Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My cpu both cores are running on 90% please help [CLOSED]

Started by fagag , Jul 10 2008 02:00 AM

  • This topic is locked This topic is locked

#16
fenzodahl512
Posted 12 July 2008 - 12:34 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Now for some cleanup..
  • Make sure you have an Internet Connection.
  • Double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OtMoveit2 to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.




To learn more about how to protect yourself while on the internet read this excellent article by Tony Klein: So how did I get infected in the first place?

Please also read an excellent article by miekiemoes :Help! My computer is slow!

And another excellent article by CastleCops Malware Prevention: Prevent Re-infection
  • 0

Advertisements

#17
fagag
Posted 15 July 2008 - 09:36 AM

fagag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
HI fenzodahl512

MALWARE DIDNT FIND ANYTHING:

Malwarebytes' Anti-Malware 1.20
Database version: 951
Windows 6.0.6001 Service Pack 1

18:33:25 15/07/2008
mbam-log-7-15-2008 (18-33-25).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 119145
Time elapsed: 28 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)





DSS:

Deckard's System Scanner v20071014.68
Run by 007 on 2008-07-15 18:34:39
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-07-15 18:35:29
Platform: Windows Vista Service Pack 1 (6.00.6001)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\System32\dwm.exe
C:\Windows\explorer.exe
C:\Windows\System32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\sm56hlpr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
D:\EMULE\emule.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
D:\Program install files\Avant browser\avant.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Windows\System32\notepad.exe
C:\Windows\System32\notepad.exe
C:\Users\007\Desktop\virus\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [eMuleAutoStart] D:\EMULE\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: &יצא ל- Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: מחקר - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebo...toUploader5.cab
O16 - DPF: {43E3F87D-DE7F-4087-BD4F-0DC854981158} (CTAdjust Class) - http://download.micr...dd/clearadj.CAB
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab Class) - http://www.nvidia.co.../sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.co...iaSmartScan.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadbl...ivex/sabspx.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebo...Uploader4_5.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\System32\Ati2evxx.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgwdsvc.exe
O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\System32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\stacsv.exe


--
End of file - 7551 bytes

-- Files created between 2008-06-15 and 2008-07-15 -----------------------------

2008-07-15 17:56:33 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-13 22:30:33 0 d-------- C:\Program Files\VideoLAN
2008-07-13 18:14:43 0 d-------- C:\Windows\system32\appmgmt
2008-07-09 13:26:37 0 d-------- C:\Program Files\Panda Security
2008-07-09 13:12:19 0 d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-07-09 13:12:08 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-07-09 12:33:09 0 d-------- C:\Users\All Users\Malwarebytes
2008-07-09 12:14:50 0 d-------- C:\Program Files\Trend Micro
2008-07-07 14:49:30 0 d-------- C:\Program Files\VS Revo Group
2008-07-05 19:51:21 0 d-------- C:\Users\All Users\WEBREG
2008-07-05 19:45:58 0 d-------- C:\Program Files\Common Files\HP
2008-07-05 19:45:37 0 d-------- C:\Program Files\Hewlett-Packard
2008-07-05 19:45:26 0 d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-07-05 19:43:53 0 d-------- C:\Program Files\HP
2008-07-05 19:41:57 143913 --a------ C:\Windows\hpoins12.dat
2008-07-05 19:41:49 0 d-------- C:\Users\All Users\Hewlett-Packard
2008-07-05 19:41:45 0 d-------- C:\Users\All Users\HP
2008-07-05 19:41:28 258048 --a------ C:\Windows\system32\hpzids01.dll <Not Verified; Hewlett-Packard; HP Installer>
2008-07-05 19:41:26 117760 --a------ C:\Windows\system32\hpzll4v2.dll <Not Verified; Hewlett-Packard Company; Language Monitor>
2008-07-05 19:23:30 0 d-------- C:\Windows\Motorola
2008-06-28 16:27:56 0 d-------- C:\Program Files\MSECache
2008-06-27 15:59:38 0 d-------- C:\Users\All Users\NVIDIA
2008-06-27 15:46:42 0 d-------- C:\NVIDIA
2008-06-27 15:09:07 0 d-------- C:\Program Files\SystemRequirementsLab
2008-06-21 17:06:05 0 d-------- C:\Westwood
2008-06-20 20:48:49 56 --ah----- C:\Windows\system32\ezsidmv.dat
2008-06-20 20:46:09 0 d-------- C:\Program Files\Common Files\Skype
2008-06-20 20:45:09 0 d-------- C:\Users\All Users\Skype


-- Find3M Report ---------------------------------------------------------------

2008-07-15 13:42:47 0 d-------- C:\Users\007\AppData\Roaming\Image Zone Express
2008-07-14 21:10:47 0 d-------- C:\Program Files\Java
2008-07-13 22:31:03 0 d-------- C:\Users\007\AppData\Roaming\vlc
2008-07-13 18:14:47 0 d-------- C:\Users\007\AppData\Roaming\SUPERAntiSpyware.com
2008-07-13 18:14:42 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-13 18:12:13 0 d-------- C:\Users\007\AppData\Roaming\Skype
2008-07-13 17:12:16 0 d-------- C:\Users\007\AppData\Roaming\skypePM
2008-07-10 10:41:19 0 d-------- C:\Program Files\Windows Mail
2008-07-09 12:33:12 0 d-------- C:\Users\007\AppData\Roaming\Malwarebytes
2008-07-09 12:32:55 0 d-------- C:\Users\007\AppData\Roaming\Download Manager
2008-07-05 20:07:22 0 d-------- C:\Users\007\AppData\Roaming\Printer Info Cache
2008-07-05 19:55:23 0 d-------- C:\Users\007\AppData\Roaming\HP
2008-07-05 19:45:58 0 d-------- C:\Program Files\Common Files
2008-06-29 11:07:40 0 d-------- C:\Program Files\Common Files\Nero
2008-06-27 21:19:08 123242 --a------ C:\Users\007\AppData\Roaming\NMM-MetaData.db
2008-06-13 18:37:06 0 d-------- C:\Program Files\Ligos
2008-06-12 15:51:01 0 d-------- C:\Program Files\PacificPoker
2008-06-11 17:06:46 737280 --a------ C:\Windows\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-06-10 15:46:37 2656 --a------ C:\Windows\system32\io02.sys
2008-06-04 22:21:39 0 -rahs---- C:\MSDOS.SYS
2008-06-04 22:21:39 0 -rahs---- C:\IO.SYS
2008-06-04 21:56:40 0 d-------- C:\Program Files\AdVantage
2008-05-31 12:27:08 14 --a------ C:\Windows\system32\systeminfo.dll
2008-05-24 15:03:17 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-21 19:19:12 0 d-------- C:\Program Files\Microsoft Silverlight


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [01/19/2008 10:38 AM]
"RtHDVCpl"="RtHDVCpl.exe" [10/31/2007 01:35 PM C:\Windows\RtHDVCpl.exe]
"Skytel"="Skytel.exe" [10/11/2007 12:04 PM C:\Windows\SkyTel.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06/10/2008 04:27 AM]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [11/29/2007 03:17 AM C:\Windows\KHALMNPR.Exe]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [07/03/2008 10:21 PM]
"basicsmssmenu"="C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [10/09/2007 04:21 PM]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [05/16/2008 02:01 PM]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [05/16/2008 02:01 PM]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [03/01/2007 03:57 PM]
"SMSERIAL"="sm56hlpr.exe" [04/23/2003 03:48 PM C:\Windows\sm56hlpr.exe]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [01/19/2008 10:33 AM]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [01/19/2008 10:33 AM]
"eMuleAutoStart"="D:\EMULE\emule.exe" [04/05/2008 03:14 AM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [13/03/2008 19:11:52]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableUIADesktopToggle"=0 (0x0)
"EnableLUA"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\Windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^007^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
path=C:\Users\007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
backup=C:\Windows\pss\MagicDisc.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\basicsmssmenu]
"C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
"C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
"C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
"C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc
GPSvcGroup GPSvc
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt hpqcxs08 hpqddsvc


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration



-- End of Deckard's System Scanner: finished at 2008-07-15 18:36:07 ------------



Thanks

jerby
  • 0

#18
fenzodahl512
Posted 15 July 2008 - 11:47 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Hello, please manually delete this folder C:\Program Files\AdVantage



Please download ISeeYouXP by ShadowPuterDude and save it to your Desktop..
  • Double-click ISeeYouXP.exe, It will be extracted to C:\ISeeYouXP folder; and a shortcut to ISeeYouXP.bat will be placed on the Desktop.
  • Double-click the ISeeYouXP.bat shortcut which is placed on your Desktop.
    • Vista Users: Right-click on ISeeYouXP.bat and select "Run as Administrator"
  • Please be patient as ISeeYouXP will take a few minutes to complete the scan..
  • After the scan finish, you will see a textfile ISeeYouXP.txt on your Desktop..
  • Please attach that textfile in your next reply..
Note: Vista users will need to turn off UAC function. Please visit here if you do not know how..
  • 0

#19
fagag
Posted 15 July 2008 - 01:46 PM

fagag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
********************************************************************************
****
ISeeYouXP v2.0 Beta 14

ISeeYouXP v1.3.0-v2.0 Beta 14 Copyright - ShadowPuterDude
ISeeYouXP v1.2.9 and earlier Copyright - PhilliePhan
------------------------------------------------------------------------------------
**** PLEASE NOTE THAT MOST (if not ALL) OF THE ITEMS BELOW ARE NOT BADDIES! ****
**** PLEASE CONSULT A KNOWLEDGEABLE PERSON BEFORE TAKING ANY ACTION. ****
********************************************************************************
****

Windows/Browser/Java Versions:

Microsoftr Windows VistaT Ultimate
Version: 6.0.6001
Service Pack: 1.0
Windows Directory: C:\Windows



Boot State: Normal boot

Scan done at 22:37:10.58, Tue 07/15/2008

------------------------------------------------------------------------------------

ISeeYouXP installation folder and files

"C:\ISeeYouXP\"
bootst~1.vbs 28 May 2007 359 "bootstate.vbs"
change.log 8 Jun 2008 5012 "change.log"
chodefix.bat 18 Apr 2007 5387 "chodefix.bat"
fixchode.reg 18 Apr 2007 528 "fixChode.reg"
fixexp~1.bat 24 Feb 2007 487 "FixExplorerPolicies.bat"
getunk~1.bat 12 Aug 2006 1478 "GetUnKeys.bat"
grep.exe 24 Dec 2004 160768 "grep.exe"
hideit.bat 17 Oct 2007 1072 "HideIT.bat"
ieinfo.vbs 28 May 2007 514 "ieinfo.vbs"
iesecu~1.bat 28 Oct 2007 72 "IESecurityZones.bat"
iesecu~1.vbs 8 Nov 2007 2399 "IESecurityZones.vbs"
iseeyo~1.bat 8 Jun 2008 211377 "ISeeYouXP.bat"
libico~1.dll 16 Mar 2004 898048 "libiconv2.dll"
libintl3.dll 9 Oct 2004 101888 "libintl3.dll"
locate.com 14 Jan 2005 11254 "locate.com"
md5sum.exe 5 Aug 2007 49152 "md5sum.exe"
msconf~1.bat 24 Feb 2007 578 "MSConfigFix.bat"
osinfo.vbs 28 May 2007 598 "osinfo.vbs"
pcbutts.txt 25 Mar 2007 5167 "PCBUTTS.TXT"
pcre.dll 14 Nov 2004 183313 "pcre.dll"
pv.exe 3 Mar 2006 73728 "pv.exe"
regedi~1.bat 30 Mar 2007 650 "RegEditFix.bat"
regfix.bat 18 Apr 2007 145 "Regfix.bat"
servic~1.vbs 28 May 2007 672 "servicesinfo.vbs"
showit.bat 17 Oct 2007 1013 "ShowIT.bat"
swreg.exe 5 Apr 2007 139776 "swreg.exe"
system~1.bat 28 Feb 2007 369 "SystemRestoreFix.bat"
taskmg~1.bat 24 Feb 2007 288 "TaskMgrFix.bat"

28 items found: 28 files, 0 directories.
Total of file sizes: 1,856,092 bytes 1.77 M
3 Dir(s) 12,835,479,552 bytes free

------------------------------------------------------------------------------------

System Environment Variables

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\007\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=TAMIR
ComSpec=C:\Windows\system32\cmd.exe
errcode=0
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\007
LOCALAPPDATA=C:\Users\007\AppData\Local
LOGONSERVER=\\TAMIR
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\007\AppData\Local\Temp
TMP=C:\Users\007\AppData\Local\Temp
USERDOMAIN=TAMIR
USERNAME=007
USERPROFILE=C:\Users\007
windir=C:\Windows

------------------------------------------------------------------------------------

Showing any Pocket Killbox backup files

No matches found.

------------------------------------------------------------------------------------

Displaying BOOT.INI:


------------------------------------------------------------------------------------

Displaying SYSTEM.INI:

; for 16-bit app support
[386Enh]
woafont=dosapp.fon
EGA80WOA.FON=EGA80WOA.FON
EGA40WOA.FON=EGA40WOA.FON
CGA80WOA.FON=CGA80WOA.FON
CGA40WOA.FON=CGA40WOA.FON

[drivers]
wave=mmdrv.dll
timer=timer.drv

[mci]

------------------------------------------------------------------------------------

Displaying WIN.INI:

; for 16-bit app support
[fonts]
[extensions]
[mci extensions]
[files]
[Mail]
MAPI=1
CMCDLLNAME32=mapi32.dll
CMCDLLNAME=mapi.dll
CMC=1
MAPIX=1
MAPIXVER=1.0.0.1
OLEMessaging=1
[MCI Extensions.BAK]
m2v=MPEGVideo
mod=MPEGVideo
[Readiris]
Scanner32=Twaino38,22
[I.R.I.S.]
reg_n=30000

------------------------------------------------------------------------------------

Displaying AUTOEXEC.BAT:

REM Dummy file for NTVDM
------------------------------------------------------------------------------------

Displaying CONFIG.SYS:

FILES=40

------------------------------------------------------------------------------------

Displaying Running Processes:

PROCESS PID PRIO PATH
smss.exe 520 Normal C:\Windows\System32\smss.exe
csrss.exe 588 Normal C:\Windows\system32\csrss.exe
wininit.exe 640 High C:\Windows\system32\wininit.exe
csrss.exe 648 Normal C:\Windows\system32\csrss.exe
services.exe 696 Normal C:\Windows\system32\services.exe
lsass.exe 740 Normal C:\Windows\system32\lsass.exe
lsm.exe 748 Normal C:\Windows\system32\lsm.exe
winlogon.exe 876 High C:\Windows\system32\winlogon.exe
svchost.exe 956 Normal C:\Windows\system32\svchost.exe
nvvsvc.exe 1000 Normal C:\Windows\system32\nvvsvc.exe
svchost.exe 1032 Normal C:\Windows\system32\svchost.exe
Ati2evxx.exe 1168 Normal C:\Windows\system32\Ati2evxx.exe
svchost.exe 1184 Normal C:\Windows\System32\svchost.exe
svchost.exe 1212 Normal C:\Windows\System32\svchost.exe
svchost.exe 1224 Normal C:\Windows\system32\svchost.exe
svchost.exe 1368 Normal C:\Windows\system32\svchost.exe
SLsvc.exe 1388 Normal C:\Windows\system32\SLsvc.exe
svchost.exe 1432 Normal C:\Windows\system32\svchost.exe
rundll32.exe 1588 Normal C:\Windows\system32\rundll32.exe
svchost.exe 1600 Normal C:\Windows\system32\svchost.exe
Ati2evxx.exe 1700 Normal C:\Windows\system32\Ati2evxx.exe
spoolsv.exe 1912 Normal C:\Windows\System32\spoolsv.exe
svchost.exe 1948 Normal C:\Windows\system32\svchost.exe
Dwm.exe 416 High C:\Windows\system32\Dwm.exe
Explorer.EXE 784 Normal C:\Windows\Explorer.EXE
taskeng.exe 1012 Normal C:\Windows\system32\taskeng.exe
taskeng.exe 2116 Below Normal C:\Windows\system32\taskeng.exe
RtHDVCpl.exe 2260 Normal C:\Windows\RtHDVCpl.exe
jusched.exe 2304 Normal C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
avgtray.exe 2324 Normal C:\Program Files\AVG\AVG8\avgtray.exe
rundll32.exe 2364 Normal C:\Windows\System32\rundll32.exe
sm56hlpr.exe 2380 Normal C:\Windows\sm56hlpr.exe
sidebar.exe 2392 Normal C:\Program Files\Windows Sidebar\sidebar.exe
ehtray.exe 2400 Normal C:\Windows\ehome\ehtray.exe
SetPoint.exe 2508 Normal C:\Program Files\Logitech\SetPoint\SetPoint.exe
ehmsas.exe 2636 Normal C:\Windows\ehome\ehmsas.exe
KHALMNPR.EXE 2748 Normal C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
sidebar.exe 2924 Normal C:\Program Files\Windows Sidebar\sidebar.exe
avgwdsvc.exe 2936 Normal C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
SyncServicesBasics.exe 2964 Normal C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
svchost.exe 3024 Normal C:\Windows\system32\svchost.exe
svchost.exe 3132 Normal C:\Windows\System32\svchost.exe
svchost.exe 3200 Normal C:\Windows\System32\svchost.exe
svchost.exe 3220 Normal C:\Windows\system32\svchost.exe
svchost.exe 3884 Normal C:\Windows\system32\svchost.exe
svchost.exe 3952 Normal C:\Windows\System32\svchost.exe
SearchIndexer.exe 4000 Normal C:\Windows\system32\SearchIndexer.exe
fxssvc.exe 2000 Normal C:\Windows\system32\fxssvc.exe
avgrsx.exe 3816 Normal C:\PROGRA~1\AVG\AVG8\avgrsx.exe
unsecapp.exe 3684 Normal C:\Windows\system32\wbem\unsecapp.exe
wmiprvse.exe 3536 Normal C:\Windows\system32\wbem\wmiprvse.exe
usnsvc.exe 5880 Normal C:\Program Files\MSN Messenger\usnsvc.exe
iexplore.exe 4616 Normal C:\Program Files\Internet Explorer\iexplore.exe
NMIndexingService.exe 2012 Normal C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
WINWORD.EXE 284 Normal C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
AcroRd32.exe 5960 Normal C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
NOTEPAD.EXE 4796 Normal C:\Windows\system32\NOTEPAD.EXE
conime.exe 4284 Normal C:\Windows\system32\conime.exe
avant.exe 5176 Normal D:\Program install files\Avant browser\avant.exe
SearchProtocolHost.exe 4372 Idle C:\Windows\system32\SearchProtocolHost.exe
SearchFilterHost.exe 6120 Idle C:\Windows\system32\SearchFilterHost.exe
wmiprvse.exe 4976 Normal C:\Windows\system32\wbem\wmiprvse.exe
cmd.exe 3004 Normal C:\Windows\System32\cmd.exe
ntvdm.exe 3588 Normal C:\Windows\system32\ntvdm.exe
pv.exe 5400 Normal C:\ISEEYO~1\pv.exe

------------------------------------------------------------------------------------

Displaying Windows Services:

Name: AeLookupSvc
Display Name: Application Experience
Description: Processes application compatibility cache requests for applications as they are launched
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: ALG
Display Name: Application Layer Gateway Service
Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing
Path Name: C:\Windows\System32\alg.exe
Start Mode: Manual
State: Stopped

Name: Appinfo
Display Name: Application Information
Description: Facilitates the running of interactive applications with additional administrative privileges. If this service is stopped, users will be unable to launch applications with the additional administrative privileges they may require to perform desired user tasks.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: AppMgmt
Display Name: Application Management
Description: Processes installation, removal, and enumeration requests for software deployed through Group Policy. If the service is disabled, users will be unable to install, remove, or enumerate software deployed through Group Policy. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: Ati External Event Utility
Display Name: Ati External Event Utility
Description:
Path Name: C:\Windows\system32\Ati2evxx.exe
Start Mode: Auto
State: Running

Name: AudioEndpointBuilder
Display Name: Windows Audio Endpoint Builder
Description: Manages audio devices for the Windows Audio service. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: Audiosrv
Display Name: Windows Audio
Description: Manages audio for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Auto
State: Running

Name: avg8wd
Display Name: AVG8 WatchDog
Description:
Path Name: C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
Start Mode: Auto
State: Running

Name: Basics Service
Display Name: Basics Service
Description: Basics service for hardware interaction
Path Name: "C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe"
Start Mode: Auto
State: Running

Name: BFE
Display Name: Base Filtering Engine
Description: The Base Filtering Engine (BFE) is a service that manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Stopping or disabling the BFE service will significantly reduce the security of the system. It will also result in unpredictable behavior in IPsec management and firewall applications.
Path Name: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Start Mode: Auto
State: Running

Name: BITS
Display Name: Background Intelligent Transfer Service
Description: Transfers files in the background using idle network bandwidth. If the service is disabled, then any applications that depend on BITS, such as Windows Update or MSN Explorer, will be unable to automatically download programs and other information.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: Browser
Display Name: Computer Browser
Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: CertPropSvc
Display Name: Certificate Propagation
Description: Propagates certificates from smart cards.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: clr_optimization_v2.0.50727_32
Display Name: Microsoft .NET Framework NGEN v2.0.50727_X86
Description: Microsoft .NET Framework NGEN
Path Name: C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Start Mode: Manual
State: Stopped

Name: COMSysApp
Display Name: COM+ System Application
Description: Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Start Mode: Manual
State: Stopped

Name: CryptSvc
Display Name: Cryptographic Services
Description: Provides four management services: Catalog Database Service, which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; Automatic Root Certificate Update Service, which retrieves root certificates from Windows Update and enable scenarios such as SSL; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: CscService
Display Name: Offline Files
Description: The Offline Files service performs maintenance activities on the Offline Files cache, responds to user logon and logoff events, implements the internals of the public API, and dispatches interesting events to those interested in Offline Files activities and changes in cache state.
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: DcomLaunch
Display Name: DCOM Server Process Launcher
Description: Provides launch functionality for DCOM services.
Path Name: C:\Windows\system32\svchost.exe -k DcomLaunch
Start Mode: Auto
State: Running

Name: DFSR
Display Name: DFS Replication
Description: Enables you to synchronize folders on multiple servers across local or wide area network (WAN) network connections. This service uses the Remote Differential Compression (RDC) protocol to update only the portions of files that have changed since the last replication.
Path Name: C:\Windows\system32\DFSR.exe
Start Mode: Manual
State: Stopped

Name: Dhcp
Display Name: DHCP Client
Description: Registers and updates IP addresses and DNS records for this computer. If this service is stopped, this computer will not receive dynamic IP addresses and DNS updates. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Auto
State: Running

Name: Dnscache
Display Name: DNS Client
Description: The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer. If the service is stopped, DNS names will continue to be resolved. However, the results of DNS name queries will not be cached and the computer's name will not be registered. If the service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: dot3svc
Display Name: Wired AutoConfig
Description: This service performs IEEE 802.1X authentication on Ethernet interfaces
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Manual
State: Stopped

Name: DPS
Display Name: Diagnostic Policy Service
Description: The Diagnostic Policy Service enables problem detection, troubleshooting and resolution for Windows components. If this service is stopped, diagnostics will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
Start Mode: Auto
State: Running

Name: EapHost
Display Name: Extensible Authentication Protocol
Description: The Extensible Authentication Protocol (EAP) service provides network authentication in such scenarios as 802.1x wired and wireless, VPN, and Network Access Protection (NAP). EAP also provides application programming interfaces (APIs) that are used by network access clients, including wireless and VPN clients, during the authentication process. If you disable this service, this computer is prevented from accessing networks that require EAP authentication.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: ehRecvr
Display Name: Windows Media Center Receiver Service
Description: Windows Media Center Service for TV and FM broadcast reception
Path Name: C:\Windows\ehome\ehRecvr.exe
Start Mode: Manual
State: Stopped

Name: ehSched
Display Name: Windows Media Center Scheduler Service
Description: Starts and stops recording of TV programs within Windows Media Center
Path Name: C:\Windows\ehome\ehsched.exe
Start Mode: Manual
State: Stopped

Name: ehstart
Display Name: Windows Media Center Service Launcher
Description: Starts Windows Media Center Scheduler and Windows Media Center Receiver services at startup if TV is enabled within Windows Media Center.
Path Name: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Start Mode: Auto
State: Stopped

Name: EMDMgmt
Display Name: ReadyBoost
Description: Provides support for improving system performance using ReadyBoost.
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: Eventlog
Display Name: Windows Event Log
Description: This service manages events and event logs. It supports logging events, querying events, subscribing to events, archiving event logs, and managing event metadata. It can display events in both XML and plain text format. Stopping this service may compromise security and reliability of the system.
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Auto
State: Running

Name: EventSystem
Display Name: COM+ Event System
Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: Fax
Display Name: Fax
Description: Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network.
Path Name: C:\Windows\system32\fxssvc.exe
Start Mode: Auto
State: Running

Name: fdPHost
Display Name: Function Discovery Provider Host
Description: Host process for Function Discovery providers.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Running

Name: FDResPub
Display Name: Function Discovery Resource Publication
Description: Publishes this computer and resources attached to this computer so they can be discovered over the network. If this service is stopped, network resources will no longer be published and they will not be discovered by other computers on the network.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: FontCache3.0.0.0
Display Name: Windows Presentation Foundation Font Cache 3.0.0.0
Description: Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications.
Path Name: C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
Start Mode: Manual
State: Stopped

Name: gpsvc
Display Name: Group Policy Client
Description: The service is responsible for applying settings configured by administrators for the computer and users through the Group Policy component. If the service is stopped or disabled, the settings will not be applied and applications and components will not be manageable through Group Policy. Any components or applications that depend on the Group Policy component might not be functional if the service is stopped or disabled.
Path Name: C:\Windows\system32\svchost.exe -k GPSvcGroup
Start Mode: Auto
State: Running

Name: hidserv
Display Name: Human Interface Device Access
Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: hkmsvc
Display Name: Health Key and Certificate Management
Description: Provides X.509 certificate and key management services for the Network Access Protection Agent (NAPAgent). Enforcement technologies that use X.509 certificates may not function properly without this service
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: hpqcxs08
Display Name: hpqcxs08
Description:
Path Name: C:\Windows\system32\svchost.exe -k hpdevmgmt
Start Mode: Manual
State: Running

Name: hpqddsvc
Display Name: HP CUE DeviceDiscovery Service
Description: This service detects and monitors CUE devices on the system.
Path Name: C:\Windows\system32\svchost.exe -k hpdevmgmt
Start Mode: Auto
State: Running

Name: idsvc
Display Name: Windows CardSpace
Description: Securely enables the creation, management, and disclosure of digital identities.
Path Name: "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
Start Mode: Manual
State: Stopped

Name: IKEEXT
Display Name: IKE and AuthIP IPsec Keying Modules
Description: The IKEEXT service hosts the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules. These keying modules are used for authentication and key exchange in Internet Protocol security (IPsec). Stopping or disabling the IKEEXT service will disable IKE and AuthIP key exchange with peer computers. IPsec is typically configured to use IKE or AuthIP; therefore, stopping or disabling the IKEEXT service might result in an IPsec failure and might compromise the security of the system. It is strongly recommended that you have the IKEEXT service running.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: IPBusEnum
Display Name: PnP-X IP Bus Enumerator
Description: The PnP-X bus enumerator service manages the virtual network bus. It discovers network connected devices using the SSDP/WS discovery protocols and gives them presence in PnP. If this service is stopped or disabled, presence of NCD devices will not be maintained in PnP. All pnpx based scenarios will stop functioning.
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Manual
State: Stopped

Name: iphlpsvc
Display Name: IP Helper
Description: Provides automatic IPv6 connectivity over an IPv4 network. If this service is stopped, the machine will only have IPv6 connectivity if it is connected to a native IPv6 network.
Path Name: C:\Windows\System32\svchost.exe -k NetSvcs
Start Mode: Auto
State: Running

Name: KeyIso
Display Name: CNG Key Isolation
Description: The CNG key isolation service is hosted in the LSA process. The service provides key process isolation to private keys and associated cryptographic operations as required by the Common Criteria. The service stores and uses long-lived keys in a secure process complying with Common Criteria requirements.
Path Name: C:\Windows\system32\lsass.exe
Start Mode: Manual
State: Stopped

Name: KtmRm
Display Name: KtmRm for Distributed Transaction Coordinator
Description: Coordinates transactions between MSDTC and the Kernel Transaction Manager (KTM).
Path Name: C:\Windows\System32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: LanmanServer
Display Name: Server
Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: LanmanWorkstation
Display Name: Workstation
Description: Creates and maintains client network connections to remote servers using the SMB protocol. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: LBTServ
Display Name: Logitech Bluetooth Service
Description:
Path Name: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
Start Mode: Manual
State: Stopped

Name: lltdsvc
Display Name: Link-Layer Topology Discovery Mapper
Description: Creates a Network Map, consisting of PC and device topology (connectivity) information, and metadata describing each PC and device. If this service is disabled, the Network Map will not function properly.
Path Name: C:\Windows\System32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: lmhosts
Display Name: TCP/IP NetBIOS Helper
Description: Provides support for the NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution for clients on the network, therefore enabling users to share files, print, and log on to the network. If this service is stopped, these functions might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Auto
State: Running

Name: Mcx2Svc
Display Name: Windows Media Center Extender Service
Description: Allows Windows Media Center Extender devices to locate and connect to the computer.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Disabled
State: Stopped

Name: MMCSS
Display Name: Multimedia Class Scheduler
Description: Enables relative prioritization of work based on system-wide task priorities. This is intended mainly for multimedia applications. If this service is stopped, individual tasks resort to their default priority.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: MpsSvc
Display Name: Windows Firewall
Description: Windows Firewall helps protect your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network.
Path Name: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Start Mode: Auto
State: Running

Name: MSDTC
Display Name: Distributed Transaction Coordinator
Description: Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\msdtc.exe
Start Mode: Manual
State: Stopped

Name: MSiSCSI
Display Name: Microsoft iSCSI Initiator Service
Description: Manages Internet SCSI (iSCSI) sessions from this computer to remote iSCSI target devices. If this service is stopped, this computer will not be able to login or access iSCSI targets. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: msiserver
Display Name: Windows Installer
Description: Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\msiexec /V
Start Mode: Manual
State: Stopped

Name: napagent
Display Name: Network Access Protection Agent
Description: Enables Network Access Protection (NAP) functionality on client computers
Path Name: C:\Windows\System32\svchost.exe -k NetworkService
Start Mode: Manual
State: Stopped

Name: Net Driver HPZ12
Display Name: Net Driver HPZ12
Description:
Path Name: C:\Windows\System32\svchost.exe -k HPZ12
Start Mode: Auto
State: Running

Name: Netlogon
Display Name: Netlogon
Description: Maintains a secure channel between this computer and the domain controller for authenticating users and services. If this service is stopped, the computer may not authenticate users and services and the domain controller cannot register DNS records. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\lsass.exe
Start Mode: Manual
State: Stopped

Name: Netman
Display Name: Network Connections
Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Manual
State: Running

Name: netprofm
Display Name: Network List Service
Description: Identifies the networks to which the computer has connected, collects and stores properties for these networks, and notifies applications when these properties change.
Path Name: C:\Windows\System32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: NetTcpPortSharing
Display Name: Net.Tcp Port Sharing Service
Description: Provides ability to share TCP ports over the net.tcp protocol.
Path Name: "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Start Mode: Disabled
State: Stopped

Name: NlaSvc
Display Name: Network Location Awareness
Description: Collects and stores configuration information for the network and notifies programs when this information is modified. If this service is stopped, configuration information might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: NMIndexingService
Display Name: NMIndexingService
Description:
Path Name: "C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe"
Start Mode: Manual
State: Running

Name: nsi
Display Name: Network Store Interface Service
Description: This service delivers network notifications (e.g. interface addition/deleting etc) to user mode clients. Stopping this service will cause loss of network connectivity. If this service is disabled, any other services that explicitly depend on this service will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: nvsvc
Display Name: NVIDIA Display Driver Service
Description: Provides system and desktop level support to the NVIDIA display driver
Path Name: C:\Windows\system32\nvvsvc.exe
Start Mode: Auto
State: Running

Name: ose
Display Name: Office Source Engine
Description: Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.
Path Name: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Start Mode: Manual
State: Stopped

Name: p2pimsvc
Display Name: Peer Networking Identity Manager
Description: Provides Identity service for Peer Networking
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Manual
State: Stopped

Name: p2psvc
Display Name: Peer Networking Grouping
Description: Provides Peer Networking Grouping services
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Manual
State: Stopped

Name: PcaSvc
Display Name: Program Compatibility Assistant Service
Description: Provides support for the Program Compatibility Assistant. If this service is stopped, the Program Compatibility Assistant will not function properly. If this service is disabled, any services that depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: pla
Display Name: Performance Logs & Alerts
Description: Performance Logs and Alerts Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
Start Mode: Manual
State: Stopped

Name: PlugPlay
Display Name: Plug and Play
Description: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
Path Name: C:\Windows\system32\svchost.exe -k DcomLaunch
Start Mode: Auto
State: Running

Name: Pml Driver HPZ12
Display Name: Pml Driver HPZ12
Description:
Path Name: C:\Windows\System32\svchost.exe -k HPZ12
Start Mode: Auto
State: Running

Name: PNRPAutoReg
Display Name: PNRP Machine Name Publication Service
Description: This service publishes a machine name using the Peer Name Resolution Protocol. Configuration is managed via the netsh context 'p2p pnrp peer'
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Manual
State: Stopped

Name: PNRPsvc
Display Name: Peer Name Resolution Protocol
Description: Enables Serverless Peer Name Resolution over the Internet. If disabled, some Peer to Peer and Collaborative applications, such as Windows Meetings, may not function
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Manual
State: Stopped

Name: PolicyAgent
Display Name: IPsec Policy Agent
Description: Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool "netsh ipsec". If you stop this service, you may experience network connectivity issues if your policy requires that connections use IPsec. Also,remote management of Windows Firewall is not available when this service is stopped.
Path Name: C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
Start Mode: Auto
State: Running

Name: ProfSvc
Display Name: User Profile Service
Description: This service is responsible for loading and unloading user profiles. If this service is stopped or disabled, users will no longer be able to successfully logon or logoff, applications may have problems getting to users' data, and components registered to receive profile event notifications will not receive them.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: ProtectedStorage
Display Name: Protected Storage
Description: Provides protected storage for sensitive data, such as passwords, to prevent access by unauthorized services, processes, or users.
Path Name: C:\Windows\system32\lsass.exe
Start Mode: Manual
State: Stopped

Name: QWAVE
Display Name: Quality Windows Audio Video Experience
Description: Quality Windows Audio Video Experience (qWave) is a networking platform for Audio Video (AV) streaming applications on IP home networks. qWave enhances AV streaming performance and reliability by ensuring network quality-of-service (QoS) for AV applications. It provides mechanisms for admission control, run time monitoring and enforcement, application feedback, and traffic prioritization.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: RasAuto
Display Name: Remote Access Auto Connection Manager
Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: RasMan
Display Name: Remote Access Connection Manager
Description: Manages dial-up and virtual private network (VPN) connections from this computer to the Internet or other remote networks. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Running

Name: RemoteAccess
Display Name: Routing and Remote Access
Description: Offers routing services to businesses in local area and wide area network environments.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Disabled
State: Stopped

Name: RemoteRegistry
Display Name: Remote Registry
Description: Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k regsvc
Start Mode: Manual
State: Stopped

Name: RpcLocator
Display Name: Remote Procedure Call (RPC) Locator
Description: Manages the RPC name service database.
Path Name: C:\Windows\system32\locator.exe
Start Mode: Manual
State: Stopped

Name: RpcSs
Display Name: Remote Procedure Call (RPC)
Description: Serves as the endpoint mapper and COM Service Control Manager. If this service is stopped or disabled, programs using COM or Remote Procedure Call (RPC) services will not function properly.
Path Name: C:\Windows\system32\svchost.exe -k rpcss
Start Mode: Auto
State: Running

Name: SamSs
Display Name: Security Accounts Manager
Description: The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests. Disabling this service will prevent other services in the system from being notified when the SAM is ready, which may in turn cause those services to fail to start correctly. This service should not be disabled.
Path Name: C:\Windows\system32\lsass.exe
Start Mode: Auto
State: Running

Name: SCardSvr
Display Name: Smart Card
Description: Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: Schedule
Display Name: Task Scheduler
Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: SCPolicySvc
Display Name: Smart Card Removal Policy
Description: Allows the system to be configured to lock the user desktop upon smart card removal.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: SDRSVC
Display Name: Windows Backup
Description: Provides Windows Backup and Restore capabilities.
Path Name: C:\Windows\system32\svchost.exe -k SDRSVC
Start Mode: Manual
State: Stopped

Name: seclogon
Display Name: Secondary Logon
Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: SENS
Display Name: System Event Notification Service
Description: Monitors system events and notifies subscribers to COM+ Event System of these events.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: ServiceLayer
Display Name: ServiceLayer
Description:
Path Name: "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"
Start Mode: Manual
State: Stopped

Name: SessionEnv
Display Name: Terminal Services Configuration
Description: Terminal Services Configuration service (TSCS) is responsible for all Terminal Services and Remote Desktop related configuration and session maintenance activities that require SYSTEM context. These include per-session temporary folders, TS themes, and TS certificates.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: SharedAccess
Display Name: Internet Connection Sharing (ICS)
Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Disabled
State: Stopped

Name: ShellHWDetection
Display Name: Shell Hardware Detection
Description: Provides notifications for AutoPlay hardware events.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: slsvc
Display Name: Software Licensing
Description: Enables the download, installation and enforcement of digital licenses for Windows and Windows applications. If the service is disabled, the operating system and licensed applications may run in a reduced function mode.
Path Name: C:\Windows\system32\SLsvc.exe
Start Mode: Auto
State: Running

Name: SLUINotify
Display Name: SL UI Notification Service
Description: Provides Software Licensing activation and notification
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: SNMPTRAP
Display Name: SNMP Trap
Description: Receives trap messages generated by local or remote Simple Network Management Protocol (SNMP) agents and forwards the messages to SNMP management programs running on this computer. If this service is stopped, SNMP-based programs on this computer will not receive SNMP trap messages. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\snmptrap.exe
Start Mode: Manual
State: Stopped

Name: Spooler
Display Name: Print Spooler
Description: Loads files to memory for later printing
Path Name: C:\Windows\System32\spoolsv.exe
Start Mode: Auto
State: Running

Name: SSDPSRV
Display Name: SSDP Discovery
Description: Discovers networked devices and services that use the SSDP discovery protocol, such as UPnP devices. Also announces SSDP devices and services running on the local computer. If this service is stopped, SSDP-based devices will not be discovered. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Running

Name: SstpSvc
Display Name: Secure Socket Tunneling Protocol Service
Description: Provides support for the Secure Socket Tunneling Protocol (SSTP) to connect to remote computers using VPN. If this service is disabled, users will not be able to use SSTP to access remote servers.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Running

Name: STacSV
Display Name: Audio Service
Description: Manages audio jack configurations.
Path Name: C:\Windows\system32\STacSV.exe
Start Mode: Auto
State: Stopped

Name: stisvc
Display Name: Windows Image Acquisition (WIA)
Description: Provides image acquisition services for scanners and cameras
Path Name: C:\Windows\system32\svchost.exe -k imgsvc
Start Mode: Auto
State: Running

Name: swprv
Display Name: Microsoft Software Shadow Copy Provider
Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k swprv
Start Mode: Manual
State: Stopped

Name: SysMain
Display Name: Superfetch
Description: Maintains and improves system performance over time.
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: TabletInputService
Display Name: Tablet PC Input Service
Description: Enables Tablet PC pen and ink functionality
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: TapiSrv
Display Name: Telephony
Description: Provides Telephony API (TAPI) support for programs that control telephony devices on the local computer and, through the LAN, on servers that are also running the service.
Path Name: C:\Windows\System32\svchost.exe -k NetworkService
Start Mode: Manual
State: Running

Name: TBS
Display Name: TPM Base Services
Description: Enables access to the Trusted Platform Module (TPM), which provides hardware-based cryptographic services to system components and applications. If this service is stopped or disabled, applications will be unable to use keys protected by the TPM.
Path Name: C:\Windows\System32\svchost.exe -k LocalService
Start Mode: Auto
State: Stopped

Name: TermService
Display Name: Terminal Services
Description: Allows users to connect interactively to a remote computer. Remote Desktop and Terminal Server depend on this service. To prevent remote use of this computer, clear the checkboxes on the Remote tab of the System properties control panel item.
Path Name: C:\Windows\System32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: Themes
Display Name: Themes
Description: Provides user experience theme management.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: THREADORDER
Display Name: Thread Ordering Server
Description: Provides ordered execution for a group of threads within a specific period of time.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: TrkWks
Display Name: Distributed Link Tracking Client
Description: Maintains links between NTFS files within a computer or across computers in a network.
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: TrustedInstaller
Display Name: Windows Modules Installer
Description: Enables installation, modification, and removal of Windows updates and optional components. If this service is disabled, install or uninstall of Windows updates might fail for this computer.
Path Name: C:\Windows\servicing\TrustedInstaller.exe
Start Mode: Manual
State: Stopped

Name: UI0Detect
Display Name: Interactive Services Detection
Description: Enables user notification of user input for interactive services, which enables access to dialogs created by interactive services when they appear. If this service is stopped, notifications of new interactive service dialogs will no longer function and there may no longer be access to interactive service dialogs. If this service is disabled, both notifications of and access to new interactive service dialogs will no longer function.
Path Name: C:\Windows\system32\UI0Detect.exe
Start Mode: Manual
State: Stopped

Name: UmRdpService
Display Name: Terminal Services UserMode Port Redirector
Description: Allows the redirection of Printers/Drives/Ports for RDP connections
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Manual
State: Stopped

Name: upnphost
Display Name: UPnP Device Host
Description: Allows UPnP devices to be hosted on this computer. If this service is stopped, any hosted UPnP devices will stop functioning and no additional hosted devices can be added. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Running

Name: usnjsvc
Display Name: Messenger Sharing Folders USN Journal Reader service
Description: Service installed by Messenger to enable sharing scenarios
Path Name: "C:\Program Files\MSN Messenger\usnsvc.exe"
Start Mode: Manual
State: Running

Name: UxSms
Display Name: Desktop Window Manager Session Manager
Description: Provides Desktop Window Manager startup and maintenance services
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: vds
Display Name: Virtual Disk
Description: Provides management services for disks, volumes, file systems, and storage arrays.
Path Name: C:\Windows\System32\vds.exe
Start Mode: Manual
State: Stopped

Name: VSS
Display Name: Volume Shadow Copy
Description: Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\vssvc.exe
Start Mode: Manual
State: Stopped

Name: W32Time
Display Name: Windows Time
Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
  • 0

#20
fagag
Posted 15 July 2008 - 01:47 PM

fagag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
HI

HERE U GO:


********************************************************************************
****
ISeeYouXP v2.0 Beta 14

ISeeYouXP v1.3.0-v2.0 Beta 14 Copyright - ShadowPuterDude
ISeeYouXP v1.2.9 and earlier Copyright - PhilliePhan
------------------------------------------------------------------------------------
**** PLEASE NOTE THAT MOST (if not ALL) OF THE ITEMS BELOW ARE NOT BADDIES! ****
**** PLEASE CONSULT A KNOWLEDGEABLE PERSON BEFORE TAKING ANY ACTION. ****
********************************************************************************
****

Windows/Browser/Java Versions:

Microsoftr Windows VistaT Ultimate
Version: 6.0.6001
Service Pack: 1.0
Windows Directory: C:\Windows



Boot State: Normal boot

Scan done at 22:37:10.58, Tue 07/15/2008

------------------------------------------------------------------------------------

ISeeYouXP installation folder and files

"C:\ISeeYouXP\"
bootst~1.vbs 28 May 2007 359 "bootstate.vbs"
change.log 8 Jun 2008 5012 "change.log"
chodefix.bat 18 Apr 2007 5387 "chodefix.bat"
fixchode.reg 18 Apr 2007 528 "fixChode.reg"
fixexp~1.bat 24 Feb 2007 487 "FixExplorerPolicies.bat"
getunk~1.bat 12 Aug 2006 1478 "GetUnKeys.bat"
grep.exe 24 Dec 2004 160768 "grep.exe"
hideit.bat 17 Oct 2007 1072 "HideIT.bat"
ieinfo.vbs 28 May 2007 514 "ieinfo.vbs"
iesecu~1.bat 28 Oct 2007 72 "IESecurityZones.bat"
iesecu~1.vbs 8 Nov 2007 2399 "IESecurityZones.vbs"
iseeyo~1.bat 8 Jun 2008 211377 "ISeeYouXP.bat"
libico~1.dll 16 Mar 2004 898048 "libiconv2.dll"
libintl3.dll 9 Oct 2004 101888 "libintl3.dll"
locate.com 14 Jan 2005 11254 "locate.com"
md5sum.exe 5 Aug 2007 49152 "md5sum.exe"
msconf~1.bat 24 Feb 2007 578 "MSConfigFix.bat"
osinfo.vbs 28 May 2007 598 "osinfo.vbs"
pcbutts.txt 25 Mar 2007 5167 "PCBUTTS.TXT"
pcre.dll 14 Nov 2004 183313 "pcre.dll"
pv.exe 3 Mar 2006 73728 "pv.exe"
regedi~1.bat 30 Mar 2007 650 "RegEditFix.bat"
regfix.bat 18 Apr 2007 145 "Regfix.bat"
servic~1.vbs 28 May 2007 672 "servicesinfo.vbs"
showit.bat 17 Oct 2007 1013 "ShowIT.bat"
swreg.exe 5 Apr 2007 139776 "swreg.exe"
system~1.bat 28 Feb 2007 369 "SystemRestoreFix.bat"
taskmg~1.bat 24 Feb 2007 288 "TaskMgrFix.bat"

28 items found: 28 files, 0 directories.
Total of file sizes: 1,856,092 bytes 1.77 M
3 Dir(s) 12,835,479,552 bytes free

------------------------------------------------------------------------------------

System Environment Variables

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\007\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=TAMIR
ComSpec=C:\Windows\system32\cmd.exe
errcode=0
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\007
LOCALAPPDATA=C:\Users\007\AppData\Local
LOGONSERVER=\\TAMIR
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\007\AppData\Local\Temp
TMP=C:\Users\007\AppData\Local\Temp
USERDOMAIN=TAMIR
USERNAME=007
USERPROFILE=C:\Users\007
windir=C:\Windows

------------------------------------------------------------------------------------

Showing any Pocket Killbox backup files

No matches found.

------------------------------------------------------------------------------------

Displaying BOOT.INI:


------------------------------------------------------------------------------------

Displaying SYSTEM.INI:

; for 16-bit app support
[386Enh]
woafont=dosapp.fon
EGA80WOA.FON=EGA80WOA.FON
EGA40WOA.FON=EGA40WOA.FON
CGA80WOA.FON=CGA80WOA.FON
CGA40WOA.FON=CGA40WOA.FON

[drivers]
wave=mmdrv.dll
timer=timer.drv

[mci]

------------------------------------------------------------------------------------

Displaying WIN.INI:

; for 16-bit app support
[fonts]
[extensions]
[mci extensions]
[files]
[Mail]
MAPI=1
CMCDLLNAME32=mapi32.dll
CMCDLLNAME=mapi.dll
CMC=1
MAPIX=1
MAPIXVER=1.0.0.1
OLEMessaging=1
[MCI Extensions.BAK]
m2v=MPEGVideo
mod=MPEGVideo
[Readiris]
Scanner32=Twaino38,22
[I.R.I.S.]
reg_n=30000

------------------------------------------------------------------------------------

Displaying AUTOEXEC.BAT:

REM Dummy file for NTVDM
------------------------------------------------------------------------------------

Displaying CONFIG.SYS:

FILES=40

------------------------------------------------------------------------------------

Displaying Running Processes:

PROCESS PID PRIO PATH
smss.exe 520 Normal C:\Windows\System32\smss.exe
csrss.exe 588 Normal C:\Windows\system32\csrss.exe
wininit.exe 640 High C:\Windows\system32\wininit.exe
csrss.exe 648 Normal C:\Windows\system32\csrss.exe
services.exe 696 Normal C:\Windows\system32\services.exe
lsass.exe 740 Normal C:\Windows\system32\lsass.exe
lsm.exe 748 Normal C:\Windows\system32\lsm.exe
winlogon.exe 876 High C:\Windows\system32\winlogon.exe
svchost.exe 956 Normal C:\Windows\system32\svchost.exe
nvvsvc.exe 1000 Normal C:\Windows\system32\nvvsvc.exe
svchost.exe 1032 Normal C:\Windows\system32\svchost.exe
Ati2evxx.exe 1168 Normal C:\Windows\system32\Ati2evxx.exe
svchost.exe 1184 Normal C:\Windows\System32\svchost.exe
svchost.exe 1212 Normal C:\Windows\System32\svchost.exe
svchost.exe 1224 Normal C:\Windows\system32\svchost.exe
svchost.exe 1368 Normal C:\Windows\system32\svchost.exe
SLsvc.exe 1388 Normal C:\Windows\system32\SLsvc.exe
svchost.exe 1432 Normal C:\Windows\system32\svchost.exe
rundll32.exe 1588 Normal C:\Windows\system32\rundll32.exe
svchost.exe 1600 Normal C:\Windows\system32\svchost.exe
Ati2evxx.exe 1700 Normal C:\Windows\system32\Ati2evxx.exe
spoolsv.exe 1912 Normal C:\Windows\System32\spoolsv.exe
svchost.exe 1948 Normal C:\Windows\system32\svchost.exe
Dwm.exe 416 High C:\Windows\system32\Dwm.exe
Explorer.EXE 784 Normal C:\Windows\Explorer.EXE
taskeng.exe 1012 Normal C:\Windows\system32\taskeng.exe
taskeng.exe 2116 Below Normal C:\Windows\system32\taskeng.exe
RtHDVCpl.exe 2260 Normal C:\Windows\RtHDVCpl.exe
jusched.exe 2304 Normal C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
avgtray.exe 2324 Normal C:\Program Files\AVG\AVG8\avgtray.exe
rundll32.exe 2364 Normal C:\Windows\System32\rundll32.exe
sm56hlpr.exe 2380 Normal C:\Windows\sm56hlpr.exe
sidebar.exe 2392 Normal C:\Program Files\Windows Sidebar\sidebar.exe
ehtray.exe 2400 Normal C:\Windows\ehome\ehtray.exe
SetPoint.exe 2508 Normal C:\Program Files\Logitech\SetPoint\SetPoint.exe
ehmsas.exe 2636 Normal C:\Windows\ehome\ehmsas.exe
KHALMNPR.EXE 2748 Normal C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
sidebar.exe 2924 Normal C:\Program Files\Windows Sidebar\sidebar.exe
avgwdsvc.exe 2936 Normal C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
SyncServicesBasics.exe 2964 Normal C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
svchost.exe 3024 Normal C:\Windows\system32\svchost.exe
svchost.exe 3132 Normal C:\Windows\System32\svchost.exe
svchost.exe 3200 Normal C:\Windows\System32\svchost.exe
svchost.exe 3220 Normal C:\Windows\system32\svchost.exe
svchost.exe 3884 Normal C:\Windows\system32\svchost.exe
svchost.exe 3952 Normal C:\Windows\System32\svchost.exe
SearchIndexer.exe 4000 Normal C:\Windows\system32\SearchIndexer.exe
fxssvc.exe 2000 Normal C:\Windows\system32\fxssvc.exe
avgrsx.exe 3816 Normal C:\PROGRA~1\AVG\AVG8\avgrsx.exe
unsecapp.exe 3684 Normal C:\Windows\system32\wbem\unsecapp.exe
wmiprvse.exe 3536 Normal C:\Windows\system32\wbem\wmiprvse.exe
usnsvc.exe 5880 Normal C:\Program Files\MSN Messenger\usnsvc.exe
iexplore.exe 4616 Normal C:\Program Files\Internet Explorer\iexplore.exe
NMIndexingService.exe 2012 Normal C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
WINWORD.EXE 284 Normal C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
AcroRd32.exe 5960 Normal C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
NOTEPAD.EXE 4796 Normal C:\Windows\system32\NOTEPAD.EXE
conime.exe 4284 Normal C:\Windows\system32\conime.exe
avant.exe 5176 Normal D:\Program install files\Avant browser\avant.exe
SearchProtocolHost.exe 4372 Idle C:\Windows\system32\SearchProtocolHost.exe
SearchFilterHost.exe 6120 Idle C:\Windows\system32\SearchFilterHost.exe
wmiprvse.exe 4976 Normal C:\Windows\system32\wbem\wmiprvse.exe
cmd.exe 3004 Normal C:\Windows\System32\cmd.exe
ntvdm.exe 3588 Normal C:\Windows\system32\ntvdm.exe
pv.exe 5400 Normal C:\ISEEYO~1\pv.exe

------------------------------------------------------------------------------------

Displaying Windows Services:

Name: AeLookupSvc
Display Name: Application Experience
Description: Processes application compatibility cache requests for applications as they are launched
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: ALG
Display Name: Application Layer Gateway Service
Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing
Path Name: C:\Windows\System32\alg.exe
Start Mode: Manual
State: Stopped

Name: Appinfo
Display Name: Application Information
Description: Facilitates the running of interactive applications with additional administrative privileges. If this service is stopped, users will be unable to launch applications with the additional administrative privileges they may require to perform desired user tasks.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: AppMgmt
Display Name: Application Management
Description: Processes installation, removal, and enumeration requests for software deployed through Group Policy. If the service is disabled, users will be unable to install, remove, or enumerate software deployed through Group Policy. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: Ati External Event Utility
Display Name: Ati External Event Utility
Description:
Path Name: C:\Windows\system32\Ati2evxx.exe
Start Mode: Auto
State: Running

Name: AudioEndpointBuilder
Display Name: Windows Audio Endpoint Builder
Description: Manages audio devices for the Windows Audio service. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: Audiosrv
Display Name: Windows Audio
Description: Manages audio for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Auto
State: Running

Name: avg8wd
Display Name: AVG8 WatchDog
Description:
Path Name: C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
Start Mode: Auto
State: Running

Name: Basics Service
Display Name: Basics Service
Description: Basics service for hardware interaction
Path Name: "C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe"
Start Mode: Auto
State: Running

Name: BFE
Display Name: Base Filtering Engine
Description: The Base Filtering Engine (BFE) is a service that manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Stopping or disabling the BFE service will significantly reduce the security of the system. It will also result in unpredictable behavior in IPsec management and firewall applications.
Path Name: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Start Mode: Auto
State: Running

Name: BITS
Display Name: Background Intelligent Transfer Service
Description: Transfers files in the background using idle network bandwidth. If the service is disabled, then any applications that depend on BITS, such as Windows Update or MSN Explorer, will be unable to automatically download programs and other information.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: Browser
Display Name: Computer Browser
Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: CertPropSvc
Display Name: Certificate Propagation
Description: Propagates certificates from smart cards.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: clr_optimization_v2.0.50727_32
Display Name: Microsoft .NET Framework NGEN v2.0.50727_X86
Description: Microsoft .NET Framework NGEN
Path Name: C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Start Mode: Manual
State: Stopped

Name: COMSysApp
Display Name: COM+ System Application
Description: Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Start Mode: Manual
State: Stopped

Name: CryptSvc
Display Name: Cryptographic Services
Description: Provides four management services: Catalog Database Service, which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; Automatic Root Certificate Update Service, which retrieves root certificates from Windows Update and enable scenarios such as SSL; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: CscService
Display Name: Offline Files
Description: The Offline Files service performs maintenance activities on the Offline Files cache, responds to user logon and logoff events, implements the internals of the public API, and dispatches interesting events to those interested in Offline Files activities and changes in cache state.
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: DcomLaunch
Display Name: DCOM Server Process Launcher
Description: Provides launch functionality for DCOM services.
Path Name: C:\Windows\system32\svchost.exe -k DcomLaunch
Start Mode: Auto
State: Running

Name: DFSR
Display Name: DFS Replication
Description: Enables you to synchronize folders on multiple servers across local or wide area network (WAN) network connections. This service uses the Remote Differential Compression (RDC) protocol to update only the portions of files that have changed since the last replication.
Path Name: C:\Windows\system32\DFSR.exe
Start Mode: Manual
State: Stopped

Name: Dhcp
Display Name: DHCP Client
Description: Registers and updates IP addresses and DNS records for this computer. If this service is stopped, this computer will not receive dynamic IP addresses and DNS updates. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Auto
State: Running

Name: Dnscache
Display Name: DNS Client
Description: The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer. If the service is stopped, DNS names will continue to be resolved. However, the results of DNS name queries will not be cached and the computer's name will not be registered. If the service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: dot3svc
Display Name: Wired AutoConfig
Description: This service performs IEEE 802.1X authentication on Ethernet interfaces
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Manual
State: Stopped

Name: DPS
Display Name: Diagnostic Policy Service
Description: The Diagnostic Policy Service enables problem detection, troubleshooting and resolution for Windows components. If this service is stopped, diagnostics will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
Start Mode: Auto
State: Running

Name: EapHost
Display Name: Extensible Authentication Protocol
Description: The Extensible Authentication Protocol (EAP) service provides network authentication in such scenarios as 802.1x wired and wireless, VPN, and Network Access Protection (NAP). EAP also provides application programming interfaces (APIs) that are used by network access clients, including wireless and VPN clients, during the authentication process. If you disable this service, this computer is prevented from accessing networks that require EAP authentication.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: ehRecvr
Display Name: Windows Media Center Receiver Service
Description: Windows Media Center Service for TV and FM broadcast reception
Path Name: C:\Windows\ehome\ehRecvr.exe
Start Mode: Manual
State: Stopped

Name: ehSched
Display Name: Windows Media Center Scheduler Service
Description: Starts and stops recording of TV programs within Windows Media Center
Path Name: C:\Windows\ehome\ehsched.exe
Start Mode: Manual
State: Stopped

Name: ehstart
Display Name: Windows Media Center Service Launcher
Description: Starts Windows Media Center Scheduler and Windows Media Center Receiver services at startup if TV is enabled within Windows Media Center.
Path Name: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Start Mode: Auto
State: Stopped

Name: EMDMgmt
Display Name: ReadyBoost
Description: Provides support for improving system performance using ReadyBoost.
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: Eventlog
Display Name: Windows Event Log
Description: This service manages events and event logs. It supports logging events, querying events, subscribing to events, archiving event logs, and managing event metadata. It can display events in both XML and plain text format. Stopping this service may compromise security and reliability of the system.
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Auto
State: Running

Name: EventSystem
Display Name: COM+ Event System
Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: Fax
Display Name: Fax
Description: Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network.
Path Name: C:\Windows\system32\fxssvc.exe
Start Mode: Auto
State: Running

Name: fdPHost
Display Name: Function Discovery Provider Host
Description: Host process for Function Discovery providers.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Running

Name: FDResPub
Display Name: Function Discovery Resource Publication
Description: Publishes this computer and resources attached to this computer so they can be discovered over the network. If this service is stopped, network resources will no longer be published and they will not be discovered by other computers on the network.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: FontCache3.0.0.0
Display Name: Windows Presentation Foundation Font Cache 3.0.0.0
Description: Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications.
Path Name: C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
Start Mode: Manual
State: Stopped

Name: gpsvc
Display Name: Group Policy Client
Description: The service is responsible for applying settings configured by administrators for the computer and users through the Group Policy component. If the service is stopped or disabled, the settings will not be applied and applications and components will not be manageable through Group Policy. Any components or applications that depend on the Group Policy component might not be functional if the service is stopped or disabled.
Path Name: C:\Windows\system32\svchost.exe -k GPSvcGroup
Start Mode: Auto
State: Running

Name: hidserv
Display Name: Human Interface Device Access
Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: hkmsvc
Display Name: Health Key and Certificate Management
Description: Provides X.509 certificate and key management services for the Network Access Protection Agent (NAPAgent). Enforcement technologies that use X.509 certificates may not function properly without this service
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: hpqcxs08
Display Name: hpqcxs08
Description:
Path Name: C:\Windows\system32\svchost.exe -k hpdevmgmt
Start Mode: Manual
State: Running

Name: hpqddsvc
Display Name: HP CUE DeviceDiscovery Service
Description: This service detects and monitors CUE devices on the system.
Path Name: C:\Windows\system32\svchost.exe -k hpdevmgmt
Start Mode: Auto
State: Running

Name: idsvc
Display Name: Windows CardSpace
Description: Securely enables the creation, management, and disclosure of digital identities.
Path Name: "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
Start Mode: Manual
State: Stopped

Name: IKEEXT
Display Name: IKE and AuthIP IPsec Keying Modules
Description: The IKEEXT service hosts the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules. These keying modules are used for authentication and key exchange in Internet Protocol security (IPsec). Stopping or disabling the IKEEXT service will disable IKE and AuthIP key exchange with peer computers. IPsec is typically configured to use IKE or AuthIP; therefore, stopping or disabling the IKEEXT service might result in an IPsec failure and might compromise the security of the system. It is strongly recommended that you have the IKEEXT service running.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: IPBusEnum
Display Name: PnP-X IP Bus Enumerator
Description: The PnP-X bus enumerator service manages the virtual network bus. It discovers network connected devices using the SSDP/WS discovery protocols and gives them presence in PnP. If this service is stopped or disabled, presence of NCD devices will not be maintained in PnP. All pnpx based scenarios will stop functioning.
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Manual
State: Stopped

Name: iphlpsvc
Display Name: IP Helper
Description: Provides automatic IPv6 connectivity over an IPv4 network. If this service is stopped, the machine will only have IPv6 connectivity if it is connected to a native IPv6 network.
Path Name: C:\Windows\System32\svchost.exe -k NetSvcs
Start Mode: Auto
State: Running

Name: KeyIso
Display Name: CNG Key Isolation
Description: The CNG key isolation service is hosted in the LSA process. The service provides key process isolation to private keys and associated cryptographic operations as required by the Common Criteria. The service stores and uses long-lived keys in a secure process complying with Common Criteria requirements.
Path Name: C:\Windows\system32\lsass.exe
Start Mode: Manual
State: Stopped

Name: KtmRm
Display Name: KtmRm for Distributed Transaction Coordinator
Description: Coordinates transactions between MSDTC and the Kernel Transaction Manager (KTM).
Path Name: C:\Windows\System32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: LanmanServer
Display Name: Server
Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: LanmanWorkstation
Display Name: Workstation
Description: Creates and maintains client network connections to remote servers using the SMB protocol. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: LBTServ
Display Name: Logitech Bluetooth Service
Description:
Path Name: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
Start Mode: Manual
State: Stopped

Name: lltdsvc
Display Name: Link-Layer Topology Discovery Mapper
Description: Creates a Network Map, consisting of PC and device topology (connectivity) information, and metadata describing each PC and device. If this service is disabled, the Network Map will not function properly.
Path Name: C:\Windows\System32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: lmhosts
Display Name: TCP/IP NetBIOS Helper
Description: Provides support for the NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution for clients on the network, therefore enabling users to share files, print, and log on to the network. If this service is stopped, these functions might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Auto
State: Running

Name: Mcx2Svc
Display Name: Windows Media Center Extender Service
Description: Allows Windows Media Center Extender devices to locate and connect to the computer.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Disabled
State: Stopped

Name: MMCSS
Display Name: Multimedia Class Scheduler
Description: Enables relative prioritization of work based on system-wide task priorities. This is intended mainly for multimedia applications. If this service is stopped, individual tasks resort to their default priority.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: MpsSvc
Display Name: Windows Firewall
Description: Windows Firewall helps protect your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network.
Path Name: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Start Mode: Auto
State: Running

Name: MSDTC
Display Name: Distributed Transaction Coordinator
Description: Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\msdtc.exe
Start Mode: Manual
State: Stopped

Name: MSiSCSI
Display Name: Microsoft iSCSI Initiator Service
Description: Manages Internet SCSI (iSCSI) sessions from this computer to remote iSCSI target devices. If this service is stopped, this computer will not be able to login or access iSCSI targets. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: msiserver
Display Name: Windows Installer
Description: Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\msiexec /V
Start Mode: Manual
State: Stopped

Name: napagent
Display Name: Network Access Protection Agent
Description: Enables Network Access Protection (NAP) functionality on client computers
Path Name: C:\Windows\System32\svchost.exe -k NetworkService
Start Mode: Manual
State: Stopped

Name: Net Driver HPZ12
Display Name: Net Driver HPZ12
Description:
Path Name: C:\Windows\System32\svchost.exe -k HPZ12
Start Mode: Auto
State: Running

Name: Netlogon
Display Name: Netlogon
Description: Maintains a secure channel between this computer and the domain controller for authenticating users and services. If this service is stopped, the computer may not authenticate users and services and the domain controller cannot register DNS records. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\lsass.exe
Start Mode: Manual
State: Stopped

Name: Netman
Display Name: Network Connections
Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Manual
State: Running

Name: netprofm
Display Name: Network List Service
Description: Identifies the networks to which the computer has connected, collects and stores properties for these networks, and notifies applications when these properties change.
Path Name: C:\Windows\System32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: NetTcpPortSharing
Display Name: Net.Tcp Port Sharing Service
Description: Provides ability to share TCP ports over the net.tcp protocol.
Path Name: "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Start Mode: Disabled
State: Stopped

Name: NlaSvc
Display Name: Network Location Awareness
Description: Collects and stores configuration information for the network and notifies programs when this information is modified. If this service is stopped, configuration information might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: NMIndexingService
Display Name: NMIndexingService
Description:
Path Name: "C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe"
Start Mode: Manual
State: Running

Name: nsi
Display Name: Network Store Interface Service
Description: This service delivers network notifications (e.g. interface addition/deleting etc) to user mode clients. Stopping this service will cause loss of network connectivity. If this service is disabled, any other services that explicitly depend on this service will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: nvsvc
Display Name: NVIDIA Display Driver Service
Description: Provides system and desktop level support to the NVIDIA display driver
Path Name: C:\Windows\system32\nvvsvc.exe
Start Mode: Auto
State: Running

Name: ose
Display Name: Office Source Engine
Description: Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.
Path Name: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Start Mode: Manual
State: Stopped

Name: p2pimsvc
Display Name: Peer Networking Identity Manager
Description: Provides Identity service for Peer Networking
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Manual
State: Stopped

Name: p2psvc
Display Name: Peer Networking Grouping
Description: Provides Peer Networking Grouping services
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Manual
State: Stopped

Name: PcaSvc
Display Name: Program Compatibility Assistant Service
Description: Provides support for the Program Compatibility Assistant. If this service is stopped, the Program Compatibility Assistant will not function properly. If this service is disabled, any services that depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: pla
Display Name: Performance Logs & Alerts
Description: Performance Logs and Alerts Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
Start Mode: Manual
State: Stopped

Name: PlugPlay
Display Name: Plug and Play
Description: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
Path Name: C:\Windows\system32\svchost.exe -k DcomLaunch
Start Mode: Auto
State: Running

Name: Pml Driver HPZ12
Display Name: Pml Driver HPZ12
Description:
Path Name: C:\Windows\System32\svchost.exe -k HPZ12
Start Mode: Auto
State: Running

Name: PNRPAutoReg
Display Name: PNRP Machine Name Publication Service
Description: This service publishes a machine name using the Peer Name Resolution Protocol. Configuration is managed via the netsh context 'p2p pnrp peer'
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Manual
State: Stopped

Name: PNRPsvc
Display Name: Peer Name Resolution Protocol
Description: Enables Serverless Peer Name Resolution over the Internet. If disabled, some Peer to Peer and Collaborative applications, such as Windows Meetings, may not function
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Manual
State: Stopped

Name: PolicyAgent
Display Name: IPsec Policy Agent
Description: Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool "netsh ipsec". If you stop this service, you may experience network connectivity issues if your policy requires that connections use IPsec. Also,remote management of Windows Firewall is not available when this service is stopped.
Path Name: C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
Start Mode: Auto
State: Running

Name: ProfSvc
Display Name: User Profile Service
Description: This service is responsible for loading and unloading user profiles. If this service is stopped or disabled, users will no longer be able to successfully logon or logoff, applications may have problems getting to users' data, and components registered to receive profile event notifications will not receive them.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: ProtectedStorage
Display Name: Protected Storage
Description: Provides protected storage for sensitive data, such as passwords, to prevent access by unauthorized services, processes, or users.
Path Name: C:\Windows\system32\lsass.exe
Start Mode: Manual
State: Stopped

Name: QWAVE
Display Name: Quality Windows Audio Video Experience
Description: Quality Windows Audio Video Experience (qWave) is a networking platform for Audio Video (AV) streaming applications on IP home networks. qWave enhances AV streaming performance and reliability by ensuring network quality-of-service (QoS) for AV applications. It provides mechanisms for admission control, run time monitoring and enforcement, application feedback, and traffic prioritization.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: RasAuto
Display Name: Remote Access Auto Connection Manager
Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: RasMan
Display Name: Remote Access Connection Manager
Description: Manages dial-up and virtual private network (VPN) connections from this computer to the Internet or other remote networks. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Running

Name: RemoteAccess
Display Name: Routing and Remote Access
Description: Offers routing services to businesses in local area and wide area network environments.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Disabled
State: Stopped

Name: RemoteRegistry
Display Name: Remote Registry
Description: Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k regsvc
Start Mode: Manual
State: Stopped

Name: RpcLocator
Display Name: Remote Procedure Call (RPC) Locator
Description: Manages the RPC name service database.
Path Name: C:\Windows\system32\locator.exe
Start Mode: Manual
State: Stopped

Name: RpcSs
Display Name: Remote Procedure Call (RPC)
Description: Serves as the endpoint mapper and COM Service Control Manager. If this service is stopped or disabled, programs using COM or Remote Procedure Call (RPC) services will not function properly.
Path Name: C:\Windows\system32\svchost.exe -k rpcss
Start Mode: Auto
State: Running

Name: SamSs
Display Name: Security Accounts Manager
Description: The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests. Disabling this service will prevent other services in the system from being notified when the SAM is ready, which may in turn cause those services to fail to start correctly. This service should not be disabled.
Path Name: C:\Windows\system32\lsass.exe
Start Mode: Auto
State: Running

Name: SCardSvr
Display Name: Smart Card
Description: Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: Schedule
Display Name: Task Scheduler
Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: SCPolicySvc
Display Name: Smart Card Removal Policy
Description: Allows the system to be configured to lock the user desktop upon smart card removal.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: SDRSVC
Display Name: Windows Backup
Description: Provides Windows Backup and Restore capabilities.
Path Name: C:\Windows\system32\svchost.exe -k SDRSVC
Start Mode: Manual
State: Stopped

Name: seclogon
Display Name: Secondary Logon
Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: SENS
Display Name: System Event Notification Service
Description: Monitors system events and notifies subscribers to COM+ Event System of these events.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: ServiceLayer
Display Name: ServiceLayer
Description:
Path Name: "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"
Start Mode: Manual
State: Stopped

Name: SessionEnv
Display Name: Terminal Services Configuration
Description: Terminal Services Configuration service (TSCS) is responsible for all Terminal Services and Remote Desktop related configuration and session maintenance activities that require SYSTEM context. These include per-session temporary folders, TS themes, and TS certificates.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: SharedAccess
Display Name: Internet Connection Sharing (ICS)
Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Disabled
State: Stopped

Name: ShellHWDetection
Display Name: Shell Hardware Detection
Description: Provides notifications for AutoPlay hardware events.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: slsvc
Display Name: Software Licensing
Description: Enables the download, installation and enforcement of digital licenses for Windows and Windows applications. If the service is disabled, the operating system and licensed applications may run in a reduced function mode.
Path Name: C:\Windows\system32\SLsvc.exe
Start Mode: Auto
State: Running

Name: SLUINotify
Display Name: SL UI Notification Service
Description: Provides Software Licensing activation and notification
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: SNMPTRAP
Display Name: SNMP Trap
Description: Receives trap messages generated by local or remote Simple Network Management Protocol (SNMP) agents and forwards the messages to SNMP management programs running on this computer. If this service is stopped, SNMP-based programs on this computer will not receive SNMP trap messages. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\snmptrap.exe
Start Mode: Manual
State: Stopped

Name: Spooler
Display Name: Print Spooler
Description: Loads files to memory for later printing
Path Name: C:\Windows\System32\spoolsv.exe
Start Mode: Auto
State: Running

Name: SSDPSRV
Display Name: SSDP Discovery
Description: Discovers networked devices and services that use the SSDP discovery protocol, such as UPnP devices. Also announces SSDP devices and services running on the local computer. If this service is stopped, SSDP-based devices will not be discovered. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Running

Name: SstpSvc
Display Name: Secure Socket Tunneling Protocol Service
Description: Provides support for the Secure Socket Tunneling Protocol (SSTP) to connect to remote computers using VPN. If this service is disabled, users will not be able to use SSTP to access remote servers.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Running

Name: STacSV
Display Name: Audio Service
Description: Manages audio jack configurations.
Path Name: C:\Windows\system32\STacSV.exe
Start Mode: Auto
State: Stopped

Name: stisvc
Display Name: Windows Image Acquisition (WIA)
Description: Provides image acquisition services for scanners and cameras
Path Name: C:\Windows\system32\svchost.exe -k imgsvc
Start Mode: Auto
State: Running

Name: swprv
Display Name: Microsoft Software Shadow Copy Provider
Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k swprv
Start Mode: Manual
State: Stopped

Name: SysMain
Display Name: Superfetch
Description: Maintains and improves system performance over time.
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: TabletInputService
Display Name: Tablet PC Input Service
Description: Enables Tablet PC pen and ink functionality
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: TapiSrv
Display Name: Telephony
Description: Provides Telephony API (TAPI) support for programs that control telephony devices on the local computer and, through the LAN, on servers that are also running the service.
Path Name: C:\Windows\System32\svchost.exe -k NetworkService
Start Mode: Manual
State: Running

Name: TBS
Display Name: TPM Base Services
Description: Enables access to the Trusted Platform Module (TPM), which provides hardware-based cryptographic services to system components and applications. If this service is stopped or disabled, applications will be unable to use keys protected by the TPM.
Path Name: C:\Windows\System32\svchost.exe -k LocalService
Start Mode: Auto
State: Stopped

Name: TermService
Display Name: Terminal Services
Description: Allows users to connect interactively to a remote computer. Remote Desktop and Terminal Server depend on this service. To prevent remote use of this computer, clear the checkboxes on the Remote tab of the System properties control panel item.
Path Name: C:\Windows\System32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: Themes
Display Name: Themes
Description: Provides user experience theme management.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: THREADORDER
Display Name: Thread Ordering Server
Description: Provides ordered execution for a group of threads within a specific period of time.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: TrkWks
Display Name: Distributed Link Tracking Client
Description: Maintains links between NTFS files within a computer or across computers in a network.
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: TrustedInstaller
Display Name: Windows Modules Installer
Description: Enables installation, modification, and removal of Windows updates and optional components. If this service is disabled, install or uninstall of Windows updates might fail for this computer.
Path Name: C:\Windows\servicing\TrustedInstaller.exe
Start Mode: Manual
State: Stopped

Name: UI0Detect
Display Name: Interactive Services Detection
Description: Enables user notification of user input for interactive services, which enables access to dialogs created by interactive services when they appear. If this service is stopped, notifications of new interactive service dialogs will no longer function and there may no longer be access to interactive service dialogs. If this service is disabled, both notifications of and access to new interactive service dialogs will no longer function.
Path Name: C:\Windows\system32\UI0Detect.exe
Start Mode: Manual
State: Stopped

Name: UmRdpService
Display Name: Terminal Services UserMode Port Redirector
Description: Allows the redirection of Printers/Drives/Ports for RDP connections
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Manual
State: Stopped

Name: upnphost
Display Name: UPnP Device Host
Description: Allows UPnP devices to be hosted on this computer. If this service is stopped, any hosted UPnP devices will stop functioning and no additional hosted devices can be added. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Running

Name: usnjsvc
Display Name: Messenger Sharing Folders USN Journal Reader service
Description: Service installed by Messenger to enable sharing scenarios
Path Name: "C:\Program Files\MSN Messenger\usnsvc.exe"
Start Mode: Manual
State: Running

Name: UxSms
Display Name: Desktop Window Manager Session Manager
Description: Provides Desktop Window Manager startup and maintenance services
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: vds
Display Name: Virtual Disk
Description: Provides management services for disks, volumes, file systems, and storage arrays.
Path Name: C:\Windows\System32\vds.exe
Start Mode: Manual
State: Stopped

Name: VSS
Display Name: Volume Shadow Copy
Description: Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\vssvc.exe
Start Mode: Manual
State: Stopped

Name: W32Time
Display Name: Windows Time
Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32
  • 0

#21
fagag
Posted 15 July 2008 - 01:49 PM

fagag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawdeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawe.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawebb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawebg.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawebh.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawebn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawebv.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawedb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kataweeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawefb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawegb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawehb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawenb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawerb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawesb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawev.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawevb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawfeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawqeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawrb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawreb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawseb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawwb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katazweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katfaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katgaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kathaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kathisomers.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katqaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katraweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katsaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katsweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kattaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katzaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kayaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kazaa-lite.ws

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kaztaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keinegefahr.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keithgreenpro.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kenmccaul.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keratomir.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keratomir2.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\key-codec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\key-ticket.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keycodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keygenguru.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\khcbaym.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kiataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\killerpornstars.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kilosex.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kimhines.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kimsoftware.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kinoru.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kintunhdefunhganmdesun.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kitehosting.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kjataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kkataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\klataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\klibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\klikadvertising.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kliksearch.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kliksoftware.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\klitegeneration.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\klitepro.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kmataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kmpads.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kmsn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\knowhowprotection.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\koataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kochrezepte-net.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kochrezepte-server.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\komforochka.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kqataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kr62.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\krankin.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ksataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ksdspups.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kstaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ktaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kuturoisus.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kyoishusei.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kzataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kzdh.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\l8bero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\l8ibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\l9bero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\l9ibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\landkarte.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\landrape.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lastsoftwares.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\laughnetwork.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lauraroebuck.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lavasoftupdate.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lavl-vicky.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lbiero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\leannalovelace.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lebenserwartung-online.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lebensprognose.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lebenstest.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\legal-at-spybot.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lerunjinkfeunhadesun.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lesbianpornmag.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lesbianspornmag.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lesobank.ru

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lets-get-it.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lets-get-it.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lets-get-it.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\li8bero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\li9bero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lib3ero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lib3ro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lib4ero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lib4ro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libdero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libdro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libe3ro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libe4o.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libe4ro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libe5o.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libe5ro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libedro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libeeo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libeero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libefro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libegro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liber0.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liber0o.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liber4o.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liber5o.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liber9.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberdo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libereo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberfo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libergo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberko.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberl.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberlo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libero0.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libero9.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberoi.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberok.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberol.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberop.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberpo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libertyonlinehosting.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libesro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libetro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libewro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libfero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libfro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libgero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libhero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libnero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libreo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\librero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libsero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libsro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libvero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libwero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libwro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ligbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ligero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\light-codec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lightcodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lightcodec.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lightspeedsearch.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lihbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lihero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lijbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\likbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lilbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewire-download-pro.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewire-mp3-share.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewire-pro-downloads.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewire2007pro.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewirenetwork.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewirezone.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\linbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\linero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lingerie-mania.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\linkautomatici.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\links4all.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\linksummary.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liobero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lisamatthew.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\little-download.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\little-help.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liubero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\livbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\livegambling.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liveholio.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\livenewspaper.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liveplayer.tv

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\livetds.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ljbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ljibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lkataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lkbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lkibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lkjrc.cn

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\llibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\llxxcx.cn

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\loading-lolita.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\locked-domain.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\logerau11.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\logih.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\loibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lollitop.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lolyousuck.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lookfor.cc

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\looking-for.cc

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lop.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lordoftibia.pl

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\louiseleeds.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\love-host.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\love-pix.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\loveadot.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lovedai.cn

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lovelas.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lovelysearch.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lovezest.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\low-taxes.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\loweradult.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lpibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lskdfjlerjvm.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\luckysearch.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\luibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lunitaweb.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lustful-[bleep].com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lyrik.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lzio.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mabou.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mackinnonsbrook.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\macrovirus.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\madfinder.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\madisonmoons.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\madisonoilco.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\madonalive.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\madsexxx.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mafiapics.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\magicsearch.ws

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mainstreamdollars.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\majuozawa.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\makin-do.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\male4free.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malware-scanner.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarealarm.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarebell.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarebot.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarecore.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwaredestructor.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarewipe.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarewiped.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarewipesupport.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarewipeupdate.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\map-quest.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\marilynchamber.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\marketdart.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\marketengines.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\marketing-know-how.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\marketingsector.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\marketplaces4u.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\martfinder.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\maseruijintunhangdnsfungans.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\masn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\massearch.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\master69.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\master70.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\master71.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\masterbar.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\masterpsp.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\matcash.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\matetrava.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mature50.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\matureporngate.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\maturepornmag.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\maturespornmag.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\maturetoolbar.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\maxdzines.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\maxifile.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\maxysize.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mayancasino.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mcafee-antivirus-2007.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mcboo.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mcdial.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mcgeeforlabor.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mdstunisie.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\me.uk

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\medcodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\media-codec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\media-codec.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\media-motor.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaactivex.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaactivexfile.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaactivexobject.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaactivextask.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaaxobject.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaaxproject.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaaxsetup.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaaxsolution.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaburning.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediabusnetwork.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediacodec.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediacodec2007.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediacount.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaobjectguide.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaobjectsite.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaobjectsource.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaplayer-2007.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaplayer-download-now.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaplayer-download.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaprojectaccess.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\medicare-insurance.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\medicare-supplemental.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mega-adult.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mega-codec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mega-dating-tips.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mega-downloads.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mega-soft-2008.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megago.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megalocast.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megapornix.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megasearchbar.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megaseek.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megashopes.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megaviruskit.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megcodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megumikanzaki.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meine-grafiken.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meine-grusskarten.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meizi7472831.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\members-site.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\memoiredefenseur.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\menacerescue.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\menacesecure.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mendingtool.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meshalynn.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mesn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meta-adult.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meta-casino.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meta-mobile.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meta-porn.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\metafora.ru

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\metapoisk.ru

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\metastop.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\methasearch.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mezzicodec.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mh8888.cn

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\miaminews365.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\michiyonakajima.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\miconsultamedica.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\micro-codec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\microantivirus.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\microantivirusxp.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\microsoftantispyware.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\midlets.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mikasakamoto.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mikoni.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\millennialpeople.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\millionenquiz.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\millonenquiz.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\minnesverktyg.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\miosearch.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mipham.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mirarsearch.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mircosoftantispy.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\misofthelp.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\missingcommand.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mitfahr-portal.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mixsearch.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mjsn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mkataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mksn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mmcodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mmcodecs.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mmmike.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mmohsix.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mnsn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mojtechnology.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mokead.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mommykiss.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\money-advertise.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\moneyhunters.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\montgomeryhospitalanesthesia.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mooncodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mooncodec.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\morexvids.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\morflot.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mortgage-debt.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mortismaximus.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\moscowwhores.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\motioncodecs.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\movappliance.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\movhelper.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\movie-tester.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\moviecategories.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\moviecodec.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\moviecodecs.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\moviedownloadreview.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\moviereality.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\movies-codecs.com

  • 0

#22
fagag
Posted 15 July 2008 - 01:49 PM

fagag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawdeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawe.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawebb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawebg.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawebh.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawebn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawebv.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawedb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kataweeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawefb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawegb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawehb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawenb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawerb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawesb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawev.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawevb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawfeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawqeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawrb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawreb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawseb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawwb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katazweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katfaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katgaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kathaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kathisomers.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katqaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katraweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katsaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katsweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kattaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katzaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kayaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kazaa-lite.ws

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kaztaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keinegefahr.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keithgreenpro.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kenmccaul.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keratomir.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keratomir2.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\key-codec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\key-ticket.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keycodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keygenguru.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\khcbaym.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kiataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\killerpornstars.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kilosex.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kimhines.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kimsoftware.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kinoru.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kintunhdefunhganmdesun.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kitehosting.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kjataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kkataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\klataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\klibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\klikadvertising.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kliksearch.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kliksoftware.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\klitegeneration.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\klitepro.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kmataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kmpads.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kmsn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\knowhowprotection.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\koataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kochrezepte-net.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kochrezepte-server.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\komforochka.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kqataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kr62.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\krankin.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ksataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ksdspups.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kstaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ktaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kuturoisus.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kyoishusei.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kzataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kzdh.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\l8bero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\l8ibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\l9bero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\l9ibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\landkarte.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\landrape.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lastsoftwares.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\laughnetwork.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lauraroebuck.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lavasoftupdate.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lavl-vicky.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lbiero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\leannalovelace.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lebenserwartung-online.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lebensprognose.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lebenstest.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\legal-at-spybot.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lerunjinkfeunhadesun.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lesbianpornmag.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lesbianspornmag.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lesobank.ru

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lets-get-it.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lets-get-it.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lets-get-it.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\li8bero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\li9bero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lib3ero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lib3ro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lib4ero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lib4ro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libdero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libdro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libe3ro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libe4o.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libe4ro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libe5o.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libe5ro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libedro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libeeo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libeero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libefro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libegro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liber0.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liber0o.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liber4o.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liber5o.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liber9.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberdo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libereo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberfo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libergo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberko.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberl.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberlo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libero0.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libero9.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberoi.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberok.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberol.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberop.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberpo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libertyonlinehosting.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libesro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libetro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libewro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libfero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libfro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libgero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libhero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libnero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libreo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\librero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libsero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libsro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libvero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libwero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libwro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ligbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ligero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\light-codec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lightcodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lightcodec.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lightspeedsearch.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lihbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lihero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lijbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\likbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lilbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewire-download-pro.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewire-mp3-share.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewire-pro-downloads.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewire2007pro.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewirenetwork.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewirezone.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\linbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\linero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lingerie-mania.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\linkautomatici.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\links4all.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\linksummary.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liobero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lisamatthew.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\little-download.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\little-help.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liubero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\livbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\livegambling.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liveholio.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\livenewspaper.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liveplayer.tv

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\livetds.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ljbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ljibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lkataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lkbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lkibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lkjrc.cn

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\llibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\llxxcx.cn

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\loading-lolita.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\locked-domain.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\logerau11.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\logih.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\loibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lollitop.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lolyousuck.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lookfor.cc

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\looking-for.cc

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lop.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lordoftibia.pl

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\louiseleeds.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\love-host.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\love-pix.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\loveadot.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lovedai.cn

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lovelas.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lovelysearch.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lovezest.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\low-taxes.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\loweradult.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lpibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lskdfjlerjvm.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\luckysearch.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\luibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lunitaweb.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lustful-[bleep].com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lyrik.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lzio.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mabou.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mackinnonsbrook.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\macrovirus.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\madfinder.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\madisonmoons.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\madisonoilco.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\madonalive.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\madsexxx.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mafiapics.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\magicsearch.ws

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mainstreamdollars.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\majuozawa.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\makin-do.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\male4free.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malware-scanner.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarealarm.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarebell.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarebot.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarecore.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwaredestructor.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarewipe.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarewiped.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarewipesupport.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\malwarewipeupdate.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\map-quest.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\marilynchamber.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\marketdart.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\marketengines.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\marketing-know-how.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\marketingsector.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\marketplaces4u.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\martfinder.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\maseruijintunhangdnsfungans.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\masn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\massearch.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\master69.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\master70.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\master71.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\masterbar.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\masterpsp.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\matcash.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\matetrava.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mature50.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\matureporngate.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\maturepornmag.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\maturespornmag.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\maturetoolbar.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\maxdzines.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\maxifile.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\maxysize.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mayancasino.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mcafee-antivirus-2007.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mcboo.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mcdial.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mcgeeforlabor.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mdstunisie.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\me.uk

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\medcodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\media-codec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\media-codec.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\media-motor.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaactivex.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaactivexfile.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaactivexobject.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaactivextask.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaaxobject.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaaxproject.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaaxsetup.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaaxsolution.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaburning.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediabusnetwork.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediacodec.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediacodec2007.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediacount.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaobjectguide.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaobjectsite.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaobjectsource.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaplayer-2007.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaplayer-download-now.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaplayer-download.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mediaprojectaccess.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\medicare-insurance.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\medicare-supplemental.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mega-adult.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mega-codec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mega-dating-tips.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mega-downloads.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mega-soft-2008.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megago.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megalocast.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megapornix.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megasearchbar.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megaseek.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megashopes.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megaviruskit.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megcodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\megumikanzaki.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meine-grafiken.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meine-grusskarten.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meizi7472831.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\members-site.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\memoiredefenseur.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\menacerescue.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\menacesecure.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mendingtool.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meshalynn.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mesn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meta-adult.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meta-casino.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meta-mobile.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\meta-porn.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\metafora.ru

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\metapoisk.ru

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\metastop.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\methasearch.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mezzicodec.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mh8888.cn

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\miaminews365.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\michiyonakajima.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\miconsultamedica.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\micro-codec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\microantivirus.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\microantivirusxp.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\microsoftantispyware.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\midlets.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mikasakamoto.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mikoni.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\millennialpeople.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\millionenquiz.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\millonenquiz.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\minnesverktyg.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\miosearch.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mipham.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mirarsearch.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mircosoftantispy.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\misofthelp.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\missingcommand.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mitfahr-portal.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mixsearch.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mjsn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mkataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mksn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mmcodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mmcodecs.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mmmike.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mmohsix.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mnsn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mojtechnology.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mokead.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mommykiss.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\money-advertise.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\moneyhunters.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\montgomeryhospitalanesthesia.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mooncodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mooncodec.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\morexvids.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\morflot.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mortgage-debt.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\mortismaximus.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\moscowwhores.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\motioncodecs.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\movappliance.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\movhelper.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\movie-tester.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\moviecategories.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\moviecodec.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\moviecodecs.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\moviedownloadreview.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\moviereality.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\movies-codecs.com

  • 0

#23
fenzodahl512
Posted 15 July 2008 - 02:11 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Hello.. can you attach the log please?

Please attach that textfile in your next reply..



Thank you :)
  • 0

#24
fagag
Posted 15 July 2008 - 11:51 PM

fagag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
DSS:

Deckard's System Scanner v20071014.68
Run by 007 on 2008-07-15 18:34:39
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-07-15 18:35:29
Platform: Windows Vista Service Pack 1 (6.00.6001)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\System32\dwm.exe
C:\Windows\explorer.exe
C:\Windows\System32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\sm56hlpr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
D:\EMULE\emule.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
D:\Program install files\Avant browser\avant.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Windows\System32\notepad.exe
C:\Windows\System32\notepad.exe
C:\Users\007\Desktop\virus\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [eMuleAutoStart] D:\EMULE\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: &יצא ל- Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: מחקר - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebo...toUploader5.cab
O16 - DPF: {43E3F87D-DE7F-4087-BD4F-0DC854981158} (CTAdjust Class) - http://download.micr...dd/clearadj.CAB
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab Class) - http://www.nvidia.co.../sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.co...iaSmartScan.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadbl...ivex/sabspx.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebo...Uploader4_5.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\System32\Ati2evxx.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgwdsvc.exe
O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\System32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\stacsv.exe


--
End of file - 7551 bytes

-- Files created between 2008-06-15 and 2008-07-15 -----------------------------

2008-07-15 17:56:33 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-13 22:30:33 0 d-------- C:\Program Files\VideoLAN
2008-07-13 18:14:43 0 d-------- C:\Windows\system32\appmgmt
2008-07-09 13:26:37 0 d-------- C:\Program Files\Panda Security
2008-07-09 13:12:19 0 d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-07-09 13:12:08 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-07-09 12:33:09 0 d-------- C:\Users\All Users\Malwarebytes
2008-07-09 12:14:50 0 d-------- C:\Program Files\Trend Micro
2008-07-07 14:49:30 0 d-------- C:\Program Files\VS Revo Group
2008-07-05 19:51:21 0 d-------- C:\Users\All Users\WEBREG
2008-07-05 19:45:58 0 d-------- C:\Program Files\Common Files\HP
2008-07-05 19:45:37 0 d-------- C:\Program Files\Hewlett-Packard
2008-07-05 19:45:26 0 d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-07-05 19:43:53 0 d-------- C:\Program Files\HP
2008-07-05 19:41:57 143913 --a------ C:\Windows\hpoins12.dat
2008-07-05 19:41:49 0 d-------- C:\Users\All Users\Hewlett-Packard
2008-07-05 19:41:45 0 d-------- C:\Users\All Users\HP
2008-07-05 19:41:28 258048 --a------ C:\Windows\system32\hpzids01.dll <Not Verified; Hewlett-Packard; HP Installer>
2008-07-05 19:41:26 117760 --a------ C:\Windows\system32\hpzll4v2.dll <Not Verified; Hewlett-Packard Company; Language Monitor>
2008-07-05 19:23:30 0 d-------- C:\Windows\Motorola
2008-06-28 16:27:56 0 d-------- C:\Program Files\MSECache
2008-06-27 15:59:38 0 d-------- C:\Users\All Users\NVIDIA
2008-06-27 15:46:42 0 d-------- C:\NVIDIA
2008-06-27 15:09:07 0 d-------- C:\Program Files\SystemRequirementsLab
2008-06-21 17:06:05 0 d-------- C:\Westwood
2008-06-20 20:48:49 56 --ah----- C:\Windows\system32\ezsidmv.dat
2008-06-20 20:46:09 0 d-------- C:\Program Files\Common Files\Skype
2008-06-20 20:45:09 0 d-------- C:\Users\All Users\Skype


-- Find3M Report ---------------------------------------------------------------

2008-07-15 13:42:47 0 d-------- C:\Users\007\AppData\Roaming\Image Zone Express
2008-07-14 21:10:47 0 d-------- C:\Program Files\Java
2008-07-13 22:31:03 0 d-------- C:\Users\007\AppData\Roaming\vlc
2008-07-13 18:14:47 0 d-------- C:\Users\007\AppData\Roaming\SUPERAntiSpyware.com
2008-07-13 18:14:42 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-13 18:12:13 0 d-------- C:\Users\007\AppData\Roaming\Skype
2008-07-13 17:12:16 0 d-------- C:\Users\007\AppData\Roaming\skypePM
2008-07-10 10:41:19 0 d-------- C:\Program Files\Windows Mail
2008-07-09 12:33:12 0 d-------- C:\Users\007\AppData\Roaming\Malwarebytes
2008-07-09 12:32:55 0 d-------- C:\Users\007\AppData\Roaming\Download Manager
2008-07-05 20:07:22 0 d-------- C:\Users\007\AppData\Roaming\Printer Info Cache
2008-07-05 19:55:23 0 d-------- C:\Users\007\AppData\Roaming\HP
2008-07-05 19:45:58 0 d-------- C:\Program Files\Common Files
2008-06-29 11:07:40 0 d-------- C:\Program Files\Common Files\Nero
2008-06-27 21:19:08 123242 --a------ C:\Users\007\AppData\Roaming\NMM-MetaData.db
2008-06-13 18:37:06 0 d-------- C:\Program Files\Ligos
2008-06-12 15:51:01 0 d-------- C:\Program Files\PacificPoker
2008-06-11 17:06:46 737280 --a------ C:\Windows\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-06-10 15:46:37 2656 --a------ C:\Windows\system32\io02.sys
2008-06-04 22:21:39 0 -rahs---- C:\MSDOS.SYS
2008-06-04 22:21:39 0 -rahs---- C:\IO.SYS
2008-06-04 21:56:40 0 d-------- C:\Program Files\AdVantage
2008-05-31 12:27:08 14 --a------ C:\Windows\system32\systeminfo.dll
2008-05-24 15:03:17 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-21 19:19:12 0 d-------- C:\Program Files\Microsoft Silverlight


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [01/19/2008 10:38 AM]
"RtHDVCpl"="RtHDVCpl.exe" [10/31/2007 01:35 PM C:\Windows\RtHDVCpl.exe]
"Skytel"="Skytel.exe" [10/11/2007 12:04 PM C:\Windows\SkyTel.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06/10/2008 04:27 AM]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [11/29/2007 03:17 AM C:\Windows\KHALMNPR.Exe]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [07/03/2008 10:21 PM]
"basicsmssmenu"="C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [10/09/2007 04:21 PM]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [05/16/2008 02:01 PM]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [05/16/2008 02:01 PM]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [03/01/2007 03:57 PM]
"SMSERIAL"="sm56hlpr.exe" [04/23/2003 03:48 PM C:\Windows\sm56hlpr.exe]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [01/19/2008 10:33 AM]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [01/19/2008 10:33 AM]
"eMuleAutoStart"="D:\EMULE\emule.exe" [04/05/2008 03:14 AM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [13/03/2008 19:11:52]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableUIADesktopToggle"=0 (0x0)
"EnableLUA"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\Windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^007^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
path=C:\Users\007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
backup=C:\Windows\pss\MagicDisc.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\basicsmssmenu]
"C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
"C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
"C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
"C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc
GPSvcGroup GPSvc
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt hpqcxs08 hpqddsvc


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration



-- End of Deckard's System Scanner: finished at 2008-07-15 18:36:07 ------------
  • 0

#25
fagag
Posted 15 July 2008 - 11:59 PM

fagag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
ISEEYOUXP:


********************************************************************************
****
ISeeYouXP v2.0 Beta 14

ISeeYouXP v1.3.0-v2.0 Beta 14 Copyright - ShadowPuterDude
ISeeYouXP v1.2.9 and earlier Copyright - PhilliePhan
------------------------------------------------------------------------------------
**** PLEASE NOTE THAT MOST (if not ALL) OF THE ITEMS BELOW ARE NOT BADDIES! ****
**** PLEASE CONSULT A KNOWLEDGEABLE PERSON BEFORE TAKING ANY ACTION. ****
********************************************************************************
****

Windows/Browser/Java Versions:

Microsoftr Windows VistaT Ultimate
Version: 6.0.6001
Service Pack: 1.0
Windows Directory: C:\Windows



Boot State: Normal boot

Scan done at 22:37:10.58, Tue 07/15/2008

------------------------------------------------------------------------------------

ISeeYouXP installation folder and files

"C:\ISeeYouXP\"
bootst~1.vbs 28 May 2007 359 "bootstate.vbs"
change.log 8 Jun 2008 5012 "change.log"
chodefix.bat 18 Apr 2007 5387 "chodefix.bat"
fixchode.reg 18 Apr 2007 528 "fixChode.reg"
fixexp~1.bat 24 Feb 2007 487 "FixExplorerPolicies.bat"
getunk~1.bat 12 Aug 2006 1478 "GetUnKeys.bat"
grep.exe 24 Dec 2004 160768 "grep.exe"
hideit.bat 17 Oct 2007 1072 "HideIT.bat"
ieinfo.vbs 28 May 2007 514 "ieinfo.vbs"
iesecu~1.bat 28 Oct 2007 72 "IESecurityZones.bat"
iesecu~1.vbs 8 Nov 2007 2399 "IESecurityZones.vbs"
iseeyo~1.bat 8 Jun 2008 211377 "ISeeYouXP.bat"
libico~1.dll 16 Mar 2004 898048 "libiconv2.dll"
libintl3.dll 9 Oct 2004 101888 "libintl3.dll"
locate.com 14 Jan 2005 11254 "locate.com"
md5sum.exe 5 Aug 2007 49152 "md5sum.exe"
msconf~1.bat 24 Feb 2007 578 "MSConfigFix.bat"
osinfo.vbs 28 May 2007 598 "osinfo.vbs"
pcbutts.txt 25 Mar 2007 5167 "PCBUTTS.TXT"
pcre.dll 14 Nov 2004 183313 "pcre.dll"
pv.exe 3 Mar 2006 73728 "pv.exe"
regedi~1.bat 30 Mar 2007 650 "RegEditFix.bat"
regfix.bat 18 Apr 2007 145 "Regfix.bat"
servic~1.vbs 28 May 2007 672 "servicesinfo.vbs"
showit.bat 17 Oct 2007 1013 "ShowIT.bat"
swreg.exe 5 Apr 2007 139776 "swreg.exe"
system~1.bat 28 Feb 2007 369 "SystemRestoreFix.bat"
taskmg~1.bat 24 Feb 2007 288 "TaskMgrFix.bat"

28 items found: 28 files, 0 directories.
Total of file sizes: 1,856,092 bytes 1.77 M
3 Dir(s) 12,835,479,552 bytes free

------------------------------------------------------------------------------------

System Environment Variables

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\007\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=TAMIR
ComSpec=C:\Windows\system32\cmd.exe
errcode=0
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\007
LOCALAPPDATA=C:\Users\007\AppData\Local
LOGONSERVER=\\TAMIR
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\007\AppData\Local\Temp
TMP=C:\Users\007\AppData\Local\Temp
USERDOMAIN=TAMIR
USERNAME=007
USERPROFILE=C:\Users\007
windir=C:\Windows

------------------------------------------------------------------------------------

Showing any Pocket Killbox backup files

No matches found.

------------------------------------------------------------------------------------

Displaying BOOT.INI:


------------------------------------------------------------------------------------

Displaying SYSTEM.INI:

; for 16-bit app support
[386Enh]
woafont=dosapp.fon
EGA80WOA.FON=EGA80WOA.FON
EGA40WOA.FON=EGA40WOA.FON
CGA80WOA.FON=CGA80WOA.FON
CGA40WOA.FON=CGA40WOA.FON

[drivers]
wave=mmdrv.dll
timer=timer.drv

[mci]

------------------------------------------------------------------------------------

Displaying WIN.INI:

; for 16-bit app support
[fonts]
[extensions]
[mci extensions]
[files]
[Mail]
MAPI=1
CMCDLLNAME32=mapi32.dll
CMCDLLNAME=mapi.dll
CMC=1
MAPIX=1
MAPIXVER=1.0.0.1
OLEMessaging=1
[MCI Extensions.BAK]
m2v=MPEGVideo
mod=MPEGVideo
[Readiris]
Scanner32=Twaino38,22
[I.R.I.S.]
reg_n=30000

------------------------------------------------------------------------------------

Displaying AUTOEXEC.BAT:

REM Dummy file for NTVDM
------------------------------------------------------------------------------------

Displaying CONFIG.SYS:

FILES=40

------------------------------------------------------------------------------------

Displaying Running Processes:

PROCESS PID PRIO PATH
smss.exe 520 Normal C:\Windows\System32\smss.exe
csrss.exe 588 Normal C:\Windows\system32\csrss.exe
wininit.exe 640 High C:\Windows\system32\wininit.exe
csrss.exe 648 Normal C:\Windows\system32\csrss.exe
services.exe 696 Normal C:\Windows\system32\services.exe
lsass.exe 740 Normal C:\Windows\system32\lsass.exe
lsm.exe 748 Normal C:\Windows\system32\lsm.exe
winlogon.exe 876 High C:\Windows\system32\winlogon.exe
svchost.exe 956 Normal C:\Windows\system32\svchost.exe
nvvsvc.exe 1000 Normal C:\Windows\system32\nvvsvc.exe
svchost.exe 1032 Normal C:\Windows\system32\svchost.exe
Ati2evxx.exe 1168 Normal C:\Windows\system32\Ati2evxx.exe
svchost.exe 1184 Normal C:\Windows\System32\svchost.exe
svchost.exe 1212 Normal C:\Windows\System32\svchost.exe
svchost.exe 1224 Normal C:\Windows\system32\svchost.exe
svchost.exe 1368 Normal C:\Windows\system32\svchost.exe
SLsvc.exe 1388 Normal C:\Windows\system32\SLsvc.exe
svchost.exe 1432 Normal C:\Windows\system32\svchost.exe
rundll32.exe 1588 Normal C:\Windows\system32\rundll32.exe
svchost.exe 1600 Normal C:\Windows\system32\svchost.exe
Ati2evxx.exe 1700 Normal C:\Windows\system32\Ati2evxx.exe
spoolsv.exe 1912 Normal C:\Windows\System32\spoolsv.exe
svchost.exe 1948 Normal C:\Windows\system32\svchost.exe
Dwm.exe 416 High C:\Windows\system32\Dwm.exe
Explorer.EXE 784 Normal C:\Windows\Explorer.EXE
taskeng.exe 1012 Normal C:\Windows\system32\taskeng.exe
taskeng.exe 2116 Below Normal C:\Windows\system32\taskeng.exe
RtHDVCpl.exe 2260 Normal C:\Windows\RtHDVCpl.exe
jusched.exe 2304 Normal C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
avgtray.exe 2324 Normal C:\Program Files\AVG\AVG8\avgtray.exe
rundll32.exe 2364 Normal C:\Windows\System32\rundll32.exe
sm56hlpr.exe 2380 Normal C:\Windows\sm56hlpr.exe
sidebar.exe 2392 Normal C:\Program Files\Windows Sidebar\sidebar.exe
ehtray.exe 2400 Normal C:\Windows\ehome\ehtray.exe
SetPoint.exe 2508 Normal C:\Program Files\Logitech\SetPoint\SetPoint.exe
ehmsas.exe 2636 Normal C:\Windows\ehome\ehmsas.exe
KHALMNPR.EXE 2748 Normal C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
sidebar.exe 2924 Normal C:\Program Files\Windows Sidebar\sidebar.exe
avgwdsvc.exe 2936 Normal C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
SyncServicesBasics.exe 2964 Normal C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
svchost.exe 3024 Normal C:\Windows\system32\svchost.exe
svchost.exe 3132 Normal C:\Windows\System32\svchost.exe
svchost.exe 3200 Normal C:\Windows\System32\svchost.exe
svchost.exe 3220 Normal C:\Windows\system32\svchost.exe
svchost.exe 3884 Normal C:\Windows\system32\svchost.exe
svchost.exe 3952 Normal C:\Windows\System32\svchost.exe
SearchIndexer.exe 4000 Normal C:\Windows\system32\SearchIndexer.exe
fxssvc.exe 2000 Normal C:\Windows\system32\fxssvc.exe
avgrsx.exe 3816 Normal C:\PROGRA~1\AVG\AVG8\avgrsx.exe
unsecapp.exe 3684 Normal C:\Windows\system32\wbem\unsecapp.exe
wmiprvse.exe 3536 Normal C:\Windows\system32\wbem\wmiprvse.exe
usnsvc.exe 5880 Normal C:\Program Files\MSN Messenger\usnsvc.exe
iexplore.exe 4616 Normal C:\Program Files\Internet Explorer\iexplore.exe
NMIndexingService.exe 2012 Normal C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
WINWORD.EXE 284 Normal C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
AcroRd32.exe 5960 Normal C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
NOTEPAD.EXE 4796 Normal C:\Windows\system32\NOTEPAD.EXE
conime.exe 4284 Normal C:\Windows\system32\conime.exe
avant.exe 5176 Normal D:\Program install files\Avant browser\avant.exe
SearchProtocolHost.exe 4372 Idle C:\Windows\system32\SearchProtocolHost.exe
SearchFilterHost.exe 6120 Idle C:\Windows\system32\SearchFilterHost.exe
wmiprvse.exe 4976 Normal C:\Windows\system32\wbem\wmiprvse.exe
cmd.exe 3004 Normal C:\Windows\System32\cmd.exe
ntvdm.exe 3588 Normal C:\Windows\system32\ntvdm.exe
pv.exe 5400 Normal C:\ISEEYO~1\pv.exe

------------------------------------------------------------------------------------

Displaying Windows Services:

Name: AeLookupSvc
Display Name: Application Experience
Description: Processes application compatibility cache requests for applications as they are launched
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: ALG
Display Name: Application Layer Gateway Service
Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing
Path Name: C:\Windows\System32\alg.exe
Start Mode: Manual
State: Stopped

Name: Appinfo
Display Name: Application Information
Description: Facilitates the running of interactive applications with additional administrative privileges. If this service is stopped, users will be unable to launch applications with the additional administrative privileges they may require to perform desired user tasks.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: AppMgmt
Display Name: Application Management
Description: Processes installation, removal, and enumeration requests for software deployed through Group Policy. If the service is disabled, users will be unable to install, remove, or enumerate software deployed through Group Policy. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: Ati External Event Utility
Display Name: Ati External Event Utility
Description:
Path Name: C:\Windows\system32\Ati2evxx.exe
Start Mode: Auto
State: Running

Name: AudioEndpointBuilder
Display Name: Windows Audio Endpoint Builder
Description: Manages audio devices for the Windows Audio service. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: Audiosrv
Display Name: Windows Audio
Description: Manages audio for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Auto
State: Running

Name: avg8wd
Display Name: AVG8 WatchDog
Description:
Path Name: C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
Start Mode: Auto
State: Running

Name: Basics Service
Display Name: Basics Service
Description: Basics service for hardware interaction
Path Name: "C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe"
Start Mode: Auto
State: Running

Name: BFE
Display Name: Base Filtering Engine
Description: The Base Filtering Engine (BFE) is a service that manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Stopping or disabling the BFE service will significantly reduce the security of the system. It will also result in unpredictable behavior in IPsec management and firewall applications.
Path Name: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Start Mode: Auto
State: Running

Name: BITS
Display Name: Background Intelligent Transfer Service
Description: Transfers files in the background using idle network bandwidth. If the service is disabled, then any applications that depend on BITS, such as Windows Update or MSN Explorer, will be unable to automatically download programs and other information.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: Browser
Display Name: Computer Browser
Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: CertPropSvc
Display Name: Certificate Propagation
Description: Propagates certificates from smart cards.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: clr_optimization_v2.0.50727_32
Display Name: Microsoft .NET Framework NGEN v2.0.50727_X86
Description: Microsoft .NET Framework NGEN
Path Name: C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Start Mode: Manual
State: Stopped

Name: COMSysApp
Display Name: COM+ System Application
Description: Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Start Mode: Manual
State: Stopped

Name: CryptSvc
Display Name: Cryptographic Services
Description: Provides four management services: Catalog Database Service, which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; Automatic Root Certificate Update Service, which retrieves root certificates from Windows Update and enable scenarios such as SSL; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: CscService
Display Name: Offline Files
Description: The Offline Files service performs maintenance activities on the Offline Files cache, responds to user logon and logoff events, implements the internals of the public API, and dispatches interesting events to those interested in Offline Files activities and changes in cache state.
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: DcomLaunch
Display Name: DCOM Server Process Launcher
Description: Provides launch functionality for DCOM services.
Path Name: C:\Windows\system32\svchost.exe -k DcomLaunch
Start Mode: Auto
State: Running

Name: DFSR
Display Name: DFS Replication
Description: Enables you to synchronize folders on multiple servers across local or wide area network (WAN) network connections. This service uses the Remote Differential Compression (RDC) protocol to update only the portions of files that have changed since the last replication.
Path Name: C:\Windows\system32\DFSR.exe
Start Mode: Manual
State: Stopped

Name: Dhcp
Display Name: DHCP Client
Description: Registers and updates IP addresses and DNS records for this computer. If this service is stopped, this computer will not receive dynamic IP addresses and DNS updates. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Auto
State: Running

Name: Dnscache
Display Name: DNS Client
Description: The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer. If the service is stopped, DNS names will continue to be resolved. However, the results of DNS name queries will not be cached and the computer's name will not be registered. If the service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: dot3svc
Display Name: Wired AutoConfig
Description: This service performs IEEE 802.1X authentication on Ethernet interfaces
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Manual
State: Stopped

Name: DPS
Display Name: Diagnostic Policy Service
Description: The Diagnostic Policy Service enables problem detection, troubleshooting and resolution for Windows components. If this service is stopped, diagnostics will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
Start Mode: Auto
State: Running

Name: EapHost
Display Name: Extensible Authentication Protocol
Description: The Extensible Authentication Protocol (EAP) service provides network authentication in such scenarios as 802.1x wired and wireless, VPN, and Network Access Protection (NAP). EAP also provides application programming interfaces (APIs) that are used by network access clients, including wireless and VPN clients, during the authentication process. If you disable this service, this computer is prevented from accessing networks that require EAP authentication.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: ehRecvr
Display Name: Windows Media Center Receiver Service
Description: Windows Media Center Service for TV and FM broadcast reception
Path Name: C:\Windows\ehome\ehRecvr.exe
Start Mode: Manual
State: Stopped

Name: ehSched
Display Name: Windows Media Center Scheduler Service
Description: Starts and stops recording of TV programs within Windows Media Center
Path Name: C:\Windows\ehome\ehsched.exe
Start Mode: Manual
State: Stopped

Name: ehstart
Display Name: Windows Media Center Service Launcher
Description: Starts Windows Media Center Scheduler and Windows Media Center Receiver services at startup if TV is enabled within Windows Media Center.
Path Name: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Start Mode: Auto
State: Stopped

Name: EMDMgmt
Display Name: ReadyBoost
Description: Provides support for improving system performance using ReadyBoost.
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: Eventlog
Display Name: Windows Event Log
Description: This service manages events and event logs. It supports logging events, querying events, subscribing to events, archiving event logs, and managing event metadata. It can display events in both XML and plain text format. Stopping this service may compromise security and reliability of the system.
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Auto
State: Running

Name: EventSystem
Display Name: COM+ Event System
Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: Fax
Display Name: Fax
Description: Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network.
Path Name: C:\Windows\system32\fxssvc.exe
Start Mode: Auto
State: Running

Name: fdPHost
Display Name: Function Discovery Provider Host
Description: Host process for Function Discovery providers.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Running

Name: FDResPub
Display Name: Function Discovery Resource Publication
Description: Publishes this computer and resources attached to this computer so they can be discovered over the network. If this service is stopped, network resources will no longer be published and they will not be discovered by other computers on the network.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: FontCache3.0.0.0
Display Name: Windows Presentation Foundation Font Cache 3.0.0.0
Description: Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications.
Path Name: C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
Start Mode: Manual
State: Stopped

Name: gpsvc
Display Name: Group Policy Client
Description: The service is responsible for applying settings configured by administrators for the computer and users through the Group Policy component. If the service is stopped or disabled, the settings will not be applied and applications and components will not be manageable through Group Policy. Any components or applications that depend on the Group Policy component might not be functional if the service is stopped or disabled.
Path Name: C:\Windows\system32\svchost.exe -k GPSvcGroup
Start Mode: Auto
State: Running

Name: hidserv
Display Name: Human Interface Device Access
Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: hkmsvc
Display Name: Health Key and Certificate Management
Description: Provides X.509 certificate and key management services for the Network Access Protection Agent (NAPAgent). Enforcement technologies that use X.509 certificates may not function properly without this service
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: hpqcxs08
Display Name: hpqcxs08
Description:
Path Name: C:\Windows\system32\svchost.exe -k hpdevmgmt
Start Mode: Manual
State: Running

Name: hpqddsvc
Display Name: HP CUE DeviceDiscovery Service
Description: This service detects and monitors CUE devices on the system.
Path Name: C:\Windows\system32\svchost.exe -k hpdevmgmt
Start Mode: Auto
State: Running

Name: idsvc
Display Name: Windows CardSpace
Description: Securely enables the creation, management, and disclosure of digital identities.
Path Name: "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
Start Mode: Manual
State: Stopped

Name: IKEEXT
Display Name: IKE and AuthIP IPsec Keying Modules
Description: The IKEEXT service hosts the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules. These keying modules are used for authentication and key exchange in Internet Protocol security (IPsec). Stopping or disabling the IKEEXT service will disable IKE and AuthIP key exchange with peer computers. IPsec is typically configured to use IKE or AuthIP; therefore, stopping or disabling the IKEEXT service might result in an IPsec failure and might compromise the security of the system. It is strongly recommended that you have the IKEEXT service running.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: IPBusEnum
Display Name: PnP-X IP Bus Enumerator
Description: The PnP-X bus enumerator service manages the virtual network bus. It discovers network connected devices using the SSDP/WS discovery protocols and gives them presence in PnP. If this service is stopped or disabled, presence of NCD devices will not be maintained in PnP. All pnpx based scenarios will stop functioning.
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Manual
State: Stopped

Name: iphlpsvc
Display Name: IP Helper
Description: Provides automatic IPv6 connectivity over an IPv4 network. If this service is stopped, the machine will only have IPv6 connectivity if it is connected to a native IPv6 network.
Path Name: C:\Windows\System32\svchost.exe -k NetSvcs
Start Mode: Auto
State: Running

Name: KeyIso
Display Name: CNG Key Isolation
Description: The CNG key isolation service is hosted in the LSA process. The service provides key process isolation to private keys and associated cryptographic operations as required by the Common Criteria. The service stores and uses long-lived keys in a secure process complying with Common Criteria requirements.
Path Name: C:\Windows\system32\lsass.exe
Start Mode: Manual
State: Stopped

Name: KtmRm
Display Name: KtmRm for Distributed Transaction Coordinator
Description: Coordinates transactions between MSDTC and the Kernel Transaction Manager (KTM).
Path Name: C:\Windows\System32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: LanmanServer
Display Name: Server
Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: LanmanWorkstation
Display Name: Workstation
Description: Creates and maintains client network connections to remote servers using the SMB protocol. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: LBTServ
Display Name: Logitech Bluetooth Service
Description:
Path Name: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
Start Mode: Manual
State: Stopped

Name: lltdsvc
Display Name: Link-Layer Topology Discovery Mapper
Description: Creates a Network Map, consisting of PC and device topology (connectivity) information, and metadata describing each PC and device. If this service is disabled, the Network Map will not function properly.
Path Name: C:\Windows\System32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: lmhosts
Display Name: TCP/IP NetBIOS Helper
Description: Provides support for the NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution for clients on the network, therefore enabling users to share files, print, and log on to the network. If this service is stopped, these functions might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Auto
State: Running

Name: Mcx2Svc
Display Name: Windows Media Center Extender Service
Description: Allows Windows Media Center Extender devices to locate and connect to the computer.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Disabled
State: Stopped

Name: MMCSS
Display Name: Multimedia Class Scheduler
Description: Enables relative prioritization of work based on system-wide task priorities. This is intended mainly for multimedia applications. If this service is stopped, individual tasks resort to their default priority.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: MpsSvc
Display Name: Windows Firewall
Description: Windows Firewall helps protect your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network.
Path Name: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Start Mode: Auto
State: Running

Name: MSDTC
Display Name: Distributed Transaction Coordinator
Description: Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\msdtc.exe
Start Mode: Manual
State: Stopped

Name: MSiSCSI
Display Name: Microsoft iSCSI Initiator Service
Description: Manages Internet SCSI (iSCSI) sessions from this computer to remote iSCSI target devices. If this service is stopped, this computer will not be able to login or access iSCSI targets. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: msiserver
Display Name: Windows Installer
Description: Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\msiexec /V
Start Mode: Manual
State: Stopped

Name: napagent
Display Name: Network Access Protection Agent
Description: Enables Network Access Protection (NAP) functionality on client computers
Path Name: C:\Windows\System32\svchost.exe -k NetworkService
Start Mode: Manual
State: Stopped

Name: Net Driver HPZ12
Display Name: Net Driver HPZ12
Description:
Path Name: C:\Windows\System32\svchost.exe -k HPZ12
Start Mode: Auto
State: Running

Name: Netlogon
Display Name: Netlogon
Description: Maintains a secure channel between this computer and the domain controller for authenticating users and services. If this service is stopped, the computer may not authenticate users and services and the domain controller cannot register DNS records. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\lsass.exe
Start Mode: Manual
State: Stopped

Name: Netman
Display Name: Network Connections
Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Manual
State: Running

Name: netprofm
Display Name: Network List Service
Description: Identifies the networks to which the computer has connected, collects and stores properties for these networks, and notifies applications when these properties change.
Path Name: C:\Windows\System32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: NetTcpPortSharing
Display Name: Net.Tcp Port Sharing Service
Description: Provides ability to share TCP ports over the net.tcp protocol.
Path Name: "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Start Mode: Disabled
State: Stopped

Name: NlaSvc
Display Name: Network Location Awareness
Description: Collects and stores configuration information for the network and notifies programs when this information is modified. If this service is stopped, configuration information might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: NMIndexingService
Display Name: NMIndexingService
Description:
Path Name: "C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe"
Start Mode: Manual
State: Running

Name: nsi
Display Name: Network Store Interface Service
Description: This service delivers network notifications (e.g. interface addition/deleting etc) to user mode clients. Stopping this service will cause loss of network connectivity. If this service is disabled, any other services that explicitly depend on this service will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: nvsvc
Display Name: NVIDIA Display Driver Service
Description: Provides system and desktop level support to the NVIDIA display driver
Path Name: C:\Windows\system32\nvvsvc.exe
Start Mode: Auto
State: Running

Name: ose
Display Name: Office Source Engine
Description: Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.
Path Name: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Start Mode: Manual
State: Stopped

Name: p2pimsvc
Display Name: Peer Networking Identity Manager
Description: Provides Identity service for Peer Networking
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Manual
State: Stopped

Name: p2psvc
Display Name: Peer Networking Grouping
Description: Provides Peer Networking Grouping services
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Manual
State: Stopped

Name: PcaSvc
Display Name: Program Compatibility Assistant Service
Description: Provides support for the Program Compatibility Assistant. If this service is stopped, the Program Compatibility Assistant will not function properly. If this service is disabled, any services that depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: pla
Display Name: Performance Logs & Alerts
Description: Performance Logs and Alerts Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
Start Mode: Manual
State: Stopped

Name: PlugPlay
Display Name: Plug and Play
Description: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
Path Name: C:\Windows\system32\svchost.exe -k DcomLaunch
Start Mode: Auto
State: Running

Name: Pml Driver HPZ12
Display Name: Pml Driver HPZ12
Description:
Path Name: C:\Windows\System32\svchost.exe -k HPZ12
Start Mode: Auto
State: Running

Name: PNRPAutoReg
Display Name: PNRP Machine Name Publication Service
Description: This service publishes a machine name using the Peer Name Resolution Protocol. Configuration is managed via the netsh context 'p2p pnrp peer'
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Manual
State: Stopped

Name: PNRPsvc
Display Name: Peer Name Resolution Protocol
Description: Enables Serverless Peer Name Resolution over the Internet. If disabled, some Peer to Peer and Collaborative applications, such as Windows Meetings, may not function
Path Name: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Start Mode: Manual
State: Stopped

Name: PolicyAgent
Display Name: IPsec Policy Agent
Description: Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool "netsh ipsec". If you stop this service, you may experience network connectivity issues if your policy requires that connections use IPsec. Also,remote management of Windows Firewall is not available when this service is stopped.
Path Name: C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
Start Mode: Auto
State: Running

Name: ProfSvc
Display Name: User Profile Service
Description: This service is responsible for loading and unloading user profiles. If this service is stopped or disabled, users will no longer be able to successfully logon or logoff, applications may have problems getting to users' data, and components registered to receive profile event notifications will not receive them.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: ProtectedStorage
Display Name: Protected Storage
Description: Provides protected storage for sensitive data, such as passwords, to prevent access by unauthorized services, processes, or users.
Path Name: C:\Windows\system32\lsass.exe
Start Mode: Manual
State: Stopped

Name: QWAVE
Display Name: Quality Windows Audio Video Experience
Description: Quality Windows Audio Video Experience (qWave) is a networking platform for Audio Video (AV) streaming applications on IP home networks. qWave enhances AV streaming performance and reliability by ensuring network quality-of-service (QoS) for AV applications. It provides mechanisms for admission control, run time monitoring and enforcement, application feedback, and traffic prioritization.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: RasAuto
Display Name: Remote Access Auto Connection Manager
Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: RasMan
Display Name: Remote Access Connection Manager
Description: Manages dial-up and virtual private network (VPN) connections from this computer to the Internet or other remote networks. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Running

Name: RemoteAccess
Display Name: Routing and Remote Access
Description: Offers routing services to businesses in local area and wide area network environments.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Disabled
State: Stopped

Name: RemoteRegistry
Display Name: Remote Registry
Description: Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k regsvc
Start Mode: Manual
State: Stopped

Name: RpcLocator
Display Name: Remote Procedure Call (RPC) Locator
Description: Manages the RPC name service database.
Path Name: C:\Windows\system32\locator.exe
Start Mode: Manual
State: Stopped

Name: RpcSs
Display Name: Remote Procedure Call (RPC)
Description: Serves as the endpoint mapper and COM Service Control Manager. If this service is stopped or disabled, programs using COM or Remote Procedure Call (RPC) services will not function properly.
Path Name: C:\Windows\system32\svchost.exe -k rpcss
Start Mode: Auto
State: Running

Name: SamSs
Display Name: Security Accounts Manager
Description: The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests. Disabling this service will prevent other services in the system from being notified when the SAM is ready, which may in turn cause those services to fail to start correctly. This service should not be disabled.
Path Name: C:\Windows\system32\lsass.exe
Start Mode: Auto
State: Running

Name: SCardSvr
Display Name: Smart Card
Description: Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: Schedule
Display Name: Task Scheduler
Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: SCPolicySvc
Display Name: Smart Card Removal Policy
Description: Allows the system to be configured to lock the user desktop upon smart card removal.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: SDRSVC
Display Name: Windows Backup
Description: Provides Windows Backup and Restore capabilities.
Path Name: C:\Windows\system32\svchost.exe -k SDRSVC
Start Mode: Manual
State: Stopped

Name: seclogon
Display Name: Secondary Logon
Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: SENS
Display Name: System Event Notification Service
Description: Monitors system events and notifies subscribers to COM+ Event System of these events.
Path Name: C:\Windows\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: ServiceLayer
Display Name: ServiceLayer
Description:
Path Name: "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"
Start Mode: Manual
State: Stopped

Name: SessionEnv
Display Name: Terminal Services Configuration
Description: Terminal Services Configuration service (TSCS) is responsible for all Terminal Services and Remote Desktop related configuration and session maintenance activities that require SYSTEM context. These include per-session temporary folders, TS themes, and TS certificates.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: SharedAccess
Display Name: Internet Connection Sharing (ICS)
Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Disabled
State: Stopped

Name: ShellHWDetection
Display Name: Shell Hardware Detection
Description: Provides notifications for AutoPlay hardware events.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: slsvc
Display Name: Software Licensing
Description: Enables the download, installation and enforcement of digital licenses for Windows and Windows applications. If the service is disabled, the operating system and licensed applications may run in a reduced function mode.
Path Name: C:\Windows\system32\SLsvc.exe
Start Mode: Auto
State: Running

Name: SLUINotify
Display Name: SL UI Notification Service
Description: Provides Software Licensing activation and notification
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: SNMPTRAP
Display Name: SNMP Trap
Description: Receives trap messages generated by local or remote Simple Network Management Protocol (SNMP) agents and forwards the messages to SNMP management programs running on this computer. If this service is stopped, SNMP-based programs on this computer will not receive SNMP trap messages. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\snmptrap.exe
Start Mode: Manual
State: Stopped

Name: Spooler
Display Name: Print Spooler
Description: Loads files to memory for later printing
Path Name: C:\Windows\System32\spoolsv.exe
Start Mode: Auto
State: Running

Name: SSDPSRV
Display Name: SSDP Discovery
Description: Discovers networked devices and services that use the SSDP discovery protocol, such as UPnP devices. Also announces SSDP devices and services running on the local computer. If this service is stopped, SSDP-based devices will not be discovered. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Running

Name: SstpSvc
Display Name: Secure Socket Tunneling Protocol Service
Description: Provides support for the Secure Socket Tunneling Protocol (SSTP) to connect to remote computers using VPN. If this service is disabled, users will not be able to use SSTP to access remote servers.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Running

Name: STacSV
Display Name: Audio Service
Description: Manages audio jack configurations.
Path Name: C:\Windows\system32\STacSV.exe
Start Mode: Auto
State: Stopped

Name: stisvc
Display Name: Windows Image Acquisition (WIA)
Description: Provides image acquisition services for scanners and cameras
Path Name: C:\Windows\system32\svchost.exe -k imgsvc
Start Mode: Auto
State: Running

Name: swprv
Display Name: Microsoft Software Shadow Copy Provider
Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\System32\svchost.exe -k swprv
Start Mode: Manual
State: Stopped

Name: SysMain
Display Name: Superfetch
Description: Maintains and improves system performance over time.
Path Name: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: TabletInputService
Display Name: Tablet PC Input Service
Description: Enables Tablet PC pen and ink functionality
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: TapiSrv
Display Name: Telephony
Description: Provides Telephony API (TAPI) support for programs that control telephony devices on the local computer and, through the LAN, on servers that are also running the service.
Path Name: C:\Windows\System32\svchost.exe -k NetworkService
Start Mode: Manual
State: Running

Name: TBS
Display Name: TPM Base Services
Description: Enables access to the Trusted Platform Module (TPM), which provides hardware-based cryptographic services to system components and applications. If this service is stopped or disabled, applications will be unable to use keys protected by the TPM.
Path Name: C:\Windows\System32\svchost.exe -k LocalService
Start Mode: Auto
State: Stopped

Name: TermService
Display Name: Terminal Services
Description: Allows users to connect interactively to a remote computer. Remote Desktop and Terminal Server depend on this service. To prevent remote use of this computer, clear the checkboxes on the Remote tab of the System properties control panel item.
Path Name: C:\Windows\System32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: Themes
Display Name: Themes
Description: Provides user experience theme management.
Path Name: C:\Windows\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: THREADORDER
Display Name: Thread Ordering Server
Description: Provides ordered execution for a group of threads within a specific period of time.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: TrkWks
Display Name: Distributed Link Tracking Client
Description: Maintains links between NTFS files within a computer or across computers in a network.
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: TrustedInstaller
Display Name: Windows Modules Installer
Description: Enables installation, modification, and removal of Windows updates and optional components. If this service is disabled, install or uninstall of Windows updates might fail for this computer.
Path Name: C:\Windows\servicing\TrustedInstaller.exe
Start Mode: Manual
State: Stopped

Name: UI0Detect
Display Name: Interactive Services Detection
Description: Enables user notification of user input for interactive services, which enables access to dialogs created by interactive services when they appear. If this service is stopped, notifications of new interactive service dialogs will no longer function and there may no longer be access to interactive service dialogs. If this service is disabled, both notifications of and access to new interactive service dialogs will no longer function.
Path Name: C:\Windows\system32\UI0Detect.exe
Start Mode: Manual
State: Stopped

Name: UmRdpService
Display Name: Terminal Services UserMode Port Redirector
Description: Allows the redirection of Printers/Drives/Ports for RDP connections
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Manual
State: Stopped

Name: upnphost
Display Name: UPnP Device Host
Description: Allows UPnP devices to be hosted on this computer. If this service is stopped, any hosted UPnP devices will stop functioning and no additional hosted devices can be added. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Running

Name: usnjsvc
Display Name: Messenger Sharing Folders USN Journal Reader service
Description: Service installed by Messenger to enable sharing scenarios
Path Name: "C:\Program Files\MSN Messenger\usnsvc.exe"
Start Mode: Manual
State: Running

Name: UxSms
Display Name: Desktop Window Manager Session Manager
Description: Provides Desktop Window Manager startup and maintenance services
Path Name: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Start Mode: Auto
State: Running

Name: vds
Display Name: Virtual Disk
Description: Provides management services for disks, volumes, file systems, and storage arrays.
Path Name: C:\Windows\System32\vds.exe
Start Mode: Manual
State: Stopped

Name: VSS
Display Name: Volume Shadow Copy
Description: Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\vssvc.exe
Start Mode: Manual
State: Stopped

Name: W32Time
Display Name: Windows Time
Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: C:\Windows\system32\svchost.e
  • 0

Advertisements

#26
fagag
Posted 16 July 2008 - 12:05 AM

fagag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
part 2::::



HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hotstars2008-17.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hotstartpage.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hotwinupdates.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hq-downloads.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hqadultvideos.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hqcodectime.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hqcodecvip.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hqexplicitvids.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hqsex.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hqthefilmsxxx.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\htiscali.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\httpwwwads.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hu15.ru

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hugefreevids.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hugeinvention.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hugeporn4u.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hugevideoszone.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hukommelsesbeskytter.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hunacsa.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\huntbar.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hupacasath.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hushware.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hut1.ru

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hwgate.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hypermart.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hypoteches.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\hzsx.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\i-femdom.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\i-lookup.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\i-nt-e-r-n-e-t.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\i-used.cc

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iaxobjectdownload.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ibankis.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ibmx.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ibsprogram.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\icansearch.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iconfessonline.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iconnectyou.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\icpcn.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ictmanufacture.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ictprivate.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\icwb.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\icwo.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\icwp.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\idblg.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iddh.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\idgsearch.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\idhh.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\idnserror.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\idoiteasily.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\idolikemovies.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\idownload.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ie-search.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iedefender.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iednserror.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iefeadsl.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ieplugin.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ieprotectpage.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iesafetypage.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iesafetywarning.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iesecurepage.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iesecuritybar.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iesecuritytool.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ifeelyou.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ifiz.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iframe.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iframebiz.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\igetnet.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\igfight.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ignphrases.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iguu.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ihavewet[bleep]pussy.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ikataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ilbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\imageactivexsolution.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\imageaxaccesssoft.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\imagemediaax.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\imagescontrol.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\imagesezine.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\imagespecials.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\imcodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\imcurtain.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\imediacodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\imergeyou.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\imiserver.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\imp3download.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\imrworldwide.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\imusicadvance.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\inc-codec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\incest-host.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\incestporngate.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\incredimail-download-now.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\incredimail-hq.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\incredimailpro.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\infectedkernel.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\infodigger.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\infoglobus.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\infostore.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\infport.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\inherhole.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\inibo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\inktomi.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\innovagest2000.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\insertthiscock.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\instafinder.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\installcash.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\installmoviepro.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\installobject.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\installprovider.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\installvaxobject.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\instantpsp.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\insurance-flood.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\insuranceall.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\intcodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\interactivebrands.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\internationalmarketingfirm.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\internet-explorer.name

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\internet-media-download.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\internet-optimizer.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\internetanonymizer.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\internetgamebox.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\internetsearch.ru

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\internetsearchservice.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ionichost.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ionomist.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ipo.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ipod-itunes-download-now.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ipod-music-store.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ipod-tunes-download.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ipod-wiz.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ipoddownloadingpro.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ipointyou.hk

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ipsex.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ipspdownload.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iqfight.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iqsearch.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iqtest.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ireit.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\irfanview-center.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\irfanview-download-now.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\irfanview-stop.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ironcarteam.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\is-best.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iscali.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\isee080.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ishowbao.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\israilq.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\istarthere.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\itfindout.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\itknown.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\itsanal.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\itseasy.us

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\itunesandipods.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\itunesfreebies.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\itvdownload.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iugate.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iunibo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iunige.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iunimi.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iunipd.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iunipg.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iunipv.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iunito.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ivideocodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iwantsearch.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iweb-commerce.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iwebland.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\iwon.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ixcodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ixcodec.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jackpot-advertising.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jackpotcheck.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jeannineoldfield.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jerrynews.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jetcodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jethomepage.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jetseeker.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jinkinyunhdefunkasderun.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jkataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jmhgallery.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jmsn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\joannelatham.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jobusiness.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jpeg2007.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jps.ru

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\judin.ru

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jumptothat.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\junkysex.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\jupitersatellites.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\justcount.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\juyatinjesaza.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\k-lined.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\k-litegold.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\k-litepro.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\k-litetk.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\k8l.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\k9instructor.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kaaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kabex.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kaftaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kagtaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kahtaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kannylizaciya.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kaqtaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\karachun.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\karaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kartaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kastaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kataaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katadweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kataeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kataeeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kataewb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kataeweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kataqeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kataqweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katasearch.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katasweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawaeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawdeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawe.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawebb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawebg.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawebh.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawebn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawebv.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawedb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kataweeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawefb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawegb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawehb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawenb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawerb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawesb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawev.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawevb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawfeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawqeb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawrb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawreb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawseb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawwb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katawweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katazweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katfaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katgaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kathaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kathisomers.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katqaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katraweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katsaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katsweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kattaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\katzaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kayaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kazaa-lite.ws

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kaztaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keinegefahr.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keithgreenpro.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kenmccaul.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keratomir.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keratomir2.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\key-codec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\key-ticket.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keycodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\keygenguru.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\khcbaym.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kiataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\killerpornstars.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kilosex.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kimhines.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kimsoftware.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kinoru.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kintunhdefunhganmdesun.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kitehosting.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kjataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kkataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\klataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\klibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\klikadvertising.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kliksearch.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kliksoftware.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\klitegeneration.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\klitepro.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kmataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kmpads.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kmsn.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\knowhowprotection.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\koataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kochrezepte-net.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kochrezepte-server.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\komforochka.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kqataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kr62.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\krankin.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ksataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ksdspups.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kstaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ktaweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kuturoisus.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kyoishusei.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kzataweb.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\kzdh.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\l8bero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\l8ibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\l9bero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\l9ibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\landkarte.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\landrape.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lastsoftwares.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\laughnetwork.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lauraroebuck.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lavasoftupdate.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lavl-vicky.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lbiero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\leannalovelace.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lebenserwartung-online.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lebensprognose.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lebenstest.de

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\legal-at-spybot.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lerunjinkfeunhadesun.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lesbianpornmag.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lesbianspornmag.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lesobank.ru

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lets-get-it.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lets-get-it.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lets-get-it.org

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\li8bero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\li9bero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lib3ero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lib3ro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lib4ero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lib4ro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libdero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libdro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libe3ro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libe4o.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libe4ro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libe5o.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libe5ro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libedro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libeeo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libeero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libefro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libegro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liber0.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liber0o.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liber4o.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liber5o.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liber9.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberdo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libereo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberfo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libergo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberko.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberl.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberlo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libero0.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libero9.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberoi.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberok.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberol.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberop.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberpo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liberro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libertyonlinehosting.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libesro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libetro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libewro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libfero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libfro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libgero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libhero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libnero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libreo.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\librero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libsero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libsro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libvero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libwero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\libwro.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ligbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\ligero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\light-codec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lightcodec.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lightcodec.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lightspeedsearch.net

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lihbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lihero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\liibero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lijbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\likbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lilbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewire-download-pro.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewire-mp3-share.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewire-pro-downloads.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewire2007pro.info

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewirenetwork.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\limewirezone.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\linbero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\linero.it

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\lingerie-mania.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\linkautomatici.com

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\links4all.biz

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\zonemap\domains\linksumm
  • 0

#27
fenzodahl512
Posted 16 July 2008 - 09:12 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Please refer to the picture below.. Please use Add Reply button..

At the right-end corner at below of your reply page, you will see a picture like below.. Click it for further view..

Posted Image


Browse your ISeeYouXP.txt file and press the UPLOAD button next to it..

Then press Add Reply


Regards
fenzodahl512

Edited by fenzodahl512, 16 July 2008 - 09:13 AM.

  • 0

#28
fagag
Posted 16 July 2008 - 11:30 AM

fagag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
HI
please view the attach file
  • 0

#29
fenzodahl512
Posted 16 July 2008 - 11:37 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Hello, I can't view the attached file...


Make sure you press the UPLOAD button and wait untill the uploading attachment is completed before you press the Add Reply button...


Regards
fenzodahl512
  • 0

#30
fagag
Posted 16 July 2008 - 11:39 AM

fagag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
it says im not allow to upload any files...
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP