--- Search result list --- Network Monitor: System Service (Registry key, nothing done) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Network Monitor Command Service: System Service (Registry key, nothing done) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdService CoolWWWSearch: IE Search page (Registry change, nothing done) HKEY_USERSS-1-5-21-1060284298-1708537768-1465468403-500\Software\Microsoft\Internet Explorer\Main\Search Page=about:blank CoolWWWSearch: IE Search page (Registry change, nothing done) HKEY_USERSS-1-5-21-1060284298-1708537768-1465468403-500\Software\Microsoft\Internet Explorer\Main\Search Bar=about:blank CoolWWWSearch: IE start page (Registry change, nothing done) HKEY_USERSS-1-5-21-1060284298-1708537768-1465468403-500\Software\Microsoft\Internet Explorer\Main\Start Page=about:blank CoolWWWSearch: IE Search page (Registry change, nothing done) HKEY_USERSS-1-5-21-1060284298-1708537768-1465468403-500\Software\Microsoft\Internet Explorer\Main\Default_Search_URL=about:blank CoolWWWSearch: IE Search page (Registry change, nothing done) HKEY_USERSS-1-5-21-1060284298-1708537768-1465468403-500\Software\Microsoft\Internet Explorer\Search\SearchAssistant Explorer\Main\Default_Search_URL=about:blank CoolWWWSearch: IE Search page (Registry change, nothing done) HKEY_LOCAL_MACHINESoftware\Microsoft\Internet Explorer\Main\Search Page=about:blank RegistryOptimizer: Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{5FCE5F25-B51E-2E50-ED07-AD26B874E903} StarWare: Settings (Registry key, nothing done) HKEY_USERS\S-1-5-21-1060284298-1708537768-1465468403-500\Software\Starware StarWare: Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{2D51D869-C36B-42bd-AE68-0A81BC771FA5} StarWare: Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{7BED0340-176B-44bc-915E-C21C1DD6F617} StarWare: Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{CA356D79-679B-4b4c-8E49-5AF97014F4C1} StarWare: Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{D49E9D35-254C-4c6a-9D17-95018D228FF5} StarWare: Uninstall settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Starware StarWare: Settings (Registry value, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D49E9D35-254C-4c6a-9D17-95018D228FF5} StarWare: Program directory (Directory, nothing done) C:\Documents and Settings\All Users\Application Data\Starware\ StarWare: Program directory (Directory, nothing done) C:\Documents and Settings\Administrator\Application Data\Starware\ StarWare: Program directory (Directory, nothing done) C:\Program Files\Starware\ Command Service: Autorun settings (Registry value, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\newname Command Service: Program file (File, nothing done) c:\windows\newname8.exe Command Service: Settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdService\\SYSTEM\CurrentControlSet\Services\mchInjDrv Command Service: Settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdService\\SYSTEM\CurrentControlSet\Services\mchInjDrv Command Service: Executable (File, nothing done) C:\Documents and Settings\Administrator\Local Settings\Temp\cmdinst.exe Command Service: Library (File, nothing done) C:\WINNT\system32\atmtd.dll Command Service: Library (File, nothing done) C:\WINNT\system32\atmtd.dll._ Command Service: Settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdService Command Service: Uninstall settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3877C2CD-F137-4144-BDB2-0A811492F920} Deskwizz: Library (File, nothing done) C:\WINNT\DH.dll Deskwizz: Settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DH Deskwizz: Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{6001CDF7-6F45-471b-A203-0225615E35A7} GAIN.DashBar: Temporary folder (Directory, nothing done) C:\Documents and Settings\Administrator\Local Settings\Temp\fsg_tmp\ Smitfraud-C.: Executable (File, nothing done) c:\drsmartload1.exe Smitfraud-C.: Executable (File, nothing done) c:\drsmartload45a.exe Smitfraud-C.: Settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\drsmartload2 Smitfraud-C.: Settings (Registry value, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Policies\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} Smitfraud-C.: Settings (Registry value, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Policies\{645FF040-5081-101B-9F08-00AA002F954E} Smitfraud-C.: Settings (Registry value, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Policies\{6BF52A52-394A-11D3-B153-00C04F79FAA6} Smitfraud-C.: Data (File, nothing done) c:\windows\drsmartload2.dat Smitfraud-C.: Data (File, nothing done) c:\windows\teller2.chk Smitfraud-C.: Executable (File, nothing done) c:\Installer.exe Smitfraud-C.: Executable (File, nothing done) c:\MTE3NDI6ODoxNg.exe Smitfraud-C.: Executable (File, nothing done) c:\stub_113_4_0_4_0.exe SurfSideKick: Autorun settings (SurfSideKick 3) (Registry value, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SurfSideKick 3 SurfSideKick: Program file (File, nothing done) C:\Program Files\SurfSideKick 3\Ssk.exe SurfSideKick: Autorun settings (SurfSideKick 3) (Registry value, nothing done) HKEY_USERS\S-1-5-21-1060284298-1708537768-1465468403-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SurfSideKick 3 SurfSideKick: Program directory (Directory, nothing done) C:\Program Files\SurfSideKick 3 SurfSideKick: Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{02EE5B04-F144-47BB-83FB-A60BD91B74A9} SurfSideKick: Settings (Registry value, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks\{02EE5B04-F144-47BB-83FB-A60BD91B74A9} SurfSideKick: User settings (Registry key, nothing done) HKEY_USERS\S-1-5-21-1060284298-1708537768-1465468403-500\Software\SurfSideKick3 SurfSideKick: User settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\SurfSideKick3 SurfSideKick: User settings (Registry value, nothing done) HKEY_USERS\S-1-5-21-1060284298-1708537768-1465468403-500\Software\Microsoft\Internet Explorer\URLSearchHooks\{02EE5B04-F144-47BB-83FB-A60BD91B74A9} SurfSideKick: Program directory (Directory, nothing done) C:\Program Files\SurfSideKick 3\ SurfSideKick: Library (File, nothing done) C:\Documents and Settings\Administrator\Application Data\Sskknwrd.dll SurfSideKick: Uninstall settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Surf SideKick Hotbar: Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{8C875948-9C60-4381-9248-0DF180542D53} Hotbar: Interface (Registry key, nothing done) HKEY_CLASSES_ROOT\Interface\{38370864-346F-4AFA-8C4B-4FBFF518C0BB} Hotbar: Type library (Registry key, nothing done) HKEY_CLASSES_ROOT\TypeLib\{4CF5A3C1-07A2-4336-9B54-6870452EBDE1} Hotbar: Settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\HbTools Hotbar: Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\HbtInstIE.HbInstObj Hotbar: Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\HbtInstIE.HbInstObj.1 Hotbar: Class ID (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8C875948-9C60-4381-9248-0DF180542D53} Hotbar: Program directory (Directory, nothing done) C:\Program Files\HbTools\ Hotbar: Program directory (Directory, nothing done) C:\Program Files\HbTools\bin\ Hotbar: Data (File, nothing done) C:\WINNT\Downloaded Program Files\HbTools.inf Hotbar: Code storage database (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8C875948-9C60-4381-9248-0DF180542D53} Hotbar: Downloaded program file (File, nothing done) C:\WINNT\Downloaded Program Files\HbInstIE.dll Network Monitor: Uninstall settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A394E835-C8D6-4B4B-884B-D2709059F3BE} Network Monitor: System Service (Registry key, nothing done) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Network Monitor Network Monitor: Program directory (Directory, nothing done) C:\Documents and Settings\Default User\Application Data\NetMon\ Network Monitor: Program directory (Directory, nothing done) C:\Program Files\Network Monitor\ Network Monitor: Text file (File, nothing done) C:\WINNT\uninstall_nmon.vbs Registry Cleaner: Code storage database (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540013} Registry Cleaner: Program directory (Directory, nothing done) c:\Program Files\Registry Cleaner Trial\ Registry Cleaner: User settings (Registry key, nothing done) HKEY_USERS\S-1-5-21-1060284298-1708537768-1465468403-500\Software\Registry Cleaner Registry Cleaner: User settings (Registry key, nothing done) HKEY_USERS\S-1-5-21-1060284298-1708537768-1465468403-500\Software\SoftwareOnline.com Registry Cleaner: Program directory (Directory, nothing done) C:\Documents and Settings\Administrator\Application Data\Registry Cleaner\ SpySpotter: Uninstall settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpySpotter SpySpotter: Settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\SpySpotter SpySpotter: Program directory (Directory, nothing done) C:\Program Files\SpySpotter3\ SpySpotter: Program directory (Directory, nothing done) C:\Program Files\SpySpotter3\images\ 180Solutions.SearchAssistant: Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{56F1D444-11BF-4879-A12B-79CF0177F038} 180Solutions.SearchAssistant: Interface (Registry key, nothing done) HKEY_CLASSES_ROOT\Interface\{6C092742-10FE-4DB2-988D-FC71948DE70C} 180Solutions.SearchAssistant: Interface (Registry key, nothing done) HKEY_CLASSES_ROOT\Interface\{7FA8976F-D00C-4E98-8729-A66569233FB5} 180Solutions.SearchAssistant: Type library (Registry key, nothing done) HKEY_CLASSES_ROOT\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E} 180Solutions.SearchAssistant: Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\zangohook.SABHO 180Solutions.SearchAssistant: Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\zangohook.SABHO.1 180Solutions.SearchAssistant: Class ID (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{56F1D444-11BF-4879-A12B-79CF0177F038} 180Solutions.SearchAssistant: Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\ClientAX.ZangoClientAX 180Solutions.SearchAssistant: Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\ClientAX.ZangoClientAX.1 180Solutions.SearchAssistant: Class ID (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9} 180Solutions.SearchAssistant: Library (File, nothing done) C:\WINNT\Downloaded Program Files\ClientAX.dll 180Solutions.SearchAssistant: Interface (Registry key, nothing done) HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5} 180Solutions.SearchAssistant: Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\ClientAX.RequiredComponent 180Solutions.SearchAssistant: Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\ClientAX.RequiredComponent.1 180Solutions.SearchAssistant: Class ID (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E} 180Solutions.SearchAssistant: Autorun settings (Registry value, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\zango 180Solutions.SearchAssistant: Settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\zango 180Solutions.SearchAssistant: User settings (Registry key, nothing done) HKEY_USERS\S-1-5-21-1060284298-1708537768-1465468403-500\Software\zango 180Solutions.SearchAssistant: Uninstall settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango 180Solutions.Zango: Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287} 180Solutions.Zango: Interface (Registry key, nothing done) HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9} 180Solutions.Zango: Interface (Registry key, nothing done) HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD} 180Solutions.Zango: Type library (Registry key, nothing done) HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} 180Solutions.Zango: Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\ClientAX.ClientInstaller 180Solutions.Zango: Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\ClientAX.ClientInstaller.1 180Solutions.Zango: Class ID (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287} 180Solutions.Zango: Program directory (Directory, nothing done) C:\Documents and Settings\All Users\Start Menu\Programs\Zango\ 180Solutions.Zango: Program directory (Directory, nothing done) c:\Program Files\Zango\ GAIN.Gator: Global settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Gator.com GAIN.Gator: Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{21FFB6C0-0DA1-11D5-A9D5-00500413153C} Targetsaver: Executable (File, nothing done) C:\WINNT\system32\tsuninst.exe Targetsaver: Executable (File, nothing done) C:\Documents and Settings\Administrator\Local Settings\Temp\tsinstall_4_0_4_0_b4.exe Targetsaver: Uninstall settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TSA webHancer: Program directory (Directory, nothing done) C:\Program Files\webHancer\Programs\ webHancer: Text file (File, nothing done) C:\Program Files\webHancer\Programs\license.txt webHancer: Text file (File, nothing done) C:\Program Files\webHancer\Programs\readme.txt webHancer: Library (File, nothing done) C:\Program Files\webHancer\Programs\sporder.dll webHancer: Library (File, nothing done) C:\Program Files\webHancer\Programs\webhdll.dll webHancer: Configuration file (File, nothing done) C:\Program Files\webHancer\Programs\whagent.ini webHancer: Library (File, nothing done) C:\Program Files\webHancer\Programs\whiehlpr.dll webHancer: Executable (File, nothing done) C:\Program Files\webHancer\Programs\whinstaller.exe webHancer: Executable (File, nothing done) C:\Program Files\webHancer\Programs\whsurvey.exe webHancer: Program directory (Directory, nothing done) C:\Program Files\whInstall\ webHancer: Text file (File, nothing done) C:\Program Files\whInstall\license.txt webHancer: Text file (File, nothing done) C:\Program Files\whInstall\readme.txt webHancer: Configuration file (File, nothing done) C:\Program Files\whInstall\whAgent.ini webHancer: Executable (File, nothing done) c:\WHCC2.exe webHancer: Autorun settings (webHancer Survey Companion) (Registry value, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\webHancer Survey Companion webHancer: Global settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\webHancer webHancer: Autorun settings (Registry value, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\webHancer Agent webHancer: Program file (File, nothing done) C:\Program Files\webHancer\Programs\whagent.exe webHancer: Uninstall settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webHancer Agent webHancer: Program directory (Directory, nothing done) C:\Program Files\webHancer\ Elitum.EliteBar: Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\Interface\{205FF73A-CA67-11D5-99DD-444553540013} Elitum.EliteBar: Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\TypeLib\{205FF72E-CA67-11D5-99DD-444553540013} Elitum.EliteBar: Library (File, nothing done) C:\WINNT\Downloaded Program Files\Install.dll Elitum.EliteBar: Data (File, nothing done) C:\WINNT\Downloaded Program Files\Install.inf ErrorGuard: Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Install.Install ErrorGuard: Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Install.Install.1 ErrorGuard: Class ID (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{205FF73B-CA67-11D5-99DD-444553540013} Avenue A, Inc.: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done) Winfixer: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done) Hotbar: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done) Targetsaver: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done) Hotbar: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done) DoubleClick: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done) HitBox: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done) Advertising.com: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done) Winfixer: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done) Winfixer: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done) Winsoftware.WinAntiVirusPro2006: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done) CasinoPopupStuff: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done) FindTheWebsiteYouNeed: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done) HitBox: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done) --- Spybot - Search & Destroy version: 1.4 (build: 20050523) --- 2005-05-31 blindman.exe (1.0.0.1) 2005-05-31 SpybotSD.exe (1.4.0.3) 2005-05-31 TeaTimer.exe (1.4.0.2) 2005-06-01 unins000.exe (51.41.0.0) 2005-05-31 Update.exe (1.4.0.0) 2006-02-06 advcheck.dll (1.0.2.0) 2005-05-31 aports.dll (2.1.0.0) 2005-05-31 borlndmm.dll (7.0.4.453) 2005-05-31 delphimm.dll (7.0.4.453) 2005-05-31 SDHelper.dll (1.4.0.0) 2006-02-20 Tools.dll (2.0.0.2) 2005-05-31 UnzDll.dll (1.73.1.1) 2005-05-31 ZipDll.dll (1.73.2.0) 2006-04-01 Includes\Cookies.sbi (*) 2006-04-01 Includes\Dialer.sbi (*) 2006-04-01 Includes\Hijackers.sbi (*) 2006-04-01 Includes\Keyloggers.sbi (*) 2004-11-29 Includes\LSP.sbi (*) 2006-04-01 Includes\Malware.sbi (*) 2004-08-11 Includes\plugin-ignore.ini 2006-04-01 Includes\PUPS.sbi (*) 2006-04-01 Includes\Revision.sbi (*) 2006-04-01 Includes\Security.sbi (*) 2006-04-01 Includes\Spybots.sbi (*) 2005-02-17 Includes\Tracks.uti 2006-04-01 Includes\Trojans.sbi (*) --- System information --- Windows 2000 (Build: 2195) Service Pack 4 / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903) / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) / DataAccess: Microsoft Data Access Components KB870669 / DataAccess: Security Update for Microsoft Data Access Components / Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB834707 / Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB867282 / Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB883939 / Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB889293 / Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB890923 / Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB896688 / Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB896727 / Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB905495 / Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB905915 / Outlook Express 6 / SP1: Windows 2000 Hotfix - KB887797 / Outlook Express 6 / SP1: Windows 2000 Hotfix - KB897715 / Windows 2000 / SP4: Windows 2000 Service Pack 4 / Windows 2000 / SP5: Windows 2000 Hotfix - KB329115 / Windows 2000 / SP5: Windows 2000 Hotfix - KB820888 / Windows 2000 / SP5: Windows 2000 Hotfix - KB822831 / Windows 2000 / SP5: Windows 2000 Hotfix - KB823182 / Windows 2000 / SP5: Windows 2000 Hotfix - KB823559 / Windows 2000 / SP5: Windows 2000 Hotfix - KB824105 / Windows 2000 / SP5: Windows 2000 Hotfix - KB825119 / Windows 2000 / SP5: Windows 2000 Hotfix - KB826232 / Windows 2000 / SP5: Windows 2000 Hotfix - KB828035 / Windows 2000 / SP5: Windows 2000 Hotfix - KB828741 / Windows 2000 / SP5: Windows 2000 Hotfix - KB828749 / Windows 2000 / SP5: Windows 2000 Hotfix - KB835732 / Windows 2000 / SP5: Windows 2000 Hotfix - KB837001 / Windows 2000 / SP5: Windows 2000 Hotfix - KB839643 / Windows 2000 / SP5: Windows 2000 Hotfix - KB839645 / Windows 2000 / SP5: Windows 2000 Hotfix - KB840315 / Windows 2000 / SP5: Windows 2000 Hotfix - KB840987 / Windows 2000 / SP5: Windows 2000 Hotfix - KB841356 / Windows 2000 / SP5: Windows 2000 Hotfix - KB841533 / Windows 2000 / SP5: Windows 2000 Hotfix - KB841872 / Windows 2000 / SP5: Windows 2000 Hotfix - KB841873 / Windows 2000 / SP5: Windows 2000 Hotfix - KB842526 / Windows 2000 / SP5: Windows 2000 Hotfix - KB842773 / Windows 2000 / SP5: Windows 2000 Hotfix - KB871250 / Windows 2000 / SP5: Windows 2000 Hotfix - KB873333 / Windows 2000 / SP5: Windows 2000 Hotfix - KB873339 / Windows 2000 / SP5: Windows 2000 Hotfix - KB885250 / Windows 2000 / SP5: Windows 2000 Hotfix - KB885835 / Windows 2000 / SP5: Windows 2000 Hotfix - KB885836 / Windows 2000 / SP5: Windows 2000 Hotfix - KB888113 / Windows 2000 / SP5: Windows 2000 Hotfix - KB890046 / Windows 2000 / SP5: Windows 2000 Hotfix - KB890047 / Windows 2000 / SP5: Windows 2000 Hotfix - KB890175 / Windows 2000 / SP5: Windows 2000 Hotfix - KB890859 / Windows 2000 / SP5: Windows 2000 Hotfix - KB891711 / Windows 2000 / SP5: Windows 2000 Hotfix - KB891781 / Windows 2000 / SP5: Windows 2000 Hotfix - KB893066 / Windows 2000 / SP5: Windows 2000 Hotfix - KB893086 / Windows 2000 / SP5: Windows 2000 Hotfix - KB893756 / Windows 2000 / SP5: Windows Installer 3.1 (KB893803) / Windows 2000 / SP5: Windows 2000 Hotfix - KB894320 / Windows 2000 / SP5: Windows 2000 Hotfix - KB896358 / Windows 2000 / SP5: Windows 2000 Hotfix - KB896422 / Windows 2000 / SP5: Windows 2000 Hotfix - KB896423 / Windows 2000 / SP5: Windows 2000 Hotfix - KB896424 / Windows 2000 / SP5: Windows 2000 Hotfix - KB899587 / Windows 2000 / SP5: Windows 2000 Hotfix - KB899588 / Windows 2000 / SP5: Windows 2000 Hotfix - KB899589 / Windows 2000 / SP5: Windows 2000 Hotfix - KB900725 / Windows 2000 / SP5: Windows 2000 Hotfix - KB901017 / Windows 2000 / SP5: Windows 2000 Hotfix - KB901214 / Windows 2000 / SP5: Windows 2000 Hotfix - KB902400 / Windows 2000 / SP5: Windows 2000 Hotfix - KB904368 / Windows 2000 / SP5: Windows 2000 Hotfix - KB904706 / Windows 2000 / SP5: Windows 2000 Hotfix - KB905414 / Windows 2000 / SP5: Windows 2000 Hotfix - KB905749 / Windows 2000 / SP5: Windows 2000 Hotfix - KB908519 / Windows 2000 / SP5: Windows 2000 Hotfix - KB908523 / Windows 2000 / SP5: Windows 2000 Hotfix - KB912919 / Windows 2000 / SP5: Windows 2000 Hotfix (SP5) Q818043 / Windows 2000 / SP5: Update Rollup 1 for Windows 2000 SP4 / Windows Media Player: Windows Media Player Hotfix [See Q828026 for more information] / Windows Media Player / SP0: Windows Media Player Hotfix [See Q828026 for more information] --- Startup entries list --- Located: HK_LM:Run, AQ3HelperStartUp command: C:\PROGRA~1\AQUATI~1\AQ3HEL~1.EXE /partner AQ3 file: C:\PROGRA~1\AQUATI~1\AQ3HEL~1.EXE size: 253952 MD5: b79df22b267f9ae70f43533ef957a025 Located: HK_LM:Run, keyboard command: c:\windows\keyboard8.exe file: c:\windows\keyboard8.exe size: 45056 MD5: cf7d171a7bc3e69a1c7bb03ad80585dc Located: HK_LM:Run, mousepad command: c:\windows\mousepad8.exe file: c:\windows\mousepad8.exe size: 73728 MD5: d1f1a10cbbce2b8161f48b8070dd5f57 Located: HK_LM:Run, newname command: c:\windows\newname8.exe file: c:\windows\newname8.exe size: 24576 MD5: b2d26b96b39cb482adbecce6039e0a72 Located: HK_LM:Run, nod32kui command: "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE file: C:\Program Files\Eset\nod32kui.exe size: 917504 MD5: 1ba2632f4601c6c1b4b956f72874e9ce Located: HK_LM:Run, SpySpotter command: C:\Program Files\SpySpotter3\SpySpotter.exe -startup file: Located: HK_LM:Run, SurfSideKick 3 command: C:\Program Files\SurfSideKick 3\Ssk.exe file: C:\Program Files\SurfSideKick 3\Ssk.exe size: 134144 MD5: 5f99a72799e868463de8cbfe4217cd27 Located: HK_LM:Run, Synchronization Manager command: mobsync.exe /logon file: C:\WINNT\system32\mobsync.exe size: 111376 MD5: 9b2f5b9e745deaaa57fb78329ed03061 Located: HK_LM:Run, Tweak UI command: RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp file: C:\WINNT\system32\RUNDLL32.EXE size: 10000 MD5: 1ed5274825cd1eebbe102b9ff7c9ec31 Located: HK_LM:Run, VPCUserServices command: C:\WINNT\VMADD\VMUSrvc.exe file: C:\WINNT\VMADD\VMUSrvc.exe size: 84720 MD5: 999c5d20b4f1de0cbbaab332cf7b53b2 Located: HK_LM:Run, w012aafb.dll command: RUNDLL32.EXE w012aafb.dll,I2 0002722b0012aafb file: C:\WINNT\system32\RUNDLL32.EXE size: 10000 MD5: 1ed5274825cd1eebbe102b9ff7c9ec31 Located: HK_LM:Run, webHancer Agent command: C:\Program Files\webHancer\Programs\whagent.exe file: C:\Program Files\webHancer\Programs\whagent.exe size: 229376 MD5: 3a481ae2e6ebef368f896f409e6a8943 Located: HK_LM:Run, webHancer Survey Companion command: C:\Program Files\webHancer\Programs\whsurvey.exe file: C:\Program Files\webHancer\Programs\whsurvey.exe size: 143360 MD5: c716953b7cedf78056fe0d4c132a5b8a Located: HK_LM:Run, zango command: "c:\program files\zango\zango.exe" file: c:\program files\zango\zango.exe size: 821760 MD5: e7d1352f524e952bab2da88b274694f4 Located: HK_CU:Run, command: file: Located: HK_CU:Run, myCleanerPC command: C:\PROGRA~1\MYCLEA~1\myCleanerPC.exe file: C:\PROGRA~1\MYCLEA~1\myCleanerPC.exe size: 876544 MD5: b4dad3fc2849b829497ea8fba9e7b9ae Located: HK_CU:Run, rrzu command: C:\PROGRA~1\COMMON~1\rrzu\rrzum.exe file: C:\PROGRA~1\COMMON~1\rrzu\rrzum.exe size: 9216 MD5: 050731180c404db42028e8e044aea558 Located: HK_CU:Run, SUPERAntiSpyware command: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe file: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe size: 1196032 MD5: 9be536a760568810a4946e85e74992ef Located: HK_CU:Run, SurfSideKick 3 command: C:\Program Files\SurfSideKick 3\Ssk.exe file: C:\Program Files\SurfSideKick 3\Ssk.exe size: 134144 MD5: 5f99a72799e868463de8cbfe4217cd27 Located: HK_CU:Run, Win_Fixer_Free command: C:\Program Files\WinFixerFree\uwinfx6.exe /scan file: Located: Startup (common), Privoxy.lnk command: C:\Program Files\Privoxy\privoxy.exe file: C:\Program Files\Privoxy\privoxy.exe size: 212480 MD5: 1e97a1be222900dc88f4c9ae66a280d2 Located: System.ini, ShellServiceObjectDelayLoad command: C:\WINNT\system32\nntapi.dll file: C:\WINNT\system32\nntapi.dll size: 0 MD5: d41d8cd98f00b204e9800998ecf8427e ??? --- Browser helper object list --- --- ActiveX list --- {205FF73B-CA67-11D5-99DD-444553540013} (CInstall Class) DPF name: CLSID name: CInstall Class Installer: C:\WINNT\Downloaded Program Files\Install.inf Codebase: http://adserver.sharewareonline.com/adserver/Install.cab description: classification: Open for discussion known filename: info link: info source: Safer Networking Ltd. Path: C:\WINNT\DOWNLO~1\ Long name: Install.dll Short name: Date (created): 16/05/2005 15:44:06 Date (last access): 05/04/2006 19:56:30 Date (last write): 16/05/2005 15:44:06 Filesize: 315392 Attributes: archive MD5: 025638E67A52BEDFCBA4DF7860EECDB3 CRC32: 01FCA94F Version: 2.0.0.6 {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) DPF name: CLSID name: HbtInstObj Installer: C:\WINNT\Downloaded Program Files\HbTools.inf Codebase: http://installs.hotbar.com/installs/hbtools/programs/hbtools.cab Path: C:\WINNT\Downloaded Program Files\ Long name: HbInstIE.dll Short name: Date (created): 23/02/2006 14:37:28 Date (last access): 05/04/2006 20:10:46 Date (last write): 23/02/2006 14:37:28 Filesize: 132760 Attributes: archive MD5: B6163801EE1154A23929A888C46AC6C6 CRC32: 51D50E99 Version: 4.7.5.2500 {EF98AF7B-1F54-4079-91BC-3996DEABA45A} (Sinstaller Class) DPF name: CLSID name: Sinstaller Class Installer: C:\WINNT\Downloaded Program Files\cursorcafe.inf Codebase: http://www.cursorcafe.com/app_cc/bin/cursorcafe.cab Path: C:\Program Files\CursorCafe\installer\bin\ Long name: CursorCafeInst.dll Short name: CURSOR~1.DLL Date (created): 23/11/2004 21:57:08 Date (last access): 05/04/2006 20:08:12 Date (last write): 23/11/2004 21:57:08 Filesize: 166912 Attributes: archive MD5: F245EC0EC4469AAF3741745422795C76 CRC32: E3A7E380 Version: 1.0.0.1 {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} () DPF name: CLSID name: Installer: C:\WINNT\Downloaded Program Files\SETUP.INF Codebase: http://download.spyspotter.com/spyspotter/sp3.02r/spyspottercabinstall.cab description: classification: Open for discussion known filename: info link: info source: Safer Networking Ltd. --- Process list --- PID: 0 ( 0) [System] PID: 152 ( 8) \SystemRoot\System32\smss.exe PID: 168 ( 152) \??\C:\WINNT\system32\csrss.exe PID: 188 ( 152) \??\C:\WINNT\system32\winlogon.exe PID: 216 ( 188) C:\WINNT\system32\services.exe size: 92944 MD5: B861B4E6E9637EB76A40C10C552E0229 PID: 228 ( 188) C:\WINNT\system32\lsass.exe size: 33552 MD5: F19D0A319AB4BF5496F08807CB9B8651 PID: 404 ( 216) C:\WINNT\VMADD\VMSRVC.EXE size: 101104 MD5: DB94C2BC0C7B53E4447AE51CA12A824E PID: 448 ( 216) C:\Program Files\Eset\nod32krn.exe size: 495616 MD5: FBE9F8D39066FF4A6B5C7D2F12E2E754 PID: 464 ( 216) C:\WINNT\system32\svchost.exe size: 7952 MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C PID: 496 ( 216) C:\WINNT\system32\VPCMap.exe size: 57344 MD5: 7F66C5E1D471C3A30053D70B3762F965 PID: 560 ( 216) C:\WINNT\System32\svchost.exe size: 7952 MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C PID: 580 ( 216) C:\WINNT\System32\WBEM\WinMgmt.exe size: 196706 MD5: 05B2001E1BC653FD6091E741B46F71B4 PID: 1288 (1220) C:\WINNT\system32\RUNDLL32.EXE size: 10000 MD5: 1ED5274825CD1EEBBE102B9FF7C9EC31 PID: 1040 ( 96) C:\Program Files\Spybot S&D\SpybotSD.exe size: 4393096 MD5: 09CA174A605B480318731E691DC98539 PID: 1664 ( 96) C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe size: 824832 MD5: 1B0EDBF799B57EAD6EF68A82906C2097 PID: 1788 ( 188) C:\WINNT\explorer.exe size: 243472 MD5: 59CF2B7DCED9111F48F51B4B570E672D PID: 1436 (1788) C:\WINNT\system32\rundll32.exe size: 10000 MD5: 1ED5274825CD1EEBBE102B9FF7C9EC31 PID: 1584 (1788) C:\Program Files\Privoxy\privoxy.exe size: 212480 MD5: 1E97A1BE222900DC88F4C9AE66A280D2 PID: 1556 (1296) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe size: 1196032 MD5: 9BE536A760568810A4946E85E74992EF PID: 8 ( 0) System --- Browser start & search pages list --- Spybot - Search & Destroy browser pages report, 05/04/2006 21:26:56 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page C:\WINNT\system32\blank.htm HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page http://searchbar.findthewebsiteyouneed.com HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar http://searchbar.findthewebsiteyouneed.com HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page http://www.findthewebsiteyouneed.com HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL http://searchbar.findthewebsiteyouneed.com HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant Explorer\Main\Default_Search_URL http://searchbar.findthewebsiteyouneed.com HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page %SystemRoot%\system32\blank.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page http://searchbar.findthewebsiteyouneed.com HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcDqLpVXxUyHVrXvjp7iQKiqN83lD3gTaJmoPqk3EC5vmG2mu3988F7nAlNeoemp4xTgSuDz000VIYt/kiRrEk93SFbarTSWyJ00dhrAwzyMMTj0dP39Ktdux6eumgZqBWtTzHjDVvLztI+8bW1IFgHzTvof7TajT06OarsS0e3JhEFUO3N6j7/wQ== HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm --- Winsock Layered Service Provider list --- Protocol 0: NOD32 protected [MSAFD Tcpip [TCP/IP]] GUID: {0C8C1394-9DEA-409D-91DC-8E510B878EB6} Filename: C:\WINNT\system32\imon.dll Protocol 1: NOD32 protected [MSAFD Tcpip [UDP/IP]] GUID: {76DBC13E-8BE2-4381-8EC8-5A53B330EFA3} Filename: C:\WINNT\system32\imon.dll Protocol 2: NOD32 protected [MSAFD Tcpip [RAW/IP]] GUID: {D5BC8FAB-3F83-4AC9-BFD3-406FD44995F5} Filename: C:\WINNT\system32\imon.dll Protocol 3: NOD32 protected [RSVP UDP Service Provider] GUID: {5651730E-F791-4C6D-831D-53C160895ED6} Filename: C:\WINNT\system32\imon.dll Protocol 4: NOD32 protected [RSVP TCP Service Provider] GUID: {822EE07F-870A-4BC0-8709-78A6A5DE662B} Filename: C:\WINNT\system32\imon.dll Protocol 16: NOD32 GUID: {28A4D8DA-E908-4C6F-A926-A66CC7AD3224} Filename: C:\WINNT\system32\imon.dll --- Uninstall list --- Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal) uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG publisher: Lavasoft help link: http://www.lavasoft.com (AddressBook) Aquatica Waterworlds (Aquatica3) uninstall cmd: C:\PROGRA~1\Aquatica Waterworlds\AQ3Uninstaller.exe (Branding) (Connection Manager) CursorCafe Installer (CursorCafeInstaller) uninstall cmd: "C:\Program Files\CursorCafe\ccuninst.exe" (DirectAnimation) (DirectDrawEx) (DXM_Runtime) Ethereal 0.10.13 0.10.13 (Ethereal) uninstall cmd: "C:\Program Files\Ethereal\uninstall.exe" publisher: The Ethereal developer community, http://www.ethereal.com help link: mailto:ethereal-users@ethereal.com (expinst) (Fontcore) (ICW) (IE40) (IE4Data) (IE5BAKEX) (IEData) (IEREADME) JGoodies JDiskReport 1.2.1 1.2.1 (2004-02-16 11:57:55) (JDiskReport 1.2.1) install location: C:\Program Files\JGoodies\JDiskReport uninstall cmd: "C:\Program Files\JGoodies\JDiskReport\uninstall.exe" publisher: JGoodies Karsten Lentzsch help link: http://www.JGoodies.com help telephone: +49 431 18761 Windows 2000 Hotfix - KB834707 20040929.091901 (KB834707-IE6SP1-20040929.091901) uninstall cmd: C:\WINNT\$NtUninstallKB834707-IE6SP1-20040929.091901$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=834707 Windows 2000 Hotfix - KB842773 (KB842773) uninstall cmd: C:\WINNT\$NtUninstallKB842773$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=842773 Windows 2000 Hotfix - KB867282 20050127.163319 (KB867282-IE6SP1-20050127.163319) uninstall cmd: C:\WINNT\$NtUninstallKB867282-IE6SP1-20050127.163319$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=867282 Windows 2000 Hotfix - KB883939 20050428.125228 (KB883939-IE6SP1-20050428.125228) uninstall cmd: "C:\WINNT\$NtUninstallKB883939-IE6SP1-20050428.125228$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=883939 (KB884016) Windows 2000 Hotfix - KB887797 20041112.131144 (KB887797-OE6SP1-20041112.131144) uninstall cmd: C:\WINNT\$NtUninstallKB887797-OE6SP1-20041112.131144$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=887797 Windows 2000 Hotfix - KB889293 20041111.235619 (KB889293-IE6SP1-20041111.235619) uninstall cmd: C:\WINNT\$NtUninstallKB889293-IE6SP1-20041111.235619$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=889293 Windows 2000 Hotfix - KB890046 20050517.235025 (KB890046) uninstall cmd: "C:\WINNT\$NtUninstallKB890046$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890046 Windows 2000 Hotfix - KB890923 20050225.103456 (KB890923-IE6SP1-20050225.103456) uninstall cmd: "C:\WINNT\$NtUninstallKB890923-IE6SP1-20050225.103456$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=890923 Windows 2000 Hotfix - KB893756 20050702.42421 (KB893756) uninstall cmd: "C:\WINNT\$NtUninstallKB893756$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=893756 (KB893803) Windows Installer 3.1 (KB893803) 3.1 (KB893803v2) uninstall cmd: "C:\WINNT\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=42467 Windows 2000 Hotfix - KB894320 20050429.01037 (KB894320) uninstall cmd: "C:\WINNT\$NtUninstallKB894320$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=894320 Windows 2000 Hotfix - KB896358 20050421.70926 (KB896358) uninstall cmd: "C:\WINNT\$NtUninstallKB896358$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896358 Windows 2000 Hotfix - KB896422 20050503.23608 (KB896422) uninstall cmd: "C:\WINNT\$NtUninstallKB896422$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896422 Windows 2000 Hotfix - KB896423 20050713.01536 (KB896423) uninstall cmd: "C:\WINNT\$NtUninstallKB896423$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896423 Windows 2000 Hotfix - KB896424 20051007.114600 (KB896424) uninstall cmd: "C:\WINNT\$NtUninstallKB896424$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896424 Windows 2000 Hotfix - KB896688 20051004.130236 (KB896688-IE6SP1-20051004.130236) uninstall cmd: "C:\WINNT\$NtUninstallKB896688-IE6SP1-20051004.130236$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=896688 Windows 2000 Hotfix - KB896727 20050719.165959 (KB896727-IE6SP1-20050719.165959) uninstall cmd: "C:\WINNT\$NtUninstallKB896727-IE6SP1-20050719.165959$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=896727 Windows 2000 Hotfix - KB897715 20050503.210336 (KB897715-OE6SP1-20050503.210336) uninstall cmd: "C:\WINNT\$NtUninstallKB897715-OE6SP1-20050503.210336$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=897715 Windows 2000 Hotfix - KB899587 20050614.212757 (KB899587) uninstall cmd: "C:\WINNT\$NtUninstallKB899587$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899587 Windows 2000 Hotfix - KB899588 20050628.234036 (KB899588) uninstall cmd: "C:\WINNT\$NtUninstallKB899588$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899588 Windows 2000 Hotfix - KB899589 20050822.21016 (KB899589) uninstall cmd: "C:\WINNT\$NtUninstallKB899589$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899589 Windows 2000 Hotfix - KB900725 20050923.34708 (KB900725) uninstall cmd: "C:\WINNT\$NtUninstallKB900725$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=900725 Windows 2000 Hotfix - KB901017 20050830.22150 (KB901017) uninstall cmd: "C:\WINNT\$NtUninstallKB901017$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=901017 Windows 2000 Hotfix - KB901214 20050629.02152 (KB901214) uninstall cmd: "C:\WINNT\$NtUninstallKB901214$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=901214 Windows 2000 Hotfix - KB902400 20050905.04634 (KB902400) uninstall cmd: "C:\WINNT\$NtUninstallKB902400$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=902400 Windows 2000 Hotfix - KB904368 20050719.212549 (KB904368) uninstall cmd: "C:\WINNT\$NtUninstallKB904368$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=904368 Windows 2000 Hotfix - KB904706 20050830.201441 (KB904706) uninstall cmd: "C:\WINNT\$NtUninstallKB904706$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=904706 Windows 2000 Hotfix - KB905414 20050816.13004 (KB905414) uninstall cmd: "C:\WINNT\$NtUninstallKB905414$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=905414 Windows 2000 Hotfix - KB905495 20050805.184113 (KB905495-IE6SP1-20050805.184113) uninstall cmd: "C:\WINNT\$NtUninstallKB905495-IE6SP1-20050805.184113$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=905495 Windows 2000 Hotfix - KB905749 20050902.21643 (KB905749) uninstall cmd: "C:\WINNT\$NtUninstallKB905749$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=905749 Windows 2000 Hotfix - KB905915 20051122.175908 (KB905915-IE6SP1-20051122.175908) install date: 20060405 uninstall cmd: "C:\WINNT\$NtUninstallKB905915-IE6SP1-20051122.175908$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=905915 Windows 2000 Hotfix - KB908519 20051124.165020 (KB908519) install date: 20060405 uninstall cmd: "C:\WINNT\$NtUninstallKB908519$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=908519 Windows 2000 Hotfix - KB908523 20051021.131026 (KB908523) install date: 20060405 uninstall cmd: "C:\WINNT\$NtUninstallKB908523$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=908523 Security Update for Windows Media Player (KB911564) (KB911564) install date: 20060405 uninstall cmd: "C:\WINNT\$NtUninstallKB911564$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=911564 Windows 2000 Hotfix - KB912919 20060103.111025 (KB912919) install date: 20060405 uninstall cmd: "C:\WINNT\$NtUninstallKB912919$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=912919 Microsoft .NET Framework 1.1 Hotfix (KB886903) (M886903) uninstall cmd: "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp" Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033)) uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} readme: file://C:\WINNT\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm (Microsoft NetShow Player 2.0) (MobileOptionPack) Mozilla Firefox (1.5) 1.5 (en-GB) (Mozilla Firefox (1.5)) install location: C:\Program Files\Mozilla\Firefox uninstall cmd: C:\WINNT\UninstallFirefox.exe /ua "1.5 (en-GB)" publisher: Mozilla (MPlayer2) (MSI30-Beta1) (MSI30-Beta2) (MSI30-KB884016) (MSI30-RC1) (MSI30-RC2) (MSI30a-KB884016) (MSI31-Beta) (MSI31-RC1) myCleanerPC (myCleanerPC) uninstall cmd: C:\WINNT\system32\mcpcuninstaller1_25.EXE publisher: myBetterPC ,Inc help telephone: 888-658-8366 (NetMeeting) NOD32 antivirus system (NOD32) uninstall cmd: C:\Program Files\Eset\Setup\setup.exe /UNINSTALL (OutlookExpress) Windows 2000 Hotfix (SP5) Q818043 20030501.174006 (Q818043) uninstall cmd: C:\WINNT\$NtUninstallQ818043$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=818043 Windows Media Player Hotfix [See Q828026 for more information] (Q828026) uninstall cmd: C:\WINNT\$NtUninstallQ828026$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=828026 Registry Cleaner Version 4.0 (Registry Cleaner_is1) install location: C:\Program Files\Registry Cleaner Trial\ uninstall cmd: "C:\Program Files\Registry Cleaner Trial\unins000.exe" (SchedulingAgent) Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1) install location: C:\Program Files\Spybot S&D\ uninstall cmd: "C:\Program Files\Spybot S&D\unins000.exe" publisher: Safer Networking Limited SpySpotter (SpySpotter) uninstall cmd: C:\Program Files\SpySpotter3\Uninstall.exe Starware 4.1.2.0 (Starware) uninstall cmd: C:\Program Files\Starware\StarwareUninstall.exe Surf SideKick (Surf SideKick) uninstall cmd: C:\Program Files\SurfSideKick 3\Ssk.exe /u Total Uninstall 3.52 3.52 (Total Uninstall 3_is1) install location: C:\Program Files\Total Uninstall\ uninstall cmd: "C:\Program Files\Total Uninstall\unins001.exe" publisher: Gavrila Martau help link: http://www.martau.com Total Uninstall 2.34 (Total Uninstall_is1) uninstall cmd: "C:\Program Files\Total Uninstall\unins000.exe" publisher: Gavrila Martau help link: http://www.geocities.com/ggmartau TSA (TSA) uninstall cmd: C:\WINNT\system32\tsuninst.exe /u Tweak UI (TweakUI) uninstall cmd: C:\WINNT\rundll32.exe syssetup.dll,SetupInfObjectInstallAction DefaultUninstall 4 C:\WINNT\Inf\Tweakui.Inf Universal Extractor 1.0 1.0 (Universal Extractor_is1) install location: C:\Program Files\Universal Extractor\ uninstall cmd: "C:\Program Files\Universal Extractor\unins000.exe" publisher: Jared Breland help link: http://www.legroom.net/mysoft Update Rollup 1 for Windows 2000 SP4 20050602.215753 (Update Rollup 1) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=891861 WinFixer 2006 1.2.125.3 (UWinFX6_is1) install location: C:\Program Files\WinFixerFree\ uninstall cmd: "C:\Program Files\WinFixerFree\unins000.exe" VX2 Cleaner plug-in for Ad-Aware SE (VX2 Cleaner plug-in for Ad-Aware SE) uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\VX2CLE~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\VX2CLE~1\INSTALL.LOG publisher: Lavasoft help link: http://www.lavasoft.de webHancer Customer Companion (webHancer Agent) uninstall cmd: C:\Program Files\webHancer\Programs\whInstaller.exe -uninstall (Windows 2000 Service Pack) WinPcap 3.1 3.1.0.27 (WinPcapInst) uninstall cmd: C:\Program Files\WinPcap\uninstall.exe publisher: CACE Technologies Yazzle Sudoku by OIN (YazzleSudoku) uninstall cmd: C:\Program Files\Yazzle Sudoku\uninstaller.exe Zango Search Assistant (zango) uninstall cmd: c:\program files\zango\zango.exe /uninst_simple_init=y J2SE Runtime Environment 5.0 Update 4 1.5.0.40 ({3248F0A8-6813-11D6-A77B-00B0D0150040}) version: 17104896 version (major): 1 version (minor): 5 estimated size: 121261 install date: 20050817 install source: C:\Documents and Settings\Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\ uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040} publisher: Sun Microsystems, Inc. contact: http://java.com help link: http://java.com readme: C:\Program Files\Java\jre1.5.0_04\README.txt Command 1.0.1 ({3877C2CD-F137-4144-BDB2-0A811492F920}) uninstall cmd: wscript "C:\WINNT\YUQ\sok.vbs" contact: Customer Support Department ({5B239A98-4222-4D8C-AF38-1A8EC07F956B}) ({5D0930A0-1033-433A-8BB9-602665550DD0}) Windows Genuine Advantage v1.3.0254.0 1.3.0254.0 ({63569CE9-FA00-469C-AF5C-E5D4D93ACF91}) version: 16974078 version (major): 1 version (minor): 3 estimated size: 519 install date: 20050817 install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\IXP000.TMP\ uninstall cmd: MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} publisher: Microsoft comments: Your Comments contact: Customer Support Department help link: http://www.microsoft.com/genuine/downloads/whyValidate.aspx/help help telephone: 1-425.882.8080 WebFldrs 9.00.3907 ({6F716D8C-398F-11D3-85E1-005004838609}) version: 150998851 version (major): 9 estimated size: 2524 install date: 20040604 install source: C:\WINNT\System32\ publisher: Microsoft Corporation help link: http://www.microsoft.com/windows Kerio Personal Firewall 4.0.16605 ({8315396A-5EA1-419D-BEC4-978284BDF556}) version: 67125469 version (major): 4 estimated size: 8414 install date: 20041113 install location: C:\Program Files\Kerio\ install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is2\ uninstall cmd: MsiExec.exe /I{8315396A-5EA1-419D-BEC4-978284BDF556} publisher: Kerio Technologies contact: Customer Support Department help link: http://www.kerio.com/support.html help telephone: +420-377-338-901 Microsoft Baseline Security Analyzer 2.0 2.0.5029.2 ({8A8F4EF8-160C-4E0F-B32D-92E2313E039B}) version: 33559461 version (major): 2 estimated size: 2435 install date: 20060405 install source: Z:\Installs\Microsoft\ uninstall cmd: MsiExec.exe /I{8A8F4EF8-160C-4E0F-B32D-92E2313E039B} publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=16531 readme: file://C:\Program Files\Microsoft Baseline Security Analyzer 2\Help\readme.html Network Monitor 6.0.1 ({A394E835-C8D6-4B4B-884B-D2709059F3BE}) uninstall cmd: wscript "C:\WINNT\uninstall_nmon.vbs" contact: Customer Support Department Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) version: 16847074 version (major): 1 version (minor): 1 estimated size: 65813 install date: 20050225 install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\IXP000.TMP\ uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} publisher: Microsoft readme: file://C:\WINNT\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm SUPERAntiSpyware Free Edition 3.0.0.1058 ({CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) version: 50331648 version (major): 3 estimated size: 6671 install date: 20060405 install source: C:\Program Files\Common Files\Wise Installation Wizard\ uninstall cmd: MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} publisher: SUPERAntiSpyware.com help link: http://www.superantispyware.com/support.html Virtual Machine Additions 13.306 ({F7D2F453-B593-4875-9635-9B79FD77A81C}) version: 221380608 version (major): 13 version (minor): 306 estimated size: 922 install date: 20041125 install location: C:\WINNT\VMADD\ install source: D:\Windows\ uninstall cmd: MsiExec.exe /X{F7D2F453-B593-4875-9635-9B79FD77A81C} publisher: Microsoft Corporation help link: http://www.microsoft.com/support --- System Services --- Service (registry key): .NET CLR Data Start: 0 Type: 0 Error Control: 0 Service (registry key): .NET CLR Networking Start: 0 Type: 0 Error Control: 0 Service (registry key): .NETFramework Start: 0 Type: 0 Error Control: 0 Service (registry key): 1-driver-vmsrvc Display name: Virtual Machine Additions Services Driver Image path: System32\drivers\VMSRVC.SYS Image size: 52976 Image MD5: 954E4E868FD6D77F956F0C43174CF199 Start: 1 Type: 1 Error Control: 1 Service (registry key): 1-vmsrvc Display name: Virtual Machine Additions Services Application Description: Provides optimizations and integration support for virtual machine technologies. Object name: LocalSystem Image path: C:\WINNT\VMADD\VMSRVC.EXE Image size: 101104 Image MD5: DB94C2BC0C7B53E4447AE51CA12A824E Start: 2 Type: 272 Error Control: 1 Depends On services: 1-driver-vmsrvc Service (registry key): Abiosdsk Start: 4 Type: 1 Error Control: 0 Service (registry key): abp480n5 Start: 4 Type: 1 Error Control: 1 Service (registry key): ACPI Display name: Microsoft ACPI Driver Image path: System32\DRIVERS\ACPI.sys Image size: 163120 Image MD5: 083049D5DC3F32D17C2EDFB732C78A09 Start: 0 Type: 1 Error Control: 1 Service (registry key): ACPIEC Start: 4 Type: 1 Error Control: 1 Service (registry key): adpu160m Start: 4 Type: 1 Error Control: 1 Service (registry key): AFD Display name: AFD Networking Support Environment Image path: \SystemRoot\System32\drivers\afd.sys Start: 2 Type: 1 Error Control: 1 Service (registry key): Aha154x Start: 4 Type: 1 Error Control: 1 Service (registry key): aic116x Start: 4 Type: 1 Error Control: 1 Service (registry key): aic78u2 Start: 4 Type: 1 Error Control: 1 Service (registry key): aic78xx Start: 4 Type: 1 Error Control: 1 Service (registry key): Alerter Display name: Alerter Description: Notifies selected users and computers of administrative alerts. Object name: LocalSystem Image path: %SystemRoot%\System32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 3 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): ami0nt Start: 4 Type: 1 Error Control: 1 Service (registry key): AMON Display name: AMON Image path: \??\C:\WINNT\system32\drivers\amon.sys Image size: 502208 Image MD5: F47C740833D914304C588E5143F3E10B Start: 3 Type: 1 Error Control: 1 Service (registry key): amsint Start: 4 Type: 1 Error Control: 1 Service (registry key): AppMgmt Display name: Application Management Description: Provides software installation services such as Assign, Publish, and Remove. Object name: LocalSystem Image path: %SystemRoot%\system32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 3 Type: 32 Error Control: 1 Service (registry key): asc Start: 4 Type: 1 Error Control: 1 Service (registry key): asc3350p Start: 4 Type: 1 Error Control: 1 Service (registry key): asc3550 Start: 4 Type: 1 Error Control: 1 Service (registry key): ASP.NET Start: 0 Type: 0 Error Control: 0 Service (registry key): ASP.NET_1.1.4322 Start: 0 Type: 0 Error Control: 0 Service (registry key): aspnet_state Display name: ASP.NET State Service Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start. Object name: .\ASPNET Image path: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe Image size: 32768 Image MD5: E1A1206A4FB19B675E947B29CCD25FBA Start: 3 Type: 16 Error Control: 1 Service (registry key): AsyncMac Display name: RAS Asynchronous Media Driver Description: RAS Asynchronous Media Driver Image path: System32\DRIVERS\asyncmac.sys Image size: 17840 Image MD5: 5D3D77C9EB3A8E6A14CC8E1252B6CC5C Start: 3 Type: 1 Error Control: 1 Service (registry key): atapi Display name: Standard IDE/ESDI Hard Disk Controller Image path: System32\DRIVERS\atapi.sys Image size: 86672 Image MD5: 8C718AA8C77041B3285D55A0CE980867 Start: 0 Type: 1 Error Control: 1 Service (registry key): Atdisk Start: 4 Type: 1 Error Control: 0 Service (registry key): Atmarpc Display name: ATM ARP Client Protocol Description: ATM ARP Client Protocol Image path: System32\DRIVERS\atmarpc.sys Image size: 57904 Image MD5: 3E348B3313EA633D45CAF59DA0D631BA Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): audstub Display name: Audio Stub Driver Image path: System32\DRIVERS\audstub.sys Image size: 2896 Image MD5: 39D57104A45270F0D376E9DDB484EBBD Start: 3 Type: 1 Error Control: 1 Service (registry key): Beep Start: 1 Type: 1 Error Control: 1 Service (registry key): BITS Display name: Background Intelligent Transfer Service Description: Transfers files in the background using idle network bandwidth. If the service is disabled, then any functions that depend on BITS, such as Windows Update or MSN Explorer will be unable to automatically download programs and other information. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k BITSgroup Image size: 7952 Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C Start: 3 Type: 32 Error Control: 1 Depends On services: Rpcss,SENS,Wmi Service (registry key): Browser Display name: Computer Browser Description: Maintains an up-to-date list of computers on your network and supplies the list to programs that request it. Object name: LocalSystem Image path: %SystemRoot%\System32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 3 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation,LanmanServer Service (registry key): BusLogic Start: 4 Type: 1 Error Control: 1 Service (registry key): cd20xrnt Start: 4 Type: 1 Error Control: 1 Service (registry key): Cdaudio Start: 1 Type: 1 Error Control: 0 Service (registry key): Cdfs Start: 4 Type: 2 Error Control: 1 Depends On group: "SCSI CDROM Class" Service (registry key): Cdrom Display name: CD-ROM Driver Image path: System32\DRIVERS\cdrom.sys Image size: 27984 Image MD5: 4B86A90A7F0095D514D22A9083826488 Start: 1 Type: 1 Error Control: 1 Depends On group: "SCSI miniport" Service (registry key): Changer Start: 1 Type: 1 Error Control: 0 Service (registry key): cisvc Display name: Indexing Service Object name: LocalSystem Image path: C:\WINNT\System32\cisvc.exe Image size: 5392 Image MD5: 2830A2C82270F387265DFA658656EB99 Start: 4 Type: 288 Error Control: 1 Depends On services: RPCSS Service (registry key): ClipSrv Display name: ClipBook Description: Supports ClipBook Viewer, which allows pages to be seen by remote ClipBooks. Object name: LocalSystem Image path: %SystemRoot%\system32\clipsrv.exe Image size: 31504 Image MD5: 804212B6B82354CF4F0C2D567575688A Start: 4 Type: 16 Error Control: 1 Depends On services: NetDDE Service (registry key): cmdService Display name: Command Service Object name: LocalSystem Image path: C:\WINNT\YUQ\command.exe Image size: 293888 Image MD5: 3E2C234DDE711C6754F2DF994FB3CC94 Start: 2 Type: 272 Error Control: 0 Service (registry key): ContentFilter Start: 0 Type: 0 Error Control: 0 Service (registry key): ContentIndex Start: 0 Type: 0 Error Control: 0 Service (registry key): Cpqarray Start: 4 Type: 1 Error Control: 1 Service (registry key): cpqarry2 Start: 4 Type: 1 Error Control: 1 Service (registry key): cpqfcalm Start: 4 Type: 1 Error Control: 1 Service (registry key): cpqfws2e Start: 4 Type: 1 Error Control: 1 Service (registry key): ctlsb16 Display name: Creative SB16/AWE32/AWE64 Driver (WDM) Image path: system32\drivers\ctlsb16.sys Image size: 141904 Image MD5: B49BFFAF68C76D86321580242BFAA186 Start: 3 Type: 1 Error Control: 1 Service (registry key): dac960nt Start: 4 Type: 1 Error Control: 1 Service (registry key): DC21x4 Display name: DC21x4 Based Network Adapter Driver Image path: System32\DRIVERS\dc21x4.sys Image size: 64880 Image MD5: 56ACAB66A15CE65F101AA93B6C51B642 Start: 3 Type: 1 Error Control: 1 Service (registry key): deckzpsx Start: 4 Type: 1 Error Control: 1 Service (registry key): Dhcp Display name: DHCP Client Description: Manages network configuration by registering and updating IP addresses and DNS names. Object name: LocalSystem Image path: %SystemRoot%\System32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 2 Type: 32 Error Control: 1 Depends On services: Tcpip,Afd,NetBT Service (registry key): Disk Display name: Disk Driver Image path: System32\DRIVERS\disk.sys Image size: 30768 Image MD5: 322B9A3774DBF119F6635A476B0EB058 Start: 0 Type: 1 Error Control: 1 Depends On group: "SCSI miniport" Service (registry key): Diskperf Start: 0 Type: 1 Error Control: 1 Service (registry key): dmadmin Display name: Logical Disk Manager Administrative Service Description: Administrative service for disk management requests Object name: LocalSystem Image path: %SystemRoot%\System32\dmadmin.exe /com Image size: 147728 Image MD5: 7B080C0AC30884E981221342DA197C1E Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs,PlugPlay,DmServer Service (registry key): dmboot Image path: System32\drivers\dmboot.sys Image size: 369104 Image MD5: 0B91C63540682BC3C826FC6D8B3ECB7B Start: 4 Type: 1 Error Control: 1 Service (registry key): dmio Display name: Logical Disk Manager Driver Image path: System32\drivers\dmio.sys Image size: 137936 Image MD5: 6B35BFDBDBC247113852F18BF0F10E3C Start: 0 Type: 1 Error Control: 1 Service (registry key): dmload Image path: System32\drivers\dmload.sys Image size: 7312 Image MD5: 3F1701FFA97AB012685ABC8A2D6FCE22 Start: 0 Type: 1 Error Control: 1 Service (registry key): dmserver Display name: Logical Disk Manager Description: Logical Disk Manager Watchdog Service Object name: LocalSystem Image path: %SystemRoot%\System32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs,PlugPlay Service (registry key): DMusic Display name: Microsoft DirectMusic SW Synth (WDM) Image path: system32\drivers\DMusic.sys Image size: 51152 Image MD5: 3431984234B5988D4C09F043CF4CD779 Start: 3 Type: 1 Error Control: 1 Service (registry key): Dnscache Display name: DNS Client Description: Resolves and caches Domain Name System (DNS) names. Object name: LocalSystem Image path: %SystemRoot%\System32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 2 Type: 32 Error Control: 1 Depends On services: Tcpip Service (registry key): EFS Start: 4 Type: 2 Error Control: 1 Service (registry key): Eventlog Display name: Event Log Description: Logs event messages issued by programs and Windows. Event Log reports contain information that can be useful in diagnosing problems. Reports are viewed in Event Viewer. Object name: LocalSystem Image path: %SystemRoot%\system32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 2 Type: 32 Error Control: 1 Service (registry key): EventSystem Display name: COM+ Event System Description: Provides automatic distribution of events to subscribing COM components. Object name: LocalSystem Image path: C:\WINNT\System32\svchost.exe -k netsvcs Image size: 7952 Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C Start: 3 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): Fastfat Start: 4 Type: 2 Error Control: 1 Service (registry key): Fax Display name: Fax Service Description: Helps you send and receive faxes Object name: LocalSystem Image path: %systemroot%\system32\faxsvc.exe Image size: 94992 Image MD5: C63946C8124A58A6C86EFB0EBEC7CCF9 Start: 4 Type: 272 Error Control: 1 Depends On services: TapiSrv,RpcSs,PlugPlay,Spooler Service (registry key): Fd16_700 Start: 4 Type: 1 Error Control: 1 Service (registry key): Fdc Display name: Floppy Disk Controller Driver Image path: System32\DRIVERS\fdc.sys Image size: 26256 Image MD5: 233E2C4DAE9C84CEF241F0EA30619629 Start: 3 Type: 1 Error Control: 1 Service (registry key): Fips Display name: Fips Start: 2 Type: 1 Error Control: 1 Service (registry key): fireport Start: 4 Type: 1 Error Control: 1 Service (registry key): flashpnt Start: 4 Type: 1 Error Control: 1 Service (registry key): Flpydisk Display name: Floppy Disk Driver Image path: System32\DRIVERS\flpydisk.sys Image size: 19312 Image MD5: 6CA845333DA54F27A8657BE7EE0B600D Start: 3 Type: 1 Error Control: 1 Service (registry key): FltMgr Display name: FltMgr Description: File System Filter Manager Driver Image path: system32\drivers\fltmgr.sys Image size: 136880 Image MD5: C8EB153FA65633A99163775EEAEA15F3 Start: 0 Type: 2 Error Control: 0 Service (registry key): Fs_Rec Start: 1 Type: 8 Error Control: 0 Service (registry key): Ftdisk Display name: Volume Manager Driver Image path: System32\DRIVERS\ftdisk.sys Image size: 116400 Image MD5: C757A3EEFA44EA2D562424A4060329A6 Start: 0 Type: 1 Error Control: 1 Service (registry key): fwdrv Display name: Firewall Driver Image path: \SystemRoot\system32\drivers\fwdrv.sys Start: 1 Type: 1 Error Control: 1 Service (registry key): gameenum Display name: Game Port Enumerator Image path: System32\DRIVERS\gameenum.sys Image size: 9808 Image MD5: 1EE4975FBC708F34A6B07C8E47F6FA3A Start: 3 Type: 1 Error Control: 0 Service (registry key): Gpc Display name: Generic Packet Classifier Description: Generic Packet Classifier Image path: System32\DRIVERS\msgpc.sys Image size: 34704 Image MD5: 6667D07854A3AE7715D22B82761CF0E7 Start: 3 Type: 1 Error Control: 1 Service (registry key): i8042prt Display name: i8042 Keyboard and PS/2 Mouse Port Driver Image path: System32\DRIVERS\i8042prt.sys Image size: 46992 Image MD5: 3B538E8A6B5E078406159EDFE09A5E53 Start: 4 Type: 1 Error Control: 1 Service (registry key): IAS Start: 0 Type: 32 Error Control: 0 Service (registry key): inetaccs Start: 0 Type: 0 Error Control: 0 Service (registry key): ini910u Start: 4 Type: 1 Error Control: 1 Service (registry key): Inport Start: 0 Type: 0 Error Control: 0 Service (registry key): IntelIde Image path: System32\DRIVERS\intelide.sys Image size: 4624 Image MD5: 2C764FEBD7197E3331556FE215ADD934 Start: 0 Type: 1 Error Control: 1 Service (registry key): IpFilterDriver Display name: IP Traffic Filter Driver Description: IP Traffic Filter Driver Image path: System32\DRIVERS\ipfltdrv.sys Image size: 34416 Image MD5: 09A604211E2B2334FC023A41337E3165 Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): IpInIp Display name: IP in IP Tunnel Driver Description: IP in IP Tunnel Driver Image path: System32\DRIVERS\ipinip.sys Image size: 19984 Image MD5: DBC1437B56EEA1AF02CD39C011904491 Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): IpNat Display name: IP Network Address Translator Description: IP Network Address Translator Image path: System32\DRIVERS\ipnat.sys Image size: 67344 Image MD5: ADB8A3465C0FC01C3AE633ADB33FCBB3 Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): IPSEC Display name: IPSEC driver Description: IPSEC driver Image path: System32\DRIVERS\ipsec.sys Image size: 80848 Image MD5: 9D61C8E8044BDAAC6D922EB27552F93A Start: 3 Type: 1 Error Control: 1 Service (registry key): ipsraidn Start: 4 Type: 1 Error Control: 1 Service (registry key): IRENUM Display name: IR Enumerator Service Image path: System32\DRIVERS\irenum.sys Image size: 10288 Image MD5: 7F5315E32BE0632F680B30E03A2CA809 Start: 3 Type: 1 Error Control: 1 Service (registry key): ISAPISearch Start: 0 Type: 0 Error Control: 0 Service (registry key): isapnp Display name: PnP ISA/EISA Bus Driver Image path: System32\DRIVERS\isapnp.sys Image size: 46992 Image MD5: B630369CA276FD208C1B5146920B5F2E Start: 0 Type: 1 Error Control: 3 Service (registry key): Kbdclass Display name: Keyboard Class Driver Image path: System32\DRIVERS\kbdclass.sys Image size: 24528 Image MD5: 399055F5C4A98F39B47D26888A72145D Start: 1 Type: 1 Error Control: 1 Service (registry key): kmixer Display name: Microsoft Kernel Wave Audio Mixer Image path: system32\drivers\kmixer.sys Image size: 148304 Image MD5: 8E198EC9E823AA42EDF45B07EFE395AC Start: 3 Type: 1 Error Control: 1 Service (registry key): KPF4 Display name: Kerio Personal Firewall 4 Description: Kerio Personal Firewall Engine Object name: LocalSystem Image path: C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe Image size: 1949696 Image MD5: 84AE4DFB39F9877676614206D5A2DCA6 Start: 3 Type: 272 Error Control: 1 Service (registry key): KSecDD Start: 0 Type: 1 Error Control: 1 Service (registry key): lanmanserver Display name: Server Description: Provides RPC support and file, print, and named pipe sharing. Object name: LocalSystem Image path: %SystemRoot%\System32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 3 Type: 32 Error Control: 1 Service (registry key): lanmanworkstation Display name: Workstation Description: Provides network connections and communications. Object name: LocalSystem Image path: %SystemRoot%\System32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 2 Type: 32 Error Control: 1 Service (registry key): lbrtfdc Start: 1 Type: 1 Error Control: 0 Service (registry key): LmHosts Display name: TCP/IP NetBIOS Helper Service Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution. Object name: LocalSystem Image path: %SystemRoot%\System32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 2 Type: 32 Error Control: 1 Depends On services: NetBT,Afd Service (registry key): lp6nds35 Start: 4 Type: 1 Error Control: 1 Service (registry key): mchInjDrv Image path: \??\C:\WINNT\TEMP\mc269.tmp Start: 4 Type: 1 Error Control: 0 Service (registry key): Messenger Display name: Messenger Description: Sends and receives messages transmitted by administrators or by the Alerter service. Object name: LocalSystem Image path: %SystemRoot%\System32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 4 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation,NetBIOS,RpcSS Service (registry key): mnmdd Start: 1 Type: 1 Error Control: 0 Service (registry key): mnmsrvc Display name: NetMeeting Remote Desktop Sharing Description: Allows authorized people to remotely access your Windows desktop using NetMeeting. Object name: LocalSystem Image path: C:\WINNT\System32\mnmsrvc.exe Image size: 21776 Image MD5: EEEE63B92CA888AC9FB3D13581751EC2 Start: 3 Type: 272 Error Control: 1 Service (registry key): Modem Start: 3 Type: 1 Error Control: 0 Service (registry key): Mouclass Display name: Mouse Class Driver Image path: System32\DRIVERS\mouclass.sys Image size: 21776 Image MD5: 8D038DDE3F19B88427968E99A6216766 Start: 1 Type: 1 Error Control: 1 Service (registry key): MountMgr Start: 0 Type: 1 Error Control: 1 Service (registry key): mraid35x Start: 4 Type: 1 Error Control: 1 Service (registry key): MRxSmb Display name: MRXSMB Description: MRXSMB Image path: System32\DRIVERS\mrxsmb.sys Image size: 432976 Image MD5: FB4B560EFFF4B44A88503B18A3293028 Start: 1 Type: 2 Error Control: 1 Service (registry key): MRxVPC Display name: Virtual Machine Additions Folder Sharing Driver Image path: \??\C:\WINNT\system32\drivers\MRxVPC.sys Image size: 104960 Image MD5: 0CDB56A522AC9C85750EC86D143595A9 Start: 2 Type: 2 Error Control: 1 Service (registry key): MSDTC Display name: Distributed Transaction Coordinator Description: Coordinates transactions that are distributed across two or more databases, message queues, file systems, or other transaction protected resource managers. Object name: LocalSystem Image path: C:\WINNT\System32\msdtc.exe Image size: 6928 Image MD5: EDC54E17CDF1811A472D518A82182449 Start: 3 Type: 272 Error Control: 1 Depends On services: RPCSS,SamSS Service (registry key): Msfs Start: 1 Type: 2 Error Control: 1 Service (registry key): MSIServer Display name: Windows Installer Description: Installs, repairs and removes software according to instructions contained in .MSI files. Object name: LocalSystem Image path: C:\WINNT\system32\msiexec.exe /V Image size: 78848 Image MD5: F5F0146580E7023ADB963879840777F8 Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): MSKSSRV Display name: Microsoft Streaming Service Proxy Image path: system32\drivers\MSKSSRV.sys Image size: 6640 Image MD5: 883385DC3ECA3CF7C2D7EFCF644CA5AE Start: 3 Type: 1 Error Control: 1 Service (registry key): MSPCLOCK Display name: Microsoft Streaming Clock Proxy Image path: system32\drivers\MSPCLOCK.sys Image size: 5008 Image MD5: 4D0E25CB6BFD5BEDD546501FAF69B3F7 Start: 3 Type: 1 Error Control: 1 Service (registry key): MSPQM Display name: Microsoft Streaming Quality Manager Proxy Image path: system32\drivers\MSPQM.sys Image size: 4816 Image MD5: BB041315C9930063E5EAB0BEE90ACFF6 Start: 3 Type: 1 Error Control: 1 Service (registry key): Mup Display name: Mup Start: 0 Type: 2 Error Control: 1 Service (registry key): Ncrc710 Start: 4 Type: 1 Error Control: 1 Service (registry key): NDIS Display name: NDIS System Driver Start: 0 Type: 1 Error Control: 1 Service (registry key): NdisTapi Display name: Remote Access NDIS TAPI Driver Description: Remote Access NDIS TAPI Driver Image path: System32\DRIVERS\ndistapi.sys Image size: 9200 Image MD5: E6F675C75C53887C58B98D6DB356B153 Start: 3 Type: 1 Error Control: 1 Service (registry key): Ndisuio Display name: NDIS Usermode I/O Protocol Description: NDIS Usermode I/O Protocol Image path: System32\DRIVERS\ndisuio.sys Image size: 11984 Image MD5: 69ECAE880BDAC3C288F0508DF9CDEEF0 Start: 3 Type: 1 Error Control: 1 Service (registry key): NdisWan Display name: Remote Access NDIS WAN Driver Description: Remote Access NDIS WAN Driver Image path: System32\DRIVERS\ndiswan.sys Image size: 93360 Image MD5: B86A37AA73868343A9EEE148FDFCE1E0 Start: 3 Type: 1 Error Control: 1 Service (registry key): NDProxy Start: 3 Type: 1 Error Control: 1 Service (registry key): NetBIOS Display name: NetBIOS Interface Description: NetBIOS Interface Image path: System32\DRIVERS\netbios.sys Image size: 33456 Image MD5: 5151E6020A26BF7BC21C18FD612506BD Start: 1 Type: 2 Error Control: 1 Service (registry key): NetBT Display name: NetBios over Tcpip Description: NetBios over Tcpip Image path: System32\DRIVERS\netbt.sys Image size: 175632 Image MD5: A7CA87628217BBF4A6F501DB65B19E9D Start: 1 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): NetDDE Display name: Network DDE Description: Provides network transport and security for dynamic data exchange (DDE). Object name: LocalSystem Image path: %SystemRoot%\system32\netdde.exe Image size: 110352 Image MD5: F9B001CB9573D32433E051EC9F4FF203 Start: 3 Type: 32 Error Control: 1 Depends On services: NetDDEDSDM Service (registry key): NetDDEdsdm Display name: Network DDE DSDM Description: Manages shared dynamic data exchange and is used by Network DDE Object name: LocalSystem Image path: %SystemRoot%\system32\netdde.exe Image size: 110352 Image MD5: F9B001CB9573D32433E051EC9F4FF203 Start: 3 Type: 32 Error Control: 1 Service (registry key): NetDetect Display name: NetDetect Image path: \SystemRoot\system32\drivers\netdtect.sys Start: 3 Type: 1 Error Control: 1 Service (registry key): Netlogon Display name: Net Logon Description: Supports pass-through authentication of account logon events for computers in a domain. Object name: LocalSystem Image path: %SystemRoot%\System32\lsass.exe Image size: 33552 Image MD5: F19D0A319AB4BF5496F08807CB9B8651 Start: 3 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): Netman Display name: Network Connections Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 7952 Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C Start: 3 Type: 288 Error Control: 1 Depends On services: RpcSs Service (registry key): Network Monitor Display name: Network Monitor Object name: LocalSystem Image path: C:\Program Files\Network Monitor\netmon.exe service Start: 4 Type: 16 Error Control: 0 Service (registry key): nm Display name: Network Monitor Driver Image path: System32\DRIVERS\NMnt.sys Image size: 37552 Image MD5: 32616D58B4A5C666F1FDEBD4084A01B5 Start: 3 Type: 1 Error Control: 1 Service (registry key): NOD32krn Display name: NOD32 Kernel Service Object name: LocalSystem Image path: "C:\Program Files\Eset\nod32krn.exe" Image size: 495616 Image MD5: FBE9F8D39066FF4A6B5C7D2F12E2E754 Start: 2 Type: 272 Error Control: 1 Service (registry key): NPF Display name: NetGroup Packet Filter Driver Image path: system32\drivers\npf.sys Image size: 32512 Image MD5: D21FEE8DB254BA762656878168AC1DB6 Start: 3 Type: 1 Error Control: 1 Service (registry key): Npfs Start: 1 Type: 2 Error Control: 1 Service (registry key): Ntfs Start: 4 Type: 2 Error Control: 1 Service (registry key): NtLmSsp Display name: NT LM Security Support Provider Description: Provides security to remote procedure call (RPC) programs that use transports other than named pipes. Object name: LocalSystem Image path: %SystemRoot%\System32\lsass.exe Image size: 33552 Image MD5: F19D0A319AB4BF5496F08807CB9B8651 Start: 3 Type: 32 Error Control: 1 Service (registry key): NtmsSvc Display name: Removable Storage Description: Manages removable media, drives, and libraries. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 7952 Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C Start: 2 Type: 288 Error Control: 1 Depends On services: RpcSs Service (registry key): Null Start: 1 Type: 1 Error Control: 1 Service (registry key): NwlnkFlt Display name: IPX Traffic Filter Driver Description: IPX Traffic Filter Driver Image path: System32\DRIVERS\nwlnkflt.sys Image size: 12560 Image MD5: 9B0D6FB5C5D6A7571AEDB0C1A7A9C1B6 Start: 3 Type: 1 Error Control: 1 Depends On services: NwlnkFwd Service (registry key): NwlnkFwd Display name: IPX Traffic Forwarder Driver Description: IPX Traffic Forwarder Driver Image path: System32\DRIVERS\nwlnkfwd.sys Image size: 35344 Image MD5: 09FA39E4812FDD042834650DF09675A0 Start: 3 Type: 1 Error Control: 1 Service (registry key): PageDefrag Start: 0 Type: 0 Error Control: 0 Service (registry key): Parallel Display name: Parallel class driver Image path: System32\DRIVERS\parallel.sys Image size: 60208 Image MD5: EA27799907EABDB66D2D56AF68CD4F06 Start: 3 Type: 1 Error Control: 1 Depends On services: Parport Depends On group: "Parallel arbitrator" Service (registry key): Parport Display name: Parallel port driver Image path: System32\DRIVERS\parport.sys Image size: 25104 Image MD5: 69B713583D6E063AC487E2DA30C04289 Start: 1 Type: 1 Error Control: 0 Service (registry key): PartMgr Start: 0 Type: 1 Error Control: 1 Service (registry key): ParVdm Start: 2 Type: 1 Error Control: 0 Depends On services: Parport Depends On group: "Parallel arbitrator" Service (registry key): PCI Display name: PCI Bus Driver Image path: System32\DRIVERS\pci.sys Image size: 59312 Image MD5: F0791B1F424F8D84A81D9AE6CFADF089 Start: 0 Type: 1 Error Control: 3 Service (registry key): PCIDump Start: 1 Type: 1 Error Control: 0 Service (registry key): PCIIde Start: 4 Type: 1 Error Control: 1 Service (registry key): Pcmcia Start: 4 Type: 1 Error Control: 1 Service (registry key): PerfDisk Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfNet Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfOS Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfProc Start: 0 Type: 0 Error Control: 0 Service (registry key): PlugPlay Display name: Plug and Play Description: Manages device installation and configuration and notifies programs of device changes. Object name: LocalSystem Image path: %SystemRoot%\system32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 2 Type: 32 Error Control: 1 Service (registry key): PolicyAgent Display name: IPSEC Policy Agent Description: Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver. Object name: LocalSystem Image path: %SystemRoot%\System32\lsass.exe Image size: 33552 Image MD5: F19D0A319AB4BF5496F08807CB9B8651 Start: 3 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): PptpMiniport Display name: WAN Miniport (PPTP) Description: WAN Miniport (PPTP) Image path: System32\DRIVERS\raspptp.sys Image size: 48464 Image MD5: 0E0212BBBF15800F1536CBFA157DDDD6 Start: 3 Type: 1 Error Control: 1 Service (registry key): ProtectedStorage Display name: Protected Storage Description: Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users. Object name: LocalSystem Image path: %SystemRoot%\system32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 2 Type: 288 Error Control: 1 Depends On services: RpcSs Service (registry key): Ptilink Display name: Direct Parallel Link Driver Description: Direct Parallel Link Driver Image path: System32\DRIVERS\ptilink.sys Image size: 17680 Image MD5: B78775F217255F786C2E8DBE4334E413 Start: 3 Type: 1 Error Control: 1 Service (registry key): ql1080 Start: 4 Type: 1 Error Control: 1 Service (registry key): Ql10wnt Start: 4 Type: 1 Error Control: 1 Service (registry key): ql1240 Start: 4 Type: 1 Error Control: 1 Service (registry key): ql2100 Start: 4 Type: 1 Error Control: 1 Service (registry key): RasAcd Display name: Remote Access Auto Connection Driver Description: Remote Access Auto Connection Driver Image path: System32\DRIVERS\rasacd.sys Image size: 8016 Image MD5: 63051B814E005DC62C7A0971668C52B4 Start: 1 Type: 1 Error Control: 1 Service (registry key): RasAuto Display name: Remote Access Auto Connection Manager Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 7952 Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C Start: 3 Type: 288 Error Control: 1 Depends On services: RasMan,Tapisrv Service (registry key): Rasl2tp Display name: WAN Miniport (L2TP) Description: WAN Miniport (L2TP) Image path: System32\DRIVERS\rasl2tp.sys Image size: 52112 Image MD5: EC6037C594F20ADEDEA65F0D809493D2 Start: 3 Type: 1 Error Control: 1 Service (registry key): RasMan Display name: Remote Access Connection Manager Description: Creates a network connection. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 7952 Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C Start: 3 Type: 288 Error Control: 1 Depends On services: Tapisrv Service (registry key): Raspti Display name: Direct Parallel Description: Direct Parallel Image path: System32\DRIVERS\raspti.sys Image size: 16880 Image MD5: CB09A98E97E52C389AB17B1E003C9566 Start: 3 Type: 1 Error Control: 1 Service (registry key): RCA Display name: Microsoft Streaming Network Raw Channel Access Image path: system32\drivers\RCA.sys Image size: 21712 Image MD5: AFCE1F733A6AA3A90AC60794DFB26104 Start: 3 Type: 1 Error Control: 1 Service (registry key): Rdbss Display name: Rdbss Description: Rdbss Image path: System32\DRIVERS\rdbss.sys Image size: 183248 Image MD5: 8F31E01479E7BA2EEC167F84F823120B Start: 1 Type: 2 Error Control: 1 Service (registry key): redbook Display name: Digital CD Audio Playback Filter Driver Image path: System32\DRIVERS\redbook.sys Image size: 35344 Image MD5: B5120CB5081865B0C7D93C305C7DA939 Start: 1 Type: 1 Error Control: 1 Service (registry key): RemoteAccess Display name: Routing and Remote Access Description: Offers routing services to businesses in local area and wide area network environments. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 7952 Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C Start: 4 Type: 288 Error Control: 1 Depends On services: RpcSS Depends On group: NetBIOSGroup Service (registry key): RemoteRegistry Display name: Remote Registry Service Description: Allows remote registry manipulation. Object name: LocalSystem Image path: %SystemRoot%\system32\regsvc.exe Image size: 68368 Image MD5: 250C4CE389783FA2398E3AFA4317008C Start: 4 Type: 16 Error Control: 1 Service (registry key): rpcapd Display name: Remote Packet Capture Protocol v.0 (experimental) Description: Allows to capture traffic on this machine from a remote machine. Object name: LocalSystem Image path: "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" Image size: 86016 Image MD5: 67C607857CCD6EBFFE768DAD5B2CA239 Start: 3 Type: 16 Error Control: 1 Service (registry key): RpcLocator Display name: Remote Procedure Call (RPC) Locator Description: Manages the RPC name service database. Object name: LocalSystem Image path: %SystemRoot%\System32\locator.exe Image size: 72464 Image MD5: AD57E33F4F7F404D9ABA97E8B33FA21B Start: 3 Type: 16 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): RpcSs Display name: Remote Procedure Call (RPC) Description: Provides the endpoint mapper and other miscellaneous RPC services. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost -k rpcss Image size: 7952 Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C Start: 2 Type: 32 Error Control: 1 Service (registry key): RSVP Display name: QoS RSVP Description: Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets. Object name: LocalSystem Image path: %SystemRoot%\System32\rsvp.exe -s Image size: 176912 Image MD5: 2A21BDDB1BA9B5CD776949380AB46A76 Start: 4 Type: 272 Error Control: 1 Depends On services: TcpIp,Afd Service (registry key): s3legacy Image path: System32\DRIVERS\s3legacy.sys Image size: 65456 Image MD5: A2E5685CAA762CFF440CB149721F1191 Start: 3 Type: 1 Error Control: 0 Service (registry key): SamSs Display name: Security Accounts Manager Description: Stores security information for local user accounts. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 33552 Image MD5: F19D0A319AB4BF5496F08807CB9B8651 Start: 2 Type: 32 Error Control: 1 Service (registry key): SASDIFSV Display name: SASDIFSV Image path: \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS Image size: 5632 Image MD5: A578A5212693F3256A0168E8F3222220 Start: 1 Type: 1 Error Control: 1 Service (registry key): SASENUM Display name: SASENUM Image path: \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS Image size: 4096 Image MD5: 7F1085895E499907F68DF7731924122B Start: 3 Type: 1 Error Control: 1 Service (registry key): SASKUTIL Display name: SASKUTIL Image path: \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys Image size: 13824 Image MD5: A6190D7A02D9E01C7213D601DC8EF775 Start: 1 Type: 1 Error Control: 1 Service (registry key): SCardDrv Display name: Smart Card Helper Description: Provides support for legacy smart card readers attached to the computer. Object name: LocalSystem Image path: %SystemRoot%\System32\SCardSvr.exe Image size: 100112 Image MD5: 13C381E66CDA8D4D80E84BF18307551F Start: 4 Type: 32 Error Control: 0 Depends On group: "Smart Card Reader" Service (registry key): SCardSvr Display name: Smart Card Description: Manages and controls access to a smart card inserted into a smart card reader attached to the computer. Object name: LocalSystem Image path: %SystemRoot%\System32\SCardSvr.exe Image size: 100112 Image MD5: 13C381E66CDA8D4D80E84BF18307551F Start: 4 Type: 32 Error Control: 0 Depends On services: PlugPlay Service (registry key): Schedule Display name: Task Scheduler Description: Enables a program to run at a designated time. Object name: LocalSystem Image path: %SystemRoot%\system32\MSTask.exe Image size: 122128 Image MD5: B00529EAE5D0CE97010B69CC677128C8 Start: 3 Type: 288 Error Control: 1 Depends On services: RpcSs Service (registry key): SchedulingAgent Start: 2 Type: 0 Error Control: 0 Service (registry key): seclogon Display name: RunAs Service Description: Enables starting processes under alternate credentials Object name: LocalSystem Image path: %SystemRoot%\system32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 2 Type: 288 Error Control: 0 Service (registry key): SENS Display name: System Event Notification Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 7952 Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C Start: 2 Type: 32 Error Control: 1 Depends On services: EventSystem Service (registry key): serenum Display name: Serenum Filter Driver Image path: System32\DRIVERS\serenum.sys Image size: 14160 Image MD5: 6DB5FDF67486679DA3149EF212374861 Start: 3 Type: 1 Error Control: 1 Service (registry key): Serial Display name: Serial port driver Image path: System32\DRIVERS\serial.sys Image size: 62736 Image MD5: 80F28698F48E298D278057F23206133B Start: 1 Type: 1 Error Control: 0 Service (registry key): Sfloppy Start: 1 Type: 1 Error Control: 0 Depends On group: "SCSI miniport" Service (registry key): sglfb Start: 1 Type: 1 Error Control: 1 Service (registry key): SharedAccess Display name: Internet Connection Sharing Description: Provides network address translation, addressing, and name resolution services for all computers on your home network through a dial-up connection. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 7952 Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C Start: 4 Type: 288 Error Control: 1 Depends On services: RasMan Service (registry key): Simbad Start: 4 Type: 1 Error Control: 1 Service (registry key): Sparrow Start: 4 Type: 1 Error Control: 1 Service (registry key): Spooler Display name: Print Spooler Description: Loads files to memory for later printing. Object name: LocalSystem Image path: %SystemRoot%\system32\spoolsv.exe Image size: 47376 Image MD5: FACFB75ECC070103619FA044E0B210D3 Start: 3 Type: 272 Error Control: 1 Depends On services: RPCSS Service (registry key): Srv Display name: Srv Description: Srv Image path: System32\DRIVERS\srv.sys Image size: 238928 Image MD5: 3A4AE094915C1ACBA250BBD8F246192F Start: 3 Type: 2 Error Control: 1 Service (registry key): swenum Display name: Software Bus Driver Image path: System32\DRIVERS\swenum.sys Image size: 3728 Image MD5: A151F2D55EBF635550709C48FCE564AA Start: 3 Type: 1 Error Control: 1 Service (registry key): swmidi Display name: Microsoft Kernel GS Wavetable Synthesizer Image path: system32\drivers\swmidi.sys Image size: 53552 Image MD5: 8C7CD06D097A59391D94B59715FCA67C Start: 3 Type: 1 Error Control: 1 Service (registry key): symc810 Start: 4 Type: 1 Error Control: 1 Service (registry key): symc8xx Start: 4 Type: 1 Error Control: 1 Service (registry key): sym_hi Start: 4 Type: 1 Error Control: 1 Service (registry key): sysaudio Display name: Microsoft System Audio Device Image path: system32\drivers\sysaudio.sys Image size: 47568 Image MD5: 6C14D96F8C1BA929FAD4BA40A29217FA Start: 3 Type: 1 Error Control: 1 Service (registry key): SysmonLog Display name: Performance Logs and Alerts Description: Configures performance logs and alerts. Object name: LocalSystem Image path: %SystemRoot%\system32\smlogsvc.exe Image size: 85776 Image MD5: F4F35FE5F46262D45491822D8A66BF62 Start: 4 Type: 16 Error Control: 1 Service (registry key): TapiSrv Display name: Telephony Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 7952 Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C Start: 3 Type: 32 Error Control: 1 Depends On services: PlugPlay,RpcSs Service (registry key): Tcpip Display name: TCP/IP Protocol Driver Description: TCP/IP Protocol Driver Image path: System32\DRIVERS\tcpip.sys Image size: 320176 Image MD5: 4800519C7B6A6FA2212F1F14781430A6 Start: 1 Type: 1 Error Control: 1 Service (registry key): tga Start: 1 Type: 1 Error Control: 0 Service (registry key): TlntSvr Display name: Telnet Description: Allows a remote user to log on to the system and run console programs using the command line. Object name: LocalSystem Image path: %SystemRoot%\system32\tlntsvr.exe Image size: 186128 Image MD5: FA57D2175F4978E2F32CB1B02781D76A Start: 4 Type: 16 Error Control: 1 Depends On services: RpcSs,TcpIp Service (registry key): TrkWks Display name: Distributed Link Tracking Client Description: Sends notifications of files moving between NTFS volumes in a network domain. Object name: LocalSystem Image path: %SystemRoot%\system32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 4 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): Udfs Start: 4 Type: 2 Error Control: 1 Service (registry key): ultra66 Start: 4 Type: 1 Error Control: 1 Service (registry key): Update Display name: Microcode Update Driver Image path: System32\DRIVERS\update.sys Image size: 173232 Image MD5: 7A77F319935328CF30945FE0F3C69C9A Start: 3 Type: 1 Error Control: 1 Service (registry key): UPS Display name: Uninterruptible Power Supply Description: Manages an uninterruptible power supply (UPS) connected to the computer. Object name: LocalSystem Image path: %SystemRoot%\System32\ups.exe Image size: 17680 Image MD5: 222A997AA4C7F7A2B3453B556AFA4406 Start: 4 Type: 16 Error Control: 1 Service (registry key): UtilMan Display name: Utility Manager Description: Starts and configures accessibility tools from one window Object name: LocalSystem Image path: %SystemRoot%\System32\UtilMan.exe Image size: 22800 Image MD5: 7A960F1E9A0B2F7D14F1D0EDDD74375C Start: 4 Type: 272 Error Control: 1 Service (registry key): VgaSave Image path: \SystemRoot\System32\drivers\vga.sys Start: 1 Type: 1 Error Control: 0 Service (registry key): vpc-8042 Display name: VM Additions PS/2 Port Mouse Image path: system32\DRIVERS\vpc-8042.sys Image size: 55536 Image MD5: 3F977DC07866B10C219474673422F76D Start: 1 Type: 1 Error Control: 1 Service (registry key): vpc-s3 Image path: system32\DRIVERS\vpc-s3.sys Image size: 66560 Image MD5: E354F824FC4D3B7C85907B5CAEBCA06F Start: 3 Type: 1 Error Control: 0 Service (registry key): VPCMap Display name: Virtual Machine Additions Shared Folder Service Description: Provides support for shared folders inside of the virtual machine. Object name: LocalSystem Image path: C:\WINNT\system32\VPCMap.exe Image size: 57344 Image MD5: 7F66C5E1D471C3A30053D70B3762F965 Start: 2 Type: 272 Error Control: 1 Depends On services: 1-driver-vmsrvc,MRxVPC Service (registry key): VXD Start: 0 Type: 0 Error Control: 0 Service (registry key): W32Time Display name: Windows Time Description: Sets the computer clock. Object name: LocalSystem Image path: %SystemRoot%\System32\services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 4 Type: 32 Error Control: 1 Service (registry key): W3SVC Start: 0 Type: 0 Error Control: 0 Service (registry key): Wanarp Display name: Remote Access IP ARP Driver Description: Remote Access IP ARP Driver Image path: System32\DRIVERS\wanarp.sys Image size: 32272 Image MD5: AA8C76DFC4AFA72F09FDBC6621B7D38D Start: 3 Type: 1 Error Control: 1 Service (registry key): wdmaud Display name: Microsoft WINMM WDM Audio Compatibility Driver Image path: system32\drivers\wdmaud.sys Image size: 73872 Image MD5: 997D25513BC89614417829B5BEC7C75C Start: 3 Type: 1 Error Control: 1 Service (registry key): WinMgmt Display name: Windows Management Instrumentation Description: Provides system management information. Object name: LocalSystem Image path: %SystemRoot%\System32\WBEM\WinMgmt.exe Image size: 196706 Image MD5: 05B2001E1BC653FD6091E741B46F71B4 Start: 2 Type: 16 Error Control: 0 Depends On services: RPCSS Service (registry key): Winsock Start: 3 Type: 4 Error Control: 1 Service (registry key): WinSock2 Start: 0 Type: 0 Error Control: 0 Service (registry key): WinTrust Start: 0 Type: 0 Error Control: 0 Service (registry key): Wmi Display name: Windows Management Instrumentation Driver Extensions Description: Provides systems management information to and from drivers. Object name: LocalSystem Image path: %SystemRoot%\system32\Services.exe Image size: 92944 Image MD5: B861B4E6E9637EB76A40C10C552E0229 Start: 3 Type: 32 Error Control: 1 Service (registry key): WS2IFSL Display name: Windows Socket 2.0 Non-IFS Service Provider Support Environment Image path: \SystemRoot\System32\drivers\ws2ifsl.sys Start: 2 Type: 1 Error Control: 1 Service (registry key): wuauserv Display name: Automatic Updates Description: Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k wugroup Image size: 7952 Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C Start: 4 Type: 32 Error Control: 1 Service (registry key): WZCSVC Display name: Wireless Configuration Description: Provides authenticated network access control using IEEE 802.1x for wired and wireless Ethernet networks. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 7952 Image MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C Start: 4 Type: 32 Error Control: 1 Depends On services: RpcSs,Ndisuio,ProtectedStorage,WMI Service (registry key): {7C3246C7-A398-4D1A-895D-9C23C56FBD4F} Start: 0 Type: 0 Error Control: 0