Regrunlog

SpyHolesList Version:7.1 Build:6.9.7.
10
10/20/2010 9:56:30 AM
WinDir=C:\WINDOWS
Startup=C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
Common Startup=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Windows XP Service Pack 3 (5.1.2600)
Internet Explorer 8.0.6001.18702
[Internet Explorer]
[Default Home Page] :HKLM Default_Page_URL=http://go.microsoft.com/fwlink/?Lin
kId=69157
[Current Home Page] :HKCU Start Page=http://caspa.tsx.org
[Current Home Page] :HKCU HOMEOldSP=""
[Search URL Template] :HKLM 1=www.%s.com
[Search URL Template] :HKLM 2=www.%s.org
[Search URL Template] :HKLM 3=www.%s.net
[Search URL Template] :HKLM 4=www.%s.edu
[All Users Search] :HKLM Default_Search_URL=http://go.microsoft.com/fwlink/?Li
nkId=54896
[All Users Search] :HKLM Search Page=http://go.microsoft.com/fwlink/?LinkId=54
896
[Current Users Search] :HKCU Search Page=http://www.microsoft.com/isapi/redir.
dll?prd=ie&ar=iesearch
[Current Users Search] :HKCU Search Bar=""
[IE Local Blank Page] :HKCU Local Page=C:\WINDOWS\system32\blank.htm
[IE Local Blank Page] :HKLM Local Page=C:\WINDOWS\system32\blank.htm
[Browser Helper Objects] {0FB6A909-6086-458F-BD92-1F8EE10042A0}=C:\PROGRAM FIL
ES\AUTOCOMPLETEPRO\AUTOCOMPLETEPRO.DLL
### AutocompletePro - Helps you search the web SimplyGen AutocompletePro 1.0.0
.1
[Browser Helper Objects] {18DF081C-E8AD-4283-A596-FA578C2EBDC3}=C:\PROGRAM FIL
ES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\ACROIEHELPERSHIM.DLL
### Adobe PDF Helper for Internet Explorer Adobe Systems Incorporated AcroIEHe
lperShim Library 9.3.3.177
[Browser Helper Objects] {5C255C8A-E604-49b4-9D64-90988571CECB}=C:\PROGRAM FIL
ES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\ACROIEHELPERSHIM.DLL
### Adobe PDF Helper for Internet Explorer Adobe Systems Incorporated AcroIEHe
lperShim Library 9.3.3.177
[Browser Helper Objects] {9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\PROGRAM FIL
ES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WINDOWSLIVELOGIN.DLL
### WindowsLiveLogin.dll Microsoft Corporation Microsoft® Windows Live Login Hel
per 5.000.818.5
[Browser Helper Objects] {DBC80044-A445-435b-BC74-9C25C1C588A9}=C:\PROGRAM FIL
ES\JAVA\JRE6\BIN\JP2SSV.DLL
### Java(TM) Platform SE binary Sun Microsystems, Inc. Java(TM) Platform SE 6
U20 6.0.200.2
[Browser Helper Objects] {E7E6F031-17CE-4C07-BC86-EABFE594F69C}=C:\PROGRAM FIL
ES\JAVA\JRE6\LIB\DEPLOY\JQS\IE\JQS_PLUGIN.DLL
### Java(TM) Quick Starter binary Sun Microsystems, Inc. Java(TM) Platform SE
6 U20 6.0.200.2
[Auto Search URL] :HKCU provider=""
[Auto Search URL] :HKCU "Default Value"=""
[Search Assistant] :HKCU SearchAssistant=""
[Search Assistant] :HKLM SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766
}/srchasst/srchasst.htm
[Search Assistant] :HKCU CustomizeSearch=""
[Search Assistant] :HKLM CustomizeSearch=http://ie.search.msn.com/{SUB_RFC1766
}/srchasst/srchcust.htm
[CustomizeSearch] :HKLM CustomizeSearch=""
[URLSearchHook] :HKCU {CFBFAE00-17A6-11D0-99CB-00C04FD64497}=C:\WINDOWS\SYSTEM
32\IEFRAME.DLL
### Internet Explorer Microsoft Corporation Windows® Internet Explorer 8.00.6001
.18702
[Default Prefix] :HKLM "Default Value"=http://
[URL Default Prefixes] :HKLM ftp=ftp://
[URL Default Prefixes] :HKLM gopher=gopher://
[URL Default Prefixes] :HKLM home=http://
[URL Default Prefixes] :HKLM mosaic=http://
[URL Default Prefixes] :HKLM www=http://
[Safe Sites] :HKLM ie.search.msn.com=http://ie.search.msn.com/*
[AboutURLs] :HKLM DesktopItemNavigationFailure=res://ieframe.dll/navcancl.htm
[AboutURLs] :HKLM NavigationFailure=res://ieframe.dll/navcancl.htm
[AboutURLs] :HKLM NavigationCanceled=res://ieframe.dll/navcancl.htm
[AboutURLs] :HKLM OfflineInformation=res://ieframe.dll/offcancl.htm
[AboutURLs] :HKLM Home=270
[AboutURLs] :HKLM blank=res://mshtml.dll/blank.htm
[AboutURLs] :HKLM PostNotCached=res://ieframe.dll/repost.htm
[AboutURLs] :HKLM InPrivate=res://ieframe.dll/inprivate.htm
[AboutURLs] :HKLM NoAdd-ons=res://ieframe.dll/noaddon.htm
[AboutURLs] :HKLM NoAdd-onsInfo=res://ieframe.dll/noaddoninfo.htm
[AboutURLs] :HKLM SecurityRisk=res://ieframe.dll/securityatrisk.htm
[AboutURLs] :HKLM Tabs=res://ieframe.dll/tabswelcome.htm
[User Style Sheet] :HKCU User Stylesheet=""
[User Style Sheet] :HKUS User Stylesheet=""
[User Style Sheet] :HKCU Use My Stylesheet=0
[User Style Sheet] :HKUS Use My Stylesheet=0
[Execute unsigned ActiveX in My Computer Zone] :HKCU 1201=1
[Execute unsigned ActiveX in My Computer Zone] :HKLM 1201=1
[Execute unsigned ActiveX in Local Intranet Zone] :HKCU 1201=3
[Execute unsigned ActiveX in Local Intranet Zone] :HKLM 1201=3
[Execute unsigned ActiveX in Internet Zone] :HKCU 1201=3
[Execute unsigned ActiveX in Internet Zone] :HKLM 1201=3
[Links Toolbar] :HKCU LinksFolderName=Links
[Explorer Bars] :HKLM {4D5C8C25-D075-11d0-B416-00C04FB90376}=C:\WINDOWS\SYSTEM
32\SHDOCVW.DLL
### Shell Doc Object and Control Library Microsoft Corporation Microsoft® Window
s® Operating System 6.00.2900.5512
[IE Extensions - All Users] :HKLM {e2e2dd38-d088-4134-82b7-f2ba38496583}=%wind
ir%\Network Diagnostic\xpnetdiag.exe
### File is deleted or hidden by rootkit or could not be located.
[Active Desktop Components] :HKCU 0=About:Home
### Source=About:Home SubscribedURL=About:Home
[Protocols Filter] :HKLM application/octet-stream=C:\WINDOWS\system32\MSCOREE.
DLL
### Microsoft .NET Runtime Execution Engine Microsoft Corporation Microsoft® .NE
T Framework 2.0.50727.3053
[Protocols Filter] :HKLM application/x-complus=C:\WINDOWS\system32\MSCOREE.DLL
T Framework 2.0.50727.3053
[Protocols Filter] :HKLM application/x-msdownload=C:\WINDOWS\system32\MSCOREE.
DLL
T Framework 2.0.50727.3053
[Protocols Filter] :HKLM Class Install Handler=C:\WINDOWS\SYSTEM32\URLMON.DLL
### OLE32 Extensions for Win32 Microsoft Corporation Windows® Internet Explorer
8.00.6001.18702
[Protocols Filter] :HKLM deflate=C:\WINDOWS\SYSTEM32\URLMON.DLL
8.00.6001.18702
[Protocols Filter] :HKLM gzip=C:\WINDOWS\SYSTEM32\URLMON.DLL
8.00.6001.18702
[Protocols Filter] :HKLM lzdhtml=C:\WINDOWS\SYSTEM32\URLMON.DLL
8.00.6001.18702
[Protocols Filter] :HKLM text/webviewhtml=C:\WINDOWS\SYSTEM32\SHELL32.DLL
### Windows Shell Common Dll Microsoft Corporation Microsoft® Windows® Operating S
ystem 6.00.2900.5512
[Protocols Handler] :HKLM about=C:\WINDOWS\SYSTEM32\MSHTML.DLL
### Microsoft (R) HTML Viewer Microsoft Corporation Windows® Internet Explorer 8
.00.6001.18702
[Protocols Handler] :HKLM cdl=C:\WINDOWS\SYSTEM32\URLMON.DLL
8.00.6001.18702
[Protocols Handler] :HKLM dvd=C:\WINDOWS\SYSTEM32\MSVIDCTL.DLL
### ActiveX control for streaming video Microsoft Corporation DirectShow 6.05.
2600.5512
[Protocols Handler] :HKLM file=C:\WINDOWS\SYSTEM32\URLMON.DLL
8.00.6001.18702
[Protocols Handler] :HKLM ftp=C:\WINDOWS\SYSTEM32\URLMON.DLL
8.00.6001.18702
[Protocols Handler] :HKLM gopher=C:\WINDOWS\SYSTEM32\URLMON.DLL
8.00.6001.18702
[Protocols Handler] :HKLM http=C:\WINDOWS\SYSTEM32\URLMON.DLL
8.00.6001.18702
[Protocols Handler] :HKLM https=C:\WINDOWS\SYSTEM32\URLMON.DLL
8.00.6001.18702
[Protocols Handler] :HKLM ipp
[Protocols Handler] :HKLM its=C:\WINDOWS\SYSTEM32\ITSS.DLL
### Microsoft® InfoTech Storage System Library Microsoft Corporation Microsoft® Wi
ndows® Operating System 5.2.3790.4186
[Protocols Handler] :HKLM javascript=C:\WINDOWS\SYSTEM32\MSHTML.DLL
.00.6001.18702
[Protocols Handler] :HKLM livecall=C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
### Windows Live Messenger Protocol Handler Module Microsoft Corporation Windo
ws Live Messenger Protocol Handler Module 14.0.8117.0416
[Protocols Handler] :HKLM local=C:\WINDOWS\SYSTEM32\URLMON.DLL
8.00.6001.18702
[Protocols Handler] :HKLM mailto=C:\WINDOWS\SYSTEM32\MSHTML.DLL
.00.6001.18702
[Protocols Handler] :HKLM mhtml=C:\WINDOWS\SYSTEM32\INETCOMM.DLL
### Microsoft Internet Messaging API Microsoft Corporation Microsoft® Windows® Ope
rating System 6.00.2900.5512
[Protocols Handler] :HKLM mk=C:\WINDOWS\SYSTEM32\URLMON.DLL
8.00.6001.18702
[Protocols Handler] :HKLM ms-its=C:\WINDOWS\SYSTEM32\ITSS.DLL
### Microsoft® InfoTech Storage System Library Microsoft Corporation Microsoft® Wi
[Protocols Handler] :HKLM msdaipp
[Protocols Handler] :HKLM msnim=C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
### Windows Live Messenger Protocol Handler Module Microsoft Corporation Windo
ws Live Messenger Protocol Handler Module 14.0.8117.0416
[Protocols Handler] :HKLM res=C:\WINDOWS\SYSTEM32\MSHTML.DLL
.00.6001.18702
[Protocols Handler] :HKLM skype4com=C:\PROGRA~1\COMMON~1\SKYPE\SKYPE4~1.DLL
### Skype for COM API Skype Technologies Skype4COM 1, 0, 35, 0
[Protocols Handler] :HKLM sysimage=C:\WINDOWS\SYSTEM32\MSHTML.DLL
.00.6001.18702
[Protocols Handler] :HKLM tv=C:\WINDOWS\SYSTEM32\MSVIDCTL.DLL
### ActiveX control for streaming video Microsoft Corporation DirectShow 6.05.
2600.5512
[Protocols Handler] :HKLM vbscript=C:\WINDOWS\SYSTEM32\MSHTML.DLL
.00.6001.18702
[Protocols Handler] :HKLM wia=C:\WINDOWS\SYSTEM32\WIASCR.DLL
### WIA Scripting Layer Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Proxy] :HKCU ProxyServer=""
[Proxy] :HKCU ProxyEnable=0
[Network Settings]
[Hosts File Path] :HKLM DataBasePath=%SystemRoot%\System32\drivers\etc
[Hosts File Contents] :HKLM 127.0.0.1 localhost
[Domain Name] :HKLM Domain=""
[Name Server] {54786A8A-2F0C-4D90-BDA0-A7DC472167C8}=77.105.0.18,77.105.0.19
### Network Card:NVIDIA nForce Networking Controller DefaultGateway:192.168.1.
1
IPAddress:192.168.1.2
[WinSock2 Components] :HKLM mswsock.dll=C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
### Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation Micro
soft® Windows® Operating System 5.1.2600.5512
[WinSock2 Components] :HKLM winrnr.dll=C:\WINDOWS\SYSTEM32\WINRNR.DLL
### LDAP RnR Provider DLL Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[WinSock2 Components] :HKLM rsvpsp.dll=C:\WINDOWS\SYSTEM32\RSVPSP.DLL
### Microsoft Windows Rsvp 1.0 Service Provider Microsoft Corporation Microsof
t® Windows® Operating System 5.1.2600.5512
[Software Components]
[Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\BFHUpdater.dll
=C:\WINDOWS\DOWNLOADED PROGRAM FILES\BFHUPDATER.DLL
### EA Battlefield Heroes Updater EA Digital Illusions CE AB EA Battlefield He
roes Updater 5.0.31.0
[Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\BFHUpdater.exe
=C:\WINDOWS\Downloaded Program Files\BFHUpdater.exe
[Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\DigitalkSIPCab
.ocx=C:\WINDOWS\DOWNLOADED PROGRAM FILES\DIGITALKSIPCAB.OCX
### DigitalkSIPCab ActiveX Control Module Digitalk Limited DigitalkSIPCab Acti
veX Control Module 91, 0, 0, 0
[Internet Components] :HKLM C:\WINDOWS\system32\mfc42.dll=C:\WINDOWS\SYSTEM32\
MFC42.DLL
### MFCDLL Shared Library - Retail Version Microsoft Corporation Microsoft (R)
Visual C++ 6.02.400
[Internet Components] :HKLM C:\WINDOWS\system32\msvcrt.dll=C:\WINDOWS\SYSTEM32
\MSVCRT.DLL
### Windows NT CRT DLL Microsoft Corporation Microsoft® Windows® Operating System
7.0.2600.5512
[Internet Components] :HKLM C:\WINDOWS\system32\olepro32.dll=C:\WINDOWS\SYSTEM
32\OLEPRO32.DLL
### Microsoft Corporation 5.1.2600.5512
[Windows Shell]
[Display Scrap's Extensions] :HKLM NeverShowExt=""
[ScreenSaver] :HKCU SCRNSAVE.EXE=""
[System.ini] shell=Explorer.exe
[User Shell] :HKCU shell=""
[Main File Extensions] :HKLM .exe="%1" %*
[Main File Extensions] :HKLM .com="%1" %*
[Main File Extensions] :HKLM .pif="%1" %*
[Main File Extensions] :HKLM .bat="%1" %*
[Main File Extensions] :HKLM .cmd="%1" %*
[Main File Extensions] :HKLM .scr="%1" /S
[Main File Extensions] :HKLM .txt=%SystemRoot%\system32\NOTEPAD.EXE %1
[Main File Extensions] :HKLM .reg=regedit.exe "%1"
[Main File Extensions] :HKLM .inf=%SystemRoot%\System32\NOTEPAD.EXE %1
[Main File Extensions] :HKLM .ini=%SystemRoot%\System32\NOTEPAD.EXE %1
[Main File Extensions] :HKLM .js=%SystemRoot%\System32\WScript.exe "%1" %*
[Main File Extensions] :HKLM .vbs=%SystemRoot%\System32\WScript.exe "%1" %*
[Main File Extensions] :HKLM .vbe=%SystemRoot%\System32\WScript.exe "%1" %*
[Main File Extensions] :HKLM .msc=%SystemRoot%\system32\mmc.exe "%1" %*
[Main File Extensions] :HKLM .jpg=rundll32.exe C:\WINDOWS\system32\shimgvw.dll
,ImageView_Fullscreen %1
[Main File Extensions] :HKLM .jpeg=rundll32.exe C:\WINDOWS\system32\shimgvw.dl
l,ImageView_Fullscreen %1
[Shell Execute Hooks] :HKLM {AEB6717E-7E19-11d0-97EE-00C04FD91972}=C:\WINDOWS\
system32\SHELL32.DLL
ystem 6.00.2900.5512
[Shell Execute Hooks] :HKLM {F552DDE6-2090-4bf4-B924-6141E87789A5}=C:\PROGRA~1
\GREATIS\REGRUN~1\RRSHELL.DLL
### RRShell Module Greatis Software, LLC RRShell Module 1, 0, 1, 3
[UserInit Value] :HKLM UserInit=C:\WINDOWS\system32\userinit.exe,
[Winlogon Notification] :HKLM AtiExtEvent=C:\WINDOWS\system32\ATI2EVXX.DLL
### AtiExtEvent ATI External Event Utility DLL Module ATI Technologies Inc. AT
I External Event Utility for Windows 6.14.10.4179
[Winlogon Notification] :HKLM crypt32chain=C:\WINDOWS\system32\CRYPT32.DLL
### crypt32chain Crypto API32 Microsoft Corporation Microsoft® Windows® Operating
System 5.131.2600.5512
[Winlogon Notification] :HKLM cryptnet=C:\WINDOWS\system32\CRYPTNET.DLL
### cryptnet Crypto Network Related API Microsoft Corporation Microsoft® Windows®
Operating System 5.131.2600.5512
[Winlogon Notification] :HKLM cscdll=C:\WINDOWS\system32\CSCDLL.DLL
### cscdll Offline Network Agent Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Winlogon Notification] :HKLM dimsntfy=C:\WINDOWS\SYSTEM32\DIMSNTFY.DLL
### dimsntfy DIMS Notification Handler Microsoft Corporation Microsoft® Windows® O
perating System 5.1.2600.5512
[Winlogon Notification] :HKLM LMIinit=C:\WINDOWS\system32\LMIINIT.DLL
### LMIinit LogMeIn Remote Control Helper LogMeIn, Inc. LogMeIn 4.1.1556
[Winlogon Notification] :HKLM ScCertProp=C:\WINDOWS\system32\WLNOTIFY.DLL
### ScCertProp Common DLL to receive Winlogon notifications Microsoft Corporat
ion Microsoft® Windows® Operating System 5.1.2600.5512
[Winlogon Notification] :HKLM Schedule=C:\WINDOWS\system32\WLNOTIFY.DLL
### Schedule Common DLL to receive Winlogon notifications Microsoft Corporatio
n Microsoft® Windows® Operating System 5.1.2600.5512
[Winlogon Notification] :HKLM sclgntfy=C:\WINDOWS\system32\SCLGNTFY.DLL
### sclgntfy Secondary Logon Service Notification DLL Microsoft Corporation Mi
crosoft® Windows® Operating System 5.1.2600.5512
[Winlogon Notification] :HKLM SensLogn=C:\WINDOWS\system32\WLNOTIFY.DLL
### SensLogn Common DLL to receive Winlogon notifications Microsoft Corporatio
[Winlogon Notification] :HKLM termsrv=C:\WINDOWS\system32\WLNOTIFY.DLL
### termsrv Common DLL to receive Winlogon notifications Microsoft Corporation
Microsoft® Windows® Operating System 5.1.2600.5512
[Winlogon Notification] :HKLM wlballoon=C:\WINDOWS\system32\WLNOTIFY.DLL
### wlballoon Common DLL to receive Winlogon notifications Microsoft Corporati
on Microsoft® Windows® Operating System 5.1.2600.5512
[Shell Services DelayLoad] :HKLM PostBootReminder=C:\WINDOWS\SYSTEM32\SHELL32.
DLL
ystem 6.00.2900.5512
[Shell Services DelayLoad] :HKLM CDBurn=C:\WINDOWS\SYSTEM32\SHELL32.DLL
ystem 6.00.2900.5512
[Shell Services DelayLoad] :HKLM WebCheck=C:\WINDOWS\SYSTEM32\WEBCHECK.DLL
### Web Site Monitor Microsoft Corporation Windows® Internet Explorer 8.00.6001.
18702
[Shell Services DelayLoad] :HKLM SysTray=C:\WINDOWS\SYSTEM32\STOBJECT.DLL
### Systray shell service object Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[App Paths] :HKLM AvastUI.exe=C:\Program Files\Alwil Software\Avast5\AvastUI.e
xe
### AvastUI.exe avast! Antivirus AVAST Software avast! Antivirus 5, 0, 0, 0
[App Paths] :HKLM bckgzm.exe=C:\Program Files\MSN Gaming Zone\Windows\bckgzm.e
xe
### bckgzm.exe Zone Datafile Microsoft Corporation Zone.com 1.2.626.1
[App Paths] :HKLM chkrzm.exe=C:\Program Files\MSN Gaming Zone\Windows\chkrzm.e
xe
### chkrzm.exe Zone Datafile Microsoft Corporation Zone.com 1.2.626.1
[App Paths] :HKLM cmmgr32.exe=C:\WINDOWS\system32\cmmgr32.exe
### cmmgr32.exe
[App Paths] :HKLM CONF.EXE=C:\Program Files\NetMeeting\conf.exe
### CONF.EXE Windows® NetMeeting® Microsoft Corporation Windows® NetMeeting® 3.01
[App Paths] :HKLM dialer.exe=C:\Program Files\Windows NT\dialer.exe
### dialer.exe TAPI 3.0 Dialer and IP Multicast Conference Viewer Microsoft Co
rporation Microsoft® Windows® Operating System 5.1.2600.5512
[App Paths] :HKLM firefox.exe=C:\Program Files\Mozilla Firefox\firefox.exe
### firefox.exe Firefox Mozilla Corporation Firefox 3.6.10
[App Paths] :HKLM HELPCTR.EXE=C:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\HELPCTR.EXE
### HELPCTR.EXE Microsoft Help and Support Center Microsoft Corporation Micros
oft® Windows® Operating System 5.1.2600.5512
[App Paths] :HKLM hrtzzm.exe=C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.e
xe
### hrtzzm.exe Zone Datafile Microsoft Corporation Zone.com 1.2.626.1
[App Paths] :HKLM ICWCONN1.EXE="C:\Program Files\Internet Explorer\Connection
Wizard\ICWCONN1.EXE"
### ICWCONN1.EXE Internet Connection Wizard Microsoft Corporation Microsoft® Win
dows® Operating System 6.00.2900.5512
[App Paths] :HKLM ICWCONN2.EXE="C:\Program Files\Internet Explorer\Connection
Wizard\ICWCONN2.EXE"
### ICWCONN2.EXE Internet Connection Wizard Microsoft Corporation Microsoft® Win
[App Paths] :HKLM IEXPLORE.EXE=C:\Program Files\Internet Explorer\IEXPLORE.EXE
### IEXPLORE.EXE Internet Explorer Microsoft Corporation Windows® Internet Explo
rer 8.00.6001.18702
[App Paths] :HKLM INETWIZ.EXE="C:\Program Files\Internet Explorer\Connection W
izard\INETWIZ.EXE"
### INETWIZ.EXE Internet Connection Wizard Microsoft Corporation Microsoft® Wind
ows® Operating System 6.00.2900.5512
[App Paths] :HKLM install.exe
### install.exe
[App Paths] :HKLM ISIGNUP.EXE="C:\Program Files\Internet Explorer\Connection W
izard\ISIGNUP.EXE"
### ISIGNUP.EXE Internet Signup Microsoft Corporation Microsoft® Windows® Operatin
g System 6.00.2600.0000
[App Paths] :HKLM migwiz.exe=%SystemRoot%\system32\usmt\migwiz.exe
### migwiz.exe
[App Paths] :HKLM moviemk.exe=C:\Program Files\Movie Maker\moviemk.exe
### moviemk.exe Windows Movie Maker Microsoft Corporation Windows Movie Maker
2.0.3312.0
[App Paths] :HKLM mplayer2.exe="C:\Program Files\Windows Media Player\mplayer2
.exe"
### mplayer2.exe Windows Media Player Microsoft Corporation Microsoft Windows
Media Player 6.4.09.1125
[App Paths] :HKLM MSCONFIG.EXE=C:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\MSCONFIG.E
XE
### MSCONFIG.EXE System Configuration Utility Microsoft Corporation Microsoft® W
indows® Operating System 5.1.2600.5512
[App Paths] :HKLM msimn.exe=%ProgramFiles%\Outlook Express\msimn.exe
### msimn.exe
[App Paths] :HKLM msinfo32.exe=C:\Program Files\Common Files\Microsoft Shared\
MSInfo\MSInfo32.exe
### msinfo32.exe System Information Microsoft Corporation Microsoft® Windows® Oper
ating System 5.1.2600.0
[App Paths] :HKLM MuchTV=C:\Program Files\MuchTV\MuchTV
### MuchTV
[App Paths] :HKLM pbrush.exe=%SystemRoot%\system32\mspaint.exe
### pbrush.exe
[App Paths] :HKLM pinball.exe=C:\Program Files\Windows NT\Pinball\pinball.exe
### pinball.exe 3D Pinball Cinematronics 3D Pinball 5.1.2600.5512
[App Paths] :HKLM regrun2.exe=C:\PROGRA~1\Greatis\REGRUN~1\regrun2.exe
### regrun2.exe RegRun Start Control Greatis Software RegRun Security Suite 6.
99 release
[App Paths] :HKLM rvsezm.exe=C:\Program Files\MSN Gaming Zone\Windows\rvsezm.e
xe
### rvsezm.exe Zone Datafile Microsoft Corporation Zone.com 1.2.626.1
[App Paths] :HKLM sed.exe=C:\PROGRA~1\Greatis\REGRUN~1\sed.exe
### sed.exe System Files Editor Greatis Software RegRun Security Suite 6.9
[App Paths] :HKLM setup.exe
### setup.exe
[App Paths] :HKLM shvlzm.exe=C:\Program Files\MSN Gaming Zone\Windows\shvlzm.e
xe
### shvlzm.exe Zone Datafile Microsoft Corporation Zone.com 1.2.626.1
[App Paths] :HKLM table30.exe
### table30.exe
[App Paths] :HKLM wab.exe=%ProgramFiles%\Outlook Express\wab.exe
### wab.exe
[App Paths] :HKLM wabmig.exe=%ProgramFiles%\Outlook Express\wabmig.exe
### wabmig.exe
[App Paths] :HKLM winamp.exe=C:\Program Files\Winamp\winamp.exe
### winamp.exe Winamp Nullsoft, Inc. Winamp 5.5.8.2985
[App Paths] :HKLM winnt32.exe
### winnt32.exe
[App Paths] :HKLM winzip.exe=C:\Program Files\WinZip\winzip32.exe
### winzip.exe WinZip WinZip Computing, S.L. WinZip 14.5 (9095)
[App Paths] :HKLM winzip32.exe=C:\Program Files\WinZip\winzip32.exe
### winzip32.exe WinZip WinZip Computing, S.L. WinZip 14.5 (9095)
[App Paths] :HKLM wmplayer.exe=C:\Program Files\Windows Media Player\wmplayer.
exe
### wmplayer.exe Windows Media Player Microsoft Corporation Microsoft(R) Windo
ws Media Player 9.00.00.4503
[App Paths] :HKLM WORDPAD.EXE=C:\PROGRAM FILES\WINDOWS NT\ACCESSORIES\WORDPAD.
EXE
### WORDPAD.EXE WordPad MFC Application Microsoft Corporation Microsoft® Windows®
[App Paths] :HKLM WRITE.EXE="%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE
"
### WRITE.EXE
[App Paths] :HKLM Y:
### Y:
[Prevents Display in Control Panel from running.] :HKCU NoDispCpl=0
[Disable Registry Tools] :HKCU DisableRegistryTools =0
[SharedTaskScheduler] :HKLM {438755C2-A8BA-11D1-B96B-00A0C90312E1}=C:\WINDOWS\
SYSTEM32\BROWSEUI.DLL
### Shell Browser UI Library Microsoft Corporation Microsoft® Windows® Operating S
ystem 6.00.2900.5512
[SharedTaskScheduler] :HKLM {8C7461EF-2B13-11d2-BE35-3078302C2030}=C:\WINDOWS\
SYSTEM32\BROWSEUI.DLL
ystem 6.00.2900.5512
[Print Monitors] :HKLM BJ Language Monitor=C:\WINDOWS\system32\CNBJMON.DLL
### Langage Monitor for Canon Bubble-Jet Printer Microsoft Corporation Microso
ft® Windows® Operating System 5.1.2600.2082
[Print Monitors] :HKLM Local Port=C:\WINDOWS\system32\LOCALSPL.DLL
### Local Spooler DLL Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Print Monitors] :HKLM LogMeIn Printer Port Monitor=C:\WINDOWS\system32\LMIPOR
T.DLL
### RemotelyAnywhere Printer Port Monitor LogMeIn, Inc. RemotelyAnywhere 9.0.1
556
[Print Monitors] :HKLM PJL Language Monitor=C:\WINDOWS\system32\PJLMON.DLL
### PJL Language monitor Microsoft Corporation Microsoft® Windows® Operating Syste
m 5.1.2600.5512
[Print Monitors] :HKLM Standard TCP/IP Port=C:\WINDOWS\system32\TCPMON.DLL
### Standard TCP/IP Port Monitor DLL Microsoft Corporation Microsoft® Windows® Ope
[Print Monitors] :HKLM USB Monitor=C:\WINDOWS\system32\USBMON.DLL
### Standard Dynamic Printing Port Monitor DLL Microsoft Corporation Microsoft®
Windows® Operating System 5.1.2600.5512
[Shell Icon Overlay Handlers] :HKLM Offline Files=C:\WINDOWS\SYSTEM32\CSCUI.DL
L
### Client Side Caching UI Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Context Menu Handlers] :HKLM avast=C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\ASH
SHELL.DLL
### avast! Shell Extension AVAST Software avast! Antivirus 5, 0, 0, 0
[Context Menu Handlers] :HKLM Offline Files=C:\WINDOWS\SYSTEM32\CSCUI.DLL
tem 5.1.2600.5512
[Context Menu Handlers] :HKLM Open With=C:\WINDOWS\SYSTEM32\SHELL32.DLL
ystem 6.00.2900.5512
[Context Menu Handlers] :HKLM Open With EncryptionMenu=C:\WINDOWS\SYSTEM32\SHE
LL32.DLL
ystem 6.00.2900.5512
[Context Menu Handlers] :HKLM TeraCopy=C:\PROGRAM FILES\TERACOPY\TERACOPYEXT.D
LL
[Context Menu Handlers] :HKLM WinRAR=C:\PROGRAM FILES\WINRAR\RAREXT.DLL
[Context Menu Handlers] :HKLM WinZip=C:\PROGRAM FILES\WINZIP\WZSHLSTB.DLL
### WinZip Shell Extension DLL WinZip Computing, Inc. WinZip 9.0 (6028)
[Context Menu Handlers] :HKLM {a2a9545d-a0c2-42b4-9708-a0b2badd77c8}=C:\WINDOW
S\SYSTEM32\SHELL32.DLL
ystem 6.00.2900.5512
[Kernel Auto Boot]
[ActiveSetup] Network Connection ID:>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}=C:
\WINDOWS\INF\UNREGMP2.EXE
### Microsoft Windows Media Player Setup Utility Microsoft Corporation Microso
ft(R) Windows Media Player 9.00.00.4503
[Svchost DLLs] :HKLM HTTPFilter=C:\WINDOWS\SYSTEM32\W3SSL.DLL
### SSL service for HTTP Microsoft Corporation Internet Information Services 6
.0.2600.5512
[Svchost DLLs] :HKLM Alerter=C:\WINDOWS\SYSTEM32\ALRSVC.DLL
### Alerter Service DLL Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Svchost DLLs] :HKLM WebClient=C:\WINDOWS\SYSTEM32\WEBCLNT.DLL
### Web DAV Service DLL Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Svchost DLLs] :HKLM LmHosts=C:\WINDOWS\SYSTEM32\LMHSVC.DLL
### TCPIP NetBios Transport Services DLL Microsoft Corporation Microsoft® Window
[Svchost DLLs] :HKLM RemoteRegistry=C:\WINDOWS\SYSTEM32\REGSVC.DLL
### Remote Registry Service Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Svchost DLLs] :HKLM upnphost=C:\WINDOWS\SYSTEM32\UPNPHOST.DLL
### UPnP Device Host Microsoft Corporation Microsoft® Windows® Operating System 5.
1.2600.5512
[Svchost DLLs] :HKLM SSDPSRV=C:\WINDOWS\SYSTEM32\SSDPSRV.DLL
### SSDP Service DLL Microsoft Corporation Microsoft® Windows® Operating System 5.
1.2600.5512
[Svchost DLLs] :HKLM DnsCache=C:\WINDOWS\SYSTEM32\DNSRSLVR.DLL
### DNS Caching Resolver Service Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Svchost DLLs] :HKLM 6to4
[Svchost DLLs] :HKLM AppMgmt=C:\WINDOWS\SYSTEM32\APPMGMTS.DLL
### Software installation Service Microsoft Corporation Microsoft® Windows® Operat
ing System 5.1.2600.5512
[Svchost DLLs] :HKLM AudioSrv=C:\WINDOWS\SYSTEM32\AUDIOSRV.DLL
### Windows Audio Service Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Svchost DLLs] :HKLM Browser=C:\WINDOWS\SYSTEM32\BROWSER.DLL
### Computer Browser Service DLL Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Svchost DLLs] :HKLM CryptSvc=C:\WINDOWS\SYSTEM32\CRYPTSVC.DLL
### Cryptographic Services Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Svchost DLLs] :HKLM DMServer=C:\WINDOWS\SYSTEM32\DMSERVER.DLL
### Logical Disk Manager service dll Microsoft Corp. Logical Disk Manager for
Windows NT 1.0
[Svchost DLLs] :HKLM DHCP=C:\WINDOWS\SYSTEM32\DHCPCSVC.DLL
### DHCP Client Service Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Svchost DLLs] :HKLM ERSvc=C:\WINDOWS\SYSTEM32\ERSVC.DLL
### Windows Error Reporting Service Microsoft Corporation Microsoft® Windows® Oper
[Svchost DLLs] :HKLM EventSystem=C:\WINDOWS\SYSTEM32\ES.DLL
### Microsoft Corporation COM Services 03.00.00.4414
[Svchost DLLs] :HKLM FastUserSwitchingCompatibility=C:\WINDOWS\SYSTEM32\SHSVCS
.DLL
### Windows Shell Services Dll Microsoft Corporation Microsoft® Windows® Operating
System 6.00.2900.5512
[Svchost DLLs] :HKLM HidServ=%SystemRoot%\System32\hidserv.dll
[Svchost DLLs] :HKLM Ias
[Svchost DLLs] :HKLM Iprip
[Svchost DLLs] :HKLM Irmon
[Svchost DLLs] :HKLM LanmanServer=C:\WINDOWS\SYSTEM32\SRVSVC.DLL
### Server Service DLL Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Svchost DLLs] :HKLM LanmanWorkstation=C:\WINDOWS\SYSTEM32\WKSSVC.DLL
### Workstation Service DLL Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Svchost DLLs] :HKLM Messenger=C:\WINDOWS\SYSTEM32\MSGSVC.DLL
### NT Messenger Service Microsoft Corporation Microsoft® Windows® Operating Syste
m 5.1.2600.5512
[Svchost DLLs] :HKLM Netman=C:\WINDOWS\SYSTEM32\NETMAN.DLL
### Network Connections Manager Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
[Svchost DLLs] :HKLM Nla=C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
[Svchost DLLs] :HKLM Ntmssvc=C:\WINDOWS\SYSTEM32\NTMSSVC.DLL
### Removable Storage Manager Microsoft Corporation Microsoft® Windows Whistler® O
[Svchost DLLs] :HKLM NWCWorkstation
[Svchost DLLs] :HKLM Nwsapagent
[Svchost DLLs] :HKLM Rasauto=C:\WINDOWS\SYSTEM32\RASAUTO.DLL
### Remote Access AutoDial Manager Microsoft Corporation Microsoft® Windows® Opera
ting System 5.1.2600.5512
[Svchost DLLs] :HKLM Rasman=C:\WINDOWS\SYSTEM32\RASMANS.DLL
### Remote Access Connection Manager Microsoft Corporation Microsoft® Windows® Ope
[Svchost DLLs] :HKLM Remoteaccess=C:\WINDOWS\SYSTEM32\MPRDIM.DLL
### Dynamic Interface Manager Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Svchost DLLs] :HKLM Schedule=C:\WINDOWS\SYSTEM32\SCHEDSVC.DLL
### Task Scheduler Engine Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Svchost DLLs] :HKLM Seclogon=C:\WINDOWS\SYSTEM32\SECLOGON.DLL
### Secondary Logon Service DLL Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
[Svchost DLLs] :HKLM SENS=C:\WINDOWS\SYSTEM32\SENS.DLL
### System Event Notification Service (SENS) Microsoft Corporation Microsoft® Wi
[Svchost DLLs] :HKLM Sharedaccess=C:\WINDOWS\SYSTEM32\IPNATHLP.DLL
### Microsoft NAT Helper Components Microsoft Corporation Microsoft® Windows® Oper
[Svchost DLLs] :HKLM SRService=C:\WINDOWS\SYSTEM32\SRSVC.DLL
### System Restore Service Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Svchost DLLs] :HKLM Tapisrv=C:\WINDOWS\SYSTEM32\TAPISRV.DLL
### Microsoft® Windows(TM) Telephony Server Microsoft Corporation Microsoft® Windo
ws® Operating System 5.1.2600.5512
[Svchost DLLs] :HKLM Themes=C:\WINDOWS\SYSTEM32\SHSVCS.DLL
System 6.00.2900.5512
[Svchost DLLs] :HKLM TrkWks=C:\WINDOWS\SYSTEM32\TRKWKS.DLL
### Distributed Link Tracking Client Microsoft Corporation Microsoft® Windows® Ope
[Svchost DLLs] :HKLM W32Time=C:\WINDOWS\SYSTEM32\W32TIME.DLL
### Windows Time Service Microsoft Corporation Microsoft® Windows® Operating Syste
m 5.1.2600.5512
[Svchost DLLs] :HKLM WZCSVC=C:\WINDOWS\SYSTEM32\WZCSVC.DLL
### Wireless Zero Configuration Service Microsoft Corporation Microsoft® Windows®
[Svchost DLLs] :HKLM Wmi=C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
### Advanced Windows 32 Base API Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Svchost DLLs] :HKLM WmdmPmSp
[Svchost DLLs] :HKLM winmgmt=C:\WINDOWS\SYSTEM32\WBEM\WMISVC.DLL
### WMI Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Svchost DLLs] :HKLM wscsvc=C:\WINDOWS\SYSTEM32\WSCSVC.DLL
### Windows Security Center Service Microsoft Corporation Microsoft® Windows® Oper
[Svchost DLLs] :HKLM xmlprov=C:\WINDOWS\SYSTEM32\XMLPROV.DLL
### Network Provisioning Service Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Svchost DLLs] :HKLM napagent=C:\WINDOWS\SYSTEM32\QAGENTRT.DLL
### Quarantine Agent Service Run-Time Microsoft Corporation Microsoft® Windows® Op
erating System 5.1.2600.5512
[Svchost DLLs] :HKLM hkmsvc=C:\WINDOWS\SYSTEM32\KMSVC.DLL
### Key Management Service Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Svchost DLLs] :HKLM BITS=C:\WINDOWS\SYSTEM32\QMGR.DLL
### Background Intelligent Transfer Service Microsoft Corporation Microsoft® Win
[Svchost DLLs] :HKLM wuauserv=C:\WINDOWS\SYSTEM32\WUAUSERV.DLL
### Windows Update AutoUpdate Service Microsoft Corporation Microsoft® Windows® Op
[Svchost DLLs] :HKLM ShellHWDetection=C:\WINDOWS\SYSTEM32\SHSVCS.DLL
System 6.00.2900.5512
[Svchost DLLs] :HKLM helpsvc=C:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\PCHSVC.DLL
### Microsoft PCHealth Service Holder Microsoft Corporation Microsoft® Windows® Op
[Svchost DLLs] :HKLM WmdmPmSN=C:\WINDOWS\SYSTEM32\MSPMSNSV.DLL
### Microsoft Media Device Service Provider Microsoft Corporation Windows Medi
a Device Manager 10.0.3790.3802
[Svchost DLLs] :HKLM DcomLaunch=C:\WINDOWS\SYSTEM32\RPCSS.DLL
### Distributed COM Services Microsoft Corporation Microsoft® Windows® Operating S
ystem 5.1.2600.5512
[Svchost DLLs] :HKLM TermService=C:\WINDOWS\SYSTEM32\TERMSRV.DLL
### Terminal Server Service Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Svchost DLLs] :HKLM RpcSs=C:\WINDOWS\SYSTEM32\RPCSS.DLL
ystem 5.1.2600.5512
[Svchost DLLs] :HKLM eaphost=C:\WINDOWS\SYSTEM32\EAPSVC.DLL
### Microsoft EAPHost service Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Svchost DLLs] :HKLM dot3svc=C:\WINDOWS\SYSTEM32\DOT3SVC.DLL
### Wired AutoConfig Service Microsoft Corporation Microsoft® Windows® Operating S
ystem 5.1.2600.5512
[Svchost DLLs] :HKLM StiSvc=C:\WINDOWS\SYSTEM32\WIASERVC.DLL
### Still Image Devices Service Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
[Svchost DLLs] :HKLM lqqtfxkj=C:\WINDOWS\SYSTEM32\RFTVXC.DLL
[Bootexecute] :HKLM BootExecute=autocheck autochk *
Partizan
[Winlogon System] :HKLM system=""
[Winlogon System] :HKLM taskman=""
[Winlogon System] :HKLM UIHost=C:\WINDOWS\system32\LOGONUI.EXE
### Windows Logon UI Microsoft Corporation Microsoft® Windows® Operating System 6.
00.2900.5512
[Winlogon Autostart] :HKLM VmApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl
"
[Winlogon Autostart] :HKLM AppSetup=""
[KnownDLLs] :HKLM advapi32=advapi32.dll
[KnownDLLs] :HKLM comdlg32=comdlg32.dll
[KnownDLLs] :HKLM DllDirectory=%SystemRoot%\system32
[KnownDLLs] :HKLM gdi32=gdi32.dll
[KnownDLLs] :HKLM imagehlp=imagehlp.dll
[KnownDLLs] :HKLM kernel32=kernel32.dll
[KnownDLLs] :HKLM lz32=lz32.dll
[KnownDLLs] :HKLM ole32=ole32.dll
[KnownDLLs] :HKLM oleaut32=oleaut32.dll
[KnownDLLs] :HKLM olecli32=olecli32.dll
[KnownDLLs] :HKLM olecnv32=olecnv32.dll
[KnownDLLs] :HKLM olesvr32=olesvr32.dll
[KnownDLLs] :HKLM olethk32=olethk32.dll
[KnownDLLs] :HKLM rpcrt4=rpcrt4.dll
[KnownDLLs] :HKLM shell32=shell32.dll
[KnownDLLs] :HKLM url=url.dll
[KnownDLLs] :HKLM urlmon=urlmon.dll
[KnownDLLs] :HKLM user32=user32.dll
[KnownDLLs] :HKLM version=version.dll
[KnownDLLs] :HKLM wininet=wininet.dll
[KnownDLLs] :HKLM wldap32=wldap32.dll
[Environment - Path] :HKLM Path=%SystemRoot%\system32;%SystemRoot%;%SystemRoot
%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program
Files\QuickTime\QTSystem\;C:\Program Files\Pinnacle\Shared Files\;C:\Program Fi
les\Pinnacle\Shared Files\Filter\
[List of Injected DLLs] :HKLM AppInit_DLLs=""
[LSA Notification Packages] :HKLM scecli=C:\WINDOWS\system32\SCECLI.DLL
### scecli Windows Security Configuration Editor Client Engine Microsoft Corpo
ration Microsoft® Windows® Operating System 5.1.2600.5512
[LSA Security Packages] :HKLM kerberos=C:\WINDOWS\system32\KERBEROS.DLL
### kerberos Kerberos Security Package Microsoft Corporation Microsoft® Windows® O
[LSA Security Packages] :HKLM msv1_0=C:\WINDOWS\system32\MSV1_0.DLL
### msv1_0 Microsoft Authentication Package v1.0 Microsoft Corporation Microso
[LSA Security Packages] :HKLM schannel=C:\WINDOWS\system32\SCHANNEL.DLL
### schannel TLS / SSL Security Provider Microsoft Corporation Microsoft® Window
[LSA Security Packages] :HKLM wdigest=C:\WINDOWS\system32\WDIGEST.DLL
### wdigest Microsoft Digest Access Microsoft Corporation Microsoft® Windows® Oper
[Auto Services] Ati HotKey Poller
### Internal Name: Ati HotKey Poller. Status: service running. Actual File: C:
\WINDOWS\system32\Ati2evxx.exe * ATI External Event Utility EXE Module ATI Tech
nologies Inc. ATI External Event Utility for Windows 6.14.10.4235
[Auto Services] AudioSrv
### Internal Name: AudioSrv. Status: service running. Actual File: C:\WINDOWS\
System32\svchost.exe -k netsvcs * Manages audio devices for Windows-based progra
ms. If this service is stopped, audio devices and effects will not function prop
erly. If this service is disabled, any services that explicitly depend on it wil
l fail to start. Generic Host Process for Win32 Services Microsoft Corporation M
icrosoft® Windows® Operating System 5.1.2600.5512
[Auto Services] avast! Antivirus
### Internal Name: avast! Antivirus. Status: service running. Actual File: "C:
\Program Files\Alwil Software\Avast5\AvastSvc.exe" * Manages and implements avas
t! antivirus services for this computer. This includes the resident protection,
the virus chest and the scheduler. avast! Service AVAST Software avast! Antiviru
s 5, 0, 0, 0
[Auto Services] Browser
### Internal Name: Browser. Status: service running. Actual File: C:\WINDOWS\s
ystem32\svchost.exe -k netsvcs * Maintains an updated list of computers on the n
etwork and supplies this list to computers designated as browsers. If this servi
ce is stopped, this list will not be updated or maintained. If this service is d
isabled, any services that explicitly depend on it will fail to start. Generic H
ost Process for Win32 Services Microsoft Corporation Microsoft® Windows® Operating S
ystem 5.1.2600.5512
[Auto Services] CryptSvc
### Internal Name: CryptSvc. Status: service running. Actual File: C:\WINDOWS\
system32\svchost.exe -k netsvcs * Provides three management services: Catalog Da
tabase Service, which confirms the signatures of Windows files; Protected Root S
ervice, which adds and removes Trusted Root Certification Authority certificates
from this computer; and Key Service, which helps enroll this computer for certi
ficates. If this service is stopped, these management services will not function
properly. If this service is disabled, any services that explicitly depend on i
t will fail to start. Generic Host Process for Win32 Services Microsoft Corporat
[Auto Services] DcomLaunch
### Internal Name: DcomLaunch. Status: service running. Actual File: C:\WINDOW
S\system32\svchost -k DcomLaunch * Provides launch functionality for DCOM servic
es. Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Windo
[Auto Services] Dhcp
### Internal Name: Dhcp. Status: service running. Actual File: C:\WINDOWS\syst
em32\svchost.exe -k netsvcs * Manages network configuration by registering and u
pdating IP addresses and DNS names. Generic Host Process for Win32 Services Micr
osoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Auto Services] dmserver
### Internal Name: dmserver. Status: service running. Actual File: C:\WINDOWS\
System32\svchost.exe -k netsvcs * Detects and monitors new hard disk drives and
sends disk volume information to Logical Disk Manager Administrative Service for
configuration. If this service is stopped, dynamic disk status and configuratio
n information may become out of date. If this service is disabled, any services
that explicitly depend on it will fail to start. Generic Host Process for Win32
Services Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Auto Services] Dnscache
### Internal Name: Dnscache. Status: service running. Actual File: C:\WINDOWS\
system32\svchost.exe -k NetworkService * Resolves and caches Domain Name System
(DNS) names for this computer. If this service is stopped, this computer will no
t be able to resolve DNS names and locate Active Directory domain controllers. I
f this service is disabled, any services that explicitly depend on it will fail
to start. Generic Host Process for Win32 Services Microsoft Corporation Microsof
[Auto Services] Eventlog
### Internal Name: Eventlog. Status: service running. Actual File: C:\WINDOWS\
system32\services.exe * Enables event log messages issued by Windows-based progr
ams and components to be viewed in Event Viewer. This service cannot be stopped.
Services and Controller app Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Auto Services] helpsvc
### Internal Name: helpsvc. Status: service running. Actual File: C:\WINDOWS\S
ystem32\svchost.exe -k netsvcs * Enables Help and Support Center to run on this
computer. If this service is stopped, Help and Support Center will be unavailabl
e. If this service is disabled, any services that explicitly depend on it will f
ail to start. Generic Host Process for Win32 Services Microsoft Corporation Micr
osoft® Windows® Operating System 5.1.2600.5512
[Auto Services] HidServ
### Internal Name: HidServ. Status: service running. Actual File: C:\WINDOWS\S
ystem32\svchost.exe -k netsvcs * Enables generic input access to Human Interface
Devices (HID), which activates and maintains the use of predefined hot buttons
on keyboards, remote controls, and other multimedia devices. If this service is
stopped, hot buttons controlled by this service will no longer function. If this
service is disabled, any services that explicitly depend on it will fail to sta
rt. Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Windo
[Auto Services] JavaQuickStarterService
### Internal Name: JavaQuickStarterService. Status: service running. Actual Fi
le: "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\
Java\jre6\lib\deploy\jqs\jqs.conf" * Prefetches JRE files for faster startup of
Java applets and applications Java(TM) Quick Starter Service Sun Microsystems, I
nc. Java(TM) Platform SE 6 U20 6.0.200.2
[Auto Services] LanmanServer
### Internal Name: LanmanServer. Status: service running. Actual File: C:\WIND
OWS\system32\svchost.exe -k netsvcs * Supports file, print, and named-pipe shari
ng over the network for this computer. If this service is stopped, these functio
ns will be unavailable. If this service is disabled, any services that explicitl
y depend on it will fail to start. Generic Host Process for Win32 Services Micro
soft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Auto Services] lanmanworkstation
### Internal Name: lanmanworkstation. Status: service running. Actual File: C:
\WINDOWS\system32\svchost.exe -k netsvcs * Creates and maintains client network
connections to remote servers. If this service is stopped, these connections wil
l be unavailable. If this service is disabled, any services that explicitly depe
nd on it will fail to start. Generic Host Process for Win32 Services Microsoft C
orporation Microsoft® Windows® Operating System 5.1.2600.5512
[Auto Services] LmHosts
### Internal Name: LmHosts. Status: service running. Actual File: C:\WINDOWS\s
ystem32\svchost.exe -k LocalService * Enables support for NetBIOS over TCP/IP (N
etBT) service and NetBIOS name resolution. Generic Host Process for Win32 Servic
es Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Auto Services] LMIGuardianSvc
### Internal Name: LMIGuardianSvc. Status: service running. Actual File: "C:\P
rogram Files\LogMeIn\x86\LMIGuardianSvc.exe" * Support LogMeIn processes with qu
ality assurance feedback LMIGuardianSvc LogMeIn, Inc. LMIGuardianSvc 8.1.804
[Auto Services] LMIMaint
### Internal Name: LMIMaint. Status: service running. Actual File: "C:\Program
Files\LogMeIn\x86\RaMaint.exe" * LogMeIn Maintenance Service LogMeIn, Inc. Log
MeIn 4.1.1556
[Auto Services] LogMeIn
### Internal Name: LogMeIn. Status: service running. Actual File: "C:\Program
Files\LogMeIn\x86\LogMeIn.exe" * LogMeIn LogMeIn, Inc. LogMeIn 3.0.596
[Auto Services] lqqtfxkj
### Internal Name: lqqtfxkj. Status: service stopped. Actual File: C:\WINDOWS\
system32\svchost.exe -k netsvcs * Allows error reporting for services and applic
tions running in non-standard environments. Generic Host Process for Win32 Servi
ces Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Auto Services] PlugPlay
### Internal Name: PlugPlay. Status: service running. Actual File: C:\WINDOWS\
system32\services.exe * Enables a computer to recognize and adapt to hardware ch
anges with little or no user input. Stopping or disabling this service will resu
lt in system instability. Services and Controller app Microsoft Corporation Micr
[Auto Services] PolicyAgent
### Internal Name: PolicyAgent. Status: service running. Actual File: C:\WINDO
WS\system32\lsass.exe * Manages IP security policy and starts the ISAKMP/Oakley
(IKE) and the IP security driver. LSA Shell (Export Version) Microsoft Corporati
[Auto Services] ProtectedStorage
### Internal Name: ProtectedStorage. Status: service running. Actual File: C:\
WINDOWS\system32\lsass.exe * Provides protected storage for sensitive data, such
as private keys, to prevent access by unauthorized services, processes, or user
s. LSA Shell (Export Version) Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Auto Services] RemoteRegistry
### Internal Name: RemoteRegistry. Status: service running. Actual File: C:\WI
NDOWS\system32\svchost.exe -k LocalService * Enables remote users to modify regi
stry settings on this computer. If this service is stopped, the registry can be
modified only by users on this computer. If this service is disabled, any servic
es that explicitly depend on it will fail to start. Generic Host Process for Win
32 Services Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Auto Services] RichVideo
### Internal Name: RichVideo. Status: service running. Actual File: "C:\Progra
m Files\CyberLink\Shared files\RichVideo.exe" * RichVideo Module RichVideo Modu
le 2.0.2807
[Auto Services] RpcSs
### Internal Name: RpcSs. Status: service running. Actual File: C:\WINDOWS\sys
tem32\svchost -k rpcss * Provides the endpoint mapper and other miscellaneous RP
C services. Generic Host Process for Win32 Services Microsoft Corporation Micros
[Auto Services] SamSs
### Internal Name: SamSs. Status: service running. Actual File: C:\WINDOWS\sys
tem32\lsass.exe * Stores security information for local user accounts. LSA Shell
(Export Version) Microsoft Corporation Microsoft® Windows® Operating System 5.1.260
0.5512
[Auto Services] Schedule
### Internal Name: Schedule. Status: service running. Actual File: C:\WINDOWS\
System32\svchost.exe -k netsvcs * Enables a user to configure and schedule autom
ated tasks on this computer. If this service is stopped, these tasks will not be
run at their scheduled times. If this service is disabled, any services that ex
plicitly depend on it will fail to start. Generic Host Process for Win32 Service
s Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Auto Services] seclogon
### Internal Name: seclogon. Status: service running. Actual File: C:\WINDOWS\
System32\svchost.exe -k netsvcs * Enables starting processes under alternate cre
dentials. If this service is stopped, this type of logon access will be unavaila
ble. If this service is disabled, any services that explicitly depend on it will
fail to start. Generic Host Process for Win32 Services Microsoft Corporation Mi
[Auto Services] SENS
### Internal Name: SENS. Status: service running. Actual File: C:\WINDOWS\syst
em32\svchost.exe -k netsvcs * Tracks system events such as Windows logon, networ
k, and power events. Notifies COM+ Event System subscribers of these events. Ge
neric Host Process for Win32 Services Microsoft Corporation Microsoft® Windows® Oper
[Auto Services] ShellHWDetection
### Internal Name: ShellHWDetection. Status: service running. Actual File: C:\
WINDOWS\System32\svchost.exe -k netsvcs * Provides notifications for AutoPlay ha
rdware events. Generic Host Process for Win32 Services Microsoft Corporation Mic
rosoft® Windows® Operating System 5.1.2600.5512
[Auto Services] Spooler
### Internal Name: Spooler. Status: service running. Actual File: C:\WINDOWS\s
ystem32\spoolsv.exe * Loads files to memory for later printing. Spooler SubSyste
m App Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Auto Services] stisvc
### Internal Name: stisvc. Status: service running. Actual File: C:\WINDOWS\sy
stem32\svchost.exe -k imgsvc * Provides image acquisition services for scanners
and cameras. Generic Host Process for Win32 Services Microsoft Corporation Micro
[Auto Services] Themes
### Internal Name: Themes. Status: service running. Actual File: C:\WINDOWS\Sy
stem32\svchost.exe -k netsvcs * Provides user experience theme management. Gener
ic Host Process for Win32 Services Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Auto Services] TrkWks
### Internal Name: TrkWks. Status: service running. Actual File: C:\WINDOWS\sy
stem32\svchost.exe -k netsvcs * Maintains links between NTFS files within a comp
uter or across computers in a network domain. Generic Host Process for Win32 Ser
vices Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Auto Services] UMWdf
### Internal Name: UMWdf. Status: service running. Actual File: C:\WINDOWS\sys
tem32\wdfmgr.exe * Enables Windows user mode drivers. Windows User Mode Driver M
anager Microsoft Corporation Microsoft® Windows® Operating System 5.2.3790.1230
[Auto Services] W32Time
### Internal Name: W32Time. Status: service running. Actual File: C:\WINDOWS\S
ystem32\svchost.exe -k netsvcs * Maintains date and time synchronization on all
clients and servers in the network. If this service is stopped, date and time sy
nchronization will be unavailable. If this service is disabled, any services tha
t explicitly depend on it will fail to start.
Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Windows® O
[Auto Services] WebClient
### Internal Name: WebClient. Status: service running. Actual File: C:\WINDOWS
\system32\svchost.exe -k LocalService * Enables Windows-based programs to create
, access, and modify Internet-based files. If this service is stopped, these fun
ctions will not be available. If this service is disabled, any services that exp
licitly depend on it will fail to start. Generic Host Process for Win32 Services
Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Auto Services] winmgmt
### Internal Name: winmgmt. Status: service running. Actual File: C:\WINDOWS\s
ystem32\svchost.exe -k netsvcs * Provides a common interface and object model to
access management information about operating system, devices, applications and
services. If this service is stopped, most Windows-based software will not func
tion properly. If this service is disabled, any services that explicitly depend
on it will fail to start. Generic Host Process for Win32 Services Microsoft Corp
oration Microsoft® Windows® Operating System 5.1.2600.5512
[Auto Services] WZCSVC
### Internal Name: WZCSVC. Status: service running. Actual File: C:\WINDOWS\Sy
stem32\svchost.exe -k netsvcs * Provides automatic configuration for the 802.11
adapters Generic Host Process for Win32 Services Microsoft Corporation Microsoft®
[Drivers] ntkrnlpa.exe=C:\WINDOWS\SYSTEM32\NTKRNLPA.EXE
### NT Kernel & System Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Drivers] hal.dll=C:\WINDOWS\SYSTEM32\HAL.DLL
### Hardware Abstraction Layer DLL Microsoft Corporation Microsoft® Windows® Opera
[Drivers] KDCOM.DLL=C:\WINDOWS\SYSTEM32\KDCOM.DLL
### Kernel Debugger HW Extension DLL Microsoft Corporation Microsoft® Windows® Ope
[Drivers] BOOTVID.dll=C:\WINDOWS\SYSTEM32\BOOTVID.DLL
### VGA Boot Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1
.2600.0
[Drivers] sppl.sys=sppl.sys
[Drivers] WMILIB.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\WMILIB.SYS
### WMILIB WMI support library Dll Microsoft Corporation Microsoft® Windows® Opera
[Drivers] SCSIPORT.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\SCSIPORT.SYS
### SCSI Port Driver Microsoft Corporation Microsoft® Windows® Operating System 5.
1.2600.5512
[Drivers] imagesrv.sys=C:\WINDOWS\system32\DRIVERS\imagesrv.sys
### Nero Image Server Ahead Software AG Nero ImageDrive 2.27.0.0
[Drivers] Partizan.sys=C:\WINDOWS\system32\DRIVERS\Partizan.sys
### Partizan - Rootkit detector Greatis Software RegRun Security Suite 6, 8, 0
, 0
[Drivers] ACPI.sys=C:\WINDOWS\system32\DRIVERS\ACPI.sys
### ACPI Driver for NT Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Drivers] isapnp.sys=C:\WINDOWS\system32\DRIVERS\isapnp.sys
### PNP ISA Bus Driver Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Drivers] pci.sys=C:\WINDOWS\system32\DRIVERS\pci.sys
### NT Plug and Play PCI Enumerator Microsoft Corporation Microsoft® Windows® Oper
[Drivers] pciide.sys=C:\WINDOWS\system32\DRIVERS\pciide.sys
### Generic PCI IDE Bus Driver Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.0
[Drivers] PCIIDEX.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDEX.SYS
### PCI IDE Bus Driver Extension Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Drivers] MountMgr.sys=C:\WINDOWS\system32\DRIVERS\MountMgr.sys
### Mount Manager Microsoft Corporation Microsoft® Windows® Operating System 5.1.2
600.5512
[Drivers] ftdisk.sys=C:\WINDOWS\system32\DRIVERS\ftdisk.sys
### FT Disk Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.
2600.0
[Drivers] dmload.sys=C:\WINDOWS\system32\DRIVERS\dmload.sys
### NT Disk Manager Startup Driver Microsoft Corp., Veritas Software. Logical
Disk Manager for Windows NT 1.0
[Drivers] dmio.sys=C:\WINDOWS\system32\DRIVERS\dmio.sys
### NT Disk Manager I/O Driver Microsoft Corp., Veritas Software VERITAS® NT Dis
k Manager 1.0
[Drivers] PartMgr.sys=C:\WINDOWS\system32\DRIVERS\PartMgr.sys
### Partition Manager Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Drivers] VolSnap.sys=C:\WINDOWS\system32\DRIVERS\VolSnap.sys
### Volume Shadow Copy Driver Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Drivers] atapi.sys=C:\WINDOWS\system32\DRIVERS\atapi.sys
### IDE/ATAPI Port Driver Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Drivers] nvata.sys=C:\WINDOWS\system32\DRIVERS\nvata.sys
### NVIDIA® nForce(TM) IDE Performance Driver NVIDIA Corporation NVIDIA nForce(T
M) IDE Driver 5.10.2600.0692
[Drivers] imagedrv.sys=C:\WINDOWS\system32\DRIVERS\imagedrv.sys
### NERO IMAGEDRIVE SCSI miniport Ahead Software AG Nero ImageDrive 2.27.0.0
[Drivers] disk.sys=C:\WINDOWS\system32\DRIVERS\disk.sys
### PnP Disk Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1
.2600.5512
[Drivers] CLASSPNP.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\CLASSPNP.SYS
### SCSI Class System Dll Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Drivers] fltMgr.sys=C:\WINDOWS\system32\DRIVERS\fltMgr.sys
### Microsoft Filesystem Filter Manager Microsoft Corporation Microsoft® Windows®
[Drivers] sr.sys=C:\WINDOWS\system32\DRIVERS\sr.sys
### System Restore Filesystem Filter Driver Microsoft Corporation Microsoft® Win
[Drivers] PxHelp20.sys=C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
### Px Engine Device Driver for Windows 2000/XP Sonic Solutions PxHelp20
[Drivers] KSecDD.sys=C:\WINDOWS\system32\DRIVERS\KSecDD.sys
### Kernel Security Support Provider Interface Microsoft Corporation Microsoft®
[Drivers] Ntfs.sys=C:\WINDOWS\system32\DRIVERS\Ntfs.sys
### NT File System Driver Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Drivers] NDIS.sys=C:\WINDOWS\system32\DRIVERS\NDIS.sys
### NDIS 5.1 wrapper driver Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Drivers] Mup.sys=C:\WINDOWS\system32\DRIVERS\Mup.sys
### Multiple UNC Provider driver Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Drivers] processr.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PROCESSR.SYS
### Processor Device Driver Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Drivers] parport.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS
### Parallel Port Driver Microsoft Corporation Microsoft® Windows® Operating Syste
m 5.1.2600.5512
[Drivers] ASACPI.sys=C:\WINDOWS\SYSTEM32\DRIVERS\ASACPI.SYS
### ATK0110 ACPI Utility ATK0110 ACPI Utility 1043, 3, 2, 2
[Drivers] i8042prt.sys=C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS
### i8042 Port Driver Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Drivers] kbdclass.sys=C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS
### Keyboard Class Driver Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Drivers] serial.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS
### Serial Device Driver Microsoft Corporation Microsoft® Windows® Operating Syste
m 5.1.2600.5512
[Drivers] serenum.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SERENUM.SYS
### Serial Port Enumerator Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Drivers] usbohci.sys=C:\WINDOWS\SYSTEM32\DRIVERS\USBOHCI.SYS
### OHCI USB Miniport Driver Microsoft Corporation Microsoft® Windows® Operating S
ystem 5.1.2600.5512
[Drivers] USBPORT.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\USBPORT.SYS
### USB 1.1 & 2.0 Port Driver Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Drivers] usbehci.sys=C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS
### EHCI eUSB Miniport Driver Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Drivers] HDAudBus.sys=C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDBUS.SYS
### High Definition Audio Bus Driver v1.0a Windows (R) Server 2003 DDK provide
r Microsoft® Windows® Operating System 5.10.01.5013
[Drivers] nvnetbus.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NVNETBUS.SYS
### NVIDIA Networking Bus Driver. NVIDIA Corporation NVNETBUS 1.00.03.06576
[Drivers] NVNRM.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\NVNRM.SYS
### NVIDIA Network Resource Manager. NVIDIA Corporation NVNRM 1.00.02.06576
[Drivers] ati2mtag.sys=C:\WINDOWS\SYSTEM32\DRIVERS\ATI2MTAG.SYS
### ATI Radeon WindowsNT Miniport Driver ATI Technologies Inc. ATI Radeon Wind
owsNT Miniport Driver 6.14.10.7093
[Drivers] VIDEOPRT.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\VIDEOPRT.SYS
### Video Port Driver Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Drivers] a6suzgx9.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\A6SUZGX9.SYS
em 5.1.2600.5512
[Drivers] lmimirr.sys=C:\WINDOWS\SYSTEM32\DRIVERS\LMIMIRR.SYS
### LogMeIn Mirror Miniport Driver LogMeIn, Inc. LogMeIn 2.50.596
[Drivers] audstub.sys=C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS
### AudStub Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.
2600.0
[Drivers] rasl2tp.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS
### RAS L2TP mini-port/call-manager driver Microsoft Corporation Microsoft® Wind
[Drivers] ndistapi.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS
### NDIS 3.0 connection wrapper driver Microsoft Corporation Microsoft® Windows® O
[Drivers] ndiswan.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS
### MS PPP Framing Driver (Strong Encryption) Microsoft Corporation Microsoft® W
[Drivers] raspppoe.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS
### RAS PPPoE mini-port/call-manager driver Microsoft Corporation Microsoft® Win
[Drivers] raspptp.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS
### Peer-to-Peer Tunneling Protocol Microsoft Corporation Microsoft® Windows® Oper
[Drivers] TDI.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\TDI.SYS
### TDI Wrapper Microsoft Corporation Microsoft® Windows® Operating System 5.1.260
0.5512
[Drivers] psched.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PSCHED.SYS
### MS QoS Packet Scheduler Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Drivers] msgpc.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS
### MS General Packet Classifier Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Drivers] ptilink.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS
### Parallel Technologies DirectParallel IO Library Parallel Technologies, Inc
. Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] raspti.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS
### PTI DirectParallel(R) mini-port/call-manager driver Microsoft Corporation
[Drivers] rdpdr.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RDPDR.SYS
### Microsoft RDP Device redirector Microsoft Corporation Microsoft® Windows® Oper
[Drivers] termdd.sys=C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS
### Terminal Server Driver Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Drivers] mouclass.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS
### Mouse Class Driver Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Drivers] swenum.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS
### Plug and Play Software Device Enumerator Microsoft Corporation Microsoft(R
) Windows(R) Operating System 5.3.2600.5512
[Drivers] ks.sys=C:\WINDOWS\SYSTEM32\DRIVERS\KS.SYS
### Kernel CSA Library Microsoft Corporation Microsoft(R) Windows(R) Operating
System 5.3.2600.5512
[Drivers] update.sys=C:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS
### Update Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2
600.5512
[Drivers] mssmbios.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS
### System Management BIOS Driver Microsoft Corporation Microsoft® Windows® Operat
ing System 5.1.2600.5512
[Drivers] MarvinBus.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MARVINBUS.SYS
### Pinnacle Marvin Discrete Bus Enumerator Pinnacle Systems GmbH Pinnacle Mar
vin Discrete 2.1.29.0
[Drivers] cdrom.sys=C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS
### SCSI CD-ROM Driver Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Drivers] redbook.sys=C:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS
### Redbook Audio Filter Driver Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
[Drivers] NDProxy.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\NDPROXY.SYS
### NDIS Proxy Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600
.5512
[Drivers] usbhub.sys=C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS
### Default Hub Driver for USB Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Drivers] USBD.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\USBD.SYS
### Universal Serial Bus Driver Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.0
[Drivers] RtkHDAud.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RTKHDAUD.SYS
### Realtek(r) High Definition Audio Function Driver Realtek Semiconductor Cor
p. Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by
MIT Media Lab) 5.10.0.5443
[Drivers] portcls.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PORTCLS.SYS
### Port Class (Class Driver for Port/Miniport Devices) Microsoft Corporation
[Drivers] drmk.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DRMK.SYS
### Microsoft Kernel DRM Descrambler Filter Microsoft Corporation Microsoft® Win
[Drivers] NVENETFD.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NVENETFD.SYS
### NVIDIA Networking Function Driver. NVIDIA Corporation NVENETFD 1.00.03.065
76
[Drivers] Fs_Rec.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\FS_REC.SYS
### File System Recognizer Driver Microsoft Corporation Microsoft® Windows® Operat
ing System 5.1.2600.0
[Drivers] Null.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS
### NULL Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.260
0.0
[Drivers] Beep.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\BEEP.SYS
### BEEP Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.260
0.0
[Drivers] HIDPARSE.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\HIDPARSE.SYS
### Hid Parsing Library Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Drivers] vga.sys=C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS
### VGA/Super VGA Video Driver Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Drivers] mnmdd.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\MNMDD.SYS
### Frame buffer simulator Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.0
[Drivers] RDPCDD.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS
### RDP Miniport Microsoft Corporation Microsoft® Windows® Operating System 5.1.26
00.0
[Drivers] Msfs.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\MSFS.SYS
### Mailslot driver Microsoft Corporation Microsoft® Windows® Operating System 5.1
.2600.5512
[Drivers] Npfs.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\NPFS.SYS
### NPFS Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.260
0.5512
[Drivers] rasacd.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS
### RAS Automatic Connection Driver Microsoft Corporation Microsoft® Windows® Oper
[Drivers] ipsec.sys=C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS
### IPSec Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.26
00.5512
[Drivers] tcpip.sys=C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
### TCP/IP Protocol Driver Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Drivers] aswTdi.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\ASWTDI.SYS
### avast! TDI Filter Driver AVAST Software avast! Antivirus System 5.0
[Drivers] wanarp.sys=C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS
### MS Remote Access and Routing ARP Driver Microsoft Corporation Microsoft® Win
[Drivers] netbt.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS
### MBT Transport driver Microsoft Corporation Microsoft® Windows® Operating Syste
m 5.1.2600.5512
[Drivers] afd.sys=C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS
### Ancillary Function Driver for WinSock Microsoft Corporation Microsoft® Windo
[Drivers] netbios.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS
### NetBIOS interface driver Microsoft Corporation Microsoft® Windows® Operating S
ystem 5.1.2600.5512
[Drivers] rdbss.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS
### Redirected Drive Buffering SubSystem Driver Microsoft Corporation Microsof
[Drivers] mrxsmb.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS
### Windows NT SMB Minirdr Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Drivers] Fips.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\FIPS.SYS
### FIPS Crypto Driver Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Drivers] hidusb.sys=C:\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS
### USB Miniport Driver for Input Devices Microsoft Corporation Microsoft® Windo
[Drivers] HIDCLASS.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\HIDCLASS.SYS
### Hid Class Library Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Drivers] mouhid.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS
### HID Mouse Filter Driver Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.0
[Drivers] aswSP.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\ASWSP.SYS
### avast! self protection module AVAST Software avast! Antivirus System 5.0
[Drivers] Aavmker4.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\AAVMKER4.SYS
### avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP AVAST Softwar
e avast! Antivirus System 5.0
[Drivers] Cdfs.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\CDFS.SYS
### CD-ROM File System Driver Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Drivers] win32k.sys=C:\WINDOWS\SYSTEM32\WIN32K.SYS
### Multi-User Win32 Driver Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Drivers] Dxapi.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DXAPI.SYS
### DirectX API Driver Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.0
[Drivers] watchdog.sys=C:\WINDOWS\SYSTEM32\WATCHDOG.SYS
### Watchdog Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1
.2600.5512
[Drivers] dxg.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DXG.SYS
### DirectX Graphics Driver Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Drivers] dxgthk.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DXGTHK.SYS
### DirectX Graphics Driver Thunk Microsoft Corporation Microsoft® Windows® Operat
ing System 5.1.2600.0
[Drivers] ati2dvag.dll=C:\WINDOWS\SYSTEM32\ATI2DVAG.DLL
### ATI Radeon WindowsNT Display Driver ATI Technologies Inc. ATI Radeon Windo
wsNT Display Driver 6.14.10.7093
[Drivers] ati2cqag.dll=C:\WINDOWS\SYSTEM32\ATI2CQAG.DLL
### Central Memory Manager / Queue Server Module ATI Technologies Inc. ATI Rad
eon Family 5.2.3790.1830
[Drivers] atikvmag.dll=C:\WINDOWS\SYSTEM32\ATIKVMAG.DLL
### Virtual Command And Memory Manager ATI Technologies Inc. Virtual Command A
nd Memory Manager 5.2.3790.1830
[Drivers] atiok3x2.dll=C:\WINDOWS\SYSTEM32\ATIOK3X2.DLL
### Ring 0 x2 component Advanced Micro Devices, Inc. Ring 0 x2 Component 5.2.3
790.1830
[Drivers] ati3duag.dll=C:\WINDOWS\SYSTEM32\ATI3DUAG.DLL
### ati3duag.dll ATI Technologies Inc. ATI Technologies Inc. Radeon DirectX U
niversal Driver 6.14.10.0761
[Drivers] ativvaxx.dll=C:\WINDOWS\SYSTEM32\ATIVVAXX.DLL
### Radeon Video Acceleration Universal Driver Advanced Micro Devices, Inc. A
dvanced Micro Devices, Inc. Radeon Video Acceleration Universal Driver 6.14.10.0
263
[Drivers] ATMFD.DLL=C:\WINDOWS\SYSTEM32\ATMFD.DLL
### Windows NT OpenType/Type 1 Font Driver Adobe Systems Incorporated Adobe Ty
pe Manager 5.1 Build 226
[Drivers] aswFsBlk.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\ASWFSBLK.SYS
### avast! File System Access Blocking Driver AVAST Software avast! Antivirus
System 5.0
[Drivers] ndisuio.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS
### NDIS User mode I/O Driver Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Drivers] aswMon2.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\ASWMON2.SYS
### avast! File System Filter Driver for Windows XP AVAST Software avast! Anti
virus System 5.0
[Drivers] wdmaud.sys=C:\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS
### MMSYSTEM Wave/Midi API mapper Microsoft Corporation Microsoft® Windows® Operat
ing System 5.1.2600.5512
[Drivers] sysaudio.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS
### System Audio WDM Filter Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Drivers] mrxdav.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS
### Windows NT WebDav Minirdr Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Drivers] ParVdm.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\PARVDM.SYS
### VDM Parallel Driver Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.0
[Drivers] atksgt.sys=C:\WINDOWS\SYSTEM32\DRIVERS\ATKSGT.SYS
[Drivers] lirsgt.sys=C:\WINDOWS\SYSTEM32\DRIVERS\LIRSGT.SYS
[Drivers] srv.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS
### Server driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2
600.5512
[Drivers] RaInfo.sys=C:\PROGRAM FILES\LOGMEIN\X86\RAINFO.SYS
### RemotelyAnywhere Kernel Information Provider LogMeIn, Inc. RemotelyAnywher
e 8.0.685
[Drivers] LMIRfsDriver.sys=C:\WINDOWS\SYSTEM32\DRIVERS\LMIRFSDRIVER.SYS
### LogMeIn Rfs Drivemap Driver LogMeIn, Inc. LogMeIn 2.5.3.0
[Drivers] secdrv.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS
### Macrovision SECURITY Driver Macrovision Corporation, Macrovision Europe Li
mited, and Macrovision Japan and Asia K.K. Macrovision SECURITY Driver SECURITY
Driver 4.03.086 2006/09/13
[Drivers] aswRdr.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\ASWRDR.SYS
### avast! TDI RDR Driver AVAST Software avast! Antivirus System 5.0
[Drivers] HTTP.sys=C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS
### HTTP Protocol Stack Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Drivers] regguard.sys=C:\WINDOWS\SYSTEM32\DRIVERS\REGGUARD.SYS
### Registry Guard - registry keys protection driver for Windows NT/2000/XP/20
03/Vista/Windows7 Greatis Software RegRun Security Suite 6.50
[Drivers] kmixer.sys=C:\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS
### Kernel Mode Audio Mixer Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Drivers] ntdll.dll=C:\WINDOWS\SYSTEM32\NTDLL.DLL
### NT Layer DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.26
00.5512
[Drivers] Engine.dll=C:\PROGRAM FILES\DAEMON TOOLS LITE\ENGINE.DLL
### Helper library DT Soft Ltd DAEMON Tools Lite 4.35.6.0091
[Services detected by Partizan] :HKLM .NET CLR Data
[Services detected by Partizan] :HKLM .NET CLR Networking
[Services detected by Partizan] :HKLM .NET Data Provider for Oracle
[Services detected by Partizan] :HKLM .NET Data Provider for SqlServer
[Services detected by Partizan] :HKLM .NETFramework
[Services detected by Partizan] :HKLM Aavmker4
### Driver avast! Asynchronous Virus Monitor avast! Asynchronous Virus Monitor
Start Type: loaded automatically at Kernel initialization
[Services detected by Partizan] :HKLM Abiosdsk
### Driver Start Type: disabled
[Services detected by Partizan] :HKLM abp480n5
[Services detected by Partizan] :HKLM ACPI=C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SY
S
### Driver Microsoft ACPI Driver Start Type: loaded automatically by the Boot
Loader ACPI Driver for NT Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Services detected by Partizan] :HKLM ACPIEC
[Services detected by Partizan] :HKLM adpu160m
[Services detected by Partizan] :HKLM aec=C:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS
### Driver Microsoft Kernel Acoustic Echo Canceller Start Type: loaded manuall
y on demand Microsoft Acoustic Echo Canceller Microsoft Corporation Microsoft® Win
[Services detected by Partizan] :HKLM AFD=C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS
### Driver AFD AFD Networking Support Environment Start Type: loaded automatic
ally at Kernel initialization Ancillary Function Driver for WinSock Microsoft Co
[Services detected by Partizan] :HKLM Aha154x
[Services detected by Partizan] :HKLM aic78u2
[Services detected by Partizan] :HKLM aic78xx
[Services detected by Partizan] :HKLM Alerter=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Alerter Notifies selected users and computers of administrative al
erts. If the service is stopped, programs that use administrative alerts will no
t receive them. If this service is disabled, any services that explicitly depend
on it will fail to start. Start Type: disabled Generic Host Process for Win32 S
ervices Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM ALG=C:\WINDOWS\SYSTEM32\ALG.EXE
### Service Application Layer Gateway Service Provides support for 3rd party p
rotocol plug-ins for Internet Connection Sharing and the Windows Firewall. Start
Type: loaded manually on demand Application Layer Gateway Service Microsoft Cor
poration Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM AliIde
[Services detected by Partizan] :HKLM amsint
[Services detected by Partizan] :HKLM AppMgmt=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Application Management Provides software installation services suc
h as Assign, Publish, and Remove. Start Type: loaded manually on demand Generic
Host Process for Win32 Services Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Services detected by Partizan] :HKLM asc
[Services detected by Partizan] :HKLM asc3350p
[Services detected by Partizan] :HKLM asc3550
[Services detected by Partizan] :HKLM ASP.NET
[Services detected by Partizan] :HKLM ASP.NET_2.0.50727
[Services detected by Partizan] :HKLM aswFsBlk
### Driver aswFsBlk avast! mini-filter driver (aswFsBlk) Start Type: loaded au
tomatically by Server Manager
[Services detected by Partizan] :HKLM aswMon2
### Driver avast! Standard Shield Support avast! Standard Shield Support Start
Type: loaded automatically by Server Manager
[Services detected by Partizan] :HKLM aswRdr
### Driver aswRdr avast! TDI Redirect driver Start Type: loaded manually on de
mand
[Services detected by Partizan] :HKLM aswSP
### Driver aswSP avast! Self Protection Start Type: loaded automatically at Ke
rnel initialization
[Services detected by Partizan] :HKLM aswTdi
### Driver avast! Network Shield Support avast! Network Shield TDI driver Star
t Type: loaded automatically at Kernel initialization
[Services detected by Partizan] :HKLM AsyncMac=C:\WINDOWS\SYSTEM32\DRIVERS\ASY
NCMAC.SYS
### Driver RAS Asynchronous Media Driver RAS Asynchronous Media Driver Start T
ype: loaded manually on demand MS Remote Access serial network driver Microsoft
Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM atapi=C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.
SYS
### Driver Standard IDE/ESDI Hard Disk Controller Start Type: loaded automatic
ally by the Boot Loader IDE/ATAPI Port Driver Microsoft Corporation Microsoft® Win
[Services detected by Partizan] :HKLM Atdisk
[Services detected by Partizan] :HKLM Ati HotKey Poller=C:\WINDOWS\SYSTEM32\AT
I2EVXX.EXE
### Service Start Type: loaded automatically by Server Manager ATI External Ev
ent Utility EXE Module ATI Technologies Inc. ATI External Event Utility for Wind
ows 6.14.10.4235
[Services detected by Partizan] :HKLM ati2mtag=C:\WINDOWS\SYSTEM32\DRIVERS\ATI
2MTAG.SYS
### Driver Start Type: loaded manually on demand ATI Radeon WindowsNT Miniport
Driver ATI Technologies Inc. ATI Radeon WindowsNT Miniport Driver 6.14.10.7093
[Services detected by Partizan] :HKLM Atierecord
[Services detected by Partizan] :HKLM atksgt=C:\WINDOWS\SYSTEM32\DRIVERS\ATKSG
T.SYS
### Driver atksgt Start Type: loaded automatically by Server Manager
[Services detected by Partizan] :HKLM Atmarpc=C:\WINDOWS\SYSTEM32\DRIVERS\ATMA
RPC.SYS
### Driver ATM ARP Client Protocol ATM ARP Client Protocol Start Type: loaded
manually on demand IP/ATM Arp Client Microsoft Corporation Microsoft® Windows® Opera
[Services detected by Partizan] :HKLM AudioSrv=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Windows Audio Manages audio devices for Windows-based programs. If
this service is stopped, audio devices and effects will not function properly.
If this service is disabled, any services that explicitly depend on it will fail
to start. Start Type: loaded automatically by Server Manager Generic Host Proce
ss for Win32 Services Microsoft Corporation Microsoft® Windows® Operating System 5.1
.2600.5512
[Services detected by Partizan] :HKLM audstub=C:\WINDOWS\SYSTEM32\DRIVERS\AUDS
TUB.SYS
### Driver Audio Stub Driver Start Type: loaded manually on demand AudStub Dri
ver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Services detected by Partizan] :HKLM avast! Antivirus=C:\PROGRAM FILES\ALWIL
SOFTWARE\AVAST5\AVASTSVC.EXE
### Service avast! Antivirus Manages and implements avast! antivirus services
for this computer. This includes the resident protection, the virus chest and th
e scheduler. Start Type: loaded automatically by Server Manager avast! Service A
VAST Software avast! Antivirus 5, 0, 0, 0
[Services detected by Partizan] :HKLM avast! Mail Scanner=C:\PROGRAM FILES\ALW
IL SOFTWARE\AVAST5\AVASTSVC.EXE
### Service avast! Mail Scanner Implements mail scanning for avast! antivirus.
Start Type: loaded manually on demand avast! Service AVAST Software avast! Anti
virus 5, 0, 0, 0
[Services detected by Partizan] :HKLM avast! Web Scanner=C:\PROGRAM FILES\ALWI
L SOFTWARE\AVAST5\AVASTSVC.EXE
### Service avast! Web Scanner Implements web (HTTP) scanning for avast! antiv
irus. Start Type: loaded manually on demand avast! Service AVAST Software avast!
Antivirus 5, 0, 0, 0
[Services detected by Partizan] :HKLM BattC
[Services detected by Partizan] :HKLM Beep
### Driver Start Type: loaded automatically at Kernel initialization
[Services detected by Partizan] :HKLM BITS=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Background Intelligent Transfer Service Transfers data between cli
ents and servers in the background. If BITS is disabled, features such as Window
s Update will not work correctly. Start Type: disabled Generic Host Process for
Win32 Services Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5
512
[Services detected by Partizan] :HKLM Browser=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Computer Browser Maintains an updated list of computers on the net
work and supplies this list to computers designated as browsers. If this service
is stopped, this list will not be updated or maintained. If this service is dis
abled, any services that explicitly depend on it will fail to start. Start Type:
loaded automatically by Server Manager Generic Host Process for Win32 Services
[Services detected by Partizan] :HKLM BT878=C:\WINDOWS\SYSTEM32\DRIVERS\BT878.
SYS
### Driver Hauppauge Streaming Data Capture Device Start Type: loaded automati
cally by Server Manager HCW I2S MPEG-2 Transport Stream Capture Hauppauge Comput
er Works HCW I2S MPEG-2 Transport Stream Capture 3, 0, 20007, 0
[Services detected by Partizan] :HKLM cbidf2k
[Services detected by Partizan] :HKLM CCDECODE=C:\WINDOWS\SYSTEM32\DRIVERS\CCD
ECODE.SYS
### Driver Closed Caption Decoder Start Type: loaded manually on demand WDM Cl
osed Caption VBI Codec Microsoft Corporation Microsoft(R) Windows(R) Operating S
ystem 5.3.2600.5512
[Services detected by Partizan] :HKLM cd20xrnt
[Services detected by Partizan] :HKLM Cdaudio
[Services detected by Partizan] :HKLM Cdfs
[Services detected by Partizan] :HKLM Cdrom=C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.
SYS
### Driver CD-ROM Driver Start Type: loaded automatically at Kernel initializa
tion SCSI CD-ROM Driver Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Services detected by Partizan] :HKLM Changer
[Services detected by Partizan] :HKLM CiSvc=C:\WINDOWS\SYSTEM32\CISVC.EXE
### Service Indexing Service Indexes contents and properties of files on local
and remote computers; provides rapid access to files through flexible querying
language. Start Type: loaded manually on demand Content Index service Microsoft
[Services detected by Partizan] :HKLM ClipSrv=C:\WINDOWS\SYSTEM32\CLIPSRV.EXE
### Service ClipBook Enables ClipBook Viewer to store information and share it
with remote computers. If the service is stopped, ClipBook Viewer will not be a
ble to share information with remote computers. If this service is disabled, any
services that explicitly depend on it will fail to start. Start Type: disabled
Windows NT DDE Server Microsoft Corporation Microsoft® Windows® Operating System 5.1
.2600.5512
[Services detected by Partizan] :HKLM CmdIde
[Services detected by Partizan] :HKLM COMSysApp=C:\WINDOWS\SYSTEM32\DLLHOST.EX
E
### Service COM+ System Application Manages the configuration and tracking of
Component Object Model (COM)+-based components. If the service is stopped, most
COM+-based components will not function properly. If this service is disabled, a
ny services that explicitly depend on it will fail to start. Start Type: loaded
manually on demand COM Surrogate Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Services detected by Partizan] :HKLM ContentFilter
[Services detected by Partizan] :HKLM ContentIndex
[Services detected by Partizan] :HKLM Cpqarray
[Services detected by Partizan] :HKLM CryptSvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Cryptographic Services Provides three management services: Catalog
Database Service, which confirms the signatures of Windows files; Protected Roo
t Service, which adds and removes Trusted Root Certification Authority certifica
tes from this computer; and Key Service, which helps enroll this computer for ce
rtificates. If this service is stopped, these management services will not funct
ion properly. If this service is disabled, any services that explicitly depend o
n it will fail to start. Start Type: loaded automatically by Server Manager Gene
ric Host Process for Win32 Services Microsoft Corporation Microsoft® Windows® Operat
ing System 5.1.2600.5512
[Services detected by Partizan] :HKLM dac2w2k
[Services detected by Partizan] :HKLM dac960nt
[Services detected by Partizan] :HKLM DcomLaunch=C:\WINDOWS\SYSTEM32\SVCHOST.e
xe
### Service DCOM Server Process Launcher Provides launch functionality for DCO
M services. Start Type: loaded automatically by Server Manager Generic Host Proc
ess for Win32 Services Microsoft Corporation Microsoft® Windows® Operating System 5.
1.2600.5512
[Services detected by Partizan] :HKLM Dhcp=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service DHCP Client Manages network configuration by registering and updat
ing IP addresses and DNS names. Start Type: loaded automatically by Server Manag
er Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Window
[Services detected by Partizan] :HKLM Disk=C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SY
S
### Driver Disk Driver Start Type: loaded automatically by the Boot Loader PnP
Disk Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.551
2
[Services detected by Partizan] :HKLM dmadmin=C:\WINDOWS\SYSTEM32\DMADMIN.EXE
### Service Logical Disk Manager Administrative Service Configures hard disk d
rives and volumes. The service only runs for configuration processes and then st
ops. Start Type: loaded manually on demand Logical Disk Manager service process
Microsoft Corp., Veritas Software Logical Disk Manager for Windows NT 1.0
[Services detected by Partizan] :HKLM dmboot=C:\WINDOWS\SYSTEM32\DRIVERS\DMBOO
T.SYS
### Driver Start Type: disabled NT Disk Manager Startup Driver Microsoft Corp.
, Veritas Software VERITAS® NT Disk Manager 1.0
[Services detected by Partizan] :HKLM dmio=C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SY
S
### Driver Logical Disk Manager Driver Start Type: loaded automatically by the
Boot Loader NT Disk Manager I/O Driver Microsoft Corp., Veritas Software VERITA
S® NT Disk Manager 1.0
[Services detected by Partizan] :HKLM dmload=C:\WINDOWS\SYSTEM32\DRIVERS\DMLOA
D.SYS
### Driver Start Type: loaded automatically by the Boot Loader NT Disk Manager
Startup Driver Microsoft Corp., Veritas Software. Logical Disk Manager for Wind
ows NT 1.0
[Services detected by Partizan] :HKLM dmserver=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Logical Disk Manager Detects and monitors new hard disk drives and
sends disk volume information to Logical Disk Manager Administrative Service fo
r configuration. If this service is stopped, dynamic disk status and configurati
on information may become out of date. If this service is disabled, any services
that explicitly depend on it will fail to start. Start Type: loaded automatical
ly by Server Manager Generic Host Process for Win32 Services Microsoft Corporati
[Services detected by Partizan] :HKLM DMusic=C:\WINDOWS\SYSTEM32\DRIVERS\DMUSI
C.SYS
### Driver Microsoft Kernel DLS Syntheiszer Start Type: loaded manually on dem
and Microsoft Kernel DLS Synthesizer Microsoft Corporation Microsoft® Windows® Opera
[Services detected by Partizan] :HKLM Dnscache=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service DNS Client Resolves and caches Domain Name System (DNS) names for
this computer. If this service is stopped, this computer will not be able to res
olve DNS names and locate Active Directory domain controllers. If this service i
s disabled, any services that explicitly depend on it will fail to start. Start
Type: loaded automatically by Server Manager Generic Host Process for Win32 Serv
ices Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM Dot3svc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Wired AutoConfig This service performs IEEE 802.1X authentication
on Ethernet interfaces Start Type: loaded manually on demand Generic Host Proces
s for Win32 Services Microsoft Corporation Microsoft® Windows® Operating System 5.1.
2600.5512
[Services detected by Partizan] :HKLM dpti2o
[Services detected by Partizan] :HKLM drmkaud=C:\WINDOWS\SYSTEM32\DRIVERS\DRMK
AUD.SYS
### Driver Microsoft Kernel DRM Audio Descrambler Start Type: loaded manually
on demand Microsoft Kernel DRM Audio Descrambler Filter Microsoft Corporation Mi
[Services detected by Partizan] :HKLM DSDrv4=C:\PROGRA~1\DSCALER\DSDRV4.SYS
### Driver DSDrv4 Start Type: loaded manually on demand hardware access driver
4.1.15
[Services detected by Partizan] :HKLM EapHost=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Extensible Authentication Protocol Service Provides windows client
s Extensible Authentication Protocol Service Start Type: loaded manually on dema
nd Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Window
[Services detected by Partizan] :HKLM ERSvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Error Reporting Service Allows error reporting for services and ap
plictions running in non-standard environments. Start Type: disabled Generic Hos
t Process for Win32 Services Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Services detected by Partizan] :HKLM Eventlog=C:\WINDOWS\SYSTEM32\SERVICES.EX
E
### Service Event Log Enables event log messages issued by Windows-based progr
Start Type: loaded automatically by Server Manager Services and Controller app
[Services detected by Partizan] :HKLM EventSystem=C:\WINDOWS\SYSTEM32\SVCHOST.
EXE
### Service COM+ Event System Supports System Event Notification Service (SENS
), which provides automatic distribution of events to subscribing Component Obje
ct Model (COM) components. If the service is stopped, SENS will close and will n
ot be able to provide logon and logoff notifications. If this service is disable
d, any services that explicitly depend on it will fail to start. Start Type: loa
ded manually on demand Generic Host Process for Win32 Services Microsoft Corpora
tion Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM Fastfat
[Services detected by Partizan] :HKLM FastUserSwitchingCompatibility=C:\WINDOW
S\SYSTEM32\SVCHOST.EXE
### Service Fast User Switching Compatibility Provides management for applicat
ions that require assistance in a multiple user environment. Start Type: loaded
manually on demand Generic Host Process for Win32 Services Microsoft Corporation
[Services detected by Partizan] :HKLM Fdc
[Services detected by Partizan] :HKLM Fips
[Services detected by Partizan] :HKLM Flpydisk
[Services detected by Partizan] :HKLM FltMgr=C:\WINDOWS\SYSTEM32\DRIVERS\FLTMG
R.SYS
### Driver FltMgr File System Filter Manager Driver Start Type: loaded automat
ically by the Boot Loader Microsoft Filesystem Filter Manager Microsoft Corporat
[Services detected by Partizan] :HKLM FontCache3.0.0.0=C:\WINDOWS\MICROSOFT.NE
T\FRAMEWORK\V3.0\WPF\PRESENTATIONFONTCACHE.EXE
### Service Windows Presentation Foundation Font Cache 3.0.0.0 Optimizes perfo
rmance of Windows Presentation Foundation (WPF) applications by caching commonly
used font data. WPF applications will start this service if it is not already r
unning. It can be disabled, though doing so will degrade the performance of WPF
applications. Start Type: loaded manually on demand PresentationFontCache.exe Mi
crosoft Corporation Microsoft® .NET Framework 3.0.6920.1427
[Services detected by Partizan] :HKLM Fs_Rec
[Services detected by Partizan] :HKLM Ftdisk=C:\WINDOWS\SYSTEM32\DRIVERS\FTDIS
K.SYS
### Driver Volume Manager Driver Start Type: loaded automatically by the Boot
Loader FT Disk Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1
.2600.0
[Services detected by Partizan] :HKLM Gpc=C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SY
S
### Driver Generic Packet Classifier Generic Packet Classifier Start Type: loa
ded manually on demand MS General Packet Classifier Microsoft Corporation Micros
[Services detected by Partizan] :HKLM HCW848NT=C:\WINDOWS\SYSTEM32\DRIVERS\HCW
848NT.SYS
### Driver Hauppauge Win/TV Start Type: loaded manually on demand Hauppauge Wi
nTV NT Driver / Win2k Hauppauge Computer Works WinTV 3.07.19068 Win2K
[Services detected by Partizan] :HKLM HDAudBus=C:\WINDOWS\SYSTEM32\DRIVERS\HDA
UDBUS.SYS
### Driver Microsoft UAA Bus Driver for High Definition Audio Start Type: load
ed manually on demand High Definition Audio Bus Driver v1.0a Windows (R) Server
2003 DDK provider Microsoft® Windows® Operating System 5.10.01.5013
[Services detected by Partizan] :HKLM helpsvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Help and Support Enables Help and Support Center to run on this co
mputer. If this service is stopped, Help and Support Center will be unavailable.
If this service is disabled, any services that explicitly depend on it will fai
l to start. Start Type: loaded automatically by Server Manager Generic Host Proc
1.2600.5512
[Services detected by Partizan] :HKLM HidServ=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service HID Input Service Enables generic input access to Human Interface
Devices (HID), which activates and maintains the use of predefined hot buttons o
n keyboards, remote controls, and other multimedia devices. If this service is s
topped, hot buttons controlled by this service will no longer function. If this
service is disabled, any services that explicitly depend on it will fail to star
t. Start Type: loaded automatically by Server Manager Generic Host Process for W
in32 Services Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.55
12
[Services detected by Partizan] :HKLM hidusb=C:\WINDOWS\SYSTEM32\DRIVERS\HIDUS
B.SYS
### Driver Microsoft HID Class Driver Start Type: loaded manually on demand US
B Miniport Driver for Input Devices Microsoft Corporation Microsoft® Windows® Operat
ing System 5.1.2600.5512
[Services detected by Partizan] :HKLM hkmsvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Health Key and Certificate Management Service Manages health certi
ficates and keys (used by NAP) Start Type: loaded manually on demand Generic Hos
tem 5.1.2600.5512
[Services detected by Partizan] :HKLM hpn
[Services detected by Partizan] :HKLM HTTP=C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SY
S
### Driver HTTP This service implements the hypertext transfer protocol (HTTP)
. If this service is disabled, any services that explicitly depend on it will fa
il to start. Start Type: loaded manually on demand HTTP Protocol Stack Microsoft
[Services detected by Partizan] :HKLM HTTPFilter=C:\WINDOWS\SYSTEM32\SVCHOST.E
XE
### Service HTTP SSL This service implements the secure hypertext transfer pro
tocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If th
is service is disabled, any services that explicitly depend on it will fail to s
tart. Start Type: loaded manually on demand Generic Host Process for Win32 Servi
ces Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM i2omgmt
[Services detected by Partizan] :HKLM i2omp
[Services detected by Partizan] :HKLM i8042prt=C:\WINDOWS\SYSTEM32\DRIVERS\I80
42PRT.SYS
### Driver i8042 Keyboard and PS/2 Mouse Port Driver Start Type: loaded automa
tically at Kernel initialization i8042 Port Driver Microsoft Corporation Microso
[Services detected by Partizan] :HKLM imagedrv=C:\WINDOWS\SYSTEM32\DRIVERS\IMA
GEDRV.SYS
### Driver Start Type: loaded automatically by the Boot Loader NERO IMAGEDRIVE
SCSI miniport Ahead Software AG Nero ImageDrive 2.27.0.0
[Services detected by Partizan] :HKLM imagesrv=C:\WINDOWS\SYSTEM32\DRIVERS\IMA
GESRV.SYS
### Driver Start Type: loaded automatically by the Boot Loader Nero Image Serv
er Ahead Software AG Nero ImageDrive 2.27.0.0
[Services detected by Partizan] :HKLM Imapi=C:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.
SYS
### Driver CD-Burning Filter Driver Start Type: loaded automatically at Kernel
initialization IMAPI Kernel Driver Microsoft Corporation Microsoft® Windows® Operat
ing System 5.1.2600.5512
[Services detected by Partizan] :HKLM ImapiService=C:\WINDOWS\SYSTEM32\IMAPI.E
XE
### Service IMAPI CD-Burning COM Service Manages CD recording using Image Mast
ering Applications Programming Interface (IMAPI). If this service is stopped, th
is computer will be unable to record CDs. If this service is disabled, any servi
ces that explicitly depend on it will fail to start. Start Type: loaded manually
on demand Image Mastering API Microsoft Corporation Microsoft® Windows® Operating S
ystem 5.1.2600.5512
[Services detected by Partizan] :HKLM inetaccs
[Services detected by Partizan] :HKLM ini910u
[Services detected by Partizan] :HKLM Inport
[Services detected by Partizan] :HKLM IntcAzAudAddService=C:\WINDOWS\SYSTEM32\
DRIVERS\RTKHDAUD.SYS
### Driver Service for Realtek HD Audio (WDM) Start Type: loaded manually on d
emand Realtek(r) High Definition Audio Function Driver Realtek Semiconductor Cor
p. Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by
MIT Media Lab) 5.10.0.5443
[Services detected by Partizan] :HKLM IntelIde
[Services detected by Partizan] :HKLM Ip6Fw=C:\WINDOWS\SYSTEM32\DRIVERS\IP6FW.
SYS
### Driver IPv6 Windows Firewall Driver Provides intrusion prevention service
for a home or small office network. Start Type: loaded manually on demand IPv6 W
indows Firewall Driver Microsoft Corporation Microsoft® Windows® Operating System 5.
1.2600.5512
[Services detected by Partizan] :HKLM IpFilterDriver=C:\WINDOWS\SYSTEM32\DRIVE
RS\IPFLTDRV.SYS
### Driver IP Traffic Filter Driver IP Traffic Filter Driver Start Type: loade
d manually on demand IP FILTER DRIVER Microsoft Corporation Microsoft® Windows® Oper
[Services detected by Partizan] :HKLM IpInIp=C:\WINDOWS\SYSTEM32\DRIVERS\IPINI
P.SYS
### Driver IP in IP Tunnel Driver IP in IP Tunnel Driver Start Type: loaded ma
nually on demand IP in IP Encapsulation Driver Microsoft Corporation Microsoft® Wi
[Services detected by Partizan] :HKLM IpNat=C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.
SYS
### Driver IP Network Address Translator IP Network Address Translator Start T
ype: loaded manually on demand IP Network Address Translator Microsoft Corporati
[Services detected by Partizan] :HKLM IPSec=C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.
SYS
### Driver IPSEC driver IPSEC driver Start Type: loaded automatically at Kerne
l initialization IPSec Driver Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Services detected by Partizan] :HKLM IRENUM=C:\WINDOWS\SYSTEM32\DRIVERS\IRENU
M.SYS
### Driver IR Enumerator Service Start Type: loaded manually on demand Infra-R
ed Bus Enumerator Microsoft Corporation Microsoft® Windows® Operating System 5.1.260
0.5512
[Services detected by Partizan] :HKLM ISAPISearch
[Services detected by Partizan] :HKLM isapnp=C:\WINDOWS\SYSTEM32\DRIVERS\ISAPN
P.SYS
### Driver PnP ISA/EISA Bus Driver Start Type: loaded automatically by the Boo
t Loader PNP ISA Bus Driver Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Services detected by Partizan] :HKLM JavaQuickStarterService=C:\PROGRAM FILES
\JAVA\JRE6\BIN\JQS.EXE
### Service Java Quick Starter Prefetches JRE files for faster startup of Java
applets and applications Start Type: loaded automatically by Server Manager Jav
a(TM) Quick Starter Service Sun Microsystems, Inc. Java(TM) Platform SE 6 U20 6.
0.200.2
[Services detected by Partizan] :HKLM Kbdclass=C:\WINDOWS\SYSTEM32\DRIVERS\KBD
CLASS.SYS
### Driver Keyboard Class Driver Start Type: loaded automatically at Kernel in
itialization Keyboard Class Driver Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Services detected by Partizan] :HKLM kbdhid=C:\WINDOWS\SYSTEM32\DRIVERS\KBDHI
D.SYS
### Driver Keyboard HID Driver Start Type: loaded automatically at Kernel init
ialization HID Mouse Filter Driver Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Services detected by Partizan] :HKLM kmixer=C:\WINDOWS\SYSTEM32\DRIVERS\KMIXE
R.SYS
### Driver Microsoft Kernel Wave Audio Mixer Start Type: loaded manually on de
mand Kernel Mode Audio Mixer Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Services detected by Partizan] :HKLM KSecDD
### Driver Start Type: loaded automatically by the Boot Loader
[Services detected by Partizan] :HKLM LanmanServer=C:\WINDOWS\SYSTEM32\SVCHOST
.EXE
### Service Server Supports file, print, and named-pipe sharing over the netwo
rk for this computer. If this service is stopped, these functions will be unavai
lable. If this service is disabled, any services that explicitly depend on it wi
ll fail to start. Start Type: loaded automatically by Server Manager Generic Hos
tem 5.1.2600.5512
[Services detected by Partizan] :HKLM lanmanworkstation=C:\WINDOWS\SYSTEM32\SV
CHOST.EXE
### Service Workstation Creates and maintains client network connections to re
mote servers. If this service is stopped, these connections will be unavailable.
1.2600.5512
[Services detected by Partizan] :HKLM lbrtfdc
[Services detected by Partizan] :HKLM ldap
[Services detected by Partizan] :HKLM LicenseService
[Services detected by Partizan] :HKLM lirsgt=C:\WINDOWS\SYSTEM32\DRIVERS\LIRSG
T.SYS
### Driver lirsgt Start Type: loaded automatically by Server Manager
[Services detected by Partizan] :HKLM LmHosts=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service TCP/IP NetBIOS Helper Enables support for NetBIOS over TCP/IP (Net
BT) service and NetBIOS name resolution. Start Type: loaded automatically by Ser
ver Manager Generic Host Process for Win32 Services Microsoft Corporation Micros
[Services detected by Partizan] :HKLM LMIGuardianSvc=C:\PROGRAM FILES\LOGMEIN\
X86\LMIGUARDIANSVC.EXE
### Service LMIGuardianSvc Support LogMeIn processes with quality assurance fe
edback Start Type: loaded automatically by Server Manager LMIGuardianSvc LogMeIn
, Inc. LMIGuardianSvc 8.1.804
[Services detected by Partizan] :HKLM LMIInfo=C:\PROGRAM FILES\LOGMEIN\X86\RAI
NFO.SYS
### Driver LogMeIn Kernel Information Provider Start Type: loaded automaticall
y by Server Manager RemotelyAnywhere Kernel Information Provider LogMeIn, Inc. R
emotelyAnywhere 8.0.685
[Services detected by Partizan] :HKLM LMIMaint=C:\PROGRAM FILES\LOGMEIN\X86\RA
MAINT.EXE
### Service LogMeIn Maintenance Service Start Type: loaded automatically by Se
rver Manager LogMeIn Maintenance Service LogMeIn, Inc. LogMeIn 4.1.1556
[Services detected by Partizan] :HKLM lmimirr=C:\WINDOWS\SYSTEM32\DRIVERS\LMIM
IRR.SYS
### Driver Start Type: loaded manually on demand LogMeIn Mirror Miniport Drive
r LogMeIn, Inc. LogMeIn 2.50.596
[Services detected by Partizan] :HKLM LMIRfsClientNP
### Driver LMIRfsClientNP Start Type: disabled
[Services detected by Partizan] :HKLM LMIRfsDriver=C:\WINDOWS\SYSTEM32\DRIVERS
\LMIRFSDRIVER.SYS
### Driver LogMeIn Remote File System Driver Start Type: loaded automatically
by Server Manager LogMeIn Rfs Drivemap Driver LogMeIn, Inc. LogMeIn 2.5.3.0
[Services detected by Partizan] :HKLM LogMeIn=C:\PROGRAM FILES\LOGMEIN\X86\LOG
MEIN.EXE
### Service LogMeIn Start Type: loaded automatically by Server Manager LogMeIn
LogMeIn, Inc. LogMeIn 3.0.596
[Services detected by Partizan] :HKLM MarvinBus=C:\WINDOWS\SYSTEM32\DRIVERS\MA
RVINBUS.SYS
### Driver Pinnacle Marvin Bus Start Type: loaded manually on demand Pinnacle
Marvin Discrete Bus Enumerator Pinnacle Systems GmbH Pinnacle Marvin Discrete 2.
1.29.0
[Services detected by Partizan] :HKLM Messenger=C:\WINDOWS\SYSTEM32\SVCHOST.EX
E
### Service Messenger Transmits net send and Alerter service messages between
clients and servers. This service is not related to Windows Messenger. If this s
ervice is stopped, Alerter messages will not be transmitted. If this service is
disabled, any services that explicitly depend on it will fail to start. Start Ty
pe: disabled Generic Host Process for Win32 Services Microsoft Corporation Micro
[Services detected by Partizan] :HKLM mnmdd
[Services detected by Partizan] :HKLM mnmsrvc=C:\WINDOWS\SYSTEM32\MNMSRVC.EXE
### Service NetMeeting Remote Desktop Sharing Enables an authorized user to ac
cess this computer remotely by using NetMeeting over a corporate intranet. If th
is service is stopped, remote desktop sharing will be unavailable. If this servi
ce is disabled, any services that explicitly depend on it will fail to start. St
art Type: loaded manually on demand NetMeeting Remote Desktop Sharing Microsoft
Corporation Windows® NetMeeting® 3.01
[Services detected by Partizan] :HKLM Modem
### Driver Start Type: loaded manually on demand
[Services detected by Partizan] :HKLM Mouclass=C:\WINDOWS\SYSTEM32\DRIVERS\MOU
CLASS.SYS
### Driver Mouse Class Driver Start Type: loaded automatically at Kernel initi
alization Mouse Class Driver Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Services detected by Partizan] :HKLM mouhid=C:\WINDOWS\SYSTEM32\DRIVERS\MOUHI
D.SYS
### Driver Mouse HID Driver Start Type: loaded manually on demand HID Mouse Fi
lter Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Services detected by Partizan] :HKLM MountMgr
[Services detected by Partizan] :HKLM mraid35x
[Services detected by Partizan] :HKLM MRxDAV=C:\WINDOWS\SYSTEM32\DRIVERS\MRXDA
V.SYS
### Driver WebDav Client Redirector WebDav Client Redirector Start Type: loade
d manually on demand Windows NT WebDav Minirdr Microsoft Corporation Microsoft® Wi
[Services detected by Partizan] :HKLM MRxSmb=C:\WINDOWS\SYSTEM32\DRIVERS\MRXSM
B.SYS
### Driver MRXSMB MRXSMB Start Type: loaded automatically at Kernel initializa
tion Windows NT SMB Minirdr Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Services detected by Partizan] :HKLM MSDTC=C:\WINDOWS\SYSTEM32\MSDTC.EXE
### Service Distributed Transaction Coordinator Coordinates transactions that
span multiple resource managers, such as databases, message queues, and file sys
tems. If this service is stopped, these transactions will not occur. If this ser
vice is disabled, any services that explicitly depend on it will fail to start.
Start Type: loaded manually on demand MS DTC console program Microsoft Corporat
ion Microsoft Distributed Transaction Coordinator 03.01.00.4414
[Services detected by Partizan] :HKLM MSDTC Bridge 3.0.0.0
[Services detected by Partizan] :HKLM Msfs
[Services detected by Partizan] :HKLM MSIServer=C:\WINDOWS\SYSTEM32\MSIEXEC.EX
E
### Service Windows Installer Adds, modifies, and removes applications provide
d as a Windows Installer (*.msi) package. If this service is disabled, any servi
ces that explicitly depend on it will fail to start. Start Type: loaded manually
on demand Windows® installer Microsoft Corporation Windows Installer - Unicode 4.
5.6001.22159
[Services detected by Partizan] :HKLM MSKSSRV=C:\WINDOWS\SYSTEM32\DRIVERS\MSKS
SRV.SYS
### Driver Microsoft Streaming Service Proxy Start Type: loaded manually on de
mand MS KS Server Microsoft Corporation Microsoft(R) Windows(R) Operating System
5.3.2600.5512
[Services detected by Partizan] :HKLM MSPCLOCK=C:\WINDOWS\SYSTEM32\DRIVERS\MSP
CLOCK.SYS
### Driver Microsoft Streaming Clock Proxy Start Type: loaded manually on dema
nd MS Proxy Clock Microsoft Corporation Microsoft(R) Windows(R) Operating System
5.3.2600.5512
[Services detected by Partizan] :HKLM MSPQM=C:\WINDOWS\SYSTEM32\DRIVERS\MSPQM.
SYS
### Driver Microsoft Streaming Quality Manager Proxy Start Type: loaded manual
ly on demand MS Proxy Quality Manager Microsoft Corporation Microsoft® Windows® Oper
[Services detected by Partizan] :HKLM mssmbios=C:\WINDOWS\SYSTEM32\DRIVERS\MSS
MBIOS.SYS
### Driver Microsoft System Management BIOS Driver Start Type: loaded manually
on demand System Management BIOS Driver Microsoft Corporation Microsoft® Windows® O
[Services detected by Partizan] :HKLM MSTEE=C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.
SYS
### Driver Microsoft Streaming Tee/Sink-to-Sink Converter Start Type: loaded m
anually on demand WDM Tee/Communication Transform Filter Microsoft Corporation
Microsoft(R) Windows(R) Operating System 5.3.2600.5512
[Services detected by Partizan] :HKLM MTsensor=C:\WINDOWS\SYSTEM32\DRIVERS\ASA
CPI.SYS
### Driver ATK0110 ACPI UTILITY Start Type: loaded manually on demand ATK0110
ACPI Utility ATK0110 ACPI Utility 1043, 3, 2, 2
[Services detected by Partizan] :HKLM Mup
### Driver Mup Start Type: loaded automatically by the Boot Loader
[Services detected by Partizan] :HKLM NABTSFEC=C:\WINDOWS\SYSTEM32\DRIVERS\NAB
TSFEC.SYS
### Driver NABTS/FEC VBI Codec Start Type: loaded manually on demand WDM NABTS
/FEC VBI Codec Microsoft Corporation Microsoft(R) Windows(R) Operating System 5.
3.2600.5512
[Services detected by Partizan] :HKLM napagent=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Network Access Protection Agent Allows windows clients to particip
ate in Network Access Protection Start Type: loaded manually on demand Generic H
ystem 5.1.2600.5512
[Services detected by Partizan] :HKLM NDIS
### Driver NDIS System Driver Start Type: loaded automatically by the Boot Loa
der
[Services detected by Partizan] :HKLM NdisIP=C:\WINDOWS\SYSTEM32\DRIVERS\NDISI
P.SYS
### Driver Microsoft TV/Video Connection Start Type: loaded manually on demand
Microsoft IP Driver Microsoft Corporation Microsoft(R) Windows(R) Operating Sys
tem 5.3.2600.5512
[Services detected by Partizan] :HKLM NdisTapi=C:\WINDOWS\SYSTEM32\DRIVERS\NDI
STAPI.SYS
### Driver Remote Access NDIS TAPI Driver Remote Access NDIS TAPI Driver Start
Type: loaded manually on demand NDIS 3.0 connection wrapper driver Microsoft Co
[Services detected by Partizan] :HKLM Ndisuio=C:\WINDOWS\SYSTEM32\DRIVERS\NDIS
UIO.SYS
### Driver NDIS Usermode I/O Protocol NDIS Usermode I/O Protocol Start Type: l
oaded manually on demand NDIS User mode I/O Driver Microsoft Corporation Microso
[Services detected by Partizan] :HKLM NdisWan=C:\WINDOWS\SYSTEM32\DRIVERS\NDIS
WAN.SYS
### Driver Remote Access NDIS WAN Driver Remote Access NDIS WAN Driver Start T
ype: loaded manually on demand MS PPP Framing Driver (Strong Encryption) Microso
ft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM NDProxy
[Services detected by Partizan] :HKLM NetBIOS=C:\WINDOWS\SYSTEM32\DRIVERS\NETB
IOS.SYS
### Driver NetBIOS Interface NetBIOS Interface Start Type: loaded automaticall
y at Kernel initialization NetBIOS interface driver Microsoft Corporation Micros
[Services detected by Partizan] :HKLM NetBT=C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.
SYS
### Driver NetBios over Tcpip NetBios over Tcpip Start Type: loaded automatica
lly at Kernel initialization MBT Transport driver Microsoft Corporation Microsof
[Services detected by Partizan] :HKLM NetDDE=C:\WINDOWS\SYSTEM32\NETDDE.EXE
### Service Network DDE Provides network transport and security for Dynamic Da
ta Exchange (DDE) for programs running on the same computer or on different comp
uters. If this service is stopped, DDE transport and security will be unavailabl
ail to start. Start Type: disabled Network DDE - DDE Communication Microsoft Cor
[Services detected by Partizan] :HKLM NetDDEdsdm=C:\WINDOWS\SYSTEM32\NETDDE.EX
E
### Service Network DDE DSDM Manages Dynamic Data Exchange (DDE) network share
s. If this service is stopped, DDE network shares will be unavailable. If this s
ervice is disabled, any services that explicitly depend on it will fail to start
. Start Type: disabled Network DDE - DDE Communication Microsoft Corporation Mi
[Services detected by Partizan] :HKLM Netlogon=C:\WINDOWS\SYSTEM32\LSASS.EXE
### Service Net Logon Supports pass-through authentication of account logon ev
ents for computers in a domain. Start Type: loaded manually on demand LSA Shell
.5512
[Services detected by Partizan] :HKLM Netman=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Network Connections Manages objects in the Network and Dial-Up Con
nections folder, in which you can view both local area network and remote connec
tions. Start Type: loaded manually on demand Generic Host Process for Win32 Serv
ices Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM NetTcpPortSharing=C:\WINDOWS\MICROSOFT.N
ET\FRAMEWORK\V3.0\WINDOWS COMMUNICATION FOUNDATION\SMSVCHOST.EXE
### Service Net.Tcp Port Sharing Service Provides ability to share TCP ports o
ver the net.tcp protocol. Start Type: disabled SMSvcHost.exe Microsoft Corporati
on Microsoft® .NET Framework 3.0.4506.2152
[Services detected by Partizan] :HKLM Nla=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Network Location Awareness (NLA) Collects and stores network confi
guration and location information, and notifies applications when this informati
on changes. Start Type: loaded manually on demand Generic Host Process for Win32
[Services detected by Partizan] :HKLM Npfs
[Services detected by Partizan] :HKLM Ntfs
[Services detected by Partizan] :HKLM NtLmSsp=C:\WINDOWS\SYSTEM32\LSASS.EXE
### Service NT LM Security Support Provider Provides security to remote proced
ure call (RPC) programs that use transports other than named pipes. Start Type:
loaded manually on demand LSA Shell (Export Version) Microsoft Corporation Micro
[Services detected by Partizan] :HKLM NtmsSvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Removable Storage Start Type: loaded manually on demand Generic Ho
st Process for Win32 Services Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Services detected by Partizan] :HKLM Null
[Services detected by Partizan] :HKLM nvata=C:\WINDOWS\SYSTEM32\DRIVERS\NVATA.
SYS
### Driver Start Type: loaded automatically by the Boot Loader NVIDIA® nForce(TM
) IDE Performance Driver NVIDIA Corporation NVIDIA nForce(TM) IDE Driver 5.10.26
00.0692
[Services detected by Partizan] :HKLM NVENETFD=C:\WINDOWS\SYSTEM32\DRIVERS\NVE
NETFD.SYS
### Driver NVIDIA nForce Networking Controller Driver Start Type: loaded manua
lly on demand NVIDIA Networking Function Driver. NVIDIA Corporation NVENETFD 1.0
0.03.06576
[Services detected by Partizan] :HKLM nvnetbus=C:\WINDOWS\SYSTEM32\DRIVERS\NVN
ETBUS.SYS
### Driver NVIDIA Network Bus Enumerator Start Type: loaded manually on demand
NVIDIA Networking Bus Driver. NVIDIA Corporation NVNETBUS 1.00.03.06576
[Services detected by Partizan] :HKLM NwlnkFlt=C:\WINDOWS\SYSTEM32\DRIVERS\NWL
NKFLT.SYS
### Driver IPX Traffic Filter Driver IPX Traffic Filter Driver Start Type: loa
ded manually on demand NWLINK2 Traffic Filter Driver Microsoft Corporation Micro
[Services detected by Partizan] :HKLM NwlnkFwd=C:\WINDOWS\SYSTEM32\DRIVERS\NWL
NKFWD.SYS
### Driver IPX Traffic Forwarder Driver IPX Traffic Forwarder Driver Start Typ
e: loaded manually on demand NWLINK2 Forwarder Driver Microsoft Corporation Micr
[Services detected by Partizan] :HKLM Parport=C:\WINDOWS\SYSTEM32\DRIVERS\PARP
ORT.SYS
### Driver Parallel port driver Start Type: loaded manually on demand Parallel
Port Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.551
2
[Services detected by Partizan] :HKLM Partizan=C:\WINDOWS\SYSTEM32\DRIVERS\PAR
TIZAN.SYS
### Driver Partizan Start Type: loaded automatically by the Boot Loader Partiz
an - Rootkit detector Greatis Software RegRun Security Suite 6, 8, 0, 0
[Services detected by Partizan] :HKLM PartMgr
[Services detected by Partizan] :HKLM ParVdm
### Driver Start Type: loaded automatically by Server Manager
[Services detected by Partizan] :HKLM PCI=C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS
### Driver PCI Bus Driver Start Type: loaded automatically by the Boot Loader
NT Plug and Play PCI Enumerator Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Services detected by Partizan] :HKLM PCIDump
[Services detected by Partizan] :HKLM PCIIde=C:\WINDOWS\SYSTEM32\DRIVERS\PCIID
E.SYS
### Driver Start Type: loaded automatically by the Boot Loader Generic PCI IDE
Bus Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Services detected by Partizan] :HKLM Pcmcia
[Services detected by Partizan] :HKLM PDCOMP
[Services detected by Partizan] :HKLM PDFRAME
[Services detected by Partizan] :HKLM PDRELI
[Services detected by Partizan] :HKLM PDRFRAME
[Services detected by Partizan] :HKLM perc2
[Services detected by Partizan] :HKLM perc2hib
[Services detected by Partizan] :HKLM PerfDisk
[Services detected by Partizan] :HKLM PerfNet
[Services detected by Partizan] :HKLM PerfOS
[Services detected by Partizan] :HKLM PerfProc
[Services detected by Partizan] :HKLM PlugPlay=C:\WINDOWS\SYSTEM32\SERVICES.EX
E
### Service Plug and Play Enables a computer to recognize and adapt to hardwar
e changes with little or no user input. Stopping or disabling this service will
result in system instability. Start Type: loaded automatically by Server Manager
tem 5.1.2600.5512
[Services detected by Partizan] :HKLM PolicyAgent=C:\WINDOWS\SYSTEM32\LSASS.EX
E
### Service IPSEC Services Manages IP security policy and starts the ISAKMP/Oa
kley (IKE) and the IP security driver. Start Type: loaded automatically by Serve
r Manager LSA Shell (Export Version) Microsoft Corporation Microsoft® Windows® Opera
[Services detected by Partizan] :HKLM PptpMiniport=C:\WINDOWS\SYSTEM32\DRIVERS
\RASPPTP.SYS
### Driver WAN Miniport (PPTP) WAN Miniport (PPTP) Start Type: loaded manually
on demand Peer-to-Peer Tunneling Protocol Microsoft Corporation Microsoft® Window
[Services detected by Partizan] :HKLM Processor=C:\WINDOWS\SYSTEM32\DRIVERS\PR
OCESSR.SYS
### Driver Processor Driver Start Type: loaded automatically at Kernel initial
ization Processor Device Driver Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Services detected by Partizan] :HKLM ProtectedStorage=C:\WINDOWS\SYSTEM32\LSA
SS.EXE
### Service Protected Storage Provides protected storage for sensitive data, s
uch as private keys, to prevent access by unauthorized services, processes, or u
sers. Start Type: loaded automatically by Server Manager LSA Shell (Export Versi
on) Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM PSched=C:\WINDOWS\SYSTEM32\DRIVERS\PSCHE
D.SYS
### Driver QoS Packet Scheduler QoS Packet Scheduler Start Type: loaded manual
ly on demand MS QoS Packet Scheduler Microsoft Corporation Microsoft® Windows® Opera
[Services detected by Partizan] :HKLM Ptilink=C:\WINDOWS\SYSTEM32\DRIVERS\PTIL
INK.SYS
### Driver Direct Parallel Link Driver Direct Parallel Link Driver Start Type:
loaded manually on demand Parallel Technologies DirectParallel IO Library Paral
lel Technologies, Inc. Microsoft® Windows® Operating System 5.1.2600.0
[Services detected by Partizan] :HKLM PxHelp20=C:\WINDOWS\SYSTEM32\DRIVERS\PXH
ELP20.SYS
### Driver PxHelp20 Start Type: loaded automatically by the Boot Loader Px Eng
ine Device Driver for Windows 2000/XP Sonic Solutions PxHelp20
[Services detected by Partizan] :HKLM ql1080
[Services detected by Partizan] :HKLM Ql10wnt
[Services detected by Partizan] :HKLM RasAcd=C:\WINDOWS\SYSTEM32\DRIVERS\RASAC
D.SYS
### Driver Remote Access Auto Connection Driver Remote Access Auto Connection
Driver Start Type: loaded automatically at Kernel initialization RAS Automatic C
onnection Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600
.0
[Services detected by Partizan] :HKLM RasAuto=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Remote Access Auto Connection Manager Creates a connection to a re
mote network whenever a program references a remote DNS or NetBIOS name or addre
ss. Start Type: loaded manually on demand Generic Host Process for Win32 Service
[Services detected by Partizan] :HKLM Rasl2tp=C:\WINDOWS\SYSTEM32\DRIVERS\RASL
2TP.SYS
### Driver WAN Miniport (L2TP) WAN Miniport (L2TP) Start Type: loaded manually
on demand RAS L2TP mini-port/call-manager driver Microsoft Corporation Microsof
[Services detected by Partizan] :HKLM RasMan=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Remote Access Connection Manager Creates a network connection. Sta
rt Type: loaded manually on demand Generic Host Process for Win32 Services Micro
[Services detected by Partizan] :HKLM RasPppoe=C:\WINDOWS\SYSTEM32\DRIVERS\RAS
PPPOE.SYS
### Driver Remote Access PPPOE Driver Remote Access PPPOE Driver Start Type: l
oaded manually on demand RAS PPPoE mini-port/call-manager driver Microsoft Corpo
[Services detected by Partizan] :HKLM Raspti=C:\WINDOWS\SYSTEM32\DRIVERS\RASPT
I.SYS
### Driver Direct Parallel Direct Parallel Start Type: loaded manually on dema
nd PTI DirectParallel(R) mini-port/call-manager driver Microsoft Corporation Mic
[Services detected by Partizan] :HKLM Rdbss=C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.
SYS
### Driver Rdbss Rdbss Start Type: loaded automatically at Kernel initializati
on Redirected Drive Buffering SubSystem Driver Microsoft Corporation Microsoft® Wi
[Services detected by Partizan] :HKLM RDPCDD=C:\WINDOWS\SYSTEM32\DRIVERS\RDPCD
D.SYS
### Driver Start Type: loaded automatically at Kernel initialization RDP Minip
ort Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Services detected by Partizan] :HKLM RDPDD
[Services detected by Partizan] :HKLM rdpdr=C:\WINDOWS\SYSTEM32\DRIVERS\RDPDR.
SYS
### Driver Terminal Server Device Redirector Driver Start Type: loaded manuall
y on demand Microsoft RDP Device redirector Microsoft Corporation Microsoft® Windo
[Services detected by Partizan] :HKLM RDPNP
[Services detected by Partizan] :HKLM RDPWD
[Services detected by Partizan] :HKLM RDSessMgr=C:\WINDOWS\SYSTEM32\SESSMGR.EX
E
### Service Remote Desktop Help Session Manager Manages and controls Remote As
sistance. If this service is stopped, Remote Assistance will be unavailable. Bef
ore stopping this service, see the Dependencies tab of the Properties dialog box
. Start Type: loaded manually on demand Microsoft® Remote Desktop Help Session Man
ager Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM redbook=C:\WINDOWS\SYSTEM32\DRIVERS\REDB
OOK.SYS
### Driver Digital CD Audio Playback Filter Driver Start Type: loaded automati
cally at Kernel initialization Redbook Audio Filter Driver Microsoft Corporation
[Services detected by Partizan] :HKLM RemoteAccess=C:\WINDOWS\SYSTEM32\SVCHOST
.EXE
### Service Routing and Remote Access Offers routing services to businesses in
local area and wide area network environments. Start Type: disabled Generic Hos
tem 5.1.2600.5512
[Services detected by Partizan] :HKLM RemoteRegistry=C:\WINDOWS\SYSTEM32\SVCHO
ST.EXE
### Service Remote Registry Enables remote users to modify registry settings o
n this computer. If this service is stopped, the registry can be modified only b
y users on this computer. If this service is disabled, any services that explici
tly depend on it will fail to start. Start Type: loaded automatically by Server
Manager Generic Host Process for Win32 Services Microsoft Corporation Microsoft® W
[Services detected by Partizan] :HKLM RichVideo=C:\PROGRAM FILES\CYBERLINK\SHA
RED FILES\RICHVIDEO.EXE
### Service Cyberlink RichVideo Service(CRVS) Start Type: loaded automatically
by Server Manager RichVideo Module RichVideo Module 2.0.2807
[Services detected by Partizan] :HKLM RpcLocator=C:\WINDOWS\SYSTEM32\LOCATOR.E
XE
### Service Remote Procedure Call (RPC) Locator Manages the RPC name service d
atabase. Start Type: loaded manually on demand Rpc Locator Microsoft Corporation
[Services detected by Partizan] :HKLM RpcSs=C:\WINDOWS\SYSTEM32\SVCHOST.exe
### Service Remote Procedure Call (RPC) Provides the endpoint mapper and other
miscellaneous RPC services. Start Type: loaded automatically by Server Manager
Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Windows® Op
[Services detected by Partizan] :HKLM RSVP=C:\WINDOWS\SYSTEM32\RSVP.EXE
### Service QoS RSVP Provides network signaling and local traffic control setu
p functionality for QoS-aware programs and control applets. Start Type: loaded m
anually on demand Microsoft RSVP Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.0
[Services detected by Partizan] :HKLM SamSs=C:\WINDOWS\SYSTEM32\LSASS.EXE
### Service Security Accounts Manager Stores security information for local us
er accounts. Start Type: loaded automatically by Server Manager LSA Shell (Expor
t Version) Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM SCardSvr=C:\WINDOWS\SYSTEM32\SCARDSVR.EX
E
### Service Smart Card Manages access to smart cards read by this computer. If
this service is stopped, this computer will be unable to read smart cards. If t
his service is disabled, any services that explicitly depend on it will fail to
start. Start Type: loaded manually on demand Smart Card Resource Management Serv
er Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM Schedule=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Task Scheduler Enables a user to configure and schedule automated
tasks on this computer. If this service is stopped, these tasks will not be run
at their scheduled times. If this service is disabled, any services that explici
tly depend on it will fail to start. Start Type: loaded automatically by Server
Manager Generic Host Process for Win32 Services Microsoft Corporation Microsoft® W
[Services detected by Partizan] :HKLM Secdrv=C:\WINDOWS\SYSTEM32\DRIVERS\SECDR
V.SYS
### Driver Secdrv SafeDisc driver Start Type: loaded automatically by Server M
anager Macrovision SECURITY Driver Macrovision Corporation, Macrovision Europe L
imited, and Macrovision Japan and Asia K.K. Macrovision SECURITY Driver SECURITY
Driver 4.03.086 2006/09/13
[Services detected by Partizan] :HKLM seclogon=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Secondary Logon Enables starting processes under alternate credent
ials. If this service is stopped, this type of logon access will be unavailable.
1.2600.5512
[Services detected by Partizan] :HKLM SENS=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service System Event Notification Tracks system events such as Windows log
on, network, and power events. Notifies COM+ Event System subscribers of these
events. Start Type: loaded automatically by Server Manager Generic Host Process
for Win32 Services Microsoft Corporation Microsoft® Windows® Operating System 5.1.26
00.5512
[Services detected by Partizan] :HKLM serenum=C:\WINDOWS\SYSTEM32\DRIVERS\SERE
NUM.SYS
### Driver Serenum Filter Driver Start Type: loaded manually on demand Serial
Port Enumerator Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.
5512
[Services detected by Partizan] :HKLM Serial=C:\WINDOWS\SYSTEM32\DRIVERS\SERIA
L.SYS
### Driver Serial port driver Start Type: loaded automatically at Kernel initi
alization Serial Device Driver Microsoft Corporation Microsoft® Windows® Operating S
ystem 5.1.2600.5512
[Services detected by Partizan] :HKLM ServiceModelEndpoint 3.0.0.0
[Services detected by Partizan] :HKLM ServiceModelOperation 3.0.0.0
[Services detected by Partizan] :HKLM ServiceModelService 3.0.0.0
[Services detected by Partizan] :HKLM Sfloppy
[Services detected by Partizan] :HKLM SharedAccess=C:\WINDOWS\SYSTEM32\SVCHOST
.EXE
### Service Windows Firewall/Internet Connection Sharing (ICS) Provides networ
k address translation, addressing, name resolution and/or intrusion prevention s
ervices for a home or small office network. Start Type: disabled Generic Host Pr
ocess for Win32 Services Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Services detected by Partizan] :HKLM ShellHWDetection=C:\WINDOWS\SYSTEM32\SVC
HOST.EXE
### Service Shell Hardware Detection Provides notifications for AutoPlay hardw
are events. Start Type: loaded automatically by Server Manager Generic Host Proc
1.2600.5512
[Services detected by Partizan] :HKLM Simbad
[Services detected by Partizan] :HKLM SLIP=C:\WINDOWS\SYSTEM32\DRIVERS\SLIP.SY
S
### Driver BDA Slip De-Framer Start Type: loaded manually on demand Microsoft
Slip Deframing Filter Minidriver Microsoft Corporation Microsoft(R) Windows(R) O
[Services detected by Partizan] :HKLM SMSvcHost 3.0.0.0
[Services detected by Partizan] :HKLM Sparrow
[Services detected by Partizan] :HKLM splitter=C:\WINDOWS\SYSTEM32\DRIVERS\SPL
ITTER.SYS
### Driver Microsoft Kernel Audio Splitter Start Type: loaded manually on dema
nd Microsoft Kernel Audio Splitter Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Services detected by Partizan] :HKLM Spooler=C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
### Service Print Spooler Loads files to memory for later printing. Start Type
: loaded automatically by Server Manager Spooler SubSystem App Microsoft Corpora
tion Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM sptd=C:\WINDOWS\SYSTEM32\DRIVERS\SPTD.SY
S
[Services detected by Partizan] :HKLM Sr=C:\WINDOWS\SYSTEM32\DRIVERS\SR.SYS
### Driver System Restore Filter Driver Start Type: loaded automatically by th
e Boot Loader System Restore Filesystem Filter Driver Microsoft Corporation Micr
[Services detected by Partizan] :HKLM srservice=C:\WINDOWS\SYSTEM32\SVCHOST.EX
E
### Service System Restore Service Performs system restore functions. To stop
service, turn off System Restore from the System Restore tab in My Computer->Pro
perties Start Type: disabled Generic Host Process for Win32 Services Microsoft C
[Services detected by Partizan] :HKLM Srv=C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS
### Driver Srv Srv Start Type: loaded manually on demand Server driver Microso
ft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM SSDPSRV=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service SSDP Discovery Service Enables discovery of UPnP devices on your h
ome network. Start Type: loaded manually on demand Generic Host Process for Win3
[Services detected by Partizan] :HKLM stisvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Windows Image Acquisition (WIA) Provides image acquisition service
s for scanners and cameras. Start Type: loaded automatically by Server Manager G
eneric Host Process for Win32 Services Microsoft Corporation Microsoft® Windows® Ope
[Services detected by Partizan] :HKLM streamip=C:\WINDOWS\SYSTEM32\DRIVERS\STR
EAMIP.SYS
### Driver BDA IPSink Start Type: loaded manually on demand Microsoft IP Test
Driver Microsoft Corporation Microsoft(R) Windows(R) Operating System 5.3.2600.5
512
[Services detected by Partizan] :HKLM swenum=C:\WINDOWS\SYSTEM32\DRIVERS\SWENU
M.SYS
### Driver Software Bus Driver Start Type: loaded manually on demand Plug and
Play Software Device Enumerator Microsoft Corporation Microsoft(R) Windows(R) Op
[Services detected by Partizan] :HKLM swmidi=C:\WINDOWS\SYSTEM32\DRIVERS\SWMID
I.SYS
### Driver Microsoft Kernel GS Wavetable Synthesizer Start Type: loaded manual
ly on demand Microsoft GS Wavetable Synthesizer Microsoft Corporation Microsoft® W
[Services detected by Partizan] :HKLM SwPrv=C:\WINDOWS\SYSTEM32\DLLHOST.EXE
### Service MS Software Shadow Copy Provider Manages software-based volume sha
dow copies taken by the Volume Shadow Copy service. If this service is stopped,
software-based volume shadow copies cannot be managed. If this service is disabl
ed, any services that explicitly depend on it will fail to start. Start Type: lo
aded manually on demand COM Surrogate Microsoft Corporation Microsoft® Windows® Oper
[Services detected by Partizan] :HKLM symc810
[Services detected by Partizan] :HKLM symc8xx
[Services detected by Partizan] :HKLM sym_hi
[Services detected by Partizan] :HKLM sym_u3
[Services detected by Partizan] :HKLM sysaudio=C:\WINDOWS\SYSTEM32\DRIVERS\SYS
AUDIO.SYS
### Driver Microsoft Kernel System Audio Device Start Type: loaded manually on
demand System Audio WDM Filter Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Services detected by Partizan] :HKLM SysmonLog=C:\WINDOWS\SYSTEM32\SMLOGSVC.E
XE
### Service Performance Logs and Alerts Collects performance data from local o
r remote computers based on preconfigured schedule parameters, then writes the d
ata to a log or triggers an alert. If this service is stopped, performance infor
mation will not be collected. If this service is disabled, any services that exp
licitly depend on it will fail to start. Start Type: loaded manually on demand P
erformance Logs and Alerts Service Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Services detected by Partizan] :HKLM TapiSrv=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Telephony Provides Telephony API (TAPI) support for programs that
control telephony devices and IP based voice connections on the local computer a
nd, through the LAN, on servers that are also running the service. Start Type: l
oaded manually on demand Generic Host Process for Win32 Services Microsoft Corpo
[Services detected by Partizan] :HKLM Tcpip=C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.
SYS
### Driver TCP/IP Protocol Driver TCP/IP Protocol Driver Start Type: loaded au
tomatically at Kernel initialization TCP/IP Protocol Driver Microsoft Corporatio
[Services detected by Partizan] :HKLM TDPIPE
[Services detected by Partizan] :HKLM TDTCP
[Services detected by Partizan] :HKLM TermDD=C:\WINDOWS\SYSTEM32\DRIVERS\TERMD
D.SYS
### Driver Terminal Device Driver Start Type: loaded automatically at Kernel i
nitialization Terminal Server Driver Microsoft Corporation Microsoft® Windows® Opera
[Services detected by Partizan] :HKLM TermService=C:\WINDOWS\SYSTEM32\SVCHOST.
exe
### Service Terminal Services Allows multiple users to be connected interactiv
ely to a machine as well as the display of desktops and applications to remote c
omputers. The underpinning of Remote Desktop (including RD for Administrators),
Fast User Switching, Remote Assistance, and Terminal Server. Start Type: loaded
manually on demand Generic Host Process for Win32 Services Microsoft Corporation
[Services detected by Partizan] :HKLM Themes=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Themes Provides user experience theme management. Start Type: load
ed automatically by Server Manager Generic Host Process for Win32 Services Micro
[Services detected by Partizan] :HKLM TlntSvr=C:\WINDOWS\SYSTEM32\TLNTSVR.EXE
### Service Telnet Enables a remote user to log on to this computer and run pr
ograms, and supports various TCP/IP Telnet clients, including UNIX-based and Win
dows-based computers. If this service is stopped, remote user access to programs
might be unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start. Start Type: disabled Telnet Microsoft Corporat
[Services detected by Partizan] :HKLM TosIde
[Services detected by Partizan] :HKLM TrkWks=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Distributed Link Tracking Client Maintains links between NTFS file
s within a computer or across computers in a network domain. Start Type: loaded
automatically by Server Manager Generic Host Process for Win32 Services Microsof
t Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM TSDDD
[Services detected by Partizan] :HKLM Udfs
[Services detected by Partizan] :HKLM ultra
[Services detected by Partizan] :HKLM UMWdf=C:\WINDOWS\SYSTEM32\WDFMGR.EXE
### Service Windows User Mode Driver Framework Enables Windows user mode drive
rs. Start Type: loaded automatically by Server Manager Windows User Mode Driver
Manager Microsoft Corporation Microsoft® Windows® Operating System 5.2.3790.1230
[Services detected by Partizan] :HKLM Update=C:\WINDOWS\SYSTEM32\DRIVERS\UPDAT
E.SYS
### Driver Microcode Update Driver Start Type: loaded manually on demand Updat
e Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM upnphost=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Universal Plug and Play Device Host Provides support to host Unive
rsal Plug and Play devices. Start Type: loaded manually on demand Generic Host P
rocess for Win32 Services Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Services detected by Partizan] :HKLM UPS=C:\WINDOWS\SYSTEM32\UPS.EXE
### Service Uninterruptible Power Supply Manages an uninterruptible power supp
ly (UPS) connected to the computer. Start Type: loaded manually on demand UPS Se
rvice Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Services detected by Partizan] :HKLM usbaudio=C:\WINDOWS\SYSTEM32\DRIVERS\USB
AUDIO.SYS
### Driver USB Audio Driver (WDM) Start Type: loaded manually on demand USB Au
dio Class Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600
.5512
[Services detected by Partizan] :HKLM usbccgp=C:\WINDOWS\SYSTEM32\DRIVERS\USBC
CGP.SYS
### Driver Microsoft USB Generic Parent Driver Start Type: loaded manually on
demand USB Common Class Generic Parent Driver Microsoft Corporation Microsoft® Win
[Services detected by Partizan] :HKLM usbehci=C:\WINDOWS\SYSTEM32\DRIVERS\USBE
HCI.SYS
### Driver Microsoft USB 2.0 Enhanced Host Controller Miniport Driver Start Ty
pe: loaded manually on demand EHCI eUSB Miniport Driver Microsoft Corporation Mi
[Services detected by Partizan] :HKLM usbhub=C:\WINDOWS\SYSTEM32\DRIVERS\USBHU
B.SYS
### Driver USB2 Enabled Hub Start Type: loaded manually on demand Default Hub
Driver for USB Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5
512
[Services detected by Partizan] :HKLM usbohci=C:\WINDOWS\SYSTEM32\DRIVERS\USBO
HCI.SYS
### Driver Microsoft USB Open Host Controller Miniport Driver Start Type: load
ed manually on demand OHCI USB Miniport Driver Microsoft Corporation Microsoft® Wi
[Services detected by Partizan] :HKLM USBSTOR=C:\WINDOWS\SYSTEM32\DRIVERS\USBS
TOR.SYS
### Driver USB Mass Storage Driver Start Type: loaded manually on demand USB M
ass Storage Class Driver Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Services detected by Partizan] :HKLM usbvideo=C:\WINDOWS\SYSTEM32\DRIVERS\USB
VIDEO.SYS
### Driver USB Video Device (WDM) Start Type: loaded manually on demand USB Vi
deo Class Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600
.5512
[Services detected by Partizan] :HKLM VgaSave=C:\WINDOWS\SYSTEM32\DRIVERS\VGA.
SYS
### Driver Start Type: loaded automatically at Kernel initialization VGA/Super
VGA Video Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.260
0.5512
[Services detected by Partizan] :HKLM ViaIde
[Services detected by Partizan] :HKLM VolSnap
[Services detected by Partizan] :HKLM VSS=C:\WINDOWS\SYSTEM32\VSSVC.EXE
### Service Volume Shadow Copy Manages and implements Volume Shadow Copies use
d for backup and other purposes. If this service is stopped, shadow copies will
be unavailable for backup and the backup may fail. If this service is disabled,
any services that explicitly depend on it will fail to start. Start Type: loaded
manually on demand Microsoft® Volume Shadow Copy Service Microsoft Corporation Mi
[Services detected by Partizan] :HKLM VxD
[Services detected by Partizan] :HKLM W32Time=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Windows Time Maintains date and time synchronization on all client
s and servers in the network. If this service is stopped, date and time synchron
ization will be unavailable. If this service is disabled, any services that expl
icitly depend on it will fail to start.
Start Type: loaded automatically by Server Manager Generic Host Process for Win
[Services detected by Partizan] :HKLM W3SVC
[Services detected by Partizan] :HKLM Wanarp=C:\WINDOWS\SYSTEM32\DRIVERS\WANAR
P.SYS
### Driver Remote Access IP ARP Driver Remote Access IP ARP Driver Start Type:
loaded manually on demand MS Remote Access and Routing ARP Driver Microsoft Cor
[Services detected by Partizan] :HKLM WDICA
[Services detected by Partizan] :HKLM wdmaud=C:\WINDOWS\SYSTEM32\DRIVERS\WDMAU
D.SYS
### Driver Microsoft WINMM WDM Audio Compatibility Driver Start Type: loaded m
anually on demand MMSYSTEM Wave/Midi API mapper Microsoft Corporation Microsoft® W
[Services detected by Partizan] :HKLM WebClient=C:\WINDOWS\SYSTEM32\SVCHOST.EX
E
### Service WebClient Enables Windows-based programs to create, access, and mo
dify Internet-based files. If this service is stopped, these functions will not
be available. If this service is disabled, any services that explicitly depend o
n it will fail to start. Start Type: loaded automatically by Server Manager Gene
ing System 5.1.2600.5512
[Services detected by Partizan] :HKLM Windows Workflow Foundation 3.0.0.0
[Services detected by Partizan] :HKLM winmgmt=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Windows Management Instrumentation Provides a common interface and
object model to access management information about operating system, devices,
applications and services. If this service is stopped, most Windows-based softwa
re will not function properly. If this service is disabled, any services that ex
plicitly depend on it will fail to start. Start Type: loaded automatically by Se
rver Manager Generic Host Process for Win32 Services Microsoft Corporation Micro
[Services detected by Partizan] :HKLM Winsock
[Services detected by Partizan] :HKLM WinSock2
[Services detected by Partizan] :HKLM WinTrust
[Services detected by Partizan] :HKLM WmdmPmSN=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Portable Media Serial Number Service Retrieves the serial number o
f any portable media player connected to this computer. If this service is stopp
ed, protected content might not be down loaded to the device. Start Type: loaded
manually on demand Generic Host Process for Win32 Services Microsoft Corporatio
[Services detected by Partizan] :HKLM Wmi=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Windows Management Instrumentation Driver Extensions Provides syst
ems management information to and from drivers. Start Type: loaded manually on d
emand Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Win
[Services detected by Partizan] :HKLM WmiApRpl
[Services detected by Partizan] :HKLM WmiApSrv=C:\WINDOWS\SYSTEM32\WBEM\WMIAPS
RV.EXE
### Service WMI Performance Adapter Provides performance library information f
rom WMI HiPerf providers. Start Type: loaded manually on demand WMI Performance
Adapter Service Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.
5512
[Services detected by Partizan] :HKLM WS2IFSL
### Start Type: loaded automatically at Kernel initialization
[Services detected by Partizan] :HKLM wscsvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Security Center Monitors system security settings and configuratio
ns. Start Type: disabled Generic Host Process for Win32 Services Microsoft Corpo
[Services detected by Partizan] :HKLM WSTCODEC=C:\WINDOWS\SYSTEM32\DRIVERS\WST
CODEC.SYS
### Driver World Standard Teletext Codec Start Type: loaded manually on demand
WDM WST Codec Driver Microsoft Corporation Microsoft(R) Windows(R) Operating Sy
stem 5.3.2600.5512
[Services detected by Partizan] :HKLM wuauserv=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Automatic Updates Enables the download and installation of Windows
updates. If this service is disabled, this computer will not be able to use the
Automatic Updates feature or the Windows Update Web site. Start Type: disabled
Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Windows® Op
[Services detected by Partizan] :HKLM WZCSVC=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Wireless Zero Configuration Provides automatic configuration for t
he 802.11 adapters Start Type: loaded automatically by Server Manager Generic Ho
stem 5.1.2600.5512
[Services detected by Partizan] :HKLM xmlprov=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Service Network Provisioning Service Manages XML configuration files on a
domain basis for automatic network provisioning. Start Type: loaded manually on
demand Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Wi
[Services detected by Partizan] :HKLM {54786A8A-2F0C-4D90-BDA0-A7DC472167C8}
[Services detected by Partizan] :HKLM {CEA74AFA-B590-4A13-AFDC-05539DD107EB}
[Codecs] :HKLM midimapper=C:\WINDOWS\system32\MIDIMAP.DLL
### Microsoft MIDI Mapper Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Codecs] :HKLM msacm.imaadpcm=C:\WINDOWS\system32\IMAADP32.ACM
### IMA ADPCM CODEC for MSACM Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Codecs] :HKLM msacm.msadpcm=C:\WINDOWS\system32\MSADP32.ACM
### Microsoft ADPCM CODEC for MSACM Microsoft Corporation Microsoft® Windows® Oper
[Codecs] :HKLM msacm.msg711=C:\WINDOWS\system32\MSG711.ACM
### Microsoft CCITT G.711 (A-Law and u-Law) CODEC for MSACM Microsoft Corporat
[Codecs] :HKLM msacm.msgsm610=C:\WINDOWS\system32\MSGSM32.ACM
### Microsoft GSM 6.10 Audio CODEC for MSACM Microsoft Corporation Microsoft® Wi
[Codecs] :HKLM msacm.trspch=C:\WINDOWS\system32\TSSOFT32.ACM
### DSP Group TrueSpeech(TM) Audio Codec for MSACM V3.50 DSP GROUP, INC. DSP G
ROUP Windows NT(TM) TrueSpeech CODEC 1.01
[Codecs] :HKLM vidc.cvid=C:\WINDOWS\system32\ICCVID.DLL
### Cinepak® Codec Radius Inc. Cinepak for Windows 32 1.10.0.0
[Codecs] :HKLM VIDC.I420=C:\WINDOWS\system32\MSH263.DRV
### Microsoft H.263 ICM Driver Microsoft Corporation Windows® NetMeeting® 3.01
[Codecs] :HKLM vidc.iv31=C:\WINDOWS\system32\IR32_32.DLL
[Codecs] :HKLM vidc.iv41=C:\WINDOWS\system32\IR41_32.AX
### Intel Indeo® Video 4.5 Intel Corporation Intel Indeo® Video 4.5 4.51.16.03
[Codecs] :HKLM VIDC.IYUV=C:\WINDOWS\system32\IYUV_32.DLL
### Intel Indeo(R) Video YUV Codec Microsoft Corporation Microsoft® Windows® Opera
[Codecs] :HKLM vidc.mrle=C:\WINDOWS\system32\MSRLE32.DLL
### Microsoft RLE Compressor Microsoft Corporation Microsoft® Windows® Operating S
ystem 5.1.2600.5512
[Codecs] :HKLM vidc.msvc=C:\WINDOWS\system32\MSVIDC32.DLL
### Microsoft Video 1 Compressor Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.0
[Codecs] :HKLM VIDC.UYVY=C:\WINDOWS\system32\MSYUV.DLL
### Microsoft UYVY Video Decompressor Microsoft Corporation Microsoft(R) Windo
ws(R) Operating System 5.3.2600.5512
[Codecs] :HKLM VIDC.YUY2=C:\WINDOWS\system32\MSYUV.DLL
[Codecs] :HKLM VIDC.YVU9=C:\WINDOWS\system32\TSBYUV.DLL
### Toshiba Video Codec Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.0
[Codecs] :HKLM VIDC.YVYU=C:\WINDOWS\system32\MSYUV.DLL
[Codecs] :HKLM wavemapper=C:\WINDOWS\system32\MSACM32.DRV
### Microsoft Sound Mapper Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.0
[Codecs] :HKLM msacm.msg723=C:\WINDOWS\system32\MSG723.ACM
### Microsoft G.723.1 CODEC for MSACM Microsoft Corporation Windows® NetMeeting® 3
.01
[Codecs] :HKLM vidc.M263=C:\WINDOWS\system32\MSH263.DRV
[Codecs] :HKLM vidc.M261=C:\WINDOWS\system32\MSH261.DRV
[Codecs] :HKLM msacm.msaudio1=C:\WINDOWS\system32\MSAUD32.ACM
### Windows Media Audio Microsoft Corporation Windows Media Audio 8.00.00.4487
[Codecs] :HKLM msacm.sl_anet=C:\WINDOWS\system32\SL_ANET.ACM
### Audio codec for MS ACM Sipro Lab Telecom Inc. ACELP.net Audio Codec 3.02
[Codecs] :HKLM msacm.iac2=C:\WINDOWS\SYSTEM32\IAC25_32.AX
### Indeo® audio software Intel Corporation Indeo® audio software 2.05.53
### Intel Indeo® video 5.10 Intel Corporation Intel Indeo® video 5.10 R.5.10.15.2.
55
[Codecs] :HKLM msacm.l3acm=C:\WINDOWS\SYSTEM32\L3CODECA.ACM
### MPEG Layer-3 Audio Codec for MSACM Fraunhofer Institut Integrierte Schaltu
ngen IIS MPEG Layer-3 Audio Codec for MSACM 1, 0, 0, 0
[Codecs] :HKLM wave=C:\WINDOWS\system32\WDMAUD.DRV
### WDM Audio driver mapper Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Codecs] :HKLM midi=C:\WINDOWS\system32\WDMAUD.DRV
stem 5.1.2600.5512
[Codecs] :HKLM mixer=C:\WINDOWS\system32\WDMAUD.DRV
stem 5.1.2600.5512
[Codecs] :HKLM aux=C:\WINDOWS\system32\WDMAUD.DRV
stem 5.1.2600.5512
[Codecs] :HKLM VIDC.ACDV=C:\WINDOWS\system32\ACDV.DLL
### ACDV ACD Systems ACDV 2,0,9,2
[Codecs] :HKLM VIDC.FFDS=C:\PROGRA~1\COMBIN~1\FILTERS\FFDSHOW\FF_VFW.DLL
[Codecs] :HKLM msacm.siren=C:\WINDOWS\system32\SIRENACM.DLL
### Messenger Audio Codec Microsoft Corporation Messenger Audio Codec 14.0.811
7.0416
[Codecs] :HKLM MSVideo8=C:\WINDOWS\system32\VFWWDM32.DLL
### VfW MM Driver for WDM Video Capture Devices Microsoft Corporation Microsof
[Codecs] :HKLM wave1=C:\WINDOWS\system32\WDMAUD.DRV
stem 5.1.2600.5512
[Codecs] :HKLM midi1=C:\WINDOWS\system32\WDMAUD.DRV
stem 5.1.2600.5512
[Codecs] :HKLM mixer1=C:\WINDOWS\system32\WDMAUD.DRV
stem 5.1.2600.5512
[Codecs] :HKLM aux1=C:\WINDOWS\system32\WDMAUD.DRV
stem 5.1.2600.5512
[Codecs] :HKLM wave2=C:\WINDOWS\system32\WDMAUD.DRV
stem 5.1.2600.5512
[Codecs] :HKLM midi2=C:\WINDOWS\system32\WDMAUD.DRV
stem 5.1.2600.5512
[Codecs] :HKLM mixer2=C:\WINDOWS\system32\WDMAUD.DRV
stem 5.1.2600.5512
[Codecs] :HKLM aux2=C:\WINDOWS\system32\WDMAUD.DRV
stem 5.1.2600.5512
[Detected using Heuristic Algorithm] :HKLM A6SUZGX9.SYS=C:\WINDOWS\SYSTEM32\DR
IVERS\A6SUZGX9.SYS
em 5.1.2600.5512
[Auto Start Apps]
[Registry Run] :HKCU msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.
exe" /background
[Registry Run] :HKCU ctfmon.exe=C:\WINDOWS\SYSTEM32\CTFMON.EXE
### CTF Loader Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600
.5512
[Registry Run] :HKCU Skype=C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE
### Skype Skype Technologies S.A. Skype 5.0
[Registry Run] :HKCU UnHackMe Monitor=C:\PROGRAM FILES\UNHACKME\HACKMON.EXE
### Detects Rootkits in background Greatis Software UnHackMe 5.8
[Registry Run] :HKLM RTHDCPL=C:\WINDOWS\RTHDCPL.EXE
### Realtek HD Audio Control Panel Realtek Semiconductor Corp. Realtek HD Audi
o Sound Effect Manager 2.1.4.2
[Registry Run] :HKLM avast5=C:\PROGRA~1\ALWILS~1\AVAST5\AVASTUI.EXE
### avast! Antivirus AVAST Software avast! Antivirus 5, 0, 0, 0
[Registry Run] :HKLM KernelFaultCheck=C:\WINDOWS\SYSTEM32\DUMPREP.exe
### Windows Error Reporting Dump Reporting Tool Microsoft Corporation Microsof
[Registry RunOnceEx] :HKLM @Regrun2=C:\PROGRA~1\Greatis\REGRUN~1\regrun2.exe /
w
### 1=C:\PROGRA~1\Greatis\REGRUN~1\regrun2.exe /w
[Win.ini] load=""
[Win.ini] run=""
[Common Startup Folder] WinZip Quick Pick.lnk=C:\PROGRAM FILES\WINZIP\WZQKPICK
.EXE
### WinZip Executable WinZip Computing, S.L. WinZip 14.5 (9069)
[In memory]
[Running Processes] C:\WINDOWS\SYSTEM32\SMSS.EXE
### Windows NT Session Manager Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Running Processes] C:\WINDOWS\SYSTEM32\WINLOGON.EXE
### Windows NT Logon Application Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Running Processes] C:\WINDOWS\SYSTEM32\SERVICES.EXE
### Services and Controller app Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
[Running Processes] C:\WINDOWS\SYSTEM32\LSASS.EXE
### LSA Shell (Export Version) Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Running Processes] C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
### ATI External Event Utility EXE Module ATI Technologies Inc. ATI External E
vent Utility for Windows 6.14.10.4235
[Running Processes] C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Win
[Running Processes] C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\AVASTSVC.EXE
### avast! Service AVAST Software avast! Antivirus 5, 0, 0, 0
[Running Processes] C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
### ATI External Event Utility EXE Module ATI Technologies Inc. ATI External E
[Running Processes] C:\WINDOWS\EXPLORER.EXE
### Windows Explorer Microsoft Corporation Microsoft® Windows® Operating System 6.
00.2900.5512
[Running Processes] C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
### Run a DLL as an App Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Running Processes] C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
### Spooler SubSystem App Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Running Processes] C:\PROGRA~1\GREATIS\REGRUN~1\REGRUN2.EXE
### RegRun Start Control Greatis Software RegRun Security Suite 6.99 release
[Running Processes] C:\PROGRAM FILES\JAVA\JRE6\BIN\JQS.EXE
### Java(TM) Quick Starter Service Sun Microsystems, Inc. Java(TM) Platform SE
6 U20 6.0.200.2
[Running Processes] C:\PROGRAM FILES\LOGMEIN\X86\LMIGUARDIANSVC.EXE
### LMIGuardianSvc LogMeIn, Inc. LMIGuardianSvc 8.1.804
[Running Processes] C:\PROGRAM FILES\LOGMEIN\X86\RAMAINT.EXE
### LogMeIn Maintenance Service LogMeIn, Inc. LogMeIn 4.1.1556
[Running Processes] C:\PROGRAM FILES\LOGMEIN\X86\LOGMEIN.EXE
### LogMeIn LogMeIn, Inc. LogMeIn 3.0.596
[Running Processes] C:\PROGRAM FILES\CYBERLINK\SHARED FILES\RICHVIDEO.EXE
### RichVideo Module RichVideo Module 2.0.2807
[Loaded DLLs] C:\WINDOWS\System32\HTTPAPI.dll
### HTTP Protocol Stack API Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\System32\strmfilt.dll
### Stream Filter Library Microsoft Corporation Internet Information Services
6.0.2600.5512
[Loaded DLLs] c:\windows\system32\w3ssl.dll
### SSL service for HTTP Microsoft Corporation Internet Information Services 6
.0.2600.5512
[Loaded DLLs] C:\WINDOWS\System32\xpsp2res.dll
### Service Pack 2 Messages Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\actxprxy.dll
### ActiveX Interface Marshaling Library Microsoft Corporation Microsoft® Window
[Loaded DLLs] C:\WINDOWS\system32\xpsp2res.dll
stem 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\mscms.dll
### Microsoft Color Matching System DLL Microsoft Corporation Microsoft® Windows®
[Loaded DLLs] c:\windows\system32\wiaservc.dll
### Still Image Devices Service Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\wbem\wbemprox.dll
[Loaded DLLs] C:\WINDOWS\system32\KsUser.dll
### User CSA Library Microsoft Corporation Microsoft(R) Windows(R) Operating S
ystem 5.3.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\dsound.dll
### DirectSound Microsoft Corporation Microsoft(R) Windows(R) Operating System
5.3.2600.5512
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\ieframe.dll
.18702
[Loaded DLLs] C:\WINDOWS\system32\Normaliz.dll
### Unicode Normalization DLL Microsoft Corporation Microsoft® Windows® Operating
System 6.0.5441.0
[Loaded DLLs] C:\Program Files\LogMeIn\x86\LogMeIn.dll
### LogMeIn LogMeIn, Inc. LogMeIn 4.1.1556
[Loaded DLLs] C:\WINDOWS\system32\rassapi.dll
### Remote Access Admin APIs dll Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\inetmib1.dll
### Microsoft MIB-II subagent Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\snmpapi.dll
### SNMP Utility Library Microsoft Corporation Microsoft® Windows® Operating Syste
m 5.1.2600.5512
System 6.0.5441.0
stem 5.1.2600.5512
[Loaded DLLs] C:\Program Files\LogMeIn\x86\LMIGuardianDll.dll
### LMIGuardianDll LogMeIn, Inc. LMIGuardianDll 8.1.804
[Loaded DLLs] C:\WINDOWS\system32\perfdisk.dll
### Windows Disk Performance Objects DLL Microsoft Corporation Microsoft® Window
[Loaded DLLs] C:\WINDOWS\system32\perfos.dll
### Windows System Performance Objects DLL Microsoft Corporation Microsoft® Wind
[Loaded DLLs] C:\WINDOWS\system32\odbcint.dll
### Microsoft Data Access - ODBC Resources Microsoft Corporation Microsoft Dat
a Access Components 3.525.1132.0
[Loaded DLLs] C:\WINDOWS\system32\odbcbcp.dll
### Microsoft BCP for ODBC Microsoft Corporation Microsoft SQL Server 3.85.113
2
[Loaded DLLs] C:\WINDOWS\system32\pdh.dll
### Windows Performance Data Helper DLL Microsoft Corporation Microsoft® Windows®
System 6.0.5441.0
[Loaded DLLs] C:\Program Files\Java\jre6\bin\MSVCR71.dll
### Microsoft® C Runtime Library Microsoft Corporation Microsoft® Visual Studio .N
ET 7.10.3052.4
[Loaded DLLs] C:\WINDOWS\system32\ieframe.dll
.18702
[Loaded DLLs] C:\WINDOWS\System32\Wbem\framedyn.dll
### WMI SDK Provider Framework Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\srclient.dll
### SR CLIENT DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2
600.5512
[Loaded DLLs] C:\WINDOWS\system32\mstask.dll
### Task Scheduler interface DLL Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\ntshrui.dll
### Shell extensions for sharing Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\LINKINFO.dll
### Windows Volume Tracking Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\Cabinet.dll
### Microsoft® Cabinet File API Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\cryptnet.dll
### Crypto Network Related API Microsoft Corporation Microsoft® Windows® Operating
System 5.131.2600.5512
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\RICHED20.dll
### Rich Text Edit Control, v3.0 Microsoft Corporation Microsoft RichEdit Cont
rol, version 3.0 3.0
[Loaded DLLs] C:\WINDOWS\system32\RICHED32.DLL
### Wrapper Dll for Richedit 1.0 Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.0
System 6.0.5441.0
[Loaded DLLs] C:\WINDOWS\system32\olepro32.dll
[Loaded DLLs] C:\WINDOWS\system32\shfolder.dll
### Shell Folder Service Microsoft Corporation Microsoft® Windows® Operating Syste
m 6.00.2900.5512
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\inetpp.dll
### Internet Print Provider DLL Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\NETRAP.dll
### Net Remote Admin Protocol DLL Microsoft Corporation Microsoft® Windows® Operat
ing System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\win32spl.dll
### 32-bit Spooler API DLL Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintpro
c.dll
### Print Filter Pipeline Proxy Microsoft Corporation Microsoft® Windows® Operatin
g System 6.1.2600.5635
[Loaded DLLs] C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LMIproc.dll
### RemotelyAnywhere Print Processor LogMeIn, Inc. RemotelyAnywhere 9.0.1556
[Loaded DLLs] C:\WINDOWS\system32\usbmon.dll
### Standard Dynamic Printing Port Monitor DLL Microsoft Corporation Microsoft®
[Loaded DLLs] C:\WINDOWS\system32\tcpmon.dll
### Standard TCP/IP Port Monitor DLL Microsoft Corporation Microsoft® Windows® Ope
[Loaded DLLs] C:\WINDOWS\system32\pjlmon.dll
### PJL Language monitor Microsoft Corporation Microsoft® Windows® Operating Syste
m 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\LMIport.dll
### RemotelyAnywhere Printer Port Monitor LogMeIn, Inc. RemotelyAnywhere 9.0.1
556
[Loaded DLLs] C:\WINDOWS\system32\cnbjmon.dll
### Langage Monitor for Canon Bubble-Jet Printer Microsoft Corporation Microso
[Loaded DLLs] C:\WINDOWS\system32\localspl.dll
### Local Spooler DLL Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\SPOOLSS.DLL
### Spooler SubSystem DLL Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Loaded DLLs] C:\PROGRA~1\Greatis\REGRUN~1\RRShell.dll
### RRShell Module Greatis Software, LLC RRShell Module 1, 0, 1, 3
[Loaded DLLs] C:\WINDOWS\system32\ADVPACK.dll
### ADVPACK Microsoft Corporation Windows® Internet Explorer 8.00.6001.18702
[Loaded DLLs] C:\WINDOWS\system32\iernonce.dll
### Extended RunOnce processing with UI Microsoft Corporation Windows® Internet
Explorer 8.00.6001.18702
System 6.0.5441.0
[Loaded DLLs] C:\WINDOWS\system32\MSIMG32.dll
### GDIEXT Client DLL Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\themeui.dll
### Windows Theme API Microsoft Corporation Microsoft® Windows® Operating System 6
.00.2900.5512
System 6.0.5441.0
[Loaded DLLs] C:\WINDOWS\system32\SHDOCVW.dll
[Loaded DLLs] C:\WINDOWS\system32\BROWSEUI.dll
ystem 6.00.2900.5512
[Loaded DLLs] C:\WINDOWS\system32\atiadlxx.dll
### ADL Advanced Micro Devices, Inc. ADL Component 6.14.10.1054
[Loaded DLLs] C:\WINDOWS\system32\ati2evxx.dll
### ATI External Event Utility DLL Module ATI Technologies Inc. ATI External E
[Loaded DLLs] C:\WINDOWS\system32\Ati2edxx.dll
### ati2edxx ATI Technologies, Inc. ATI External Device Utility 6, 14, 10, 251
4
stem 5.1.2600.5512
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\aswDld.dll
### aswDld Dynamic Link Library avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll
### avast! Web Shield Filter Module AVAST Software avast! Antivirus 5, 0, 0,
0
[Loaded DLLs] C:\WINDOWS\system32\security.dll
### Security Support Provider Interface Microsoft Corporation Microsoft® Windows®
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\ashWebSv.dll
### avast! Web Scanner AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll
### avast! e-Mail Scanner Service AVAST Software avast! Antivirus 5, 0, 0, 0
stem 5.1.2600.5512
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\defs\10101901\arPot.dll
### ArPot usermode dll component AVAST Software avast! antivirus 4, 8, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\AhResWS.dll
### avast! HTTP Scanner AAVM Provider Library AVAST Software avast! Antivirus
5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\AhResStd.dll
### avast! Standard Shield AAVM Provider Library AVAST Software avast! Antivi
rus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\ahResP2P.dll
### avast! P2P Shield AAVM Provider Library AVAST Software avast! Antivirus 5
, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\AhResNS.dll
### avast! Network Shield AAVM Provider Library AVAST Software avast! Antiviru
s 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\ahResMes.dll
### avast! Messenger scanner AAVM Provider Library AVAST Software avast! Antiv
irus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\AhResMai.dll
### avast! e-Mail Scanner AAVM Provider Library AVAST Software avast! Antiviru
s 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\AhResBhv.dll
### avast! Behavior Shield AAVM Provider Library AVAST Software avast! Antivir
us 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\defs\10101901\algo.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\defs\10101901\aswScan.dll
### Low level antivirus engine AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\defs\10101901\aswCmnBS.dl
l
### Common functions AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\defs\10101901\aswCmnIS.dl
l
### Antivirus independent functions AVAST Software avast! Antivirus 5, 0, 0,
0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\defs\10101901\aswCmnOS.dl
l
### Antivirus HW dependent library AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\defs\10101901\aswEngin.dl
l
### High level antivirus engine AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\aswIdle.dll
### avast! Idle Hook Library AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\AavmRpch.dll
### avast! AAVM Remote Procedure Call Library AVAST Software avast! Antivirus
5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\Aavm4h.dll
### avast! Asynchronous Virus Monitor (AAVM) AVAST Software avast! Antivirus
5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\aswProperty.dll
### avast! Property Storage library AVAST Software avast! Antivirus 5, 0, 0,
0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\aswSqLt.dll
### avast! SQLite library AVAST Software avast! Antivirus 1, 0, 0, 1
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\aswLog.dll
### avast! Log library AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll
### avast! TaskEx library AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\ashTask.dll
### Task Handling Module AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\aswAux.dll
### avast! Auxiliary Library AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\ashServ.dll
### avast! antivirus service AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\1033\Base.dll
### avast! English Basic Module AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\WINDOWS\system32\dbghelp.dll
### Windows Image Helper Microsoft Corporation Microsoft® Windows® Operating Syste
m 5.1.2600.5512
System 6.0.5441.0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll
### Antivirus engine loader AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\ashBase.dll
### Basic Functionality Module AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30
729.4148_x-ww_d495ac4e\MSVCP90.dll
### Microsoft® C++ Runtime Library Microsoft Corporation Microsoft® Visual Studio® 2
008 9.00.30729.4148
729.4148_x-ww_d495ac4e\MSVCR90.dll
### Microsoft® C Runtime Library Microsoft Corporation Microsoft® Visual Studio® 200
8 9.00.30729.4148
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll
### Antivirus independent functions AVAST Software avast! Antivirus 5, 0, 0,
0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll
### Antivirus HW dependent library AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll
### Common functions AVAST Software avast! Antivirus 5, 0, 0, 0
[Loaded DLLs] C:\WINDOWS\system32\wbem\wbemcons.dll
### WMI Standard Event Consumers Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\wbem\ncprov.dll
### Non-COM WMI Event Provision APIs Microsoft Corporation Microsoft® Windows® Ope
[Loaded DLLs] C:\WINDOWS\System32\winrnr.dll
### LDAP RnR Provider DLL Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\System32\sensapi.dll
### SENS Connectivity API DLL Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\msxml3.dll
### MSXML 3.0 SP9 Microsoft Corporation Microsoft(R) MSXML 3.0 SP9 8.90.1101.0
[Loaded DLLs] C:\WINDOWS\System32\msi.dll
### Windows Installer Microsoft Corporation Windows Installer - Unicode 4.5.60
01.22159
[Loaded DLLs] C:\WINDOWS\System32\rasadhlp.dll
### Remote Access AutoDial Helper Microsoft Corporation Microsoft® Windows® Operat
ing System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\SSDPAPI.dll
### SSDP Client API DLL Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\WINHTTP.dll
### Windows HTTP Services Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\upnp.dll
### Universal Plug and Play API Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\WZCSAPI.DLL
### Wireless Zero Configuration service API Microsoft Corporation Microsoft® Win
[Loaded DLLs] c:\windows\system32\eappprxy.dll
### Microsoft EAPHost Peer Client DLL Microsoft Corporation Microsoft® Windows® Op
[Loaded DLLs] c:\windows\system32\eappcfg.dll
### Eap Peer Config Microsoft Corporation Microsoft® Windows® Operating System 5.1
.2600.5512
[Loaded DLLs] c:\windows\system32\OneX.DLL
### IEEE 802.1X supplicant library Microsoft Corporation Microsoft® Windows® Opera
[Loaded DLLs] c:\windows\system32\dot3dlg.dll
### 802.3 UI Helper Microsoft Corporation Microsoft® Windows® Operating System 5.1
.2600.5512
[Loaded DLLs] c:\windows\system32\credui.dll
### Credential Manager User Interface Microsoft Corporation Microsoft® Windows® Op
[Loaded DLLs] c:\windows\system32\netshell.dll
### Network Connections Shell Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\netman.dll
### Network Connections Manager Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\System32\RASQEC.DLL
### RAS Quarantine Enforcement Client Microsoft Corporation Microsoft® Windows® Op
[Loaded DLLs] C:\WINDOWS\System32\ntlsapi.dll
### Microsoft® License Server Interface DLL Microsoft Corporation Microsoft® Windo
[Loaded DLLs] C:\WINDOWS\System32\rasppp.dll
### Remote Access PPP Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Loaded DLLs] C:\WINDOWS\System32\hidphone.tsp
### Microsoft HID Phone TSP Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\System32\h323.tsp
### Microsoft H.323 Telephony Service Provider Microsoft Corporation Microsoft®
[Loaded DLLs] C:\WINDOWS\System32\ipconf.tsp
### Microsoft Multicast Conference TAPI Service Provider Microsoft Corporation
[Loaded DLLs] C:\WINDOWS\System32\ndptsp.tsp
### NDIS Proxy TAPI Service Provider Microsoft Corporation Microsoft® Windows® Ope
[Loaded DLLs] C:\WINDOWS\System32\kmddsp.tsp
### TAPI Kernel-Mode Service Provider Microsoft Corporation Microsoft® Windows® Op
[Loaded DLLs] C:\WINDOWS\system32\wbem\wbemess.dll
[Loaded DLLs] C:\WINDOWS\system32\wbem\wmiprvsd.dll
[Loaded DLLs] C:\WINDOWS\System32\uniplat.dll
### Unimodem AT Mini Driver Platform Driver for Windows NT Microsoft Corporati
[Loaded DLLs] C:\WINDOWS\System32\unimdm.tsp
### Unimodem 5 Service Provider Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\System32\rastapi.dll
### Remote Access TAPI Compliance Layer Microsoft Corporation Microsoft® Windows®
[Loaded DLLs] C:\WINDOWS\system32\wbem\repdrvfs.dll
[Loaded DLLs] C:\WINDOWS\system32\wbem\wmiutils.dll
[Loaded DLLs] C:\WINDOWS\system32\wbem\wbemsvc.dll
[Loaded DLLs] c:\windows\system32\netcfgx.dll
### Network Configuration Objects Microsoft Corporation Microsoft® Windows® Operat
ing System 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\rasmans.dll
[Loaded DLLs] c:\windows\system32\tapisrv.dll
### Microsoft® Windows(TM) Telephony Server Microsoft Corporation Microsoft® Windo
[Loaded DLLs] C:\WINDOWS\System32\Wbem\FastProx.dll
[Loaded DLLs] C:\WINDOWS\System32\Wbem\wbemcomn.dll
[Loaded DLLs] C:\WINDOWS\System32\Wbem\esscli.dll
[Loaded DLLs] C:\WINDOWS\System32\Wbem\wbemcore.dll
[Loaded DLLs] C:\WINDOWS\System32\RESUTILS.DLL
### Microsoft Cluster Resource Utility DLL Microsoft Corporation Microsoft® Wind
[Loaded DLLs] C:\WINDOWS\System32\CLUSAPI.DLL
### Cluster API Library Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\MTXCLU.DLL
### MS DTC amd MTS clustering support DLL Microsoft Corporation COM Services 0
3.01.00.4414
[Loaded DLLs] C:\WINDOWS\system32\colbact.DLL
[Loaded DLLs] C:\WINDOWS\system32\comsvcs.dll
[Loaded DLLs] C:\WINDOWS\system32\VSSAPI.DLL
### Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL Microsoft Co
[Loaded DLLs] c:\windows\system32\wbem\wmisvc.dll
[Loaded DLLs] c:\windows\system32\browser.dll
### Computer Browser Service DLL Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\trkwks.dll
### Distributed Link Tracking Client Microsoft Corporation Microsoft® Windows® Ope
[Loaded DLLs] c:\windows\system32\sens.dll
### System Event Notification Service (SENS) Microsoft Corporation Microsoft® Wi
[Loaded DLLs] c:\windows\system32\seclogon.dll
### Secondary Logon Service DLL Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\srvsvc.dll
### Server Service DLL Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Loaded DLLs] c:\windows\system32\es.dll
[Loaded DLLs] c:\windows\system32\HID.DLL
### Hid User Library Microsoft Corporation Microsoft® Windows® Operating System 5.
1.2600.5512
[Loaded DLLs] c:\windows\system32\hidserv.dll
### HID Audio Service Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Loaded DLLs] c:\windows\pchealth\helpctr\binaries\pchsvc.dll
### Microsoft PCHealth Service Holder Microsoft Corporation Microsoft® Windows® Op
[Loaded DLLs] c:\windows\system32\dmserver.dll
### Logical Disk Manager service dll Microsoft Corp. Logical Disk Manager for
Windows NT 1.0
[Loaded DLLs] c:\windows\system32\certcli.dll
### Microsoft® Certificate Services Client Microsoft Corporation Microsoft® Window
[Loaded DLLs] c:\windows\system32\cryptsvc.dll
### Cryptographic Services Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\wkssvc.dll
### Workstation Service DLL Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\audiosrv.dll
### Windows Audio Service Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\System32\MSIDLE.DLL
### User Idle Monitor Microsoft Corporation Microsoft® Windows® Operating System 6
.00.2900.5512
[Loaded DLLs] c:\windows\system32\schedsvc.dll
### Task Scheduler Engine Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\System32\raschap.dll
### Remote Access PPP CHAP Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\System32\TAPI32.dll
### Microsoft® Windows(TM) Telephony API Client DLL Microsoft Corporation Micros
[Loaded DLLs] C:\WINDOWS\System32\rasman.dll
[Loaded DLLs] C:\WINDOWS\System32\RASAPI32.dll
### Remote Access API Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Loaded DLLs] C:\WINDOWS\System32\MPRAPI.dll
### Windows NT MP Router Administration DLL Microsoft Corporation Microsoft® Win
[Loaded DLLs] C:\WINDOWS\System32\CRYPTUI.dll
### Microsoft Trust UI Provider Microsoft Corporation Microsoft® Windows® Operatin
g System 5.131.2600.5512
[Loaded DLLs] C:\WINDOWS\System32\rastls.dll
### Remote Access PPP EAP-TLS Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\ESENT.dll
### Server Database Storage Engine Microsoft Corporation Microsoft® Windows® Opera
[Loaded DLLs] c:\windows\system32\dot3api.dll
### 802.3 Autoconfiguration API Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\QUtil.dll
### Quarantine Utilities Microsoft Corporation Microsoft® Windows® Operating Syste
m 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\EapolQec.dll
### Microsoft EAPOL NAP Enforcement Client Microsoft Corporation Microsoft® Wind
[Loaded DLLs] c:\windows\system32\WMI.dll
### WMI DC and DP functionality Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\rtutils.dll
### Routing Utilities Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Loaded DLLs] c:\windows\system32\wzcsvc.dll
### Wireless Zero Configuration Service Microsoft Corporation Microsoft® Windows®
[Loaded DLLs] c:\windows\system32\dhcpcsvc.dll
### DHCP Client Service Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\System32\xpsp2res.dll
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\System32\wsock32.dll
### Windows Socket 32-Bit DLL Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\ATL.DLL
### ATL Module for Windows XP (Unicode) Microsoft Corporation Microsoft (R) Vi
sual C++ 6.05.2284
[Loaded DLLs] c:\windows\system32\adsldpc.dll
### ADs LDAP Provider C DLL Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\ACTIVEDS.dll
### ADs Router Layer DLL Microsoft Corporation Microsoft® Windows® Operating Syste
m 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\mstlsapi.dll
### Microsoft® Terminal Server Licensing Microsoft Corporation Microsoft® Windows® O
[Loaded DLLs] c:\windows\system32\ICAAPI.dll
### DLL Interface to TermDD Device Driver Microsoft Corporation Microsoft® Windo
[Loaded DLLs] c:\windows\system32\termsrv.dll
### Terminal Server Service Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
stem 5.1.2600.5512
[Loaded DLLs] c:\windows\system32\rpcss.dll
ystem 5.1.2600.5512
System 6.0.5441.0
[Loaded DLLs] C:\WINDOWS\system32\atipdlxx.dll
### ATI Desktop CWDDEDI DLL ATI Technologies, Inc. ATI Desktop Component 6, 14
, 10, 2562
[Loaded DLLs] C:\WINDOWS\system32\Ati2edxx.dll
### ati2edxx ATI Technologies, Inc. ATI External Device Utility 6, 14, 10, 251
4
[Loaded DLLs] C:\WINDOWS\system32\cfgMgr32.dll
### Configuration Manager Forwarder DLL Microsoft Corporation Microsoft® Windows®
[Loaded DLLs] C:\WINDOWS\system32\powrprof.dll
### Power Profile Helper DLL Microsoft Corporation Microsoft® Windows® Operating S
ystem 6.00.2900.5512
System 6.0.5441.0
[Loaded DLLs] C:\WINDOWS\system32\dssenh.dll
### Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider Microsoft
[Loaded DLLs] C:\WINDOWS\System32\wshtcpip.dll
### Windows Sockets Helper DLL Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\hnetcfg.dll
### Home Networking Configuration Manager Microsoft Corporation Microsoft® Windo
[Loaded DLLs] C:\WINDOWS\system32\mswsock.dll
[Loaded DLLs] C:\WINDOWS\system32\psbase.dll
### Protected Storage default provider Microsoft Corporation Microsoft® Windows® O
[Loaded DLLs] C:\WINDOWS\system32\pstorsvc.dll
### Protected storage server Microsoft Corporation Microsoft® Windows® Operating S
ystem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\WINIPSEC.DLL
### Windows IPSec SPD Client DLL Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\oakley.DLL
### Oakley Key Manager Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\ipsecsvc.dll
### Windows IPSec SPD Server DLL Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\scecli.dll
### Windows Security Configuration Editor Client Engine Microsoft Corporation
[Loaded DLLs] C:\WINDOWS\system32\wdigest.dll
### Microsoft Digest Access Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\schannel.dll
### TLS / SSL Security Provider Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\w32time.dll
### Windows Time Service Microsoft Corporation Microsoft® Windows® Operating Syste
m 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\netlogon.dll
### Net Logon Services DLL Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\msv1_0.dll
### Microsoft Authentication Package v1.0 Microsoft Corporation Microsoft® Windo
[Loaded DLLs] C:\WINDOWS\system32\kerberos.dll
### Kerberos Security Package Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\msprivs.dll
### Microsoft Privilege Translations Microsoft Corporation Microsoft® Windows® Ope
System 6.0.5441.0
[Loaded DLLs] C:\WINDOWS\AppPatch\AcGenral.DLL
### Windows Compatibility DLL Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\cryptdll.dll
### Cryptography Manager Microsoft Corporation Microsoft® Windows® Operating Syste
m 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\SAMSRV.dll
### SAM Server DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.
2600.5512
[Loaded DLLs] C:\WINDOWS\system32\DNSAPI.dll
### DNS Client API DLL Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\NTDSAPI.dll
### NT5DS Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\LSASRV.dll

### LSA Server DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.
2600.5512
[Loaded DLLs] C:\WINDOWS\system32\eventlog.dll
### Event Logging Service Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
System 6.0.5441.0
[Loaded DLLs] C:\WINDOWS\AppPatch\AcAdProc.dll
System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\ShimEng.dll
### Shim Engine DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1
.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\umpnpmgr.dll
### User-mode Plug-and-Play Service Microsoft Corporation Microsoft® Windows® Oper
[Loaded DLLs] C:\WINDOWS\system32\SCESRV.dll
### Windows Security Configuration Editor Engine Microsoft Corporation Microso
[Loaded DLLs] C:\WINDOWS\system32\MSVCP60.dll
### Microsoft (R) C++ Runtime Library Microsoft Corporation Microsoft (R) Visu
al C++ 6.02.3104.0
[Loaded DLLs] C:\WINDOWS\system32\NCObjAPI.DLL
### Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\CLBCATQ.DLL
[Loaded DLLs] C:\WINDOWS\system32\COMRes.dll
[Loaded DLLs] C:\WINDOWS\system32\midimap.dll
### Microsoft MIDI Mapper Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\MSACM32.dll
### Microsoft ACM Audio Filter Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\msacm32.drv
### Microsoft Sound Mapper Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\wdmaud.drv
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\iphlpapi.dll
### IP Helper API Microsoft Corporation Microsoft® Windows® Operating System 5.1.2
600.5512
[Loaded DLLs] C:\WINDOWS\system32\msv1_0.dll
### Microsoft Authentication Package v1.0 Microsoft Corporation Microsoft® Windo
[Loaded DLLs] C:\WINDOWS\system32\WLDAP32.dll
### Win32 LDAP API DLL Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\NTMARTA.DLL
### Windows NT MARTA provider Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\cscui.dll
tem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\LMIRfsClientNP.dll
### LogMeIn Rfs Client Network Provider LogMeIn, Inc. LogMeIn 2.1.3.0
[Loaded DLLs] C:\WINDOWS\system32\SAMLIB.dll
### SAM Library DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1
.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\WINSPOOL.DRV
### Windows Spooler Driver Microsoft Corporation Microsoft® Windows® Operating Sys
tem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\MPR.dll
### Multiple Provider Router DLL Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\WlNotify.dll
### Common DLL to receive Winlogon notifications Microsoft Corporation Microso
[Loaded DLLs] C:\WINDOWS\system32\LMIinit.dll
### LogMeIn Remote Control Helper LogMeIn, Inc. LogMeIn 4.1.1556
[Loaded DLLs] C:\WINDOWS\System32\dimsntfy.dll
### DIMS Notification Handler Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\cscdll.dll
### Offline Network Agent Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\rsaenh.dll
### Microsoft Enhanced Cryptographic Provider Microsoft Corporation Microsoft® W
727.4053_x-ww_e6967989\MSVCR80.dll
### Microsoft® C Runtime Library Microsoft Corporation Microsoft® Visual Studio® 200
5 8.00.50727.4053
[Loaded DLLs] C:\WINDOWS\system32\atiadlxx.dll
### ADL Advanced Micro Devices, Inc. ADL Component 6.14.10.1054
[Loaded DLLs] C:\WINDOWS\system32\Ati2evxx.dll
### ATI External Event Utility DLL Module ATI Technologies Inc. ATI External E
[Loaded DLLs] C:\WINDOWS\system32\WINMM.dll
### MCI API DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.260
0.5512
[Loaded DLLs] C:\WINDOWS\system32\uxtheme.dll
### Microsoft UxTheme Library Microsoft Corporation Microsoft® Windows® Operating
System 6.00.2900.5512
[Loaded DLLs] C:\WINDOWS\system32\sxs.dll
### Fusion 2.5 Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600
.5512
[Loaded DLLs] C:\WINDOWS\system32\WTSAPI32.dll
### Windows Terminal Server SDK APIs Microsoft Corporation Microsoft® Windows® Ope
[Loaded DLLs] C:\WINDOWS\system32\WINSCARD.DLL
### Microsoft Smart Card API Microsoft Corporation Microsoft® Windows® Operating S
ystem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\msctfime.ime
### Microsoft Text Frame Work Service IME Microsoft Corporation Microsoft® Windo
[Loaded DLLs] C:\WINDOWS\system32\Apphelp.dll
### Application Compatibility Client Library Microsoft Corporation Microsoft® Wi
[Loaded DLLs] C:\WINDOWS\system32\sfc_os.dll
### Windows File Protection Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\sfc.dll
### Windows File Protection Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\SHSVCS.dll
System 6.00.2900.5512
[Loaded DLLs] C:\WINDOWS\system32\odbcint.dll
### Microsoft Data Access - ODBC Resources Microsoft Corporation Microsoft Dat
a Access Components 3.525.1132.0
[Loaded DLLs] C:\WINDOWS\system32\SHELL32.dll
ystem 6.00.2900.5512
[Loaded DLLs] C:\WINDOWS\system32\comdlg32.dll
### Common Dialogs DLL Microsoft Corporation Microsoft® Windows® Operating System
6.00.2900.5512
[Loaded DLLs] C:\WINDOWS\system32\ODBC32.dll
### Microsoft Data Access - ODBC Driver Manager Microsoft Corporation Microsof
t Data Access Components 3.525.1132.0
[Loaded DLLs] C:\WINDOWS\system32\COMCTL32.dll
### Common Controls Library Microsoft Corporation Microsoft® Windows® Operating Sy
stem 6.00.2900.5512
[Loaded DLLs] C:\WINDOWS\system32\MSGINA.dll
### Windows NT Logon GINA DLL Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b641
44ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
### User Experience Controls Library Microsoft Corporation Microsoft® Windows® Ope
[Loaded DLLs] C:\WINDOWS\system32\iertutil.dll
### Run time utility for Internet Explorer Microsoft Corporation Windows® Intern
et Explorer 8.00.6001.18702
[Loaded DLLs] C:\WINDOWS\system32\OLEAUT32.dll
[Loaded DLLs] C:\WINDOWS\system32\urlmon.dll
8.00.6001.18702
System 6.0.5441.0
[Loaded DLLs] C:\WINDOWS\system32\WININET.dll
### Internet Extensions for Win32 Microsoft Corporation Windows® Internet Explor
er 8.00.6001.18702
[Loaded DLLs] C:\WINDOWS\system32\SHLWAPI.dll
### Shell Light-weight Utility Library Microsoft Corporation Microsoft® Windows® O
[Loaded DLLs] C:\WINDOWS\system32\ole32.dll
### Microsoft OLE for Windows Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\IMM32.DLL
### Windows XP IMM32 API Client DLL Microsoft Corporation Microsoft® Windows® Oper
[Loaded DLLs] C:\WINDOWS\system32\WS2HELP.dll
### Windows Socket 2.0 Helper for Windows NT Microsoft Corporation Microsoft® Wi
[Loaded DLLs] C:\WINDOWS\system32\WS2_32.dll
### Windows Socket 2.0 32-Bit DLL Microsoft Corporation Microsoft® Windows® Operat
ing System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\IMAGEHLP.dll
### Windows NT Image Helper Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\WINTRUST.dll
### Microsoft Trust Verification APIs Microsoft Corporation Microsoft® Windows® Op
[Loaded DLLs] C:\WINDOWS\system32\WINSTA.dll
### Winstation Library Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\VERSION.dll
### Version Checking and File Installation Libraries Microsoft Corporation Mic
[Loaded DLLs] C:\WINDOWS\system32\SETUPAPI.dll
### Windows Setup API Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\REGAPI.dll
### Registry Configuration APIs Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\PSAPI.DLL
### Process Status Helper Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\USERENV.dll
### Userenv Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.55
12
[Loaded DLLs] C:\WINDOWS\system32\NETAPI32.dll
### Net Win32 API DLL Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\PROFMAP.dll
12
[Loaded DLLs] C:\WINDOWS\system32\NDdeApi.dll
### Network DDE Share Management APIs Microsoft Corporation Microsoft® Windows® Op
[Loaded DLLs] C:\WINDOWS\system32\GDI32.dll
### GDI Client DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.
2600.5512
[Loaded DLLs] C:\WINDOWS\system32\USER32.dll
### Windows XP USER API Client DLL Microsoft Corporation Microsoft® Windows® Opera
[Loaded DLLs] C:\WINDOWS\system32\MSASN1.dll
### ASN.1 Runtime APIs Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\CRYPT32.dll
### Crypto API32 Microsoft Corporation Microsoft® Windows® Operating System 5.131.
2600.5512
[Loaded DLLs] C:\WINDOWS\system32\msvcrt.dll
7.0.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\AUTHZ.dll
### Authorization Framework Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\Secur32.dll
[Loaded DLLs] C:\WINDOWS\system32\RPCRT4.dll
### Remote Procedure Call Runtime Microsoft Corporation Microsoft® Windows® Operat
ing System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\ADVAPI32.dll
ng System 5.1.2600.5512
[Loaded DLLs] C:\WINDOWS\system32\kernel32.dll
### Windows NT BASE API Client DLL Microsoft Corporation Microsoft® Windows® Opera
[Loaded DLLs] C:\WINDOWS\system32\ntdll.dll
00.5512
[Explorer's DLLs] C:\WINDOWS\system32\MSIMG32.dll
### GDIEXT Client DLL Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\themeui.dll
### Windows Theme API Microsoft Corporation Microsoft® Windows® Operating System 6
.00.2900.5512
[Explorer's DLLs] C:\WINDOWS\system32\Normaliz.dll
System 6.0.5441.0
[Explorer's DLLs] C:\WINDOWS\system32\SHDOCVW.dll
[Explorer's DLLs] C:\WINDOWS\system32\BROWSEUI.dll
ystem 6.00.2900.5512
[Explorer's DLLs] C:\WINDOWS\System32\CRYPTUI.dll
### Microsoft Trust UI Provider Microsoft Corporation Microsoft® Windows® Operatin
g System 5.131.2600.5512
[Explorer's DLLs] C:\WINDOWS\System32\wsock32.dll
### Windows Socket 32-Bit DLL Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Explorer's DLLs] C:\WINDOWS\System32\wshtcpip.dll
### Windows Sockets Helper DLL Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\hnetcfg.dll
### Home Networking Configuration Manager Microsoft Corporation Microsoft® Windo
[Explorer's DLLs] C:\WINDOWS\system32\mswsock.dll
[Explorer's DLLs] C:\WINDOWS\AppPatch\AcGenral.DLL
System 5.1.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\ShimEng.dll
### Shim Engine DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1
.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\CLBCATQ.DLL
[Explorer's DLLs] C:\WINDOWS\system32\COMRes.dll
[Explorer's DLLs] C:\WINDOWS\system32\MSACM32.dll
### Microsoft ACM Audio Filter Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\WLDAP32.dll
### Win32 LDAP API DLL Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\cscui.dll
tem 5.1.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\cscdll.dll
### Offline Network Agent Microsoft Corporation Microsoft® Windows® Operating Syst
em 5.1.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\WINMM.dll
### MCI API DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.260
0.5512
[Explorer's DLLs] C:\WINDOWS\system32\uxtheme.dll
### Microsoft UxTheme Library Microsoft Corporation Microsoft® Windows® Operating
System 6.00.2900.5512
[Explorer's DLLs] C:\WINDOWS\system32\msctfime.ime
### Microsoft Text Frame Work Service IME Microsoft Corporation Microsoft® Windo
[Explorer's DLLs] C:\WINDOWS\system32\Apphelp.dll
### Application Compatibility Client Library Microsoft Corporation Microsoft® Wi
[Explorer's DLLs] C:\WINDOWS\system32\SHELL32.dll
ystem 6.00.2900.5512
[Explorer's DLLs] C:\WINDOWS\system32\COMCTL32.dll
### Common Controls Library Microsoft Corporation Microsoft® Windows® Operating Sy
stem 6.00.2900.5512
[Explorer's DLLs] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595
b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
### User Experience Controls Library Microsoft Corporation Microsoft® Windows® Ope
[Explorer's DLLs] C:\WINDOWS\system32\iertutil.dll
### Run time utility for Internet Explorer Microsoft Corporation Windows® Intern
et Explorer 8.00.6001.18702
[Explorer's DLLs] C:\WINDOWS\system32\OLEAUT32.dll
[Explorer's DLLs] C:\WINDOWS\system32\urlmon.dll
8.00.6001.18702
[Explorer's DLLs] C:\WINDOWS\system32\WININET.dll
### Internet Extensions for Win32 Microsoft Corporation Windows® Internet Explor
er 8.00.6001.18702
[Explorer's DLLs] C:\WINDOWS\system32\SHLWAPI.dll
### Shell Light-weight Utility Library Microsoft Corporation Microsoft® Windows® O
[Explorer's DLLs] C:\WINDOWS\system32\ole32.dll
### Microsoft OLE for Windows Microsoft Corporation Microsoft® Windows® Operating
System 5.1.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\IMM32.DLL
### Windows XP IMM32 API Client DLL Microsoft Corporation Microsoft® Windows® Oper
[Explorer's DLLs] C:\WINDOWS\system32\WS2HELP.dll
### Windows Socket 2.0 Helper for Windows NT Microsoft Corporation Microsoft® Wi
[Explorer's DLLs] C:\WINDOWS\system32\WS2_32.dll
### Windows Socket 2.0 32-Bit DLL Microsoft Corporation Microsoft® Windows® Operat
ing System 5.1.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\IMAGEHLP.dll
### Windows NT Image Helper Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\WINTRUST.dll
### Microsoft Trust Verification APIs Microsoft Corporation Microsoft® Windows® Op
[Explorer's DLLs] C:\WINDOWS\system32\VERSION.dll
### Version Checking and File Installation Libraries Microsoft Corporation Mic
[Explorer's DLLs] C:\WINDOWS\system32\USERENV.dll
12
[Explorer's DLLs] C:\WINDOWS\system32\NETAPI32.dll
### Net Win32 API DLL Microsoft Corporation Microsoft® Windows® Operating System 5
.1.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\GDI32.dll
### GDI Client DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.
2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\USER32.dll
### Windows XP USER API Client DLL Microsoft Corporation Microsoft® Windows® Opera
[Explorer's DLLs] C:\WINDOWS\system32\MSASN1.dll
### ASN.1 Runtime APIs Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\CRYPT32.dll
### Crypto API32 Microsoft Corporation Microsoft® Windows® Operating System 5.131.
2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\msvcrt.dll
7.0.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\Secur32.dll
[Explorer's DLLs] C:\WINDOWS\system32\RPCRT4.dll
### Remote Procedure Call Runtime Microsoft Corporation Microsoft® Windows® Operat
ing System 5.1.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\ADVAPI32.dll
ng System 5.1.2600.5512
[Explorer's DLLs] C:\WINDOWS\system32\kernel32.dll
### Windows NT BASE API Client DLL Microsoft Corporation Microsoft® Windows® Opera
[Explorer's DLLs] C:\WINDOWS\system32\ntdll.dll
00.5512
[Devices in Memory] Rootkit: TDL3++Device:\\qvtwxdbs
[Devices in Memory] Rootkit: TDL3+Mutant: 9e6af8f3-75f3-4b67-877a-c80125d7bc08
[Running Services] Ati HotKey Poller
### Internal Name: Ati HotKey Poller. Status: service running. Actual File: C:
\WINDOWS\system32\Ati2evxx.exe * ATI External Event Utility EXE Module ATI Tech
nologies Inc. ATI External Event Utility for Windows 6.14.10.4235
[Running Services] AudioSrv
### Internal Name: AudioSrv. Status: service running. Actual File: C:\WINDOWS\
System32\svchost.exe -k netsvcs * Manages audio devices for Windows-based progra
ms. If this service is stopped, audio devices and effects will not function prop
erly. If this service is disabled, any services that explicitly depend on it wil
l fail to start. Generic Host Process for Win32 Services Microsoft Corporation M
icrosoft® Windows® Operating System 5.1.2600.5512
[Running Services] avast! Antivirus
### Internal Name: avast! Antivirus. Status: service running. Actual File: "C:
\Program Files\Alwil Software\Avast5\AvastSvc.exe" * Manages and implements avas
t! antivirus services for this computer. This includes the resident protection,
the virus chest and the scheduler. avast! Service AVAST Software avast! Antiviru
s 5, 0, 0, 0
[Running Services] avast! Mail Scanner
### Internal Name: avast! Mail Scanner. Status: service running. Actual File:
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" * Implements mail scanning
for avast! antivirus. avast! Service AVAST Software avast! Antivirus 5, 0, 0,
0
[Running Services] avast! Web Scanner
### Internal Name: avast! Web Scanner. Status: service running. Actual File: "
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" * Implements web (HTTP) sca
nning for avast! antivirus. avast! Service AVAST Software avast! Antivirus 5, 0
, 0, 0
[Running Services] Browser
### Internal Name: Browser. Status: service running. Actual File: C:\WINDOWS\s
ystem32\svchost.exe -k netsvcs * Maintains an updated list of computers on the n
etwork and supplies this list to computers designated as browsers. If this servi
ce is stopped, this list will not be updated or maintained. If this service is d
isabled, any services that explicitly depend on it will fail to start. Generic H
ystem 5.1.2600.5512
[Running Services] CryptSvc
### Internal Name: CryptSvc. Status: service running. Actual File: C:\WINDOWS\
system32\svchost.exe -k netsvcs * Provides three management services: Catalog Da
tabase Service, which confirms the signatures of Windows files; Protected Root S
ervice, which adds and removes Trusted Root Certification Authority certificates
from this computer; and Key Service, which helps enroll this computer for certi
ficates. If this service is stopped, these management services will not function
properly. If this service is disabled, any services that explicitly depend on i
[Running Services] DcomLaunch
### Internal Name: DcomLaunch. Status: service running. Actual File: C:\WINDOW
S\system32\svchost -k DcomLaunch * Provides launch functionality for DCOM servic
es. Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Windo
[Running Services] Dhcp
### Internal Name: Dhcp. Status: service running. Actual File: C:\WINDOWS\syst
em32\svchost.exe -k netsvcs * Manages network configuration by registering and u
pdating IP addresses and DNS names. Generic Host Process for Win32 Services Micr
osoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Running Services] dmserver
### Internal Name: dmserver. Status: service running. Actual File: C:\WINDOWS\
System32\svchost.exe -k netsvcs * Detects and monitors new hard disk drives and
sends disk volume information to Logical Disk Manager Administrative Service for
configuration. If this service is stopped, dynamic disk status and configuratio
n information may become out of date. If this service is disabled, any services
that explicitly depend on it will fail to start. Generic Host Process for Win32
[Running Services] Dnscache
### Internal Name: Dnscache. Status: service running. Actual File: C:\WINDOWS\
system32\svchost.exe -k NetworkService * Resolves and caches Domain Name System
(DNS) names for this computer. If this service is stopped, this computer will no
t be able to resolve DNS names and locate Active Directory domain controllers. I
f this service is disabled, any services that explicitly depend on it will fail
to start. Generic Host Process for Win32 Services Microsoft Corporation Microsof
[Running Services] Eventlog
### Internal Name: Eventlog. Status: service running. Actual File: C:\WINDOWS\
system32\services.exe * Enables event log messages issued by Windows-based progr
tem 5.1.2600.5512
[Running Services] EventSystem
### Internal Name: EventSystem. Status: service running. Actual File: C:\WINDO
WS\system32\svchost.exe -k netsvcs * Supports System Event Notification Service
(SENS), which provides automatic distribution of events to subscribing Component
Object Model (COM) components. If the service is stopped, SENS will close and w
ill not be able to provide logon and logoff notifications. If this service is di
sabled, any services that explicitly depend on it will fail to start. Generic Ho
stem 5.1.2600.5512
[Running Services] FastUserSwitchingCompatibility
### Internal Name: FastUserSwitchingCompatibility. Status: service running. Ac
tual File: C:\WINDOWS\System32\svchost.exe -k netsvcs * Provides management for
applications that require assistance in a multiple user environment. Generic Hos
tem 5.1.2600.5512
[Running Services] helpsvc
### Internal Name: helpsvc. Status: service running. Actual File: C:\WINDOWS\S
ystem32\svchost.exe -k netsvcs * Enables Help and Support Center to run on this
computer. If this service is stopped, Help and Support Center will be unavailabl
ail to start. Generic Host Process for Win32 Services Microsoft Corporation Micr
[Running Services] HidServ
### Internal Name: HidServ. Status: service running. Actual File: C:\WINDOWS\S
ystem32\svchost.exe -k netsvcs * Enables generic input access to Human Interface
Devices (HID), which activates and maintains the use of predefined hot buttons
on keyboards, remote controls, and other multimedia devices. If this service is
stopped, hot buttons controlled by this service will no longer function. If this
service is disabled, any services that explicitly depend on it will fail to sta
rt. Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Windo
[Running Services] HTTPFilter
### Internal Name: HTTPFilter. Status: service running. Actual File: C:\WINDOW
S\System32\svchost.exe -k HTTPFilter * This service implements the secure hypert
ext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Lay
er (SSL). If this service is disabled, any services that explicitly depend on i
[Running Services] JavaQuickStarterService
### Internal Name: JavaQuickStarterService. Status: service running. Actual Fi
le: "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\
Java\jre6\lib\deploy\jqs\jqs.conf" * Prefetches JRE files for faster startup of
Java applets and applications Java(TM) Quick Starter Service Sun Microsystems, I
nc. Java(TM) Platform SE 6 U20 6.0.200.2
[Running Services] LanmanServer
### Internal Name: LanmanServer. Status: service running. Actual File: C:\WIND
OWS\system32\svchost.exe -k netsvcs * Supports file, print, and named-pipe shari
ng over the network for this computer. If this service is stopped, these functio
ns will be unavailable. If this service is disabled, any services that explicitl
y depend on it will fail to start. Generic Host Process for Win32 Services Micro
[Running Services] lanmanworkstation
### Internal Name: lanmanworkstation. Status: service running. Actual File: C:
\WINDOWS\system32\svchost.exe -k netsvcs * Creates and maintains client network
connections to remote servers. If this service is stopped, these connections wil
l be unavailable. If this service is disabled, any services that explicitly depe
nd on it will fail to start. Generic Host Process for Win32 Services Microsoft C
[Running Services] LmHosts
### Internal Name: LmHosts. Status: service running. Actual File: C:\WINDOWS\s
ystem32\svchost.exe -k LocalService * Enables support for NetBIOS over TCP/IP (N
etBT) service and NetBIOS name resolution. Generic Host Process for Win32 Servic
es Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Running Services] LMIGuardianSvc
### Internal Name: LMIGuardianSvc. Status: service running. Actual File: "C:\P
rogram Files\LogMeIn\x86\LMIGuardianSvc.exe" * Support LogMeIn processes with qu
ality assurance feedback LMIGuardianSvc LogMeIn, Inc. LMIGuardianSvc 8.1.804
[Running Services] LMIMaint
### Internal Name: LMIMaint. Status: service running. Actual File: "C:\Program
Files\LogMeIn\x86\RaMaint.exe" * LogMeIn Maintenance Service LogMeIn, Inc. Log
MeIn 4.1.1556
[Running Services] LogMeIn
### Internal Name: LogMeIn. Status: service running. Actual File: "C:\Program
Files\LogMeIn\x86\LogMeIn.exe" * LogMeIn LogMeIn, Inc. LogMeIn 3.0.596
[Running Services] Netman
### Internal Name: Netman. Status: service running. Actual File: C:\WINDOWS\Sy
stem32\svchost.exe -k netsvcs * Manages objects in the Network and Dial-Up Conne
ctions folder, in which you can view both local area network and remote connecti
ons. Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Wind
[Running Services] Nla
### Internal Name: Nla. Status: service running. Actual File: C:\WINDOWS\syste
m32\svchost.exe -k netsvcs * Collects and stores network configuration and locat
ion information, and notifies applications when this information changes. Generi
c Host Process for Win32 Services Microsoft Corporation Microsoft® Windows® Operatin
g System 5.1.2600.5512
[Running Services] PlugPlay
### Internal Name: PlugPlay. Status: service running. Actual File: C:\WINDOWS\
system32\services.exe * Enables a computer to recognize and adapt to hardware ch
anges with little or no user input. Stopping or disabling this service will resu
lt in system instability. Services and Controller app Microsoft Corporation Micr
[Running Services] PolicyAgent
### Internal Name: PolicyAgent. Status: service running. Actual File: C:\WINDO
WS\system32\lsass.exe * Manages IP security policy and starts the ISAKMP/Oakley
(IKE) and the IP security driver. LSA Shell (Export Version) Microsoft Corporati
[Running Services] ProtectedStorage
### Internal Name: ProtectedStorage. Status: service running. Actual File: C:\
WINDOWS\system32\lsass.exe * Provides protected storage for sensitive data, such
as private keys, to prevent access by unauthorized services, processes, or user
s. LSA Shell (Export Version) Microsoft Corporation Microsoft® Windows® Operating Sy
stem 5.1.2600.5512
[Running Services] RasMan
### Internal Name: RasMan. Status: service running. Actual File: C:\WINDOWS\sy
stem32\svchost.exe -k netsvcs * Creates a network connection. Generic Host Proce
ss for Win32 Services Microsoft Corporation Microsoft® Windows® Operating System 5.1
.2600.5512
[Running Services] RemoteRegistry
### Internal Name: RemoteRegistry. Status: service running. Actual File: C:\WI
NDOWS\system32\svchost.exe -k LocalService * Enables remote users to modify regi
stry settings on this computer. If this service is stopped, the registry can be
modified only by users on this computer. If this service is disabled, any servic
es that explicitly depend on it will fail to start. Generic Host Process for Win
[Running Services] RichVideo
### Internal Name: RichVideo. Status: service running. Actual File: "C:\Progra
m Files\CyberLink\Shared files\RichVideo.exe" * RichVideo Module RichVideo Modu
le 2.0.2807
[Running Services] RpcSs
### Internal Name: RpcSs. Status: service running. Actual File: C:\WINDOWS\sys
tem32\svchost -k rpcss * Provides the endpoint mapper and other miscellaneous RP
C services. Generic Host Process for Win32 Services Microsoft Corporation Micros
[Running Services] SamSs
### Internal Name: SamSs. Status: service running. Actual File: C:\WINDOWS\sys
tem32\lsass.exe * Stores security information for local user accounts. LSA Shell
0.5512
[Running Services] Schedule
### Internal Name: Schedule. Status: service running. Actual File: C:\WINDOWS\
System32\svchost.exe -k netsvcs * Enables a user to configure and schedule autom
ated tasks on this computer. If this service is stopped, these tasks will not be
run at their scheduled times. If this service is disabled, any services that ex
plicitly depend on it will fail to start. Generic Host Process for Win32 Service
[Running Services] seclogon
### Internal Name: seclogon. Status: service running. Actual File: C:\WINDOWS\
System32\svchost.exe -k netsvcs * Enables starting processes under alternate cre
dentials. If this service is stopped, this type of logon access will be unavaila
ble. If this service is disabled, any services that explicitly depend on it will
fail to start. Generic Host Process for Win32 Services Microsoft Corporation Mi
[Running Services] SENS
### Internal Name: SENS. Status: service running. Actual File: C:\WINDOWS\syst
em32\svchost.exe -k netsvcs * Tracks system events such as Windows logon, networ
k, and power events. Notifies COM+ Event System subscribers of these events. Ge
neric Host Process for Win32 Services Microsoft Corporation Microsoft® Windows® Oper
[Running Services] ShellHWDetection
### Internal Name: ShellHWDetection. Status: service running. Actual File: C:\
WINDOWS\System32\svchost.exe -k netsvcs * Provides notifications for AutoPlay ha
rdware events. Generic Host Process for Win32 Services Microsoft Corporation Mic
[Running Services] Spooler
### Internal Name: Spooler. Status: service running. Actual File: C:\WINDOWS\s
ystem32\spoolsv.exe * Loads files to memory for later printing. Spooler SubSyste
m App Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Running Services] SSDPSRV
### Internal Name: SSDPSRV. Status: service running. Actual File: C:\WINDOWS\s
ystem32\svchost.exe -k LocalService * Enables discovery of UPnP devices on your
home network. Generic Host Process for Win32 Services Microsoft Corporation Micr
[Running Services] stisvc
### Internal Name: stisvc. Status: service running. Actual File: C:\WINDOWS\sy
stem32\svchost.exe -k imgsvc * Provides image acquisition services for scanners
and cameras. Generic Host Process for Win32 Services Microsoft Corporation Micro
[Running Services] TapiSrv
### Internal Name: TapiSrv. Status: service running. Actual File: C:\WINDOWS\S
ystem32\svchost.exe -k netsvcs * Provides Telephony API (TAPI) support for progr
ams that control telephony devices and IP based voice connections on the local c
omputer and, through the LAN, on servers that are also running the service. Gene
ing System 5.1.2600.5512
[Running Services] TermService
### Internal Name: TermService. Status: service running. Actual File: C:\WINDO
WS\System32\svchost -k DComLaunch * Allows multiple users to be connected intera
ctively to a machine as well as the display of desktops and applications to remo
te computers. The underpinning of Remote Desktop (including RD for Administrator
s), Fast User Switching, Remote Assistance, and Terminal Server. Generic Host Pr
ocess for Win32 Services Microsoft Corporation Microsoft® Windows® Operating System
5.1.2600.5512
[Running Services] Themes
### Internal Name: Themes. Status: service running. Actual File: C:\WINDOWS\Sy
stem32\svchost.exe -k netsvcs * Provides user experience theme management. Gener
ic Host Process for Win32 Services Microsoft Corporation Microsoft® Windows® Operati
ng System 5.1.2600.5512
[Running Services] TrkWks
### Internal Name: TrkWks. Status: service running. Actual File: C:\WINDOWS\sy
stem32\svchost.exe -k netsvcs * Maintains links between NTFS files within a comp
uter or across computers in a network domain. Generic Host Process for Win32 Ser
vices Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.5512
[Running Services] UMWdf
### Internal Name: UMWdf. Status: service running. Actual File: C:\WINDOWS\sys
tem32\wdfmgr.exe * Enables Windows user mode drivers. Windows User Mode Driver M
anager Microsoft Corporation Microsoft® Windows® Operating System 5.2.3790.1230
[Running Services] W32Time
### Internal Name: W32Time. Status: service running. Actual File: C:\WINDOWS\S
ystem32\svchost.exe -k netsvcs * Maintains date and time synchronization on all
clients and servers in the network. If this service is stopped, date and time sy
nchronization will be unavailable. If this service is disabled, any services tha
t explicitly depend on it will fail to start.
Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Windows® O
[Running Services] WebClient
### Internal Name: WebClient. Status: service running. Actual File: C:\WINDOWS
\system32\svchost.exe -k LocalService * Enables Windows-based programs to create
, access, and modify Internet-based files. If this service is stopped, these fun
ctions will not be available. If this service is disabled, any services that exp
licitly depend on it will fail to start. Generic Host Process for Win32 Services
[Running Services] winmgmt
### Internal Name: winmgmt. Status: service running. Actual File: C:\WINDOWS\s
ystem32\svchost.exe -k netsvcs * Provides a common interface and object model to
access management information about operating system, devices, applications and
services. If this service is stopped, most Windows-based software will not func
tion properly. If this service is disabled, any services that explicitly depend
on it will fail to start. Generic Host Process for Win32 Services Microsoft Corp
oration Microsoft® Windows® Operating System 5.1.2600.5512
[Running Services] WZCSVC
### Internal Name: WZCSVC. Status: service running. Actual File: C:\WINDOWS\Sy
stem32\svchost.exe -k netsvcs * Provides automatic configuration for the 802.11
adapters Generic Host Process for Win32 Services Microsoft Corporation Microsoft®
[Uninstall]
[Applications] :HKLM AC3Filter (remove only)=C:\Program Files\AC3Filter\uninst
all.exe
### AC3Filter
[Applications] :HKLM AddressBook
### AddressBook
[Applications] :HKLM Adobe Flash Player 10 ActiveX=C:\WINDOWS\system32\Macrome
d\Flash\FlashUtil10h_ActiveX.exe -maintain activex
### Adobe Flash Player ActiveX
[Applications] :HKLM Adobe Flash Player 10 Plugin=C:\WINDOWS\system32\Macromed
\Flash\FlashUtil10i_Plugin.exe -maintain plugin
### Adobe Flash Player Plugin
[Applications] :HKLM Almeza MultiSet Professional 7.8.1="C:\Program Files\Alme
za\MultiSet\unins000.exe"
### Almeza MultiSet Professional_is1
[Applications] :HKLM ATI Display Driver
### ATI Display Driver
[Applications] :HKLM AutocompletePro="C:\Program Files\AutocompletePro\unins00
0.exe"
### AutocompletePro3_is1
[Applications] :HKLM avast! Free Antivirus=C:\Program Files\Alwil Software\Ava
st5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" Ru
nSetup
### avast5
[Applications] :HKLM Branding
### Branding
[Applications] :HKLM BSPlayer="C:\Program Files\Webteh\BSplayer\uninstall.exe"
### BSPlayer1
[Applications] :HKLM Combined Community Codec Pack 2009-09-09="C:\Program File
s\Combined Community Codec Pack\unins000.exe"
### Combined Community Codec Pack_is1
[Applications] :HKLM Connection Manager
### Connection Manager
[Applications] :HKLM Cool MP3 Splitter 3.0="C:\Program Files\Cool MP3 Splitter
\unins000.exe"
### Cool MP3 Splitter_is1
[Applications] :HKLM DirectAnimation
### DirectAnimation
[Applications] :HKLM DirectDrawEx
### DirectDrawEx
[Applications] :HKLM Disk Cleaner (remove only)="C:\Program Files\Disk Cleaner
\uninstall.exe"
### DiskCleaner
[Applications] :HKLM DScaler 4.1.15="C:\Program Files\DScaler\unins000.exe"
### DScaler 4.1.15_is1
[Applications] :HKLM DXM_Runtime
### DXM_Runtime
[Applications] :HKLM ffdshow v1.1.3452 [2010-05-24]="C:\Program Files\ffdshow\
unins000.exe"
### ffdshow_is1
[Applications] :HKLM Fontcore
### Fontcore
[Applications] :HKLM Hauppauge WinTV PVR (Model 45xxx)=C:\PROGRA~1\WinTV\UNpvr
45.EXE C:\PROGRA~1\WinTV\pvr45xxx.LOG
### Hauppauge WinTV PVR (Model 45xxx)
[Applications] :HKLM ICW
### ICW
[Applications] :HKLM IDNMitigationAPIs
### IDNMitigationAPIs
[Applications] :HKLM IE40
### IE40
[Applications] :HKLM IE4Data
### IE4Data
[Applications] :HKLM IE5BAKEX
### IE5BAKEX
[Applications] :HKLM ie7
### ie7
[Applications] :HKLM Windows Internet Explorer 8="C:\WINDOWS\ie8\spuninst\spun
inst.exe"
### ie8
[Applications] :HKLM IEData
### IEData
[Applications] :HKLM ImTOO Movie Maker 6=C:\Program Files\ImTOO\Movie Maker 6\
Uninstall.exe
### ImTOO Movie Maker 6
[Applications] :HKLM InstallShield Uninstall Information
### InstallShield Uninstall Information
[Applications] :HKLM InstallShield_{1F86581E-AD75-4EAD-9B8C-75DC27C66632}
### InstallShield_{1F86581E-AD75-4EAD-9B8C-75DC27C66632}
[Applications] :HKLM SmartSound Quicktracks Plugin=C:\PROGRA~1\COMMON~1\INSTAL
~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
### InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
[Applications] :HKLM CyberLink PowerDirector="C:\Program Files\InstallShield I
nstallation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uni
nstall
### InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} Setup Launcher
Macr
ovision Corporation InstallShield
12.0
[Applications] :HKLM KB884016
### KB884016
[Applications] :HKLM KB893803
### KB893803
[Applications] :HKLM KB893803v2
### KB893803v2
[Applications] :HKLM KB935695_Beta
### KB935695_Beta
[Applications] :HKLM Hotfix for Windows XP (KB942288-v3)="C:\WINDOWS\$NtUninst
allKB942288-v3$\spuninst\spuninst.exe"
### KB942288-v3
[Applications] :HKLM Hotfix for Windows XP (KB954550-v5)
### KB954550-v5
[Applications] :HKLM Knoll Light Factory EZ Studio=C:\WINDOWS\unvise32.exe C:\
Program Files\Pinnacle\Studio 14\Plugins\RTFx\klfezstudio.log
### Knoll Light Factory EZ Studio
[Applications] :HKLM LifeView FlyVideo
### LifeView FlyVideo
[Applications] :HKLM Magic Bullet Looks Studio=C:\WINDOWS\unvise32.exe C:\Prog
ram Files\Pinnacle\Studio 14\Plugins\RTFx\mblooksstudio.log
### Magic Bullet Looks Studio
[Applications] :HKLM Microsoft .NET Framework 3.5 SP1=C:\WINDOWS\Microsoft.NET
\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
### Microsoft .NET Framework 3.5 SP1 Suite Integration Toolkit Executable Micr
osoft Corporation Microsoft® Visual Studio® 2008 9.0.30729.1
[Applications] :HKLM MobileOptionPack
### MobileOptionPack
[Applications] :HKLM Mozilla Firefox (3.6.10)=C:\Program Files\Mozilla Firefox
\uninstall\helper.exe
### Mozilla Firefox (3.6.10)
[Applications] :HKLM MPlayer2
### MPlayer2
[Applications] :HKLM MSI30-Beta1
### MSI30-Beta1
[Applications] :HKLM MSI30-Beta2
### MSI30-Beta2
[Applications] :HKLM MSI30-KB884016
### MSI30-KB884016
[Applications] :HKLM MSI30-RC1
### MSI30-RC1
### MSI30-RC2
[Applications] :HKLM MSI30a-KB884016
### MSI30a-KB884016
[Applications] :HKLM MSI31-Beta
### MSI31-Beta
### MSI31-RC1
[Applications] :HKLM Nero 6 Ultra Edition=C:\Program Files\Ahead\nero\uninstal
l\UNNERO.exe /UNINSTALL
### Nero - Burning Rom!UninstallKey
[Applications] :HKLM NetMeeting
### NetMeeting
[Applications] :HKLM NLSDownlevelMapping
### NLSDownlevelMapping
[Applications] :HKLM NVIDIA Drivers=C:\WINDOWS\system32\nvuide.exe UninstallGU
I
### NVIDIA Drivers
[Applications] :HKLM OutlookExpress
### OutlookExpress
[Applications] :HKLM PCHealth=rundll32.exe setupapi.dll,InstallHinfSection Def
aultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
### PCHealth
[Applications] :HKLM Power Screen Capture 7.1.0.159="C:\Program Files\Power Sc
reen Capture\unins000.exe"
### Power Screen Capture_is1
[Applications] :HKLM PunkBuster Services=C:\WINDOWS\system32\pbsvc_heroes.exe
-u
### PunkBusterSvc
[Applications] :HKLM Real Alternative 2.0.2="C:\Program Files\Real Alternative
\unins000.exe"
### RealAlt_is1
[Applications] :HKLM Red Giant ToonIt Studio=C:\WINDOWS\unvise32.exe C:\Progra
m Files\Pinnacle\Studio 14\Plugins\RTFx\rgtoonitstudio.log
### Red Giant ToonIt Studio
[Applications] :HKLM Registry Mechanic 7.0="C:\Program Files\Registry Mechanic
\unins000.exe"
### Registry Mechanic_is1
[Applications] :HKLM RegRun Security Suite Standard=C:\Program Files\Greatis\R
egRunSuite\R3UR.exe
### RegRun Security Suite_is1 Uninstall Routine Greatis Software RegRun Securi
ty Suite 6.9
[Applications] :HKLM RomanelliEmoticonsArt 0.0.0.1="C:\Program Files\Romanelli
Emoticons Art\unins000.exe"
### Romanelli Emoticons Art_is1
[Applications] :HKLM SchedulingAgent
### SchedulingAgent
[Applications] :HKLM StarCraft II=C:\Program Files\Common Files\Blizzard Enter
tainment\StarCraft II\Uninstall.exe
### StarCraft II
[Applications] :HKLM Subtitle Translation Wizard 3.0="C:\Program Files\Subtitl
e Translation Wizard\unins000.exe"
### Subtitle Translation Wizard_is1
[Applications] :HKLM Subtitle Workshop 2.51="C:\Program Files\URUSoft\Subtitle
Workshop\uninstall.exe"
### SubtitleWorkshop
[Applications] :HKLM TeamViewer 5=C:\Program Files\TeamViewer\Version5\uninsta
ll.exe
### TeamViewer 5
[Applications] :HKLM TeraCopy 2.12="C:\Program Files\TeraCopy\unins000.exe"
### TeraCopy_is1
[Applications] :HKLM Trapcode 3DStroke Studio=C:\WINDOWS\unvise32.exe C:\Progr
am Files\Pinnacle\Studio 14\Plugins\RTFx\tc3dstrokestudio.log
### Trapcode 3DStroke Studio
[Applications] :HKLM Trapcode Particular Studio=C:\WINDOWS\unvise32.exe C:\Pro
gram Files\Pinnacle\Studio 14\Plugins\RTFx\tcparticularstudio.log
### Trapcode Particular Studio
[Applications] :HKLM Trapcode Shine Studio=C:\WINDOWS\unvise32.exe C:\Program
Files\Pinnacle\Studio 14\Plugins\RTFx\tcshinestudio.log
### Trapcode Shine Studio
[Applications] :HKLM UnHackMe 5.99 release="C:\Program Files\UnHackMe\unins000
.exe"
### UnHackMe_is1 Setup/Uninstall Inno Setup 0.0.0.0
[Applications] :HKLM Unknown Device Identifier 7.00="C:\Program Files\Unknown
Device Identifier\unins000.exe"
### Unknown Device Identifier_is1
[Applications] :HKLM WIC
### WIC
[Applications] :HKLM Winamp="C:\Program Files\Winamp\UninstWA.exe"
### Winamp Winamp Installer Nullsoft, Inc. Winamp Installer 5.58 Build 2985
[Applications] :HKLM Windows Media Format Runtime="C:\Program Files\Windows Me
dia Player\wmsetsdk.exe" /UninstallAll
### Windows Media Format Runtime
[Applications] :HKLM Windows Live Essentials=C:\Program Files\Windows Live\Ins
taller\wlarp.exe
### WinLiveSuite_Wave3
[Applications] :HKLM WinRAR archiver=C:\Program Files\WinRAR\uninstall.exe
### WinRAR archiver
[Applications] :HKLM XML Paper Specification Shared Components Pack 1.0
### XpsEPSC
[Applications] :HKLM HP USB Disk Storage Format Tool=RunDll32 C:\PROGRA~1\COMM
ON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallSh
ield Installation Information\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}\Setup.exe"
-l0x9 anything
### {0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51} InstallShield (R) Ctor DLL InstallS
hield Software Corporation InstallShield (R) 6, 31
[Applications] :HKLM Windows Movie Maker 2 Winter Fun Pack=MsiExec.exe /I{106F
886B-A874-43DF-BCC4-01DB57E1F3C6}
### {106F886B-A874-43DF-BCC4-01DB57E1F3C6} Windows® installer Microsoft Corporat
ion Windows Installer - Unicode 4.5.6001.22159
[Applications] :HKLM Readon TV Movie Radio Player 7.2.0.0=MsiExec.exe /I{15848
54C-1513-40EA-96D4-493384D0A3C7}
### {1584854C-1513-40EA-96D4-493384D0A3C7} Windows® installer Microsoft Corporat
[Applications] :HKLM ccc-utility
### {1774C3D2-30FF-70EE-A1AF-1B771E2D2D33}
[Applications] :HKLM NVIDIA PhysX=MsiExec.exe /X{1C4551A6-4743-4093-91E4-1477C
D655043}
### {1C4551A6-4743-4093-91E4-1477CD655043} Windows® installer Microsoft Corporat
[Applications] :HKLM Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
.4148=MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
### {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Windows® installer Microsoft Corporat
[Applications] :HKLM Catalyst Control Center InstallProxy
### {1FE9594B-E51F-9845-0466-C0D1D915FBB5}
[Applications] :HKLM Windows Live Upload Tool=MsiExec.exe /I{205C6BDD-7B73-42D
E-8505-9A093F35A238}
### {205C6BDD-7B73-42DE-8505-9A093F35A238} Windows® installer Microsoft Corporat
[Applications] :HKLM MSVCRT=MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD9
4}
### {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Windows® installer Microsoft Corporat
[Applications] :HKLM Java(TM) 6 Update 20=MsiExec.exe /X{26A24AE4-039D-4CA4-87
B4-2F83216020FF}
### {26A24AE4-039D-4CA4-87B4-2F83216020FF} Windows® installer Microsoft Corporat
[Applications] :HKLM QuickTime=MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6
FFFD}
### {28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD} Windows® installer Microsoft Corporat
[Applications] :HKLM Windows Live Communications Platform=MsiExec.exe /I{3175E
049-F9A9-4A3D-8F19-AC9FB04514D1}
### {3175E049-F9A9-4A3D-8F19-AC9FB04514D1} Windows® installer Microsoft Corporat
[Applications] :HKLM CCC Help English
### {31DDEBE2-0F7D-A4AA-B8A9-9E1FD795FC2A}
[Applications] :HKLM WebFldrs XP
### {350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}
[Applications] :HKLM MainConcept MPEG2 Software Encoder=RunDll32 C:\PROGRA~1\C
OMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation Information\{394C4F1B-8C88-404C-B644-58203570E
EDB}\setup.exe" -l0x9
### {394C4F1B-8C88-404C-B644-58203570EEDB} InstallShield (R) Ctor DLL InstallS
hield Software Corporation InstallShield (R) 9.00
[Applications] :HKLM LogMeIn=MsiExec.exe /I{4475560E-9418-4908-A158-472D873AE1
39}
### {4475560E-9418-4908-A158-472D873AE139} Windows® installer Microsoft Corporat
[Applications] :HKLM ChrisTV PVR Professional 5.55="C:\Program Files\ChrisTV P
VR\unins000.exe"
### {44C8ECE8-A840-44E5-BB02-CAE035DEA248}_is1
[Applications] :HKLM Windows Live Sign-in Assistant=MsiExec.exe /I{45338B07-A2
36-4270-9A77-EBB4115517B5}
### {45338B07-A236-4270-9A77-EBB4115517B5} Windows® installer Microsoft Corporat
[Applications] :HKLM Windows Live Essentials=MsiExec.exe /I{474F25F5-BDC9-40E5
-B1B6-F6BF23FC106F}
### {474F25F5-BDC9-40E5-B1B6-F6BF23FC106F} Windows® installer Microsoft Corporat
[Applications] :HKLM KWorld DVB-T 220 Utilities=RunDll32 C:\PROGRA~1\COMMON~1\
INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\In
stallShield Installation Information\{477AB148-138C-46D2-820B-0DBFA744CEE8}\setu
p.exe" -l0x9 -uninst
### {477AB148-138C-46D2-820B-0DBFA744CEE8} InstallShield (R) Ctor DLL InstallS
[Applications] :HKLM Windows Movie Maker 2.0
### {49FC50FC-F965-40D9-89B4-CBFF80941033}
[Applications] :HKLM Java Auto Updater
### {4A03706F-666A-4037-7777-5F2748764D10}
[Applications] :HKLM SmartSound Quicktracks Plugin
### {4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
[Applications] :HKLM Apple Application Support=MsiExec.exe /I{553255F3-78FD-40
F1-A6F8-6882140265FE}
### {553255F3-78FD-40F1-A6F8-6882140265FE} Windows® installer Microsoft Corporat
[Applications] :HKLM {582876EC-A178-44D4-9823-C10D6C62EAFF}=MsiExec /X{1C4551A
6-4743-4093-91E4-1477CD655043}
### {582876EC-A178-44D4-9823-C10D6C62EAFF} Windows® installer Microsoft Corporat
=MsiExec.exe /X{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}
### {5DA8F6CD-C70E-39D8-8430-3D9808D6BD17} Windows® installer Microsoft Corporat
[Applications] :HKLM PowerDVD=RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\
INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Infor
mation\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
### {6811CAA0-BF12-11D4-9EA1-0050BAE317E1} InstallShield (R) Ctor DLL InstallS
[Applications] :HKLM Apple Software Update=MsiExec.exe /I{6956856F-B6B3-4BE0-B
A0B-8F495BE32033}
### {6956856F-B6B3-4BE0-BA0B-8F495BE32033} Windows® installer Microsoft Corporat
[Applications] :HKLM Pinnacle Video Driver=MsiExec.exe /X{6DE721A5-5E89-4D74-9
94C-652BB3C0672E}
### {6DE721A5-5E89-4D74-994C-652BB3C0672E} Windows® installer Microsoft Corporat
[Applications] :HKLM Microsoft Visual C++ 2005 Redistributable=MsiExec.exe /X{
7299052b-02a4-4627-81f2-1818da5d550d}
### {7299052b-02a4-4627-81f2-1818da5d550d} Windows® installer Microsoft Corporat
[Applications] :HKLM Catalyst Control Center - Branding=MsiExec.exe /I{8732356
1-58BA-4D5B-BADA-A791B69D1705}
### {87323561-58BA-4D5B-BADA-A791B69D1705} Windows® installer Microsoft Corporat
[Applications] :HKLM MuchTV=RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\IN
TEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Informa
tion\{8BC43240-7AC3-11D5-A4FA-303C52C11C00}\Setup.exe"
### {8BC43240-7AC3-11D5-A4FA-303C52C11C00} InstallShield (R) Ctor DLL InstallS
[Applications] :HKLM Battlefield Heroes="C:\Program Files\EA Games\Battlefield
Heroes\uninstaller.exe" "C:\Program Files\EA Games\Battlefield Heroes\Uninstall
.xml"
### {8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}
[Applications] :HKLM Microsoft Application Error Reporting
### {95120000-00B9-0409-0000-0000000FF1CE}
.17=MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
### {9A25302D-30C0-39D9-BD6F-21E6EC160475} Windows® installer Microsoft Corporat
[Applications] :HKLM Segoe UI=MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69
FB7}
### {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Windows® installer Microsoft Corporat
[Applications] :HKLM Microsoft .NET Framework 3.0 Service Pack 2=MsiExec.exe /
I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
### {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Windows® installer Microsoft Corporat
[Applications] :HKLM MSXML 6.0 Parser=MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-6
5995063EC44}
### {A43BF6A5-D5F0-4AAA-BF41-65995063EC44} Windows® installer Microsoft Corporat
[Applications] :HKLM Pinnacle Studio 14=MsiExec.exe /I{AADD1C8F-D59F-4D55-A726
-768C71A205A8}
### {AADD1C8F-D59F-4D55-A726-768C71A205A8} Windows® installer Microsoft Corporat
[Applications] :HKLM Adobe Reader 9.3.4=MsiExec.exe /I{AC76BA86-7AD7-1033-7B44
-A93000000001}
### {AC76BA86-7AD7-1033-7B44-A93000000001} Windows® installer Microsoft Corporat
[Applications] :HKLM ACDSee 9 Photo Manager=MsiExec.exe /X{B2D41883-3BFC-4BA0-
A2F6-5A2C9836C238}
### {B2D41883-3BFC-4BA0-A2F6-5A2C9836C238} Windows® installer Microsoft Corporat
[Applications] :HKLM Windows Live Messenger=MsiExec.exe /X{B57EAFF2-D6EE-4C6C-
9175-ED9F17BFC1BC}
### {B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC} Windows® installer Microsoft Corporat
[Applications] :HKLM Windows Presentation Foundation=MsiExec.exe /X{BAF78226-3
200-4DB4-BE33-4D922A799840}
### {BAF78226-3200-4DB4-BE33-4D922A799840} Windows® installer Microsoft Corporat
[Applications] :HKLM ccc-core-static
### {BEAED2F4-04C7-95C4-7D8F-500EFE6CD1F9}
[Applications] :HKLM Microsoft .NET Framework 2.0 Service Pack 2=MsiExec.exe /
I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
### {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Windows® installer Microsoft Corporat
[Applications] :HKLM CyberLink PowerDirector="C:\Program Files\InstallShield I
nstallation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uni
nstall
### {CB099890-1D5F-11D5-9EA9-0050BAE317E1} Setup Launcher
Macrovision Corpor
ation InstallShield
12.0
[Applications] :HKLM WinZip 14.5=MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91
C240BD}
### {CD95F661-A5C4-44F5-A6AA-ECDD91C240BD} Windows® installer Microsoft Corporat
[Applications] :HKLM Microsoft .NET Framework 3.5 SP1=MsiExec.exe /I{CE2CDD62-
0124-36CA-84D3-9F4DCF5C5BD9}
### {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Windows® installer Microsoft Corporat
[Applications] :HKLM Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)=C:
\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /u
ninstall /qb+ REBOOTPROMPT=""
### {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 Windows® installer Microsoft
Corporation Windows Installer - Unicode 4.5.6001.22159
[Applications] :HKLM Catalyst Control Center Graphics Previews Common
### {CE567716-7997-E0AE-DD81-1A5D49A5FB25}
[Applications] :HKLM AoA Audio Extractor="C:\Program Files\AoA Audio Extractor
\unins000.exe"
### {D1725D54-279A-40C5-A70D-23C1785DB920}_is1
[Applications] :HKLM Windows XP Creativity Fun Packs - Windows Movie Maker 2=M
siExec.exe /X{DA2D4D11-1811-4A24-B719-BF9F048C6106}
### {DA2D4D11-1811-4A24-B719-BF9F048C6106} Windows® installer Microsoft Corporat
[Applications] :HKLM TV Expert=RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1
\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Inst
allation Information\{E51FDEE5-FCDB-4EF0-8C0A-37D5C896DA45}\setup.exe" -l0x9 -r
emoveonly
### {E51FDEE5-FCDB-4EF0-8C0A-37D5C896DA45} InstallShield (R) Ctor DLL InstallS
hield Software Corporation InstallShield (R) 10.01
[Applications] :HKLM Windows Live Call=MsiExec.exe /I{E6158D07-2637-4ECF-B576-
37C489669174}
### {E6158D07-2637-4ECF-B576-37C489669174} Windows® installer Microsoft Corporat
[Applications] :HKLM Skype 5.0=MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF346
7E8}
### {E633D396-5188-4E9D-8F6B-BFB8BF3467E8} Windows® installer Microsoft Corporat
[Applications] :HKLM Avatar - The Last Airbender=RunDll32 C:\PROGRA~1\COMMON~1
\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\I
nstallShield Installation Information\{E67EDCA1-18E1-4136-ABF6-D21F2A129A46}\set
up.exe" -l0x9 -uninst
### {E67EDCA1-18E1-4136-ABF6-D21F2A129A46} InstallShield (R) Ctor DLL InstallS
[Applications] :HKLM Microsoft Choice Guard=MsiExec.exe /X{F0E12BBA-AD66-4022-
A453-A1C8A0C4D570}
### {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Windows® installer Microsoft Corporat
[Applications] :HKLM Realtek High Definition Audio Driver=RunDll32 C:\PROGRA~1
\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Progr
am Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108F
E7DBC}\setup.exe" -l0x9 -removeonly
### {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} InstallShield (R) Ctor DLL Macrovis
ion Corporation InstallShield 11.50
[Applications] :HKLM Pinnacle Studio Ultimate Collection Plugins=MsiExec.exe /
I{F5C372A1-40F3-49DA-A049-F75CDE9177DC}
### {F5C372A1-40F3-49DA-A049-F75CDE9177DC} Windows® installer Microsoft Corporat
[Applications] :HKLM GPU Caps Viewer 1.9.0="C:\Program Files\Geeks3D\GPU_Caps_
Viewer_v1.9.0\unins000.exe"
### {F6E04BE8-2FA4-44C4-9BD3-142CE3EB15B4}_is1
=MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
### {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} Windows® installer Microsoft Corporat
[MD5]
[6C1B31F5C16E03153F0037AC6C451FFD][1 2838912
]C:\PROGRA~1\ALWILS~1\AVAST5\AVASTUI.EXE
[9DA0C6D1B8344F872108F621B56194FF][2 85504
]C:\PROGRA~1\COMBIN~1\FILTERS\FFDSHOW\FF_VFW.DLL
[FB0A62DBDF98A5466105D19B199C83BF][1 2164104 2DE0C721FB07F9FE3723E2ABBBD
677503F98A695 ]C:\PROGRA~1\COMMON~1\SKYPE\SKYPE4~1.DLL
[8462304CBD54857A5943BDA8A6EDE5ED][2 8801
]C:\PROGRA~1\DSCALER\DSDRV4.SYS
[89CE670C30E0D04A46CABDEDC51B7292][1 4766488 B35BC7E55AF6D8F5152CE7596E8
055CDCD9431BC ]C:\PROGRA~1\GREATIS\REGRUN~1\REGRUN2.EXE
[A45F4416A75C6E40599C81D526257197][2 335943
]C:\PROGRA~1\GREATIS\REGRUN~1\RRSHELL.DLL
[74165D44075CF3D03C98530783B8610E][1 61264
]C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
[EA96679AD69135BAAE67499C96C81730][1 81072
]C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\ASHSHELL.DLL
[ACB544D7254F366DFB48F380BC36CD25][1 40384
]C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\AVASTSVC.EXE
[42460A9342F730987B1454721353E85E][1 97760 D2651A1900D95305B381E0B6CE7
91F29C6C159F0 ]C:\PROGRAM FILES\AUTOCOMPLETEPRO\AUTOCOMPLETEPRO.DLL
[6D9042F1443A601DA8DC24D991EDDD0A][1 75200
]C:\PROGRAM FILES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\ACROIEHELP
ERSHIM.DLL
[B7899C3E21B299D7A3C0DA96CAE340BD][1 408448
]C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WI
NDOWSLIVELOGIN.DLL
[616F6E52CAE254727A886BA8EDA1BEEA][1 247152
]C:\PROGRAM FILES\CYBERLINK\SHARED FILES\RICHVIDEO.EXE
[5716DD3DEC01F5D185A2EAC81D4078F3][1 2217280
]C:\PROGRAM FILES\DAEMON TOOLS LITE\ENGINE.DLL
[B60DDDD2D63CE41CB8C487FCFBB6419E][1 638816
]C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
[385BD69743EA92E76CDF07B3345A25D5][1 41760
]C:\PROGRAM FILES\JAVA\JRE6\BIN\JP2SSV.DLL
[1834C96FB1F9280BCF6DDFA6DE8338BF][1 153376
]C:\PROGRAM FILES\JAVA\JRE6\BIN\JQS.EXE
[4E2BB6D2677B42AD04BE18A6E9817B68][1 79648
]C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\IE\JQS_PLUGIN.DLL
[FDEA00D7B13211FEC24E411FDA43D9BA][1 374152
]C:\PROGRAM FILES\LOGMEIN\X86\LMIGUARDIANSVC.EXE
[9015122D04C195BDAB88FEBCBAE229DB][1 63040
]C:\PROGRAM FILES\LOGMEIN\X86\LOGMEIN.EXE
[4F69FAAABB7DB0D43E327C0B6AAB40FC][1 12856
]C:\PROGRAM FILES\LOGMEIN\X86\RAINFO.SYS
[E67977626735C9033AA6EB264329CE98][1 116104
]C:\PROGRAM FILES\LOGMEIN\X86\RAMAINT.EXE
[1AA23094CE90784854FB1F25BE645AFA][1 14940040 12571BC2A8E887F3E36D17E4492
DB38D9FC231FB ]C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE
[771C906AA119777D3FE7377F9A6A19DC][2 305664
]C:\PROGRAM FILES\TERACOPY\TERACOPYEXT.DLL
[360E83E16A06730042E1CDF8BC113CB6][1 594200 A7F22C8DB57EE11B6AFF9E51CCE
55175A930D885 ]C:\PROGRAM FILES\UNHACKME\HACKMON.EXE
[ -2][0 -1
]C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE
[F4BF3B83F909440724A358665867D6C8][1 214528
]C:\PROGRAM FILES\WINDOWS NT\ACCESSORIES\WORDPAD.EXE
[82F0E6886AD9774F4504FE24B4EE3A42][2 121344
]C:\PROGRAM FILES\WINRAR\RAREXT.DLL
[BC2B88503FE0A5761533F87AB14C2781][1 494920
]C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
[66DA6F6A67D238721A3FCEB70C8DC2D0][2 5120
]C:\PROGRAM FILES\WINZIP\WZSHLSTB.DLL
[90A2F1892544AC2425281DB0B886C486][1 222584 6B38B794588F39F325C2D49DB2E
49509771E9771 ]C:\WINDOWS\DOWNLOADED PROGRAM FILES\BFHUPDATER.DLL
[ -2][0 -1
]C:\WINDOWS\DOWNLOADED PROGRAM FILES\BFHUPDATER.EXE
[7FC507D16DC865D0DE2E5B5D319BE4E7][2 589824 662FEDBBDE4268BDDD6A74E102F
1C68700976C53 ]C:\WINDOWS\DOWNLOADED PROGRAM FILES\DIGITALKSIPCAB.OCX
[12896823FB95BFB3DC9B46BCAEDC9923][1 1033728
]C:\WINDOWS\EXPLORER.EXE
[0A429C99CAE89CBD00D0451A5402C3A1][1 208896
]C:\WINDOWS\INF\UNREGMP2.EXE
[D34612C5D02D026535B3095D620626AE][1 132096
]C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS COMMUNICATION
FOUNDATION\SMSVCHOST.EXE
[8BA7C024070F2B7FDD98ED8A4BA41789][1 46104
]C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WPF\PRESENTATIONFONTCA
CHE.EXE
[ -2][0 -1
]C:\WINDOWS\NETWORK DIAGNOSTIC\XPNETDIAG.EXE
[B32A4DB8FA8BA07AFB1E86F8C9FB852E][1 769024
]C:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\HELPCTR.EXE
[A81135541C9D4EBCE43EFA8AD31395B4][1 169984
]C:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\MSCONFIG.EXE
[4FCCA060DFE0C51A09DD5C3843888BCD][6 38400
]C:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\PCHSVC.DLL
[321CD85C4B67CA5AC01546EC336FB61B][1 16380416
]C:\WINDOWS\RTHDCPL.EXE
[7D9A9C636D2B7793E1E02E532F85EE37][1 468496
]C:\WINDOWS\SYSTEM32\ACDV.DLL
[BAB489A5FE26F2D0C910CF7AF7E4CF92][1 617472
]C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
[8C515081584A38AA007909CD02020B3D][6 44544
]C:\WINDOWS\SYSTEM32\ALG.EXE
[A9A3DAA780CA6C9671A19D52456705B4][6 17408
]C:\WINDOWS\SYSTEM32\ALRSVC.DLL
[D8849F77C0B66226335A59D26CB4EDC6][6 167936
]C:\WINDOWS\SYSTEM32\APPMGMTS.DLL
[3275C80A35AF33AC033A0C2D30E4FAE7][1 692224
]C:\WINDOWS\SYSTEM32\ATI2CQAG.DLL
[F5ED29F66A745D6DF61E0FC47AAA70E2][1 299520
]C:\WINDOWS\SYSTEM32\ATI2DVAG.DLL
[459045736C5DACEB77D84E9FAFE21615][1 159744
]C:\WINDOWS\SYSTEM32\ATI2EVXX.DLL
[1BD87FEC00508DCFC23AF4727BA14333][1 602112
]C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
[900A49A42D86969933DFF36F737C89BD][1 3699936
]C:\WINDOWS\SYSTEM32\ATI3DUAG.DLL
[E407AB1436BA741BD755A8428BFF88E3][1 573440
]C:\WINDOWS\SYSTEM32\ATIKVMAG.DLL
[58FD07C0FA48EE367B21D44E8CFDC467][1 393216
]C:\WINDOWS\SYSTEM32\ATIOK3X2.DLL
[DC50F58A6EA9B7C3F5A1BF83E7A583D3][1 2256512
]C:\WINDOWS\SYSTEM32\ATIVVAXX.DLL
[34EF4739A4D9D09A96069198F42B8D99][6 285696
]C:\WINDOWS\SYSTEM32\ATMFD.DLL
[DEF7A7882BEC100FE0B2CE2549188F9D][6 42496
]C:\WINDOWS\SYSTEM32\AUDIOSRV.DLL
[CC306BF581446D5E443EAE5B3BB900F0][6 12288
]C:\WINDOWS\SYSTEM32\BOOTVID.DLL
[A06CE3399D16DB864F55FAEB1F1927A9][6 77824
]C:\WINDOWS\SYSTEM32\BROWSER.DLL
[E392E172687BE172F8600C5F41AB03D9][1 1025024
]C:\WINDOWS\SYSTEM32\BROWSEUI.DLL
[1CFE720EB8D93A7158A4EBC3AB178BDE][6 5632
]C:\WINDOWS\SYSTEM32\CISVC.EXE
[34CBE729F38138217F9C80212A2A0C82][1 33280
]C:\WINDOWS\SYSTEM32\CLIPSRV.EXE
[5D3D1AB0EF4EA55B731863050482C111][6 47104
]C:\WINDOWS\SYSTEM32\CNBJMON.DLL
[BDAAF79DD63F194434D31A74B9BB8B77][6 599040
]C:\WINDOWS\SYSTEM32\CRYPT32.DLL
[C14350FC0D47D806699C4F907FC6785B][6 64512
]C:\WINDOWS\SYSTEM32\CRYPTNET.DLL
[3D4E199942E29207970E04315D02AD3B][6 62464
]C:\WINDOWS\SYSTEM32\CRYPTSVC.DLL
[515A7FAE2070C2B0242B2353443E2F11][1 101888
]C:\WINDOWS\SYSTEM32\CSCDLL.DLL
[085ED2E391A871C7BAE87E0228B546BA][1 326656
]C:\WINDOWS\SYSTEM32\CSCUI.DLL
[5F1D5F88303D4A4DBC8E5F97BA967CC3][1 15360
]C:\WINDOWS\SYSTEM32\CTFMON.EXE
[A340CD71EB535A3DD751B5F28723E50C][6 279552
]C:\WINDOWS\SYSTEM32\DDRAW.DLL
[5E38D7684A49CACFB752B046357E0589][6 126976
]C:\WINDOWS\SYSTEM32\DHCPCSVC.DLL
[E2092F0A1D7ABC243F9C2362483D150D][6 19456
]C:\WINDOWS\SYSTEM32\DIMSNTFY.DLL
[0A9BA6AF531AFE7FA5E4FB973852D863][6 5120
]C:\WINDOWS\SYSTEM32\DLLHOST.EXE
[E46050330BD42F33609117F861E32D3C][6 224768
]C:\WINDOWS\SYSTEM32\DMADMIN.EXE
[57EDEC2E5F59F0335E92F35184BC8631][6 23552
]C:\WINDOWS\SYSTEM32\DMSERVER.DLL
[474B4DC3983173E4B4C9740B0DAC98A6][6 45568
]C:\WINDOWS\SYSTEM32\DNSRSLVR.DLL
[0F0F6E687E5E15579EF4DA8DD6945814][6 132096
]C:\WINDOWS\SYSTEM32\DOT3SVC.DLL
[ -2][0 -1
]C:\WINDOWS\SYSTEM32\DRIVERS\A6SUZGX9.SYS
[8D488938E2F7048906F1FBD3AF394887][1 28880
]C:\WINDOWS\SYSTEM32\DRIVERS\AAVMKER4.SYS
[8FD99680A539792A30E97944FDAECF17][6 187776
]C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS
[9859C0F6936E723E4892D7141B1327D5][6 11648
]C:\WINDOWS\SYSTEM32\DRIVERS\acpiec.sys
[8BED39E3C35D6A489438B8141717A557][6 142592
]C:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS
[322D0E36693D6E24A2398BEE62A268CD][6 138112
]C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS
[D7701D7E72243286CC88C9973D891057][6 37376
]C:\WINDOWS\SYSTEM32\DRIVERS\amdk6.sys
[8FCE268CDBDD83B23419D1F35F42C7B1][6 37760
]C:\WINDOWS\SYSTEM32\DRIVERS\amdk7.sys
[B5B8A80875C1DEDEDA8B02765642C32F][6 60800
]C:\WINDOWS\SYSTEM32\DRIVERS\arp1394.sys
[D48659BB24C48345D926ECB45C1EBDF5][1 5810
]C:\WINDOWS\SYSTEM32\DRIVERS\ASACPI.SYS
[2AD78087FF299D1596F0336749F84B1F][1 12536
]C:\WINDOWS\SYSTEM32\DRIVERS\ASUSHWIO.SYS
[A0D86B8AC93EF95620420C7A24AC5344][1 17744
]C:\WINDOWS\SYSTEM32\DRIVERS\ASWFSBLK.SYS
[570158B3B6FABC239992B42F5D23E5DF][1 94544
]C:\WINDOWS\SYSTEM32\DRIVERS\aswmon.sys
[7D880C76A285A41284D862E2D798EC0D][1 100176
]C:\WINDOWS\SYSTEM32\DRIVERS\ASWMON2.SYS
[69823954BBD461A73D69774928C9737E][1 23376
]C:\WINDOWS\SYSTEM32\DRIVERS\ASWRDR.SYS
[7ECC2776638B04553F9A85BD684C3ABF][1 165584
]C:\WINDOWS\SYSTEM32\DRIVERS\ASWSP.SYS
[095ED820A926AA8189180B305E1BCFC9][1 46672
]C:\WINDOWS\SYSTEM32\DRIVERS\ASWTDI.SYS
[B153AFFAC761E7F5FCFA822B9C4E97BC][6 14336
]C:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS
[9F3A2F5AA6875C72BF062C712CFA2674][6 96512
]C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS
[3EE25700459BA2F493AB4B61412596F7][1 53248 6606BD438C637857400A3DEB2E2
87738C175B86C ]C:\WINDOWS\SYSTEM32\DRIVERS\ati2erec.dll
[CAADF7AA3ABC6AFCB3D02B129DE9863A][1 4830720
]C:\WINDOWS\SYSTEM32\DRIVERS\ATI2MTAG.SYS
[F0D933B42CD0594048E4D5200AE9E417][1 281760
]C:\WINDOWS\SYSTEM32\DRIVERS\ATKSGT.SYS
[9916C1225104BA14794209CFA8012159][6 59904
]C:\WINDOWS\SYSTEM32\DRIVERS\ATMARPC.SYS
[39A0A59180F19946374275745B21AEBA][6 31360
]C:\WINDOWS\SYSTEM32\DRIVERS\atmepvc.sys
[AE76348A2605FB197FA8FF1D6F547836][6 55808
]C:\WINDOWS\SYSTEM32\DRIVERS\atmlane.sys
[E7EF69B38D17BA01F914AE8F66216A38][6 352256
]C:\WINDOWS\SYSTEM32\DRIVERS\atmuni.sys
[D9F724AA26C010A217C97606B160ED68][6 3072
]C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS
[DA1F27D85E0D1525F6621372E7B685E9][6 4224
]C:\WINDOWS\SYSTEM32\DRIVERS\BEEP.SYS
[F934D1B230F84E1D19DD00AC5A7A83ED][6 71552
]C:\WINDOWS\SYSTEM32\DRIVERS\bridge.sys
[72C98B32DF52A641338A1599F6FC7CA8][2 23552 7C1DC7CDD6030C6F0306A3AEA76
73AC76DBFBFB4 ]C:\WINDOWS\SYSTEM32\DRIVERS\BT878.SYS
[90A673FC8E12A79AFBED2576F6A7AAF9][6 13952
]C:\WINDOWS\SYSTEM32\DRIVERS\cbidf2k.sys
[0BE5AEF125BE881C4F854C554F2B025C][1 17024
]C:\WINDOWS\SYSTEM32\DRIVERS\CCDECODE.SYS
[C1B486A7658353D33A10CC15211A873B][6 18688
]C:\WINDOWS\SYSTEM32\DRIVERS\cdaudio.sys
[C885B02847F5D2FD45A24E219ED93B32][6 63744
]C:\WINDOWS\SYSTEM32\DRIVERS\CDFS.SYS
[9714B7C918C6543D69074EC101F86AC4][1 9072
]C:\WINDOWS\SYSTEM32\DRIVERS\cdr4_xp.sys
[0D856D16C08440BFB566D6CDD9948D4E][1 9200
]C:\WINDOWS\SYSTEM32\DRIVERS\cdralw2k.sys
[1F4260CC5B42272D71F79E570A27A4FE][6 62976
]C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS
[B562592B7F5759C99E179CA467ECFB4C][6 262528
]C:\WINDOWS\SYSTEM32\DRIVERS\cinemst2.sys
[FE47DD8FE6D7768FF94EBEC6C74B2719][6 49536
]C:\WINDOWS\SYSTEM32\DRIVERS\CLASSPNP.SYS
[9624293E55AD405415862B504CA95B73][6 11776
]C:\WINDOWS\SYSTEM32\DRIVERS\cpqdap01.sys
[F50D9BDBB25CCE075E514DC07472A22F][6 36736
]C:\WINDOWS\SYSTEM32\DRIVERS\crusoe.sys
[044452051F3E02E7963599FC8F4F3E25][6 36352
]C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS
[E65E2353A5D74EA89971CB918EEEB2F6][6 14208
]C:\WINDOWS\SYSTEM32\DRIVERS\diskdump.sys
[D992FE1274BDE0F84AD826ACAE022A41][6 799744
]C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS
[7C824CF7BBDE77D95C08005717A95F6F][6 153344
]C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS
[E9317282A63CA4D188C0DF5E09C6AC5F][6 5888
]C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS
[8A208DFCF89792A484E76C40E5F50B45][6 52864
]C:\WINDOWS\SYSTEM32\DRIVERS\DMUSIC.SYS
[6CB08593487F5701D2D2254E693EAFCE][6 60160
]C:\WINDOWS\SYSTEM32\DRIVERS\DRMK.SYS
[8F5FCFF8E8848AFAC920905FBD9D33C8][6 2944
]C:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS
[FE97D0343ACFDEBDD578FC67CC91FA87][6 10496
]C:\WINDOWS\SYSTEM32\DRIVERS\DXAPI.SYS
[AC7280566A7BB85CB3291F04DDC1198E][6 71168
]C:\WINDOWS\SYSTEM32\DRIVERS\DXG.SYS
[A73F5D6705B1D820C19B18782E176EFD][6 3328
]C:\WINDOWS\SYSTEM32\DRIVERS\DXGTHK.SYS
[38D332A6D56AF32635675F132548343E][6 143744
]C:\WINDOWS\SYSTEM32\DRIVERS\fastfat.sys
[92CDD60B6730B9F50F6A1A0C1F8CDC81][6 27392
]C:\WINDOWS\SYSTEM32\DRIVERS\fdc.sys
[D45926117EB9FA946A6AF572FBE1CAA3][6 44544
]C:\WINDOWS\SYSTEM32\DRIVERS\FIPS.SYS
[9D27E7B80BFCDF1CDD9B555862D5E7F0][6 20480
]C:\WINDOWS\SYSTEM32\DRIVERS\flpydisk.sys
[B2CF4B0786F8212CB92ED2B50C6DB6B0][6 129792
]C:\WINDOWS\SYSTEM32\DRIVERS\FLTMGR.SYS
[3E1E2BD4F39B0E2B7DC4F4D2BCC2779A][6 7936
]C:\WINDOWS\SYSTEM32\DRIVERS\FS_REC.SYS
[455F778EE14368468560BD7CB8C854D0][6 12160
]C:\WINDOWS\SYSTEM32\DRIVERS\fsvga.sys
[6AC26732762483366C3969C9E4D2259D][6 125056
]C:\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS
[F22207841D5958D5185392A4FA485885][2 138932 3A6984ABC07F316F027A7F909F2
77EE06A96A2DA ]C:\WINDOWS\SYSTEM32\DRIVERS\HCW848NT.SYS
[573C7D0A32852B48F3058CFD8026F511][6 144384
]C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDBUS.SYS
[1AF592532532A402ED7C060F6954004F][1 36864
]C:\WINDOWS\SYSTEM32\DRIVERS\HIDCLASS.SYS
[96ECCF28FDBF1B2CC12725818A63628D][1 24960
]C:\WINDOWS\SYSTEM32\DRIVERS\HIDPARSE.SYS
[CCF82C5EC8A7326C3066DE870C06DAF1][1 10368
]C:\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS
[F6AACF5BCE2893E0C1754AFEB672E5C9][6 264832
]C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS
[4A0B06AA8943C1E332520F7440C0AA30][6 52480
]C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS
[0A7C49B48C772591A2D362DAA00246C8][2 5504
]C:\WINDOWS\SYSTEM32\DRIVERS\IMAGEDRV.SYS
[549BA4F539E7B8D8129500B96DD7B27A][2 125184
]C:\WINDOWS\SYSTEM32\DRIVERS\IMAGESRV.SYS
[083A052659F5310DD8B6A6CB05EDCF8E][6 42112
]C:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS
[8C953733D8F36EB2133F5BB58808B66B][6 36352
]C:\WINDOWS\SYSTEM32\DRIVERS\intelppm.sys
[3BB22519A194418D5FEC05D800A19AD0][6 36608
]C:\WINDOWS\SYSTEM32\DRIVERS\IP6FW.SYS
[731F22BA402EE4B62748ADAF6363C182][6 32896
]C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS
[B87AB476DCF76E72010632B5550955F5][6 20864
]C:\WINDOWS\SYSTEM32\DRIVERS\IPINIP.SYS
[CC748EA12C6EFFDE940EE98098BF96BB][6 152832
]C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS
[23C74D75E36E7158768DD63D92789A91][6 75264
]C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS
[C93C9FF7B04D772627A3646D89F7BF89][6 11264
]C:\WINDOWS\SYSTEM32\DRIVERS\IRENUM.SYS
[05A299EC56E52649B1CF2FC52D20F2D7][6 37248
]C:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS
[463C1EC80CD17420A542B7F36A36F128][6 24576
]C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS
[9EF487A186DEA361AA06913A75B3FA99][1 14592
]C:\WINDOWS\SYSTEM32\DRIVERS\KBDHID.SYS
[692BCF44383D056AED41B045A323D378][6 172416
]C:\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS
[0753515F78DF7F271A5E61C20BCD36A1][6 141056
]C:\WINDOWS\SYSTEM32\DRIVERS\KS.SYS
[1705745D900DABF2D89F90EBADDC7517][6 92288
]C:\WINDOWS\SYSTEM32\DRIVERS\KSECDD.SYS
[F8A7212D0864EF5E9185FB95E6623F4D][1 25888
]C:\WINDOWS\SYSTEM32\DRIVERS\LIRSGT.SYS
[4477689E2D8AE6B78BA34C9AF4CC1ED1][1 10144
]C:\WINDOWS\SYSTEM32\DRIVERS\LMIMIRR.SYS
[3FAA563DDF853320F90259D455A01D79][1 47640
]C:\WINDOWS\SYSTEM32\DRIVERS\LMIRFSDRIVER.SYS
[A3E700D78EEC390F1208098CDCA5C6B6][2 171520
]C:\WINDOWS\SYSTEM32\DRIVERS\MARVINBUS.SYS
[D1F8BE91ED4DDB671D42E473E3FE71AB][6 7680
]C:\WINDOWS\SYSTEM32\DRIVERS\mcd.sys
[A7DA20AB18A1BDAE28B0F349E57DA0D1][6 63744
]C:\WINDOWS\SYSTEM32\DRIVERS\mf.sys
[4AE068242760A1FB6E1A44BF4E16AFA6][6 4224
]C:\WINDOWS\SYSTEM32\DRIVERS\MNMDD.SYS
[DFCBAD3CEC1C5F964962AE10E0BCC8E1][6 30080
]C:\WINDOWS\SYSTEM32\DRIVERS\modem.sys
[35C9E97194C8CFB8430125F8DBC34D04][6 23040
]C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS
[B1C303E17FB9D46E87A98E4BA6769685][1 12160
]C:\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS
[A80B9A0BAD1B73637DBCBBA7DF72D3FD][6 42368
]C:\WINDOWS\SYSTEM32\DRIVERS\MOUNTMGR.SYS
[70C14F5CCA5CF73F8A645C73A01D8726][6 92544
]C:\WINDOWS\SYSTEM32\DRIVERS\mqac.sys
[11D42BB6206F33FBB3BA0288D3EF81BD][6 180608
]C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS
[68755F0FF16070178B54674FE5B847B0][6 456576
]C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS
[C941EA2454BA8350021D774DAF0F1027][6 19072
]C:\WINDOWS\SYSTEM32\DRIVERS\MSFS.SYS
[0A02C63C8B144BD8C86B103DEE7C86A2][6 35072
]C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS
[D1575E71568F4D9E14CA56B7B0453BF1][6 7552
]C:\WINDOWS\SYSTEM32\DRIVERS\MSKSSRV.SYS
[325BB26842FC7CCC1FCCE2C457317F3E][6 5376
]C:\WINDOWS\SYSTEM32\DRIVERS\MSPCLOCK.SYS
[BAD59648BA099DA4A17680B39730CB3D][6 4992
]C:\WINDOWS\SYSTEM32\DRIVERS\MSPQM.SYS
[AF5F4F3F14A8EA2C26DE30F7A1E17136][6 15488
]C:\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS
[E53736A9E30C45FA9E7B5EAC55056D1D][1 5504
]C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.SYS
[2F625D11385B1A94360BFC70AAEFDEE1][6 105344
]C:\WINDOWS\SYSTEM32\DRIVERS\MUP.SYS
[5B50F1B2A2ED47D560577B221DA734DB][1 85248
]C:\WINDOWS\SYSTEM32\DRIVERS\NABTSFEC.SYS
[1DF7F42665C94B825322FAE71721130D][6 182656
]C:\WINDOWS\SYSTEM32\DRIVERS\NDIS.SYS
[7FF1F1FD8609C149AA432F95A8163D97][1 10880
]C:\WINDOWS\SYSTEM32\DRIVERS\NDISIP.SYS
[1AB3D00C991AB086E69DB84B6C0ED78F][6 10112
]C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS
[F927A4434C5028758A842943EF1A3849][6 14592
]C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS
[EDC1531A49C80614B2CFDA43CA8659AB][6 91520
]C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS
[6215023940CFD3702B46ABC304E1D45A][6 40576
]C:\WINDOWS\SYSTEM32\DRIVERS\NDPROXY.SYS
[5D81CF9A2F1A3A756B66CF684911CDF0][6 34688
]C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS
[74B2B2F5BEA5E9A3DC021D685551BD3D][6 162816
]C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS
[E9E47CFB2D461FA0FC75B7A74C6383EA][6 61824
]C:\WINDOWS\SYSTEM32\DRIVERS\nic1394.sys
[BE984D604D91C217355CDD3737AAD25D][6 12032
]C:\WINDOWS\SYSTEM32\DRIVERS\nikedrv.sys
[1E421A6BCF2203CC61B821ADA9DE878B][6 40320
]C:\WINDOWS\SYSTEM32\DRIVERS\nmnt.sys
[3182D64AE053D6FB034F44B6DEF8034A][6 30848
]C:\WINDOWS\SYSTEM32\DRIVERS\NPFS.SYS
[78A08DD6A8D65E697C18E1DB01C5CDCA][6 574976
]C:\WINDOWS\SYSTEM32\DRIVERS\NTFS.SYS
[73C1E1F395918BC2C6DD67AF7591A3AD][6 2944
]C:\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS
[EF9941593B2E9B436F64A87DDB570D1A][1 105472
]C:\WINDOWS\SYSTEM32\DRIVERS\NVATA.SYS
[24336267DF2A52E2785D50F41B9CF9B8][1 46080
]C:\WINDOWS\SYSTEM32\DRIVERS\NVENETFD.SYS
[FEA32E16BD1DDA896A647A6E19216FCA][1 19968
]C:\WINDOWS\SYSTEM32\DRIVERS\NVNETBUS.SYS
[E0776519DBDB8755746E6892D01B44A0][1 928512
]C:\WINDOWS\SYSTEM32\DRIVERS\NVNRM.SYS
[D6C40B5F507EB95ADA2D484E2BFC2035][1 261632
]C:\WINDOWS\SYSTEM32\DRIVERS\nvsnpu.sys
[4357A97F548285325100E82D1190C991][1 110592
]C:\WINDOWS\SYSTEM32\DRIVERS\nvtcp.sys
[B305F3FAD35083837EF46A0BBCE2FC57][6 12416
]C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFLT.SYS
[C99B3415198D1AAB7227F2C88FD664B9][6 32512
]C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFWD.SYS
[8B8B1BE2DBA4025DA6786C645F77F123][6 88320
]C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkipx.sys
[56D34A67C05E94E16377C60609741FF8][6 63232
]C:\WINDOWS\SYSTEM32\DRIVERS\nwlnknb.sys
[C0BB7D1615E1ACBDC99757F6CEAF8CF0][6 55936
]C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkspx.sys
[36B9B950E3D2E100970A48D8BAD86740][6 163584
]C:\WINDOWS\SYSTEM32\DRIVERS\nwrdr.sys
[4BB30DDC53EBC76895E38694580CDFE9][6 3456
]C:\WINDOWS\SYSTEM32\DRIVERS\oprghdlr.sys
[C90018BAFDC7098619A4A95B046B30F3][6 42752
]C:\WINDOWS\SYSTEM32\DRIVERS\p3.sys
[5575FAF8F97CE5E713D108C2A58D7C7C][6 80128
]C:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS
[6DDCF3F801EC15FE698F6A215CF30A1F][1 35816
]C:\WINDOWS\SYSTEM32\DRIVERS\PARTIZAN.SYS
[BEB3BA25197665D82EC7065B724171C6][6 19712
]C:\WINDOWS\SYSTEM32\DRIVERS\PARTMGR.SYS
[70E98B3FD8E963A6A46A2E6247E0BEA1][6 6784
]C:\WINDOWS\SYSTEM32\DRIVERS\PARVDM.SYS
[A219903CCF74233761D92BEF471A07B1][6 68224
]C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS
[CCF5F451BB1A5A2A522A76E670000FF0][1 3328
]C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS
[52E60F29221D0D1AC16737E8DBF7C3E9][6 24960
]C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDEX.SYS
[9E89EF60E9EE05E3F2EEF2DA7397F1C1][6 120192
]C:\WINDOWS\SYSTEM32\DRIVERS\pcmcia.sys
[F0204861CEA69F8CE7A912FE6EAB0E02][1 138184 1B1357630A2491F62E9F71BB0CA
3551851B90A68 ]C:\WINDOWS\SYSTEM32\DRIVERS\PnkBstrK.sys
[E82A496C3961EFC6828B508C310CE98F][6 146048
]C:\WINDOWS\SYSTEM32\DRIVERS\PORTCLS.SYS
[A32BEBAF723557681BFC6BD93E98BD26][6 35840
]C:\WINDOWS\SYSTEM32\DRIVERS\PROCESSR.SYS
[09298EC810B07E5D582CB3A3F9255424][6 69120
]C:\WINDOWS\SYSTEM32\DRIVERS\PSCHED.SYS
[80D317BD1C3DBC5D4FE7B1678C60CADD][6 17792
]C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS
[153D02480A0A2F45785522E814C634B6][1 44944
]C:\WINDOWS\SYSTEM32\DRIVERS\PXHELP20.SYS
[FE0D99D6F31E4FAD8159F690D68DED9C][6 8832
]C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS
[11B4A627BC9614B885C4969BFA5FF8A6][6 51328
]C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS
[5BC962F2654137C9909C3D4603587DEE][6 41472
]C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS
[EFEEC01B1D3CF84F16DDD24D9D9D8F99][6 48384
]C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS
[FDBB1D60066FCFBB7452FD8F9829B242][6 16512
]C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS
[01524CD237223B18ADBB48F70083F101][6 34432
]C:\WINDOWS\SYSTEM32\DRIVERS\rawwan.sys
[7AD224AD1A1437FE28D89CF22B17780A][6 175744
]C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS
[4912D5B403614CE99C28420F75353332][6 4224
]C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS
[15CABD0F7C00C47C70124907916AF3F1][6 196224
]C:\WINDOWS\SYSTEM32\DRIVERS\RDPDR.SYS
[6728E45B66F93C08F11DE2E316FC70DD][6 139656
]C:\WINDOWS\SYSTEM32\DRIVERS\rdpwd.sys
[F828DD7E1419B6653894A8F97A0094C5][6 57600
]C:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS
[37ECEBDD930395A9C399FB18A3C236D3][1 24416
]C:\WINDOWS\SYSTEM32\DRIVERS\REGGUARD.SYS
[A56FE08EC7473E8580A390BB1081CDD7][6 12032
]C:\WINDOWS\SYSTEM32\DRIVERS\rio8drv.sys
[0A854DF84C77A0BE205BFEAB2AE4F0EC][6 12032
]C:\WINDOWS\SYSTEM32\DRIVERS\riodrv.sys
[ECFF394D65671EFDE5A872EB9EF4F2D5][6 202624
]C:\WINDOWS\SYSTEM32\DRIVERS\RMCast.sys
[601844CBCF617FF8C868130CA5B2039D][6 30592
]C:\WINDOWS\SYSTEM32\DRIVERS\rndismp.sys
[D8B0B4ADE32574B2D9C5CC34DC0DBBE7][6 5888
]C:\WINDOWS\SYSTEM32\DRIVERS\rootmdm.sys
[1EBDE650D97A8ECCDC1CC4A0804647CD][1 4449280
]C:\WINDOWS\SYSTEM32\DRIVERS\RTKHDAUD.SYS
[76C465F570E90C28942D52CCB2580A10][6 96384
]C:\WINDOWS\SYSTEM32\DRIVERS\SCSIPORT.SYS
[8D04819A3CE51B9EB47E5689B44D43C4][6 79232
]C:\WINDOWS\SYSTEM32\DRIVERS\sdbus.sys
[90A3935D05B494A5A39D37E71F09A677][6 20480
]C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS
[0F29512CCD6BEAD730039FB4BD2C85CE][6 15744
]C:\WINDOWS\SYSTEM32\DRIVERS\SERENUM.SYS
[CCA207A8896D4C6A0C9CE29A4AE411A7][6 64512
]C:\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS
[0FA803C64DF0914B41F807EA276BF2A6][6 11904
]C:\WINDOWS\SYSTEM32\DRIVERS\sffdisk.sys
[D66D22D76878BF3483A6BE30183FB648][6 10240
]C:\WINDOWS\SYSTEM32\DRIVERS\sffp_mmc.sys
[C17C331E435ED8737525C86A7557B3AC][6 11008
]C:\WINDOWS\SYSTEM32\DRIVERS\sffp_sd.sys
[8E6B8C671615D126FDC553D1E2DE5562][6 11392
]C:\WINDOWS\SYSTEM32\DRIVERS\sfloppy.sys
[866D538EBE33709A5C9F5C62B73B7D14][1 11136
]C:\WINDOWS\SYSTEM32\DRIVERS\SLIP.SYS
[017DAECF0ED3AA731313433601EC40FA][6 14592
]C:\WINDOWS\SYSTEM32\DRIVERS\smclib.sys
[489703624DAC94ED943C2ABDA022A1CD][6 25344
]C:\WINDOWS\SYSTEM32\DRIVERS\sonydcam.sys
[AB8B92451ECB048A4D1DE7C3FFCB4A9F][6 6272
]C:\WINDOWS\SYSTEM32\DRIVERS\SPLITTER.SYS
[ -32][2 691696
]C:\WINDOWS\SYSTEM32\DRIVERS\SPTD.SYS
[76BB022C2FB6902FD5BDD4F78FC13A5D][6 73472
]C:\WINDOWS\SYSTEM32\DRIVERS\SR.SYS
[5252605079810904E31C332E241CD59B][6 334848
]C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS
[3E5D89099DED9E86E5639F411693218F][6 49408
]C:\WINDOWS\SYSTEM32\DRIVERS\stream.sys
[77813007BA6265C4B6098187E6ED79D2][1 15232
]C:\WINDOWS\SYSTEM32\DRIVERS\STREAMIP.SYS
[3941D127AEF12E93ADDF6FE6EE027E0F][6 4352
]C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS
[8CE882BCC6CF8A62F2B2323D95CB3D01][6 56576
]C:\WINDOWS\SYSTEM32\DRIVERS\SWMIDI.SYS
[8B83F3ED0F1688B4958F77CD6D2BF290][6 60800
]C:\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS
[FD6093E3DECD925F1CFFC8A0DD539D72][6 14976
]C:\WINDOWS\SYSTEM32\DRIVERS\tape.sys
[68F06FE0021B01E670AF37B8C5964FDF][2 361344
]C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
[AA7A55536096D646DC7AB0AC5641E9E8][6 225664
]C:\WINDOWS\SYSTEM32\DRIVERS\tcpip6.sys
[0539D5E53587F82D1B4FD74C5BE205CF][6 19072
]C:\WINDOWS\SYSTEM32\DRIVERS\TDI.SYS
[6471A66807F5E104E4885F5B67349397][6 12040
]C:\WINDOWS\SYSTEM32\DRIVERS\tdpipe.sys
[C56B6D0402371CF3700EB322EF3AAF61][6 21896
]C:\WINDOWS\SYSTEM32\DRIVERS\tdtcp.sys
[88155247177638048422893737429D9E][6 40840
]C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS
[699450901C5CCFD82357CBC531CEDD23][6 51712
]C:\WINDOWS\SYSTEM32\DRIVERS\tosdvd.sys
[D74A8EC75305F1D3CFDE7C7FC1BD62A9][6 21376
]C:\WINDOWS\SYSTEM32\DRIVERS\tsbvcap.sys
[8F861EDA21C05857EB8197300A92501C][6 12288
]C:\WINDOWS\SYSTEM32\DRIVERS\tunmp.sys
[5787B80C2E3C5E2F56C2A233D91FA2C9][6 66048
]C:\WINDOWS\SYSTEM32\DRIVERS\udfs.sys
[9EC06B9D9F578C8962911C7C95246788][1 12808 53DE94EFD1727BCF8E3F177C858
2FB170B9D9C7C ]C:\WINDOWS\SYSTEM32\DRIVERS\UnHackMeDrv.sys
[402DDC88356B1BAC0EE3DD1580C76A31][6 384768
]C:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS
[BEE793D4A059CAEA55D6AC20E19B3A8F][6 12800
]C:\WINDOWS\SYSTEM32\DRIVERS\usb8023.sys
[E919708DB44ED8543A7C017953148330][1 60032
]C:\WINDOWS\SYSTEM32\DRIVERS\USBAUDIO.SYS
[1C1A47B40C23358245AA8D0443B6935E][6 25600
]C:\WINDOWS\SYSTEM32\DRIVERS\usbcamd.sys
[CE97845D2E3F0D274B8BAC1ED07C6149][6 25728
]C:\WINDOWS\SYSTEM32\DRIVERS\usbcamd2.sys
[173F317CE0DB8E21322E71B7E60A27E8][1 32128
]C:\WINDOWS\SYSTEM32\DRIVERS\USBCCGP.SYS
[596EB39B50D6EBD9B734DC4AE0544693][1 4736
]C:\WINDOWS\SYSTEM32\DRIVERS\USBD.SYS
[65DCF09D0E37D4C6B11B5B0B76D470A7][1 30208
]C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS
[1AB3CDDE553B6E064D2E754EFE20285C][1 59520
]C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS
[290913DC4F1125E5A82DE52579A44C43][6 15872
]C:\WINDOWS\SYSTEM32\DRIVERS\usbintel.sys
[0DAECCE65366EA32B162F85F07C6753B][1 17152
]C:\WINDOWS\SYSTEM32\DRIVERS\USBOHCI.SYS
[791912E524CC2CC6F50B5F2B52D1EB71][1 143872
]C:\WINDOWS\SYSTEM32\DRIVERS\USBPORT.SYS
[A32426D9B14A089EAA1D922E0C5801A9][1 26368
]C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS
[63BBFCA7F390F4C49ED4B96BFB1633E0][1 121984
]C:\WINDOWS\SYSTEM32\DRIVERS\USBVIDEO.SYS
[55E01061C74A8CEFFF58DC36114A8D3F][6 58112
]C:\WINDOWS\SYSTEM32\DRIVERS\vdmindvd.sys
[0D3A8FAFCEACD8B7625CD549757A7DF1][6 20992
]C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS
[E28726B72C46821A28830E077D39A55B][6 81664
]C:\WINDOWS\SYSTEM32\DRIVERS\VIDEOPRT.SYS
[4C8FCB5CC53AAB716D810740FE59D025][6 52352
]C:\WINDOWS\SYSTEM32\DRIVERS\VOLSNAP.SYS
[E20B95BAEDB550F32DD489265C1DA1F6][6 34560
]C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS
[6768ACF64B18196494413695F0C3A00F][6 83072
]C:\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS
[2F31B7F954BED437F2C75026C65CAF7B][6 4352
]C:\WINDOWS\SYSTEM32\DRIVERS\WMILIB.SYS
[1385E5AA9C9821790D33A9563B8D2DD0][1 18944
]C:\WINDOWS\SYSTEM32\DRIVERS\wpdusb.sys
[6ABE6E225ADB5A751622A9CC3BC19CE8][6 12032
]C:\WINDOWS\SYSTEM32\DRIVERS\ws2ifsl.sys
[C98B39829C2BBD34E454150633C62C78][1 19200
]C:\WINDOWS\SYSTEM32\DRIVERS\WSTCODEC.SYS
[4D83ED8BDDEC431FC8AD907B47CFB6E3][6 367616
]C:\WINDOWS\SYSTEM32\DSOUND.DLL
[8E16BF5600797E678EA97051CF93E6BF][6 10752
]C:\WINDOWS\SYSTEM32\DUMPREP.EXE
[2187855A7703ADEF0CEF9EE4285182CC][6 33792
]C:\WINDOWS\SYSTEM32\EAPSVC.DLL
[BC93B4A066477954555966D77FEC9ECB][6 23040
]C:\WINDOWS\SYSTEM32\ERSVC.DLL
[19A799805B24990867B00C120D300C3A][6 246272
]C:\WINDOWS\SYSTEM32\ES.DLL
[4329EE7D502C9113EBA0F9570392F5EE][1 134400
]C:\WINDOWS\SYSTEM32\HAL.DLL
[877C90686858D899B042BBA45E9B7F2C][1 199680
]C:\WINDOWS\SYSTEM32\IAC25_32.AX
[7E86D471EF8DED7B9D15106002120271][6 80384
]C:\WINDOWS\SYSTEM32\ICCVID.DLL
[729DA5D23A9AD20A6AA353156A126420][1 11063808
]C:\WINDOWS\SYSTEM32\IEFRAME.DLL
[577E496F0D41411BF149394D80959D53][1 16384
]C:\WINDOWS\SYSTEM32\IMAADP32.ACM
[30DEAF54A9755BB8546168CFE8A6B5E1][6 150528
]C:\WINDOWS\SYSTEM32\IMAPI.EXE
[9DD302F647227DE5133E2B5E09A5E63F][6 691712
]C:\WINDOWS\SYSTEM32\INETCOMM.DLL
[83F41D0D89645D7235C051AB1D9523AC][6 331264
]C:\WINDOWS\SYSTEM32\IPNATHLP.DLL
[43ECA1576906BA76FB3E329A338A3CAE][6 199168
]C:\WINDOWS\SYSTEM32\IR32_32.DLL
[948E1498C6438625247F94534AAA82FE][1 848384
]C:\WINDOWS\SYSTEM32\IR41_32.AX
[5F10DC19D92CCF6B719B494572F4F74B][6 755200
]C:\WINDOWS\SYSTEM32\IR50_32.DLL
[0EC5ECE8762728ED734258B22D348A32][6 138240
]C:\WINDOWS\SYSTEM32\ITSS.DLL
[F201B7FE27967BC6EC3FA37619646439][6 47616
]C:\WINDOWS\SYSTEM32\IYUV_32.DLL
[945FBB881AE927A44DFD96440F2F4F44][6 7040
]C:\WINDOWS\SYSTEM32\KDCOM.DLL
[B17DEFD576AE373E7A1A2C75665E4549][6 299520
]C:\WINDOWS\SYSTEM32\KERBEROS.DLL
[8878BD685E490239777BFE51320B88E9][6 61440
]C:\WINDOWS\SYSTEM32\KMSVC.DLL
[4B4FD61EBB404842EB5823A50A3A58A9][2 290816
]C:\WINDOWS\SYSTEM32\L3CODECA.ACM
[A7DB739AE99A796D91580147E919CC59][6 13824
]C:\WINDOWS\SYSTEM32\LMHSVC.DLL
[00E153AA04E6D7E01037D49E4060218B][1 87424
]C:\WINDOWS\SYSTEM32\LMIINIT.DLL
[AFD7C3BEDAC3E4CE0EA34D83BFABC2D1][1 29568
]C:\WINDOWS\SYSTEM32\LMIPORT.DLL
[D8AD3D7F927C686B8C233221513DA628][6 343040
]C:\WINDOWS\SYSTEM32\LOCALSPL.DLL
[AAED593F84AFA419BBAE8572AF87CF6A][6 75264
]C:\WINDOWS\SYSTEM32\LOCATOR.EXE
[2081A5B5E4ABA206A0A8A1A97DF0FB23][1 514560
]C:\WINDOWS\SYSTEM32\LOGONUI.EXE
[012DF358CEBAA23ACB26D82077820817][6 22016
]C:\WINDOWS\SYSTEM32\LPK.DLL
[BF2466B3E18E970D8A976FB95FC1CA85][6 13312
]C:\WINDOWS\SYSTEM32\LSASS.EXE
[6807B4DD2CCF60745C1333D6C17DE173][6 1028096
]C:\WINDOWS\SYSTEM32\MFC42.DLL
[5C12660A97822F6E61576943B49AAAD6][1 18944
]C:\WINDOWS\SYSTEM32\MIDIMAP.DLL
[D18F1F0C101D06A1C1ADF26EED16FCDD][1 32768
]C:\WINDOWS\SYSTEM32\MNMSRVC.EXE
[7E699FF5F59B5D9DE5390E3C34C67CF5][6 53248
]C:\WINDOWS\SYSTEM32\MPRDIM.DLL
[9A3BD5F55AADFF859539142F6328A66E][1 20480
]C:\WINDOWS\SYSTEM32\MSACM32.DRV
[C5648BE5409E0AABDA8C9047BAC8F603][1 14848
]C:\WINDOWS\SYSTEM32\MSADP32.ACM
[CB9C24E95606A65397D1A00928BA9B77][1 294912
]C:\WINDOWS\SYSTEM32\MSAUD32.ACM
[C99248B969A799B771F484CD68BCB96E][1 282112
]C:\WINDOWS\SYSTEM32\MSCOREE.DLL
[A137F1470499A205ABBB9AAFB3B6F2B1][1 6144
]C:\WINDOWS\SYSTEM32\MSDTC.EXE
[33271A2667334B9A8842C65A079EF375][1 9216
]C:\WINDOWS\SYSTEM32\MSG711.ACM
[B87F759738C52E8D6FBCDAAA84C6486F][1 118784
]C:\WINDOWS\SYSTEM32\MSG723.ACM
[3A9846E207DAFC13009C048A2F6F8C2A][1 19968
]C:\WINDOWS\SYSTEM32\MSGSM32.ACM
[986B1FF5814366D71E0AC5755C88F2D3][6 33792
]C:\WINDOWS\SYSTEM32\MSGSVC.DLL
[C6FD300A6100AC89BC4CB944C19FA2A9][1 188416
]C:\WINDOWS\SYSTEM32\MSH261.DRV
[7D529AA41EA993357F8C3D7E92C2372A][1 294912
]C:\WINDOWS\SYSTEM32\MSH263.DRV
[D469A0EBA2EF5C6BEE8065B7E3196E5E][1 5937152
]C:\WINDOWS\SYSTEM32\MSHTML.DLL
[7F7BC88C8FB6B52989E0E93084B5E678][1 95744
]C:\WINDOWS\SYSTEM32\MSIEXEC.EXE
[140EF97B64F560FD78643CAE2CDAD838][1 25088
]C:\WINDOWS\SYSTEM32\MSPMSNSV.DLL
[374140237756D58BB842657462A0DF1D][6 11264
]C:\WINDOWS\SYSTEM32\MSRLE32.DLL
[0F152F4E57FDF9E8E8BDFEA583A4926B][6 132608
]C:\WINDOWS\SYSTEM32\MSV1_0.DLL
[355EDBB4D412B01F1740C17E3F50FA00][1 343040
]C:\WINDOWS\SYSTEM32\MSVCRT.DLL
[6EF2B7676E92B9452AAB164339B69084][6 25600
]C:\WINDOWS\SYSTEM32\MSVIDC32.DLL
[3F0CF84469AD2DC8382312814A223BCE][6 1428992
]C:\WINDOWS\SYSTEM32\MSVIDCTL.DLL
[B4138E99236F0F57D4CF49BAE98A0746][6 245248
]C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
[CE638EFF365DA822A9C70654A40861C7][6 16896
]C:\WINDOWS\SYSTEM32\MSYUV.DLL
[B857BA82860D7FF85AE29B095645563B][6 111104
]C:\WINDOWS\SYSTEM32\NETDDE.EXE
[13E67B55B3ABD7BF3FE7AAE5A0F9A9DE][6 198144
]C:\WINDOWS\SYSTEM32\NETMAN.DLL
[27D9ED8CB8B62D1E0A8E5ACE6CF52E2F][6 706048
]C:\WINDOWS\SYSTEM32\NTDLL.DLL
[7F653A89F6E89E3AE0D49830EECE35D4][1 2023936
]C:\WINDOWS\SYSTEM32\NTKRNLPA.EXE
[156F64A3345BD23C600655FB4D10BC08][6 435200
]C:\WINDOWS\SYSTEM32\NTMSSVC.DLL
[5652F6CE1D9E9D8068B9D29BC21B5409][6 84992
]C:\WINDOWS\SYSTEM32\OLEPRO32.DLL
[222DE7F5EDB9DDBE628384A1A8BE59CE][6 15360
]C:\WINDOWS\SYSTEM32\PJLMON.DLL
[0102140028FAD045756796E1C685D695][6 291328
]C:\WINDOWS\SYSTEM32\QAGENTRT.DLL
[574738F61FCA2935F5265DC4E5691314][6 409088
]C:\WINDOWS\SYSTEM32\QMGR.DLL
[AD188BE7BDF94E8DF4CA0A55C00A5073][6 88576
]C:\WINDOWS\SYSTEM32\RASAUTO.DLL
[76A9A3CBEADD68CC57CDA5E1D7448235][6 186368
]C:\WINDOWS\SYSTEM32\RASMANS.DLL
[5B19B557B0C188210A56A6B699D90B8F][6 59904
]C:\WINDOWS\SYSTEM32\REGSVC.DLL
[ -32][2 164746
]C:\WINDOWS\SYSTEM32\RFTVXC.DLL
[2589FE6015A316C0F5D5112B4DA7B509][6 399360
]C:\WINDOWS\SYSTEM32\RPCSS.DLL
[471B3F9741D762ABE75E9DEEA4787E47][6 132608
]C:\WINDOWS\SYSTEM32\RSVP.EXE
[72451FD61DDBB0A1FB071B7C3CDE5594][6 92672
]C:\WINDOWS\SYSTEM32\RSVPSP.DLL
[037B1E7798960E0420003D05BB577EE6][1 33280
]C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
[86D007E7A654B9A71D1D7D856B104353][6 95744
]C:\WINDOWS\SYSTEM32\SCARDSVR.EXE
[A86BB5E61BF3E39B62AB4C7E7085A084][6 181248
]C:\WINDOWS\SYSTEM32\SCECLI.DLL
[C61E8ECFFDBF05FF71D079BBD35396B3][6 144384
]C:\WINDOWS\SYSTEM32\SCHANNEL.DLL
[0A9A7365A1CA4319AA7C1D6CD8E4EAFA][6 192512
]C:\WINDOWS\SYSTEM32\SCHEDSVC.DLL
[63FF9068E5BDA0BC9ECD38FBBB216E24][6 20480
]C:\WINDOWS\SYSTEM32\SCLGNTFY.DLL
[CBE612E2BB6A10E3563336191EDA1250][6 18944
]C:\WINDOWS\SYSTEM32\SECLOGON.DLL
[7FDD5D0684ECA8C1F68B4D99D124DCD0][6 39424
]C:\WINDOWS\SYSTEM32\SENS.DLL
[0E776ED5F7CC9F94299E70461B7B8185][6 108544
]C:\WINDOWS\SYSTEM32\SERVICES.EXE
[3C37BF86641BDA977C3BF8A840F3B7FA][6 141312
]C:\WINDOWS\SYSTEM32\SESSMGR.EXE
[600D58665D16BFBB776EFEFB0E80532D][2 1614848 C9719F14EAB06CF0B5422BAD7BE
E950A7C308768 ]C:\WINDOWS\SYSTEM32\SFCFILES.DLL
[26CB10FA893F940AB09713FF46DCDADE][1 1499136
]C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
[0CF50B1F45DAB08430C1DBB79FE2CA5B][1 8461312
]C:\WINDOWS\SYSTEM32\SHELL32.DLL
[1926899BF9FFE2602B63074971700412][6 135168
]C:\WINDOWS\SYSTEM32\SHSVCS.DLL
[D79524DFBC24FA484DF5C277447D2F7F][1 48464
]C:\WINDOWS\SYSTEM32\SIRENACM.DLL
[0DBB250A89E2E1C9281009AC269F0805][1 86016
]C:\WINDOWS\SYSTEM32\SL_ANET.ACM
[C7ABBC59B43274B1109DF6B24D617051][6 89600
]C:\WINDOWS\SYSTEM32\SMLOGSVC.EXE
[5F816C1F539266D2D4C78694239DA0B5][6 50688
]C:\WINDOWS\SYSTEM32\SMSS.EXE
[D8E14A61ACC1D4A6CD0D38AEBAC7FA3B][6 57856
]C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
[3805DF0AC4296A34BA4BF93B346CC378][6 171008
]C:\WINDOWS\SYSTEM32\SRSVC.DLL
[F385F4B02C535BFFE1D70CAB80838123][6 96768
]C:\WINDOWS\SYSTEM32\SRVSVC.DLL
[0A5679B3714EDAB99E357057EE88FCA6][6 71680
]C:\WINDOWS\SYSTEM32\SSDPSRV.DLL
[50512FC9B7878E3C2C147BC17326A7DB][1 121856
]C:\WINDOWS\SYSTEM32\STOBJECT.DLL
[27C6D03BCDB8CFEB96B716F3D8BE3E18][6 14336
]C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[C504A9FE17F997F8B1F8561D0A68DE52][1 300544
]C:\WINDOWS\SYSTEM32\SYSDM.CPL
[3CB78C17BB664637787C9A1C98F79C38][6 249856
]C:\WINDOWS\SYSTEM32\TAPISRV.DLL
[AE0382AD9C73D343D85E1A50C80B7C20][6 45568
]C:\WINDOWS\SYSTEM32\TCPMON.DLL
[FF3477C03BE7201C294C35F684B3479F][6 295424
]C:\WINDOWS\SYSTEM32\TERMSRV.DLL
[DB7205804759FF62C34E3EFD8A4CC76A][6 73216
]C:\WINDOWS\SYSTEM32\TLNTSVR.EXE
[55BCA12F7F523D35CA3CB833C725F54E][6 90112
]C:\WINDOWS\SYSTEM32\TRKWKS.DLL
[1A235B74C54F236B7667AB67E8AE3820][6 8192
]C:\WINDOWS\SYSTEM32\TSBYUV.DLL
[E8CD0D7E169ECCE2D4FD829DAAB786ED][1 8192
]C:\WINDOWS\SYSTEM32\TSSOFT32.ACM
[1EBAFEB9A3FBDC41B8D9C7F0F687AD91][6 185856
]C:\WINDOWS\SYSTEM32\UPNPHOST.DLL
[05365FB38FCA1E98F7A566AAAF5D1815][6 18432
]C:\WINDOWS\SYSTEM32\UPS.EXE
[05642AE6A7BDAA7541A7451F5A4C6512][1 1206784
]C:\WINDOWS\SYSTEM32\URLMON.DLL
[F26385E8BA4549B5186B774EC0E45D86][6 16896
]C:\WINDOWS\SYSTEM32\USBMON.DLL
[B26B135FF1B9F60C9388B4A7D16F600B][1 578560
]C:\WINDOWS\SYSTEM32\USER32.DLL
[A93AEE1928A9D7CE3E16D24EC7380F89][6 26112
]C:\WINDOWS\SYSTEM32\USERINIT.EXE
[7A2CC3719B255E6B5D74396183B7715B][1 218624
]C:\WINDOWS\SYSTEM32\UXTHEME.DLL
[E2A57AC21705D3A05BB89BE201FA5C0C][1 53760
]C:\WINDOWS\SYSTEM32\VFWWDM32.DLL
[7A9DB3A67C333BF0BD42E42B8596854B][6 289792
]C:\WINDOWS\SYSTEM32\VSSVC.EXE
[54AF4B1D5459500EF0937F6D33B1914F][6 175104
]C:\WINDOWS\SYSTEM32\W32TIME.DLL
[6100A808600F44D999CEBDEF8841C7A3][6 15872
]C:\WINDOWS\SYSTEM32\W3SSL.DLL
[9A10AACBFDC4922715375FB4065EC930][6 17664
]C:\WINDOWS\SYSTEM32\WATCHDOG.SYS
[E0673F1106E62A68D2257E376079F821][6 126464
]C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE
[2D0E4ED081963804CCC196A0929275B5][6 144896
]C:\WINDOWS\SYSTEM32\WBEM\WMISVC.DLL
[AB0A7CA90D9E3D6A193905DC1715DED0][1 38912
]C:\WINDOWS\SYSTEM32\WDFMGR.EXE
[CEFCC6A64983EB8119F3A07A0C1EDE30][6 49152
]C:\WINDOWS\SYSTEM32\WDIGEST.DLL
[680B56A8B62D1BCF4A0B2AAAD03D88E4][1 23552
]C:\WINDOWS\SYSTEM32\WDMAUD.DRV
[CC8915DB4E33E8FB29CA0D2DBF75306E][1 236544
]C:\WINDOWS\SYSTEM32\WEBCHECK.DLL
[77A354E28153AD2D5E120A5A8687BC06][6 68096
]C:\WINDOWS\SYSTEM32\WEBCLNT.DLL
[477BB51076B926E1A68840C267540042][6 75776
]C:\WINDOWS\SYSTEM32\WIASCR.DLL
[8BAD69CBAC032D4BBACFCE0306174C30][6 333824
]C:\WINDOWS\SYSTEM32\WIASERVC.DLL
[DE01D79A607C7B9AE7FF88E934D0FFB2][6 1845632
]C:\WINDOWS\SYSTEM32\WIN32K.SYS
[ED0EF0A136DEC83DF69F04118870003E][1 507904
]C:\WINDOWS\SYSTEM32\WINLOGON.EXE
[D72B9EC3337B247A666F098F3D6B43DE][6 16896
]C:\WINDOWS\SYSTEM32\WINRNR.DLL
[1B67B632786FEF1C1BBAEF46C2F3F2E6][6 132096
]C:\WINDOWS\SYSTEM32\WKSSVC.DLL
[2CC34E8BB667EEF78899546E12649196][6 92672
]C:\WINDOWS\SYSTEM32\WLNOTIFY.DLL
[F92E1076C42FCD6DB3D72D8CFE9816D5][6 13824
]C:\WINDOWS\SYSTEM32\WSCNTFY.EXE
[7C278E6408D1DCE642230C0585A854D5][6 80896
]C:\WINDOWS\SYSTEM32\WSCSVC.DLL
[35321FB577CDC98CE3EB3A3EB9E4610A][6 6656
]C:\WINDOWS\SYSTEM32\WUAUSERV.DLL
[81DC3F549F44B1C1FFF022DEC9ECF30B][6 483840
]C:\WINDOWS\SYSTEM32\WZCSVC.DLL
[295D21F14C335B53CB8154E5B1F892B9][6 129024
]C:\WINDOWS\SYSTEM32\XMLPROV.DLL
===
[MBR]
[MD5=D0D78552330424127A42FB11AC414640]
M8CO0LwAfPtQB1Af/L4bfL8bBlBXueUB86TLvb4HsQQ4bgB8CXUTg8UQ4vTNGIv1g8YQSXQZ
OCx09qC1B7QHi/CsPAB0/LsHALQOzRDr8ohOEOhGAHMq/kYQgH4EC3QLgH4EDHQFoLYHddKA
RgIGg0YIBoNWCgDoIQBzBaC2B+u8gT7+fVWqdAuAfhAAdMigtwfrqYv8HleL9cu/BQCKVgC0
CM0TciOKwSQ/mIreivxD9+OL0YbWsQbS7kL34jlWCncjcgU5RghzHLgBArsAfItOAotWAM0T
c1FPdE4y5IpWAM0T6+SKVgBgu6pVtEHNE3I2gftVqnUw9sEBdCthYGoAagD/dgr/dghqAGgA
fGoBahC0Qov0zRNhYXMOT3QLMuSKVgDNE+vWYfnDSW52YWxpZCBwYXJ0aXRpb24gdGFibGUA
RXJyb3IgbG9hZGluZyBvcGVyYXRpbmcgc3lzdGVtAE1pc3Npbmcgb3BlcmF0aW5nIHN5c3Rl
bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAsRGM=
===

Regrunlog

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Regrunlog

Uploaded by

Copyright:

Available Formats

SpyHolesList Version:7.1 Build:6.9.7.

[Loaded DLLs] C:\WINDOWS\system32\LSASRV.dll

You might also like