service (registry key): Npfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): Ntfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 2 Error Control: 1 Service (registry key): NtLmSsp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NT LM Security Support Provider Description: Provides security to remote procedure call (RPC) programs that use transports other than named pipes. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: BF2466B3E18E970D8A976FB95FC1CA85 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): NtmsSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Removable Storage Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): Null Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): nv Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\nv4_mini.sys Image size: 1897408 Image MD5: 2B298519EDBFCF451D43E0F1E8F1006D Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): NwlnkFlt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IPX Traffic Filter Driver Description: IPX Traffic Filter Driver Image path: system32\DRIVERS\nwlnkflt.sys Image size: 12416 Image MD5: B305F3FAD35083837EF46A0BBCE2FC57 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: NwlnkFwd Service (registry key): NwlnkFwd Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IPX Traffic Forwarder Driver Description: IPX Traffic Forwarder Driver Image path: system32\DRIVERS\nwlnkfwd.sys Image size: 32512 Image MD5: C99B3415198D1AAB7227F2C88FD664B9 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): omci Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: OMCI WDM Device Driver Image path: system32\DRIVERS\omci.sys Image size: 17153 Image MD5: B17228142CEC9B3C222239FD935A37CA Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): OpenSSHd Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: OpenSSH Server Object name: LocalSystem Image path: C:\Program Files\Network\SSH\OpenSSH\bin\cygrunsrv.exe Image size: 36864 Image MD5: 3D70B0630342132EBC1FF5CFF483E6C0 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: Tcpip Service (registry key): ose Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Office Source Engine Description: Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports. Object name: LocalSystem Image path: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" Image size: 89136 Image MD5: 7A56CF3E3F12E8AF599963B16F50FB6A Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): Outlook Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Parport Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Parallel port driver Image path: system32\DRIVERS\parport.sys Image size: 80128 Image MD5: 5575FAF8F97CE5E713D108C2A58D7C7C Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): PartMgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Partition Manager Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): ParVdm Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 0 Depends On services: Parport Depends On group: "Parallel arbitrator" Service (registry key): PCI Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: PCI Bus Driver Image path: system32\DRIVERS\pci.sys Image size: 68224 Image MD5: A219903CCF74233761D92BEF471A07B1 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): PCIDump Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): PCIIde Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\pciide.sys Image size: 3328 Image MD5: CCF5F451BB1A5A2A522A76E670000FF0 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): Pcmcia Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): PDCOMP Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): Pdf82 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\Drivers\Pdf82.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 0 Service (registry key): PDFRAME Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): PDRELI Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): PDRFRAME Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): perc2 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: perc2 Image path: \SystemRoot\system32\DRIVERS\perc2.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): perc2hib Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: perc2hib Image path: \SystemRoot\system32\DRIVERS\perc2hib.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): PerfDisk Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfNet Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfOS Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfProc Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PGPdisk Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 2 Type: 1 Error Control: 1 Service (registry key): PGPsdkDriver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: PGPsdkDriver Image path: System32\Drivers\PGPsdk.sys Image size: 26624 Image MD5: 760FFB62E0755467EB3034F129470571 Control Set: CurrentControlSet Start: 2 Type: 1 Error Control: 1 Service (registry key): PGPsdkServ Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: PGPsdkService Description: Manages public key operations between PGP modules. Object name: LocalSystem Image path: C:\WINDOWS\system32\PGPsdkServ.exe Image size: 77824 Image MD5: 0D668B84F9747036798675D9186D99DF Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 1 Depends On services: RpcSs Service (registry key): PlugPlay Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Plug and Play Description: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability. Object name: LocalSystem Image path: %SystemRoot%\system32\services.exe Image size: 108544 Image MD5: 0E776ED5F7CC9F94299E70461B7B8185 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): Point32 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft IntelliPoint Filter Driver Image path: system32\DRIVERS\point32.sys Image size: 20352 Image MD5: E4910CE9D882BF825979FCF4636A9BD8 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): PolicyAgent Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IPSEC Services Description: Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: BF2466B3E18E970D8A976FB95FC1CA85 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS,Tcpip,IPSec Service (registry key): PptpMiniport Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WAN Miniport (PPTP) Description: WAN Miniport (PPTP) Image path: system32\DRIVERS\raspptp.sys Image size: 48384 Image MD5: EFEEC01B1D3CF84F16DDD24D9D9D8F99 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): ProtectedStorage Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Protected Storage Description: Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: BF2466B3E18E970D8A976FB95FC1CA85 Control Set: CurrentControlSet Start: 2 Type: 288 Error Control: 1 Depends On services: RpcSs Service (registry key): PSched Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: QoS Packet Scheduler Description: QoS Packet Scheduler Image path: system32\DRIVERS\psched.sys Image size: 69120 Image MD5: 09298EC810B07E5D582CB3A3F9255424 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Gpc Service (registry key): Ptilink Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Direct Parallel Link Driver Description: Direct Parallel Link Driver Image path: system32\DRIVERS\ptilink.sys Image size: 17792 Image MD5: 80D317BD1C3DBC5D4FE7B1678C60CADD Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): PxHelp20 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: PxHelp20 Image path: System32\Drivers\PxHelp20.sys Image size: 20576 Image MD5: 30CBAE0A34359F1CD19D1576245149ED Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): ql1080 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ql1080 Image path: \SystemRoot\system32\DRIVERS\ql1080.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Ql10wnt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Ql10wnt Image path: \SystemRoot\system32\DRIVERS\ql10wnt.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ql12160 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ql12160 Image path: \SystemRoot\system32\DRIVERS\ql12160.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ql1240 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ql1240 Image path: \SystemRoot\system32\DRIVERS\ql1240.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ql1280 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ql1280 Image path: \SystemRoot\system32\DRIVERS\ql1280.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Qqv77 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\Drivers\Qqv77.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 0 Service (registry key): RasAcd Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Remote Access Auto Connection Driver Description: Remote Access Auto Connection Driver Image path: system32\DRIVERS\rasacd.sys Image size: 8832 Image MD5: FE0D99D6F31E4FAD8159F690D68DED9C Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): RasAuto Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Remote Access Auto Connection Manager Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RasMan,Tapisrv Service (registry key): Rasl2tp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WAN Miniport (L2TP) Description: WAN Miniport (L2TP) Image path: system32\DRIVERS\rasl2tp.sys Image size: 51328 Image MD5: 11B4A627BC9614B885C4969BFA5FF8A6 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): RasMan Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Remote Access Connection Manager Description: Creates a network connection. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: Tapisrv Service (registry key): RasPppoe Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Remote Access PPPOE Driver Description: Remote Access PPPOE Driver Image path: system32\DRIVERS\raspppoe.sys Image size: 41472 Image MD5: 5BC962F2654137C9909C3D4603587DEE Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Raspti Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Direct Parallel Description: Direct Parallel Image path: system32\DRIVERS\raspti.sys Image size: 16512 Image MD5: FDBB1D60066FCFBB7452FD8F9829B242 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Rdbss Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Rdbss Description: Rdbss Image path: system32\DRIVERS\rdbss.sys Image size: 175744 Image MD5: 7AD224AD1A1437FE28D89CF22B17780A Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): RDPCDD Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\DRIVERS\RDPCDD.sys Image size: 4224 Image MD5: 4912D5B403614CE99C28420F75353332 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): RDPDD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): rdpdr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Terminal Server Device Redirector Driver Image path: system32\DRIVERS\rdpdr.sys Image size: 196224 Image MD5: 15CABD0F7C00C47C70124907916AF3F1 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): RDPNP Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): RDPWD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): Rdr Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): RDSessMgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Remote Desktop Help Session Manager Description: Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box. Object name: LocalSystem Image path: C:\WINDOWS\system32\sessmgr.exe Image size: 141312 Image MD5: 3C37BF86641BDA977C3BF8A840F3B7FA Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): redbook Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Digital CD Audio Playback Filter Driver Image path: system32\DRIVERS\redbook.sys Image size: 57600 Image MD5: F828DD7E1419B6653894A8F97A0094C5 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): RemoteAccess Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Routing and Remote Access Description: Offers routing services to businesses in local area and wide area network environments. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Depends On services: RpcSS Depends On group: NetBIOSGroup Service (registry key): RemoteRegistry Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Remote Registry Description: Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): RpcLocator Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Remote Procedure Call (RPC) Locator Description: Manages the RPC name service database. Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\system32\locator.exe Image size: 75264 Image MD5: AAED593F84AFA419BBAE8572AF87CF6A Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): RpcSs Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Remote Procedure Call (RPC) Description: Provides the endpoint mapper and other miscellaneous RPC services. Object name: NT Authority\NetworkService Image path: %SystemRoot%\system32\svchost -k rpcss Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): RSVP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: QoS RSVP Description: Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets. Object name: LocalSystem Image path: %SystemRoot%\system32\rsvp.exe Image size: 132608 Image MD5: 471B3F9741D762ABE75E9DEEA4787E47 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: TcpIp,Afd,RpcSs Service (registry key): SamSs Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Security Accounts Manager Description: Stores security information for local user accounts. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: BF2466B3E18E970D8A976FB95FC1CA85 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): SCardSvr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Smart Card Description: Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\SCardSvr.exe Image size: 95744 Image MD5: 86D007E7A654B9A71D1D7D856B104353 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 0 Depends On services: PlugPlay Service (registry key): Schedule Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Task Scheduler Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): ScsiAccess Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ScsiAccess Object name: LocalSystem Image path: C:\WINDOWS\system32\ScsiAccess.EXE Image size: 181312 Image MD5: ED9C5CF6CC611EC8AC4A77C3F58F0601 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Service (registry key): ScsiPort Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: %SystemRoot%\system32\drivers\scsiport.sys Image size: 96384 Image MD5: 76C465F570E90C28942D52CCB2580A10 Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Secdrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Secdrv Description: SafeDisc driver Image path: system32\DRIVERS\secdrv.sys Image size: 20480 Image MD5: 90A3935D05B494A5A39D37E71F09A677 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): seclogon Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Secondary Logon Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 288 Error Control: 0 Service (registry key): SENS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: System Event Notification Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: EventSystem Service (registry key): serenum Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Serenum Filter Driver Image path: system32\DRIVERS\serenum.sys Image size: 15744 Image MD5: 0F29512CCD6BEAD730039FB4BD2C85CE Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Serial Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Serial port driver Image path: system32\DRIVERS\serial.sys Image size: 64512 Image MD5: CCA207A8896D4C6A0C9CE29A4AE411A7 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): Sfloppy Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Depends On group: "SCSI miniport" Service (registry key): SharedAccess Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Firewall/Internet Connection Sharing (ICS) Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: Netman,WinMgmt Service (registry key): ShellHWDetection Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Shell Hardware Detection Description: Provides notifications for AutoPlay hardware events. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Depends On services: RpcSs Service (registry key): Simbad Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): sisagp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: SIS AGP Bus Filter Image path: \SystemRoot\system32\DRIVERS\sisagp.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): smwdm Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\drivers\smwdm.sys Image size: 580992 Image MD5: 5018A9DB5EB62E3EDB3110F82F556285 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Sparrow Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Sparrow Image path: \SystemRoot\system32\DRIVERS\sparrow.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): splitter Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Kernel Audio Splitter Image path: system32\drivers\splitter.sys Image size: 6272 Image MD5: AB8B92451ECB048A4D1DE7C3FFCB4A9F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Spooler Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Print Spooler Description: Loads files to memory for later printing. Object name: LocalSystem Image path: %SystemRoot%\system32\spoolsv.exe Image size: 57856 Image MD5: D8E14A61ACC1D4A6CD0D38AEBAC7FA3B Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 1 Depends On services: RPCSS Service (registry key): SQLAgent$MICROSOFTBCM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: SQLAgent$MICROSOFTBCM Object name: LocalSystem Image path: C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlagent.EXE -i MICROSOFTBCM Image size: 311872 Image MD5: E3F974BDEDC336490A2E6F3A703F016A Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: MSSQL$MICROSOFTBCM Service (registry key): sr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: System Restore Filter Driver Image path: system32\DRIVERS\sr.sys Image size: 73472 Image MD5: 76BB022C2FB6902FD5BDD4F78FC13A5D Control Set: CurrentControlSet Start: 0 Type: 2 Error Control: 1 Service (registry key): srservice Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: System Restore Service Description: Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): Srv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Srv Description: Srv Image path: system32\DRIVERS\srv.sys Image size: 334848 Image MD5: 5252605079810904E31C332E241CD59B Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Service (registry key): sscdbhk5 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\drivers\sscdbhk5.sys Image size: 5627 Image MD5: D7968049BE0ADBB6A57CEE3960320911 Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 0 Service (registry key): SSDPSRV Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: SSDP Discovery Service Description: Enables discovery of UPnP devices on your home network. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: HTTP Service (registry key): ssrtln Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\drivers\ssrtln.sys Image size: 23545 Image MD5: C3FFD65ABFB6441E7606CF74F1155273 Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 0 Service (registry key): stisvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Image Acquisition (WIA) Description: Provides image acquisition services for scanners and cameras. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k imgsvc Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): swenum Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Software Bus Driver Image path: system32\DRIVERS\swenum.sys Image size: 4352 Image MD5: 3941D127AEF12E93ADDF6FE6EE027E0F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): swmidi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Kernel GS Wavetable Synthesizer Image path: system32\drivers\swmidi.sys Image size: 56576 Image MD5: 8CE882BCC6CF8A62F2B2323D95CB3D01 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): SwPrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: MS Software Shadow Copy Provider Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{2F130D52-0BDB-47EB-AF81-1E09BA7E21E7} Image size: 5120 Image MD5: 0A9BA6AF531AFE7FA5E4FB973852D863 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 0 Depends On services: rpcss Service (registry key): swwd Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): symc810 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: symc810 Image path: \SystemRoot\system32\DRIVERS\symc810.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): symc8xx Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: symc8xx Image path: \SystemRoot\system32\DRIVERS\symc8xx.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): SymEvent Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \??\C:\Program Files\Symantec\SYMEVENT.SYS Image size: 73496 Image MD5: 083FE6483DC16A02AF2434D04B7D7AEA Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): sym_hi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: sym_hi Image path: \SystemRoot\system32\DRIVERS\sym_hi.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): sym_u3 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: sym_u3 Image path: \SystemRoot\system32\DRIVERS\sym_u3.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): sysaudio Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Kernel System Audio Device Image path: system32\drivers\sysaudio.sys Image size: 60800 Image MD5: 8B83F3ED0F1688B4958F77CD6D2BF290 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): SysmonLog Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Performance Logs and Alerts Description: Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT Authority\NetworkService Image path: %SystemRoot%\system32\smlogsvc.exe Image size: 89600 Image MD5: C7ABBC59B43274B1109DF6B24D617051 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): TapiSrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Telephony Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: PlugPlay,RpcSs Service (registry key): Tcpip Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: TCP/IP Protocol Driver Description: TCP/IP Protocol Driver Image path: system32\DRIVERS\tcpip.sys Image size: 361600 Image MD5: 9AEFA14BD6B182D61E3119FA5F436D3D Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Depends On services: IPSec Service (registry key): tcpsr Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \??\C:\WINDOWS\System32\drivers\tcpsr.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): TDPIPE Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): TDTCP Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): TermDD Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Terminal Device Driver Image path: system32\DRIVERS\termdd.sys Image size: 40840 Image MD5: 88155247177638048422893737429D9E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): TermService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Terminal Services Description: Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost -k DComLaunch Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): tfsnboio Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\dla\tfsnboio.sys Image size: 25883 Image MD5: 30698355067D07DA5F9EB81132C9FDD6 Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsncofs Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\dla\tfsncofs.sys Image size: 34843 Image MD5: FB9D825BB4A2ABDF24600F7505050E2B Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsndrct Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\dla\tfsndrct.sys Image size: 4123 Image MD5: CAFD8CCA11AA1E8B6D2EA1BA8F70EC33 Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsndres Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\dla\tfsndres.sys Image size: 2239 Image MD5: 8DB1E78FBF7C426D8EC3D8F1A33D6485 Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsnifs Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\dla\tfsnifs.sys Image size: 86586 Image MD5: B92F67A71CC8176F331B8AA8D9F555AD Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsnopio Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\dla\tfsnopio.sys Image size: 15227 Image MD5: 85985FAA9A71E2358FCC2EDEFC2A3C5C Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsnpool Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\dla\tfsnpool.sys Image size: 6363 Image MD5: BBA22094F0F7C210567EFDAF11F64495 Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsnudf Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\dla\tfsnudf.sys Image size: 98714 Image MD5: 81340BEF80B9811E98CE64611E67E3FF Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): tfsnudfa Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\dla\tfsnudfa.sys Image size: 100603 Image MD5: C035FD116224CCC8325F384776B6A8BB Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): Themes Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Themes Description: Provides user experience theme management. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): TlntSvr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Telnet Description: Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: C:\WINDOWS\system32\tlntsvr.exe Image size: 73216 Image MD5: DB7205804759FF62C34E3EFD8A4CC76A Control Set: CurrentControlSet Start: 4 Type: 16 Error Control: 1 Depends On services: RPCSS,TCPIP,NTLMSSP Service (registry key): TosIde Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: TosIde Image path: \SystemRoot\system32\DRIVERS\toside.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): TrkWks Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Distributed Link Tracking Client Description: Maintains links between NTFS files within a computer or across computers in a network domain. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): TSDDD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Udfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 2 Error Control: 1 Service (registry key): ultra Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ultra Image path: \SystemRoot\system32\DRIVERS\ultra.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): UMWdf Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows User Mode Driver Framework Description: Enables Windows user mode drivers. Object name: NT AUTHORITY\LocalService Image path: C:\WINDOWS\system32\wdfmgr.exe Image size: 38912 Image MD5: AB0A7CA90D9E3D6A193905DC1715DED0 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: RpcSs Service (registry key): Update Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microcode Update Driver Image path: system32\DRIVERS\update.sys Image size: 384768 Image MD5: 402DDC88356B1BAC0EE3DD1580C76A31 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): upnphost Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Universal Plug and Play Device Host Description: Provides support to host Universal Plug and Play devices. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: SSDPSRV,HTTP Service (registry key): UPS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Uninterruptible Power Supply Description: Manages an uninterruptible power supply (UPS) connected to the computer. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\ups.exe Image size: 18432 Image MD5: 05365FB38FCA1E98F7A566AAAF5D1815 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): USBAAPL Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Apple Mobile USB Driver Image path: System32\Drivers\usbaapl.sys Image size: 30464 Image MD5: F340199E8CB097E1ACD58A967C665919 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbccgp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft USB Generic Parent Driver Image path: system32\DRIVERS\usbccgp.sys Image size: 32128 Image MD5: 173F317CE0DB8E21322E71B7E60A27E8 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbehci Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft USB 2.0 Enhanced Host Controller Miniport Driver Image path: system32\DRIVERS\usbehci.sys Image size: 30208 Image MD5: 65DCF09D0E37D4C6B11B5B0B76D470A7 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbhub Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft USB Standard Hub Driver Image path: system32\DRIVERS\usbhub.sys Image size: 59520 Image MD5: 1AB3CDDE553B6E064D2E754EFE20285C Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbprint Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft USB PRINTER Class Image path: system32\DRIVERS\usbprint.sys Image size: 25856 Image MD5: A717C8721046828520C9EDF31288FC00 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): USBSTOR Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: USB Mass Storage Driver Image path: system32\DRIVERS\USBSTOR.SYS Image size: 26368 Image MD5: A32426D9B14A089EAA1D922E0C5801A9 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbuhci Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft USB Universal Host Controller Miniport Driver Image path: system32\DRIVERS\usbuhci.sys Image size: 20608 Image MD5: 26496F9DEE2D787FC3E61AD54821FFE6 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): VgaSave Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: VGA Display Controller. Description: Controls the VGA display adapter to provide basic display capabilities. Image path: \SystemRoot\System32\drivers\vga.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): viaagp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: VIA AGP Bus Filter Image path: \SystemRoot\system32\DRIVERS\viaagp.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ViaIde Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ViaIde Image path: \SystemRoot\system32\DRIVERS\viaide.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): VolSnap Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): VSS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Volume Shadow Copy Description: Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\System32\vssvc.exe Image size: 289792 Image MD5: 7A9DB3A67C333BF0BD42E42B8596854B Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): w32time Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Time Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): W3SVC Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Wanarp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Remote Access IP ARP Driver Description: Remote Access IP ARP Driver Image path: system32\DRIVERS\wanarp.sys Image size: 34560 Image MD5: E20B95BAEDB550F32DD489265C1DA1F6 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): WDICA Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): wdmaud Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft WINMM WDM Audio Compatibility Driver Image path: system32\drivers\wdmaud.sys Image size: 83072 Image MD5: 6768ACF64B18196494413695F0C3A00F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): WebClient Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WebClient Description: Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: MRxDAV Service (registry key): winmgmt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Management Instrumentation Description: Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Depends On services: RPCSS Service (registry key): Winsock Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 4 Error Control: 1 Service (registry key): WinSock2 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): WinTrust Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): WMConnectCDS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Media Connect Service Description: Shares media with media devices using Universal Plug and Play Object name: NT AUTHORITY\NetworkService Image path: C:\Program Files\Windows Media Connect 2\wmccds.exe Image size: 855552 Image MD5: CD99C9FEAE87C1963273F6B150251E33 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: upnphost,http,HTTPFilter Service (registry key): WmdmPmSN Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Portable Media Serial Number Service Description: Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): Wmi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Management Instrumentation Driver Extensions Description: Provides systems management information to and from drivers. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): WmiApRpl Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): WmiApSrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WMI Performance Adapter Description: Provides performance library information from WMI HiPerf providers. Object name: LocalSystem Image path: C:\WINDOWS\system32\wbem\wmiapsrv.exe Image size: 126464 Image MD5: E0673F1106E62A68D2257E376079F821 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): WS2IFSL Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 0 Error Control: 0 Service (registry key): wscsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Security Center Description: Monitors system security settings and configurations. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs,winmgmt Service (registry key): wuauserv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Automatic Updates Description: Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): WZCSVC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Wireless Zero Configuration Description: Provides automatic configuration for the 802.11 adapters Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs,Ndisuio Service (registry key): xmlprov Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Network Provisioning Service Description: Manages XML configuration files on a domain basis for automatic network provisioning. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): {A19CB432-90DB-4EDA-B05A-1F865819FA82} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0