Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Caishow on my wifes computer [Closed]


  • This topic is locked This topic is locked

#1
ldstoodley

ldstoodley

    Member

  • Member
  • PipPip
  • 22 posts
My wifes desktop has Caishow on it I found it with Spybot search and destroy it says it removes it but the next time I boot it's back. Norton internet security doesn't see it. Malware bytes finds it but again if i remove it with malwarebytes it's back on the next boot I tried cc cleaner but no luck. I did a search on the web but found this is a tricky thing to remove I could use some help.I also cleaned my temp files with no results. I understand this Caishow has been around for a long time I would have thought somthing would have been added to a viruse scanner by now sheesh The computer I'm useing is mine and not infected Should I be writing you on the infected computer?
Thank you for your time.
Larry Stoodley
  • 0

Advertisements


#2
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hello ldstoodley and welcome to GeeksToGo :)

I'm GLeobas and I'm going to help you fix your problem.

Please note that I'm currently in training and my posts have to be approved by an expert before I reply.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • Please do not try to fix anything without being asked
  • I suggest you print or save any instructions I give you for easy reference. We may be using Safe mode and you will not always be able to access this thread.
  • I am currently reviewing your logs.

  • 0

#3
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
# Step 1 #

Please, post the log generated by MalwareBytes' Anti-Malware.
  • Run the MalwareBytes and go to the Logs tab
  • Search for the log that contains the files found by MBAM.

    Malware bytes finds it but again if i remove it with malwarebytes it's back on the next boot

# Step 2 #

Download aswMBR.exe ( 1.8mB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image

# Step 3 #

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • In Extra Registry, select Use SafeList
  • Under the Custom Scan box paste this in
    netsvcs
    msconfig
    %SYSTEMDRIVE%\*.*
    %systemdrive%\drivers\*.exe
    %systemroot%\system32\drivers\*.* /90
    %PROGRAMFILES%\*.*
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    C:\Windows\assembly\tmp\U /s
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

  • 0

#4
ldstoodley

ldstoodley

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Good evening:
I first have to say I made a mistake It was Spy-bot serch and destroy and the online scanner from eset that finds caishow the line below is from spybot

--- Search result list ---
Caishow: [SBI $89760EE9] Application ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\AppID\Download.DLL

User abort!: Scan was not completed successfully. (Status)



--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2010-11-18 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2011-03-18 Includes\Adware.sbi (*)
2011-08-29 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2010-12-14 Includes\Dialer.sbi (*)
2011-03-08 Includes\DialerC.sbi (*)
2011-02-24 Includes\HeavyDuty.sbi (*)
2011-03-29 Includes\Hijackers.sbi (*)
2011-10-04 Includes\HijackersC.sbi (*)
2010-09-15 Includes\iPhone.sbi (*)
2010-12-14 Includes\Keyloggers.sbi (*)
2011-09-27 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2011-10-31 Includes\Malware.sbi (*)
2011-11-08 Includes\MalwareC.sbi (*)
2011-02-24 Includes\PUPS.sbi (*)
2011-10-11 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2011-02-24 Includes\Security.sbi (*)
2011-05-03 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2011-10-18 Includes\Spyware.sbi (*)
2011-10-18 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2011-09-28 Includes\Trojans.sbi (*)
2011-11-09 Includes\TrojansC-02.sbi (*)
2011-11-09 Includes\TrojansC-03.sbi (*)
2011-10-28 Includes\TrojansC-04.sbi (*)
2011-11-03 Includes\TrojansC-05.sbi (*)
2011-11-09 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll



--- System information ---
Windows XP (Build: 2600) Service Pack 3 (5.1.2600)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB2572066)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB953295)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB979904)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Service Pack 3
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Security Update (KB2572067)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Security Update (KB979906)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ KB968930 / SP10: Windows Management Framework Core
/ Media Center 2005 / SP4: Update Rollup 2 for Windows XP Media Center Edition 2005
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB973688)
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB923723)
/ Windows Media Encoder: Security Update for Windows Media Encoder (KB2447961)
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player: Security Update for Windows Media Player (KB2378111)
/ Windows Media Player: Security Update for Windows Media Player (KB952069)
/ Windows Media Player: Security Update for Windows Media Player (KB954155)
/ Windows Media Player: Security Update for Windows Media Player (KB973540)
/ Windows Media Player: Security Update for Windows Media Player (KB973540)
/ Windows Media Player: Security Update for Windows Media Player (KB975558)
/ Windows Media Player: Security Update for Windows Media Player (KB978695)
/ Windows Media Player 10: Update for Windows Media Player 10 (KB913800)
/ Windows Media Player 10: Update for Windows Media Player 10 (KB926251)
/ Windows Media Player 11: Hotfix for Windows Media Player 11 (KB939683)
/ Windows Media Player 11: Security Update for Windows Media Player 11 (KB954154)
/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
/ Windows XP: Security Update for Windows XP (KB941569)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB2360131)
/ Windows XP / SP0: Update for Windows Internet Explorer 8 (KB2362765)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB2416400)
/ Windows XP / SP0: Update for Windows Internet Explorer 8 (KB2447568)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB2482017)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB2497640)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB2510531)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB2530548)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB2544521)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB2559049)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB2586448)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB971961)
/ Windows XP / SP0: Update for Windows Internet Explorer 8 (KB976662)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB981332)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB982381)
/ Windows XP / SP10: Security Update for Microsoft Windows (KB2564958)
/ Windows XP / SP10: Update for Microsoft Windows (KB971513)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP3: Windows XP Service Pack 3
/ Windows XP / SP4: Security Update for Windows XP (KB2079403)
/ Windows XP / SP4: Security Update for Windows XP (KB2115168)
/ Windows XP / SP4: Security Update for Windows XP (KB2121546)
/ Windows XP / SP4: Update for Windows XP (KB2141007)
/ Windows XP / SP4: Hotfix for Windows XP (KB2158563)
/ Windows XP / SP4: Security Update for Windows XP (KB2229593)
/ Windows XP / SP4: Security Update for Windows XP (KB2259922)
/ Windows XP / SP4: Security Update for Windows XP (KB2279986)
/ Windows XP / SP4: Security Update for Windows XP (KB2286198)
/ Windows XP / SP4: Security Update for Windows XP (KB2296011)
/ Windows XP / SP4: Security Update for Windows XP (KB2296199)
/ Windows XP / SP4: Update for Windows XP (KB2345886)
/ Windows XP / SP4: Security Update for Windows XP (KB2347290)
/ Windows XP / SP4: Security Update for Windows XP (KB2360937)
/ Windows XP / SP4: Security Update for Windows XP (KB2387149)
/ Windows XP / SP4: Security Update for Windows XP (KB2393802)
/ Windows XP / SP4: Security Update for Windows XP (KB2412687)
/ Windows XP / SP4: Security Update for Windows XP (KB2419632)
/ Windows XP / SP4: Security Update for Windows XP (KB2423089)
/ Windows XP / SP4: Security Update for Windows XP (KB2436673)
/ Windows XP / SP4: Security Update for Windows XP (KB2440591)
/ Windows XP / SP4: Security Update for Windows XP (KB2443105)
/ Windows XP / SP4: Hotfix for Windows XP (KB2443685)
/ Windows XP / SP4: Update for Windows XP (KB2467659)
/ Windows XP / SP4: Security Update for Windows XP (KB2476490)
/ Windows XP / SP4: Security Update for Windows XP (KB2476687)
/ Windows XP / SP4: Security Update for Windows XP (KB2478960)
/ Windows XP / SP4: Security Update for Windows XP (KB2478971)
/ Windows XP / SP4: Security Update for Windows XP (KB2479628)
/ Windows XP / SP4: Security Update for Windows XP (KB2481109)
/ Windows XP / SP4: Security Update for Windows XP (KB2483185)
/ Windows XP / SP4: Security Update for Windows XP (KB2485376)
/ Windows XP / SP4: Security Update for Windows XP (KB2485663)
/ Windows XP / SP4: Security Update for Windows XP (KB2491683)
/ Windows XP / SP4: Update for Windows XP (KB2492386)
/ Windows XP / SP4: Security Update for Windows XP (KB2503658)
/ Windows XP / SP4: Security Update for Windows XP (KB2503665)
/ Windows XP / SP4: Security Update for Windows XP (KB2506212)
/ Windows XP / SP4: Security Update for Windows XP (KB2506223)
/ Windows XP / SP4: Security Update for Windows XP (KB2507618)
/ Windows XP / SP4: Security Update for Windows XP (KB2507938)
/ Windows XP / SP4: Security Update for Windows XP (KB2508272)
/ Windows XP / SP4: Security Update for Windows XP (KB2508429)
/ Windows XP / SP4: Security Update for Windows XP (KB2509553)
/ Windows XP / SP4: Security Update for Windows XP (KB2511455)
/ Windows XP / SP4: Security Update for Windows XP (KB2524375)
/ Windows XP / SP4: Security Update for Windows XP (KB2535512)
/ Windows XP / SP4: Security Update for Windows XP (KB2536276)
/ Windows XP / SP4: Security Update for Windows XP (KB2536276-v2)
/ Windows XP / SP4: Update for Windows XP (KB2541763)
/ Windows XP / SP4: Security Update for Windows XP (KB2544893)
/ Windows XP / SP4: Security Update for Windows XP (KB2544893-v2)
/ Windows XP / SP4: Security Update for Windows XP (KB2555917)
/ Windows XP / SP4: Security Update for Windows XP (KB2562937)
/ Windows XP / SP4: Security Update for Windows XP (KB2566454)
/ Windows XP / SP4: Security Update for Windows XP (KB2567053)
/ Windows XP / SP4: Security Update for Windows XP (KB2567680)
/ Windows XP / SP4: Security Update for Windows XP (KB2570222)
/ Windows XP / SP4: Hotfix for Windows XP (KB2570791)
/ Windows XP / SP4: Security Update for Windows XP (KB2570947)
/ Windows XP / SP4: Microsoft .NET Framework 1.0 Hotfix (KB2572066)
/ Windows XP / SP4: Security Update for Windows XP (KB2592799)
/ Windows XP / SP4: Update for Windows XP (KB2607712)
/ Windows XP / SP4: Update for Windows XP (KB2616676)
/ Windows XP / SP4: Update for Windows XP (KB2641690)
/ Windows XP / SP4: Hotfix for Windows XP (KB915800-v4)
/ Windows XP / SP4: Security Update for Windows XP (KB923561)
/ Windows XP / SP4: Security Update for Windows XP (KB946648)
/ Windows XP / SP4: Security Update for Windows XP (KB950760)
/ Windows XP / SP4: Security Update for Windows XP (KB950762)
/ Windows XP / SP4: Security Update for Windows XP (KB950974)
/ Windows XP / SP4: Security Update for Windows XP (KB951376-v2)
/ Windows XP / SP4: Security Update for Windows XP (KB951748)
/ Windows XP / SP4: Update for Windows XP (KB951978)
/ Windows XP / SP4: Security Update for Windows XP (KB952004)
/ Windows XP / SP4: Hotfix for Windows XP (KB952287)
/ Windows XP / SP4: Security Update for Windows XP (KB952954)
/ Windows XP / SP4: Update for Windows XP (KB953356)
/ Windows XP / SP4: Hotfix for Windows XP (KB954550-v5)
/ Windows XP / SP4: Security Update for Windows XP (KB955069)
/ Windows XP / SP4: Update for Windows XP (KB955759)
/ Windows XP / SP4: Security Update for Windows XP (KB956572)
/ Windows XP / SP4: Security Update for Windows XP (KB956744)
/ Windows XP / SP4: Security Update for Windows XP (KB956802)
/ Windows XP / SP4: Security Update for Windows XP (KB956803)
/ Windows XP / SP4: Security Update for Windows XP (KB956844)
/ Windows XP / SP4: Security Update for Windows XP (KB958644)
/ Windows XP / SP4: Security Update for Windows XP (KB958869)
/ Windows XP / SP4: Security Update for Windows XP (KB959426)
/ Windows XP / SP4: Security Update for Windows XP (KB960225)
/ Windows XP / SP4: Security Update for Windows XP (KB960803)
/ Windows XP / SP4: Security Update for Windows XP (KB960859)
/ Windows XP / SP4: Hotfix for Windows XP (KB961118)
/ Windows XP / SP4: Security Update for Windows XP (KB961501)
/ Windows XP / SP4: Update for Windows XP (KB967715)
/ Windows XP / SP4: Update for Windows XP (KB968389)
/ Windows XP / SP4: Security Update for Windows XP (KB969059)
/ Windows XP / SP4: Security Update for Windows XP (KB970238)
/ Windows XP / SP4: Security Update for Windows XP (KB970430)
/ Windows XP / SP4: Update for Windows XP (KB971029)
/ Windows XP / SP4: Security Update for Windows XP (KB971468)
/ Windows XP / SP4: Security Update for Windows XP (KB971657)
/ Windows XP / SP4: Update for Windows XP (KB971737)
/ Windows XP / SP4: Security Update for Windows XP (KB972270)
/ Windows XP / SP4: Security Update for Windows XP (KB973507)
/ Windows XP / SP4: Update for Windows XP (KB973687)
/ Windows XP / SP4: Update for Windows XP (KB973815)
/ Windows XP / SP4: Security Update for Windows XP (KB973869)
/ Windows XP / SP4: Security Update for Windows XP (KB973904)
/ Windows XP / SP4: Security Update for Windows XP (KB974112)
/ Windows XP / SP4: Security Update for Windows XP (KB974318)
/ Windows XP / SP4: Security Update for Windows XP (KB974392)
/ Windows XP / SP4: Security Update for Windows XP (KB974571)
/ Windows XP / SP4: Security Update for Windows XP (KB975025)
/ Windows XP / SP4: Security Update for Windows XP (KB975467)
/ Windows XP / SP4: Security Update for Windows XP (KB975560)
/ Windows XP / SP4: Security Update for Windows XP (KB975561)
/ Windows XP / SP4: Security Update for Windows XP (KB975562)
/ Windows XP / SP4: Security Update for Windows XP (KB975713)
/ Windows XP / SP4: Security Update for Windows XP (KB977816)
/ Windows XP / SP4: Security Update for Windows XP (KB977914)
/ Windows XP / SP4: Security Update for Windows XP (KB978037)
/ Windows XP / SP4: Security Update for Windows XP (KB978338)
/ Windows XP / SP4: Security Update for Windows XP (KB978542)
/ Windows XP / SP4: Security Update for Windows XP (KB978601)
/ Windows XP / SP4: Security Update for Windows XP (KB978706)
/ Windows XP / SP4: Security Update for Windows XP (KB979309)
/ Windows XP / SP4: Security Update for Windows XP (KB979482)
/ Windows XP / SP4: Security Update for Windows XP (KB979559)
/ Windows XP / SP4: Security Update for Windows XP (KB979683)
/ Windows XP / SP4: Security Update for Windows XP (KB979687)
/ Windows XP / SP4: Security Update for Windows XP (KB980195)
/ Windows XP / SP4: Security Update for Windows XP (KB980218)
/ Windows XP / SP4: Security Update for Windows XP (KB980232)
/ Windows XP / SP4: Security Update for Windows XP (KB980436)
/ Windows XP / SP4: Security Update for Windows XP (KB981322)
/ Windows XP / SP4: Hotfix for Windows XP (KB981793)
/ Windows XP / SP4: Security Update for Windows XP (KB981852)
/ Windows XP / SP4: Security Update for Windows XP (KB981957)
/ Windows XP / SP4: Security Update for Windows XP (KB981997)
/ Windows XP / SP4: Security Update for Windows XP (KB982132)
/ Windows XP / SP4: Security Update for Windows XP (KB982214)
/ Windows XP / SP4: Security Update for Windows XP (KB982381)
/ Windows XP / SP4: Security Update for Windows XP (KB982665)


--- Startup entries list ---
Located: HK_LM:Run,
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, Adobe ARM
command: "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
file: C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
size: 937920
MD5: 47C1DE0A890613FFCFF1D67648EEDF90

Located: HK_LM:Run, Alcmtr
command: ALCMTR.EXE
file: C:\WINDOWS\ALCMTR.EXE
size: 57344
MD5: EA31039E691C6F8F5469649526EEA5FB

Located: HK_LM:Run, AlwaysReady Power Message APP
command: ARPWRMSG.EXE
file: C:\WINDOWS\ARPWRMSG.EXE
size: 77312
MD5: B596347A26DC054EBB44EB3BC8E95B0A

Located: HK_LM:Run, APSDaemon
command: "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
file: C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
size: 59240
MD5: F7DD2D785280DB73DC9060F80361BEFB

Located: HK_LM:Run, DISCover
command: C:\Program Files\DISC\DISCover.exe
file: C:\Program Files\DISC\DISCover.exe
size: 1077248
MD5: 5F4F51DCDDEED4CD994937572B9D9253

Located: HK_LM:Run, DiscUpdateManager
command: C:\Program Files\DISC\DiscUpdMgr.exe
file: C:\Program Files\DISC\DiscUpdMgr.exe
size: 61440
MD5: 37BDDF9E2D1E368081DDE37C927C3ED2

Located: HK_LM:Run, ehTray
command: C:\WINDOWS\ehome\ehtray.exe
file: C:\WINDOWS\ehome\ehtray.exe
size: 67584
MD5: 7E48B4958C131E9643DDCD2E7CA3FE9F

Located: HK_LM:Run, HPBootOp
command: "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
file: C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
size: 249856
MD5: A789B145F17FA5C2326907F4872FE173

Located: HK_LM:Run, KernelFaultCheck
command: %systemroot%\system32\dumprep 0 -k
file: C:\WINDOWS\system32\dumprep 0 -k
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\NvCpl.dll
size: 7311360
MD5: 6BDD333A105978CF4C560CA86FF5E39D

Located: HK_LM:Run, NvMediaCenter
command: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
file: C:\WINDOWS\system32\NvMcTray.dll
size: 86016
MD5: 9074A3AE59FC1ABA68B6ABE4556FAF9D

Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINDOWS\system32\nwiz.exe
size: 1519616
MD5: 96337880D0957F5C0C3D48BD3BBF89FF

Located: HK_LM:Run, PCDrProfiler
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 421888
MD5: AF43C4F7F3C8BC95DAD95024F96CDC4A

Located: HK_LM:Run, Recguard
command: C:\WINDOWS\SMINST\RECGUARD.EXE
file: C:\WINDOWS\SMINST\RECGUARD.EXE
size: 237568
MD5: F3EAEA279F09A7779C18793C87640794

Located: HK_LM:Run, RTHDCPL
command: RTHDCPL.EXE
file: C:\WINDOWS\RTHDCPL.EXE
size: 18085888
MD5: B5DBE74457D015EC8D4F2CD43D52906D

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
file: C:\Program Files\Common Files\Java\Java Update\jusched.exe
size: 254696
MD5: 6E3245DF783E58375B3465F03274743E

Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\real\realplayer\update\realsched.exe" -osboot
file: C:\Program Files\real\realplayer\update\realsched.exe
size: 273528
MD5: 2AA60514B683F15CF484C4A9F21C3425

Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-4256486490-1714306237-1489007402-1008...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3

Located: HK_CU:Run, Messenger (Yahoo!)
where: S-1-5-21-4256486490-1714306237-1489007402-1008...
command: "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
file: C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe
size: 6276408
MD5: 1CA2943DC17355330BA5B3EFC6CA4537

Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-4256486490-1714306237-1489007402-1008...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887

Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-4256486490-1714306237-1489007402-500...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3

Located: HK_CU:Run, MSMSGS
where: S-1-5-21-4256486490-1714306237-1489007402-500...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1695232
MD5: 3E930C641079443D4DE036167A69CAA2

Located: Startup (common), Secunia PSI Tray.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Secunia\PSI\psi_tray.exe
file: C:\Program Files\Secunia\PSI\psi_tray.exe
size: 291896
MD5: 8E6C1915EDDD719C4BFE99ECCD7216A7

Located: Startup (common), Windows Search.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Windows Desktop Search\WindowsSearch.exe
file: C:\Program Files\Windows Desktop Search\WindowsSearch.exe
size: 123904
MD5: B5C9F63C01FCFEC3F64EC6A0940A1825

Located: Startup (user), MyWeather Desktop.lnk
where: C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup...
command: C:\Program Files\MyWeather Desktop\MyWeather Desktop.exe
file: C:\Program Files\MyWeather Desktop\MyWeather Desktop.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, dimsntfy
command: %SystemRoot%\System32\dimsntfy.dll
file: %SystemRoot%\System32\dimsntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!



--- Browser helper object list ---
{0095C290-A428-4BDD-B98C-E0A116F1C702} (Shop to Win 9)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Shop to Win 9
Path: C:\Program Files\Shop to Win 9\
Long name: ShoppingBHO.dll
Short name: SHOPPI~1.DLL
Date (created): 11/18/2010 9:44:38 AM
Date (last access): 12/15/2010 10:01:26 PM
Date (last write): 11/18/2010 9:44:38 AM
Filesize: 647168
Attributes: archive
MD5: 4A73CCFC73E283D11573BB51C18D6B82
CRC32: 76D1B29C
Version: 1.0.0.1

{1631550F-191D-4826-B069-D9439253D926} (PriceGongBHO Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: PriceGongBHO Class
Path: C:\Program Files\PriceGong\2.1.0\
Long name: PriceGongIE.dll
Short name: PRICEG~1.DLL
Date (created): 3/28/2010 2:47:12 PM
Date (last access): 12/15/2010 10:01:26 PM
Date (last write): 3/28/2010 2:47:12 PM
Filesize: 353656
Attributes: archive
MD5: 60130A5D2B0464DBBB75B0580C3C218B
CRC32: 42D063EA
Version: 2.1.0.6

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (AcroIEHelperStub)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: AcroIEHelperStub
CLSID name: Adobe PDF Link Helper
Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\
Long name: AcroIEHelperShim.dll
Short name:
Date (created): 9/5/2011 12:04:56 PM
Date (last access): 9/16/2011 7:56:32 AM
Date (last write): 9/5/2011 12:04:56 PM
Filesize: 63912
Attributes: archive
MD5: 8C4AC22616E77925135C221C46DC6307
CRC32: 95440027
Version: 10.1.1.33

{3049C3E9-B461-4BC5-8870-4C09146192CA} (RealPlayer Download and Record Plugin for Internet Explorer)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: RealPlayer Download and Record Plugin for Internet Explorer
Path: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\
Long name: rpbrowserrecordplugin.dll
Short name:
Date (created): 5/7/2011 1:52:10 PM
Date (last access): 10/17/2011 1:18:40 PM
Date (last write): 10/17/2011 1:18:40 PM
Filesize: 414416
Attributes: archive
MD5: CC54CD805B70DD0DDAADC00FC38C9994
CRC32: 6086C9E4
Version: 12.0.1.669

{346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} (Ant.com browser helper (video detector))
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Ant.com browser helper (video detector)
Path: C:\Program Files\Ant.com\IE add-on\
Long name: Download.dll
Short name:
Date (created): 6/29/2011 12:27:28 PM
Date (last access): 10/14/2011 2:25:22 PM
Date (last write): 6/29/2011 12:27:28 PM
Filesize: 3939864
Attributes: archive
MD5: 547F5F7ABCB7203D602C8316C7B5DB8B
CRC32: EBF17052
Version: 2.2.1.0

{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (Norton Identity Protection)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Norton Identity Protection
CLSID name: Norton Identity Protection
Path: C:\Program Files\Norton Internet Security\Engine\19.2.0.10\
Long name: coieplg.dll
Short name:
Date (created): 11/12/2011 3:06:20 PM
Date (last access): 11/12/2011 3:06:20 PM
Date (last write): 11/2/2011 10:43:50 AM
Filesize: 492984
Attributes: readonly archive
MD5: CC5DF0A079870DCA81053468B11470CC
CRC32: 26598BE0
Version: 2012.2.1.6

{6D53EC84-6AAE-4787-AEEE-F4628F01010C} (Norton Vulnerability Protection)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Norton Vulnerability Protection
CLSID name: Norton Vulnerability Protection
Path: C:\Program Files\Norton Internet Security\Engine\19.2.0.10\IPS\
Long name: ipsbho.dll
Short name:
Date (created): 11/12/2011 3:06:22 PM
Date (last access): 11/12/2011 3:06:22 PM
Date (last write): 7/25/2011 9:15:38 PM
Filesize: 210872
Attributes: readonly archive
MD5: 869662814C2837A2FCEB5514BA7D498F
CRC32: 3972E81A
Version: 10.0.4.57

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll
info link: http://toolbar.google.com/
info source: TonyKlein
Path: C:\Program Files\Google\Google Toolbar\
Long name: GoogleToolbar_32.dll
Short name:
Date (created): 3/24/2011 2:59:46 PM
Date (last access): 3/24/2011 2:59:46 PM
Date (last write): 8/30/2011 8:09:30 AM
Filesize: 305328
Attributes: archive
MD5: C097DF5CD7DCB95E0D95644A993AC7EC
CRC32: 314C3B1A
Version: 7.1.2003.1856

{AAAE832A-5FFF-4661-9C8F-369692D1DCB9} (hpWebHelper Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: hpWebHelper Class
Path: C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\
Long name: WebHelper.dll
Short name: WEBHEL~1.DLL
Date (created): 11/14/2010 6:22:16 PM
Date (last access): 12/15/2010 10:01:26 PM
Date (last write): 11/14/2010 6:22:16 PM
Filesize: 217088
Attributes: archive
MD5: A0EF773AA00AFAF320E7404304EC5220
CRC32: 210919B9
Version: 1.0.0.1

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Notifier BHO
Path: C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\
Long name: swg.dll
Short name:
Date (created): 8/30/2011 8:09:58 AM
Date (last access): 8/30/2011 8:09:58 AM
Date (last write): 8/30/2011 8:09:58 AM
Filesize: 1007160
Attributes: archive
MD5: A953E104137DF406B70477D60BC29008
CRC32: AEE12701
Version: 5.7.6406.1642

{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java™ Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java™ Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 10/18/2011 5:05:34 PM
Date (last access): 10/23/2011 9:32:52 AM
Date (last write): 10/18/2011 5:05:34 PM
Filesize: 42272
Attributes: archive
MD5: DC365B6E595683F67BC21A203432E336
CRC32: ADEC3F07
Version: 6.0.290.11

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (JQSIEStartDetectorImpl)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: JQSIEStartDetectorImpl
CLSID name: JQSIEStartDetectorImpl Class
Path: C:\Program Files\Java\jre6\lib\deploy\jqs\ie\
Long name: jqs_plugin.dll
Short name:
Date (created): 10/18/2011 5:05:32 PM
Date (last access): 10/23/2011 9:32:52 AM
Date (last write): 10/18/2011 5:05:32 PM
Filesize: 79648
Attributes: archive
MD5: E3A7850421A4AB8B15FC174EB587BC6B
CRC32: 91B5A119
Version: 6.0.290.11

{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} (SingleInstance Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: SingleInstance Class
Path: C:\Program Files\Yahoo!\Companion\Installs\cpn0\
Long name: YTSingleInstance.dll
Short name:
Date (created): 3/15/2011 9:51:08 PM
Date (last access): 7/2/2011 10:03:10 AM
Date (last write): 3/15/2011 9:51:08 PM
Filesize: 163128
Attributes: archive
MD5: 10468E3EA0986DAFB61522BEEFAB769A
CRC32: 3F7F8727
Version: 2011.3.16.1



--- ActiveX list ---
{7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control)
DPF name:
CLSID name: OnlineScanner Control
Installer: C:\WINDOWS\Downloaded Program Files\OnlineScanner.inf
Codebase: http://download.eset...lineScanner.cab
Path: C:\PROGRA~1\ESET\ESET Online Scanner\
Long name: OnlineScanner.ocx
Short name:
Date (created): 7/20/2011 9:16:48 PM
Date (last access): 11/12/2011 7:56:58 PM
Date (last write): 9/30/2011 9:28:08 AM
Filesize: 3405744
Attributes: archive
MD5: 751EE920D6811584E5B1F0B153A5A4E2
CRC32: E2EE1C02
Version: 1.0.0.6583

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_29
Installer:
Codebase: http://java.sun.com/...indows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_29.dll
Short name:
Date (created): 10/3/2011 1:37:54 AM
Date (last access): 10/3/2011 5:11:40 AM
Date (last write): 10/3/2011 4:06:12 AM
Filesize: 141088
Attributes: archive
MD5: A8F3D654E83D928FBBD4714D2D54AB39
CRC32: A1FB5317
Version: 6.0.290.11

{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_29
Installer:
Codebase: http://java.sun.com/...indows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_29.dll
Short name:
Date (created): 10/3/2011 1:37:54 AM
Date (last access): 10/3/2011 5:11:40 AM
Date (last write): 10/3/2011 4:06:12 AM
Filesize: 141088
Attributes: archive
MD5: A8F3D654E83D928FBBD4714D2D54AB39
CRC32: A1FB5317
Version: 6.0.290.11

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_29
Installer:
Codebase: http://java.sun.com/...indows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_29.dll
Short name:
Date (created): 10/3/2011 1:37:54 AM
Date (last access): 10/3/2011 5:11:40 AM
Date (last write): 10/3/2011 4:06:12 AM
Filesize: 141088
Attributes: archive
MD5: A8F3D654E83D928FBBD4714D2D54AB39
CRC32: A1FB5317
Version: 6.0.290.11

{E2883E8F-472F-4FB0-9522-AC9BF37916A7} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\gp.inf
Codebase: http://platformdl.ad...Plus/1.6/gp.cab



--- Process list ---
PID: 0 ( 0) [System]
PID: 624 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 704 ( 624) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 728 ( 624) \??\C:\WINDOWS\system32\winlogon.exe
size: 507904
PID: 772 ( 728) C:\WINDOWS\system32\services.exe
size: 110592
MD5: 65DF52F5B8B6E9BBD183505225C37315
PID: 784 ( 728) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: BF2466B3E18E970D8A976FB95FC1CA85
PID: 944 ( 772) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1008 ( 772) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1104 ( 772) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1164 ( 772) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1376 ( 772) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1532 (1508) C:\WINDOWS\Explorer.EXE
size: 1033728
MD5: 12896823FB95BFB3DC9B46BCAEDC9923
PID: 1672 ( 772) C:\WINDOWS\system32\spoolsv.exe
size: 58880
MD5: 60784F891563FB1B767F70117FC2428F
PID: 1972 ( 772) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 2004 ( 772) C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe
size: 520216
MD5: C710B5D634DCCF966661939193175DE4
PID: 644 ( 772) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
size: 55144
MD5: D8E18021F91AD79CA8491CB5A5DA22D4
PID: 676 ( 772) C:\WINDOWS\arservice.exe
size: 58880
MD5: 9A0D9B2E263BEDE80FB79DDBAD240EC1
PID: 748 ( 772) C:\Program Files\Bonjour\mDNSResponder.exe
size: 390504
MD5: DB5BEA73EDAF19AC68B2C0FAD0F92B1A
PID: 1372 ( 772) C:\WINDOWS\eHome\ehRecvr.exe
size: 237568
MD5: 5D1347AA5AE6E2F77D7F4F8372D95AC9
PID: 1440 ( 772) C:\WINDOWS\eHome\ehSched.exe
size: 102912
MD5: A53243709439AC2A4C216B817F8D7411
PID: 1760 ( 772) C:\Program Files\Java\jre6\bin\jqs.exe
size: 153376
MD5: 381B25DC8E958D905B33130D500BBF29
PID: 1892 ( 772) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
size: 73728
MD5: E4973B3229E0015345AFBE43A8A8EB3B
PID: 232 ( 772) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
size: 322120
MD5: 11F714F85530A2BD134074DC30E99FCA
PID: 360 ( 772) C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe
size: 138760
MD5: E127420B7FEB65C7F279EAAC183BBC0E
PID: 476 ( 772) C:\WINDOWS\system32\nvsvc32.exe
size: 131139
MD5: B0903C021BFCD6055C053A569EF98AEF
PID: 504 ( 772) C:\Program Files\Secunia\PSI\PSIA.exe
size: 993848
MD5: 2D0599DD0124764FC939C59985C860DE
PID: 2160 ( 772) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 2192 ( 772) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
size: 602392
MD5: DD0042F0C3B606A6A8B92D49AFB18AD6
PID: 2244 ( 772) C:\WINDOWS\system32\SearchIndexer.exe
size: 439808
MD5: 7778BDFA3F6F6FBA0E75B9594098F737
PID: 2508 ( 772) C:\WINDOWS\ehome\mcrdsvc.exe
size: 99328
MD5: DF0A511F38F16016BF658FCA0090CB87
PID: 3020 ( 772) C:\WINDOWS\system32\dllhost.exe
size: 5120
MD5: 0A9BA6AF531AFE7FA5E4FB973852D863
PID: 3032 ( 360) C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe
size: 138760
MD5: E127420B7FEB65C7F279EAAC183BBC0E
PID: 4016 (1532) C:\WINDOWS\ehome\ehtray.exe
size: 67584
MD5: 7E48B4958C131E9643DDCD2E7CA3FE9F
PID: 4040 (1532) C:\WINDOWS\ARPWRMSG.EXE
size: 77312
MD5: B596347A26DC054EBB44EB3BC8E95B0A
PID: 4064 (1532) C:\Program Files\DISC\DISCover.exe
size: 1077248
MD5: 5F4F51DCDDEED4CD994937572B9D9253
PID: 4072 (1532) C:\Program Files\DISC\DiscUpdMgr.exe
size: 61440
MD5: 37BDDF9E2D1E368081DDE37C927C3ED2
PID: 176 (1532) C:\WINDOWS\RTHDCPL.EXE
size: 18085888
MD5: B5DBE74457D015EC8D4F2CD43D52906D
PID: 260 (1532) C:\Program Files\Common Files\Java\Java Update\jusched.exe
size: 254696
MD5: 6E3245DF783E58375B3465F03274743E
PID: 276 (1532) C:\Program Files\real\realplayer\update\realsched.exe
size: 273528
MD5: 2AA60514B683F15CF484C4A9F21C3425
PID: 356 (1532) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
size: 6276408
MD5: 1CA2943DC17355330BA5B3EFC6CA4537
PID: 496 (1532) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3
PID: 516 (1532) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887
PID: 216 (1532) C:\Program Files\Secunia\PSI\psi_tray.exe
size: 291896
MD5: 8E6C1915EDDD719C4BFE99ECCD7216A7
PID: 528 (1532) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
size: 123904
MD5: B5C9F63C01FCFEC3F64EC6A0940A1825
PID: 3180 ( 944) C:\WINDOWS\eHome\ehmsas.exe
size: 46592
MD5: 03A905FBA1D62317087DB5C21C0F8F62
PID: 3776 ( 772) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: 8C515081584A38AA007909CD02020B3D
PID: 3784 ( 944) C:\WINDOWS\system32\wbem\wmiprvse.exe
size: 227840
MD5: 798A9E6828997EEF4517ADA8A2259831
PID: 3976 (4064) C:\Program Files\DISC\DiscStreamHub.exe
size: 57344
MD5: 35FD73BA6356094ABCB61F0A2C555595
PID: 312 ( 772) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1564 ( 772) C:\Program Files\Secunia\PSI\sua.exe
size: 399416
MD5: 20B9E1ADBC58958B480933E4DA005DFB
PID: 3880 ( 356) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
size: 6276408
MD5: 1CA2943DC17355330BA5B3EFC6CA4537
PID: 1516 (4088) c:\windows\system\hpsysdrv.exe
size: 52736
MD5: 06A1ECB63DF139EC639E084D4AB3C9D7
PID: 3468 (4088) C:\Program Files\iTunes\iTunesHelper.exe
size: 421736
MD5: D743372A621ED03A274539A88EEB3450
PID: 1684 ( 772) C:\Program Files\iPod\bin\iPodService.exe
size: 821608
MD5: 33642C17C232AA272C68E446A2619899
PID: 3352 (1532) C:\Program Files\Internet Explorer\iexplore.exe
size: 638816
MD5: B60DDDD2D63CE41CB8C487FCFBB6419E
PID: 2232 (3352) C:\Program Files\Internet Explorer\iexplore.exe
size: 638816
MD5: B60DDDD2D63CE41CB8C487FCFBB6419E
PID: 2068 (3352) C:\Program Files\Internet Explorer\iexplore.exe
size: 638816
MD5: B60DDDD2D63CE41CB8C487FCFBB6419E
PID: 4636 ( 516) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 11/14/2011 8:36:02 PM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://ie.redirect.h...ARIO&pf=desktop
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.yahoo.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.yahoo.com/?fr=fp-yie8
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft....k/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft....k/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft....k/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft....k/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.redirect.h...ARIO&pf=desktop
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn...st/srchcust.htm


--- Winsock Layered Service Provider list ---


--- Uninstall list ---
GemMaster Mystic (12133444-BF36-4d4e-B7FB-A3424C645DE4)
uninstall cmd: "C:\Program Files\GemMaster\uninstallgemmaster.exe"

(AddressBook)

Adobe AIR 2.7.1.19610 (Adobe AIR)
version (major): 2
version (minor): 7
install location: c:\Program Files\Common Files\Adobe AIR\
uninstall cmd: c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
publisher: Adobe Systems Incorporated

Adobe Flash Player 11 ActiveX 11.1.102.55 (Adobe Flash Player ActiveX)
version (major): 11
version (minor): 1
estimated size: 6144
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -maintain activex
publisher: Adobe Systems Incorporated
help link: http://www.adobe.com...player_support/

Ant.com IE add-on 2.2.1.75 (Ant.com IE add-on)
uninstall cmd: msiexec.exe /qf /package {2B78F6F9-5C63-45AB-ABFD-DDB7946E4C39}
publisher: Ant.com

Ashampoo WinOptimizer 6.60 6.6.0 (Ashampoo WinOptimizer 6_is1)
install date: 20101225
install location: C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\
uninstall cmd: "C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\unins000.exe"
publisher: Ashampoo GmbH & Co. KG
help link: http://www.ashampoo.com/support

(AudioPlugin.dll)
uninstall cmd: c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}

Microsoft Away Mode 6.0.0160.0 (AwayMode160)
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=902437

Otto (B3EE3001-DC24-4cd1-8743-5692C716659F)
uninstall cmd: "C:\Program Files\EnglishOtto\uninstallotto.exe"

(Branding)

CCleaner 3.12 (CCleaner)
version (major): 3
version (minor): 12
install location: C:\Program Files\CCleaner
uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"
publisher: Piriform

Data Fax SoftModem with SmartCP (CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\HXFSETUP.EXE -U -ITrx200Ck.inf

(Connection Manager)

(CopyNow.dll)
uninstall cmd: c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}

(DataPlugin.dll)
uninstall cmd: c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}

(DirectAnimation)

(DirectDrawEx)

DISCover 3.31 (DISCover)
uninstall cmd: "C:\Program Files\DISC\uninstall.exe"

(DXM_Runtime)

ESET Online Scanner v3 (ESET Online Scanner)
uninstall cmd: C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe

(Fontcore)

(Google Chrome)

HP Game Console (HP Game Console)
install location: C:\Program Files\WildTangent\Apps\HP Game Console
uninstall cmd: "C:\Program Files\WildTangent\Apps\HP Game Console\Uninstall.exe"
publisher: WildTangent
help link: http://support.wildgames.com

HP Imaging Device Functions 7.0 7.0 (HP Imaging Device Functions)
uninstall cmd: C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
publisher: HP
help link: http://www.hp.com/support

HP Photosmart Premier Software 6.5 6.5 (HP Photo & Imaging)
uninstall cmd: C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
publisher: HP
help link: http://www.hp.com/support

(ICW)

(IDNMitigationAPIs)

(IE40)

(IE4Data)

(IE5BAKEX)

(ie7)

Windows Internet Explorer 8 20090308.140743 (ie8)
install date: 20110925
publisher: Microsoft Corporation
help link: http://www.microsoft.com/ie

(IEData)

Remove WeatherBug Installer (Install WeatherBug)
install location: c:\hp\bin\wbug
uninstall cmd: c:\hp\bin\cloaker.exe c:\hp\bin\commands.exe /c c:\hp\bin\wbug\clean.bat

(InstallShield Uninstall Information)

Easy Internet Sign-up FE UI-4.1.0.1680 (InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D})
version: 50331648
version (major): 3
estimated size: 14004
install date: 20101113
install source: C:\hp\tmp\src\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033
publisher: Hewlett-Packard

(InstallShield_{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38})

IspAssistant-FileServe (IspAssistant-FileServe)
estimated size: 56000
uninstall cmd: C:\Program Files\FileServe Toolbar\uninstall.exe bho /S

Security Update for Windows XP (KB2079403) 1 (KB2079403)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2079403

Security Update for Windows XP (KB2115168) 1 (KB2115168)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2115168

Security Update for Windows XP (KB2121546) 1 (KB2121546)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2121546

Update for Windows XP (KB2141007) 1 (KB2141007)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2141007

Hotfix for Windows XP (KB2158563) 1 (KB2158563)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2158563

Security Update for Windows XP (KB2229593) 1 (KB2229593)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2229593

Security Update for Windows XP (KB2259922) 1 (KB2259922)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2259922

Security Update for Windows XP (KB2279986) 1 (KB2279986)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2279986

Security Update for Windows XP (KB2286198) 1 (KB2286198)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2286198

Security Update for Windows XP (KB2296011) 1 (KB2296011)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2296011

Security Update for Windows XP (KB2296199) 1 (KB2296199)
install date: 20101216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2296199

Update for Windows XP (KB2345886) 1 (KB2345886)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2345886

Security Update for Windows XP (KB2347290) 1 (KB2347290)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2347290

Security Update for Windows Internet Explorer 8 (KB2360131) 1 (KB2360131-IE8)
install date: 20101117
uninstall cmd: "C:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2360131

Security Update for Windows XP (KB2360937) 1 (KB2360937)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2360937

Update for Windows Internet Explorer 8 (KB2362765) 1 (KB2362765-IE8)
install date: 20101117
uninstall cmd: "C:\WINDOWS\ie8updates\KB2362765-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2362765

Security Update for Windows Media Player (KB2378111) (KB2378111_WM9)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...m/?kbid=2378111

Security Update for Windows XP (KB2387149) 1 (KB2387149)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2387149

Security Update for Windows XP (KB2393802) 1 (KB2393802)
install date: 20110210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2393802

Security Update for Windows XP (KB2412687) 1 (KB2412687)
install date: 20110414
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2412687

Security Update for Windows Internet Explorer 8 (KB2416400) 1 (KB2416400-IE8)
install date: 20101216
uninstall cmd: "C:\WINDOWS\ie8updates\KB2416400-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2416400

Security Update for Windows XP (KB2419632) 1 (KB2419632)
install date: 20110111
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2419632

Security Update for Windows XP (KB2423089) 1 (KB2423089)
install date: 20101216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2423089

Security Update for Windows XP (KB2436673) 1 (KB2436673)
install date: 20101216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2436673

Security Update for Windows XP (KB2440591) 1 (KB2440591)
install date: 20101216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2440591

Security Update for Windows XP (KB2443105) 1 (KB2443105)
install date: 20101216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2443105

Hotfix for Windows XP (KB2443685) 1 (KB2443685)
install date: 20101216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2443685

Update for Windows Internet Explorer 8 (KB2447568) 1 (KB2447568-IE8)
install date: 20101211
uninstall cmd: "C:\WINDOWS\ie8updates\KB2447568-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2447568

Security Update for Windows Media Encoder (KB2447961) (KB2447961_WM9L)
install date: 20101226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2447961_WM9L$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...m/?kbid=2447961

Update for Windows XP (KB2467659) 1 (KB2467659)
install date: 20101216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2467659

Security Update for Windows XP (KB2476490) 1 (KB2476490)
install date: 20110615
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2476490

Security Update for Windows XP (KB2476687) 1 (KB2476687)
install date: 20110210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2476687

Security Update for Windows XP (KB2478960) 1 (KB2478960)
install date: 20110210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2478960

Security Update for Windows XP (KB2478971) 1 (KB2478971)
install date: 20110210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2478971

Security Update for Windows XP (KB2479628) 1 (KB2479628)
install date: 20110210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2479628

Security Update for Windows XP (KB2481109) 1 (KB2481109)
install date: 20110309
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2481109

Security Update for Windows Internet Explorer 8 (KB2482017) 1 (KB2482017-IE8)
install date: 20110210
uninstall cmd: "C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2482017

Security Update for Windows XP (KB2483185) 1 (KB2483185)
install date: 20110210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2483185

Security Update for Windows XP (KB2485376) 1 (KB2485376)
install date: 20110210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2485376

Security Update for Windows XP (KB2485663) 1 (KB2485663)
install date: 20110414
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2485663

Security Update for Windows XP (KB2491683) 1 (KB2491683)
install date: 20110414
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2491683$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2491683

Update for Windows XP (KB2492386) 1 (KB2492386)
install date: 20110428
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2492386$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2492386

Security Update for Windows Internet Explorer 8 (KB2497640) 1 (KB2497640-IE8)
install date: 20110414
uninstall cmd: "C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2497640

Windows XP Media Center Edition 2005 KB2502898 (KB2502898)
install date: 20110309
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2502898$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2502898

Security Update for Windows XP (KB2503658) 1 (KB2503658)
install date: 20110414
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2503658

Security Update for Windows XP (KB2503665) 1 (KB2503665)
install date: 20110615
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2503665

Security Update for Windows XP (KB2506212) 1 (KB2506212)
install date: 20110414
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2506212

Security Update for Windows XP (KB2506223) 1 (KB2506223)
install date: 20110414
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2506223

Security Update for Windows XP (KB2507618) 1 (KB2507618)
install date: 20110414
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2507618

Security Update for Windows XP (KB2507938) 1 (KB2507938)
install date: 20110713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2507938

Security Update for Windows XP (KB2508272) 1 (KB2508272)
install date: 20110414
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2508272

Security Update for Windows XP (KB2508429) 1 (KB2508429)
install date: 20110414
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2508429

Security Update for Windows XP (KB2509553) 1 (KB2509553)
install date: 20110414
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2509553

Security Update for Windows Internet Explorer 8 (KB2510531) 1 (KB2510531-IE8)
install date: 20110414
uninstall cmd: "C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2510531

Security Update for Windows XP (KB2511455) 1 (KB2511455)
install date: 20110414
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2511455

Security Update for Windows XP (KB2524375) 1 (KB2524375)
install date: 20110324
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2524375

Security Update for Windows Internet Explorer 8 (KB2530548) 1 (KB2530548-IE8)
install date: 20110615
uninstall cmd: "C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2530548

Security Update for Windows XP (KB2535512) 1 (KB2535512)
install date: 20110615
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2535512

Security Update for Windows XP (KB2536276) 1 (KB2536276)
install date: 20110615
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2536276

Security Update for Windows XP (KB2536276-v2) 2 (KB2536276-v2)
install date: 20110810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2536276

Update for Windows XP (KB2541763) 1 (KB2541763)
install date: 20110629
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2541763

Security Update for Windows Internet Explorer 8 (KB2544521) 1 (KB2544521-IE8)
install date: 20110615
uninstall cmd: "C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2544521

Security Update for Windows XP (KB2544893) 1 (KB2544893)
install date: 20110615
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2544893

Security Update for Windows XP (KB2544893-v2) 2 (KB2544893-v2)
install date: 20111109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2544893

Security Update for Windows XP (KB2555917) 1 (KB2555917)
install date: 20110713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2555917

Security Update for Windows Internet Explorer 8 (KB2559049) 1 (KB2559049-IE8)
install date: 20110810
uninstall cmd: "C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2559049

Security Update for Windows XP (KB2562937) 1 (KB2562937)
install date: 20110810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2562937

Security Update for Microsoft Windows (KB2564958) (KB2564958)
install date: 20111012
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro....com/kb/2564958

Security Update for Windows XP (KB2566454) 1 (KB2566454)
install date: 20110810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2566454

Security Update for Windows XP (KB2567053) 1 (KB2567053)
install date: 20111012
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2567053

Security Update for Windows XP (KB2567680) 1 (KB2567680)
install date: 20110810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2567680

Security Update for Windows XP (KB2570222) 1 (KB2570222)
install date: 20110810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2570222

Hotfix for Windows XP (KB2570791) 1 (KB2570791)
install date: 20110824
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2570791

Security Update for Windows XP (KB2570947) 1 (KB2570947)
install date: 20110914
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2570947

Microsoft .NET Framework 1.0 Hotfix (KB2572066) (KB2572066)
install date: 20111012
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2572066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

Security Update for Windows Internet Explorer 8 (KB2586448) 1 (KB2586448-IE8)
install date: 20111012
uninstall cmd: "C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2586448

Security Update for Windows XP (KB2592799) 1 (KB2592799)
install date: 20111012
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2592799

Update for Windows XP (KB2607712) 1 (KB2607712)
install date: 20110907
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2607712

Update for Windows XP (KB2616676) 1 (KB2616676)
install date: 20110914
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2616676

Update for Windows XP (KB2641690) 1 (KB2641690)
install date: 20111111
uninstall cmd: "C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om?kbid=2641690

(KB884016)

(KB884267)

(KB885353)

(KB886612)

(KB887078)

(KB887626)

High Definition Audio Driver Package - KB888111 20040219.000000 (KB888111WXPSP2)
uninstall cmd: "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...m?kbid=KB888111

(KB888656)

(KB889858)

(KB891122)

Windows Genuine Advantage Validation Tool (KB892130) (KB892130)
install date: 20101117
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=892130

(KB892313)

(KB893240)

(KB893241)

3.1 (KB893803)
help link: http://go.microsoft....k/?LinkId=42467

(KB895181)

(KB895316)

(KB895572)

(KB897586)

(KB898549)

Update Rollup 2 for Windows XP Media Center Edition 2005 (KB900325)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=900325

(KB900399)

(KB902344)

Hotfix for Windows Media Player 10 (KB903157) (KB903157)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=903157

(KB907658)

Windows XP Media Center Edition 2005 KB908246 (KB908246)
install date: 20101113
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=908246

Microsoft Base Smart Card Cryptographic Service Provider Package (KB909520)
uninstall cmd: "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

Security Update for Windows Media Player 10 (KB911565) (KB911565)
install date: 20101113
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=911565

(KB911854)

Update for Windows Media Player 10 (KB913800) (KB913800)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=913800

Hotfix for Windows XP (KB915800-v4) 4 (KB915800-v4)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...?kbid=915800-v4

Security Update for Windows XP (KB923561) 1 (KB923561)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=923561

Security Update for Step By Step Interactive Training (KB923723) 20050502.101010 (KB923723)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/923723

Security Update for Windows Media Player 6.4 (KB925398) (KB925398_WMP64)
install date: 20101114
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=925398

Windows XP Media Center Edition 2005 KB925766 (KB925766)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=925766

Update for Windows Media Player 10 (KB926251) (KB926251)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=926251

Hotfix for Windows Media Format 11 SDK (KB929399) (KB929399)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=929399

Security Update for CAPICOM (KB931906) 2.1.0.2 (KB931906)
uninstall cmd: MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=931906

Hotfix for Windows Media Player 11 (KB939683) (KB939683)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=939683

Windows Search 4.0 04.00.6001.503 (KB940157)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=940157

Security Update for Windows XP (KB941569) (KB941569)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=941569

Security Update for Windows XP (KB946648) 1 (KB946648)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=946648

Security Update for Windows XP (KB950760) 1 (KB950760)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=950760

Security Update for Windows XP (KB950762) 1 (KB950762)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=950762

Security Update for Windows XP (KB950974) 1 (KB950974)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=950974

Security Update for Windows XP (KB951376-v2) 2 (KB951376-v2)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=951376

Security Update for Windows XP (KB951748) 1 (KB951748)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=951748

Update for Windows XP (KB951978) 1 (KB951978)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=951978

Security Update for Windows XP (KB952004) 1 (KB952004)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=952004

Security Update for Windows Media Player (KB952069) (KB952069_WM9)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=952069

Hotfix for Windows XP (KB952287) 1 (KB952287)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=952287

Security Update for Windows XP (KB952954) 1 (KB952954)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=952954

Update for Windows XP (KB953356) 1 (KB953356)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB953356$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=953356

Security Update for Windows Media Player 11 (KB954154) (KB954154_WM11)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=954154

Security Update for Windows Media Player (KB954155) (KB954155_WM9)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=954155

Hotfix for Windows XP (KB954550-v5) 5 (KB954550-v5)
install date: 20101117
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=954550

Security Update for Windows XP (KB955069) 1 (KB955069)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=955069

Update for Windows XP (KB955759) 1 (KB955759)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=955759

Security Update for Windows XP (KB956572) 1 (KB956572)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=956572

Security Update for Windows XP (KB956744) 1 (KB956744)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=956744

Security Update for Windows XP (KB956802) 1 (KB956802)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=956802

Security Update for Windows XP (KB956803) 1 (KB956803)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=956803

Security Update for Windows XP (KB956844) 1 (KB956844)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=956844

Security Update for Windows XP (KB958644) 1 (KB958644)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=958644

Security Update for Windows XP (KB958869) 1 (KB958869)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=958869

Security Update for Windows XP (KB959426) 1 (KB959426)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=959426

Security Update for Windows XP (KB960225) 1 (KB960225)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=960225

Security Update for Windows XP (KB960803) 1 (KB960803)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=960803

Security Update for Windows XP (KB960859) 1 (KB960859)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=960859

Hotfix for Windows XP (KB961118) 1 (KB961118)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=961118

Security Update for Windows XP (KB961501) 1 (KB961501)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=961501

Security Update for Windows Search 4 - KB963093 (KB963093)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

Update for Windows XP (KB967715) 1 (KB967715)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=967715

Update for Windows XP (KB968389) 1 (KB968389)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=968389

Windows Management Framework Core (KB968930)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$968930Uinstall_KB968930$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft..../?LinkID=163790

Security Update for Windows XP (KB969059) 1 (KB969059)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=969059

Security Update for Windows XP (KB970238) 1 (KB970238)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=970238

Security Update for Windows XP (KB970430) 1 (KB970430)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=970430

Update for Windows XP (KB971029) 1 (KB971029)
install date: 20110301
uninstall cmd: "C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=971029

Security Update for Windows XP (KB971468) 1 (KB971468)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=971468

Update for Microsoft Windows (KB971513) (KB971513)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB971513$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/971513

Security Update for Windows XP (KB971657) 1 (KB971657)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=971657

Update for Windows XP (KB971737) 1 (KB971737)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=971737

Security Update for Windows Internet Explorer 8 (KB971961) 1 (KB971961-IE8)
install date: 20101114
uninstall cmd: "C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=971961

Security Update for Windows XP (KB972270) 1 (KB972270)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=972270

Security Update for Windows XP (KB973507) 1 (KB973507)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=973507

Security Update for Windows Media Player (KB973540) (KB973540_WM9)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=973540

Security Update for Windows Media Player (KB973540) (KB973540_WM9L)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=973540

Update for Windows XP (KB973687) 1 (KB973687)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=973687

Windows XP Media Center Edition 2005 KB973768 (KB973768)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=973768

Update for Windows XP (KB973815) 1 (KB973815)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=973815

Security Update for Windows XP (KB973869) 1 (KB973869)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=973869

Security Update for Windows XP (KB973904) 1 (KB973904)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=973904

Security Update for Windows XP (KB974112) 1 (KB974112)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=974112

Security Update for Windows XP (KB974318) 1 (KB974318)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=974318

Security Update for Windows XP (KB974392) 1 (KB974392)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=974392

Security Update for Windows XP (KB974571) 1 (KB974571)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=974571

Security Update for Windows XP (KB975025) 1 (KB975025)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=975025

Security Update for Windows XP (KB975467) 1 (KB975467)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=975467

Security Update for Windows Media Player (KB975558) (KB975558_WM8)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=975558

Security Update for Windows XP (KB975560) 1 (KB975560)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=975560

Security Update for Windows XP (KB975561) 1 (KB975561)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=975561

Security Update for Windows XP (KB975562) 1 (KB975562)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=975562

Security Update for Windows XP (KB975713) 1 (KB975713)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=975713

Update for Windows Internet Explorer 8 (KB976662) 1 (KB976662-IE8)
install date: 20101114
uninstall cmd: "C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=976662

Security Update for Windows XP (KB977816) 1 (KB977816)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=977816

Security Update for Windows XP (KB977914) 1 (KB977914)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=977914

Security Update for Windows XP (KB978037) 1 (KB978037)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=978037

Security Update for Windows XP (KB978338) 1 (KB978338)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=978338

Security Update for Windows XP (KB978542) 1 (KB978542)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=978542

Security Update for Windows XP (KB978601) 1 (KB978601)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=978601

Security Update for Windows Media Player (KB978695) (KB978695_WM9)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=978695

Security Update for Windows XP (KB978706) 1 (KB978706)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=978706

Security Update for Windows XP (KB979309) 1 (KB979309)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=979309

Security Update for Windows XP (KB979482) 1 (KB979482)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=979482

Security Update for Windows XP (KB979559) 1 (KB979559)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=979559

Security Update for Windows XP (KB979683) 1 (KB979683)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=979683

Security Update for Windows XP (KB979687) 1 (KB979687)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=979687

Security Update for Windows XP (KB980195) 1 (KB980195)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=980195

Security Update for Windows XP (KB980218) 1 (KB980218)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=980218

Security Update for Windows XP (KB980232) 1 (KB980232)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=980232

Security Update for Windows XP (KB980436) 1 (KB980436)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=980436

Security Update for Windows XP (KB981322) 1 (KB981322)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=981322

Security Update for Windows Internet Explorer 8 (KB981332) 1 (KB981332-IE8)
install date: 20101114
uninstall cmd: "C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=981332

Hotfix for Windows XP (KB981793) 1 (KB981793)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=981793

Security Update for Windows XP (KB981852) 1 (KB981852)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=981852

Security Update for Windows XP (KB981957) 1 (KB981957)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=981957

Security Update for Windows XP (KB981997) 1 (KB981997)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=981997

Security Update for Windows XP (KB982132) 1 (KB982132)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=982132

Security Update for Windows XP (KB982214) 1 (KB982214)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=982214

Security Update for Windows XP (KB982381) 1 (KB982381)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=982381

Security Update for Windows Internet Explorer 8 (KB982381) 1 (KB982381-IE8)
install date: 20101114
uninstall cmd: "C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=982381

Security Update for Windows XP (KB982665) 1 (KB982665)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=982665

(KBKB895961)

Microsoft .NET Framework 1.1 Security Update (KB2572067) (M2572067)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2572067\M2572067Uninstall.msp"

Microsoft .NET Framework 1.1 Security Update (KB979906) (M979906)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"

Malwarebytes' Anti-Malware version 1.51.2.1300 1.51.2.1300 (Malwarebytes' Anti-Malware_is1)
install date: 20111010
install location: C:\Program Files\Malwarebytes' Anti-Malware\
uninstall cmd: "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
publisher: Malwarebytes Corporation

Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

Microsoft .NET Framework 3.5 SP1 (Microsoft .NET Framework 3.5 SP1)
install location: C:\WINDOWS\Microsoft.NET\Framework\v3.5\
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
publisher: Microsoft Corporation
help link: http://go.microsoft..../?LinkId=120337

Microsoft .NET Framework 4 Client Profile 4.0.30319 (Microsoft .NET Framework 4 Client Profile)
estimated size: 39732
install location: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
publisher: Microsoft Corporation
readme: http://go.microsoft..../?LinkId=164156

Microsoft .NET Framework 4 Extended 4.0.30319 (Microsoft .NET Framework 4 Extended)
estimated size: 53233
install location: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
publisher: Microsoft Corporation
readme: http://go.microsoft..../?LinkId=164156

(Microsoft Interactive Training)
uninstall cmd: C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu

(MobileOptionPack)

(MPlayer2)

Microsoft Compression Client Pack 1.0 for Windows XP 1 (MSCompPackV1)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft....k/?LinkId=74087

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

MWSnap 3 3.0.0.74 (MWSnap 3)
uninstall cmd: "C:\Program Files\MWSnap\uninstall.exe"
publisher: Mirek Wojtowicz

(NetMeeting)

Norton Internet Security 19.2.0.10 (NIS)
version (major): 19
version (minor): 2
install date: 20111112
install location: C:\Program Files\Norton Internet Security
install source: C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\2454B0AB\18.6.0.29\
uninstall cmd: C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\2454B0AB\19.2.0.10\InstStub.exe /X /ARP
publisher: Symantec Corporation

(NLSDownlevelMapping)

NVIDIA Drivers (NVIDIA Drivers)
uninstall cmd: C:\WINDOWS\system32\nvudisp.exe UninstallGUI

(OutlookExpress)

PC-Doctor 5 for Windows 5.00.3462.03 (PC-Doctor 5 for Windows)
install location: C:\Program Files\PC-Doctor 5 for Windows\
uninstall cmd: C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
publisher: PC-Doctor, Inc.
comments: Personal Computer Diagnostics Software
contact: Customer Support Department

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

PicaLoader 1.7.1 1.7.1 (PicaLoader)
uninstall cmd: C:\Program Files\PicaLoader\uninst.exe
publisher: VOWSoft,Ltd.

PriceGong 2.1.0 2.1.0 (PriceGong)
uninstall cmd: C:\Program Files\PriceGong\uninst.exe
publisher: PriceGong

Python 2.2.3 2.2.3 (Python 2.2.3)
uninstall cmd: C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
publisher: PythonLabs at Zope Corporation
help link: http://www.python.org/

Python 2.2 pywin32 extensions (build 203) (pywin32-py2.2)
uninstall cmd: "C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"

RealPlayer (RealPlayer 12.0)
install location: c:\program files\real\realplayer\realplay.exe
uninstall cmd: c:\program files\real\realplayer\Update\r1puninst.exe RealNetworks|RealPlayer|12.0
publisher: RealNetworks
comments: Play, Save, and Organize your music and videos, Burn a CD, or simply take your music with you.
contact: RealNetworks

(SchedulingAgent)

Secunia PSI (2.0.0.3003) (Secunia PSI)
uninstall cmd: "C:\Program Files\Secunia\PSI\uninstall.exe"

(Sevinst)

Shop to Win 9 1.012 (Shop to Win 9)
uninstall cmd: C:\Program Files\Shop to Win 9\Uninst.exe

VLC media player 1.1.11 1.1.11 (VLC media player)
install location: C:\Program Files\VideoLAN\VLC
uninstall cmd: C:\Program Files\VideoLAN\VLC\uninstall.exe
publisher: VideoLAN

Windows Genuine Advantage Validation Tool (KB892130) 1.7.0069.2 (WGA)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=892130

(WIC)

Windows Media Encoder 9 Series (Windows Media Encoder 9)
uninstall cmd: msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

Windows Media Format 11 runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
help link: http://go.microsoft....k/?LinkId=62768

Windows Media Player 11 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows XP Service Pack 3 20080414.031525 (Windows XP Service Pack)
install date: 20101114
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=936929

WinRAR 4.01 (32-bit) 4.01.0 (WinRAR archiver)
version (major): 4
version (minor): 1
install location: C:\Program Files\WinRAR\
uninstall cmd: C:\Program Files\WinRAR\uninstall.exe
publisher: win.rar GmbH

(WMCSetup)

Windows Media Format 11 runtime (WMFDist11)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

Windows Media Player 11 (wmp11)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

Tornado Jockey WT004602 (WT004602)
install location: C:\Program Files\HP Games\Tornado Jockey
uninstall cmd: "C:\Program Files\HP Games\Tornado Jockey\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Polar Bowler WT005532 (WT005532)
install location: C:\Program Files\HP Games\Polar Bowler
uninstall cmd: "C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Polar Golfer WT005533 (WT005533)
install location: C:\Program Files\HP Games\Polar Golfer
uninstall cmd: "C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Ricochet Lost Worlds WT005534 (WT005534)
install location: C:\Program Files\HP Games\Ricochet Lost Worlds
uninstall cmd: "C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Super Granny WT005537 (WT005537)
install location: C:\Program Files\HP Games\Super Granny
uninstall cmd: "C:\Program Files\HP Games\Super Granny\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Tradewinds WT005538 (WT005538)
install location: C:\Program Files\HP Games\Tradewinds
uninstall cmd: "C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Blackhawk Striker 2 WT005540 (WT005540)
install location: C:\Program Files\HP Games\Blackhawk Striker 2
uninstall cmd: "C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Blasterball 2 Revolution WT005541 (WT005541)
install location: C:\Program Files\HP Games\Blasterball 2 Revolution
uninstall cmd: "C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Blasterball 2 Remix WT005542 (WT005542)
install location: C:\Program Files\HP Games\Blasterball 2 Remix
uninstall cmd: "C:\Program Files\HP Games\Blasterball 2 Remix\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Bounce Symphony WT005544 (WT005544)
install location: C:\Program Files\HP Games\Bounce Symphony
uninstall cmd: "C:\Program Files\HP Games\Bounce Symphony\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Tennis Titans WT005611 (WT005611)
install location: C:\Program Files\HP Games\Tennis Titans
uninstall cmd: "C:\Program Files\HP Games\Tennis Titans\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Family Feud WT005612 (WT005612)
install location: C:\Program Files\HP Games\Family Feud
uninstall cmd: "C:\Program Files\HP Games\Family Feud\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Flip Words WT005613 (WT005613)
install location: C:\Program Files\HP Games\Flip Words
uninstall cmd: "C:\Program Files\HP Games\Flip Words\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Insaniquarium Deluxe WT005614 (WT005614)
install location: C:\Program Files\HP Games\Insaniquarium Deluxe
uninstall cmd: "C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Jewel Quest WT005615 (WT005615)
install location: C:\Program Files\HP Games\Jewel Quest
uninstall cmd: "C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Mah Jong Quest WT005616 (WT005616)
install location: C:\Program Files\HP Games\Mah Jong Quest
uninstall cmd: "C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Mystery Case Files WT005617 (WT005617)
install location: C:\Program Files\HP Games\Mystery Case Files
uninstall cmd: "C:\Program Files\HP Games\Mystery Case Files\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Poker Superstars WT005618 (WT005618)
install location: C:\Program Files\HP Games\Poker Superstars
uninstall cmd: "C:\Program Files\HP Games\Poker Superstars\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

SCRABBLE WT005619 (WT005619)
install location: C:\Program Files\HP Games\SCRABBLE
uninstall cmd: "C:\Program Files\HP Games\SCRABBLE\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Slingo Deluxe WT005620 (WT005620)
install location: C:\Program Files\HP Games\Slingo Deluxe
uninstall cmd: "C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Alien Outbreak 2 WT005621 (WT005621)
install location: C:\Program Files\HP Games\Alien Outbreak 2
uninstall cmd: "C:\Program Files\HP Games\Alien Outbreak 2\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Fairies WT005622 (WT005622)
install location: C:\Program Files\HP Games\Fairies
uninstall cmd: "C:\Program Files\HP Games\Fairies\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Snowy The Bears Adventure WT005623 (WT005623)
install location: C:\Program Files\HP Games\Snowy The Bears Adventure
uninstall cmd: "C:\Program Files\HP Games\Snowy The Bears Adventure\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Bejeweled 2 Deluxe WT005625 (WT005625)
install location: C:\Program Files\HP Games\Bejeweled 2 Deluxe
uninstall cmd: "C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Big Kahuna Reef WT005626 (WT005626)
install location: C:\Program Files\HP Games\Big Kahuna Reef
uninstall cmd: "C:\Program Files\HP Games\Big Kahuna Reef\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Bookworm Deluxe WT005627 (WT005627)
install location: C:\Program Files\HP Games\Bookworm Deluxe
uninstall cmd: "C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Chuzzle Deluxe WT005628 (WT005628)
install location: C:\Program Files\HP Games\Chuzzle Deluxe
uninstall cmd: "C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Diner Dash WT005629 (WT005629)
install location: C:\Program Files\HP Games\Diner Dash
uninstall cmd: "C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

FATE WT006068 (WT006068)
install location: C:\Program Files\HP Games\FATE
uninstall cmd: "C:\Program Files\HP Games\FATE\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Ancient Sudoku WT006070 (WT006070)
install location: C:\Program Files\HP Games\Ancient Sudoku
uninstall cmd: "C:\Program Files\HP Games\Ancient Sudoku\Uninstall.exe"
publisher: WildTangent
comments: Distributed by Compaq

Microsoft User-Mode Driver Framework Feature Pack 1.0 (Wudf01000)
install date: 20101117
uninstall cmd: "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
comments: Build Number 5716

Yahoo! Toolbar (Yahoo! Companion)
uninstall cmd: C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
publisher: Yahoo! Inc.

Yahoo! Messenger (Yahoo! Messenger)
uninstall cmd: C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
publisher: Yahoo! Inc.

Yahoo! Software Update (Yahoo! Software Update)
uninstall cmd: C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE

(Yahoo! Toolbar)
uninstall cmd: C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

SES Driver 1.0.0 ({0673654C-5296-453B-9798-B61CD7E03FEB})
version: 16777216
version (major): 1
estimated size: 100
install date: 20101124
install location: C:\Program Files\Western Digital\SES Driver\
install source: J:\WD SmartWare\
uninstall cmd: MsiExec.exe /X{0673654C-5296-453B-9798-B61CD7E03FEB}
publisher: Western Digital
comments: This installer database contains the logic and data required to install SES Driver.

Sonic RecordNow Data 2.0.6 ({075473F5-846A-448B-BCB3-104AA1760205})
version: 33554438
version (major): 2
estimated size: 17972
install date: 20101113
install source: c:\hp\tmp\src\SC_DATA_206\
uninstall cmd: MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
publisher: Sonic Solutions
help link: http://support.sonic.com/

({09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA})
uninstall cmd: C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\bm_installer.exe

Microsoft .NET Framework 4 Extended 4.0.30319 ({0A0CADCF-78DA-33C4-A350-CD51849B9702})
version: 67139183
version (major): 4
estimated size: 158727
install date: 20110914
install source: C:\62b571d80fc4d837bf30ec\
uninstall cmd: MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
publisher: Microsoft Corporation
readme: http://go.microsoft..../?LinkId=164156

({0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2162169)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472) 1 ({0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472)
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7A2C18A1-D2A2-3177-82F1-5FE9CC08ECB0} /parameterfolder Extended
publisher: Microsoft Corporation
comments: This security update is for Microsoft .NET Framework 4 Extended.
If you later install a more recent service pack, this security update will be uninstalled automatically.
For more information, visit http://support.micro...com/kb/2416472.
help link: http://support.micro....com/kb/2416472

Update for Microsoft .NET Framework 4 Extended (KB2468871) 1 ({0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871)
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Extended
publisher: Microsoft Corporation
comments: This update is for Microsoft .NET Framework 4 Extended.
If you later install a more recent service pack, this update will be uninstalled automatically.
For more information, visit http://support.micro...com/kb/2468871.
help link: http://support.micro....com/kb/2468871

({0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2478063)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367) 1 ({0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2487367)
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {42A3562E-8B4E-39A4-B82D-CC12F82889E3} /parameterfolder Extended
publisher: Microsoft Corporation
comments: This security update is for Microsoft .NET Framework 4 Extended.
If you later install a more recent service pack, this security update will be uninstalled automatically.
For more information, visit http://support.micro...com/kb/2487367.
help link: http://support.micro....com/kb/2487367

Update for Microsoft .NET Framework 4 Extended (KB2533523) 1 ({0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523)
uninstall cmd: c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Extended
publisher: Microsoft Corporation
comments: This update is for Microsoft .NET Framework 4 Extended.
If you later install a more recent service pack, this update will be uninstalled automatically.
For more information, visit http://support.micro...com/kb/2533523.
help link: http://support.micro....com/kb/2533523

SlideShow 70.0.170.000 ({0A65A3BD-54B5-4d0d-B084-7688507813F5})
version: 1174405290
version (major): 70
estimated size: 15028
install date: 20101113
install source: c:\hp\tmp\src\setup\SlideShow\
publisher: Hewlett-Packard

Security Update for CAPICOM (KB931906) 2.1.0.2 ({0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A})
version: 33619968
version (major): 2
version (minor): 1
estimated size: 770
install date: 20101211
install source: C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
publisher: Microsoft Corporation

HP Boot Optimizer 3.0.0 ({1341D838-719C-4A05-B50F-49420CA1B4BB})
version: 50331648
version (major): 3
estimated size: 228
install date: 20101113
install source: C:\Documents and Settings\All Users\Application Data\Hewlett-Packard\HP Boot Optimizer\
uninstall cmd: MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
publisher: Hewlett-Packard
comments: HP Boot Optimizer
contact: Hewlett-Packard

cp_OnlineProjectsConfig 70.0.170.000 ({15C0AF59-4877-49B6-B8C6-A61CE54515F5})
version: 1174405290
version (major): 70
estimated size: 5
install date: 20101113
install source: c:\hp\tmp\src\setup\cp_OnlineProjectsConfig\
publisher: Hewlett-Packard

Google Toolbar for Internet Explorer 1.0.0 ({18455581-E099-4BA8-BC6B-F34B2F06600C})
version: 16777216
version (major): 1
estimated size: 28
install date: 20110324
install location: C:\Program Files\Google\Installers\
install source: C:\Program Files\Google\Google Toolbar\
uninstall cmd: MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
publisher: Google Inc.

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 9.0.30729.4148 ({1F1C2DFC-2D24-3E06-BCB8-725134ADF989})
version: 151025673
version (major): 9
estimated size: 10436
install date: 20101117
install source: c:\d92c5e29e943a3e898d7\
uninstall cmd: MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
publisher: Microsoft Corporation

Sonic MyDVD Plus 6.2.0 ({21657574-BD54-48A2-9450-EB03B2C7FC29})
version: 100794368
version (major): 6
version (minor): 2
estimated size: 120150
install date: 20101113
install source: c:\hp\tmp\src\
uninstall cmd: MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
publisher: Sonic Solutions
help link: http://support.sonic.com/

Google Toolbar for Internet Explorer 7.1.2003.1856 ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
install location: C:\Program Files\Google\Google Toolbar\
uninstall cmd: "C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_4E7D715D860E20E1.exe" /uninstall
publisher: Google Inc.

HPPhotoSmartExpress 70.0.170.000 ({2376813B-2E5A-4641-B7B3-A0D5ADB55229})
version: 1174405290
version (major): 70
estimated size: 10150
install date: 20101113
install source: c:\hp\tmp\src\setup\HPPhotoSmartExpress\
publisher: Hewlett-Packard

({26A24AE4-039D-4CA4-87B4-2F83216023FB})

Java™ 6 Update 29 6.0.290 ({26A24AE4-039D-4CA4-87B4-2F83216024FF})
version: 100663536
version (major): 6
estimated size: 93056
install date: 20110325
install location: C:\Program Files\Java\jre6\
install source: C:\Documents and Settings\Compaq_Administrator\Application Data\Sun\Java\jre1.6.0_24\
uninstall cmd: MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216024FF}
publisher: Oracle
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre6\README.txt

({26A24AE4-039D-4CA4-87B4-2F83216025FB})

({26A24AE4-039D-4CA4-87B4-2F83216026FB})

({26A24AE4-039D-4CA4-87B4-2F83216027FB})

({26A24AE4-039D-4CA4-87B4-2F83216029FB})

Quicken 2006 15.1.4.5 ({2818095F-FB6C-42C8-827E-0A406CC9AFF5})
version: 251723780
version (major): 15
version (minor): 1
estimated size: 76150
install date: 20101113
install source: E:\disk1\
uninstall cmd: MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
publisher: Intuit
comments: All URL's valid as of July 2006
contact: Customer Support Department
help link: http://www.intuit.com/support/quicken
help telephone: 1-900-555-4932

RealUpgrade 1.1 1.1.0 ({28C2DED6-325B-4CC7-983A-1777C8F7FBAB})
version: 16842752
version (major): 1
version (minor): 1
estimated size: 798
install date: 20111017
install source: C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\~rnsetup\UPGRADE\
uninstall cmd: MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
publisher: RealNetworks, Inc.

iTunes 10.5.0.142 ({29ED20C9-5E15-4969-9279-25BF3727A3DA})
version: 168099840
version (major): 10
version (minor): 5
estimated size: 172698
install date: 20111028
install location: C:\Program Files\iTunes\
install source: C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple\Apple Software Update\
uninstall cmd: MsiExec.exe /I{29ED20C9-5E15-4969-9279-25BF3727A3DA}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Ant.com IE add-on 2.2.1.75 ({2B78F6F9-5C63-45AB-ABFD-DDB7946E4C39})
version: 33685505
version (major): 2
version (minor): 2
estimated size: 10252
install date: 20111014
install source: C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\TEM2D18R\
uninstall cmd: MsiExec.exe /X{2B78F6F9-5C63-45AB-ABFD-DDB7946E4C39}
publisher: Ant.com

Sonic_PrimoSDK 70.0.170.000 ({2F58D60D-2BFD-4467-9B4D-64E7355C329D})
version: 1174405290
version (major): 70
estimated size: 1931
install date: 20101113
install source: c:\hp\tmp\src\setup\Sonic_PrimoSDK\
publisher: Hewlett-Packard

Sonic Update Manager 3.0.0 ({30465B6C-B53F-49A1-9EBA-A3F187AD502E})
version: 50331648
version (major): 3
estimated size: 2444
install date: 20101113
install source: c:\hp\tmp\src\UPDATEMANAGER_MSI\
uninstall cmd: MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
publisher: Sonic Solutions

SkinsHP1 70.0.170.000 ({33BF0960-DBA3-4187-B6CC-C969FCFA2D25})
version: 1174405290
version (major): 70
estimated size: 13
install date: 20101113
install source: c:\hp\tmp\src\setup\SkinsHP1\
publisher: Hewlett-Packard

WebFldrs XP 9.50.7523 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2472
install date: 20050830
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows

LightScribe 1.4.84.1 1.4.84.1 ({352F5013-07DC-446D-8DB6-38F339086C60})
version: 17039444
version (major): 1
version (minor): 4
estimated size: 2885
install date: 20101113
install location: C:\Program Files\Common Files\LightScribe\
install source: C:\hp\drivers\LightScribe\
publisher: http://www.lightscribe.com
comments: LightScribe
contact: LightScribe
help link: http://www.lightscribe.com
help telephone: 1-000-000-0000

OptionalContentQFolder 1.00.0000 ({36D620AD-EEBA-4973-BA86-0C9AE6396620})
version: 16777216
version (major): 1
install date: 20101113
install source: c:\hp\tmp\src\setup\QFolder\
publisher: Hewlett-Packard

Microsoft .NET Framework 4 Client Profile 4.0.30319 ({3C3901C5-3455-3E0A-A214-0B093A5070A6})
version: 67139183
version (major): 4
estimated size: 510890
install date: 20111012
install source: C:\b9824a751bc303dd3381\
uninstall cmd: MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
publisher: Microsoft Corporation
readme: http://go.microsoft..../?LinkId=164156

({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2160841)

({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2162169)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) 1 ({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708)
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
publisher: Microsoft Corporation
comments: This security update is for Microsoft .NET Framework 4 Client Profile.
If you later install a more recent service pack, this security update will be uninstalled automatically.
For more information, visit http://support.micro...com/kb/2446708.
help link: http://support.micro....com/kb/2446708

({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708v2)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) 1 ({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871)
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
publisher: Microsoft Corporation
comments: This update is for Microsoft .NET Framework 4 Client Profile.
If you later install a more recent service pack, this update will be uninstalled automatically.
For more information, visit http://support.micro...com/kb/2468871.
help link: http://support.micro....com/kb/2468871

({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228)

({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478063)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) 1 ({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663)
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
publisher: Microsoft Corporation
comments: This security update is for Microsoft .NET Framework 4 Client Profile.
If you later install a more recent service pack, this security update will be uninstalled automatically.
For more information, visit http://support.micro...com/kb/2478663.
help link: http://support.micro....com/kb/2478663

({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2514805)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) 1 ({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870)
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
publisher: Microsoft Corporation
comments: This security update is for Microsoft .NET Framework 4 Client Profile.
If you later install a more recent service pack, this security update will be uninstalled automatically.
For more information, visit http://support.micro...com/kb/2518870.
help link: http://support.micro....com/kb/2518870

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) 1 ({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523)
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
publisher: Microsoft Corporation
comments: This update is for Microsoft .NET Framework 4 Client Profile.
If you later install a more recent service pack, this update will be uninstalled automatically.
For more information, visit http://support.micro...com/kb/2533523.
help link: http://support.micro....com/kb/2533523

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) 1 ({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636)
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
publisher: Microsoft Corporation
comments: This security update is for Microsoft .NET Framework 4 Client Profile.
If you later install a more recent service pack, this security update will be uninstalled automatically.
For more information, visit http://support.micro...com/kb/2539636.
help link: http://support.micro....com/kb/2539636

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) 1 ({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078)
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
publisher: Microsoft Corporation
comments: This security update is for Microsoft .NET Framework 4 Client Profile.
If you later install a more recent service pack, this security update will be uninstalled automatically.
For more information, visit http://support.micro...com/kb/2572078.
help link: http://support.micro....com/kb/2572078

Microsoft Works 08.04.0623 ({416D80BA-6F6D-4672-B7CF-F54DA2F80B44})
version: 134480495
version (major): 8
version (minor): 4
estimated size: 291561
install date: 20101113
install source: c:\hp\tmp\src\MSWORKS\
uninstall cmd: MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
publisher: Microsoft Corporation
comments: Microsoft Works 8.0 installation.
help link: http://support.micro...m/support/works
help telephone:

CP_Package_Basic1 70.0.170.000 ({41E776A5-9B12-416D-9A12-B4F7B044EBED})
version: 1174405290
version (major): 70
estimated size: 2985
install date: 20101113
install source: c:\hp\tmp\src\setup\CP_Package_Basic1\
publisher: Hewlett-Packard

BufferChm 70.0.170.000 ({45B8A76B-57EC-4242-B019-066400CD8428})
version: 1174405290
version (major): 70
estimated size: 1985
install date: 20101113
install source: c:\hp\tmp\src\setup\BufferChm\
publisher: Hewlett-Packard

HP DVD Play 2.1 ({45D707E9-F3C4-11D9-A373-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall

Java Auto Updater 2.0.6.1 ({4A03706F-666A-4037-7777-5F2748764D10})
version: 33554438
version (major): 2
estimated size: 1225
install date: 20110908
install source: C:\Documents and Settings\Compaq_Administrator\Application Data\Sun\Java\AU\
publisher: Sun Microsystems, Inc.

FullDPAppQFolder 1.00.0000 ({53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C})
version: 16777216
version (major): 1
install date: 20101113
install source: c:\hp\tmp\src\setup\QFolder\
publisher: Hewlett-Packard

Sonic Express Labeler 2.1.0 ({6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA})
version: 33619968
version (major): 2
version (minor): 1
estimated size: 13851
install date: 20101113
install source: c:\hp\tmp\src\EXPRESSLABELER_20\
uninstall cmd: MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
publisher: Sonic Solutions

RandMap 70.0.170.000 ({6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C})
version: 1174405290
version (major): 70
estimated size: 22648
install date: 20101113
install source: c:\hp\tmp\src\setup\RandMap\
publisher: Hewlett-Packard

Microsoft Visual C++ 2005 Redistributable 8.0.61001 ({710f4c1c-cc18-4c49-8cbf-51240c89a1a2})
version: 134278729
version (major): 8
estimated size: 5403
install date: 20110615
install source: C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
publisher: Microsoft Corporation

Microsoft Visual C++ 2005 Redistributable 8.0.56336 ({7299052b-02a4-4627-81f2-1818da5d550d})
version: 134274064
version (major): 8
estimated size: 4718
install date: 20110623
install source: C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\
uninstall cmd: MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
publisher: Microsoft Corporation

RealNetworks - Microsoft Visual C++ 2008 Runtime 9.0 ({7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA})
version: 150994944
version (major): 9
estimated size: 1439
install date: 20111017
install source: C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\~rnsetup\
uninstall cmd: MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
publisher: RealNetworks, Inc
comments: Copyright © Microsoft Corporation, All rights reserved.
contact: Microsoft Corporation

Apple Software Update 2.1.3.127 ({789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE})
version: 33619971
version (major): 2
version (minor): 1
estimated size: 2440
install date: 20110708
install location: C:\Program Files\Apple Software Update\
install source: C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple\Apple Software Update\
uninstall cmd: MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Bonjour 3.0.0.10 ({79155F2B-9895-49D7-8612-D92580E0DE5B})
version: 50331648
version (major): 3
estimated size: 1050
install date: 20111028
install location: C:\Program Files\Bonjour\
install source: C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple\Apple Software Update\
uninstall cmd: MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

QuickTime 7.71.80.42 ({7BE15435-2D3E-4B58-867F-9C75BED0208C})
version: 122093648
version (major): 7
version (minor): 71
estimated size: 75041
install date: 20111028
install location: C:\Program Files\QuickTime\
install source: C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple\Apple Software Update\
uninstall cmd: MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Easy Internet Sign-up FE UI-4.1.0.1680 ({8105684D-8CA6-440D-8F58-7E5FD67A499D})
version: 50331648
version (major): 3
estimated size: 14004
install date: 20101113
install source: C:\hp\tmp\src\
publisher: Hewlett-Packard

cp_LightScribeConfig 70.0.170.000 ({82081779-4175-4666-A457-AB711CD37EF0})
version: 1174405290
version (major): 70
estimated size: 9
install date: 20101113
install source: c:\hp\tmp\src\setup\cp_LightScribeConfig\
publisher: Hewlett-Packard

CP_Package_Variety3 70.0.170.000 ({829DAAD6-BB11-4BB7-921B-07FFB703F944})
version: 1174405290
version (major): 70
estimated size: 12561
install date: 20101113
install source: c:\hp\tmp\src\setup\CP_Package_Variety3\
publisher: Hewlett-Packard

CP_AtenaShokunin1Config 70.0.170.000 ({82E55892-6FFD-403F-AA97-D726846768AA})
version: 1174405290
version (major): 70
estimated size: 13
install date: 20101113
install source: c:\hp\tmp\src\setup\cp_AtenaShokunin1Config\
publisher: Hewlett-Packard

MSXML 4.0 SP2 (KB954430) 4.20.9870.0 ({86493ADD-824D-4B8E-BD72-8C5DCDC52A71})
version: 68429454
version (major): 4
version (minor): 20
estimated size: 1455
install date: 20101113
install source: c:\1be2b4058514e39a6cf8ab29\
uninstall cmd: MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/954430

SlideShowMusic 70.0.170.000 ({866A0078-DEA7-4348-9C9A-999AF2991EAA})
version: 1174405290
version (major): 70
estimated size: 4989
install date: 20101113
install source: c:\hp\tmp\src\setup\SlideShowMusic\
publisher: Hewlett-Packard

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 9.0.30729.5570 ({86CE85E6-DBAC-3FFD-B977-E4B79F83C909})
version: 151025673
version (major): 9
estimated size: 10442
install date: 20110428
install source: c:\b5a7bffde573f8c27f0570147810\
uninstall cmd: MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
publisher: Microsoft Corporation

Microsoft Silverlight 4.0.60831.0 ({89F4137D-6C26-4A84-BDB8-2E5A4BB71E00})
version: 67169695
version (major): 4
estimated size: 39764
install date: 20111012
install location: c:\Program Files\Microsoft Silverlight\
install source: c:\6750d167ccc720df7bbf8f7d1057609c\
uninstall cmd: MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
publisher: Microsoft Corporation
help link: http://go.microsoft....k/?LinkID=91955

CP_Package_Variety2 70.0.170.000 ({8A534F71-3202-4464-A422-B767295E67B9})
version: 1174405290
version (major): 70
estimated size: 12017
install date: 20101113
install source: c:\hp\tmp\src\setup\CP_Package_Variety2\
publisher: Hewlett-Packard

Unload 7.0.0 ({8CE4E6E9-9D55-43FB-9DDB-688C976BFC05})
version: 117440512
version (major): 7
estimated size: 8361
install date: 20101113
install source: c:\hp\tmp\src\setup\UnloadIntent\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

CP_Package_Variety1 70.0.170.000 ({93E5A317-24EC-4744-812C-16FECFE86E6A})
version: 1174405290
version (major): 70
estimated size: 10609
install date: 20101113
install source: c:\hp\tmp\src\setup\CP_Package_Variety1\
publisher: Hewlett-Packard

Microsoft PowerPoint Viewer 14.0.6029.1000 ({95140000-00AF-0409-0000-0000000FF1CE})
version: 234887053
version (major): 14
estimated size: 287490
install date: 20111108
install source: C:\Program Files\MSECache\PPTViewer\
uninstall cmd: MsiExec.exe /X{95140000-00AF-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation
help link: http://support.microsoft.com

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 9.0.30729.6161 ({9BE518E6-ECC6-35A9-88E4-87755C07200F})
version: 151025673
version (major): 9
estimated size: 10444
install date: 20110615
install source: c:\e1611970c61e7ada48dd\
uninstall cmd: MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
publisher: Microsoft Corporation

Apple Mobile Device Support 4.0.0.96 ({A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21})
version: 67108864
version (major): 4
estimated size: 24887
install date: 20111028
install location: C:\Program Files\Common Files\Apple\Mobile Device Support\
install source: C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple\Apple Software Update\
uninstall cmd: MsiExec.exe /I{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Microsoft Visual C++ 2005 Redistributable - KB2467175 8.0.51011 ({a0fe116e-9a8a-466f-aee0-625cb7c207e3})
version: 134268739
version (major): 8
estimated size: 4768
install date: 20110702
install source: C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{a0fe116e-9a8a-466f-aee0-625cb7c207e3}
publisher: Microsoft Corporation

InstantShareDevices 70.0.170.000 ({A29800BA-0BF1-4E63-9F31-DF05A87F4104})
version: 1174405290
version (major): 70
estimated size: 3047
install date: 20101113
install source: c:\hp\tmp\src\setup\InstantShareDevices\
publisher: Hewlett-Packard

Microsoft .NET Framework 3.0 Service Pack 2 3.2.30729 ({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7})
version: 50493449
version (major): 3
version (minor): 2
estimated size: 213825
install date: 20101117
install source: c:\9e3cdd082baab13d786d69e2ccff5a\dotnetfx30\
uninstall cmd: MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
publisher: Microsoft Corporation
help link: http://go.microsoft....k/?LinkId=98075

({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB300003)

({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB958483)

({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB960043)

({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB975195)

({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976570)

({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976578)

({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976578v2)

({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976769)

({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976769v2)

({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB977354)

({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB977354v2)

Apple Application Support 2.1.5 ({A83279FD-CA4B-4206-9535-90974DE76654})
version: 33619973
version (major): 2
version (minor): 1
estimated size: 64355
install date: 20111028
install location: C:\Program Files\Common Files\Apple\Apple Application Support\
install source: C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple\Apple Software Update\
uninstall cmd: MsiExec.exe /I{A83279FD-CA4B-4206-9535-90974DE76654}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Google Update Helper 1.3.21.79 ({A92DAB39-4E2C-4304-9AB6-BC44E68B55E2})
version: 16973845
version (major): 1
version (minor): 3
estimated size: 28
install date: 20111018
install source: C:\Program Files\Google\Update\1.3.21.79\
uninstall cmd: MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
publisher: Google Inc.

DeviceManagementQFolder 1.00.0000 ({AB5D51AE-EBC3-438D-872C-705C7C2084B0})
version: 16777216
version (major): 1
install date: 20101113
install source: c:\hp\tmp\src\setup\QFolder\
publisher: Hewlett-Packard

Sonic RecordNow Audio 2.0.6 ({AB708C9B-97C8-4AC9-899B-DBF226AC9382})
version: 33554438
version (major): 2
estimated size: 17441
install date: 20101113
install source: c:\hp\tmp\src\SC_AUDIO_206\
uninstall cmd: MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
publisher: Sonic Solutions
help link: http://support.sonic.com/

Adobe Reader X (10.1.1) 10.1.1 ({AC76BA86-7AD7-1033-7B44-AA1000000001})
version: 167837697
version (major): 10
version (minor): 1
estimated size: 130582
install date: 20110916
install location: C:\Program Files\Adobe\Reader 10.0\Reader\
install source: C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-AA1000000001}\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001}
publisher: Adobe Systems Incorporated
comments:
contact: Customer Support
help link: http://www.adobe.com/support/main.html
readme: C:\Program Files\Adobe\Reader 10.0\Readme.htm

Sonic RecordNow Copy 2.0.6 ({B12665F4-4E93-4AB4-B7FC-37053B524629})
version: 33554438
version (major): 2
estimated size: 17193
install date: 20101113
install source: c:\hp\tmp\src\SC_COPY_206\
uninstall cmd: MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
publisher: Sonic Solutions
help link: http://support.sonic.com/

cp_PosterPrintConfig 70.0.170.000 ({B2157760-AA3C-4E2E-BFE6-D20BC52495D9})
version: 1174405290
version (major): 70
estimated size: 5
install date: 20101113
install source: c:\hp\tmp\src\setup\cp_PosterPrintConfig\
publisher: Hewlett-Packard

Spybot - Search & Destroy 1.6.2 ({B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1)
install date: 20101118
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited
help link: http://www.safer-net...hp?page=support

CueTour 70.0.170.000 ({B6286A44-7505-471A-A72B-04EC2DB2F442})
version: 1174405290
version (major): 70
estimated size: 5413
install date: 20101113
install source: c:\hp\tmp\src\setup\CueTour\
publisher: Hewlett-Packard

CP_Panorama1Config 70.0.170.000 ({B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3})
version: 1174405290
version (major): 70
estimated size: 13
install date: 20101113
install source: c:\hp\tmp\src\setup\CP_Panorama1Config\
publisher: Hewlett-Packard

Microsoft .NET Framework 2.0 Service Pack 2 2.2.30729 ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F})
version: 33716233
version (major): 2
version (minor): 2
estimated size: 308711
install date: 20111012
uninstall cmd: MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
publisher: Microsoft Corporation
help link: http://go.microsoft....k/?LinkId=98073

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB200003)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2418241)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2446704)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2446704v2)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2478658)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2518864)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2539631)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2572073)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB431780)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB946922)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB947748)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB949272)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952137)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952677)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953300)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953990)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB954832)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB956860)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957541)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957542)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957543)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958129)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958481)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB960043)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB971111)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB974417)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB976569)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB976576)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB976765v2)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB979909)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB980773)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB983583)

PhotoGallery 70.0.170.000 ({C1C6767D-B395-43CB-BF99-051B58B86DA6})
version: 1174405290
version (major): 70
estimated size: 50170
install date: 20101113
install source: c:\hp\tmp\src\setup\PhotoGallery\
publisher: Hewlett-Packard

cp_UpdateProjectsConfig 70.0.170.000 ({C3FAA091-B278-44A7-BF48-190811C5F9F7})
version: 1174405290
version (major): 70
install date: 20101113
install source: c:\hp\tmp\src\setup\cp_UpdateProjectsConfig\
publisher: Hewlett-Packard

Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 105491
install date: 20111012
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

Microsoft .NET Framework 3.5 SP1 3.5.30729 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9})
version: 50690057
version (major): 3
version (minor): 5
estimated size: 76372
install date: 20101117
install source: C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\IXP05880.tmp\dotnetfx35\x86\
uninstall cmd: MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
publisher: Microsoft Corporation

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
publisher: Microsoft Corporation
comments: This security update is for Microsoft .NET Framework 3.5 SP1.
If you later install a more recent service pack, this security update will be uninstalled automatically.
For more information, visit http://support.micro...com/kb/2416473.
help link: http://support.micro....com/kb/2416473

({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB350003)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
publisher: Microsoft Corporation
comments: This hotfix is for Microsoft .NET Framework 3.5 SP1.
If you later install a more recent service pack, this hotfix will be uninstalled automatically.
For more information, visit http://support.micro....com/kb/953595.
help link: http://support.microsoft.com/kb/953595

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
publisher: Microsoft Corporation
comments: This hotfix is for Microsoft .NET Framework 3.5 SP1.
If you later install a more recent service pack, this hotfix will be uninstalled automatically.
For more information, visit http://support.micro....com/kb/958484.
help link: http://support.microsoft.com/kb/958484

({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
publisher: Microsoft Corporation
comments: This update is for Microsoft .NET Framework 3.5 SP1.
If you later install a more recent service pack, this update will be uninstalled automatically.
For more information, visit http://support.micro....com/kb/963707.
help link: http://support.microsoft.com/kb/963707

HP Support Overview 1.0.0 ({D7DBA21A-CDE5-42EC-BB1C-AE4B3E616B9A}_is1)
uninstall cmd: "C:\WINDOWS\unins000.exe"
publisher: Hewlett-Packard Company
comments: HP Support Overview
contact: http://www.hp.com/support
help link: http://www.hp.com/support

HP Web Helper ({DAAD5187-62C5-4AD6-A526-803C18C4944D})
uninstall cmd: regsvr32 /u /s "C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll"

HpSdpAppCoreApp 3.00.0000 ({DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38})
version: 50331648
version (major): 3
estimated size: 2987
install date: 20101113
install source: C:\hp\tmp\src\
publisher: Hewlett-Packard

Windows Media Encoder 9 Series 9.00.2980 ({E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E})
version: 150997924
version (major): 9
estimated size: 13910
install date: 20101225
install source: C:\WINDOWS\Installer\
uninstall cmd: MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
publisher: Microsoft Corporation
help link: http://go.microsoft....nk/?LinkId=9647

CP_CalendarTemplates1 70.0.170.000 ({ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F})
version: 1174405290
version (major): 70
estimated size: 2261
install date: 20101113
install source: c:\hp\tmp\src\setup\CP_CalendarTemplates1\
publisher: Hewlett-Packard

Realtek High Definition Audio Driver ({F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC})
uninstall cmd: RtlUpd.exe -r -m -nrg2709
publisher: Realtek Semiconductor Corp.

MSXML 4.0 SP2 (KB973688) 4.20.9876.0 ({F662A8E6-F4DC-41A2-901E-8C11F044BDEC})
version: 68429460
version (major): 4
version (minor): 20
estimated size: 2833
install date: 20101113
install source: c:\2b95c5c3d96add3e25429365\
uninstall cmd: MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/973688

Destinations 70.0.170.000 ({FB15E224-67C3-491F-9F5C-F257BC418412})
version: 1174405290
version (major): 70
estimated size: 17221
install date: 20101113
install source: c:\hp\tmp\src\setup\Destinations\
publisher: Hewlett-Packard

Adobe AIR 2.7.1.19610 ({FDB3B167-F4FA-461D-976F-286304A57B2A})
version: 34013185
version (major): 2
version (minor): 7
estimated size: 30851
install date: 20110815
install location: c:\Program Files\Common Files\Adobe AIR\
install source: c:\windows\temp\air49.tmp\
uninstall cmd: MsiExec.exe /I{FDB3B167-F4FA-461D-976F-286304A57B2A}
publisher: Adobe Systems Incorporated



--- System Services ---
Service (registry key): .NET CLR Data
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET CLR Networking
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET CLR Networking 4.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for Oracle
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for SqlServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Memory Cache 4.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NETFramework
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): A3AB
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB)
Image path: system32\DRIVERS\A3AB.sys
Image size: 547744
Image MD5: 21AF8E9C727C6D7643AD497268F55BF1
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Abiosdsk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0

Service (registry key): abp480n5
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ACPI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft ACPI Driver
Image path: system32\DRIVERS\ACPI.sys
Image size: 187776
Image MD5: 8FD99680A539792A30E97944FDAECF17
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): ACPIEC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu160m
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): aec
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel Acoustic Echo Canceller
Image path: system32\drivers\aec.sys
Image size: 142592
Image MD5: 8BED39E3C35D6A489438B8141717A557
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): AFD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AFD
Description: AFD Networking Support Environment
Image path: \SystemRoot\System32\drivers\afd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): Aha154x
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78u2
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Alerter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Alerter
Description: Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): ALG
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Application Layer Gateway Service
Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 44544
Image MD5: 8C515081584A38AA007909CD02020B3D
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): AliIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): AmdK8
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AMD Processor Driver
Image path: system32\DRIVERS\AmdK8.sys
Image size: 36352
Image MD5: 59301936898AE62245A6F09C0ABA9475
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): amsint
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): AntUpdaterService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Ant Toolbar updater service
Description: Ant Toolbar updater service
Object name: LocalSystem
Image path: "C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe"
Image size: 520216
Image MD5: C710B5D634DCCF966661939193175DE4
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): Apple Mobile Device
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Apple Mobile Device
Description: Provides the interface to Apple mobile devices.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
Image size: 55144
Image MD5: D8E18021F91AD79CA8491CB5A5DA22D4
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: Tcpip

Service (registry key): AppMgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Application Management
Description: Provides software installation services such as Assign, Publish, and Remove.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): aracpi
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\aracpi.sys
Image size: 22784
Image MD5: 00523019E3579C8F8A94457FE25F0F24
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): arhidfltr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MS Ar HID Filter Driver
Image path: system32\DRIVERS\arhidfltr.sys
Image size: 19200
Image MD5: 9FEDAA46EB1A572AC4D9EE6B5F123CF2
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): arkbcfltr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft PS2 Keyboard Filter
Image path: system32\DRIVERS\arkbcfltr.sys
Image size: 5376
Image MD5: 82969576093CD983DD559F5A86F382B4
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): armoucfltr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft PS2 Mouse Filter
Image path: system32\DRIVERS\armoucfltr.sys
Image size: 4992
Image MD5: 9B21791D8A78FAECE999FADBEBDA6C22
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Arp1394
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: 1394 ARP Client Protocol
Description: 1394 ARP Client Protocol
Image path: system32\DRIVERS\arp1394.sys
Image size: 60800
Image MD5: B5B8A80875C1DEDEDA8B02765642C32F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): ARPolicy
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\arpolicy.sys
Image size: 10112
Image MD5: 7A2DA7C7B0C524EF26A79F17A5C69FDE
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ARSVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ARSVC
Description: ARService
Object name: LocalSystem
Image path: C:\WINDOWS\arservice.exe
Image size: 58880
Image MD5: 9A0D9B2E263BEDE80FB79DDBAD240EC1
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1

Service (registry key): asc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3350p
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3550
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ASP.NET
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ASP.NET_1.1.4322
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ASP.NET_2.0.50727
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ASP.NET_4.0.30319
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): aspnet_state
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ASP.NET State Service
Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
Image size: 35160
Image MD5: 776ACEFA0CA9DF0FAA51A5FB2F435705
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): AsyncMac
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: RAS Asynchronous Media Driver
Description: RAS Asynchronous Media Driver
Image path: system32\DRIVERS\asyncmac.sys
Image size: 14336
Image MD5: B153AFFAC761E7F5FCFA822B9C4E97BC
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): atapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Standard IDE/ESDI Hard Disk Controller
Image path: system32\DRIVERS\atapi.sys
Image size: 96512
Image MD5: 9F3A2F5AA6875C72BF062C712CFA2674
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): Atdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0

Service (registry key): Atmarpc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ATM ARP Client Protocol
Description: ATM ARP Client Protocol
Image path: system32\DRIVERS\atmarpc.sys
Image size: 59904
Image MD5: 9916C1225104BA14794209CFA8012159
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): AudioSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Audio
Description: Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): audstub
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Audio Stub Driver
Image path: system32\DRIVERS\audstub.sys
Image size: 3072
Image MD5: D9F724AA26C010A217C97606B160ED68
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BattC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): bb-run
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Promise driver accelerator
Image path: system32\DRIVERS\bb-run.sys
Image size: 17408
Image MD5: 7270D070173B20AC9487EA16BB08B45F
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 0

Service (registry key): Beep
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): BHDrvx86
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: BHDrvx86
Description: SONAR Engine Driver
Image path: \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111114.002\BHDrvx86.sys
Image size: 819320
Image MD5: 9D14D76E4E7B9B2EAD17149011DB2B11
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: SymEFA,FltMgr,SymDS,SymIRON,SRTSPX

Service (registry key): BITS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Background Intelligent Transfer Service
Description: Transfers files in the background using idle network bandwidth. If the service is stopped, features such as Windows Update, and MSN Explorer will be unable to automatically download programs and other information. If this service is disabled, any services that explicitly depend on it may fail to transfer files if they do not have a fail safe mechanism to transfer files directly through IE in case BITS has been disabled.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Rpcss

Service (registry key): Bonjour Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bonjour Service
Description: Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence.
Object name: LocalSystem
Image path: "C:\Program Files\Bonjour\mDNSResponder.exe"
Image size: 390504
Image MD5: DB5BEA73EDAF19AC68B2C0FAD0F92B1A
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: Tcpip

Service (registry key): Browser
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Computer Browser
Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,LanmanServer

Service (registry key): cbidf2k
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ccSet_NIS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Norton Internet Security Settings Manager
Image path: \SystemRoot\system32\drivers\NIS\1302000.00A\ccSetx86.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): cd20xrnt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Cdaudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): Cdfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"

Service (registry key): Cdrom
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD-ROM Driver
Image path: system32\DRIVERS\cdrom.sys
Image size: 62976
Image MD5: 1F4260CC5B42272D71F79E570A27A4FE
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): Changer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): CiSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Indexing Service
Description: Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language.
Object name: LocalSystem
Image path: %SystemRoot%\system32\cisvc.exe
Image size: 5632
Image MD5: 1CFE720EB8D93A7158A4EBC3AB178BDE
Control Set: CurrentControlSet
Start: 3
Type: 288
Error Control: 1
Depends On services: RPCSS

Service (registry key): ClipSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ClipBook
Description: Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\clipsrv.exe
Image size: 33280
Image MD5: 34CBE729F38138217F9C80212A2A0C82
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 1
Depends On services: NetDDE

Service (registry key): clr_optimization_v2.0.50727_32
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: .NET Runtime Optimization Service v2.0.50727_X86
Description: Microsoft .NET Framework NGEN
Object name: LocalSystem
Image path: c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Image size: 69632
Image MD5: D87ACAED61E417BBA546CED5E7E36D9C
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 0

Service (registry key): clr_optimization_v4.0.30319_32
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft .NET Framework NGEN v4.0.30319_X86
Description: Microsoft .NET Framework NGEN
Object name: LocalSystem
Image path: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
Image size: 130384
Image MD5: C5A75EB48E2344ABDC162BDA79E16841
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0

Service (registry key): CmdIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): COMSysApp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: COM+ System Application
Description: Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Image size: 5120
Image MD5: 0A9BA6AF531AFE7FA5E4FB973852D863
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: rpcss

Service (registry key): ContentFilter
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ContentIndex
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Cpqarray
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): CryptSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Cryptographic Services
Description: Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): dac2w2k
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0

Service (registry key): dac960nt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): DcomLaunch
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DCOM Server Process Launcher
Description: Provides launch functionality for DCOM services.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost -k DcomLaunch
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): Dhcp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DHCP Client
Description: Manages network configuration by registering and updating IP addresses and DNS names.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd,NetBT

Service (registry key): Disk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Disk Driver
Image path: system32\DRIVERS\disk.sys
Image size: 36352
Image MD5: 044452051F3E02E7963599FC8F4F3E25
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): dmadmin
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logical Disk Manager Administrative Service
Description: Configures hard disk drives and volumes. The service only runs for configuration processes and then stops.
Object name: LocalSystem
Image path: %SystemRoot%\System32\dmadmin.exe /com
Image size: 224768
Image MD5: E46050330BD42F33609117F861E32D3C
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay,DmServer

Service (registry key): dmboot
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\drivers\dmboot.sys
Image size: 799744
Image MD5: D992FE1274BDE0F84AD826ACAE022A41
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logical Disk Manager Driver
Image path: System32\drivers\dmio.sys
Image size: 153344
Image MD5: 7C824CF7BBDE77D95C08005717A95F6F
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): dmload
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\drivers\dmload.sys
Image size: 5888
Image MD5: E9317282A63CA4D188C0DF5E09C6AC5F
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): dmserver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logical Disk Manager
Description: Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay

Service (registry key): DMusic
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel DLS Syntheiszer
Image path: system32\drivers\DMusic.sys
Image size: 52864
Image MD5: 8A208DFCF89792A484E76C40E5F50B45
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Dnscache
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DNS Client
Description: Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip

Service (registry key): Dot3svc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Wired AutoConfig
Description: This service performs IEEE 802.1X authentication on Ethernet interfaces
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k dot3svc
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Ndisuio,eaphost

Service (registry key): dpti2o
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): drmkaud
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel DRM Audio Descrambler
Image path: system32\drivers\drmkaud.sys
Image size: 2944
Image MD5: 8F5FCFF8E8848AFAC920905FBD9D33C8
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): EapHost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Extensible Authentication Protocol Service
Description: Provides windows clients Extensible Authentication Protocol Service
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k eapsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): eeCtrl
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Eraser Control driver
Image path: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
Image size: 374392
Image MD5: 75E8B69F28C813675B16DB357F20720F
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: FltMgr

Service (registry key): ehRecvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Media Center Receiver Service
Description: Media Center Service for TV and FM broadcast reception
Object name: LocalSystem
Image path: C:\WINDOWS\eHome\ehRecvr.exe
Image size: 237568
Image MD5: 5D1347AA5AE6E2F77D7F4F8372D95AC9
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0
Depends On services: RPCSS

Service (registry key): ehSched
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Media Center Scheduler Service
Object name: LocalSystem
Image path: C:\WINDOWS\eHome\ehSched.exe
Image size: 102912
Image MD5: A53243709439AC2A4C216B817F8D7411
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): EraserUtilRebootDrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: EraserUtilRebootDrv
Image path: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
Image size: 106104
Image MD5: 720B18D76DE9E603B626DFCD6F1FCA7C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ERSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Error Reporting Service
Description: Allows error reporting for services and applictions running in non-standard environments.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 0
Depends On services: RpcSs

Service (registry key): Eventlog
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Event Log
Description: Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 110592
Image MD5: 65DF52F5B8B6E9BBD183505225C37315
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): EventSystem
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: COM+ Event System
Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): Fastfat
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1

Service (registry key): FastUserSwitchingCompatibility
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Fast User Switching Compatibility
Description: Provides management for applications that require assistance in a multiple user environment.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: TermService

Service (registry key): Fax
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Fax
Description: Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network.
Object name: LocalSystem
Image path: %systemroot%\system32\fxssvc.exe
Image size: 267776
Image MD5: E97D6A8684466DF94FF3BC24FB787A07
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: TapiSrv,RpcSs,PlugPlay,Spooler

Service (registry key): Fdc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): Fips
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): Flpydisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): FltMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: FltMgr
Description: File System Filter Manager Driver
Image path: system32\drivers\fltmgr.sys
Image size: 129792
Image MD5: B2CF4B0786F8212CB92ED2B50C6DB6B0
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1

Service (registry key): FontCache3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Presentation Foundation Font Cache 3.0.0.0
Description: Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications.
Object name: NT AUTHORITY\LocalService
Image path: c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
Image size: 46104
Image MD5: 8BA7C024070F2B7FDD98ED8A4BA41789
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): Fs_Rec
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 8
Error Control: 0

Service (registry key): Ftdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Volume Manager Driver
Image path: system32\DRIVERS\ftdisk.sys
Image size: 125056
Image MD5: 6AC26732762483366C3969C9E4D2259D
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): ftsata2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ftsata2.sys
Image size: 175104
Image MD5: 22399D3CE5840C6082844679CCA5D2FC
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): GEARAspiWDM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: GEAR ASPI Filter Driver
Image path: system32\DRIVERS\GEARAspiWDM.sys
Image size: 26600
Image MD5: 8182FF89C65E4D38B2DE4BB0FB18564E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Gpc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Generic Packet Classifier
Description: Generic Packet Classifier
Image path: system32\DRIVERS\msgpc.sys
Image size: 35072
Image MD5: 0A02C63C8B144BD8C86B103DEE7C86A2
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): gupdate
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Google Update Service (gupdate)
Description: Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it.
Object name: LocalSystem
Image path: C:\Program Files\Google\Update\GoogleUpdate.exe /svc
Image size: 136176
Image MD5: F02A533F517EB38333CB12A9E8963773
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): gupdatem
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Google Update Service (gupdatem)
Description: Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it.
Object name: LocalSystem
Image path: C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc
Image size: 136176
Image MD5: F02A533F517EB38333CB12A9E8963773
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): gusvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Google Software Updater
Description: Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work.
Object name: LocalSystem
Image path: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
Image size: 182768
Image MD5: CC839E8D766CC31A7710C9F38CF3E375
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Depends On services: RPCSS

Service (registry key): HDAudBus
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft UAA Bus Driver for High Definition Audio
Image path: system32\DRIVERS\HDAudBus.sys
Image size: 144384
Image MD5: 573C7D0A32852B48F3058CFD8026F511
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): helpsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Help and Support
Description: Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): HidServ
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Human Interface Device Access
Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): HidUsb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft HID Class Driver
Image path: system32\DRIVERS\hidusb.sys
Image size: 10368
Image MD5: CCF82C5EC8A7326C3066DE870C06DAF1
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): hkmsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Health Key and Certificate Management Service
Description: Manages health certificates and keys (used by NAP)
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): hpn
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): HSXHWBS2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\HSXHWBS2.sys
Image size: 241664
Image MD5: 1F5C64B0C6B2E2F48735A77AE714CCB8
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): HSX_DP
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\HSX_DP.sys
Image size: 936448
Image MD5: A7F8C9228898A1E871D2AE7082F50AC3
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): HTTP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: HTTP
Description: This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start.
Image path: System32\Drivers\HTTP.sys
Image size: 265728
Image MD5: F80A415EF82CD06FFAF0D971528EAD38
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): HTTPFilter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: HTTP SSL
Description: This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k HTTPFilter
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP

Service (registry key): i2omgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): i2omp
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): i8042prt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: i8042 Keyboard and PS/2 Mouse Port Driver
Image path: system32\DRIVERS\i8042prt.sys
Image size: 52480
Image MD5: 4A0B06AA8943C1E332520F7440C0AA30
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): iaStor
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel RAID Controller
Image path: system32\DRIVERS\iaStor.sys
Image size: 872064
Image MD5: 9A65E42664D1534B68512CAAD0EFE963
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): IDriverT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: InstallDriver Table Manager
Description: Provides support for the Running Object Table for InstallShield Drivers
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"
Image size: 73728
Image MD5: 6F95324909B502E2651442C1548AB12F
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0

Service (registry key): idsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows CardSpace
Description: Securely enables the creation, management, and disclosure of digital identities.
Object name: LocalSystem
Image path: "c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
Image size: 881664
Image MD5: C01AC32DC5C03076CFB852CB5DA5229C
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): IDSxpx86
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IDSxpx86
Description: Symantec Intrusion Prevention Driver
Image path: \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20111112.030\IDSxpx86.sys
Image size: 356280
Image MD5: E72D3894D42355E9CD5FD77E1E4FEA11
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: SYMTDI,SYMEFA

Service (registry key): Imapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD-Burning Filter Driver
Image path: system32\DRIVERS\imapi.sys
Image size: 42112
Image MD5: 083A052659F5310DD8B6A6CB05EDCF8E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): ImapiService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IMAPI CD-Burning COM Service
Description: Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\imapi.exe
Image size: 150528
Image MD5: 30DEAF54A9755BB8546168CFE8A6B5E1
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): inetaccs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ini910u
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Inport
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): IntcAzAudAddService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Service for Realtek HD Audio (WDM)
Image path: system32\drivers\RtkHDAud.sys
Image size: 5028352
Image MD5: 14B48553BE78472D2BD3A518658A1710
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): IntelIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\intelide.sys
Image size: 5504
Image MD5: B5466A9250342A7AA0CD1FBA13420678
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): intelppm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel Processor Driver
Image path: system32\DRIVERS\intelppm.sys
Image size: 36352
Image MD5: 8C953733D8F36EB2133F5BB58808B66B
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Ip6Fw
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPv6 Windows Firewall Driver
Description: Provides intrusion prevention service for a home or small office network.
Image path: system32\drivers\ip6fw.sys
Image size: 36608
Image MD5: 3BB22519A194418D5FEC05D800A19AD0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): IpFilterDriver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Image path: system32\DRIVERS\ipfltdrv.sys
Image size: 32896
Image MD5: 731F22BA402EE4B62748ADAF6363C182
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IpInIp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP in IP Tunnel Driver
Description: IP in IP Tunnel Driver
Image path: system32\DRIVERS\ipinip.sys
Image size: 20864
Image MD5: B87AB476DCF76E72010632B5550955F5
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IpNat
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP Network Address Translator
Description: IP Network Address Translator
Image path: system32\DRIVERS\ipnat.sys
Image size: 152832
Image MD5: CC748EA12C6EFFDE940EE98098BF96BB
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): iPod Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: iPod Service
Description: iPod hardware management services
Object name: LocalSystem
Image path: "C:\Program Files\iPod\bin\iPodService.exe"
Image size: 821608
Image MD5: 33642C17C232AA272C68E446A2619899
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RpcSs

Service (registry key): IPSec
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPSEC driver
Description: IPSEC driver
Image path: system32\DRIVERS\ipsec.sys
Image size: 75264
Image MD5: 23C74D75E36E7158768DD63D92789A91
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): IRENUM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IR Enumerator Service
Image path: system32\DRIVERS\irenum.sys
Image size: 11264
Image MD5: C93C9FF7B04D772627A3646D89F7BF89
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ISAPISearch
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): isapnp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PnP ISA/EISA Bus Driver
Image path: system32\DRIVERS\isapnp.sys
Image size: 37248
Image MD5: 05A299EC56E52649B1CF2FC52D20F2D7
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): JavaQuickStarterService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Java Quick Starter
Description: Prefetches JRE files for faster startup of Java applets and applications
Object name: LocalSystem
Image path: "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
Image size: 153376
Image MD5: 381B25DC8E958D905B33130D500BBF29
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): Kbdclass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Keyboard Class Driver
Image path: system32\DRIVERS\kbdclass.sys
Image size: 24576
Image MD5: 463C1EC80CD17420A542B7F36A36F128
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): kmixer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel Wave Audio Mixer
Image path: system32\drivers\kmixer.sys
Image size: 172416
Image MD5: 692BCF44383D056AED41B045A323D378
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): KSecDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): lanmanserver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Server
Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): lanmanworkstation
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Workstation
Description: Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): lbrtfdc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): ldap
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): LicenseService
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): LightScribeService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: LightScribeService Direct Disc Labeling Service
Description: Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
Image size: 73728
Image MD5: E4973B3229E0015345AFBE43A8A8EB3B
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0

Service (registry key): LmHosts
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TCP/IP NetBIOS Helper
Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: NetBT,Afd

Service (registry key): McrdSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Media Center Extender Service
Object name: NT AUTHORITY\LocalService
Image path: C:\WINDOWS\ehome\mcrdsvc.exe
Image size: 99328
Image MD5: DF0A511F38F16016BF658FCA0090CB87
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS,SSDPSRV

Service (registry key): MDM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Machine Debug Manager
Description: Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
Image size: 322120
Image MD5: 11F714F85530A2BD134074DC30E99FCA
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): mdmxsdk
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\mdmxsdk.sys
Image size: 12544
Image MD5: E246A32C445056996074A397DA56E815
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0

Service (registry key): Messenger
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Messenger
Description: Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,NetBIOS,PlugPlay,RpcSS

Service (registry key): MHN
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MHN
Description: Multimedia Home Networking (MHN) is a networking platform for Audio Video (AV) streaming applications on IP home networks. MHN enhances AV streaming performance and reliability by ensuring network quality-of-service (QoS) for AV applications by providing mechanisms for admission control, run time monitoring and enforcement, application feedback, and traffic prioritization.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: TcpIp,Afd,RpcSs,mhndrv

Service (registry key): MHNDRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MHN driver
Description: Multimedia Home Network component driver
Image path: system32\DRIVERS\mhndrv.sys
Image size: 11008
Image MD5: 7F2F1D2815A6449D346FCCCBC569FBD6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): mnmdd
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): mnmsrvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetMeeting Remote Desktop Sharing
Description: Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\mnmsrvc.exe
Image size: 32768
Image MD5: D18F1F0C101D06A1C1ADF26EED16FCDD
Control Set: CurrentControlSet
Start: 4
Type: 272
Error Control: 1

Service (registry key): Modem
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): Mouclass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mouse Class Driver
Image path: system32\DRIVERS\mouclass.sys
Image size: 23040
Image MD5: 35C9E97194C8CFB8430125F8DBC34D04
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): mouhid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mouse HID Driver
Image path: system32\DRIVERS\mouhid.sys
Image size: 12160
Image MD5: B1C303E17FB9D46E87A98E4BA6769685
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): MountMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mount Point Manager
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): mraid35x
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): MRxDAV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WebDav Client Redirector
Description: WebDav Client Redirector
Image path: system32\DRIVERS\mrxdav.sys
Image size: 180608
Image MD5: 11D42BB6206F33FBB3BA0288D3EF81BD
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): MRxSmb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MRXSMB
Description: MRXSMB
Image path: system32\DRIVERS\mrxsmb.sys
Image size: 456320
Image MD5: 7D304A5EB4344EBEEAB53A2FE3FFB9F0
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): MSDTC Bridge 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): MSDTC Bridge 4.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Msfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): MSIServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Installer
Description: Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\msiexec.exe /V
Image size: 78848
Image MD5: 5879D691E842574A20FE63817CB76DF9
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): MSKSSRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Service Proxy
Image path: system32\drivers\MSKSSRV.sys
Image size: 7552
Image MD5: D1575E71568F4D9E14CA56B7B0453BF1
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPCLOCK
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Clock Proxy
Image path: system32\drivers\MSPCLOCK.sys
Image size: 5376
Image MD5: 325BB26842FC7CCC1FCCE2C457317F3E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPQM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Quality Manager Proxy
Image path: system32\drivers\MSPQM.sys
Image size: 4992
Image MD5: BAD59648BA099DA4A17680B39730CB3D
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSSCNTRS
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): mssmbios
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft System Management BIOS Driver
Image path: system32\DRIVERS\mssmbios.sys
Image size: 15488
Image MD5: AF5F4F3F14A8EA2C26DE30F7A1E17136
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Mup
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mup
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1

Service (registry key): napagent
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Access Protection Agent
Description: Allows windows clients to participate in Network Access Protection
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): NAVENG
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NAVENG
Image path: \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111114.004\NAVENG.SYS
Image size: 86136
Image MD5: 862F55824AC81295837B0AB63F91071F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NAVEX15
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NAVEX15
Image path: \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111114.004\NAVEX15.SYS
Image size: 1576312
Image MD5: 529D571B551CB9DA44237389B936F1AE
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NDIS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NDIS System Driver
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): NdisTapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Image path: system32\DRIVERS\ndistapi.sys
Image size: 10496
Image MD5: 0109C4F3850DFBAB279542515386AE22
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Ndisuio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Image path: system32\DRIVERS\ndisuio.sys
Image size: 14592
Image MD5: F927A4434C5028758A842943EF1A3849
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NdisWan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access NDIS WAN Driver
Description: Remote Access NDIS WAN Driver
Image path: system32\DRIVERS\ndiswan.sys
Image size: 91520
Image MD5: EDC1531A49C80614B2CFDA43CA8659AB
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NDProxy
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NetBIOS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetBIOS Interface
Description: NetBIOS Interface
Image path: system32\DRIVERS\netbios.sys
Image size: 34688
Image MD5: 5D81CF9A2F1A3A756B66CF684911CDF0
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): NetBT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetBios over Tcpip
Description: NetBios over Tcpip
Image path: system32\DRIVERS\netbt.sys
Image size: 162816
Image MD5: 74B2B2F5BEA5E9A3DC021D685551BD3D
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): NetDDE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network DDE
Description: Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 111104
Image MD5: B857BA82860D7FF85AE29B095645563B
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: NetDDEDSDM

Service (registry key): NetDDEdsdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network DDE DSDM
Description: Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 111104
Image MD5: B857BA82860D7FF85AE29B095645563B
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1

Service (registry key): Netlogon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Net Logon
Description: Supports pass-through authentication of account logon events for computers in a domain.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: BF2466B3E18E970D8A976FB95FC1CA85
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): Netman
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Connections
Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 288
Error Control: 1
Depends On services: RpcSs

Service (registry key): NetTcpPortSharing
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Net.Tcp Port Sharing Service
Description: Provides ability to share TCP ports over the net.tcp protocol.
Object name: NT AUTHORITY\LocalService
Image path: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
Image size: 124240
Image MD5: D22CD77D4F0D63D1169BB35911BFF12D
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1

Service (registry key): NIC1394
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: 1394 Net Driver
Image path: system32\DRIVERS\nic1394.sys
Image size: 61824
Image MD5: E9E47CFB2D461FA0FC75B7A74C6383EA
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NIS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Norton Internet Security
Description: Norton Internet Security
Object name: LocalSystem
Image path: "C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe" /s "NIS" /m "C:\Program Files\Norton Internet Security\Engine\19.2.0.10\diMaster.dll" /prefetch:1
Image size: 138760
Image MD5: E127420B7FEB65C7F279EAAC183BBC0E
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RpcSs

Service (registry key): Nla
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Location Awareness (NLA)
Description: Collects and stores network configuration and location information, and notifies applications when this information changes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd

Service (registry key): Npfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): Ntfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1

Service (registry key): NtLmSsp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NT LM Security Support Provider
Description: Provides security to remote procedure call (RPC) programs that use transports other than named pipes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: BF2466B3E18E970D8A976FB95FC1CA85
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): NtmsSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Removable Storage
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Null
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): nv
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\nv4_mini.sys
Image size: 3535680
Image MD5: 642A87877F83313EB5302749CD479024
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): NVENETFD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NVIDIA nForce Networking Controller Driver
Image path: system32\DRIVERS\NVENETFD.sys
Image size: 34176
Image MD5: 22EEDB34C4D7613A25B10C347C6C4C21
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): nvnetbus
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NVIDIA Network Bus Enumerator
Image path: system32\DRIVERS\nvnetbus.sys
Image size: 13056
Image MD5: 5E3F6AD5CAD0F12D3CCCD06FD964087A
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NVSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NVIDIA Display Driver Service
Description: Provides system and desktop level support to the NVIDIA display driver
Object name: LocalSystem
Image path: %SystemRoot%\system32\nvsvc32.exe
Image size: 131139
Image MD5: B0903C021BFCD6055C053A569EF98AEF
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): NwlnkFlt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPX Traffic Filter Driver
Description: IPX Traffic Filter Driver
Image path: system32\DRIVERS\nwlnkflt.sys
Image size: 12416
Image MD5: B305F3FAD35083837EF46A0BBCE2FC57
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: NwlnkFwd

Service (registry key): NwlnkFwd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPX Traffic Forwarder Driver
Description: IPX Traffic Forwarder Driver
Image path: system32\DRIVERS\nwlnkfwd.sys
Image size: 32512
Image MD5: C99B3415198D1AAB7227F2C88FD664B9
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ohci1394
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: VIA OHCI Compliant IEEE 1394 Host Controller
Image path: system32\DRIVERS\ohci1394.sys
Image size: 61696
Image MD5: CA33832DF41AFB202EE7AEB05145922F
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): Parport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Parallel port driver
Image path: system32\DRIVERS\parport.sys
Image size: 80128
Image MD5: 5575FAF8F97CE5E713D108C2A58D7C7C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): PartMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Partition Manager
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): ParVdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0
Depends On services: Parport
Depends On group: "Parallel arbitrator"

Service (registry key): PCI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PCI Bus Driver
Image path: system32\DRIVERS\pci.sys
Image size: 68224
Image MD5: A219903CCF74233761D92BEF471A07B1
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): PCIDump
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): PCIIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\pciide.sys
Image size: 3328
Image MD5: CCF5F451BB1A5A2A522A76E670000FF0
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): Pcmcia
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): PDCOMP
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDFRAME
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDRELI
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDRFRAME
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): perc2
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): perc2hib
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): PerfDisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfNet
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfOS
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfProc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PlugPlay
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Plug and Play
Description: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 110592
Image MD5: 65DF52F5B8B6E9BBD183505225C37315
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): PolicyAgent
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPSEC Services
Description: Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: BF2466B3E18E970D8A976FB95FC1CA85
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,Tcpip,IPSec

Service (registry key): PptpMiniport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Image path: system32\DRIVERS\raspptp.sys
Image size: 48384
Image MD5: EFEEC01B1D3CF84F16DDD24D9D9D8F99
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Processor
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Processor Driver
Image path: system32\DRIVERS\processr.sys
Image size: 35840
Image MD5: A32BEBAF723557681BFC6BD93E98BD26
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): ProtectedStorage
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Protected Storage
Description: Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: BF2466B3E18E970D8A976FB95FC1CA85
Control Set: CurrentControlSet
Start: 2
Type: 288
Error Control: 1
Depends On services: RpcSs

Service (registry key): PSched
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Image path: system32\DRIVERS\psched.sys
Image size: 69120
Image MD5: 09298EC810B07E5D582CB3A3F9255424
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Gpc

Service (registry key): PSI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PSI
Description: PSI mini-filter driver
Image path: system32\DRIVERS\psi_mf.sys
Image size: 15544
Image MD5: D24DFD16A1E2A76034DF5AA18125C35D
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: FltMgr

Service (registry key): Ptilink
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Direct Parallel Link Driver
Description: Direct Parallel Link Driver
Image path: system32\DRIVERS\ptilink.sys
Image size: 17792
Image MD5: 80D317BD1C3DBC5D4FE7B1678C60CADD
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): PxHelp20
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PxHelp20
Image path: System32\Drivers\PxHelp20.sys
Image size: 46080
Image MD5: 0457E25BB122B854E267CF552DCDC370
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): ql1080
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Ql10wnt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql12160
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql1240
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql1280
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): RasAcd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Image path: system32\DRIVERS\rasacd.sys
Image size: 8832
Image MD5: FE0D99D6F31E4FAD8159F690D68DED9C
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): RasAuto
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Auto Connection Manager
Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RasMan,Tapisrv

Service (registry key): Rasl2tp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Image path: system32\DRIVERS\rasl2tp.sys
Image size: 51328
Image MD5: 11B4A627BC9614B885C4969BFA5FF8A6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): RasMan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Connection Manager
Description: Creates a network connection.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Tapisrv

Service (registry key): RasPppoe
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access PPPOE Driver
Description: Remote Access PPPOE Driver
Image path: system32\DRIVERS\raspppoe.sys
Image size: 41472
Image MD5: 5BC962F2654137C9909C3D4603587DEE
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Raspti
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Direct Parallel
Description: Direct Parallel
Image path: system32\DRIVERS\raspti.sys
Image size: 16512
Image MD5: FDBB1D60066FCFBB7452FD8F9829B242
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Rdbss
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Rdbss
Description: Rdbss
Image path: system32\DRIVERS\rdbss.sys
Image size: 175744
Image MD5: 7AD224AD1A1437FE28D89CF22B17780A
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): RDPCDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\RDPCDD.sys
Image size: 4224
Image MD5: 4912D5B403614CE99C28420F75353332
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): RDPDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): rdpdr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Server Device Redirector Driver
Image path: system32\DRIVERS\rdpdr.sys
Image size: 196224
Image MD5: 15CABD0F7C00C47C70124907916AF3F1
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): RDPNP
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): RDPWD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): RDSessMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Desktop Help Session Manager
Description: Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\sessmgr.exe
Image size: 141312
Image MD5: 3C37BF86641BDA977C3BF8A840F3B7FA
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): redbook
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Digital CD Audio Playback Filter Driver
Image path: system32\DRIVERS\redbook.sys
Image size: 57600
Image MD5: F828DD7E1419B6653894A8F97A0094C5
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): RemoteAccess
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Routing and Remote Access
Description: Offers routing services to businesses in local area and wide area network environments.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSS
Depends On group: NetBIOSGroup

Service (registry key): RemoteRegistry
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Registry
Description: Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): RpcLocator
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Procedure Call (RPC) Locator
Description: Manages the RPC name service database.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\locator.exe
Image size: 75264
Image MD5: AAED593F84AFA419BBAE8572AF87CF6A
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): RpcSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Procedure Call (RPC)
Description: Provides the endpoint mapper and other miscellaneous RPC services.
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\system32\svchost -k rpcss
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): RSVP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: QoS RSVP
Description: Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets.
Object name: LocalSystem
Image path: %SystemRoot%\system32\rsvp.exe
Image size: 132608
Image MD5: 471B3F9741D762ABE75E9DEEA4787E47
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: TcpIp,Afd,RpcSs

Service (registry key): rtl8139
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver
Image path: system32\DRIVERS\RTL8139.SYS
Image size: 20992
Image MD5: D507C1400284176573224903819FFDA3
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SamSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Security Accounts Manager
Description: Stores security information for local user accounts.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: BF2466B3E18E970D8A976FB95FC1CA85
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): SCardSvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Smart Card
Description: Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\SCardSvr.exe
Image size: 95744
Image MD5: 86D007E7A654B9A71D1D7D856B104353
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 0
Depends On services: PlugPlay

Service (registry key): Schedule
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Task Scheduler
Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): ScsiPort
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: %SystemRoot%\system32\drivers\scsiport.sys
Image size: 96384
Image MD5: 76C465F570E90C28942D52CCB2580A10
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Secdrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Secdrv
Description: SafeDisc driver
Image path: system32\DRIVERS\secdrv.sys
Image size: 20480
Image MD5: 90A3935D05B494A5A39D37E71F09A677
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): seclogon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Secondary Logon
Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 288
Error Control: 0

Service (registry key): Secunia PSI Agent
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Secunia PSI Agent
Description: Performs routine software inspections of the system, the results of which can be seen in your Secunia Customer Area account
Object name: LocalSystem
Image path: "C:\Program Files\Secunia\PSI\PSIA.exe" --start-service
Image size: 993848
Image MD5: 2D0599DD0124764FC939C59985C860DE
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): Secunia Update Agent
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Secunia Update Agent
Description: Performs routine software inspections of the system, the results of which can be seen in your Secunia Customer Area account
Object name: LocalSystem
Image path: "C:\Program Files\Secunia\PSI\sua.exe" --start-service
Image size: 399416
Image MD5: 20B9E1ADBC58958B480933E4DA005DFB
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): SENS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: System Event Notification
Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: EventSystem

Service (registry key): Serial
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0

Service (registry key): ServiceModelEndpoint 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ServiceModelEndpoint 4.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ServiceModelOperation 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ServiceModelOperation 4.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ServiceModelService 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ServiceModelService 4.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Sfloppy
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Depends On group: "SCSI miniport"

Service (registry key): SharedAccess
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Firewall/Internet Connection Sharing (ICS)
Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Netman,WinMgmt

Service (registry key): ShellHWDetection
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Shell Hardware Detection
Description: Provides notifications for AutoPlay hardware events.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSs

Service (registry key): Simbad
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): SMSvcHost 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): SMSvcHost 4.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Sparrow
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): splitter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel Audio Splitter
Image path: system32\drivers\splitter.sys
Image size: 6272
Image MD5: AB8B92451ECB048A4D1DE7C3FFCB4A9F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Spooler
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Print Spooler
Description: Loads files to memory for later printing.
Object name: LocalSystem
Image path: %SystemRoot%\system32\spoolsv.exe
Image size: 58880
Image MD5: 60784F891563FB1B767F70117FC2428F
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): sr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: System Restore Filter Driver
Image path: system32\DRIVERS\sr.sys
Image size: 73472
Image MD5: 76BB022C2FB6902FD5BDD4F78FC13A5D
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1

Service (registry key): srservice
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: System Restore Service
Description: Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): SRTSP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Real Time Storage Protection
Image path: \SystemRoot\System32\Drivers\NIS\1302000.00A\SRTSP.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: SRTSPX,FltMgr

Service (registry key): SRTSPX
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Real Time Storage Protection (PEL)
Image path: \SystemRoot\system32\drivers\NIS\1302000.00A\SRTSPX.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): Srv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Srv
Description: Srv
Image path: system32\DRIVERS\srv.sys
Image size: 357888
Image MD5: 47DDFC2F003F7F9F0592C6874962A2E7
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): SSDPSRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SSDP Discovery Service
Description: Enables discovery of UPnP devices on your home network.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: HTTP

Service (registry key): stisvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Image Acquisition (WIA)
Description: Provides image acquisition services for scanners and cameras.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k imgsvc
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): swenum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Software Bus Driver
Image path: system32\DRIVERS\swenum.sys
Image size: 4352
Image MD5: 3941D127AEF12E93ADDF6FE6EE027E0F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): swmidi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel GS Wavetable Synthesizer
Image path: system32\drivers\swmidi.sys
Image size: 56576
Image MD5: 8CE882BCC6CF8A62F2B2323D95CB3D01
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SwPrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MS Software Shadow Copy Provider
Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{8DA84759-6C62-4695-9DB6-4789D64FAF43}
Image size: 5120
Image MD5: 0A9BA6AF531AFE7FA5E4FB973852D863
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Depends On services: rpcss

Service (registry key): swwd
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): symc810
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): symc8xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): SymDS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Data Store
Image path: system32\drivers\NIS\1302000.00A\SYMDS.SYS
Image size: 340088
Image MD5: 690FA0E61B90084C4D9A721BD4F3D779
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): SymEFA
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Extended File Attributes
Image path: system32\drivers\NIS\1302000.00A\SYMEFA.SYS
Image size: 897656
Image MD5: FC6D4A81B3611693F4E14E75908B6767
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1
Depends On services: SymDS,FltMgr

Service (registry key): SymEvent
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
Image size: 127096
Image MD5: 98D28D08E68145FB550EE7670B43BAF2
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SymIRON
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Iron Driver
Image path: \SystemRoot\system32\drivers\NIS\1302000.00A\Ironx86.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: SymEFA,SymDS,ccSet_NIS

Service (registry key): SYMTDI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Network Dispatch Driver
Image path: \SystemRoot\System32\Drivers\NIS\1302000.00A\SYMTDI.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): sym_hi
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): sym_u3
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): sysaudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel System Audio Device
Image path: system32\drivers\sysaudio.sys
Image size: 60800
Image MD5: 8B83F3ED0F1688B4958F77CD6D2BF290
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SysmonLog
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Performance Logs and Alerts
Description: Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\system32\smlogsvc.exe
Image size: 89600
Image MD5: C7ABBC59B43274B1109DF6B24D617051
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): TapiSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Telephony
Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): Tcpip
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Image path: system32\DRIVERS\tcpip.sys
Image size: 361600
Image MD5: 9AEFA14BD6B182D61E3119FA5F436D3D
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: IPSec

Service (registry key): TDPIPE
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): TDTCP
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): TermDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Device Driver
Image path: system32\DRIVERS\termdd.sys
Image size: 40840
Image MD5: 88155247177638048422893737429D9E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): TermService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Services
Description: Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost -k DComLaunch
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): Themes
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Themes
Description: Provides user experience theme management.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): TlntSvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Telnet
Description: Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\tlntsvr.exe
Image size: 73216
Image MD5: DB7205804759FF62C34E3EFD8A4CC76A
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 1
Depends On services: RPCSS,TCPIP,NTLMSSP

Service (registry key): TosIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): TrkWks
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Distributed Link Tracking Client
Description: Maintains links between NTFS files within a computer or across computers in a network domain.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): TSDDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Udfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1

Service (registry key): UGatherer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): UGTHRSVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ultra
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Update
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microcode Update Driver
Image path: system32\DRIVERS\update.sys
Image size: 384768
Image MD5: 402DDC88356B1BAC0EE3DD1580C76A31
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): upnphost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Universal Plug and Play Device Host
Description: Provides support to host Universal Plug and Play devices.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: SSDPSRV,HTTP

Service (registry key): UPS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Uninterruptible Power Supply
Description: Manages an uninterruptible power supply (UPS) connected to the computer.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\ups.exe
Image size: 18432
Image MD5: 05365FB38FCA1E98F7A566AAAF5D1815
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 1

Service (registry key): usb
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): usbehci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB 2.0 Enhanced Host Controller Miniport Driver
Image path: system32\DRIVERS\usbehci.sys
Image size: 30208
Image MD5: 65DCF09D0E37D4C6B11B5B0B76D470A7
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbhub
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Standard Hub Driver
Image path: system32\DRIVERS\usbhub.sys
Image size: 59520
Image MD5: 1AB3CDDE553B6E064D2E754EFE20285C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbohci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Open Host Controller Miniport Driver
Image path: system32\DRIVERS\usbohci.sys
Image size: 17152
Image MD5: 0DAECCE65366EA32B162F85F07C6753B
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbstor
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB Mass Storage Driver
Image path: system32\DRIVERS\USBSTOR.SYS
Image size: 26368
Image MD5: A32426D9B14A089EAA1D922E0C5801A9
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbuhci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Universal Host Controller Miniport Driver
Image path: system32\DRIVERS\usbuhci.sys
Image size: 20608
Image MD5: 26496F9DEE2D787FC3E61AD54821FFE6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): VgaSave
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: VGA Display Controller.
Description: Controls the VGA display adapter to provide basic display capabilities.
Image path: \SystemRoot\System32\drivers\vga.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): ViaIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\viaide.sys
Image size: 5376
Image MD5: 3B3EFCDA263B8AC14FDF9CBDD0791B2E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): VolSnap
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): VSS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Volume Shadow Copy
Description: Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\vssvc.exe
Image size: 289792
Image MD5: 7A9DB3A67C333BF0BD42E42B8596854B
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): W32Time
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Time
Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): W3SVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Wanarp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Image path: system32\DRIVERS\wanarp.sys
Image size: 34560
Image MD5: E20B95BAEDB550F32DD489265C1DA1F6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): WDC_SAM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WD SCSI Pass Thru driver
Description: Manages WD external storage products.
Image path: system32\DRIVERS\wdcsam.sys
Image size: 11520
Image MD5: D6EFAF429FD30C5DF613D220E344CCE7
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): WDICA
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): wdmaud
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft WINMM WDM Audio Compatibility Driver
Image path: system32\drivers\wdmaud.sys
Image size: 83072
Image MD5: 6768ACF64B18196494413695F0C3A00F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): WebClient
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WebClient
Description: Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: MRxDAV

Service (registry key): winachsx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\HSX_CNXT.sys
Image size: 670208
Image MD5: 11EC1AFCEB5C917CE73D3C301FF4291E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): Windows Workflow Foundation 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Windows Workflow Foundation 4.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): winmgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Management Instrumentation
Description: Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS

Service (registry key): WinRM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Remote Management (WS-Management)
Description: Allows access to management information from local and remote machines.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k WINRM
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS,HTTP,HTTPFilter

Service (registry key): Winsock
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 4
Error Control: 1

Service (registry key): WinSock2
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): WinTrust
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): WmdmPmSN
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Portable Media Serial Number Service
Description: Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): Wmi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Management Instrumentation Driver Extensions
Description: Provides systems management information to and from drivers.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): WmiApRpl
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): WmiApSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WMI Performance Adapter
Description: Provides performance library information from WMI HiPerf providers.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\wbem\wmiapsrv.exe
Image size: 126464
Image MD5: E0673F1106E62A68D2257E376079F821
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): WMPNetworkSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Media Player Network Sharing Service
Description: Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play
Object name: NT AUTHORITY\NetworkService
Image path: "C:\Program Files\Windows Media Player\WMPNetwk.exe"
Image size: 913408
Image MD5: F74E3D9A7FA9556C3BBB14D4E5E63D3B
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: upnphost,http,HTTPFilter

Service (registry key): WPFFontCache_v0400
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Presentation Foundation Font Cache 4.0.0.0
Description: Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications.
Object name: NT AUTHORITY\LocalService
Image path: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
Image size: 753504
Image MD5: DCF3E3EDF5109EE8BC02FE6E1F045795
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): WS2IFSL
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 0
Error Control: 0

Service (registry key): wscsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Security Center
Description: Monitors system security settings and configurations.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,winmgmt

Service (registry key): WSearch
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Search
Description: Provides content indexing and property caching for file, email and other content (via extensibility APIs). The service responds to file and email notifications to index modified content. If the service is stopped or disabled, the Explorer will not be able to display virtual folder views of items, and search in the Explorer will fall back to item-by-item slow search.
Object name: LocalSystem
Image path: %systemroot%\system32\SearchIndexer.exe /Embedding
Image size: 439808
Image MD5: 7778BDFA3F6F6FBA0E75B9594098F737
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: TermService

Service (registry key): WSearchIdxPi
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): wuauserv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Automatic Updates
Description: Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): WudfPf
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Driver Foundation - User-mode Driver Framework Platform Driver
Description: Provide communciation services for UMDF components.
Image path: system32\DRIVERS\WudfPf.sys
Image size: 77568
Image MD5: F15FEAFFFBB3644CCC80C5DA584E6311
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): WudfRd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Driver Foundation - User-mode Driver Framework Reflector
Description: Reflect device requests to user-mode driver drivers
Image path: system32\DRIVERS\wudfrd.sys
Image size: 82944
Image MD5: 28B524262BCE6DE1F7EF9F510BA3985B
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): WudfSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Driver Foundation - User-mode Driver Framework
Description: Manages user-mode driver host processes
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: PlugPlay

Service (registry key): WZCSVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Wireless Zero Configuration
Description: Provides automatic configuration for the 802.11 adapters
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,Ndisuio

Service (registry key): xmlprov
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Provisioning Service
Description: Manages XML configuration files on a domain basis for automatic network provisioning.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): YahooAUService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Yahoo! Updater
Description: Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements.
Object name: LocalSystem
Image path: "C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe"
Image size: 602392
Image MD5: DD0042F0C3B606A6A8B92D49AFB18AD6
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): {892900FC-9814-4488-99C0-81491C1EE93D}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): {B2C0C981-39BB-409C-96FF-AA9E29D035E1}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): {EE163125-499F-4D28-A392-8B6294CCB7F9}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

sorry it's so long Step1 found nothing step 2 nothing happened after clicking the start button and step 3 will not download. The wife really messed this up looks like I start with a complete reinstall after your next reply and this reply is from the infected computer not the one I contacted you on the first time if you have any suggestions I'm all ears
  • 0

#5
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop * IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

Double click on ComboFix.exe & follow the prompts.
Accept the disclaimer and allow to update if it asks

Posted Image

Posted Image

When finished, it produces a log for you.
Please include the C:\ComboFix.txt in your next reply.



Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" ComboFix. If you have a problem, reply back for further instructions


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

Edited by GLeobas, 18 November 2011 - 04:23 PM.

  • 0

#6
ldstoodley

ldstoodley

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
I have a problem with shutting my antivirus off I am useing Norton internet security 2012 with the included fire wall your instructions did not pertain to this version
I am also using the spybot search and destroy resident Not sure how that works either
We also need to change e-mail addys to the infected machine if that is causing a problem with me forwarding your info to it and sending the replies to this machine before sending it to you Confused? I am
I await your reply
If we need to change e-mail addys please send an e-mail that is not shown on the site and I will reply with it
Larry
  • 0

#7
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Ok, try to run ComboFix without disable your AntiVirus and Anti-Spyware.
  • 0

#8
ldstoodley

ldstoodley

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
here is the results of combofix as for if the computer is running any better idk seems the same I did reboot after and spybot still found it so I'm at a lost as to what is next
Larry

Attached Files


  • 0

#9
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hi

# Step 1 #

In my post there are one files attached containing OTL.exe and aswMBR.exe. Download the file to your desktop and unzip (using Winrar or other)

PS: If you don't know how to extract a .rar file. Please, read the article below:

http://www.ehow.com/...ing-winrar.html



# Step 2 #

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image


# Step 3 #

  • Double click on the Posted Image to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • In Extra Registry, select Use SafeList
  • Under the Custom Scan box paste this in
    netsvcs
    msconfig
    %SYSTEMDRIVE%\*.*
    %systemdrive%\drivers\*.exe
    %systemroot%\system32\drivers\*.* /90
    %PROGRAMFILES%\*.*
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    C:\Windows\assembly\tmp\U /s
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

  • 0

#10
ldstoodley

ldstoodley

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Here are the reports you asked for
LarryAttached File  aswMBR.txt   1.54KB   45 downloads






OTL Extras logfile created on: 11/20/2011 3:40:56 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Compaq_Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.44 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 71.83% Memory free
3.69 Gb Paging File | 3.07 Gb Available in Paging File | 83.18% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 103.55 Gb Total Space | 62.54 Gb Free Space | 60.39% Space Free | Partition Type: NTFS
Drive D: | 8.21 Gb Total Space | 1.42 Gb Free Space | 17.30% Space Free | Partition Type: FAT32

Computer Name: YOUR-4DACD0EA75 | User Name: Compaq_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\DISC\DISCover.exe" = C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System -- (Digital Interactive Systems Corporation)
"C:\Program Files\DISC\DiscStreamHub.exe" = C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub -- (Digital Interactive Systems Corporation, Inc.)
"C:\Program Files\DISC\myFTP.exe" = C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP -- (Digital Interactive Systems Corporation, Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0673654C-5296-453B-9798-B61CD7E03FEB}" = SES Driver
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{1341D838-719C-4A05-B50F-49420CA1B4BB}" = HP Boot Optimizer
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 29
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2B78F6F9-5C63-45AB-ABFD-DDB7946E4C39}" = Ant.com IE add-on
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352F5013-07DC-446D-8DB6-38F339086C60}" = LightScribe 1.4.84.1
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 2.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{82081779-4175-4666-A457-AB711CD37EF0}" = cp_LightScribeConfig
"{829DAAD6-BB11-4BB7-921B-07FFB703F944}" = CP_Package_Variety3
"{82E55892-6FFD-403F-AA97-D726846768AA}" = CP_AtenaShokunin1Config
"{866A0078-DEA7-4348-9C9A-999AF2991EAA}" = SlideShowMusic
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A534F71-3202-4464-A422-B767295E67B9}" = CP_Package_Variety2
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{93E5A317-24EC-4744-812C-16FECFE86E6A}" = CP_Package_Variety1
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C3FAA091-B278-44A7-BF48-190811C5F9F7}" = cp_UpdateProjectsConfig
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D7DBA21A-CDE5-42EC-BB1C-AE4B3E616B9A}_is1" = HP Support Overview
"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Ant.com IE add-on" = Ant.com IE add-on
"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.60
"AwayMode160" = Microsoft Away Mode
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"DISCover" = DISCover
"ESET Online Scanner" = ESET Online Scanner v3
"HP Game Console" = HP Game Console
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"ie8" = Windows Internet Explorer 8
"Install WeatherBug" = Remove WeatherBug Installer
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"IspAssistant-FileServe" = IspAssistant-FileServe
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MWSnap 3" = MWSnap 3
"NIS" = Norton Internet Security
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"PicaLoader" = PicaLoader 1.7.1
"PriceGong" = PriceGong 2.1.0
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 15.0" = RealPlayer
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"Shop to Win 9" = Shop to Win 9
"VLC media player" = VLC media player 1.1.11
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WT004602" = Tornado Jockey
"WT005532" = Polar Bowler
"WT005533" = Polar Golfer
"WT005534" = Ricochet Lost Worlds
"WT005537" = Super Granny
"WT005538" = Tradewinds
"WT005540" = Blackhawk Striker 2
"WT005541" = Blasterball 2 Revolution
"WT005542" = Blasterball 2 Remix
"WT005544" = Bounce Symphony
"WT005611" = Tennis Titans
"WT005612" = Family Feud
"WT005613" = Flip Words
"WT005614" = Insaniquarium Deluxe
"WT005615" = Jewel Quest
"WT005616" = Mah Jong Quest
"WT005617" = Mystery Case Files
"WT005618" = Poker Superstars
"WT005619" = SCRABBLE
"WT005620" = Slingo Deluxe
"WT005621" = Alien Outbreak 2
"WT005622" = Fairies
"WT005623" = Snowy The Bears Adventure
"WT005625" = Bejeweled 2 Deluxe
"WT005626" = Big Kahuna Reef
"WT005627" = Bookworm Deluxe
"WT005628" = Chuzzle Deluxe
"WT005629" = Diner Dash
"WT006068" = FATE
"WT006070" = Ancient Sudoku
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4256486490-1714306237-1489007402-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/19/2011 4:14:34 PM | Computer Name = YOUR-4DACD0EA75 | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\COMPAQ_ADMINISTRATOR\MY DOCUMENTS\MY
PICTURES\SITE RIP.FILES\PROJECT.LOG-JOURNAL> in the hash map cannot be updated.

Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 10/19/2011 4:50:36 PM | Computer Name = YOUR-4DACD0EA75 | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\COMPAQ_ADMINISTRATOR\MY DOCUMENTS\MY
PICTURES\SITE RIP.FILES\PROJECT.LOG-JOURNAL> in the hash map cannot be updated.

Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 10/21/2011 10:24:07 AM | Computer Name = YOUR-4DACD0EA75 | Source = Application Error | ID = 1000
Description = Faulting application recordingmanager.exe, version 12.0.1.669, faulting
module rjm4pln.dll, version 12.0.1.669, fault address 0x000058a6.

Error - 11/2/2011 2:00:09 PM | Computer Name = YOUR-4DACD0EA75 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x0413251c.

Error - 11/5/2011 8:33:28 PM | Computer Name = YOUR-4DACD0EA75 | Source = ESENT | ID = 418
Description = Windows (2448) Windows: Error -1811 (0xfffff8ed) occurred while opening
a newly-created logfile C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log.

Error - 11/5/2011 8:33:28 PM | Computer Name = YOUR-4DACD0EA75 | Source = ESENT | ID = 492
Description = SearchIndexer (2448) The logfile sequence in "C:\Documents and Settings\All
Users\Application Data\Microsoft\Search\Data\Applications\Windows\" has been halted
due to a fatal error. No further updates are possible for the databases that use
this logfile sequence. Please correct the problem and restart or restore from
backup.

Error - 11/5/2011 8:34:00 PM | Computer Name = YOUR-4DACD0EA75 | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\COMPAQ_ADMINISTRATOR\LOCAL SETTINGS\TEMPORARY
INTERNET FILES\CONTENT.IE5\LKL38MGT\0E80465C73[2].JS> in the hash map cannot be
updated. Context: Application, SystemIndex Catalog Details: A device attached to
the system is not functioning. (0x8007001f)

Error - 11/5/2011 8:34:00 PM | Computer Name = YOUR-4DACD0EA75 | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\COMPAQ_ADMINISTRATOR\LOCAL SETTINGS\TEMPORARY
INTERNET FILES\CONTENT.IE5\LKL38MGT\4B5B610685E83[2].FLV> in the hash map cannot
be updated. Context: Application, SystemIndex Catalog Details: A device attached
to the system is not functioning. (0x8007001f)

Error - 11/5/2011 8:34:01 PM | Computer Name = YOUR-4DACD0EA75 | Source = Windows Search Service | ID = 7040
Description = The search service has detected corrupted data files in the index.
The service will attempt to automatically correct this problem by rebuilding the
index. Context: Windows Application, SystemIndex Catalog Details: The content index
metadata cannot be read. (0xc0041801)

Error - 11/6/2011 11:10:17 AM | Computer Name = YOUR-4DACD0EA75 | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Windows Application,
SystemIndex Catalog

[ System Events ]
Error - 11/12/2011 4:03:09 PM | Computer Name = YOUR-4DACD0EA75 | Source = dnscache | ID = 11004
Description = Unable to start DNS Client service. Could not start the Remote Procedure
Call (RPC) interface for this service. To correct the problem, you may restart the
RPC and DNS Client services. To do so, use the following commands at a command prompt:
(1) type "net start rpc" to start the RPC service, and (2) type "net start dnscache"
to start the DNS Client service. For specific error code information, see the record
data displayed below.

Error - 11/12/2011 4:03:09 PM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7023
Description = The DNS Client service terminated with the following error: %%1714

Error - 11/12/2011 4:10:08 PM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/12/2011 9:25:02 PM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/15/2011 11:36:25 AM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/17/2011 9:44:34 AM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
Service service to connect.

Error - 11/17/2011 9:44:39 AM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053

Error - 11/18/2011 10:04:13 AM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Secunia Update Agent service.

Error - 11/18/2011 10:04:15 AM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7000
Description = The Secunia Update Agent service failed to start due to the following
error: %%1053

Error - 11/18/2011 3:15:15 PM | Computer Name = YOUR-4DACD0EA75 | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
KAY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{EE163125-499F-4D28-A3.
The
master browser is stopping or an election is being forced.


< End of report >






OTL logfile created on: 11/20/2011 3:40:56 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Compaq_Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.44 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 71.83% Memory free
3.69 Gb Paging File | 3.07 Gb Available in Paging File | 83.18% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 103.55 Gb Total Space | 62.54 Gb Free Space | 60.39% Space Free | Partition Type: NTFS
Drive D: | 8.21 Gb Total Space | 1.42 Gb Free Space | 17.30% Space Free | Partition Type: FAT32

Computer Name: YOUR-4DACD0EA75 | User Name: Compaq_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/20 15:31:18 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
PRC - [2011/11/18 21:33:42 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2011/08/22 00:18:08 | 006,276,408 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2011/08/10 15:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccsvchst.exe
PRC - [2011/06/29 12:26:06 | 000,520,216 | ---- | M] (Ant.com) -- C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe
PRC - [2011/04/19 01:44:40 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/04/19 01:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/04/19 01:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/03/15 21:12:40 | 001,077,248 | ---- | M] (Digital Interactive Systems Corporation) -- C:\Program Files\DISC\DISCover.exe
PRC - [2006/03/15 21:11:54 | 000,061,440 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\DISCUpdMgr.exe
PRC - [2006/03/15 21:11:54 | 000,057,344 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\DiscStreamHub.exe
PRC - [2006/02/15 18:34:58 | 000,249,856 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
PRC - [2005/08/02 19:19:16 | 000,077,312 | ---- | M] (Microsoft) -- C:\WINDOWS\arpwrmsg.exe
PRC - [2005/08/02 19:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/12 08:35:53 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_38ee21d5\mscorlib.dll
MOD - [2011/10/12 08:35:20 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_334f990b\system.drawing.dll
MOD - [2011/10/12 08:34:38 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_432de35d\system.xml.dll
MOD - [2011/10/12 08:34:33 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_472a4670\system.windows.forms.dll
MOD - [2011/10/12 08:34:05 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_315e4b48\system.dll
MOD - [2011/10/12 08:33:52 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2011/10/12 08:33:51 | 001,265,664 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2011/08/22 00:18:06 | 000,925,696 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2011/08/22 00:18:06 | 000,078,336 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\pcre.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/11/13 13:07:52 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2010/11/13 13:07:51 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2010/11/13 13:07:51 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2010/11/13 13:07:50 | 000,299,008 | ---- | M] () -- c:\windows\assembly\gac\microsoft.visualbasic\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll
MOD - [2010/11/13 13:07:50 | 000,241,664 | ---- | M] () -- c:\windows\assembly\gac\system.enterpriseservices\1.0.5000.0__b03f5f7f11d50a3a\system.enterpriseservices.dll
MOD - [2010/11/13 13:07:49 | 000,573,440 | ---- | M] () -- c:\windows\assembly\gac\system.web.services\1.0.5000.0__b03f5f7f11d50a3a\system.web.services.dll
MOD - [2010/02/05 13:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2005/08/02 19:19:16 | 000,050,176 | ---- | M] () -- C:\WINDOWS\armcex.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/08/10 15:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe -- (NIS)
SRV - [2011/06/29 12:26:06 | 000,520,216 | ---- | M] (Ant.com) [Auto | Running] -- C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe -- (AntUpdaterService)
SRV - [2011/04/19 01:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/04/19 01:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2005/08/02 19:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)


========== Driver Services (SafeList) ==========

DRV - [2011/11/14 14:28:02 | 000,819,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111114.002\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/11/12 14:58:38 | 000,127,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/11/11 16:47:24 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20111118.030\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/11/11 01:00:00 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111119.016\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/11/11 01:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111119.016\NAVENG.SYS -- (NAVENG)
DRV - [2011/11/09 11:47:10 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/11/09 11:47:10 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/09/26 19:38:08 | 000,897,656 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMEFA.SYS -- (SymEFA)
DRV - [2011/08/08 18:38:11 | 000,132,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\ccSetx86.sys -- (ccSet_NIS)
DRV - [2011/08/02 21:22:10 | 000,566,904 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SRTSP.SYS -- (SRTSP)
DRV - [2011/08/02 21:22:10 | 000,031,864 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/07/25 21:18:39 | 000,387,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/07/25 21:18:35 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMDS.SYS -- (SymDS)
DRV - [2011/07/25 21:15:51 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\Ironx86.SYS -- (SymIRON)
DRV - [2010/09/01 03:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2009/02/13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2009/02/11 12:40:40 | 005,028,352 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/05/23 04:15:00 | 000,547,744 | ---- | M] (D-Link Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\A3AB.sys -- (A3AB) D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB)
DRV - [2006/03/03 16:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/03 16:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/12/06 13:20:50 | 000,241,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2005/12/06 13:20:40 | 000,936,448 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DP.sys -- (HSX_DP)
DRV - [2005/06/29 19:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2005/03/09 16:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/03 16:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/11/05 09:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bb-run.sys -- (bb-run)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ARIO&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...ARIO&pf=desktop
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ARIO&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...ARIO&pf=desktop
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4256486490-1714306237-1489007402-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4256486490-1714306237-1489007402-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-4256486490-1714306237-1489007402-1008\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-4256486490-1714306237-1489007402-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4256486490-1714306237-1489007402-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\ [2011/11/12 15:13:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\ [2011/11/20 15:27:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/18 21:34:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.1.0\FF [2010/11/18 09:44:32 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/11/18 20:06:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Shop to Win 9) - {0095C290-A428-4BDD-B98C-E0A116F1C702} - C:\Program Files\Shop to Win 9\ShoppingBHO.dll (Freecause Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1631550F-191D-4826-B069-D9439253D926} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Ant.com browser helper (video detector)) - {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files\Ant.com\IE add-on\Download.dll (Ant.com)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (hpWebHelper Class) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (TODO: <Company name>)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Ant.com Video Downloader toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-4256486490-1714306237-1489007402-1008\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-4256486490-1714306237-1489007402-1008\..\Toolbar\WebBrowser: (Ant.com Video Downloader toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe (Digital Interactive Systems Corporation)
O4 - HKLM..\Run: [DiscUpdateManager] C:\Program Files\DISC\DISCUpdMgr.exe (Digital Interactive Systems Corporation, Inc.)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-4256486490-1714306237-1489007402-1008..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-4256486490-1714306237-1489007402-1008..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O4 - Startup: C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\MyWeather Desktop.lnk = File not found
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Pin.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4256486490-1714306237-1489007402-1008\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4256486490-1714306237-1489007402-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-4256486490-1714306237-1489007402-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-4256486490-1714306237-1489007402-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - Reg Error: Value error. File not found
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: Download videos by Ant.com - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - C:\Program Files\Ant.com\IE add-on\Download.dll (Ant.com)
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE163125-499F-4D28-A392-8B6294CCB7F9}: DhcpNameServer = 192.168.10.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/30 23:02:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 04:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/11/20 15:31:06 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2011/11/20 15:07:18 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Compaq_Administrator\Desktop\aswMBR.exe
[2011/11/18 22:34:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/11/18 22:33:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/11/18 22:33:29 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/11/18 21:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/11/18 21:34:02 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2011/11/18 21:33:48 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2011/11/18 21:33:48 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2011/11/18 21:33:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2011/11/18 19:51:40 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/11/18 19:49:33 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/11/18 19:49:33 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/11/18 19:49:33 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/11/18 19:49:33 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/11/18 19:49:25 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/11/18 19:48:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/11/18 19:47:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/12 20:37:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Administrator\Recent
[2011/11/12 16:29:38 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/11/12 14:54:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Norton
[2011/11/12 14:54:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[2011/11/11 10:22:13 | 001,739,400 | ---- | C] (Secunia) -- C:\Documents and Settings\Compaq_Administrator\My Documents\PSISetup.exe
[2011/10/28 22:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/10/28 22:17:11 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/10/28 22:15:00 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2011/10/28 22:13:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/10/28 22:13:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2011/10/28 22:12:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/10/24 13:29:02 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2011/10/24 13:29:02 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2011/10/23 09:33:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/10/23 09:33:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/10/23 09:33:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/20 15:32:02 | 000,000,186 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2011/11/20 15:31:18 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2011/11/20 15:27:19 | 000,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/11/20 15:26:36 | 000,000,910 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/20 15:26:36 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-4256486490-1714306237-1489007402-1008.job
[2011/11/20 15:26:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/20 15:26:28 | 2615,726,080 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/20 15:19:39 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/20 15:15:29 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\MBR.dat
[2011/11/20 15:07:29 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Compaq_Administrator\Desktop\aswMBR.exe
[2011/11/18 22:34:48 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/11/18 22:28:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/11/18 21:35:43 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-4256486490-1714306237-1489007402-1008.job
[2011/11/18 21:34:27 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2011/11/18 21:34:02 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2011/11/18 21:33:48 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2011/11/18 21:33:48 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2011/11/18 21:33:46 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2011/11/18 20:06:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/11/18 19:51:52 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2011/11/18 14:15:23 | 000,185,856 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/12 20:34:24 | 000,005,426 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\cc_20111112_203417.reg
[2011/11/12 16:29:38 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/11/12 15:09:59 | 000,001,997 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2011/11/12 15:09:04 | 000,567,822 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1302000.00A\Cat.DB
[2011/11/12 15:06:37 | 000,004,782 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1302000.00A\VT20111023.024
[2011/11/12 14:58:38 | 000,127,096 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2011/11/12 14:58:38 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2011/11/12 14:58:38 | 000,007,510 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2011/11/12 14:58:38 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2011/11/11 10:22:54 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/11/11 10:22:06 | 001,739,400 | ---- | M] (Secunia) -- C:\Documents and Settings\Compaq_Administrator\My Documents\PSISetup.exe
[2011/11/06 10:13:14 | 000,525,284 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/06 10:13:14 | 000,096,022 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/05 19:35:02 | 000,002,064 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\cc_20111105_203458.reg
[2011/11/03 19:43:43 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1302000.00A\isolate.ini
[2011/11/02 19:08:42 | 000,007,498 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1302000.00A\symefa.cat
[2011/10/28 22:17:36 | 000,001,618 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/10/27 08:22:27 | 000,025,304 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\cc_20111027_092217.reg
[2011/10/27 08:21:25 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/10/24 17:46:51 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/24 13:29:02 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2011/10/24 13:29:02 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/20 15:15:29 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\MBR.dat
[2011/11/18 22:34:48 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/11/18 21:34:26 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2011/11/18 19:49:33 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/11/18 19:49:33 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/11/18 19:49:33 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/11/18 19:49:33 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/11/18 19:49:33 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/11/14 18:10:26 | 000,000,308 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-4256486490-1714306237-1489007402-1008.job
[2011/11/12 20:34:20 | 000,005,426 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\cc_20111112_203417.reg
[2011/11/11 10:22:54 | 000,000,761 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/11/11 10:22:54 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Secunia PSI.lnk
[2011/11/05 19:35:00 | 000,002,064 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\cc_20111105_203458.reg
[2011/10/28 22:17:36 | 000,001,618 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/10/27 08:22:18 | 000,025,304 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\cc_20111027_092217.reg
[2011/02/04 14:35:21 | 000,000,050 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\wklnhst.dat
[2010/11/18 09:41:55 | 000,185,856 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/13 14:31:15 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010/11/13 14:08:30 | 000,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2010/11/13 14:04:26 | 000,667,896 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2010/11/13 14:04:26 | 000,001,235 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2010/11/13 14:04:19 | 000,012,989 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2010/11/13 14:04:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2010/11/13 14:00:35 | 000,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2010/11/13 13:59:02 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/11/13 13:44:58 | 000,004,494 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010/11/13 13:43:12 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2010/11/13 13:43:12 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2010/11/13 13:36:57 | 000,095,822 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2010/11/13 13:35:10 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2010/11/13 13:31:21 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2010/11/13 13:31:21 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2010/11/13 13:31:21 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2010/11/13 13:31:21 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2010/11/13 13:31:20 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2010/11/13 13:31:20 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2010/11/13 13:31:20 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2010/11/13 13:31:20 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2010/11/13 13:31:20 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2010/11/13 13:31:20 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2010/11/13 13:31:20 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2010/11/13 13:29:29 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2010/11/13 13:05:20 | 000,000,143 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat
[2010/11/13 11:41:58 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2010/11/13 11:41:58 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2010/11/13 11:41:55 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2010/11/13 11:41:50 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2010/11/13 11:41:44 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2010/11/13 11:41:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2010/11/13 11:41:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2010/11/13 11:40:47 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2010/11/13 11:40:19 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/05/19 02:21:43 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/05/19 02:21:43 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/05/19 02:21:24 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/03/17 19:23:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/30 23:17:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/30 23:07:46 | 000,525,284 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/30 23:07:46 | 000,096,022 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/30 23:05:30 | 000,209,696 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/30 23:01:42 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/30 22:58:02 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/05 17:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/02 19:19:16 | 000,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/08/10 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/26 09:51:38 | 000,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2005/08/30 23:02:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/11/13 13:43:53 | 000,000,281 | ---- | M] () -- C:\Boot.bak
[2011/11/18 19:51:52 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2004/08/09 16:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2005/08/30 23:02:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/11/20 15:26:28 | 2615,726,080 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/20 09:30:13 | 001,498,361 | ---- | M] () -- C:\hpWebHelper.log
[2005/08/30 23:02:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/08/30 23:02:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/09 16:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/11/14 18:15:48 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/11/20 15:26:27 | 1509,949,440 | -HS- | M] () -- C:\pagefile.sys
[2006/05/19 02:21:45 | 000,000,012 | ---- | M] () -- C:\RecoveryCD.txt
[2010/11/18 09:44:34 | 000,002,828 | ---- | M] () -- C:\scramble.log

< %systemdrive%\drivers\*.* >

< %systemroot%\system32\drivers\*.*/90 >
[2011/08/31 16:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2011/11/12 14:58:38 | 000,007,510 | ---- | M] () -- C:\WINDOWS\system32\drivers\SYMEVENT.CAT
[2011/11/12 14:58:38 | 000,000,806 | ---- | M] () -- C:\WINDOWS\system32\drivers\SYMEVENT.INF
[2011/11/12 14:58:38 | 000,127,096 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS

< %PROGRAMFILES%\*.* >


< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/09 16:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/09 16:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/09 16:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/09 16:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< C:Windows\assembly\tmp\U/s >
Invalid Switch: s


< End of report >
  • 0

Advertisements


#11
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hi,

How is the performance of your computer?


# Step 1 #

Please, go to Start > Control Panel > and click in Add or Remove Programs. The remove these softwares below:
  • Pricegong

# Step 2 #

Posted Image Please, run MalwareBytes' Anti-Malware.
  • Once the program has loaded, select "Perform Full scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be
    prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.


Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2
prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

  • 0

#12
ldstoodley

ldstoodley

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
The computer is running bad it appears to be running out of ram and useing the hard drive loading a page takes forever like 3 minutes lol below is the malware bytes file
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8202

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/23/2011 9:39:38 PM
mbam-log-2011-11-23 (21-39-37).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 322159
Time elapsed: 3 hour(s), 6 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


But Spybot still finds it
I prob should do a complete reinstall but if i do i will lose my norton internet security I don't have a refill left on my 3 machine license I'm getting so frustrated my head hurts
Larry
  • 0

#13
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
# Step 1 #

Open notepad by going to START > RUN and type notepad.exe in the box that appears. In the window that pops up please copy and paste the following:

Windows Registry Editor Version 5.00

[-HKEY_CLASSES_ROOT\AppID\Download.DLL]


In Notepad click on the "File" menu > Save As... Under "File name" type fix.reg and Change "Save as type" to All Files, save it on desktop.

You will have a file like this Posted Image

Double click on fix.reg > Ok.


# Step 2 #

  • Run OTL
  • Copy the lines in red
    C:\Program Files\CaiShow Tech\*.* /s
  • Back to the program and paste the text in red in the text box "Custom Scan / Fixes"
  • Click in the button Posted Image
  • Click on Run Scan button
  • The examination takes a while, be patient.
  • Copy the entire contents of the log OTL.txt and post in your next reply

  • 0

#14
ldstoodley

ldstoodley

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
I did as you asked but after saving the fix.reg to the desk top and then double ckicking I get the following
( Cannot import C:\Documents and settings\Compaq_Admiinistrator\Desktop\fix.reg: The specified file is not a registry script.
You can only import binary registry files from within the registry editor. )
Next step?
I did not do step two because step one failed
Larry

Edited by ldstoodley, 25 November 2011 - 08:08 PM.

  • 0

#15
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hi,

Sorry for delay. Please, go to step 2. :thumbsup:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP