handle cases where a service's ImagePath is REG_MULTI_SZ

in the observed case, the ImagePath was REG_MULTI_SZ but all strings except the first were blank/empty, so they should be safe to discard

Author: Michael Ligh

volatility/plugins/malware/svcscan.py

@@ -530,6 +530,9 @@ def get_service_info(regapi):
 
             image_path = regapi.reg_get_value(hive_name = "system", key = "", value = "ImagePath", given_root = subkey)
             if image_path:
+                # this could be REG_SZ or REG_MULTI_SZ
+                if isinstance(image_path, list):
+                    image_path = image_path[0]
                 path_value = utils.remove_unprintable(image_path)
 
             failure_path = regapi.reg_get_value(hive_name = "system", key = "", value = "FailureCommand", given_root = subkey)