Having Problems Again!!!

[Pumpa]

Displaying Windows Services:

Name: Alerter
Display Name: Alerter
Description: Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k LocalService
Start Mode: Disabled
State: Stopped

Name: ALG
Display Name: Application Layer Gateway Service
Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall.
Path Name: H:\WINDOWS\System32\alg.exe
Start Mode: Manual
State: Running

Name: AppMgmt
Display Name: Application Management
Description: Provides software installation services such as Assign, Publish, and Remove.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: AudioSrv
Display Name: Windows Audio
Description: Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: AVG Anti-Spyware Guard
Display Name: AVG Anti-Spyware Guard
Description:
Path Name: H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
Start Mode: Auto
State: Running

Name: BITS
Display Name: Background Intelligent Transfer Service
Description: Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Stopped

Name: Browser
Display Name: Computer Browser
Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: ccEvtMgr
Display Name: Symantec Event Manager
Description: Event propagation and logging service
Path Name: "H:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
Start Mode: Auto
State: Running

Name: ccProxy
Display Name: Symantec Network Proxy
Description: Symantec Proxy Service
Path Name: "H:\Program Files\Common Files\Symantec Shared\ccProxy.exe"
Start Mode: Auto
State: Running

Name: ccPwdSvc
Display Name: Symantec Password Validation
Description: User account management service
Path Name: "H:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"
Start Mode: Manual
State: Stopped

Name: ccSetMgr
Display Name: Symantec Settings Manager
Description: Settings storage and management service
Path Name: "H:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
Start Mode: Auto
State: Running

Name: CiSvc
Display Name: Indexing Service
Description: Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language.
Path Name: H:\WINDOWS\system32\cisvc.exe
Start Mode: Manual
State: Stopped

Name: ClipSrv
Display Name: ClipBook
Description: Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\clipsrv.exe
Start Mode: Disabled
State: Stopped

Name: COMSysApp
Display Name: COM+ System Application
Description: Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Start Mode: Manual
State: Stopped

Name: CryptSvc
Display Name: Cryptographic Services
Description: Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: DcomLaunch
Display Name: DCOM Server Process Launcher
Description: Provides launch functionality for DCOM services.
Path Name: H:\WINDOWS\system32\svchost -k DcomLaunch
Start Mode: Auto
State: Running

Name: DefWatch
Display Name: Symantec AntiVirus Definition Watcher
Description: Monitors and maintains virus definitions.
Path Name: "H:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe"
Start Mode: Auto
State: Running

Name: Dhcp
Display Name: DHCP Client
Description: Manages network configuration by registering and updating IP addresses and DNS names.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: dmadmin
Display Name: Logical Disk Manager Administrative Service
Description: Configures hard disk drives and volumes. The service only runs for configuration processes and then stops.
Path Name: H:\WINDOWS\System32\dmadmin.exe /com
Start Mode: Manual
State: Stopped

Name: dmserver
Display Name: Logical Disk Manager
Description: Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: Dnscache
Display Name: DNS Client
Description: Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: ERSvc
Display Name: Error Reporting Service
Description: Allows error reporting for services and applictions running in non-standard environments.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: Eventlog
Display Name: Event Log
Description: Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped.
Path Name: H:\WINDOWS\system32\services.exe
Start Mode: Auto
State: Running

Name: EventSystem
Display Name: COM+ Event System
Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Running

Name: FastUserSwitchingCompatibility
Display Name: Fast User Switching Compatibility
Description: Provides management for applications that require assistance in a multiple user environment.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Running

Name: helpsvc
Display Name: Help and Support
Description: Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: HidServ
Display Name: HID Input Service
Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: HTTPFilter
Display Name: HTTP SSL
Description: This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\svchost.exe -k HTTPFilter
Start Mode: Manual
State: Running

Name: IDriverT
Display Name: InstallDriver Table Manager
Description: Provides support for the Running Object Table for InstallShield Drivers
Path Name: "H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
Start Mode: Manual
State: Stopped

Name: ImapiService
Display Name: IMAPI CD-Burning COM Service
Description: Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\imapi.exe
Start Mode: Manual
State: Stopped

Name: ISSVC
Display Name: IS Service
Description: Internet Security Service
Path Name: "H:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe"
Start Mode: Auto
State: Running

Name: lanmanserver
Display Name: Server
Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: lanmanworkstation
Display Name: Workstation
Description: Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: LmHosts
Display Name: TCP/IP NetBIOS Helper
Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
Path Name: H:\WINDOWS\system32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: LxrSII1s
Display Name: Lexar Secure II
Description:
Path Name: LxrSII1s.exe
Start Mode: Auto
State: Running

Name: MDM
Display Name: Machine Debug Manager
Description: Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly.
Path Name: "H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
Start Mode: Auto
State: Running

Name: Messenger
Display Name: Messenger
Description: Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Disabled
State: Stopped

Name: mnmsrvc
Display Name: NetMeeting Remote Desktop Sharing
Description: Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\mnmsrvc.exe
Start Mode: Manual
State: Stopped

Name: MSDTC
Display Name: Distributed Transaction Coordinator
Description: Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\msdtc.exe
Start Mode: Manual
State: Stopped

Name: MSIServer
Display Name: Windows Installer
Description: Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\msiexec.exe /V
Start Mode: Manual
State: Stopped

Name: NetDDE
Display Name: Network DDE
Description: Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\netdde.exe
Start Mode: Disabled
State: Stopped

Name: NetDDEdsdm
Display Name: Network DDE DSDM
Description: Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\netdde.exe
Start Mode: Disabled
State: Stopped

Name: Netlogon
Display Name: Net Logon
Description: Supports pass-through authentication of account logon events for computers in a domain.
Path Name: H:\WINDOWS\system32\lsass.exe
Start Mode: Manual
State: Stopped

Name: Netman
Display Name: Network Connections
Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Running

Name: Nla
Display Name: Network Location Awareness (NLA)
Description: Collects and stores network configuration and location information, and notifies applications when this information changes.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Running

Name: NtLmSsp
Display Name: NT LM Security Support Provider
Description: Provides security to remote procedure call (RPC) programs that use transports other than named pipes.
Path Name: H:\WINDOWS\system32\lsass.exe
Start Mode: Manual
State: Stopped

Name: NtmsSvc
Display Name: Removable Storage
Description:
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: NVSvc
Display Name: WinFast(R) Display Driver Service
Description: Provides system and desktop level support to the WinFast(R) display driver
Path Name: H:\WINDOWS\system32\nvsvc32.exe
Start Mode: Auto
State: Running

Name: ose
Display Name: Office Source Engine
Description: Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.
Path Name: "H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Start Mode: Manual
State: Stopped

Name: PlugPlay
Display Name: Plug and Play
Description: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
Path Name: H:\WINDOWS\system32\services.exe
Start Mode: Auto
State: Running

Name: PolicyAgent
Display Name: IPSEC Services
Description: Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver.
Path Name: H:\WINDOWS\system32\lsass.exe
Start Mode: Auto
State: Running

Name: ProtectedStorage
Display Name: Protected Storage
Description: Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users.
Path Name: H:\WINDOWS\system32\lsass.exe
Start Mode: Auto
State: Running

Name: RasAuto
Display Name: Remote Access Auto Connection Manager
Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: RasMan
Display Name: Remote Access Connection Manager
Description: Creates a network connection.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Running

Name: RDSessMgr
Display Name: Remote Desktop Help Session Manager
Description: Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box.
Path Name: H:\WINDOWS\system32\sessmgr.exe
Start Mode: Manual
State: Stopped

Name: RemoteAccess
Display Name: Routing and Remote Access
Description: Offers routing services to businesses in local area and wide area network environments.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Disabled
State: Stopped

Name: RemoteRegistry
Display Name: Remote Registry
Description: Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: RpcLocator
Display Name: Remote Procedure Call (RPC) Locator
Description: Manages the RPC name service database.
Path Name: H:\WINDOWS\system32\locator.exe
Start Mode: Manual
State: Stopped

Name: RpcSs
Display Name: Remote Procedure Call (RPC)
Description: Provides the endpoint mapper and other miscellaneous RPC services.
Path Name: H:\WINDOWS\system32\svchost -k rpcss
Start Mode: Auto
State: Running

Name: RSVP
Display Name: QoS RSVP
Description: Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets.
Path Name: H:\WINDOWS\system32\rsvp.exe
Start Mode: Manual
State: Stopped

Name: SamSs
Display Name: Security Accounts Manager
Description: Stores security information for local user accounts.
Path Name: H:\WINDOWS\system32\lsass.exe
Start Mode: Auto
State: Running

Name: SavRoam
Display Name: SAVRoam
Description: Symantec AntiVirus Roaming Service
Path Name: "H:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe"
Start Mode: Manual
State: Stopped

Name: SCardSvr
Display Name: Smart Card
Description: Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\SCardSvr.exe
Start Mode: Manual
State: Stopped

[Pumpa]

Name: Schedule
Display Name: Task Scheduler
Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: seclogon
Display Name: Secondary Logon
Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: SENS
Display Name: System Event Notification
Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: SharedAccess
Display Name: Windows Firewall/Internet Connection Sharing (ICS)
Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: ShellHWDetection
Display Name: Shell Hardware Detection
Description: Provides notifications for AutoPlay hardware events.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: SNDSrvc
Display Name: Symantec Network Drivers Service
Description: Symantec Network Drivers Service
Path Name: "H:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
Start Mode: Auto
State: Running

Name: SPBBCSvc
Display Name: Symantec SPBBCSvc
Description: Symantec SPBBC
Path Name: "H:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"
Start Mode: Manual
State: Stopped

Name: Spooler
Display Name: Print Spooler
Description: Loads files to memory for later printing.
Path Name: H:\WINDOWS\system32\spoolsv.exe
Start Mode: Auto
State: Running

Name: srservice
Display Name: System Restore Service
Description: Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Stopped

Name: SSDPSRV
Display Name: SSDP Discovery Service
Description: Enables discovery of UPnP devices on your home network.
Path Name: H:\WINDOWS\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Running

Name: stisvc
Display Name: Windows Image Acquisition (WIA)
Description: Provides image acquisition services for scanners and cameras.
Path Name: H:\WINDOWS\system32\svchost.exe -k imgsvc
Start Mode: Auto
State: Running

Name: SwPrv
Display Name: MS Software Shadow Copy Provider
Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\dllhost.exe /Processid:{AD984AA9-A233-48CF-B24B-9BAB0259E029}
Start Mode: Manual
State: Stopped

Name: Symantec AntiVirus
Display Name: Symantec AntiVirus
Description: Provides real-time virus scanning, reporting, and management functionality for Symantec AntiVirus.
Path Name: "H:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe"
Start Mode: Auto
State: Running

Name: SymSecurePort
Display Name: Symantec SecurePort
Description: Symantec SecurePort Service
Path Name: "H:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe"
Start Mode: Auto
State: Running

Name: SysmonLog
Display Name: Performance Logs and Alerts
Description: Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\smlogsvc.exe
Start Mode: Manual
State: Stopped

Name: TapiSrv
Display Name: Telephony
Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Running

Name: TermService
Display Name: Terminal Services
Description: Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.
Path Name: H:\WINDOWS\System32\svchost -k DComLaunch
Start Mode: Manual
State: Running

Name: Themes
Display Name: Themes
Description: Provides user experience theme management.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: TlntSvr
Display Name: Telnet
Description: Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\tlntsvr.exe
Start Mode: Disabled
State: Stopped

Name: TrkWks
Display Name: Distributed Link Tracking Client
Description: Maintains links between NTFS files within a computer or across computers in a network domain.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: UMWdf
Display Name: Windows User Mode Driver Framework
Description: Enables Windows user mode drivers.
Path Name: H:\WINDOWS\system32\wdfmgr.exe
Start Mode: Manual
State: Stopped

Name: upnphost
Display Name: Universal Plug and Play Device Host
Description: Provides support to host Universal Plug and Play devices.
Path Name: H:\WINDOWS\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: UPS
Display Name: Uninterruptible Power Supply
Description: Manages an uninterruptible power supply (UPS) connected to the computer.
Path Name: H:\WINDOWS\System32\ups.exe
Start Mode: Manual
State: Stopped

Name: usnjsvc
Display Name: Messenger Sharing Folders USN Journal Reader service
Description: Service installed by Messenger to enable sharing scenarios
Path Name: "H:\Program Files\MSN Messenger\usnsvc.exe"
Start Mode: Manual
State: Stopped

Name: VSS
Display Name: Volume Shadow Copy
Description: Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\vssvc.exe
Start Mode: Manual
State: Stopped

Name: W32Time
Display Name: Windows Time
Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: WebClient
Display Name: WebClient
Description: Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: winmgmt
Display Name: Windows Management Instrumentation
Description: Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: WMConnectCDS
Display Name: Windows Media Connect Service
Description: Shares media with media devices using Universal Plug and Play
Path Name: H:\Program Files\Windows Media Connect 2\wmccds.exe
Start Mode: Manual
State: Stopped

Name: WmdmPmSN
Display Name: Portable Media Serial Number Service
Description: Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: Wmi
Display Name: Windows Management Instrumentation Driver Extensions
Description: Provides systems management information to and from drivers.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: WmiApSrv
Display Name: WMI Performance Adapter
Description: Provides performance library information from WMI HiPerf providers.
Path Name: H:\WINDOWS\system32\wbem\wmiapsrv.exe
Start Mode: Manual
State: Stopped

Name: wscsvc
Display Name: Security Center
Description: Monitors system security settings and configurations.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: wuauserv
Display Name: Automatic Updates
Description: Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: WZCSVC
Display Name: Wireless Zero Configuration
Description: Provides automatic configuration for the 802.11 adapters
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: xmlprov
Display Name: Network Provisioning Service
Description: Manages XML configuration files on a domain basis for automatic network provisioning.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

[Pumpa]

------------------------------------------------------------------------------------

Displaying LOG for Microsoft Windows Malicious Software Removal Tool:
*** Microsoft Windows MRT Log NOT Found! ****
----------------------------------------------------------------------------
Listing HKCU Explorer\Advanced//Hidden and SuperHidden Registry Keys
if Hidden = 0 then Hidden Files and Folders are not shown
if SuperHidden = 1 is the desired default value.
if ShowSuperHidden = 0 then System Files are not shown
if HideFileExt = 1 then File Extension are not shown
We want their values to be (from top to bottom) 1,1,1,0
----------------------------------------------------------------------------

HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\advanced
Hidden REG_DWORD 1 (0x1)
SuperHidden REG_DWORD 1 (0x1)
ShowSuperHidden REG_DWORD 1 (0x1)
HideFileExt REG_DWORD 0 (0x0)

************************************************** **********************************

Examining Select Windows Registry Keys
------------------------------------------------------------------------------------

--------------------------------------------------------------------------
Items Found in ZoneMap\Domains:
--------------------------------------------------------------------------



HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\internet settings\zonemap\domains
<NO NAME> REG_SZ

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\internet settings\zonemap\domains\msn.com

----------------------------------------------------------------------------
Current User ZoneMap ProtocolDefaults
----------------------------------------------------------------------------



HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\internet settings\zonemap\protocoldefaults
<NO NAME> REG_SZ
http REG_DWORD 3 (0x3)
https REG_DWORD 3 (0x3)
ftp REG_DWORD 3 (0x3)
file REG_DWORD 3 (0x3)
@ivt REG_DWORD 1 (0x1)
shell REG_DWORD 0 (0x0)

----------------------------------------------------------------------------
Default URL Prefix Keys
----------------------------------------------------------------------------



HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\url

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\url\DefaultPrefix
<NO NAME> REG_SZ http://

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\url\Prefixes
ftp REG_SZ ftp://
gopher REG_SZ gopher://
home REG_SZ http://
mosaic REG_SZ http://
www REG_SZ http://

--------------------------------------------------------------------------
Startup Items Disabled via MSCONFIG:
--------------------------------------------------------------------------


--------------------------------------------------------------------------
Select AutoRun Registry Keys:
--------------------------------------------------------------------------



HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run
ctfmon.exe REG_SZ H:\WINDOWS\system32\ctfmon.exe
AnyDVD REG_SZ H:\Program Files\SlySoft\AnyDVD\AnyDVD.exe


HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\runonce


HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\runservices


HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run
High Definition Audio Property Page Shortcut REG_SZ HDAShCut.exe
SoundMan REG_SZ SOUNDMAN.EXE
AlcWzrd REG_SZ ALCWZRD.EXE
ccApp REG_SZ "H:\Program Files\Common Files\Symantec Shared\ccApp.exe"
vptray REG_SZ H:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
NeroFilterCheck REG_SZ H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
NvCplDaemon REG_SZ RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
NvMediaCenter REG_SZ RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
QuickTime Task REG_SZ "H:\Program Files\QuickTime\qttask.exe" -atboottime
OfficeKB REG_SZ H:\PROGRA~1\OfficeKB\OfficeKB.EXE
Easy-PrintToolBox REG_SZ H:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
SunJavaUpdateSched REG_SZ "H:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
THGuard REG_SZ "H:\Program Files\TrojanHunter 5.0\THGuard.exe"
000000af REG_SZ rundll32.exe "H:\WINDOWS\system32\bbatbpwm.dll",b

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run\OptionalComponents


HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\runonce


HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\runonceex


HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\runservices


HKEY_USERS\.default\software\microsoft\windows\cur rentversion\run


HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run


HKEY_USERS\s-1-5-19\software\microsoft\windows\currentversion\run


HKEY_USERS\s-1-5-20\software\microsoft\windows\currentversion\run

--------------------------------------------------------------------------
WinLogon Notify Registry Key:
--------------------------------------------------------------------------



HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain
Asynchronous REG_DWORD 0 (0x0)
Impersonate REG_DWORD 0 (0x0)
DllName REG_EXPAND_SZ crypt32.dll
Logoff REG_SZ ChainWlxLogoffEvent

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet
Asynchronous REG_DWORD 0 (0x0)
Impersonate REG_DWORD 0 (0x0)
DllName REG_EXPAND_SZ cryptnet.dll
Logoff REG_SZ CryptnetWlxLogoffEvent

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll
DLLName REG_SZ cscdll.dll
Logon REG_SZ WinlogonLogonEvent
Logoff REG_SZ WinlogonLogoffEvent
ScreenSaver REG_SZ WinlogonScreenSaverEvent
Startup REG_SZ WinlogonStartupEvent
Shutdown REG_SZ WinlogonShutdownEvent
StartShell REG_SZ WinlogonStartShellEvent
Impersonate REG_DWORD 0 (0x0)
Asynchronous REG_DWORD 1 (0x1)

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui
<NO NAME> REG_SZ
DLLName REG_SZ igfxdev.dll
Asynchronous REG_DWORD 1 (0x1)
Impersonate REG_DWORD 1 (0x1)
Unlock REG_SZ WinlogonUnlockEvent

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\NavLogon
Logoff REG_SZ NavLogoffEvent
DllName REG_SZ H:\WINDOWS\system32\NavLogon.dll
StartShell REG_SZ NavStartShellEvent
LoginDomain REG_SZ DT-32F7CC931ADE

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp
DLLName REG_SZ wlnotify.dll
Logon REG_SZ SCardStartCertProp
Logoff REG_SZ SCardStopCertProp
Lock REG_SZ SCardSuspendCertProp
Unlock REG_SZ SCardResumeCertProp
Enabled REG_DWORD 1 (0x1)
Impersonate REG_DWORD 1 (0x1)
Asynchronous REG_DWORD 1 (0x1)

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule
Asynchronous REG_DWORD 0 (0x0)
DllName REG_EXPAND_SZ wlnotify.dll
Impersonate REG_DWORD 0 (0x0)
StartShell REG_SZ SchedStartShell
Logoff REG_SZ SchedEventLogOff

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy
Logoff REG_SZ WLEventLogoff
Impersonate REG_DWORD 0 (0x0)
Asynchronous REG_DWORD 1 (0x1)
DllName REG_EXPAND_SZ sclgntfy.dll

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn
DLLName REG_SZ WlNotify.dll
Lock REG_SZ SensLockEvent
Logon REG_SZ SensLogonEvent
Logoff REG_SZ SensLogoffEvent
Safe REG_DWORD 1 (0x1)
MaxWait REG_DWORD 600 (0x258)
StartScreenSaver REG_SZ SensStartScreenSaverEvent
StopScreenSaver REG_SZ SensStopScreenSaverEvent
Startup REG_SZ SensStartupEvent
Shutdown REG_SZ SensShutdownEvent
StartShell REG_SZ SensStartShellEvent
PostShell REG_SZ SensPostShellEvent
Disconnect REG_SZ SensDisconnectEvent
Reconnect REG_SZ SensReconnectEvent
Unlock REG_SZ SensUnlockEvent
Impersonate REG_DWORD 1 (0x1)
Asynchronous REG_DWORD 1 (0x1)

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv
Asynchronous REG_DWORD 0 (0x0)
DllName REG_EXPAND_SZ wlnotify.dll
Impersonate REG_DWORD 0 (0x0)
Logoff REG_SZ TSEventLogoff
Logon REG_SZ TSEventLogon
PostShell REG_SZ TSEventPostShell
Shutdown REG_SZ TSEventShutdown
StartShell REG_SZ TSEventStartShell
Startup REG_SZ TSEventStartup
MaxWait REG_DWORD 600 (0x258)
Reconnect REG_SZ TSEventReconnect
Disconnect REG_SZ TSEventDisconnect

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon
Asynchronous REG_DWORD 0 (0x0)
Disconnect REG_SZ WLEventDisconnect
DllName REG_EXPAND_SZ WgaLogon.dll
Event REG_DWORD 1 (0x1)
Impersonate REG_DWORD 1 (0x1)
Lock REG_SZ WLEventLock
Logoff REG_SZ WLEventLogoff
Logon REG_SZ WLEventLogon
MaxWait REG_DWORD -1 (0xffffffff)
PostShell REG_SZ WLEventPostShell
Reconnect REG_SZ WLEventReconnect
SafeMode REG_DWORD 1 (0x1)
Shutdown REG_SZ WLEventShutdown
StartScreenSaver REG_SZ WLEventStartScreenSaver
StartShell REG_SZ WLEventStartShell
Startup REG_SZ WLEventStartup
StopScreenSaver REG_SZ WLEventStopScreenSaver
Unlock REG_SZ WLEventUnlock
InstallNotifyShown REG_DWORD 1 (0x1)

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon\Setting s
Data REG_BINARY 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000030 8f29276ba1ec4885e936a0775e922504000000040000005300 000003660000a800000010000000160f3d03a57f72f8d0b54a 57dc824ca00000000004800000a00000001000000017f5af32 5926cdaa65b61d35b48c942c18020000fd2df09ade7c3e3832 3a403c09329a2a4609061d1fc618b43b5306b00d1c9a6359fd ffded999c9f6a42cd1e5b20a0e00425e2272a0c1135edc1d1e d0bf0138d72a5ba7143916a73b73c88da73117f996cdd08c83 f59ea9ea803757550c68398f0aa22700eb4c4e9d96ea525052 5ebe4a5255536c1c29f339ebdb7b00c1b613d15f855cd3f122 8575a3a873b8924226fbf54935e1c1a1a419b5e9934fa517b3 ea8ac6196aaaa02482c35006a5639cb2e9b771f3621b2fc90e a42b328feca5e0e1bfd857038a110bb6f95d698555b9be8c04 47d2573ae09bcaf161b0d66ef4da938529cadd5cb98802bfe5 97b241b895b332e4a6cfcb892a465238ced4e873e5106ca59b 0fe31977b407a9ac7d439110db2eb680e734f0f31e151f7206 cf1b03a74cb8e0a982758e1ef6d1ee77eda4968487fa457d92 2b1925318cca0fe98cd2ee51bea6518a56ab7af7c580ead2dd 5c8dcf4218fbf39bf6802d990fd0bda86235c073392daddd1f 7a8b357c0f992d278cbcf33fc80b69a523a3203418ccf06464 3ebc965fb41ffd213239ddb895ee9b412b649ed3a2d3f09d0f 19bc7046420f9119a02d5a6288332568fbe4dff4228f9587be 4cb1079d474cc52cc97ec6fd321abf207721f333f5729fd954 806dcefe0631192b16d91bc1aaa33ce843f5f8f51ef6d1dbb0 c83393409ceefd79ff78b8b559804b322e482a91a5f23046e5 17c93680a4274d8887e78b66b97a86b27688ae48f297a0b0bd 35c41400000079820b823f5604aec7f578cb84f5021915c893 7b

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon
DLLName REG_SZ wlnotify.dll
Logon REG_SZ RegisterTicketExpiredNotificationEvent
Logoff REG_SZ UnregisterTicketExpiredNotificationEvent
Impersonate REG_DWORD 1 (0x1)
Asynchronous REG_DWORD 1 (0x1)

--------------------------------------------------------------------------
Shared Task Scheduler Registry Items:
--------------------------------------------------------------------------



HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\sharedtaskscheduler
{438755C2-A8BA-11D1-B96B-00A0C90312E1} REG_SZ Browseui preloader
{8C7461EF-2B13-11d2-BE35-3078302C2030} REG_SZ Component Categories cache daemon

--------------------------------------------------------------------------
Scheduled Tasks:
--------------------------------------------------------------------------

Volume in drive H has no label.
Volume Serial Number is 9CA1-B56F

Directory of H:\WINDOWS\tasks

01/05/2007 10:02 PM <DIR> .
01/05/2007 10:02 PM <DIR> ..
27/11/2007 10:35 AM 256 Check Updates for Windows Live Toolbar.job
23/08/2001 10:30 PM 65 desktop.ini
27/11/2007 06:16 PM 6 SA.DAT
23/07/2006 08:38 AM 366 Symantec NetDetect.job
4 File(s) 693 bytes

Total Files Listed:
4 File(s) 693 bytes
2 Dir(s) 139,141,967,872 bytes free
A H:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
HR H:\WINDOWS\tasks\desktop.ini
A H H:\WINDOWS\tasks\SA.DAT
A H:\WINDOWS\tasks\Symantec NetDetect.job

----------------------------------------------------------------------------
ShellExecuteHooks Registry Keys
----------------------------------------------------------------------------



HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shellexecutehooks
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} REG_SZ AVG Anti-Spyware 7.5
{60E2746A-9C2E-45A2-85CE-7E1A8A890961} REG_SZ

----------------------------------------------------------------------------
ShellServiceObjectDelayLoad Registry Keys
----------------------------------------------------------------------------



HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\shellserviceobjectdelayload
PostBootReminder REG_SZ {7849596a-48ea-486e-8937-a2a3009f31a9}
CDBurn REG_SZ {fbeb8a05-beee-4442-804e-409d6c4515e9}
WebCheck REG_SZ {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
SysTray REG_SZ {35CEC8A3-2BE6-11D2-8773-92E220524153}

----------------------------------------------------------------------------
ModuleUsage Registry Keys:
----------------------------------------------------------------------------



HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\moduleusage

----------------------------------------------------------------------------
BHO Registry Keys:
----------------------------------------------------------------------------



HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{53707962-6F74-2D53-2644-206D7942484F}

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}
<NO NAME> REG_SZ Canon Easy Web Print Helper

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{7449713A-4B98-4047-A24D-9DB184991C05}

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
NoExplorer REG_DWORD 1 (0x1)

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
<NO NAME> REG_SZ

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\NoExplorer
<NO NAME> REG_DWORD 1 (0x1)

--------------------------------------------------------------------------
Select Policy Keys:
--------------------------------------------------------------------------



HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer
NoDriveTypeAutoRun REG_DWORD 145 (0x91)

HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer\Run


HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer\run


HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system
DisableRegistryTools REG_DWORD 0 (0x0)


HKEY_CURRENT_USER\software\policies\microsoft\inte rnet explorer
Windows Update Menu Text REG_SZ Microsoft Update

HKEY_CURRENT_USER\software\policies\microsoft\inte rnet explorer\Control Panel


HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer
NoDriveAutoRun REG_DWORD 67108863 (0x3ffffff)
NoDriveTypeAutoRun REG_DWORD 255 (0xff)

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer\Run


HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer\run


HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)


HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\explorer
NoDriveTypeAutoRun REG_DWORD 145 (0x91)


HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies

HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\Explorer

HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\system


HKEY_USERS\.default\software\policies\microsoft\in ternet explorer
Windows Update Menu Text REG_SZ Microsoft Update


HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\polic ies\explorer
NoDriveTypeAutoRun REG_DWORD 145 (0x91)


HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\polic ies\system


HKEY_USERS\s-1-5-18\software\policies\microsoft\internet explorer
Windows Update Menu Text REG_SZ Microsoft Update


HKEY_USERS\s-1-5-19\software\policies\microsoft\internet explorer
Windows Update Menu Text REG_SZ Microsoft Update


HKEY_USERS\s-1-5-19\software\policies\microsoft\internet explorer
Windows Update Menu Text REG_SZ Microsoft Update

[Pumpa]

************************************************** **********************************

Checking File System for suspicious Files

--------------------------------------------------------------------------
Items in the Root Directory:
--------------------------------------------------------------------------

Locating all files created in H:\

H:\
!KILLBOX Sat 24 Nov 2007 22:57:18 .D... <Dir>
587FBB~1 Sat 18 Nov 2006 19:35:56 .D... <Dir>
A4D986~1 Sat 18 Nov 2006 19:35:48 .D... <Dir>
BJPRIN~1 Mon 18 Sep 2006 10:25:30 .D.H. <Dir>
boot.ini Sun 23 Jul 2006 3:43:46 ..SH. 210 0.20 K
CLONED~1 Mon 31 Jul 2006 14:32:58 .D... <Dir>
DECKARD Tue 20 Nov 2007 6:53:54 .D... <Dir>
DOCUME~1 Sun 23 Jul 2006 3:44:42 .D... <Dir>
ETAX2006 Tue 8 Aug 2006 17:19:34 .D... <Dir>
ETAX2007 Thu 23 Aug 2007 18:12:54 .D... <Dir>
hiberfil.sys Tue 27 Nov 2007 18:15:54 A.SH. 1,609,945,088 1535.36 M
ISEEYO~1 Tue 27 Nov 2007 10:32:24 .D... <Dir>
MSOCACHE Sun 23 Jul 2006 8:44:12 .D.HR <Dir>
ntdetect.com Wed 4 Aug 2004 7:08:34 A.SHR 47,564 46.45 K
ntldr Wed 4 Aug 2004 7:29:34 A.SHR 250,032 244.17 K
pagefile.sys Tue 27 Nov 2007 18:15:54 A.SH. 792,723,456 756.00 M
PROGRA~1 Sun 23 Jul 2006 3:46:26 .D..R <Dir>
RECYCLER Mon 26 Nov 2007 10:14:16 .DSH. <Dir>
S400 Mon 18 Sep 2006 10:20:12 .D... <Dir>
sq13b0~1.sqm Sat 2 Jun 2007 11:48:24 A..H. 244 0.24 K
sq13b4~1.sqm Sat 2 Jun 2007 12:11:08 A..H. 244 0.24 K
sq13b8~1.sqm Mon 20 Aug 2007 8:41:44 A..H. 244 0.24 K
sq13bc~1.sqm Mon 20 Aug 2007 8:42:16 A..H. 244 0.24 K
sq23b0~1.sqm Sat 2 Jun 2007 12:11:30 A..H. 244 0.24 K
sq23b4~1.sqm Sat 16 Jun 2007 17:01:10 A..H. 244 0.24 K
sq23b8~1.sqm Sat 2 Jun 2007 12:11:12 A..H. 244 0.24 K
sq23bc~1.sqm Sat 2 Jun 2007 12:11:28 A..H. 244 0.24 K
sq2fa0~1.sqm Thu 19 Jul 2007 21:32:14 A..H. 244 0.24 K
sq2fa4~1.sqm Thu 19 Jul 2007 21:32:38 A..H. 244 0.24 K
sq2fa8~1.sqm Mon 16 Jul 2007 21:42:16 A..H. 244 0.24 K
sq2fac~1.sqm Tue 17 Jul 2007 20:56:24 A..H. 244 0.24 K
sq33b8~1.sqm Sat 16 Jun 2007 17:01:12 A..H. 244 0.24 K
sq33bc~1.sqm Sat 16 Jun 2007 17:01:20 A..H. 244 0.24 K
sq3fa8~1.sqm Fri 20 Jul 2007 18:00:00 A..H. 244 0.24 K
sq3fac~1.sqm Fri 20 Jul 2007 19:34:40 A..H. 244 0.24 K
sqa368~1.sqm Mon 20 Aug 2007 8:41:46 A..H. 232 0.23 K
sqa378~1.sqm Sat 2 Jun 2007 12:11:12 A..H. 232 0.23 K
sqa37a~1.sqm Mon 16 Jul 2007 21:42:16 A..H. 232 0.23 K
sqa388~1.sqm Sat 16 Jun 2007 17:01:12 A..H. 232 0.23 K
sqa38a~1.sqm Fri 20 Jul 2007 18:00:00 A..H. 232 0.23 K
sqa768~1.sqm Mon 20 Aug 2007 8:42:16 A..H. 232 0.23 K
sqa778~1.sqm Sat 2 Jun 2007 12:11:28 A..H. 232 0.23 K
sqa77a~1.sqm Tue 17 Jul 2007 20:56:24 A..H. 232 0.23 K
sqa788~1.sqm Sat 16 Jun 2007 17:01:20 A..H. 232 0.23 K
sqa78a~1.sqm Fri 20 Jul 2007 19:34:40 A..H. 232 0.23 K
sqab68~1.sqm Sat 2 Jun 2007 11:48:24 A..H. 232 0.23 K
sqab78~1.sqm Sat 2 Jun 2007 12:11:30 A..H. 232 0.23 K
sqab7a~1.sqm Thu 19 Jul 2007 21:32:14 A..H. 232 0.23 K
sqaf68~1.sqm Sat 2 Jun 2007 12:11:08 A..H. 232 0.23 K
sqaf78~1.sqm Sat 16 Jun 2007 17:01:10 A..H. 232 0.23 K
sqaf7a~1.sqm Thu 19 Jul 2007 21:32:38 A..H. 232 0.23 K
sqmdat~1.sqm Sun 1 Jul 2007 22:50:22 A..H. 232 0.23 K
sqmdat~2.sqm Mon 2 Jul 2007 21:00:22 A..H. 268 0.26 K
sqmdat~3.sqm Mon 2 Jul 2007 21:00:22 A..H. 136 0.13 K
sqmdat~4.sqm Mon 2 Jul 2007 21:00:22 A..H. 160 0.16 K
sqmnoo~1.sqm Sun 1 Jul 2007 22:50:22 A..H. 244 0.24 K
sqmnoo~2.sqm Mon 2 Jul 2007 21:00:22 A..H. 244 0.24 K
sqmnoo~3.sqm Mon 2 Jul 2007 21:00:22 A..H. 244 0.24 K
sqmnoo~4.sqm Mon 2 Jul 2007 21:00:22 A..H. 172 0.17 K
STUDIO~1 Sun 7 Oct 2007 21:35:30 .D... <Dir>
SYSTEM~1 Sun 23 Jul 2006 3:44:42 .DSH. <Dir>
VIDEO Sun 23 Jul 2006 8:21:18 .D... <Dir>
WINDOWS Sun 23 Jul 2006 3:39:52 .D... <Dir>

63 items found: 45 files (45 H/S), 18 directories (4 H/S).
Total of file sizes: 2,402,975,666 bytes 2.23 G

--------------------------------------------------------------------------
Locating all Backup files on H:
--------------------------------------------------------------------------

Locating all *.BAK* files

H:\ETAX2006\
damian~1.bak Tue 29 Aug 2006 19:21:12 A.... 3,168 3.09 K

H:\ETAX2007\
damian.bak Thu 23 Aug 2007 18:53:14 A.... 2,880 2.81 K
damian07.bak Fri 24 Aug 2007 14:14:20 A.... 3,008 2.94 K

H:\STUDIO~1\
slddin~1.bak Sun 28 Oct 2007 0:18:16 A.... 5,016 4.90 K

H:\PROGRA~1\STUDIO~1\
relaxi~1.bak Sun 28 Oct 2007 0:18:16 A.... 931 0.91 K

H:\PROGRA~1\COMMON~1\SYMANT~1\
firewall.bak Sat 5 May 2007 19:23:32 A.... 46,516 45.43 K
persist.bak Thu 22 Nov 2007 12:14:46 A.... 2,212 2.16 K

H:\PROGRA~1\ELABOR~1\CLONED~1\
cloned~1.bak Wed 13 Jul 2005 5:28:38 A.... 4,636,672 4.42 M
rgdrvl~1.bak Wed 13 Jul 2005 5:28:38 A.... 128,000 125.00 K

H:\PROGRA~1\SLYSOFT\ANYDVD\
anydvd~1.bak Mon 27 Nov 2006 4:29:38 A.... 498,176 486.50 K

H:\PROGRA~1\COMMON~1\SYMANT~1\IDS\
idssettg.bak Sat 24 Nov 2007 7:41:44 A.... 3,788 3.70 K

H:\DOCUME~1\ADMINI~1\APPLIC~1\MICROS~1\INTERN~1\
brndlog.bak Sat 22 Jul 2006 18:28:14 A.... 113 0.11 K

H:\DOCUME~1\ALLUSE~1\APPLIC~1\SYMANTEC\COMMON~1\
settings.bak Tue 27 Nov 2007 10:43:24 A.... 5,318,164 5.07 M

H:\DOCUME~1\DAMIAN\APPLIC~1\MICROS~1\INTERN~1\
brndlog.bak Sat 22 Jul 2006 18:28:34 A.... 141 0.14 K

H:\DOCUME~1\DEFAUL~1\APPLIC~1\MICROS~1\INTERN~1\
brndlog.bak Sat 22 Jul 2006 18:28:14 A.... 113 0.11 K

H:\WINDOWS\PCHEALTH\HELPCTR\CONFIG\CACHE\
profes~1.bak Tue 27 Nov 2007 9:56:36 A.... 268,934 262.63 K

H:\DOCUME~1\ALLUSE~1\APPLIC~1\MICROS~1\OFFICE\DATA \
opa11.bak Thu 17 Oct 2002 22:23:16 A.... 8,200 8.01 K

H:\DOCUME~1\DAMIAN\APPLIC~1\MOZILLA\FIREFOX\PROFIL ES\B1GKMR~1.DEF\
bookma~1.bak Tue 27 Nov 2007 18:19:58 A.... 41,475 40.50 K
bookma~2.bak Sat 24 Nov 2007 20:59:40 A.... 32,924 32.15 K

H:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\APPLIC~1\MICRO S~1\INTERN~1\
brndlog.bak Sat 22 Jul 2006 18:28:14 A.... 113 0.11 K

20 items found: 20 files, 0 directories.
Total of file sizes: 11,000,544 bytes 10.49 M

--------------------------------------------------------------------------
Locating all copies of Internet Explorer on H:
--------------------------------------------------------------------------

Locating all copies of Internet Explorer

H:\PROGRA~1\INTERN~1\
iexplore.exe Wed 4 Aug 2004 9:26:52 A.... 93,184 91.00 K

H:\WINDOWS\SYSTEM32\DLLCACHE\
iexplore.exe Wed 4 Aug 2004 9:26:52 A.... 93,184 91.00 K

2 items found: 2 files, 0 directories.
Total of file sizes: 186,368 bytes 182.00 K

--------------------------------------------------------------------------
Locating all copies of Windows Explorer on H:
--------------------------------------------------------------------------

Locating all copies of Windows Explorer

H:\WINDOWS\
explorer.exe Wed 13 Jun 2007 21:56:04 A.... 1,033,216 1009.00 K

H:\WINDOWS\$N7CCA~1\
explorer.exe Thu 20 Jul 2006 6:45:58 ..... 1,032,192 1008.00 K

H:\WINDOWS\SYSTEM32\DLLCACHE\
explorer.exe Wed 13 Jun 2007 21:56:04 A.... 1,033,216 1009.00 K

3 items found: 3 files, 0 directories.
Total of file sizes: 3,098,624 bytes 2.95 M

--------------------------------------------------------------------------
Items in Document and Settings:
--------------------------------------------------------------------------

Listing contents of H:\Documents and Settings

No matches found.

--------------------------------------------------------------------------
Desktop Items:
--------------------------------------------------------------------------

Locating all files created in H:\Documents and Settings\Damian\Desktop within the last 90 days.

No matches found.

Locating all files created in H:\Documents and Settings\All Users\Desktop\ within the last 90 days.

No matches found.

--------------------------------------------------------------------------
Start Menu Items:
--------------------------------------------------------------------------

Locating all files created inH:\Documents and Settings\Damian\Start Menu within the last 90 days.

No matches found.

Locating all files created in H:\Documents and Settings\Damian\Start Menu\Programs\Startup within the last 90 days.

No matches found.

Locating all files created in H:\Documents and Settings\All Users\Start Menu within the last 90 days.

No matches found.

Locating all files created in H:\Documents and Settings\All Users\Start Menu\Programs\Startup\ within the last 90 days.

No matches found.

--------------------------------------------------------------------------
Application Data Items:
--------------------------------------------------------------------------

Locating all files created in H:\Documents and Settings\Damian\Application Data\ within the last 90 days.

No matches found.

Locating all files created in H:\Documents and Settings\Damian\Local Settings\Application Data\ within the last 90 days.

No matches found.

Locating all files created in H:\Documents and Settings\All Users\Application Data\ within the last 90 days.

No matches found.

--------------------------------------------------------------------------
H:\Documents and Settings\Damian\Local Settings\TEMP:
--------------------------------------------------------------------------

Locating all files created in H:\Documents and Settings\Damian\Local Settings\TEMP within the last 90 days.

--------------------------------------------------------------------------
Items in Templates Folder:
--------------------------------------------------------------------------

Locating all files created in H:\Documents and Settings\Damian\Templates

No matches found.

--------------------------------------------------------------------------
Items in Program Files:
--------------------------------------------------------------------------

Locating all files created in H:\Program Files\ within the last 90 days.

No matches found.

Locating all files created in H:\Program Files\Common Files\ within the last 90 days.

No matches found.

Locating all files created in H:\Program Files\Common Files\Microsoft Shared\Web Folders within the last 90 days.

--------------------------------------------------------------------------
Items in the Windows Directory:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\ within the last 90 days.

H:\WINDOWS\
$N28DE~1 Fri 31 Aug 2007 16:46:18 .D.H. <Dir>
$N30AC~1 Thu 11 Oct 2007 9:45:40 .D.H. <Dir>
$N38D4~1 Wed 14 Nov 2007 6:25:54 .D.H. <Dir>
$N48EA~1 Thu 11 Oct 2007 9:46:38 .D.H. <Dir>
$N88B6~1 Thu 11 Oct 2007 9:46:50 .D.H. <Dir>
0.log Tue 27 Nov 2007 18:16:56 A.... 0 0.00 K
alcfdrtm.ver Sat 24 Nov 2007 18:11:26 A.... 81,920 80.00 K
bootstat.dat Tue 27 Nov 2007 18:16:00 A.S.. 2,048 2.00 K
ERDNT Tue 20 Nov 2007 6:54:36 .D... <Dir>
FTPCACHE Sun 21 Oct 2007 0:54:50 .DSH. <Dir>
MINIDUMP Tue 16 Oct 2007 9:17:00 .D... <Dir>
nerodi~1.ini Fri 23 Nov 2007 8:58:02 A.... 116 0.11 K
nsreg.dat Fri 16 Nov 2007 12:23:48 A.... 0 0.00 K
relax.ini Sun 7 Oct 2007 21:35:44 A.... 52 0.05 K
s1650e~1.tmp Sun 14 Oct 2007 22:54:04 ..SH. 24 0.02 K
schedlgu.txt Tue 27 Nov 2007 10:43:24 A.... 14,712 14.37 K
sti_tr~1.log Sun 25 Nov 2007 8:11:58 A.... 0 0.00 K
SUN Thu 8 Nov 2007 19:56:26 .D... <Dir>
thumbs.db Fri 14 Sep 2007 17:49:04 A.SH. 7,680 7.50 K
wiadebug.log Tue 27 Nov 2007 18:16:52 A.... 159 0.15 K
wiaservc.log Tue 27 Nov 2007 18:16:38 A.... 50 0.05 K
window~1.log Tue 27 Nov 2007 18:21:40 A.... 203,781 199.00 K
wininit.ini Mon 19 Nov 2007 13:53:34 A.... 449 0.44 K

23 items found: 14 files (3 H/S), 9 directories (6 H/S).
Total of file sizes: 310,991 bytes 303.70 K

--------------------------------------------------------------------------
H:\WINDOWS\Downloaded Program Files:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\Downloaded Program Files\ within the last 90 days.

No matches found.

--------------------------------------------------------------------------
H:\WINDOWS\PCHealth\HelpCtr\Binaries:
--------------------------------------------------------------------------

Locating all files in H:\WINDOWS\PCHealth\HelpCtr\Binaries

H:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\
brpinfo.dll Thu 23 Aug 2001 22:30:00 A.... 21,504 21.00 K
hcappres.dll Thu 23 Aug 2001 22:30:00 A.... 6,656 6.50 K
helpctr.exe Wed 4 Aug 2004 9:26:50 A.... 768,512 750.50 K
helphost.exe Thu 23 Aug 2001 22:30:00 A.... 99,840 97.50 K
helpsvc.exe Wed 4 Aug 2004 9:26:52 A.... 743,936 726.50 K
hscmui.cab Sat 17 Jul 2004 20:09:14 A.... 68,327 66.72 K
hscsp_w3.cab Sat 17 Jul 2004 20:09:16 A.... 305,145 297.99 K
hscupd.exe Wed 4 Aug 2004 9:26:52 A.... 18,944 18.50 K
msconfig.exe Thu 20 Jul 2006 6:46:18 A.... 169,984 166.00 K
msinfo.dll Wed 4 Aug 2004 9:26:44 A.... 376,320 367.50 K
notiflag.exe Thu 23 Aug 2001 22:30:00 A.... 35,328 34.50 K
pchdt_w3.cab Wed 4 Aug 2004 7:19:10 A.... 2,737,914 2.61 M
pchshell.dll Wed 4 Aug 2004 9:26:46 A.... 102,400 100.00 K
pchsvc.dll Wed 4 Aug 2004 9:26:46 A.... 38,912 38.00 K

14 items found: 14 files, 0 directories.
Total of file sizes: 5,493,722 bytes 5.24 M

--------------------------------------------------------------------------
H:\WINDOWS\system:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\system within the last 90 days.

No matches found.

--------------------------------------------------------------------------
H:\WINDOWS\system32:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\system32 within the last 90 days.

H:\WINDOWS\SYSTEM32\
ADOBE Mon 26 Nov 2007 21:44:16 .D... <Dir>
aiqegays.ini Sun 25 Nov 2007 23:01:54 ..SH. 776,132 757.94 K
bassmod.dll Sun 21 Oct 2007 13:45:34 A.... 34,308 33.50 K
bbatbpwm.dll Tue 27 Nov 2007 10:30:50 A.... 86,080 84.06 K
java.exe Mon 24 Sep 2007 22:30:28 A.... 135,168 132.00 K
javacpl.cpl Mon 24 Sep 2007 23:31:42 A.... 69,632 68.00 K
javaw.exe Mon 24 Sep 2007 22:30:30 A.... 135,168 132.00 K
javaws.exe Mon 24 Sep 2007 23:31:42 A.... 139,264 136.00 K
jupdat~1.log Thu 8 Nov 2007 19:56:08 A.... 5,387 5.26 K
KASPER~1 Wed 21 Nov 2007 8:02:24 .D... <Dir>
mcrh.tmp Mon 26 Nov 2007 14:03:08 A.... 143 0.14 K
mrt.exe Fri 2 Nov 2007 0:12:58 A.... 18,238,072 17.39 M
mwpbtabb.ini Tue 27 Nov 2007 18:16:52 ..SH. 781,415 763.10 K
nvapps.xml Tue 27 Nov 2007 18:16:26 A.... 61,465 60.02 K
paaivpcd.ini Tue 27 Nov 2007 10:30:16 ..SH. 778,838 760.58 K
perfc009.dat Sun 28 Oct 2007 9:01:58 A.... 40,952 39.99 K
perfh009.dat Sun 28 Oct 2007 9:01:58 A.... 314,816 307.44 K
perfst~1.ini Sun 28 Oct 2007 9:01:58 A.... 360,124 351.68 K
profile.dat Tue 27 Nov 2007 10:43:24 A.... 40 0.04 K
shell32.dll Fri 26 Oct 2007 14:04:02 A.... 8,460,288 8.07 M
sstts.dll Wed 14 Nov 2007 17:43:56 ..... 320,608 313.09 K
stream~1.dll Tue 20 Nov 2007 15:09:42 ....R 59,392 58.00 K
sttss.ini Tue 27 Nov 2007 18:21:50 A.SH. 91,384 89.24 K
sttss~1.ini Tue 27 Nov 2007 18:19:24 A.SH. 93,754 91.55 K
sybsaoxe.ini Mon 26 Nov 2007 17:12:04 ..SH. 776,492 758.29 K
sytmwgpx.ini Sat 24 Nov 2007 7:42:02 ..SH. 775,832 757.65 K
tzlog.log Fri 31 Aug 2007 16:46:18 A.... 253,934 247.98 K
wpa.dbl Sun 18 Nov 2007 14:49:04 A.... 2,206 2.15 K
xpgwmtys.dll Sat 24 Nov 2007 7:41:40 A.... 86,080 84.06 K
xpsp3res.dll Mon 29 Oct 2007 20:34:04 A.... 350,720 342.50 K

30 items found: 28 files (7 H/S), 2 directories.
Total of file sizes: 33,227,694 bytes 31.69 M

--------------------------------------------------------------------------
H:\WINDOWS\system32\com:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\system32\com within the last 90 days.

No matches found.

--------------------------------------------------------------------------
H:\WINDOWS\system32\components:
--------------------------------------------------------------------------
Locating all files created in H:\WINDOWS\system32\components within the last 90 days.

No matches found.

--------------------------------------------------------------------------
H:\WINDOWS\system32\drivers:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\system32\drivers within the last 90 days.

H:\WINDOWS\SYSTEM32\DRIVERS\
anydvd.sys Wed 21 Nov 2007 10:29:48 A.... 97,216 94.94 K
tmcomm.sys Thu 15 Nov 2007 15:25:36 A.... 102,664 100.26 K

2 items found: 2 files, 0 directories.
Total of file sizes: 199,880 bytes 195.20 K

--------------------------------------------------------------------------
H:\WINDOWS\system32\drivers\etc:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\system32\drivers\etc within the last 90 days.

No matches found.

--------------------------------------------------------------------------
H:\WINDOWS\TEMP:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\TEMP within the last 90 days.

H:\WINDOWS\TEMP\
wgaerr~1.txt Tue 27 Nov 2007 18:16:14 A.... 255 0.25 K
wganot~1.set Tue 27 Nov 2007 18:17:18 A.... 409 0.40 K

2 items found: 2 files, 0 directories.
Total of file sizes: 664 bytes 0.65 K

************************************************** **********************************

[Pumpa]

************************************************** **********************************

Dumping HKLM Uninstall Programs list

DisplayName REG_SZ Adobe Acrobat 5.0
DisplayName REG_SZ Adobe Flash Player 9 ActiveX
DisplayName REG_SZ Adobe Flash Player Plugin
DisplayName REG_SZ Agere Systems PCI Soft Modem
DisplayName REG_SZ AnyDVD
DisplayName REG_SZ AVG Anti-Rootkit Free
DisplayName REG_SZ AVG Anti-Spyware 7.5
DisplayName REG_SZ Camera Window
DisplayName REG_SZ Canon Camera Window for ZoomBrowser EX
DisplayName REG_SZ Canon iP4300
DisplayName REG_SZ Canon PhotoRecord
DisplayName REG_SZ Canon Setup Utility 2.3
DisplayName REG_SZ Canon Utilities Easy-PhotoPrint
DisplayName REG_SZ Canon Utilities Easy-PrintToolBox
DisplayName REG_SZ Canon Utilities File Viewer Utility 1.2
DisplayName REG_SZ Canon Utilities PhotoStitch 3.1
DisplayName REG_SZ Canon Utilities RemoteCapture 2.7
DisplayName REG_SZ Canon Utilities ZoomBrowser EX
DisplayName REG_SZ CCleaner (remove only)
DisplayName REG_SZ CD-LabelPrint
DisplayName REG_SZ CDex extraction audio
DisplayName REG_SZ CloneDVD 3.9.4
DisplayName REG_SZ CloneDVD2
DisplayName REG_SZ Diamond View V4.08
DisplayName REG_SZ DVD Decrypter (Remove Only)
DisplayName REG_SZ DVD Shrink 3.2
DisplayName REG_SZ Dynalink ADSL Router USB Driver
DisplayName REG_SZ e-tax 2006
DisplayName REG_SZ e-tax 2007
DisplayName REG_SZ Easy-WebPrint
DisplayName REG_SZ File Viewer Utility 1.2.2
DisplayName REG_SZ HijackThis 1.99.1
DisplayName REG_SZ Hotfix for Windows XP (KB929120)
DisplayName REG_SZ Hotfix for Windows XP (KB935448)
DisplayName REG_SZ Intel(R) Graphics Media Accelerator Driver
DisplayName REG_SZ Java(TM) 6 Update 3
DisplayName REG_SZ K9
DisplayName REG_SZ Kaspersky Online Scanner
DisplayName REG_SZ LiveUpdate 2.6 (Symantec Corporation)
DisplayName REG_SZ Media & Office Keyboard
DisplayName REG_SZ Microsoft Money 2006
DisplayName REG_SZ Microsoft Office Professional Edition 2003
DisplayName REG_SZ Movie Downloader
DisplayName REG_SZ Movie Joiner
DisplayName REG_SZ Mozilla Firefox (2.0.0.9)
DisplayName REG_SZ MSXML 4.0 SP2 (KB925672)
DisplayName REG_SZ MSXML 4.0 SP2 (KB927978)
DisplayName REG_SZ MSXML 4.0 SP2 (KB936181)
DisplayName REG_SZ MSXML 6.0 Parser (KB933579)
DisplayName REG_SZ Nero 7 Ultra Edition
DisplayName REG_SZ ninemsn Internet Software
DisplayName REG_SZ OneCare Advisor (Windows Live Toolbar)
DisplayName REG_SZ PhotoStitch
DisplayName REG_SZ Popup Blocker (Windows Live Toolbar)
DisplayName REG_SZ PowerDVD
DisplayName REG_SZ QuickTime
DisplayName REG_SZ QuickTime
DisplayName REG_SZ Realtek High Definition Audio Driver
DisplayName REG_SZ RemoteCapture 2.7.2
DisplayName REG_SZ S400
DisplayName REG_SZ ScanButton
DisplayName REG_SZ Security Update for CAPICOM (KB931906)
DisplayName REG_SZ Security Update for CAPICOM (KB931906)
DisplayName REG_SZ Security Update for Windows Media Player 10 (KB936782)
DisplayName REG_SZ Security Update for Windows Media Player 6.4 (KB925398)
DisplayName REG_SZ Security Update for Windows XP (KB917422)
DisplayName REG_SZ Security Update for Windows XP (KB918118)
DisplayName REG_SZ Security Update for Windows XP (KB918899)
DisplayName REG_SZ Security Update for Windows XP (KB919007)
DisplayName REG_SZ Security Update for Windows XP (KB920213)
DisplayName REG_SZ Security Update for Windows XP (KB920214)
DisplayName REG_SZ Security Update for Windows XP (KB920670)
DisplayName REG_SZ Security Update for Windows XP (KB920683)
DisplayName REG_SZ Security Update for Windows XP (KB920685)
DisplayName REG_SZ Security Update for Windows XP (KB921398)
DisplayName REG_SZ Security Update for Windows XP (KB921503)
DisplayName REG_SZ Security Update for Windows XP (KB921883)
DisplayName REG_SZ Security Update for Windows XP (KB922616)
DisplayName REG_SZ Security Update for Windows XP (KB922760)
DisplayName REG_SZ Security Update for Windows XP (KB922819)
DisplayName REG_SZ Security Update for Windows XP (KB923191)
DisplayName REG_SZ Security Update for Windows XP (KB923414)
DisplayName REG_SZ Security Update for Windows XP (KB923689)
DisplayName REG_SZ Security Update for Windows XP (KB923694)
DisplayName REG_SZ Security Update for Windows XP (KB923980)
DisplayName REG_SZ Security Update for Windows XP (KB924191)
DisplayName REG_SZ Security Update for Windows XP (KB924270)
DisplayName REG_SZ Security Update for Windows XP (KB924496)
DisplayName REG_SZ Security Update for Windows XP (KB924667)
DisplayName REG_SZ Security Update for Windows XP (KB925454)
DisplayName REG_SZ Security Update for Windows XP (KB925486)
DisplayName REG_SZ Security Update for Windows XP (KB925902)
DisplayName REG_SZ Security Update for Windows XP (KB926255)
DisplayName REG_SZ Security Update for Windows XP (KB926436)
DisplayName REG_SZ Security Update for Windows XP (KB927779)
DisplayName REG_SZ Security Update for Windows XP (KB927802)
DisplayName REG_SZ Security Update for Windows XP (KB928090)
DisplayName REG_SZ Security Update for Windows XP (KB928255)
DisplayName REG_SZ Security Update for Windows XP (KB928843)
DisplayName REG_SZ Security Update for Windows XP (KB929123)
DisplayName REG_SZ Security Update for Windows XP (KB929969)
DisplayName REG_SZ Security Update for Windows XP (KB930178)
DisplayName REG_SZ Security Update for Windows XP (KB931261)
DisplayName REG_SZ Security Update for Windows XP (KB931768)
DisplayName REG_SZ Security Update for Windows XP (KB931784)
DisplayName REG_SZ Security Update for Windows XP (KB932168)
DisplayName REG_SZ Security Update for Windows XP (KB933566)
DisplayName REG_SZ Security Update for Windows XP (KB933729)
DisplayName REG_SZ Security Update for Windows XP (KB935839)
DisplayName REG_SZ Security Update for Windows XP (KB935840)
DisplayName REG_SZ Security Update for Windows XP (KB936021)
DisplayName REG_SZ Security Update for Windows XP (KB937143)
DisplayName REG_SZ Security Update for Windows XP (KB938127)
DisplayName REG_SZ Security Update for Windows XP (KB938829)
DisplayName REG_SZ Security Update for Windows XP (KB939653)
DisplayName REG_SZ Security Update for Windows XP (KB941202)
DisplayName REG_SZ Security Update for Windows XP (KB943460)
DisplayName REG_SZ Smart Menus (Windows Live Toolbar)
DisplayName REG_SZ Software Update for Web Folders
DisplayName REG_SZ Spybot - Search & Destroy 1.4
DisplayName REG_SZ StudioLine Photo Basic
DisplayName REG_SZ Symantec Client Security
DisplayName REG_SZ Tabbed Browsing (Windows Live Toolbar)
DisplayName REG_SZ TrojanHunter 5.0
DisplayName REG_SZ Ultimate Label Printer Pro Version 5.5.2
DisplayName REG_SZ Update for Windows Media Player 10 (KB926251)
DisplayName REG_SZ Update for Windows XP (KB920872)
DisplayName REG_SZ Update for Windows XP (KB922582)
DisplayName REG_SZ Update for Windows XP (KB927891)
DisplayName REG_SZ Update for Windows XP (KB929338)
DisplayName REG_SZ Update for Windows XP (KB930916)
DisplayName REG_SZ Update for Windows XP (KB931836)
DisplayName REG_SZ Update for Windows XP (KB933360)
DisplayName REG_SZ Update for Windows XP (KB936357)
DisplayName REG_SZ Update for Windows XP (KB938828)
DisplayName REG_SZ Windows Live Favorites for Windows Live Toolbar
DisplayName REG_SZ Windows Live Messenger
DisplayName REG_SZ Windows Live Outlook Toolbar (Windows Live Toolbar)
DisplayName REG_SZ Windows Live Sign-in Assistant
DisplayName REG_SZ Windows Live Toolbar
DisplayName REG_SZ Windows Live Toolbar
DisplayName REG_SZ Windows Live Toolbar Extension (Windows Live Toolbar)
DisplayName REG_SZ Windows Live Toolbar Feed Detector (Windows Live Toolbar)
DisplayName REG_SZ WinFast(R) Display Driver
DisplayName REG_SZ WinRAR archiver
DisplayName REG_SZ WinZip
ParentDisplayName REG_SZ CAPICOM
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates


################################################## ################################################## #


-- All DONE!

~ ShadowPuterDude ~