Forum
Comments:
-
- on Tue 23 Jun 2009
- 01:09:09 AM UTC
Spybow S&D report
Sorry Its So long.
--- Search result list ---
BDE Projector: [SBI $BC0F679B] File extension (Registry key, nothing done)
HKEY_CLASSES_ROOT\b3d_auto_fileBDE Projector: [SBI $53CC9D1F] File extension (Registry key, nothing done)
HKEY_CLASSES_ROOT\.b3d--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-06-18 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-05-19 Includes\Adware.sbi (*)
2009-06-02 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-05-19 Includes\Dialer.sbi (*)
2009-06-02 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2009-06-09 Includes\HijackersC.sbi (*)
2009-06-16 Includes\Keyloggers.sbi (*)
2009-06-16 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-06-10 Includes\Malware.sbi (*)
2009-06-16 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2009-06-17 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2009-06-02 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-04-07 Includes\Spyware.sbi (*)
2009-06-02 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2009-06-17 Includes\Trojans.sbi (*)
2009-06-17 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll--- System information ---
Windows XP (Build: 2600) Service Pack 3 (5.1.2600)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB887998)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB930494)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Service Pack 3
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ Media Center 2005 / SP3: Windows XP Media Center Edition 2005 KB890629
/ Media Center 2005 / SP3: Windows XP Media Center Edition 2005 KB890760
/ Media Center 2005 / SP3: Windows XP Media Center Edition 2005 KB895198
/ Media Center 2005 / SP3: Windows XP Media Center Edition 2005 KB895678
/ Media Center 2005 / SP3: Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369)
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Windows Media Player: Security Update for Windows Media Player (KB952069)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB936782)
/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
/ Windows XP: Security Update for Windows XP (KB923689)
/ Windows XP: Security Update for Windows XP (KB941569)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB969897)
/ Windows XP / SP0: Update for Windows Internet Explorer 8 (KB971180)
/ Windows XP / SP3: Windows XP Service Pack 3
/ Windows XP / SP4: Security Update for Windows XP (KB923561)
/ Windows XP / SP4: Security Update for Windows XP (KB938464)
/ Windows XP / SP4: Security Update for Windows XP (KB938464-v2)
/ Windows XP / SP4: Security Update for Windows XP (KB946648)
/ Windows XP / SP4: Security Update for Windows XP (KB950759)
/ Windows XP / SP4: Security Update for Windows XP (KB950760)
/ Windows XP / SP4: Security Update for Windows XP (KB950762)
/ Windows XP / SP4: Security Update for Windows XP (KB950974)
/ Windows XP / SP4: Security Update for Windows XP (KB951066)
/ Windows XP / SP4: Update for Windows XP (KB951072-v2)
/ Windows XP / SP4: Security Update for Windows XP (KB951376)
/ Windows XP / SP4: Security Update for Windows XP (KB951376-v2)
/ Windows XP / SP4: Security Update for Windows XP (KB951698)
/ Windows XP / SP4: Security Update for Windows XP (KB951748)
/ Windows XP / SP4: Update for Windows XP (KB951978)
/ Windows XP / SP4: Security Update for Windows XP (KB952004)
/ Windows XP / SP4: Hotfix for Windows XP (KB952287)
/ Windows XP / SP4: Security Update for Windows XP (KB952954)
/ Windows XP / SP4: Security Update for Windows XP (KB953155)
/ Windows XP / SP4: Update for Windows XP (KB953356)
/ Windows XP / SP4: Security Update for Windows XP (KB953838)
/ Windows XP / SP4: Security Update for Windows XP (KB953839)
/ Windows XP / SP4: Security Update for Windows XP (KB954211)
/ Windows XP / SP4: Security Update for Windows XP (KB954459)
/ Windows XP / SP4: Hotfix for Windows XP (KB954550-v5)
/ Windows XP / SP4: Security Update for Windows XP (KB954600)
/ Windows XP / SP4: Security Update for Windows XP (KB955069)
/ Windows XP / SP4: Update for Windows XP (KB955839)
/ Windows XP / SP4: Security Update for Windows XP (KB956390)
/ Windows XP / SP4: Security Update for Windows XP (KB956391)
/ Windows XP / SP4: Security Update for Windows XP (KB956572)
/ Windows XP / SP4: Security Update for Windows XP (KB956802)
/ Windows XP / SP4: Security Update for Windows XP (KB956803)
/ Windows XP / SP4: Security Update for Windows XP (KB956841)
/ Windows XP / SP4: Security Update for Windows XP (KB957095)
/ Windows XP / SP4: Security Update for Windows XP (KB957097)
/ Windows XP / SP4: Security Update for Windows XP (KB958215)
/ Windows XP / SP4: Security Update for Windows XP (KB958644)
/ Windows XP / SP4: Security Update for Windows XP (KB958687)
/ Windows XP / SP4: Security Update for Windows XP (KB958690)
/ Windows XP / SP4: Security Update for Windows XP (KB959426)
/ Windows XP / SP4: Security Update for Windows XP (KB960225)
/ Windows XP / SP4: Security Update for Windows XP (KB960714)
/ Windows XP / SP4: Security Update for Windows XP (KB960715)
/ Windows XP / SP4: Security Update for Windows XP (KB960803)
/ Windows XP / SP4: Hotfix for Windows XP (KB961118)
/ Windows XP / SP4: Security Update for Windows XP (KB961373)
/ Windows XP / SP4: Security Update for Windows XP (KB961501)
/ Windows XP / SP4: Security Update for Windows XP (KB963027)
/ Windows XP / SP4: Update for Windows XP (KB967715)
/ Windows XP / SP4: Security Update for Windows XP (KB968537)
/ Windows XP / SP4: Security Update for Windows XP (KB969898)
/ Windows XP / SP4: Security Update for Windows XP (KB970238)
/ Windows XP / SP4: Security Update for Windows XP (KB970483)--- Startup entries list ---
Located: HK_LM:Run,
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 392845E8D49B5F0E81AAC4D795000A8CLocated: HK_LM:Run, ATIPTA
command: "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 339968
MD5: 248F2C34A05DAA0DA62C83483AFCC603Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 52848
MD5: 8500D5C1AFFD58E1C0A076689F8AA573Located: HK_LM:Run, CHotkey
command: "zHotkey.exe"
file: C:\WINDOWS\zHotkey.exe
size: 543232
MD5: 3D0D57F60A1105575CEA82C29F68F980Located: HK_LM:Run, dvd43
command: "C:\Program Files\dvd43\dvd43_tray.exe"
file: C:\Program Files\dvd43\dvd43_tray.exe
size: 827904
MD5: EB378DECC942A412D267A6FE2BD72ABBLocated: HK_LM:Run, ehTray
command: "C:\WINDOWS\ehome\ehtray.exe"
file: C:\WINDOWS\ehome\ehtray.exe
size: 59392
MD5: F90137A9897071EDE961A5ABA4EA524FLocated: HK_LM:Run, Google Desktop Search
command: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
file: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
size: 30192
MD5: 9E37E0C528E1E3A79E215B6A4EEA2143Located: HK_LM:Run, Google Quick Search Box
command: "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
file: C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
size: 68592
MD5: 6D0BC5A3FD6C94E571E40218F10A319DLocated: HK_LM:Run, HostManager
command: "C:\Program Files\Common Files\AOL\1123358120\EE\AOLHostManager.exe"
file: C:\Program Files\Common Files\AOL\1123358120\EE\AOLHostManager.exe
size: 125528
MD5: 2E6ED35C3E2374BC63C8B91B90DA72E2Located: HK_LM:Run, NeroFilterCheck
command: "C:\WINDOWS\system32\NeroCheck.exe"
file: C:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3E4C03CEFAD8DE135263236B61A49C90Located: HK_LM:Run, Openwares LiveUpdate
command: "C:\Program Files\LiveUpdate\LiveUpdate.exe"
file: C:\Program Files\LiveUpdate\LiveUpdate.exe
size: 61440
MD5: 93CF2B93F02E52CD6FFFA567249F3F73Located: HK_LM:Run, Pure Networks Port Magic
command: "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
file: C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe
size: 99480
MD5: BA99C608A075C44026720D5383F3D75BLocated: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 98304
MD5: C341CCFBE98BC7DF6E0B856BB9FC265ALocated: HK_LM:Run, Reminder
command: "%WINDIR%\Creator\Remind_XP.exe"
file: C:\WINDOWS\Creator\Remind_XP.exe
size: 966656
MD5: BACC877DB547BD8F421891EBFB6282EDLocated: HK_LM:Run, RemoteControl
command: "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
file: C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
size: 32768
MD5: 8FB740D758B14B1BC950CC347C21E461Located: HK_LM:Run, SoundMan
command: "SOUNDMAN.EXE"
file: C:\WINDOWS\SOUNDMAN.EXE
size: 77824
MD5: D5D0CD6A04617A15C2DF76CD668FF540Located: HK_LM:Run, SpySweeper
command: "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
file: C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
size: 6345840
MD5: 1B39A43E3D701C10BFD38F9B23732820Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre6\bin\jusched.exe"
file: C:\Program Files\Java\jre6\bin\jusched.exe
size: 148888
MD5: D22D936F9AB0DA3B8EB7537284867708Located: HK_LM:Run, SunKistEM
command: "C:\Program Files\Digital Media Reader\shwiconem.exe"
file: C:\Program Files\Digital Media Reader\shwiconem.exe
size: 135168
MD5: 3B9723245419456C846F140DC148BF9FLocated: HK_LM:Run, USB2Check
command: "RUNDLL32.EXE" "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33280
MD5: 037B1E7798960E0420003D05BB577EE6Located: HK_LM:RunOnce, Malwarebytes' Anti-Malware
command: "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
file: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
size: 414992
MD5: CB8426F9B0E2C43FC96ACBE9EE2490BCLocated: HK_LM:RunOnce, PM_reg
command: "c:\windows\regedit.exe" /s c:\sysprep\Nic_pm.reg
file: c:\windows\regedit.exe
size: 146432
MD5: 058710B720282CA82B909912D3EF28DBLocated: HK_CU:RunOnce, RunNarrator
where: .DEFAULT...
command: Narrator.exe
file: C:\WINDOWS\system32\Narrator.exe
size: 53760
MD5: 21F839F2281473642AC2060F30E19DC7Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-917271988-257509740-879611092-1006...
command: "C:\WINDOWS\system32\ctfmon.exe"
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3Located: HK_CU:Run, Google Update
where: S-1-5-21-917271988-257509740-879611092-1006...
command: "C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
file: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
size: 133104
MD5: 626A24ED1228580B9518C01930936DF9Located: HK_CU:Run, MoeMonitor.exe
where: S-1-5-21-917271988-257509740-879611092-1006...
command: "C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.4\MoeMonitor.exe"
file: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.4\MoeMonitor.exe
size: 1321808
MD5: 834452EE61CADD0EC7EC78865AABE969Located: HK_CU:Run, NBJ
where: S-1-5-21-917271988-257509740-879611092-1006...
command: "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
file: C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
size: 1957888
MD5: 9CAB916797D8D39F78B8800C2A23ADD6Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-917271988-257509740-879611092-1006...
command: "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887Located: HK_CU:Run, swg
where: S-1-5-21-917271988-257509740-879611092-1006...
command: "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
file: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 39408
MD5: 5D61BE7DB55B026A5D61A3EED09D0EADLocated: HK_CU:Run, MSMSGS
where: S-1-5-21-917271988-257509740-879611092-500...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1695232
MD5: 3E930C641079443D4DE036167A69CAA2Located: HK_CU:RunOnce, RunNarrator
where: S-1-5-18...
command: Narrator.exe
file: C:\WINDOWS\system32\Narrator.exe
size: 53760
MD5: 21F839F2281473642AC2060F30E19DC7Located: Startup (common), Microsoft Office.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Microsoft Office\Office\OSA9.EXE
file: C:\Program Files\Microsoft Office\Office\OSA9.EXE
size: 65588
MD5: 2DD97A79BE486D07E6D1086300799C0BLocated: Startup (user), Picture Motion Browser Media Check Tool.lnk
where: C:\Documents and Settings\Owner\Start Menu\Programs\Startup...
command: C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
file: C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
size: 229376
MD5: 7974338AC9A890064CC5C9EF698A6B55Located: WinLogon, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!Located: WinLogon, dimsntfy
command: %SystemRoot%\System32\dimsntfy.dll
file: %SystemRoot%\System32\dimsntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!Located: WinLogon, wlcrdplauncher
command: C:\Program Files\Live Mesh\Remote Desktop\wlcrdplauncher.dll
file: C:\Program Files\Live Mesh\Remote Desktop\wlcrdplauncher.dll
size: 21824
MD5: 0D6E556C6557ED9FEE9F64F25C6AC75D--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Adobe PDF Reader Link Helper
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocxAcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.ht...
info source: TonyKlein
Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 10/22/2006 11:08:42 PM
Date (last access): 6/22/2009 7:03:42 PM
Date (last write): 10/22/2006 11:08:42 PM
Filesize: 62080
Attributes: archive
MD5: C11F6A1F61481E24BE3FDC06EA6F7D2A
CRC32: E388508F
Version: 8.0.0.456{53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Spybot-S&D IE Protection
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 6/18/2009 10:49:08 AM
Date (last access): 6/22/2009 7:03:42 PM
Date (last write): 1/26/2009 3:31:02 PM
Filesize: 1879896
Attributes: archive
MD5: 022C2F6DCCDFA0AD73024D254E62AFAC
CRC32: 5BA24007
Version: 1.6.2.14{A8F38D8D-E480-4D52-B7A2-731BB6995FDD} (NAV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: NAV Helper
CLSID name: CNavExtBho Class
Path: C:\Program Files\Norton AntiVirus\
Long name: NAVSHEXT.DLL
Short name:
Date (created): 9/23/2005 8:37:48 PM
Date (last access): 6/22/2009 7:03:42 PM
Date (last write): 5/23/2007 12:13:40 PM
Filesize: 140912
Attributes: archive
MD5: 488EBFD8A248EB6E26CD6840C6E3788C
CRC32: 1C84CFEE
Version: 12.8.0.4{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dllgoogletoolbar*.dll(* = number)googletoolbar_en_*.**-big.dllGoogletoolbar_en_*.*.**-deleon.dll
info link: http://toolbar.google.com/
info source: TonyKlein
Path: C:\Program Files\Google\Google Toolbar\
Long name: GoogleToolbar.dll
Short name: GOOGLE~1.DLL
Date (created): 6/5/2009 8:09:30 PM
Date (last access): 6/22/2009 7:03:44 PM
Date (last write): 6/5/2009 8:09:16 PM
Filesize: 259696
Attributes: archive
MD5: B2A3EE0D6570BAE9BD90892E0009A6AB
CRC32: 230192E8
Version: 6.1.1715.1442{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Notifier BHO
Path: C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\
Long name: swg.dll
Short name:
Date (created): 6/16/2009 10:18:20 AM
Date (last access): 6/22/2009 6:52:14 PM
Date (last write): 6/16/2009 10:18:20 AM
Filesize: 669168
Attributes: archive
MD5: 7C987CAB519BC858FD4DBB6B40EE4BD2
CRC32: 2CC83660
Version: 5.1.1309.15642{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} (Google Dictionary Compression sdch)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Google Dictionary Compression sdch
CLSID name: Google Dictionary Compression sdch
Path: C:\Program Files\Google\Google Toolbar\Component\
Long name: fastsearch_A8904FB862BD9564.dll
Short name: FASTSE~1.DLL
Date (created): 6/5/2009 8:09:16 PM
Date (last access): 6/22/2009 7:36:18 PM
Date (last write): 6/5/2009 8:09:16 PM
Filesize: 470512
Attributes: archive
MD5: E35BCCB1D1D96F8E5B09C72AF70EC3F6
CRC32: 73C702FE
Version: 1.0.610.27482{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 4/5/2009 7:20:30 PM
Date (last access): 6/22/2009 7:21:58 PM
Date (last write): 5/21/2009 11:34:00 AM
Filesize: 41368
Attributes: archive
MD5: 192E39C717013A0BD532B33AC29D6E7D
CRC32: 6D4D2A2E
Version: 6.0.140.8{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} (Google Gears Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Google Gears Helper
CLSID name: Google Gears Helper
Path: C:\Program Files\Google\Google Gears\Internet Explorer\0.5.23.0\
Long name: gears.dll
Short name:
Date (created): 6/9/2009 2:19:16 PM
Date (last access): 6/22/2009 11:16:54 AM
Date (last write): 6/9/2009 2:19:16 PM
Filesize: 2097152
Attributes: archive
MD5: 855DED1D7D3E4E7EFFC9D044DA6EF399
CRC32: 2A92F912
Version: 0.5.23.0{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (JQSIEStartDetectorImpl)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: JQSIEStartDetectorImpl
CLSID name: JQSIEStartDetectorImpl Class
Path: C:\Program Files\Java\jre6\lib\deploy\jqs\ie\
Long name: jqs_plugin.dll
Short name: JQS_PL~1.DLL
Date (created): 4/5/2009 7:20:30 PM
Date (last access): 6/22/2009 7:14:28 PM
Date (last write): 5/21/2009 11:33:40 AM
Filesize: 73728
Attributes: archive
MD5: 9A0CA264EC3210E77764C45AD7C5F339
CRC32: A8965ADA
Version: 6.0.140.8--- ActiveX list ---
{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://go.microsoft.com/fwlink/?linkid=39204
description:
classification: Legitimate
known filename: LegitCheckControl.DLL
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.dll
Short name: LEGITC~1.DLL
Date (created): 12/18/2005 6:03:44 PM
Date (last access): 6/22/2009 6:52:14 PM
Date (last write): 3/15/2007 6:19:28 PM
Filesize: 1476992
Attributes: archive
MD5: D1CB99ADBA9397D7D02B0B2DCFE47F1A
CRC32: ED982FE3
Version: 1.7.18.5{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_14
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_14...
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_14.dll
Short name: NPJPI1~1.DLL
Date (created): 5/21/2009 9:35:24 AM
Date (last access): 6/22/2009 10:23:14 AM
Date (last write): 5/21/2009 11:34:00 AM
Filesize: 136600
Attributes: archive
MD5: 104191689E114BEF5C92A6BD626FA4F3
CRC32: 9D46C674
Version: 6.0.140.8{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name:
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07...{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_14
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_14...
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_14.dll
Short name: NPJPI1~1.DLL
Date (created): 5/21/2009 9:35:24 AM
Date (last access): 6/22/2009 7:56:04 PM
Date (last write): 5/21/2009 11:34:00 AM
Filesize: 136600
Attributes: archive
MD5: 104191689E114BEF5C92A6BD626FA4F3
CRC32: 9D46C674
Version: 6.0.140.8{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_14
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_14...
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_14.dll
Short name: NPJPI1~1.DLL
Date (created): 5/21/2009 9:35:24 AM
Date (last access): 6/22/2009 7:56:04 PM
Date (last write): 5/21/2009 11:34:00 AM
Filesize: 136600
Attributes: archive
MD5: 104191689E114BEF5C92A6BD626FA4F3
CRC32: 9D46C674
Version: 6.0.140.8{D1278801-B2C0-4332-BD3E-2F64D2204EDF} (Windows Live Mesh Upload Tool)
DPF name:
CLSID name: Windows Live Mesh Upload Tool
Installer: C:\WINDOWS\Downloaded Program Files\TSWeb.inf
Codebase: https://www.mesh.com/0.9.4014.7/TSWeb.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: Microsoft.Live.Mesh.RichUpload.dll
Short name: MICROS~1.DLL
Date (created): 6/6/2009 10:13:30 PM
Date (last access): 6/18/2009 2:20:42 PM
Date (last write): 6/6/2009 10:13:30 PM
Filesize: 129872
Attributes: archive
MD5: B0C2221A7FBA3A26D9DF6F79430847DB
CRC32: 4FB81DAB
Version: 0.9.4014.7--- Process list ---
PID: 0 ( 0) [System]
PID: 516 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 576 ( 516) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 604 ( 516) \??\C:\WINDOWS\system32\winlogon.exe
size: 507904
PID: 652 ( 604) C:\WINDOWS\system32\services.exe
size: 110592
MD5: 65DF52F5B8B6E9BBD183505225C37315
PID: 664 ( 604) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: BF2466B3E18E970D8A976FB95FC1CA85
PID: 844 ( 652) C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
size: 1205760
MD5: CD4527C485D82FC5C31023661421F39B
PID: 864 ( 652) C:\WINDOWS\system32\Ati2evxx.exe
size: 352256
MD5: 3BDB99B092941DC1DB2B09629CBF41DA
PID: 888 ( 652) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 972 ( 652) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1032 ( 652) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1136 ( 652) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1212 ( 652) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1324 ( 652) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
size: 169584
MD5: 436F416AECA76315EFBB6BCFEA374DEF
PID: 1376 ( 604) C:\WINDOWS\system32\Ati2evxx.exe
size: 352256
MD5: 3BDB99B092941DC1DB2B09629CBF41DA
PID: 1464 (1412) C:\WINDOWS\Explorer.EXE
size: 1033728
MD5: 12896823FB95BFB3DC9B46BCAEDC9923
PID: 1580 ( 652) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
size: 192112
MD5: 937EB691B1F69936FD6F124B49821E83
PID: 1700 ( 652) C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
size: 214408
MD5: 0CB1E12D9741308B5A9CDC5C7D2A1D97
PID: 1716 ( 652) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
size: 1160800
MD5: 780DE647691972907D86194577F58C43
PID: 1764 ( 652) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
size: 1251720
MD5: FA2F6A8849219B16460BF44F9D1F3AA7
PID: 1908 ( 652) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: D8E14A61ACC1D4A6CD0D38AEBAC7FA3B
PID: 1988 ( 652) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 2028 ( 652) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
size: 100016
MD5: 7FB54900AA9792AB6307C699EC1859D4
PID: 232 ( 652) C:\WINDOWS\system32\cisvc.exe
size: 5632
MD5: 1CFE720EB8D93A7158A4EBC3AB178BDE
PID: 304 ( 652) C:\WINDOWS\eHome\ehRecvr.exe
size: 195584
MD5: 63F371F0248E3732A4821F86E6D0E370
PID: 364 ( 652) C:\WINDOWS\eHome\ehSched.exe
size: 102912
MD5: 16910F8B482919BB6035ED053B691692
PID: 448 (1032) C:\Program Files\Google\Update\GoogleUpdate.exe
size: 133104
MD5: 626A24ED1228580B9518C01930936DF9
PID: 900 ( 652) C:\WINDOWS\system32\inetsrv\inetinfo.exe
size: 15360
MD5: DB3C22745C0DA4666F3BE31F1AF36B2F
PID: 1124 ( 652) C:\Program Files\Java\jre6\bin\jqs.exe
size: 152984
MD5: 44FFBA62F0F426B581759C49AAFEC2E2
PID: 1172 ( 652) C:\Program Files\Norton AntiVirus\navapsvc.exe
size: 139888
MD5: 606C21D97649E5C44B94763380F07B7C
PID: 1260 ( 652) C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
size: 46704
MD5: E0191240EBFAF114C05593C50F8E8B19
PID: 1408 ( 652) C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
size: 172032
MD5: 33D7285F12D934268A34206DFC4AD1B3
PID: 2036 ( 652) C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
size: 4048240
MD5: 3102FD5F65B3CA05AADD1C1AA1A42220
PID: 2416 ( 652) C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe
size: 44880
MD5: 41497A3F79099C859E6DCCCE92EBAE80
PID: 3076 (1464) C:\WINDOWS\ehome\ehtray.exe
size: 59392
MD5: F90137A9897071EDE961A5ABA4EA524F
PID: 3140 (1464) C:\Program Files\Digital Media Reader\shwiconem.exe
size: 135168
MD5: 3B9723245419456C846F140DC148BF9F
PID: 3180 ( 888) C:\WINDOWS\eHome\ehmsas.exe
size: 45568
MD5: 04F893509C03C84F717A83189ED51336
PID: 3212 ( 652) C:\WINDOWS\system32\dllhost.exe
size: 5120
MD5: 0A9BA6AF531AFE7FA5E4FB973852D863
PID: 3224 (1464) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 339968
MD5: 248F2C34A05DAA0DA62C83483AFCC603
PID: 3264 (1464) C:\WINDOWS\zHotkey.exe
size: 543232
MD5: 3D0D57F60A1105575CEA82C29F68F980
PID: 3368 (1464) C:\WINDOWS\SOUNDMAN.EXE
size: 77824
MD5: D5D0CD6A04617A15C2DF76CD668FF540
PID: 3496 ( 652) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: 8C515081584A38AA007909CD02020B3D
PID: 3584 (1464) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
size: 32768
MD5: 8FB740D758B14B1BC950CC347C21E461
PID: 3604 (1464) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 52848
MD5: 8500D5C1AFFD58E1C0A076689F8AA573
PID: 3624 (1464) C:\Program Files\QuickTime\qttask.exe
size: 98304
MD5: C341CCFBE98BC7DF6E0B856BB9FC265A
PID: 3896 (1464) C:\Program Files\dvd43\dvd43_tray.exe
size: 827904
MD5: EB378DECC942A412D267A6FE2BD72ABB
PID: 4072 (1464) C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
size: 68592
MD5: 6D0BC5A3FD6C94E571E40218F10A319D
PID: 4088 (1464) C:\Program Files\Java\jre6\bin\jusched.exe
size: 148888
MD5: D22D936F9AB0DA3B8EB7537284867708
PID: 168 (1464) C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
size: 6345840
MD5: 1B39A43E3D701C10BFD38F9B23732820
PID: 1360 (1464) C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
size: 133104
MD5: 626A24ED1228580B9518C01930936DF9
PID: 252 (1464) C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.4\MoeMonitor.exe
size: 1321808
MD5: 834452EE61CADD0EC7EC78865AABE969
PID: 560 (1464) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 39408
MD5: 5D61BE7DB55B026A5D61A3EED09D0EAD
PID: 1156 (1464) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3
PID: 2524 (1464) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887
PID: 464 ( 888) C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Live Mesh\GacBase\Moe.exe
size: 216912
MD5: E8445EF98AFE9806FAAFE4FA0D5FB39C
PID: 248 ( 652) C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
size: 750720
MD5: BDFD869422054A90372BF26FF4442C27
PID: 756 ( 232) C:\WINDOWS\system32\cidaemon.exe
size: 8192
MD5: 582304F6F1946FA5068CF143D729D7ED
PID: 2376 (2036) C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
size: 165232
MD5: 0CC37E9EEF79E7783143F178B2C54D2E
PID: 1192 ( 232) C:\WINDOWS\system32\cidaemon.exe
size: 8192
MD5: 582304F6F1946FA5068CF143D729D7ED
PID: 1384 (1464) C:\Program Files\Mozilla Firefox\firefox.exe
size: 307704
MD5: 26C3F01DF1B1AA6CFEC22D75F1E072F9
PID: 3556 (2524) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 1608 (3100) C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
size: 215552
MD5: 14F8175B68DBD65266A77E96E0ABAEF6
PID: 1644 (3780) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
size: 1287440
MD5: 8C011B63EC5B2ABFBF4CCF5212794F52
PID: 3384 (2028) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
size: 46768
MD5: CAF7C2FDDADF73A02AC84C6FB6030BBF
PID: 1924 (1464) C:\WINDOWS\system32\rundll32.exe
size: 33280
MD5: 037B1E7798960E0420003D05BB577EE6
PID: 816 ( 888) C:\Program Files\Messenger\msmsgs.exe
size: 1695232
MD5: 3E930C641079443D4DE036167A69CAA2
PID: 4 ( 0) System--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 6/22/2009 7:56:27 PMHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.google.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/search?q=%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/search?q=%s--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service ProviderProtocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service ProviderProtocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A8AC9E9E-DB02-477E-9A31-B4DC5392FDA2}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A8AC9E9E-DB02-477E-9A31-B4DC5392FDA2}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5F443DFA-482F-4CE4-978B-EFD631E2F689}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5F443DFA-482F-4CE4-978B-EFD631E2F689}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1A14CA04-C5BB-4E0E-897F-55611262DC00}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1A14CA04-C5BB-4E0E-897F-55611262DC00}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{03947A36-5B8A-43B3-8A41-72B75A842FB1}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{03947A36-5B8A-43B3-8A41-72B75A842FB1}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{464EEA8C-7E5D-4AA8-8A6F-77DFC08C1E50}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{464EEA8C-7E5D-4AA8-8A6F-77DFC08C1E50}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0DEE3E96-DA77-4923-9180-D814EE91BEB5}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0DEE3E96-DA77-4923-9180-D814EE91BEB5}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{102CC386-FFFD-4376-8870-62A1A71BCEE1}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{102CC386-FFFD-4376-8870-62A1A71BCEE1}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IPNamespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDSNamespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace--- System Services ---
Service (registry key): .NET CLR Data
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): .NET CLR Networking
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): .NET Data Provider for Oracle
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): .NET Data Provider for SqlServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): .NETFramework
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): Abiosdsk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0Service (registry key): abp480n5
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ABP480N5.SYS
Image size: 23552
Image MD5: 6ABB91494FE6C59089B9336452AB2EA3
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): ACPI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft ACPI Driver
Image path: system32\DRIVERS\ACPI.sys
Image size: 187776
Image MD5: 8FD99680A539792A30E97944FDAECF17
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): ACPIEC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1Service (registry key): adpu160m
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\adpu160m.sys
Image size: 101888
Image MD5: 9A11864873DA202C996558B2106B0BBC
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): aec
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel Acoustic Echo Canceller
Image path: system32\drivers\aec.sys
Image size: 142592
Image MD5: 8BED39E3C35D6A489438B8141717A557
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): AFD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AFD
Description: AFD Networking Support Environment
Image path: \SystemRoot\System32\drivers\afd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): agp440
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel AGP Bus Filter
Image path: system32\DRIVERS\agp440.sys
Image size: 42368
Image MD5: 08FD04AA961BDC77FB983F328334E3D7
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): agpCPQ
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Compaq AGP Bus Filter
Image path: system32\DRIVERS\agpCPQ.sys
Image size: 44928
Image MD5: 03A7E0922ACFE1B07D5DB2EEB0773063
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): Aha154x
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\aha154x.sys
Image size: 12800
Image MD5: C23EA9B5F46C7F7910DB3EAB648FF013
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): aic78u2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\aic78u2.sys
Image size: 55168
Image MD5: 19DD0FB48B0C18892F70E2E7D61A1529
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): aic78xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\aic78xx.sys
Image size: 56960
Image MD5: B7FE594A7468AA0132DEB03FB8E34326
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): ALCXWDM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Service for Realtek AC97 Audio (WDM)
Image path: system32\drivers\ALCXWDM.SYS
Image size: 2317504
Image MD5: 95AA37BEC6C72C277C2CAEAEE736DD2D
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): Alerter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Alerter
Description: Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstationService (registry key): ALG
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Application Layer Gateway Service
Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 44544
Image MD5: 8C515081584A38AA007909CD02020B3D
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1Service (registry key): AliIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\aliide.sys
Image size: 5248
Image MD5: 1140AB9938809700B46BB88E46D72A96
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): alim1541
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ALI AGP Bus Filter
Image path: system32\DRIVERS\alim1541.sys
Image size: 42752
Image MD5: CB08AED0DE2DD889A8A820CD8082D83C
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): amdagp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AMD AGP Bus Filter Driver
Image path: system32\DRIVERS\amdagp.sys
Image size: 43008
Image MD5: 95B4FB835E28AA1336CEEB07FD5B9398
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): amsint
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\amsint.sys
Image size: 12032
Image MD5: 79F5ADD8D24BD6893F2903A3E2F3FAD6
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): AOL TopSpeedMonitor
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AOL TopSpeed Monitor
Object name: LocalSystem
Image path: C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
Image size: 100016
Image MD5: 7FB54900AA9792AB6307C699EC1859D4
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 0Service (registry key): AppMgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Application Management
Description: Provides software installation services such as Assign, Publish, and Remove.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1Service (registry key): Arp1394
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: 1394 ARP Client Protocol
Description: 1394 ARP Client Protocol
Image path: system32\DRIVERS\arp1394.sys
Image size: 60800
Image MD5: B5B8A80875C1DEDEDA8B02765642C32F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: TcpipService (registry key): asc
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\asc.sys
Image size: 26496
Image MD5: 62D318E9A0C8FC9B780008E724283707
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): asc3350p
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\asc3350p.sys
Image size: 22400
Image MD5: 69EB0CC7714B32896CCBFD5EDCBEA447
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): asc3550
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\asc3550.sys
Image size: 14848
Image MD5: 5D8DE112AA0254B907861E9E9C31D597
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): ASCTRM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ASCTRM
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1Service (registry key): ASP
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): ASP.NET
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): ASP.NET_1.1.4322
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): ASP.NET_2.0.50727
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): aspnet_state
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ASP.NET State Service
Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
Image size: 34312
Image MD5: 0E5E4957549056E2BF2C49F4F6B601AD
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1Service (registry key): AsyncMac
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: RAS Asynchronous Media Driver
Description: RAS Asynchronous Media Driver
Image path: system32\DRIVERS\asyncmac.sys
Image size: 14336
Image MD5: B153AFFAC761E7F5FCFA822B9C4E97BC
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): atapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Standard IDE/ESDI Hard Disk Controller
Image path: system32\DRIVERS\atapi.sys
Image size: 96512
Image MD5: 9F3A2F5AA6875C72BF062C712CFA2674
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): Atdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0Service (registry key): Ati HotKey Poller
Registry path: \SYSTEM\CurrentControlSet\Services\
Object name: LocalSystem
Image path: %SystemRoot%\system32\Ati2evxx.exe
Image size: 352256
Image MD5: 3BDB99B092941DC1DB2B09629CBF41DA
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1Service (registry key): ati2mtag
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ati2mtag.sys
Image size: 1032192
Image MD5: E564F459722294F0E3A47527783BD03C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): Atierecord
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): Atmarpc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ATM ARP Client Protocol
Description: ATM ARP Client Protocol
Image path: system32\DRIVERS\atmarpc.sys
Image size: 59904
Image MD5: 9916C1225104BA14794209CFA8012159
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: TcpipService (registry key): AudioSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Audio
Description: Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSsService (registry key): audstub
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Audio Stub Driver
Image path: system32\DRIVERS\audstub.sys
Image size: 3072
Image MD5: D9F724AA26C010A217C97606B160ED68
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): BattC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): Beep
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): BITS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Background Intelligent Transfer Service
Description: Transfers files in the background using idle network bandwidth. If the service is stopped, features such as Windows Update, and MSN Explorer will be unable to automatically download programs and other information. If this service is disabled, any services that explicitly depend on it may fail to transfer files if they do not have a fail safe mechanism to transfer files directly through IE in case BITS has been disabled.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcssService (registry key): Browser
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Computer Browser
Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,LanmanServerService (registry key): BVRPMPR5
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: BVRPMPR5 NDIS Protocol Driver
Image path: \??\C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
Image size: 49904
Image MD5: 248DFA5762DDE38DFDDBBD44149E9D7A
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): cbidf
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\cbidf2k.sys
Image size: 13952
Image MD5: 90A673FC8E12A79AFBED2576F6A7AAF9
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): cbidf2k
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1Service (registry key): CCDECODE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Closed Caption Decoder
Image path: system32\DRIVERS\CCDECODE.sys
Image size: 17024
Image MD5: 0BE5AEF125BE881C4F854C554F2B025C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): ccEvtMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Event Manager
Description: Event propagation and logging service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
Image size: 192112
Image MD5: 937EB691B1F69936FD6F124B49821E83
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0
Depends On services: RPCSS,ccSetMgrService (registry key): ccSetMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Settings Manager
Description: Settings storage and management service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
Image size: 169584
Image MD5: 436F416AECA76315EFBB6BCFEA374DEF
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0
Depends On services: RPCSSService (registry key): cd20xrnt
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\cd20xrnt.sys
Image size: 7680
Image MD5: F3EC03299634490E97BBCE94CD2954C7
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): Cdaudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0Service (registry key): Cdfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"Service (registry key): Cdr4_xp
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): Cdralw2k
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0Service (registry key): Cdrom
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD-ROM Driver
Image path: system32\DRIVERS\cdrom.sys
Image size: 62976
Image MD5: 1F4260CC5B42272D71F79E570A27A4FE
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"Service (registry key): Changer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0Service (registry key): CiSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Indexing Service
Description: Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language.
Object name: LocalSystem
Image path: %SystemRoot%\system32\cisvc.exe
Image size: 5632
Image MD5: 1CFE720EB8D93A7158A4EBC3AB178BDE
Control Set: CurrentControlSet
Start: 2
Type: 288
Error Control: 1
Depends On services: RPCSSService (registry key): ClipSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ClipBook
Description: Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\clipsrv.exe
Image size: 33280
Image MD5: 34CBE729F38138217F9C80212A2A0C82
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 1
Depends On services: NetDDEService (registry key): clr_optimization_v2.0.50727_32
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: .NET Runtime Optimization Service v2.0.50727_X86
Description: Microsoft .NET Framework NGEN
Object name: LocalSystem
Image path: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Image size: 69632
Image MD5: D87ACAED61E417BBA546CED5E7E36D9C
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0Service (registry key): CmdIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\cmdide.sys
Image size: 6656
Image MD5: E5DCB56C533014ECBC556A8357C929D5
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): COMSysApp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: COM+ System Application
Description: Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Image size: 5120
Image MD5: 0A9BA6AF531AFE7FA5E4FB973852D863
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: rpcssService (registry key): ContentFilter
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): ContentIndex
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): Cpqarray
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\cpqarray.sys
Image size: 14976
Image MD5: 3EE529119EED34CD212A215E8C40D4B6
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): CryptSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Cryptographic Services
Description: Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSsService (registry key): dac2w2k
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\dac2w2k.sys
Image size: 179584
Image MD5: E550E7418984B65A78299D248F0A7F36
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): dac960nt
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\dac960nt.sys
Image size: 14720
Image MD5: 683789CAA3864EB46125AE86FF677D34
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): DCamUSBEMPIA
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Dazzle DVC Video Device
Image path: system32\DRIVERS\emDevice.sys
Image size: 100957
Image MD5: 5118EA8A2F55FA4D4295516500B78229
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): DcomLaunch
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DCOM Server Process Launcher
Description: Provides launch functionality for DCOM services.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost -k DcomLaunch
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1Service (registry key): Dhcp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DHCP Client
Description: Manages network configuration by registering and updating IP addresses and DNS names.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd,NetBTService (registry key): Disk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Disk Driver
Image path: system32\DRIVERS\disk.sys
Image size: 36352
Image MD5: 044452051F3E02E7963599FC8F4F3E25
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"Service (registry key): dmadmin
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logical Disk Manager Administrative Service
Description: Configures hard disk drives and volumes. The service only runs for configuration processes and then stops.
Object name: LocalSystem
Image path: %SystemRoot%\System32\dmadmin.exe /com
Image size: 224768
Image MD5: E46050330BD42F33609117F861E32D3C
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay,DmServerService (registry key): dmboot
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\drivers\dmboot.sys
Image size: 799744
Image MD5: D992FE1274BDE0F84AD826ACAE022A41
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1Service (registry key): dmio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logical Disk Manager Driver
Image path: System32\drivers\dmio.sys
Image size: 153344
Image MD5: 7C824CF7BBDE77D95C08005717A95F6F
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): dmload
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\drivers\dmload.sys
Image size: 5888
Image MD5: E9317282A63CA4D188C0DF5E09C6AC5F
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): dmserver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Logical Disk Manager
Description: Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlayService (registry key): DMusic
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel DLS Syntheiszer
Image path: system32\drivers\DMusic.sys
Image size: 52864
Image MD5: 8A208DFCF89792A484E76C40E5F50B45
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): Dnscache
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: DNS Client
Description: Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: TcpipService (registry key): Dot3svc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Wired AutoConfig
Description: This service performs IEEE 802.1X authentication on Ethernet interfaces
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k dot3svc
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Ndisuio,eaphostService (registry key): dpti2o
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\dpti2o.sys
Image size: 20192
Image MD5: 40F3B93B4E5B0126F2F5C0A7A5E22660
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): drmkaud
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel DRM Audio Descrambler
Image path: system32\drivers\drmkaud.sys
Image size: 2944
Image MD5: 8F5FCFF8E8848AFAC920905FBD9D33C8
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): dvd43llh
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: dvd43llh
Image path: System32\DRIVERS\dvd43llh.sys
Image size: 18816
Image MD5: 1FC1EED3EA0C3A0ECF8A95B97E1B4831
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): EapHost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Extensible Authentication Protocol Service
Description: Provides windows clients Extensible Authentication Protocol Service
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k eapsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSsService (registry key): eeCtrl
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Eraser Control driver
Image path: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
Image size: 384360
Image MD5: CF06C54CBCCF071E1EE322ADB8EBD982
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: FltMgrService (registry key): ehRecvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Media Center Receiver Service
Description: Media Center Service for TV and FM broadcast reception
Object name: LocalSystem
Image path: C:\WINDOWS\eHome\ehRecvr.exe
Image size: 195584
Image MD5: 63F371F0248E3732A4821F86E6D0E370
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSSService (registry key): ehSched
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Media Center Scheduler Service
Object name: LocalSystem
Image path: C:\WINDOWS\eHome\ehSched.exe
Image size: 102912
Image MD5: 16910F8B482919BB6035ED053B691692
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSSService (registry key): emAudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Dazzle DVC Audio Device
Image path: system32\drivers\emAudio.sys
Image size: 22528
Image MD5: 200DA4F1964C11B3C19A07F937394624
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): EraserUtilRebootDrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: EraserUtilRebootDrv
Image path: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
Image size: 99176
Image MD5: FD1C2188857A43FB762BF2A947AB1778
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): ERSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Error Reporting Service
Description: Allows error reporting for services and applictions running in non-standard environments.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSsService (registry key): Eventlog
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Event Log
Description: Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 110592
Image MD5: 65DF52F5B8B6E9BBD183505225C37315
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1Service (registry key): EventSystem
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: COM+ Event System
Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSSService (registry key): Fastfat
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1Service (registry key): FastUserSwitchingCompatibility
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Fast User Switching Compatibility
Description: Provides management for applications that require assistance in a multiple user environment.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: TermServiceService (registry key): Fdc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Floppy Disk Controller Driver
Image path: system32\DRIVERS\fdc.sys
Image size: 27392
Image MD5: 92CDD60B6730B9F50F6A1A0C1F8CDC81
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): FiltUSBEMPIA
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB Device Lower Filter
Image path: system32\DRIVERS\emFilter.sys
Image size: 5245
Image MD5: 6F87E4706F59463B74BC4FAD0F67338F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): Fips
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): Flpydisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Floppy Disk Driver
Image path: system32\DRIVERS\flpydisk.sys
Image size: 20480
Image MD5: 9D27E7B80BFCDF1CDD9B555862D5E7F0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): FltMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: FltMgr
Description: File System Filter Manager Driver
Image path: system32\drivers\fltmgr.sys
Image size: 129792
Image MD5: B2CF4B0786F8212CB92ED2B50C6DB6B0
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1Service (registry key): FontCache3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Presentation Foundation Font Cache 3.0.0.0
Description: Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications.
Object name: NT AUTHORITY\LocalService
Image path: C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
Image size: 46104
Image MD5: 8BA7C024070F2B7FDD98ED8A4BA41789
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1Service (registry key): Fs_Rec
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 8
Error Control: 0Service (registry key): Ftdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Volume Manager Driver
Image path: system32\DRIVERS\ftdisk.sys
Image size: 125056
Image MD5: 6AC26732762483366C3969C9E4D2259D
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): GoogleDesktopManager-092308-165331
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Google Desktop Manager 5.8.809.23506
Description: Updates Google Desktop with the latest security fixes, enhancements and features. This service only runs occasionally and thus does not affect your computer's performance. If this service is stopped or disabled, Google Desktop may not function correctly.
Object name: LocalSystem
Image path: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"
Image size: 30192
Image MD5: 9E37E0C528E1E3A79E215B6A4EEA2143
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSSService (registry key): Gpc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Generic Packet Classifier
Description: Generic Packet Classifier
Image path: system32\DRIVERS\msgpc.sys
Image size: 35072
Image MD5: 0A02C63C8B144BD8C86B103DEE7C86A2
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): gupdate1c9c38cf79b2ef0
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Google Update Service (gupdate1c9c38cf79b2ef0)
Description: Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it.
Object name: LocalSystem
Image path: "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
Image size: 133104
Image MD5: 626A24ED1228580B9518C01930936DF9
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSSService (registry key): gusvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Google Software Updater
Description: Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work.
Object name: LocalSystem
Image path: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
Image size: 183280
Image MD5: 5467F1FF0AF264566740F67E8B810735
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0
Depends On services: RPCSSService (registry key): helpsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Help and Support
Description: Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSSService (registry key): HidServ
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Human Interface Device Access
Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSsService (registry key): HidUsb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft HID Class Driver
Image path: system32\DRIVERS\hidusb.sys
Image size: 10368
Image MD5: CCF82C5EC8A7326C3066DE870C06DAF1
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): hkmsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Health Key and Certificate Management Service
Description: Manages health certificates and keys (used by NAP)
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSsService (registry key): hpn
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\hpn.sys
Image size: 25952
Image MD5: B028377DEA0546A5FCFBA928A8AEFAE0
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): HSFHWBS2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\HSFHWBS2.sys
Image size: 220032
Image MD5: 33DFC0AFA95F9A2C753FF2ADB7D4A21F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): HSF_DP
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\HSF_DP.sys
Image size: 1041536
Image MD5: B2DFC168D6F7512FAEA085253C5A37AD
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): HTTP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: HTTP
Description: This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start.
Image path: System32\Drivers\HTTP.sys
Image size: 264832
Image MD5: F6AACF5BCE2893E0C1754AFEB672E5C9
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): HTTPFilter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: HTTP SSL
Description: This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k HTTPFilter
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTPService (registry key): i2omgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): i2omp
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\i2omp.sys
Image size: 18560
Image MD5: F10863BF1CCC290BABD1A09188AE49E0
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): i8042prt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: i8042 Keyboard and PS/2 Mouse Port Driver
Image path: system32\DRIVERS\i8042prt.sys
Image size: 52480
Image MD5: 4A0B06AA8943C1E332520F7440C0AA30
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): idsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows CardSpace
Description: Securely enables the creation, management, and disclosure of digital identities.
Object name: LocalSystem
Image path: "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
Image size: 881664
Image MD5: C01AC32DC5C03076CFB852CB5DA5229C
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1Service (registry key): IISADMIN
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IIS Admin
Description: Allows administration of Web and FTP services through the Internet Information Services snap-in
Object name: LocalSystem
Image path: C:\WINDOWS\system32\inetsrv\inetinfo.exe
Image size: 15360
Image MD5: DB3C22745C0DA4666F3BE31F1AF36B2F
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,SamSSService (registry key): Imapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD-Burning Filter Driver
Image path: system32\DRIVERS\imapi.sys
Image size: 42112
Image MD5: 083A052659F5310DD8B6A6CB05EDCF8E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): ImapiService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IMAPI CD-Burning COM Service
Description: Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\imapi.exe
Image size: 150528
Image MD5: 30DEAF54A9755BB8546168CFE8A6B5E1
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1Service (registry key): inetaccs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): InetInfo
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): ini910u
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ini910u.sys
Image size: 16000
Image MD5: 4A40E045FAEE58631FD8D91AFC620719
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): Inport
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): IntelIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\intelide.sys
Image size: 5504
Image MD5: B5466A9250342A7AA0CD1FBA13420678
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): intelppm
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 0
Error Control: 0Service (registry key): Ip6Fw
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPv6 Windows Firewall Driver
Description: Provides intrusion prevention service for a home or small office network.
Image path: system32\drivers\ip6fw.sys
Image size: 36608
Image MD5: 3BB22519A194418D5FEC05D800A19AD0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): IpFilterDriver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Image path: system32\DRIVERS\ipfltdrv.sys
Image size: 32896
Image MD5: 731F22BA402EE4B62748ADAF6363C182
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: TcpipService (registry key): IpInIp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP in IP Tunnel Driver
Description: IP in IP Tunnel Driver
Image path: system32\DRIVERS\ipinip.sys
Image size: 20864
Image MD5: B87AB476DCF76E72010632B5550955F5
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: TcpipService (registry key): IpNat
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP Network Address Translator
Description: IP Network Address Translator
Image path: system32\DRIVERS\ipnat.sys
Image size: 152832
Image MD5: CC748EA12C6EFFDE940EE98098BF96BB
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: TcpipService (registry key): IPSec
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPSEC driver
Description: IPSEC driver
Image path: system32\DRIVERS\ipsec.sys
Image size: 75264
Image MD5: 23C74D75E36E7158768DD63D92789A91
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): IRENUM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IR Enumerator Service
Image path: system32\DRIVERS\irenum.sys
Image size: 11264
Image MD5: C93C9FF7B04D772627A3646D89F7BF89
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): ISAPISearch
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): isapnp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PnP ISA/EISA Bus Driver
Image path: system32\DRIVERS\isapnp.sys
Image size: 37248
Image MD5: 05A299EC56E52649B1CF2FC52D20F2D7
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3Service (registry key): JavaQuickStarterService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Java Quick Starter
Description: Prefetches JRE files for faster startup of Java applets and applications
Object name: LocalSystem
Image path: "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
Image size: 152984
Image MD5: 44FFBA62F0F426B581759C49AAFEC2E2
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1Service (registry key): Kbdclass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Keyboard Class Driver
Image path: system32\DRIVERS\kbdclass.sys
Image size: 24576
Image MD5: 463C1EC80CD17420A542B7F36A36F128
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): kbdhid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Keyboard HID Driver
Image path: system32\DRIVERS\kbdhid.sys
Image size: 14592
Image MD5: 9EF487A186DEA361AA06913A75B3FA99
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0Service (registry key): kmixer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel Wave Audio Mixer
Image path: system32\drivers\kmixer.sys
Image size: 172416
Image MD5: 692BCF44383D056AED41B045A323D378
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): KSecDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): lanmanserver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Server
Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1Service (registry key): lanmanworkstation
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Workstation
Description: Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1Service (registry key): lbrtfdc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0Service (registry key): ldap
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): LicenseService
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): LmHosts
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TCP/IP NetBIOS Helper
Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: NetBT,AfdService (registry key): MarvinBus
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Pinnacle Marvin Bus
Image path: system32\DRIVERS\MarvinBus.sys
Image size: 171520
Image MD5: A3E700D78EEC390F1208098CDCA5C6B6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): MBAMSwissArmy
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MBAMSwissArmy
Image path: \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys
Image size: 38160
Image MD5: 148D5D488BA502381C2B7B615F7F84CF
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): mdmxsdk
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\mdmxsdk.sys
Image size: 13059
Image MD5: 3C318B9CD391371BED62126581EE9961
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0Service (registry key): Messenger
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Messenger
Description: Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,NetBIOS,PlugPlay,RpcSSService (registry key): MHN
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MHN
Description: Multimedia Home Networking (MHN) is a networking platform for Audio Video (AV) streaming applications on IP home networks. MHN enhances AV streaming performance and reliability by ensuring network quality-of-service (QoS) for AV applications by providing mechanisms for admission control, run time monitoring and enforcement, application feedback, and traffic prioritization.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: TcpIp,Afd,RpcSs,mhndrvService (registry key): MHNDRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MHN driver
Description: Multimedia Home Network component driver
Image path: system32\DRIVERS\mhndrv.sys
Image size: 11008
Image MD5: 7F2F1D2815A6449D346FCCCBC569FBD6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): mnmdd
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0Service (registry key): mnmsrvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetMeeting Remote Desktop Sharing
Description: Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\mnmsrvc.exe
Image size: 32768
Image MD5: D18F1F0C101D06A1C1ADF26EED16FCDD
Control Set: CurrentControlSet
Start: 3
Type: 272
Error Control: 1Service (registry key): Modem
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): Mouclass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mouse Class Driver
Image path: system32\DRIVERS\mouclass.sys
Image size: 23040
Image MD5: 35C9E97194C8CFB8430125F8DBC34D04
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): mouhid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mouse HID Driver
Image path: system32\DRIVERS\mouhid.sys
Image size: 12160
Image MD5: B1C303E17FB9D46E87A98E4BA6769685
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): MountMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mount Point Manager
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): MPE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: BDA MPE Filter
Image path: system32\DRIVERS\MPE.sys
Image size: 15232
Image MD5: C0F8E0C2C3C0437CF37C6781896DC3EC
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): mraid35x
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\mraid35x.sys
Image size: 17280
Image MD5: 3F4BB95E5A44F3BE34824E8E7CAF0737
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): MRxDAV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WebDav Client Redirector
Description: WebDav Client Redirector
Image path: system32\DRIVERS\mrxdav.sys
Image size: 180608
Image MD5: 11D42BB6206F33FBB3BA0288D3EF81BD
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1Service (registry key): MRxSmb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MRXSMB
Description: MRXSMB
Image path: system32\DRIVERS\mrxsmb.sys
Image size: 455296
Image MD5: 60AE98742484E7AB80C3C1450E708148
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1Service (registry key): MSDTC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Distributed Transaction Coordinator
Description: Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: C:\WINDOWS\system32\msdtc.exe
Image size: 6144
Image MD5: A137F1470499A205ABBB9AAFB3B6F2B1
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS,SamSSService (registry key): MSDTC Bridge 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): Msfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1Service (registry key): MSFtpsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: FTP Publishing
Description: Provides FTP connectivity and administration through the Internet Information Services snap-in
Object name: LocalSystem
Image path: %SystemRoot%\system32\inetsrv\inetinfo.exe
Image size: 15360
Image MD5: DB3C22745C0DA4666F3BE31F1AF36B2F
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: IISADMINService (registry key): MSIServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Installer
Description: Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\msiexec.exe /V
Image size: 78848
Image MD5: 5879D691E842574A20FE63817CB76DF9
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSsService (registry key): MSKSSRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Service Proxy
Image path: system32\drivers\MSKSSRV.sys
Image size: 7552
Image MD5: D1575E71568F4D9E14CA56B7B0453BF1
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): MSPCLOCK
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Clock Proxy
Image path: system32\drivers\MSPCLOCK.sys
Image size: 5376
Image MD5: 325BB26842FC7CCC1FCCE2C457317F3E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): MSPQM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Quality Manager Proxy
Image path: system32\drivers\MSPQM.sys
Image size: 4992
Image MD5: BAD59648BA099DA4A17680B39730CB3D
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): mssmbios
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft System Management BIOS Driver
Image path: system32\DRIVERS\mssmbios.sys
Image size: 15488
Image MD5: AF5F4F3F14A8EA2C26DE30F7A1E17136
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): MSTEE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Tee/Sink-to-Sink Converter
Image path: system32\drivers\MSTEE.sys
Image size: 5504
Image MD5: E53736A9E30C45FA9E7B5EAC55056D1D
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): Mup
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mup
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1Service (registry key): mxnic
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Macronix MX987xx Family Fast Ethernet NT Driver
Image path: system32\DRIVERS\mxnic.sys
Image size: 19968
Image MD5: E1CDF20697D992CF83FF86DD04DF1285
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): NABTSFEC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NABTS/FEC VBI Codec
Image path: system32\DRIVERS\NABTSFEC.sys
Image size: 85248
Image MD5: 5B50F1B2A2ED47D560577B221DA734DB
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): napagent
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Access Protection Agent
Description: Allows windows clients to participate in Network Access Protection
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSsService (registry key): navapsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Norton AntiVirus Auto-Protect Service
Description: Handles Norton AntiVirus Auto-Protect events.
Object name: LocalSystem
Image path: "C:\Program Files\Norton AntiVirus\navapsvc.exe"
Image size: 139888
Image MD5: 606C21D97649E5C44B94763380F07B7C
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSSService (registry key): NAVENG
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NAVENG
Image path: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060908.024\NAVENG.Sys
Image size: 79240
Image MD5: 0F4C87F9594787B4FC2928D381A3D801
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): NAVEX15
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NAVEX15
Image path: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060908.024\NavEx15.Sys
Image size: 828872
Image MD5: ACD6D7ECBD38B3B1A573D97148D3C907
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): NDIS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NDIS System Driver
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): NdisIP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft TV/Video Connection
Image path: system32\DRIVERS\NdisIP.sys
Image size: 10880
Image MD5: 7FF1F1FD8609C149AA432F95A8163D97
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): NdisTapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Image path: system32\DRIVERS\ndistapi.sys
Image size: 10112
Image MD5: 1AB3D00C991AB086E69DB84B6C0ED78F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): Ndisuio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Image path: system32\DRIVERS\ndisuio.sys
Image size: 14592
Image MD5: F927A4434C5028758A842943EF1A3849
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): NdisWan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access NDIS WAN Driver
Description: Remote Access NDIS WAN Driver
Image path: system32\DRIVERS\ndiswan.sys
Image size: 91520
Image MD5: EDC1531A49C80614B2CFDA43CA8659AB
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): NDProxy
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): NetBIOS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetBIOS Interface
Description: NetBIOS Interface
Image path: system32\DRIVERS\netbios.sys
Image size: 34688
Image MD5: 5D81CF9A2F1A3A756B66CF684911CDF0
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1Service (registry key): NetBT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetBios over Tcpip
Description: NetBios over Tcpip
Image path: system32\DRIVERS\netbt.sys
Image size: 162816
Image MD5: 74B2B2F5BEA5E9A3DC021D685551BD3D
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: TcpipService (registry key): NetDDE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network DDE
Description: Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 111104
Image MD5: B857BA82860D7FF85AE29B095645563B
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: NetDDEDSDMService (registry key): NetDDEdsdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network DDE DSDM
Description: Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 111104
Image MD5: B857BA82860D7FF85AE29B095645563B
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1Service (registry key): Netlogon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Net Logon
Description: Supports pass-through authentication of account logon events for computers in a domain.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: BF2466B3E18E970D8A976FB95FC1CA85
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: LanmanWorkstationService (registry key): Netman
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Connections
Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 288
Error Control: 1
Depends On services: RpcSsService (registry key): NetTcpPortSharing
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Net.Tcp Port Sharing Service
Description: Provides ability to share TCP ports over the net.tcp protocol.
Object name: NT AUTHORITY\LocalService
Image path: "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Image size: 132096
Image MD5: D34612C5D02D026535B3095D620626AE
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1Service (registry key): NIC1394
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: 1394 Net Driver
Image path: system32\DRIVERS\nic1394.sys
Image size: 61824
Image MD5: E9E47CFB2D461FA0FC75B7A74C6383EA
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): Nla
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Location Awareness (NLA)
Description: Collects and stores network configuration and location information, and notifies applications when this information changes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Tcpip,AfdService (registry key): NPFMntor
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Norton AntiVirus Firewall Monitor Service
Description: Detects installation of Symantec Firewall clients
Object name: LocalSystem
Image path: "C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe"
Image size: 46704
Image MD5: E0191240EBFAF114C05593C50F8E8B19
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0Service (registry key): Npfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1Service (registry key): NSCService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Norton Protection Center Service
Description: Norton Console Service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE"
Image size: 750720
Image MD5: BDFD869422054A90372BF26FF4442C27
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0Service (registry key): Ntfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1Service (registry key): NTFSDRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): NtLmSsp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NT LM Security Support Provider
Description: Provides security to remote procedure call (RPC) programs that use transports other than named pipes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: BF2466B3E18E970D8A976FB95FC1CA85
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1Service (registry key): NtmsSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Removable Storage
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSsService (registry key): Null
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): nv
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\nv4_mini.sys
Image size: 1897408
Image MD5: 2B298519EDBFCF451D43E0F1E8F1006D
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): NwlnkFlt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPX Traffic Filter Driver
Description: IPX Traffic Filter Driver
Image path: system32\DRIVERS\nwlnkflt.sys
Image size: 12416
Image MD5: B305F3FAD35083837EF46A0BBCE2FC57
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: NwlnkFwdService (registry key): NwlnkFwd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPX Traffic Forwarder Driver
Description: IPX Traffic Forwarder Driver
Image path: system32\DRIVERS\nwlnkfwd.sys
Image size: 32512
Image MD5: C99B3415198D1AAB7227F2C88FD664B9
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): ohci1394
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: VIA OHCI Compliant IEEE 1394 Host Controller
Image path: system32\DRIVERS\ohci1394.sys
Image size: 61696
Image MD5: CA33832DF41AFB202EE7AEB05145922F
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): ose
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Office Source Engine
Description: Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Image size: 89136
Image MD5: 7A56CF3E3F12E8AF599963B16F50FB6A
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1Service (registry key): Outlook
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): P3
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel PentiumIII Processor Driver
Image path: system32\DRIVERS\p3.sys
Image size: 42752
Image MD5: C90018BAFDC7098619A4A95B046B30F3
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): Parport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Parallel port driver
Image path: system32\DRIVERS\parport.sys
Image size: 80128
Image MD5: 5575FAF8F97CE5E713D108C2A58D7C7C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): PartMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Partition Manager
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): ParVdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0
Depends On services: Parport
Depends On group: "Parallel arbitrator"Service (registry key): PCI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PCI Bus Driver
Image path: system32\DRIVERS\pci.sys
Image size: 68224
Image MD5: A219903CCF74233761D92BEF471A07B1
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3Service (registry key): PCIDump
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0Service (registry key): PCIIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\pciide.sys
Image size: 3328
Image MD5: CCF5F451BB1A5A2A522A76E670000FF0
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): Pcmcia
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1Service (registry key): PDCOMP
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): PDFRAME
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): PDRELI
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): PDRFRAME
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): perc2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\perc2.sys
Image size: 27296
Image MD5: 6C14B9C19BA84F73D3A86DBA11133101
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): perc2hib
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\perc2hib.sys
Image size: 5504
Image MD5: F50F7C27F131AFE7BEBA13E14A3B9416
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): PerfDisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): PerfNet
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): PerfOS
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): PerfProc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): PlugPlay
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Plug and Play
Description: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 110592
Image MD5: 65DF52F5B8B6E9BBD183505225C37315
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1Service (registry key): PolicyAgent
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPSEC Services
Description: Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: BF2466B3E18E970D8A976FB95FC1CA85
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,Tcpip,IPSecService (registry key): PptpMiniport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Image path: system32\DRIVERS\raspptp.sys
Image size: 48384
Image MD5: EFEEC01B1D3CF84F16DDD24D9D9D8F99
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): PrismXL
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PrismXL
Object name: LocalSystem
Image path: C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
Image size: 172032
Image MD5: 33D7285F12D934268A34206DFC4AD1B3
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 0Service (registry key): Processor
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Processor Driver
Image path: system32\DRIVERS\processr.sys
Image size: 35840
Image MD5: A32BEBAF723557681BFC6BD93E98BD26
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): ProtectedStorage
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Protected Storage
Description: Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: BF2466B3E18E970D8A976FB95FC1CA85
Control Set: CurrentControlSet
Start: 2
Type: 288
Error Control: 1
Depends On services: RpcSsService (registry key): PSched
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Image path: system32\DRIVERS\psched.sys
Image size: 69120
Image MD5: 09298EC810B07E5D582CB3A3F9255424
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: GpcService (registry key): Ptilink
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Direct Parallel Link Driver
Description: Direct Parallel Link Driver
Image path: system32\DRIVERS\ptilink.sys
Image size: 17792
Image MD5: 80D317BD1C3DBC5D4FE7B1678C60CADD
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): PxHelp20
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PxHelp20
Image path: System32\Drivers\PxHelp20.sys
Image size: 43872
Image MD5: 49452BFCEC22F36A7A9B9C2181BC3042
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): ql1080
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ql1080.sys
Image size: 40320
Image MD5: 0A63FB54039EB5662433CABA3B26DBA7
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): Ql10wnt
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ql10wnt.sys
Image size: 33152
Image MD5: 6503449E1D43A0FF0201AD5CB1B8C706
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): ql12160
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ql12160.sys
Image size: 45312
Image MD5: 156ED0EF20C15114CA097A34A30D8A01
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): ql1240
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ql1240.sys
Image size: 40448
Image MD5: 70F016BEBDE6D29E864C1230A07CC5E6
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): ql1280
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ql1280.sys
Image size: 49024
Image MD5: 907F0AEEA6BC451011611E732BD31FCF
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): RasAcd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Image path: system32\DRIVERS\rasacd.sys
Image size: 8832
Image MD5: FE0D99D6F31E4FAD8159F690D68DED9C
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): RasAuto
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Auto Connection Manager
Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RasMan,TapisrvService (registry key): Rasl2tp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Image path: system32\DRIVERS\rasl2tp.sys
Image size: 51328
Image MD5: 11B4A627BC9614B885C4969BFA5FF8A6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): RasMan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Connection Manager
Description: Creates a network connection.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: TapisrvService (registry key): RasPppoe
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access PPPOE Driver
Description: Remote Access PPPOE Driver
Image path: system32\DRIVERS\raspppoe.sys
Image size: 41472
Image MD5: 5BC962F2654137C9909C3D4603587DEE
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): Raspti
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Direct Parallel
Description: Direct Parallel
Image path: system32\DRIVERS\raspti.sys
Image size: 16512
Image MD5: FDBB1D60066FCFBB7452FD8F9829B242
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): Rdbss
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Rdbss
Description: Rdbss
Image path: system32\DRIVERS\rdbss.sys
Image size: 175744
Image MD5: 7AD224AD1A1437FE28D89CF22B17780A
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1Service (registry key): RDPCDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\RDPCDD.sys
Image size: 4224
Image MD5: 4912D5B403614CE99C28420F75353332
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0Service (registry key): RDPDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): RDPDISPM
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\rdpdispm.sys
Image size: 9024
Image MD5: ABFC9B981324B537FD326958EB42CB86
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): rdpdr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Server Device Redirector Driver
Image path: system32\DRIVERS\rdpdr.sys
Image size: 196224
Image MD5: 15CABD0F7C00C47C70124907916AF3F1
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): RDPNP
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): RDPVDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\rdpvmp.sys
Image size: 19392
Image MD5: 46A4872ED1866C9A603F1BC6644EF36F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): RDPWD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): RDSessMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Desktop Help Session Manager
Description: Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\sessmgr.exe
Image size: 141312
Image MD5: 3C37BF86641BDA977C3BF8A840F3B7FA
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSSService (registry key): redbook
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Digital CD Audio Playback Filter Driver
Image path: system32\DRIVERS\redbook.sys
Image size: 57600
Image MD5: F828DD7E1419B6653894A8F97A0094C5
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): RemoteAccess
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Routing and Remote Access
Description: Offers routing services to businesses in local area and wide area network environments.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSS
Depends On group: NetBIOSGroupService (registry key): RemoteRegistry
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Registry
Description: Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSSService (registry key): RpcLocator
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Procedure Call (RPC) Locator
Description: Manages the RPC name service database.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\locator.exe
Image size: 75264
Image MD5: AAED593F84AFA419BBAE8572AF87CF6A
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: LanmanWorkstationService (registry key): RpcSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Procedure Call (RPC)
Description: Provides the endpoint mapper and other miscellaneous RPC services.
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\system32\svchost -k rpcss
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1Service (registry key): RSVP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: QoS RSVP
Description: Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets.
Object name: LocalSystem
Image path: %SystemRoot%\system32\rsvp.exe
Image size: 132608
Image MD5: 471B3F9741D762ABE75E9DEEA4787E47
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: TcpIp,Afd,RpcSsService (registry key): RTL8023xp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver
Image path: system32\DRIVERS\Rtlnicxp.sys
Image size: 70144
Image MD5: E9877AA069DC11B03DBD1D33B8B2A3CA
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): SamSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Security Accounts Manager
Description: Stores security information for local user accounts.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: BF2466B3E18E970D8A976FB95FC1CA85
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSSService (registry key): SAVRT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SAVRT
Image path: \??\C:\Program Files\Norton AntiVirus\SAVRT.SYS
Image size: 334984
Image MD5: 21BA125B956A513F85F6AB1DD603F917
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: SAVRTPELService (registry key): SAVRTPEL
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SAVRTPEL
Image path: \??\C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS
Image size: 53896
Image MD5: 0F8E1C05FC1298F8E7CEA935429F66FF
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): SAVScan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec AVScan
Description: Handles Norton AntiVirus Auto-Protect Archive Scanning
Object name: LocalSystem
Image path: "C:\Program Files\Norton AntiVirus\SAVScan.exe"
Image size: 198368
Image MD5: 609B68E5AA362AF04559CDDD3DF8FC7D
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: SAVRTService (registry key): ScanUSBEMPIA
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB Still Image Capture Device
Image path: system32\DRIVERS\emScan.sys
Image size: 4493
Image MD5: F5A633609777C212EC5FF19927FC5955
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): SCardSvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Smart Card
Description: Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\SCardSvr.exe
Image size: 95744
Image MD5: 86D007E7A654B9A71D1D7D856B104353
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 0
Depends On services: PlugPlayService (registry key): Schedule
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Task Scheduler
Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSsService (registry key): ScsiPort
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: %SystemRoot%\system32\drivers\scsiport.sys
Image size: 96384
Image MD5: 76C465F570E90C28942D52CCB2580A10
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): Secdrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Secdrv
Description: SafeDisc driver
Image path: system32\DRIVERS\secdrv.sys
Image size: 20480
Image MD5: 90A3935D05B494A5A39D37E71F09A677
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): seclogon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Secondary Logon
Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 288
Error Control: 0Service (registry key): SENS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: System Event Notification
Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: EventSystemService (registry key): Serial
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0Service (registry key): ServiceModelEndpoint 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): ServiceModelOperation 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): ServiceModelService 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): Sfloppy
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0
Depends On group: "SCSI miniport"Service (registry key): SharedAccess
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Firewall/Internet Connection Sharing (ICS)
Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Netman,WinMgmtService (registry key): ShellHWDetection
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Shell Hardware Detection
Description: Provides notifications for AutoPlay hardware events.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSsService (registry key): Simbad
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1Service (registry key): sisagp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SIS AGP Bus Filter
Image path: system32\DRIVERS\sisagp.sys
Image size: 40960
Image MD5: 6B33D0EBD30DB32E27D1D78FE946A754
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): SLIP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: BDA Slip De-Framer
Image path: system32\DRIVERS\SLIP.sys
Image size: 11136
Image MD5: 866D538EBE33709A5C9F5C62B73B7D14
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): SMSvcHost 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): SMTPSVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Simple Mail Transfer Protocol (SMTP)
Description: Transports electronic mail across the network
Object name: LocalSystem
Image path: C:\WINDOWS\system32\inetsrv\inetinfo.exe
Image size: 15360
Image MD5: DB3C22745C0DA4666F3BE31F1AF36B2F
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: IISADMIN,EventlogService (registry key): SNDSrvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Network Drivers Service
Description: Symantec Network Drivers Service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
Image size: 214408
Image MD5: 0CB1E12D9741308B5A9CDC5C7D2A1D97
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0Service (registry key): SONYPVU1
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Sony USB Filter Driver (SONYPVU1)
Image path: system32\DRIVERS\SONYPVU1.SYS
Image size: 7552
Image MD5: A1ECEEAA5C5E74B2499EB51D38185B84
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): Sparrow
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\sparrow.sys
Image size: 19072
Image MD5: 83C0F71F86D3BDAF915685F3D568B20E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): SPBBCDrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SPBBCDrv
Image path: \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
Image size: 389728
Image MD5: 16AA4657806E3EA423D7E9286E763016
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): SPBBCSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SPBBCSvc
Description: Symantec SPBBC
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"
Image size: 1160800
Image MD5: 780DE647691972907D86194577F58C43
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSSService (registry key): splitter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel Audio Splitter
Image path: system32\drivers\splitter.sys
Image size: 6272
Image MD5: AB8B92451ECB048A4D1DE7C3FFCB4A9F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): Spooler
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Print Spooler
Description: Loads files to memory for later printing.
Object name: LocalSystem
Image path: %SystemRoot%\system32\spoolsv.exe
Image size: 57856
Image MD5: D8E14A61ACC1D4A6CD0D38AEBAC7FA3B
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSSService (registry key): sr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: System Restore Filter Driver
Image path: system32\DRIVERS\sr.sys
Image size: 73472
Image MD5: 76BB022C2FB6902FD5BDD4F78FC13A5D
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1Service (registry key): srservice
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: System Restore Service
Description: Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSsService (registry key): Srv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Srv
Description: Srv
Image path: system32\DRIVERS\srv.sys
Image size: 333952
Image MD5: 3BB03F2BA89D2BE417206C373D2AF17C
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1Service (registry key): SSDPSRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SSDP Discovery Service
Description: Enables discovery of UPnP devices on your home network.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTPService (registry key): ssfs0bbc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ssfs0bbc
Description: Spy Sweeper File System Filter Driver
Image path: system32\DRIVERS\ssfs0bbc.sys
Image size: 29808
Image MD5: 4479AEB7EC022B75F882C167FE2A7A34
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 0Service (registry key): sshrmd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Sshrmd
Description: Spy Sweeper Hookrack MiniDriver
Image path: system32\DRIVERS\sshrmd.sys
Image size: 23152
Image MD5: 58154D7F69A1322D9BD885E2E61CF152
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 0Service (registry key): ssidrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Ssidrv
Description: Spy Sweeper Interdiction Driver
Image path: system32\DRIVERS\ssidrv.sys
Image size: 176752
Image MD5: E971EEE20B8083E57B5529AEA065EC51
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 0Service (registry key): stisvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Image Acquisition (WIA)
Description: Provides image acquisition services for scanners and cameras.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k imgsvc
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSsService (registry key): streamip
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: BDA IPSink
Image path: system32\DRIVERS\StreamIP.sys
Image size: 15232
Image MD5: 77813007BA6265C4B6098187E6ED79D2
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): SunkFilt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Alcor Micro Corp Reader
Image path: \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys
Image size: 36804
Image MD5: 86CA1A5C15A5A98D5533945FB1120B05
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): swenum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Software Bus Driver
Image path: system32\DRIVERS\swenum.sys
Image size: 4352
Image MD5: 3941D127AEF12E93ADDF6FE6EE027E0F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): swmidi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel GS Wavetable Synthesizer
Image path: system32\drivers\swmidi.sys
Image size: 56576
Image MD5: 8CE882BCC6CF8A62F2B2323D95CB3D01
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): SwPrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MS Software Shadow Copy Provider
Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{7A99F41E-64B1-4A1C-B8C7-838B1BB47105}
Image size: 5120
Image MD5: 0A9BA6AF531AFE7FA5E4FB973852D863
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Depends On services: rpcssService (registry key): swwd
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): Symantec Core LC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Core LC
Description: Symantec Core LC
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"
Image size: 1251720
Image MD5: FA2F6A8849219B16460BF44F9D1F3AA7
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSSService (registry key): symc810
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\symc810.sys
Image size: 16256
Image MD5: 1FF3217614018630D0A6758630FC698C
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): symc8xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\symc8xx.sys
Image size: 32640
Image MD5: 070E001D95CF725186EF8B20335F933C
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): SYMDNS
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\System32\Drivers\SYMDNS.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): SymEvent
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \??\C:\Program Files\Symantec\SYMEVENT.SYS
Image size: 108168
Image MD5: 9C4737086DEE2D302D5D2D69478F6611
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): SYMFW
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\System32\Drivers\SYMFW.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): SYMIDS
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\System32\Drivers\SYMIDS.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): SYMIDSCO
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20090610.001\symidsco.sys
Image size: 251768
Image MD5: 1902EFB9E0901A62A31458AD90D3FED3
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): symlcbrd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: symlcbrd
Image path: \??\C:\WINDOWS\system32\drivers\symlcbrd.sys
Image size: 10344
Image MD5: B226F8A4D780ACDF76145B58BB791D5B
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0Service (registry key): SYMNDIS
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\System32\Drivers\SYMNDIS.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0
Depends On services: SymTDI,SYMFW,SYMIDSService (registry key): SYMREDRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\System32\Drivers\SYMREDRV.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): SYMTDI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SYMTDI
Image path: \SystemRoot\System32\Drivers\SYMTDI.SYS
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: TcpipService (registry key): sym_hi
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\sym_hi.sys
Image size: 28384
Image MD5: 80AC1C4ABBE2DF3B738BF15517A51F2C
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): sym_u3
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\sym_u3.sys
Image size: 30688
Image MD5: BF4FAB949A382A8E105F46EBB4937058
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): sysaudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel System Audio Device
Image path: system32\drivers\sysaudio.sys
Image size: 60800
Image MD5: 8B83F3ED0F1688B4958F77CD6D2BF290
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): SysmonLog
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Performance Logs and Alerts
Description: Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\system32\smlogsvc.exe
Image size: 89600
Image MD5: C7ABBC59B43274B1109DF6B24D617051
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1Service (registry key): TapiSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Telephony
Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSsService (registry key): Tcpip
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Image path: system32\DRIVERS\tcpip.sys
Image size: 361600
Image MD5: 9AEFA14BD6B182D61E3119FA5F436D3D
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: IPSecService (registry key): TDPIPE
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): TDTCP
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): TermDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Device Driver
Image path: system32\DRIVERS\termdd.sys
Image size: 40840
Image MD5: 88155247177638048422893737429D9E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1Service (registry key): TermService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Services
Description: Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost -k DComLaunch
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSSService (registry key): Themes
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Themes
Description: Provides user experience theme management.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1Service (registry key): TlntSvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Telnet
Description: Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\tlntsvr.exe
Image size: 73216
Image MD5: DB7205804759FF62C34E3EFD8A4CC76A
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 1
Depends On services: RPCSS,TCPIP,NTLMSSPService (registry key): TosIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\toside.sys
Image size: 4992
Image MD5: F2790F6AF01321B172AA62F8E1E187D9
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): TrkWks
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Distributed Link Tracking Client
Description: Maintains links between NTFS files within a computer or across computers in a network domain.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSsService (registry key): TSDDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): Udfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1Service (registry key): ultra
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\ultra.sys
Image size: 36736
Image MD5: 1B698A51CD528D8DA4FFAED66DFC51B9
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): UMWdf
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows User Mode Driver Framework
Description: Enables Windows user mode drivers.
Object name: NT AUTHORITY\LocalService
Image path: C:\WINDOWS\system32\wdfmgr.exe
Image size: 38912
Image MD5: C81B8635DEE0D3EF5F64B3DD643023A5
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RpcSsService (registry key): Update
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microcode Update Driver
Image path: system32\DRIVERS\update.sys
Image size: 384768
Image MD5: 402DDC88356B1BAC0EE3DD1580C76A31
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): upnphost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Universal Plug and Play Device Host
Description: Provides support to host Universal Plug and Play devices.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: SSDPSRV,HTTPService (registry key): UPS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Uninterruptible Power Supply
Description: Manages an uninterruptible power supply (UPS) connected to the computer.
Object name: LocalSystem
Image path: %SystemRoot%\System32\ups.exe
Image size: 18432
Image MD5: 05365FB38FCA1E98F7A566AAAF5D1815
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1Service (registry key): USB
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): usbccgp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Generic Parent Driver
Image path: system32\DRIVERS\usbccgp.sys
Image size: 32128
Image MD5: 173F317CE0DB8E21322E71B7E60A27E8
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): usbehci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB 2.0 Enhanced Host Controller Miniport Driver
Image path: system32\DRIVERS\usbehci.sys
Image size: 30208
Image MD5: 65DCF09D0E37D4C6B11B5B0B76D470A7
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): usbhub
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB2 Enabled Hub
Image path: system32\DRIVERS\usbhub.sys
Image size: 59520
Image MD5: 1AB3CDDE553B6E064D2E754EFE20285C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): usbohci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Open Host Controller Miniport Driver
Image path: system32\DRIVERS\usbohci.sys
Image size: 17152
Image MD5: 0DAECCE65366EA32B162F85F07C6753B
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): USBSTOR
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB Mass Storage Driver
Image path: system32\DRIVERS\USBSTOR.SYS
Image size: 26368
Image MD5: A32426D9B14A089EAA1D922E0C5801A9
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): VgaSave
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: VGA Display Controller.
Description: Controls the VGA display adapter to provide basic display capabilities.
Image path: \SystemRoot\System32\drivers\vga.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0Service (registry key): viaagp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: VIA AGP Bus Filter
Image path: system32\DRIVERS\viaagp.sys
Image size: 42240
Image MD5: 754292CE5848B3738281B4F3607EAEF4
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): ViaIde
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\viaide.sys
Image size: 5376
Image MD5: 3B3EFCDA263B8AC14FDF9CBDD0791B2E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): VolSnap
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1Service (registry key): VSS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Volume Shadow Copy
Description: Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\vssvc.exe
Image size: 289792
Image MD5: 7A9DB3A67C333BF0BD42E42B8596854B
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSSService (registry key): W32Time
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Time
Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1Service (registry key): W3SVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: World Wide Web Publishing
Description: Provides Web connectivity and administration through the Internet Information Services snap-in
Object name: LocalSystem
Image path: %SystemRoot%\system32\inetsrv\inetinfo.exe
Image size: 15360
Image MD5: DB3C22745C0DA4666F3BE31F1AF36B2F
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: IISADMINService (registry key): Wanarp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Image path: system32\DRIVERS\wanarp.sys
Image size: 34560
Image MD5: E20B95BAEDB550F32DD489265C1DA1F6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): wanatw
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (ATW)
Image path: system32\DRIVERS\wanatw4.sys
Image size: 33588
Image MD5: 0A716C08CB13C3A8F4F51E882DBF7416
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): WDICA
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): wdmaud
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft WINMM WDM Audio Compatibility Driver
Image path: system32\drivers\wdmaud.sys
Image size: 83072
Image MD5: 6768ACF64B18196494413695F0C3A00F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): WebClient
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WebClient
Description: Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: MRxDAVService (registry key): WebrootSpySweeperService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Webroot Spy Sweeper Engine
Description: Provides core functionality to Webroot Spy Sweeper. This service must be enabled and started for Spy Sweeper to function.
Object name: LocalSystem
Image path: "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe"
Image size: 4048240
Image MD5: 3102FD5F65B3CA05AADD1C1AA1A42220
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSSService (registry key): winachsf
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\HSF_CNXT.sys
Image size: 685056
Image MD5: 2DC7C0B6175A0A8ED84A4F70199C93B5
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0Service (registry key): Windows Workflow Foundation 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): winmgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Management Instrumentation
Description: Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSSService (registry key): Winsock
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 4
Error Control: 1Service (registry key): WinSock2
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): WinTrust
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): wlcrasvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Live Mesh Remote Desktop
Object name: LocalSystem
Image path: C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe
Image size: 44880
Image MD5: 41497A3F79099C859E6DCCCE92EBAE80
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1Service (registry key): WmdmPmSN
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Portable Media Serial Number Service
Description: Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1Service (registry key): Wmi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Management Instrumentation Driver Extensions
Description: Provides systems management information to and from drivers.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1Service (registry key): WmiApRpl
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): WmiApSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WMI Performance Adapter
Description: Provides performance library information from WMI HiPerf providers.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\wbem\wmiapsrv.exe
Image size: 126464
Image MD5: E0673F1106E62A68D2257E376079F821
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSSService (registry key): WRConsumerService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Webroot Client Service
Description: This service provides system level operations for the Webroot Client.
Object name: LocalSystem
Image path: "C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe"
Image size: 1205760
Image MD5: CD4527C485D82FC5C31023661421F39B
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1Service (registry key): WS2IFSL
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 0
Error Control: 0Service (registry key): wscsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Security Center
Description: Monitors system security settings and configurations.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,winmgmtService (registry key): WSTCODEC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: World Standard Teletext Codec
Image path: system32\DRIVERS\WSTCODEC.SYS
Image size: 19200
Image MD5: C98B39829C2BBD34E454150633C62C78
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1Service (registry key): wuauserv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Automatic Updates
Description: Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1Service (registry key): WZCSVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Wireless Zero Configuration
Description: Provides automatic configuration for the 802.11 adapters
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,NdisuioService (registry key): xmlprov
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Network Provisioning Service
Description: Manages XML configuration files on a domain basis for automatic network provisioning.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSsService (registry key): {1A14CA04-C5BB-4E0E-897F-55611262DC00}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): {5F443DFA-482F-4CE4-978B-EFD631E2F689}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0Service (registry key): {A8AC9E9E-DB02-477E-9A31-B4DC5392FDA2}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0 -
- on Tue 23 Jun 2009
- 01:35:55 AM UTC
First and foremost;
1. Uninstall Norton
2. Uninstall SpySweeper
3. Download and install the following (see note below);ClamWin (open source)
www.clamwin.com4. Download and install the following;
Avira Free
www.free-av.comOnce ClamWin and Avira are installed, update and run a scan with both, allow them to clean what they find, then pop over to the following to get the remainder cleaned up (tell Jintan I sent you);
IMPORTANT: ClamWin, whilst a fantastic AV, does NOT have a realtime monitor, so should be used as a scheduled and/or on demand scanner, in ADDITION to an AM with a realtime monitor. For more information on security options, please see;
http://mysteryfcm.co.uk/?mode=Articles&date=12-08-...
Regards
Steven Burn
Ur I.T. Mate Group / hpHosts
it-mate.co.uk / hosts-file.net -
- on Tue 23 Jun 2009
- 02:02:28 AM UTC
Hey aj !!
OK, I'm not going to lecture you on the state of the security of your PC. I think you already know that. The S & D log would be more appropriately disclosed on their forum for review. ( which is excellent BTW ). But since you are here , let's see what we can do to help.
First, can you still connect to security sites ?( MalwareBytes' Anti-Malware and others) . Can you Up-date the definitions of MalwareBytes' ? . DO NOT run yet.
IF you can , this is how we should proceed. Update MalwareBytes' . Go to this site and download : SUPERAntiSpyware ( the free version ) :
http://www.superantispyware.com/superantispyware.h.... Now , install , update the definitions .DO NOT run yet.Next , Go to this site AVIRA ANTIVIR : http://www.free-av.de/en/download/download_servers... . Download this version :
Avira AntiVir Personal - FREE Antivirus . The one you want is the : English installation kit 30.8 MB . DO NOT INSTALL YET.You will have to Uninstall Norton in order to be able to install a new AntiVirus app.
To do this, you will need the Norton Removal Tool. Go to this site :
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf...
and download the Removal Tool (jump to step three (3).Now that you have all of the tools you need , Disconnect from the internet!!!
Once disconnected from the internet ,if Norton is still running , Disable it. Next , go to the Add / Remove program and Uninstall the Norton application. Go back to your Desktop and Run the Removal Tool.Follow the prompts from this removal tool.
You can now safely install Avira . Once Avira is installed, you can now re-connect to the internet to update the definitions of Avira.
Run all three security programs in Full Scan. This will take you awhile so , be patient.
When the scans are complete , go to their repective Logs tab and copy and paste the results in your next post.
You could also remove the other out of date security program : Webroot SpySweeper.
Athlonite.
Your help is always needed.
-
- on Tue 23 Jun 2009
- 12:47:43 PM UTC
Have you tried
Have you tried scanner-in-browser antiviruses ?
They work in IE: http://sebsauvage.net/safehex.html#r048
(use those who have a green cell in the "désinfecte" column) -
- on Tue 23 Jun 2009
- 01:32:16 PM UTC
Trying this right now
I'm working on this right now
-
- on Tue 23 Jun 2009
- 01:35:46 PM UTC
If
If you cannot connect to security sites clean your Hosts File:
http://freepcsecurity.co.uk/2009/01/21/hostsxpert
http://freepcsecurity.co.uk/2009/04/20/rename-exe-...Colin
http://freepcsecurity.co.uk
"If you have knowledge, let others light their candles with it" - Winston Churchill -
- on Tue 23 Jun 2009
- 03:58:38 PM UTC
Hosts File
I checked my host file yesterday.
It was good. -
- on Tue 23 Jun 2009
- 04:27:24 PM UTC
Avira Report
Avira AntiVir Personal
Report file date: Tuesday, June 23, 2009 08:51Scanning for 1487370 virus strains and unwanted programs.
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : YOUR-A284EF7D6FVersion information:
BUILD.DAT : 9.0.0.403 17961 Bytes 6/3/2009 17:05:00
AVSCAN.EXE : 9.0.3.6 466689 Bytes 5/11/2009 15:14:47
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 16:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 17:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 16:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 18:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2/11/2009 02:33:26
ANTIVIR2.VDF : 7.1.4.87 2982912 Bytes 6/12/2009 13:50:42
ANTIVIR3.VDF : 7.1.4.128 330752 Bytes 6/23/2009 13:50:43
Engineversion : 8.2.0.193
AEVDF.DLL : 8.1.1.1 106868 Bytes 4/30/2009 17:52:04
AESCRIPT.DLL : 8.1.2.9 409978 Bytes 6/23/2009 13:50:47
AESCN.DLL : 8.1.2.3 127347 Bytes 5/14/2009 17:02:01
AERDL.DLL : 8.1.1.3 438645 Bytes 10/30/2008 00:24:41
AEPACK.DLL : 8.1.3.18 401783 Bytes 5/27/2009 22:07:20
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 6/23/2009 13:50:47
AEHEUR.DLL : 8.1.0.133 1798520 Bytes 6/23/2009 13:50:46
AEHELP.DLL : 8.1.3.6 205174 Bytes 6/23/2009 13:50:44
AEGEN.DLL : 8.1.1.46 348533 Bytes 6/23/2009 13:50:44
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/9/2008 20:32:40
AECORE.DLL : 8.1.6.12 180599 Bytes 5/27/2009 22:07:20
AEBB.DLL : 8.1.0.3 53618 Bytes 10/9/2008 20:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 14:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 12/5/2008 16:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 20:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 16:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 21:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 16:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 21:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 14:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 16:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 5/15/2009 21:39:58
RCTEXT.DLL : 9.0.37.0 86785 Bytes 4/17/2009 16:19:48Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +SPR,Start of the scan: Tuesday, June 23, 2009 08:51
Starting search for hidden objects.
'71203' objects were checked, '0' hidden objects were found.The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'cidaemon.exe' - '1' Module(s) have been scanned
Scan process 'cidaemon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'SSU.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'Moe.exe' - '1' Module(s) have been scanned
Scan process 'wlcrasvc.exe' - '1' Module(s) have been scanned
Scan process 'SpySweeper.exe' - '1' Module(s) have been scanned
Scan process 'PRISMXL.SYS' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'MoeMonitor.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned
Scan process 'ehRecvr.exe' - '1' Module(s) have been scanned
Scan process 'aoltpspd.exe' - '1' Module(s) have been scanned
Scan process 'cisvc.exe' - '1' Module(s) have been scanned
Scan process 'aoltsmon.exe' - '1' Module(s) have been scanned
Scan process 'SpySweeperUI.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'GoogleQuickSearchBox.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'DVD43_Tray.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'zHotkey.exe' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'shwiconEM.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'WRConsumerService.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
55 processes with 55 modules were scannedStarting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!Starting to scan executable files (registry).
The registry was scanned ( '62' files ).Starting the file scan:
Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\WINDOWS\system32\SsiEfr.exe
[WARNING] The file could not be opened!
C:\WINDOWS\system32\wrLZMA.dll
[WARNING] The file could not be opened!
Begin scan in 'D:\'End of the scan: Tuesday, June 23, 2009 11:22
Used time: 2:30:09 Hour(s)The scan has been done completely.
11049 Scanned directories
840198 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
4 Files cannot be scanned
840194 Files not concerned
10726 Archives were scanned
4 Warnings
2 Notes
71203 Objects were scanned with rootkit scan
0 Hidden objects were found -
- on Wed 24 Jun 2009
- 02:08:53 AM UTC
I'm not very good with this but
This stands out
C:\WINDOWS\system32\wrLZMA.dll - -
- on Wed 24 Jun 2009
- 02:04:20 AM UTC
C:\WINDOWS\system32\wrLZMA.dll
That's very likely a Spy Sweeper file and is legit. http://www.virscan.org/report/073c1c4f57cf48e168f1...
-
- on Wed 24 Jun 2009
- 03:57:36 AM UTC
Uninstallers
Built in uninstallers aren't always very efficient. They leave a bunch of junk behind.
-
- on Wed 24 Jun 2009
- 02:05:17 AM UTC
reformat
low-level reformat your hard drive
reinstall your Operating System, i.e., Windows XPInstall a decent layered defense, but do not go overboard.
purchase a decent AV or if using free switch your email to Google or GMX.
do not visit known malware sites without using a virtual environment such as sandboxie.
-------
Against Intuition - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
G7W {G.O.M}
http://g7w.net/ -
- on Wed 24 Jun 2009
- 11:44:19 AM UTC
Link
This seems pertinent to your situation: http://www.techjaws.com/virtues-of-cloning-and-ima...
-
- on Mon 29 Jun 2009
- 04:48:07 PM UTC
The only problem I'm having
The only problem I'm having now is a virus trying to remove SpySweaper and Spybot from the startup
-
- on Tue 30 Jun 2009
- 09:00:34 AM UTC
...
Please refer to;
http://www.mywot.com/en/forum/3788-virus-removal?c...
In addition, if you've got a CD burner, please also see the following (highly recommended);
http://dnl-eu10.kaspersky-labs.com/devbuilds/Rescu...
Info on how to use it if you need it, is at (though you'll need to skip past the slew of adverts);
http://www.raymond.cc/blog/archives/2008/06/16/kas...
Regards
Steven Burn
Ur I.T. Mate Group / hpHosts
it-mate.co.uk / hosts-file.net -
- on Tue 30 Jun 2009
- 09:16:52 AM UTC
Once more.
aj ! If you have run MalwareBytes' and SUPERAntiSpyware PLZ, post their logs. This will give us something to go on. If you do have a Virus then we can use the appropriate tool(s) to help. We can only do so much with the little bit of info. you are providing.
Athlonite.
Your help is always needed.
-
- on Sat 11 Jul 2009
- 06:36:34 PM UTC
MalwareBytes Log
Malwarebytes' Anti-Malware 1.38
Database version: 2323
Windows 5.1.2600 Service Pack 36/23/2009 7:39:17 AM
mbam-log-2009-06-23 (07-39-17).txtScan type: Full Scan (C:\|D:\|)
Objects scanned: 210414
Time elapsed: 2 hour(s), 58 minute(s), 16 second(s)Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
[red]Registry Data Items Infected: 2[/red]
Folders Infected: 0
Files Infected: 2Memory Processes Infected:
(No malicious items detected)Memory Modules Infected:
(No malicious items detected)Registry Keys Infected:
(No malicious items detected)Registry Values Infected:
(No malicious items detected)Registry Data Items Infected:
<[red>
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.Folders Infected:
(No malicious items detected)Files Infected:
-
- on Sun 12 Jul 2009
- 08:55:44 PM UTC
Files Infected:
OK...
so what files are listed for Files Infected:
-------
Against Intuition - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
G7W {G.O.M}
http://g7w.net/
Virus Removal
I think I have a computer virus.
Spy Sweeper keeps blocking connections to a ton of sites (that I'm not going to.)
All of which seem to be on the Spy Bot search and destroy list. and it's going through that list (skipping) in alphabetical order.
Any advice on removal.
have norton av 2007 (expired)
Spysweeper 2007 (expired)
Spy Bot Search & destroy
malwarebytes (malwarebytes.org)
AJ00200