PDA

View Full Version : Virtumonde.sdn Need Assistance Please May be from P2P



landon42
2009-06-24, 17:12
Hello
I am running OS Windows Vista. I have already started with HJT and Combofix from bleeping computer.com.
The Spybot S&D 1.6.2 finds and eliminates Virtumonde.sdn, but it returns just as fast.
I suspect that when I downloaded Bit Torrent that I got this problem.
On the reports the x3watch is a accountability program for a issue I have and should not be the problem.
In this post I will put the HJT report. Then the next post I will put the Combofix report. Thanks

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:55 PM, on 6/18/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\X3watch\x3watch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Landon\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
D:\Realplayer dl\RealPlay.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ixquick.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Realplayer dl\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: IXQUICKTB - {C5CAA6CD-8EE4-40a3-92E0-385561406C50} - C:\PROGRA~1\IXQUIC~1\tbu07925\ix_quick.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Ixquick Toolbar - {70F241F6-52AB-4D45-993E-C1C09920095B} - C:\Program Files\Ixquick Toolbar\tbu07925\ix_quick.dll
O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [LaunchList] D:Pinnacle\Studio 10\LaunchList.exe
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\Windows\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [USBToolTip] "D:Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [x3watch] C:\Program Files\X3watch\x3watch.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Landon\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Procedure Call (RPC) Net (Rpcnet) - Absolute Software Corp. - C:\Windows\System32\rpcnet.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10742 bytes

landon42
2009-06-24, 17:14
ComboFix 09-06-18.02 - Landon 06/18/2009 23:30.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1013.357 [GMT -5:00]
Running from: c:\users\Landon\Desktop\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2787322657-2932596189-1710620633-500
c:\$recycle.bin\S-1-5-21-2787322657-2932596189-1710620633-500\desktop.ini

.
((((((((((((((((((((((((( Files Created from 2009-05-19 to 2009-06-19 )))))))))))))))))))))))))))))))
.

2009-06-19 04:06 . 2009-06-19 04:06 -------- d-----w- c:\program files\Trend Micro
2009-06-19 03:51 . 2009-06-19 03:59 56680 ----a-w- c:\windows\system32\rpcnet.dll
2009-06-19 02:59 . 2009-06-19 02:59 -------- d-----w- c:\users\Landon\AppData\Roaming\Bullzip
2009-06-14 22:32 . 2009-05-19 06:36 2884832 ------w- c:\programdata\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\vwpt.exe
2009-06-14 22:32 . 2009-05-19 06:36 28 ------w- c:\programdata\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\unregister.bat
2009-06-14 22:32 . 2009-05-19 06:36 30512 ------w- c:\programdata\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\Uninstaller.exe
2009-06-14 22:32 . 2009-05-19 06:35 376568 ------w- c:\programdata\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\unagi3.exe
2009-06-14 22:32 . 2009-05-19 06:36 1484856 ------w- c:\programdata\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\toolbar.exe
2009-06-04 04:49 . 2009-06-04 04:49 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-02 03:49 . 2009-06-19 02:35 -------- d-----w- c:\program files\DNA
2009-05-22 03:38 . 2009-05-22 03:38 -------- d-----w- c:\programdata\Digsby
2009-05-22 03:31 . 2009-05-22 03:38 -------- d-----w- c:\users\Landon\AppData\Local\Digsby
2009-05-22 03:31 . 2009-05-22 03:38 -------- d-----w- c:\users\Landon\AppData\Roaming\Digsby
2009-05-20 23:19 . 2009-05-20 23:19 738120 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-19 03:59 . 2008-06-13 14:50 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2009-06-09 03:18 . 2008-05-16 19:09 -------- d-----w- c:\users\Landon\AppData\Roaming\Skype
2009-06-08 22:18 . 2008-05-16 19:11 -------- d-----w- c:\users\Landon\AppData\Roaming\skypePM
2009-06-04 04:49 . 2008-06-10 18:32 -------- d-----w- c:\program files\Common Files\Real
2009-06-01 02:15 . 2008-06-23 23:38 -------- d-----w- c:\users\Landon\AppData\Roaming\Hoyle Puzzle and Board Games
2009-05-22 10:52 . 2007-06-12 18:02 56680 ----a-w- c:\windows\system32\rpcnet.exe
2009-05-21 03:48 . 2009-05-16 02:42 -------- d-----w- c:\program files\a-squared HiJackFree
2009-05-19 06:36 . 2009-06-14 22:31 25 ------w- c:\programdata\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\register.bat
2009-05-19 06:36 . 2009-06-14 22:31 97072 ------w- c:\programdata\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\bsetutil.exe
2009-05-19 06:36 . 2009-06-14 22:31 142040 ------w- c:\programdata\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\alsetup.exe
2009-05-19 06:36 . 2009-06-14 22:31 111920 ------w- c:\programdata\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\AOLSearch.dll
2009-05-17 19:06 . 2008-07-16 22:01 -------- d-----w- c:\users\Landon\AppData\Roaming\Hoyle Casino
2009-05-15 20:49 . 2009-05-15 20:48 416128 ----a-w- c:\programdata\Microsoft\eHome\Packages\NetTV\Browse\NetTVResources.dll
2009-05-14 20:07 . 2009-05-14 20:07 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-05-13 21:37 . 2007-07-26 03:06 -------- d-----w- c:\programdata\Microsoft Help
2009-05-13 21:26 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-09 03:02 . 2009-05-09 03:02 -------- d-----w- c:\program files\Bullzip
2009-05-07 22:10 . 2007-07-26 01:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-05 21:10 . 2009-05-05 21:09 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-05-05 21:10 . 2009-05-05 21:09 -------- d-----w- c:\program files\iTunes
2009-05-05 21:09 . 2009-05-05 21:09 -------- d-----w- c:\program files\iPod
2009-05-05 21:09 . 2008-08-13 21:22 -------- d-----w- c:\program files\Common Files\Apple
2009-05-05 21:05 . 2009-05-05 21:05 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-04-26 07:11 . 2008-09-28 17:07 -------- d-----w- c:\program files\Winamp
2009-04-26 06:21 . 2008-06-13 14:51 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2009-04-26 06:21 . 2008-03-26 23:10 -------- d-----w- c:\program files\McAfee
2009-04-23 00:53 . 2009-05-09 03:02 194560 ----a-w- c:\windows\system32\bzpdf.dll
2009-03-25 22:55 . 2008-01-22 01:43 33280 ----a-w- c:\windows\system32\identprv.dll
2008-07-24 02:04 . 2008-07-24 02:05 774144 ----a-w- c:\program files\RngInterstitial.dll
2002-07-26 23:02 . 2008-11-08 02:57 153088 ----a-w- c:\program files\UNWISE.EXE
.

------- Sigcheck -------

[-] 2008-01-19 07:33 21504 3794B461C45882E06856F282EEF025AF c:\windows\System32\svchost.exe
[-] 2006-11-02 09:45 22016 10DA15933D582D2FEDCF705EFE394B09 c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[-] 2008-01-19 07:33 21504 3794B461C45882E06856F282EEF025AF c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

[-] 2008-01-19 07:36 627200 B974D9F06DC7D1908E825DC201681269 c:\windows\System32\user32.dll
[-] 2006-11-02 09:46 633856 E698A5437B89A285ACA3FF022356810A c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[-] 2007-07-26 02:11 633856 63B4F59D7C89B1BF5277F1FFEFD491CD c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[-] 2007-07-26 02:11 633856 9D9F061EDA75425FC67F0365E3467C86 c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[-] 2008-01-19 07:36 627200 B974D9F06DC7D1908E825DC201681269 c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll

[-] 2008-01-19 07:37 179200 B304D47D5744BA20FCB99FB8B2C07B0B c:\windows\System32\ws2_32.dll
[-] 2006-11-02 09:46 178688 D99A071C1018BB3D4ABAAD4B62048AC2 c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[-] 2008-01-19 07:37 179200 B304D47D5744BA20FCB99FB8B2C07B0B c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

[-] 2009-03-03 04:40 827392 6E115E2D3FAE5077A361A5BCE78FF170 c:\windows\System32\wininet.dll
[-] 2006-11-02 09:46 822272 214A456AADCC7DD1B36E2287BA71A9CA c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16386_none_ffb23181a4e80112\wininet.dll
[-] 2007-07-26 02:15 822784 7DBB98EBB2D267ACF9E6BC04AEC6CBF3 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16448_none_ffdf73aba4c5c123\wininet.dll
[-] 2007-07-26 02:20 822784 9C1C977FA682D428C7133CF29013211B c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16473_none_ffba0275a4e29643\wininet.dll
[-] 2008-03-27 23:30 824832 0AD9BE4F82F0389EC9B8A58F2FD16442 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16609_none_000bb771a4a46504\wininet.dll
[-] 2008-04-09 22:09 826368 DAEED2799D4D19F955C3E90B22A1E91E c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll
[-] 2008-04-25 04:23 826368 9191790BF02A8D759EC2B4E4FA868407 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll
[-] 2008-06-27 03:54 826368 E74D932CA7B3DA8CDB7A5F11F5A03ABC c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll
[-] 2008-10-02 03:49 826368 8BF7D225505A4ADA25D9444E91811CEA c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\wininet.dll
[-] 2008-10-16 04:40 826368 F18C1B151A0B18C35BF0919A9BA0FA0F c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_ffc5d85da4d98b1e\wininet.dll
[-] 2009-01-15 04:16 826368 FF35D495AC08549154D1D96990513CD9 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll
[-] 2009-03-03 04:20 826368 BA68744F8FE1BAAC35362F18774972A3 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_ffe248dfa4c4cf16\wininet.dll
[-] 2007-07-26 02:15 823296 1EA5200F3D45EFDFC25F630A52DDF9E5 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20547_none_0068102cbde44796\wininet.dll
[-] 2007-07-26 02:20 823808 355F1F19DAAD8F769936752F993EA8BF c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20583_none_0038cf54be0851fe\wininet.dll
[-] 2008-03-27 23:30 825344 39FBDEC53D5F7C5F4B7C35B9B1926A0F c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20734_none_006fe306bdded9ee\wininet.dll
[-] 2008-04-09 22:09 827392 F7FF1E0D443788D6AE4CBCA593530099 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll
[-] 2008-04-25 04:09 827392 F40594128A6BFDA6C3F0900796895078 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll
[-] 2008-06-27 03:49 827904 AE7150C0696C656D02FDD48259F4EFF5 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll
[-] 2008-10-02 03:30 827904 C85EF7DE97ABBF00B16AD11EDFEAC637 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\wininet.dll
[-] 2008-10-16 04:24 827904 622FE627D15DD920238A993021F0A4D1 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_0072e7b0bddc2041\wininet.dll
[-] 2009-01-15 04:19 827904 65647F41CEC0C8EEC9DF5BC1168EC76C c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll
[-] 2009-03-03 04:18 828416 88B57405AC5B2BF513069086F8963635 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_00798e96bdd7d236\wininet.dll
[-] 2008-01-19 07:36 825856 455D715A840579BDC1CF8E5C1DA76849 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
[-] 2008-04-09 22:09 826880 482BCCBF1FCBB3378100FF97081438C1 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll
[-] 2008-04-25 04:35 826880 44FD3968AD885026D94450832A78DE8A c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll
[-] 2008-06-27 04:15 827392 618A51B5FB9DD5810960F6044C0E9289 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_0190a6cba213f16e\wininet.dll
[-] 2008-10-02 03:49 827392 C373C19F10601C1AFE7E40907AE48694 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\wininet.dll
[-] 2008-10-16 04:47 827392 8F89FFECF6989DD7D9ECCEC6D95D7419 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_01b9e7cda1f54c23\wininet.dll
[-] 2009-01-15 06:11 827392 FB79A2AA5E92653B9A394FE26D799BF8 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll
[-] 2009-03-03 04:40 827392 6E115E2D3FAE5077A361A5BCE78FF170 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_01d9592da1dddc20\wininet.dll
[-] 2008-04-09 22:09 826880 4E962B645608E6EDB7D31B75921D07FA c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll
[-] 2008-04-25 04:22 826880 A86218059C228E7691A13E4CB63C4CDF c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll
[-] 2008-06-27 03:50 827904 EDF59D63DDBC8BE0BB4836EFFFC04BDC c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_0269c2d6baf6fd76\wininet.dll
[-] 2008-10-02 03:34 827904 6B2591CDCEFEB8451594288426677CBB c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\wininet.dll
[-] 2008-10-16 04:38 827904 4944C9FFE8903A276590D4215F74B937 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_0224151ebb2a5917\wininet.dll
[-] 2009-01-16 05:00 827904 6A986C2CD30633447DAB21A4852E40D6 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll
[-] 2009-03-03 04:32 827904 3ED9859939928CA568F487AB42175A33 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_0225174ebb296f95\wininet.dll

[-] 2008-01-19 07:33 314880 C2610B6BDBEFC053BBDAB4F1B965CB24 c:\windows\System32\winlogon.exe
[-] 2006-11-02 09:45 308224 9F75392B9128A91ABAFB044EA350BAAD c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[-] 2008-01-19 07:33 314880 C2610B6BDBEFC053BBDAB4F1B965CB24 c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[-] 2008-10-29 06:29 2927104 4F554999D7D5F05DAAEBBA7B5BA1089D c:\windows\explorer.exe
[-] 2006-11-02 09:45 2923520 FD8C53FB002217F6F888BCF6F5D7084D c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[-] 2008-03-28 00:08 2923520 6D06CD98D954FE87FB2DB8108793B399 c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[-] 2008-10-29 06:20 2923520 37440D09DEAE0B672A04DCCF7ABF06BE c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[-] 2008-03-28 00:08 2923520 BD06F0BF753BC704B653C3A50F89D362 c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[-] 2008-10-28 02:15 2923520 E7156B0B74762D9DE0E66BDCDE06E5FB c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[-] 2008-01-19 07:33 2927104 FFA764631CB70A30065C12EF8E174F9F c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[-] 2008-10-29 06:29 2927104 4F554999D7D5F05DAAEBBA7B5BA1089D c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[-] 2008-10-30 03:59 2927616 50BA5850147410CDE89C523AD3BC606E c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe

[-] 2008-01-19 07:33 279040 2B336AB6286D6C81FA02CBAB914E3C6C c:\windows\System32\services.exe
[-] 2006-11-02 09:45 279552 329CF3C97CE4C19375C8ABCABAE258B0 c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
[-] 2008-01-19 07:33 279040 2B336AB6286D6C81FA02CBAB914E3C6C c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe

[-] 2008-01-19 07:33 9728 DCF733788C7D088D814E5F80EB4B3E0F c:\windows\System32\lsass.exe
[-] 2006-11-02 09:45 7680 6A0E382E74280E4CC0DF17FE2661D003 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[-] 2009-02-13 07:26 7680 59DE082968FDD257FFF0D209B9A5B460 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[-] 2009-02-13 04:58 7680 AFF8A58280863629CA4FFA9E0B259F1E c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[-] 2008-01-19 07:33 9728 DCF733788C7D088D814E5F80EB4B3E0F c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[-] 2008-01-19 07:33 9728 DCF733788C7D088D814E5F80EB4B3E0F c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[-] 2009-02-13 08:20 9728 F4C62B07E5BF96F1FDCA9DB393ECED22 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

[-] 2006-11-02 09:45 8704 22BFD03DF51065A9ED8D17F8FB72296B c:\windows\System32\ctfmon.exe
[-] 2006-11-02 09:45 8704 22BFD03DF51065A9ED8D17F8FB72296B c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe

[-] 2008-01-19 07:33 125952 846CDF9A3CF4DA9B306ADFB7D55EE4C2 c:\windows\System32\spoolsv.exe
[-] 2006-11-02 09:45 124928 DA612EF2556776DF2630B68BF2D48935 c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6000.16386_none_d414e125c49db442\spoolsv.exe
[-] 2008-01-19 07:33 125952 846CDF9A3CF4DA9B306ADFB7D55EE4C2 c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe

[-] 2008-01-19 07:33 25088 0E135526E9785D085BCD9AEDE6FBCBF9 c:\windows\System32\userinit.exe
[-] 2006-11-02 09:45 24576 22027835939F86C3E47AD8E3FBDE3D11 c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[-] 2008-01-19 07:33 25088 0E135526E9785D085BCD9AEDE6FBCBF9 c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[-] 2008-01-19 07:36 448512 D605031E225AACCBCEB5B76A4F1603A6 c:\windows\System32\termsrv.dll
[-] 2006-11-02 09:46 427520 FAD71C1E8E4047B154E899AE31EB8CAA c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6000.16386_none_8c687fcc5759068e\termsrv.dll
[-] 2008-01-19 07:36 448512 D605031E225AACCBCEB5B76A4F1603A6 c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll

[-] 2009-02-13 08:49 888832 DB6E3731E6F5C8AE2843F80B5787F7C6 c:\windows\System32\kernel32.dll
[-] 2006-11-02 09:46 874496 1E36AE445E4DA83B82D51FEB2D4F8772 c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16386_none_91872345596077da\kernel32.dll
[-] 2009-02-13 07:26 875520 B82C7AC1D559F0FD088792171D64C7F3 c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[-] 2009-02-13 07:13 875520 BB792054BD990EC05D9E260D50FEAD39 c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
[-] 2008-01-19 07:34 888320 DC2338093F91BA4E0512208E60206DDD c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll
[-] 2009-02-13 08:49 888832 DB6E3731E6F5C8AE2843F80B5787F7C6 c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[-] 2009-02-13 08:21 890880 1987D817D08F5EAF0B7F334026FDDB79 c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll

[-] 2008-01-19 07:36 97280 51832219A52C3535BF4771C375E63F9B c:\windows\System32\powrprof.dll
[-] 2006-11-02 09:46 96768 3CDEC51291F735C5C276B957239017A3 c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6000.16386_none_a0e2dc64ffed4e9d\powrprof.dll
[-] 2008-01-19 07:36 97280 51832219A52C3535BF4771C375E63F9B c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll

[-] 2008-01-19 07:34 114688 EC17194A193CD8E90D27CFB93DFA9A2E c:\windows\System32\imm32.dll
[-] 2006-11-02 09:46 115200 EE12864398F1C3BF5BEE91F6AF9842E1 c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6000.16386_none_5a1f5c1a7d7fec2e\imm32.dll
[-] 2008-01-19 07:34 114688 EC17194A193CD8E90D27CFB93DFA9A2E c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C5CAA6CD-8EE4-40a3-92E0-385561406C50}]
2007-04-27 07:33 557056 ----a-w- c:\progra~1\IXQUIC~1\tbu07925\ix_quick.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"PLFSet"="c:\windows\PLFSet.dll" [2007-04-25 45056]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-07-16 768520]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-05-24 206952]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-06-06 159744]
"Acer Assist Launcher"="c:\program files\Acer Assist\launcher.exe" [2007-02-02 1261568]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-12 141848]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-12 133656]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-11-02 582992]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"USB2Check"="c:\windows\system32\PCLECoInst.dll" [2005-12-21 73728]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-04-29 188728]
"x3watch"="c:\program files\X3watch\x3watch.exe" [2008-06-01 299008]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-04 198160]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-07-06 4669440]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-7-25 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\eNetHook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{55FA8D98-00EE-46D4-80F6-B2FE8E7C8C8D}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{EF222906-87A4-4828-9F6B-D7BB099B5C73}"= c:\program files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician
"{4C9D47C0-EEF7-4203-8B67-FB56A04C48B9}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia
"{1055584B-7CE5-4C0D-85DF-5830B30182F0}"= c:\program files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard
"{B865A331-0198-4E67-8AB0-0829040F707B}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{FFF9EBCC-F1FB-45DC-A85F-F986FB6DFA59}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{3BE4C26D-CE8A-4D21-8AA1-99EF2A29708F}"= c:\program files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine
"{D2B4B153-FA73-461E-949E-C01F81C013EF}"= c:\program files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie
"{4A5FCEFB-9438-4030-9980-D6F6EF9209F7}"= c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program
"{81BDCB8E-5F8C-41EB-B2D2-B2F0FDAC64F6}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{841D0004-2CEB-4D6D-BF8E-EAEA1D1AA324}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{F95DBEAD-46A3-4656-B9BC-3C9F3880B804}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{DD1528D3-C64C-4DF1-A651-89294E645B8D}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{CCC7F901-C680-4C37-B45D-5C5E5BEFB878}"= UDP:d:\pinnacle\Studio 10\programs\RM.exe:Render Manager
"{AB765C05-AE96-45D0-8A6E-B29C7EBC465C}"= TCP:d:\pinnacle\Studio 10\programs\RM.exe:Render Manager
"{19B56F5F-2478-4437-80A6-8F626AF2C270}"= UDP:d:\pinnacle\Studio 10\programs\Studio.exe:Studio
"{CA01AE35-2A1E-4977-8B1B-27B70026005C}"= TCP:d:\pinnacle\Studio 10\programs\Studio.exe:Studio
"{40552C58-D9E2-484A-A58F-86C339B8821E}"= UDP:d:\pinnacle\Studio 10\programs\PMSRegisterFile.exe:PMSRegisterFile
"{93893181-3479-4E30-9E2E-4E626E9218E4}"= TCP:d:\pinnacle\Studio 10\programs\PMSRegisterFile.exe:PMSRegisterFile
"{1432C56E-D4E1-4B19-84BC-71B67C947FEF}"= UDP:d:\pinnacle\Studio 10\programs\umi.exe:umi
"{F8564DE8-EF68-49C5-AA46-5367F27E168C}"= TCP:d:\pinnacle\Studio 10\programs\umi.exe:umi
"{46CC1E45-C010-4D14-BC8E-318236776E92}"= UDP:c:\program files\Pando Networks\Pando\pando.exe:Pando Application
"{DA23C039-5E8A-4844-9E77-C10EC97A2841}"= TCP:c:\program files\Pando Networks\Pando\pando.exe:Pando Application
"{47F4DC18-86EF-4500-BD12-C15A0B84F676}"= UDP:58327:Pando P2P TCP Listening Port
"{1F8FDDCD-F5BF-47A2-B51F-EFEBDBFDF4E1}"= TCP:58327:Pando P2P UDP Listening Port
"TCP Query User{7E4B4A53-5857-4901-84F7-B1901DE8D1B4}d:\\world of warcraft\\wow-2.3.0-enus-downloader.exe"= UDP:d:\world of warcraft\wow-2.3.0-enus-downloader.exe:Blizzard Downloader
"UDP Query User{C9B256B0-508D-40E5-8ED4-90F3F2239263}d:\\world of warcraft\\wow-2.3.0-enus-downloader.exe"= TCP:d:\world of warcraft\wow-2.3.0-enus-downloader.exe:Blizzard Downloader
"{EC538A41-E12C-40FB-BB65-CA202C778C91}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{6FED9D28-3B97-43A4-986A-A05080757A22}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{D07962EF-9075-42E6-ADAC-7FF9986737D7}"= UDP:c:\program files\AIM6\aim6.exe:AIM
"{6F46F23D-165C-4756-B65B-19575A3B8A62}"= TCP:c:\program files\AIM6\aim6.exe:AIM
"TCP Query User{DA957F7B-31E9-472B-9468-5C23787EE01C}c:\\program files\\real\\realplayer\\recordingmanager.exe"= UDP:c:\program files\real\realplayer\recordingmanager.exe:RealNetworks Download and Record Manager
"UDP Query User{37D5AD59-B8ED-4778-9963-420DEC46E189}c:\\program files\\real\\realplayer\\recordingmanager.exe"= TCP:c:\program files\real\realplayer\recordingmanager.exe:RealNetworks Download and Record Manager
"{B431F180-883A-4179-BE2B-D69C7F0AF193}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{11594F3C-FC74-4DE8-8E32-4CF63D4EF51E}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{65B7FB03-7C1F-4319-AC69-DC0A5DF1D87E}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{43F09779-E09F-4D6E-927C-948AE8BF38BC}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{60ECA1D5-7907-49AA-ACBB-69BC2A4CE210}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{E03C272C-5246-45F5-82C3-D69F0879629A}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{D76E4B99-E50E-4B9E-ABC1-4B9EF3431929}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In)
"{EB13B7D5-E428-4281-91E9-9EB6274C81A5}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In)
"TCP Query User{E7F1F1F8-5974-4340-8964-8AEF379A3421}d:\\realplayer dl\\recordingmanager.exe"= UDP:d:\realplayer dl\recordingmanager.exe:RealNetworks Download and Record Manager
"UDP Query User{906540DB-0388-48FF-8AD8-ADF831DAEC0D}d:\\realplayer dl\\recordingmanager.exe"= TCP:d:\realplayer dl\recordingmanager.exe:RealNetworks Download and Record Manager

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [1/16/2008 12:34 AM 13560]
R2 ALaunchService;ALaunch Service;c:\acer\ALaunch\ALaunchSvc.exe [7/25/2007 10:29 PM 50688]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [8/7/2008 7:38 PM 1153368]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [12/28/2008 3:05 PM 24652]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [7/25/2007 8:02 PM 179712]
S3 APL531;OVT Scanner;c:\windows\System32\drivers\ov550i.sys [7/31/2006 7:44 AM 580992]
S3 SndTAudio;SndTAudio;c:\windows\System32\drivers\SndTAudio.sys [12/25/2008 11:14 AM 23096]
S3 SndTVideo;SndTVideo;c:\windows\System32\drivers\SndTVideo.sys [12/25/2008 11:14 AM 3768]
.
Contents of the 'Scheduled Tasks' folder

2009-01-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2008-07-17 18:32]

2008-11-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2008-07-17 18:32]

2009-06-19 c:\windows\Tasks\User_Feed_Synchronization-{642ED4B7-8637-485E-BA42-D5788B55A707}.job
- c:\windows\system32\msfeedssync.exe [2008-05-29 07:33]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Acer Tour Reminder - c:\acer\AcerTour\Reminder.exe
HKCU-Run-Google Update - c:\users\Landon\AppData\Local\Google\Update\GoogleUpdate.exe
HKCU-Run-Aim6 - (no file)
HKLM-Run-ALaunch - c:\acer\ALaunch\AlaunchClient.exe
HKLM-Run-Acer Tour Reminder - c:\acer\AcerTour\Reminder.exe
HKLM-Run-SetPanel - c:\acer\APanel\APanel.cmd
HKLM-Run-LaunchList - D:Pinnacle\Studio 10\LaunchList.exe
HKLM-Run-USBToolTip - D:Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
HKLM-Run-eRecoveryService - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.ixquick.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://en.us.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: select2perform.com\www
FF - ProfilePath - c:\users\Landon\AppData\Roaming\Mozilla\Firefox\Profiles\xj8v1uma.default\
FF - prefs.js: browser.search.selectedEngine - Ixquick
FF - prefs.js: browser.startup.homepage - hxxp://www.ixquick.com/
FF - component: d:\realplayer dl\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npsharedview.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: d:\realplayer dl\Netscape6\nppl3260.dll
FF - plugin: d:\realplayer dl\Netscape6\nprjplug.dll
FF - plugin: d:\realplayer dl\Netscape6\nprpjplug.dll

---- FIREFOX POLICIES ----
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-18 23:37
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2787322657-2932596189-1710620633-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:6b,97,ef,e9,47,4d,da,e1,f2,c1,5a,dc,5e,25,d6,8b,10,53,a7,c2,96,42,99,
0d,69,94,a4,52,b9,d3,80,f8,d7,90,42,8d,4d,ff,e7,28,11,73,97,cb,d4,0f,d9,60,\
"??"=hex:09,59,e0,15,8a,9f,f3,6f,08,c3,ec,92,b2,c8,16,af

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(652)
c:\windows\system32\eNetHook.dll

- - - - - - - > 'lsass.exe'(668)
c:\windows\system32\eNetHook.dll
.
Completion time: 2009-06-19 23:40
ComboFix-quarantined-files.txt 2009-06-19 04:40

Pre-Run: 10,127,831,040 bytes free
Post-Run: 10,056,290,304 bytes free

346 --- E O F --- 2009-05-13 23:17

landon42
2009-06-24, 18:25
--- Search result list ---
Virtumonde.sdn: [SBI $75457FE7] Library (File, nothing done)
C:\Windows\System32\rpcnet.dll
Properties.size=56680
Properties.md5=2F4158CFE7801A73BEAA7E8A9DFCAD26
Properties.filedate=1245851628
Properties.filedatetext=2009-06-24 08:53:48


--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-02-16 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-05-19 Includes\Adware.sbi (*)
2009-06-02 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-05-19 Includes\Dialer.sbi (*)
2009-06-02 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2009-06-09 Includes\HijackersC.sbi (*)
2009-06-16 Includes\Keyloggers.sbi (*)
2009-06-16 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-06-10 Includes\Malware.sbi (*)
2009-06-16 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2009-06-17 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2009-06-02 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-04-07 Includes\Spyware.sbi (*)
2009-06-02 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2009-06-17 Includes\Trojans.sbi (*)
2009-06-17 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll



--- System information ---
Windows Vista (Build: 6001) Service Pack 1 (6.0.6001)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB941833)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)


--- Startup entries list ---
Located: HK_LM:Run, Acer Assist Launcher
command: C:\Program Files\Acer Assist\launcher.exe
file: C:\Program Files\Acer Assist\launcher.exe
size: 1261568
MD5: F9E2C7373C92B6CD9C398B30E85D126E

Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 392845E8D49B5F0E81AAC4D795000A8C

Located: HK_LM:Run, Apoint
command: C:\Program Files\Apoint2K\Apoint.exe
file: C:\Program Files\Apoint2K\Apoint.exe
size: 159744
MD5: B150D1BCB625600479EEBA51811E33CB

Located: HK_LM:Run, AppleSyncNotifier
command: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
file: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
size: 111936
MD5: 3D50C85D295D4C6D0A5CD9F21481ECEA

Located: HK_LM:Run, ArcSoft Connection Service
command: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
file: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
size: 188728
MD5: 764A17F28192A3EC01ACD1C034405B1C

Located: HK_LM:Run, eDataSecurity Loader
command: C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
file: C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
size: 457216
MD5: E090EE780714E376062198C6625D5B51

Located: HK_LM:Run, IgfxTray
command: C:\Windows\system32\igfxtray.exe
file: C:\Windows\system32\igfxtray.exe
size: 141848
MD5: 7F7B42B1BA42242116F5B277A063FE2E

Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 342312
MD5: 6B0E8DEE62C0C9695C77F14482DDF178

Located: HK_LM:Run, LManager
command: C:\PROGRA~1\LAUNCH~1\LManager.exe
file: C:\PROGRA~1\LAUNCH~1\LManager.exe
size: 768520
MD5: 3A44B0C8655838A9D177F42F029F2FF7

Located: HK_LM:Run, mcagent_exe
command: C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
file: C:\Program Files\McAfee.com\Agent\mcagent.exe
size: 582992
MD5: 9405B452064BFA6A0F78E2F177A988A4

Located: HK_LM:Run, Persistence
command: C:\Windows\system32\igfxpers.exe
file: C:\Windows\system32\igfxpers.exe
size: 133656
MD5: D8A33AF26E4143F7A892009890BB6F64

Located: HK_LM:Run, PlayMovie
command: "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
file: C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
size: 206952
MD5: F79723565C57374BB8F057E03FC33B50

Located: HK_LM:Run, PLFSet
command: rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
file: C:\Windows\PLFSet.dll
size: 45056
MD5: C5EF9C7A3A18199CDFACEA1DA7286ADB

Located: HK_LM:Run, RtHDVCpl
command: RtHDVCpl.exe
file: C:\Windows\RtHDVCpl.exe
size: 4669440
MD5: A659F31AC25418738351E5BDF4C85780

Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 198160
MD5: 5676E75F98FF8E0F81DFF604A09288BB

Located: HK_LM:Run, USB2Check
command: RUNDLL32.EXE "C:\Windows\system32\PCLECoInst.dll",CheckUSBController
file: C:\Windows\system32\PCLECoInst.dll
size: 73728
MD5: CCE33B78B948290126D154E81995C2C9

Located: HK_LM:Run, x3watch
command: C:\Program Files\X3watch\x3watch.exe
file: C:\Program Files\X3watch\x3watch.exe
size: 299008
MD5: 5874152545D734CB74960189D9B29B46

Located: HK_LM:RunOnce, Spybot - Search & Destroy
command: "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
file: C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89

Located: HK_CU:Run, ehTray.exe
where: S-1-5-21-2787322657-2932596189-1710620633-1000...
command: C:\Windows\ehome\ehTray.exe
file: C:\Windows\ehome\ehTray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C

Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-2787322657-2932596189-1710620633-1000...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887

Located: Startup (common), Empowering Technology Launcher.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Acer\Empowering Technology\eAPLauncher.exe
file: C:\Acer\Empowering Technology\eAPLauncher.exe
size: 535336
MD5: 57554A2CA345734696AF72BEEE28B718

Located: WinLogon, igfxcui
command: igfxdev.dll
file: igfxdev.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!



--- Browser helper object list ---
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} (Skype add-on (mastermind))
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Skype add-on (mastermind)
CLSID name: Skype add-on (mastermind)
Path: C:\Program Files\Skype\Toolbars\Internet Explorer\
Long name: SkypeIEPlugin.dll
Short name: SKYPEI~1.DLL
Date (created): 4/23/2008 5:45:36 PM
Date (last access): 5/16/2008 2:07:10 PM
Date (last write): 4/23/2008 5:45:36 PM
Filesize: 1377576
Attributes: archive
MD5: 13E8565EDCF5E37673CBF00781CF460E
CRC32: 04A0886F
Version: 2.2.0.176

{3049C3E9-B461-4BC5-8870-4C09146192CA} (RealPlayer Download and Record Plugin for Internet Explorer)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: RealPlayer Download and Record Plugin for Internet Explorer
Path: D:\Realplayer dl\
Long name: rpbrowserrecordplugin.dll
Short name: RPBROW~1.DLL
Date (created): 6/3/2009 11:49:46 PM
Date (last access): 6/3/2009 11:49:46 PM
Date (last write): 6/3/2009 11:49:46 PM
Filesize: 312928
Attributes: archive
MD5: F0F67D3349B5CA1D162A2F29C647F842
CRC32: B48F6120
Version: 1.0.1.200

{7DB2D5A0-7241-4E79-B68D-6309F01C5231} (scriptproxy)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: scriptproxy
CLSID name: scriptproxy
Path: C:\Program Files\McAfee\VirusScan\
Long name: scriptsn.dll
Short name:
Date (created): 7/17/2008 10:59:42 AM
Date (last access): 11/9/2007 12:09:08 PM
Date (last write): 11/9/2007 12:09:08 PM
Filesize: 58688
Attributes: archive
MD5: 5B9FCB73F5A4A000C55AFF08B639A07C
CRC32: C78C7E89
Version: 14.0.0.366

{C5CAA6CD-8EE4-40a3-92E0-385561406C50} (IXQUICKTB)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: IXQUICKTB
CLSID name: IXQUICKTB Class
Path: C:\PROGRA~1\IXQUIC~1\tbu07925\
Long name: ix_quick.dll
Short name:
Date (created): 4/27/2007 2:33:42 AM
Date (last access): 2/11/2009 9:15:44 PM
Date (last write): 4/27/2007 2:33:42 AM
Filesize: 557056
Attributes: archive
MD5: CB566ABE87F2037D2373FB7A5FB79C9C
CRC32: 80489F65
Version: 1.0.0.4

{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 1/25/2009 11:23:42 AM
Date (last access): 3/9/2073 5:20:00 AM
Date (last write): 3/9/2009 5:18:50 AM
Filesize: 35840
Attributes: archive
MD5: 96A225C7F5346A9E81FC3DFA89A900C0
CRC32: BAD5D2EF
Version: 6.0.130.3



--- ActiveX list ---
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_13
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 1/25/2009 11:23:42 AM
Date (last access): 3/9/2073 5:20:00 AM
Date (last write): 3/9/2009 5:18:50 AM
Filesize: 94208
Attributes: archive
MD5: 1302DAB0E273CAC0D23E5674BAFE86CD
CRC32: 44AAE4B7
Version: 6.0.130.3

{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_05
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 1/25/2009 11:23:42 AM
Date (last access): 3/9/2073 5:20:00 AM
Date (last write): 3/9/2009 5:18:50 AM
Filesize: 94208
Attributes: archive
MD5: 1302DAB0E273CAC0D23E5674BAFE86CD
CRC32: 44AAE4B7
Version: 6.0.130.3

{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_06
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 1/25/2009 11:23:42 AM
Date (last access): 3/9/2073 5:20:00 AM
Date (last write): 3/9/2009 5:18:50 AM
Filesize: 94208
Attributes: archive
MD5: 1302DAB0E273CAC0D23E5674BAFE86CD
CRC32: 44AAE4B7
Version: 6.0.130.3

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 1/25/2009 11:23:42 AM
Date (last access): 3/9/2073 5:20:00 AM
Date (last write): 3/9/2009 5:18:50 AM
Filesize: 94208
Attributes: archive
MD5: 1302DAB0E273CAC0D23E5674BAFE86CD
CRC32: 44AAE4B7
Version: 6.0.130.3

{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_13
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 1/25/2009 11:23:42 AM
Date (last access): 3/9/2073 5:20:00 AM
Date (last write): 3/9/2009 5:18:50 AM
Filesize: 94208
Attributes: archive
MD5: 1302DAB0E273CAC0D23E5674BAFE86CD
CRC32: 44AAE4B7
Version: 6.0.130.3

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_13
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_13.dll
Short name: NPJPI1~1.DLL
Date (created): 3/9/2009 2:53:24 AM
Date (last access): 3/9/2073 5:20:10 AM
Date (last write): 3/9/2009 5:19:10 AM
Filesize: 136600
Attributes: archive
MD5: 20188EB1790C5EB9057DDFE3EA138FC7
CRC32: 2EA1ACCF
Version: 6.0.130.3



--- Process list ---
PID: 1644 (1072) C:\Windows\system32\taskeng.exe
size: 169472
MD5: 5F109032CE46B7184ED9E50F9FE8489E
PID: 1724 (1056) C:\Windows\system32\Dwm.exe
size: 81920
MD5: 59903071D7ACE6A02093C47E9E38AF97
PID: 1764 (1696) C:\Windows\Explorer.EXE
size: 2927104
MD5: 4F554999D7D5F05DAAEBBA7B5BA1089D
PID: 3388 ( 832) c:\PROGRA~1\mcafee.com\agent\mcagent.exe
size: 582992
MD5: 9405B452064BFA6A0F78E2F177A988A4
PID: 3552 (1764) C:\Windows\RtHDVCpl.exe
size: 4669440
MD5: A659F31AC25418738351E5BDF4C85780
PID: 3604 (1764) C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
size: 457216
MD5: E090EE780714E376062198C6625D5B51
PID: 3844 (1764) C:\Program Files\Launch Manager\LManager.exe
size: 768520
MD5: 3A44B0C8655838A9D177F42F029F2FF7
PID: 3852 (1764) C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
size: 206952
MD5: F79723565C57374BB8F057E03FC33B50
PID: 3868 (1764) C:\Program Files\Apoint2K\Apoint.exe
size: 159744
MD5: B150D1BCB625600479EEBA51811E33CB
PID: 4000 (1764) C:\Windows\System32\igfxpers.exe
size: 133656
MD5: D8A33AF26E4143F7A892009890BB6F64
PID: 4012 ( 832) C:\Windows\system32\igfxext.exe
size: 170520
MD5: 801DA8995DE7971FE9A3316F40D2B856
PID: 2148 (1764) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
size: 188728
MD5: 764A17F28192A3EC01ACD1C034405B1C
PID: 824 ( 832) C:\Windows\system32\igfxsrvc.exe
size: 256536
MD5: 734006A2DB2404138F2C1A2CB86D32EF
PID: 2144 (1764) C:\Program Files\X3watch\x3watch.exe
size: 299008
MD5: 5874152545D734CB74960189D9B29B46
PID: 2412 (1764) C:\Program Files\iTunes\iTunesHelper.exe
size: 342312
MD5: 6B0E8DEE62C0C9695C77F14482DDF178
PID: 604 (1764) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 198160
MD5: 5676E75F98FF8E0F81DFF604A09288BB
PID: 1568 (1764) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887
PID: 2072 (1764) C:\Windows\ehome\ehtray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C
PID: 1908 ( 832) C:\Windows\system32\igfxsrvc.exe
size: 256536
MD5: 734006A2DB2404138F2C1A2CB86D32EF
PID: 1008 (3552) C:\Users\Landon\AppData\Local\Temp\RtkBtMnt.exe
size: 208896
MD5: 5EF87457AB8A58694EBE35E55D093D04
PID: 3020 (2516) C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
size: 753664
MD5: 5B1A52A2F4573A1CA947A3AF859CF6F7
PID: 1000 ( 832) C:\Windows\ehome\ehmsas.exe
size: 37376
MD5: 0F4195B9B348DE5CF9B822F81704B20E
PID: 1048 (2516) C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
size: 528384
MD5: 0F0E9EBE47A7B2BD7444424473FA3962
PID: 2752 (2516) C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
size: 323584
MD5: 39CBE2E778299F468BBD5B45CFB90A70
PID: 3344 (2516) C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
size: 397312
MD5: 4F779AD993A2975D945EE6985CAC0FEA
PID: 3384 (3868) C:\Program Files\Apoint2K\ApMsgFwd.exe
size: 50736
MD5: 42370C1DE2B83844B253478DB8A907D5
PID: 3536 (3196) C:\Program Files\Apoint2K\Apntex.exe
size: 49152
MD5: 8D78BE3690DB07A2FD03D2A6B61E3DCD
PID: 6100 ( 604) D:\Realplayer dl\RealPlay.exe
size: 214536
MD5: E76BFE46BDCC3AF9C1D46A913C1F7342
PID: 4828 (1764) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 3040 (3900) C:\Program Files\Internet Explorer\ieuser.exe
size: 299520
MD5: 5B2E1C16A2C420F60CD391B666003F14
PID: 4764 (3900) C:\Program Files\Internet Explorer\iexplore.exe
size: 636072
MD5: 9E6C1527D9A2C64BFD780AA23075380F
PID: 4456 (4476) C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
size: 2356088
MD5: 3C27703F6103A19F1EFD16BFE6D3A8C3
PID: 0 ( 0) [System Process]
PID: 4 ( 0) System
PID: 444 ( 4) smss.exe
size: 64000
PID: 516 ( 504) csrss.exe
size: 6144
PID: 560 ( 504) wininit.exe
size: 96768
PID: 568 ( 552) csrss.exe
size: 6144
PID: 608 ( 560) services.exe
size: 279040
PID: 632 ( 552) winlogon.exe
size: 314880
PID: 672 ( 560) lsass.exe
size: 9728
PID: 680 ( 560) lsm.exe
size: 229888
PID: 832 ( 608) svchost.exe
size: 21504
PID: 896 ( 608) svchost.exe
size: 21504
PID: 960 ( 608) svchost.exe
size: 21504
PID: 1056 ( 608) svchost.exe
size: 21504
PID: 1072 ( 608) svchost.exe
size: 21504
PID: 1144 ( 960) audiodg.exe
size: 88064
PID: 1176 ( 608) SLsvc.exe
size: 2623488
PID: 1208 ( 608) svchost.exe
size: 21504
PID: 1372 ( 608) svchost.exe
size: 21504
PID: 1636 ( 608) spoolsv.exe
size: 125952
PID: 1712 ( 608) svchost.exe
size: 21504
PID: 1856 ( 608) ACService.exe
PID: 1884 ( 608) ALaunchSvc.exe
PID: 1936 ( 608) AppleMobileDeviceService.exe
PID: 1952 ( 608) mDNSResponder.exe
PID: 1984 ( 608) eDSService.exe
PID: 2028 ( 608) eLockServ.exe
PID: 300 ( 608) eNet Service.exe
PID: 424 ( 608) LSSrvc.exe
PID: 452 ( 608) McProxy.exe
PID: 484 ( 608) Mcshield.exe
PID: 600 ( 608) MobilityService.exe
PID: 1228 ( 608) MpfSrv.exe
PID: 1396 ( 608) svchost.exe
size: 21504
PID: 1660 ( 608) RichVideo.exe
PID: 1544 ( 608) rpcnet.exe
size: 56680
PID: 2060 ( 608) svchost.exe
size: 21504
PID: 2112 ( 608) ViewpointService.exe
PID: 2180 ( 608) XAudio.exe
PID: 2216 ( 608) eRecoveryService.exe
PID: 2368 ( 608) capuserv.exe
PID: 2420 ( 608) ePowerSvc.exe
PID: 2568 ( 608) SDWinSec.exe
PID: 2936 ( 832) WmiPrvSE.exe
PID: 2944 ( 832) WmiPrvSE.exe
PID: 3084 ( 832) unsecapp.exe
PID: 3140 ( 608) mcmscsvc.exe
PID: 3804 (1072) taskeng.exe
size: 169472
PID: 3484 ( 608) iPodService.exe
PID: 168 ( 608) mcsysmon.exe
PID: 5108 ( 608) McNASvc.exe


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 6/24/2009 10:21:05 AM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\Windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.ixquick.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://en.us.acer.yahoo.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Namespace Provider 1: E-mail Naming Shim Provider
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:

Namespace Provider 2: PNRP Cloud Namespace Provider
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:

Namespace Provider 3: PNRP Name Namespace Provider
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:



--- Uninstall list ---
a-squared HiJackFree 3.1 3.1 (a-squared HiJackFree_is1)
install date: 20090515
install location: C:\Program Files\a-squared HiJackFree\
uninstall cmd: "C:\Program Files\a-squared HiJackFree\unins000.exe"
publisher: Emsi Software GmbH
comments: a-squared
help link: http://forum.emsisoft.com

Acer Assist (Acer Assist)
install location: C:\Program Files\Acer Assist
uninstall cmd: C:\Program Files\Acer Assist\uninstall.exe
publisher: Acer Inc.

Activation Assistant for the 2007 Microsoft Office suites (Activation Assistant for the 2007 Microsoft Office suites)
uninstall cmd: "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
publisher: Microsoft Corporation
help link: http://support.microsoft.com/contactussupport/?ws=support

(AddressBook)

Adobe Flash Player 10 ActiveX 10.0.12.36 (Adobe Flash Player ActiveX)
uninstall cmd: C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
publisher: Adobe Systems Incorporated
help link: http://www.adobe.com/go/flashplayer_support/

Adobe Flash Player 10 Plugin 10.0.12.36 (Adobe Flash Player Plugin)
uninstall cmd: C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
publisher: Adobe Systems Incorporated

AIM 6 (AIM_6)
uninstall cmd: C:\Program Files\AIM6\uninst.exe

(AOL Diagnostics_N)

(AOLOCP_Y)

Bullzip PDF Printer 6.0.0.865 (Bullzip PDF Printer_is1)
install date: 20090619
install location: C:\Program Files\Bullzip\PDF Printer\
uninstall cmd: "C:\Program Files\Bullzip\PDF Printer\unins000.exe"
publisher: Bullzip
help link: http://www.bullzip.com

HDAUDIO Soft Data Fax Modem with SmartCP (CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -IAcrZUn32z.inf

(Connection Manager)

(Creative Sync Manager (Unicode))
uninstall cmd: "C:\Program Files\Creative Installation Information\CREATIVE_SYNC_MANAGER_U\Setup.exe" /remove /l0x0009

(Creative Video Converter)
uninstall cmd: "C:\Program Files\Creative Installation Information\CREATIVE_VIDEO_CONVERTER\Setup.exe" /remove /l0x0009

(DirectDrawEx)

(DXM_Runtime)

EPSON Printer Software (EPSON Printer and Utilities)
uninstall cmd: C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
publisher: SEIKO EPSON Corporation

EPSON Scan (EPSON Scanner)
uninstall cmd: C:\Program Files\epson\escndv\setup\setup.exe /r

FLV Player 2.0 (build 25) 2.0 (build 25) (FLV Player)
uninstall cmd: C:\Program Files\FLV Player\uninst.exe
publisher: Martijn de Visser

(Fontcore)

(Google Chrome)

GPL Ghostscript Lite 8.64 (GPL Ghostscript Lite_is1)
install date: 20090619
install location: C:\Program Files\Bullzip\PDF Printer\gs\
uninstall cmd: "C:\Program Files\Bullzip\PDF Printer\gs\unins000.exe"

Acer GridVista 2.68.622 (GridVista)
uninstall cmd: C:\Windows\UnInst32.exe GridV.UNI

Intel(R) Graphics Media Accelerator Driver (HDMI)
uninstall cmd: C:\Windows\system32\igxpun.exe -uninstall

HijackThis 2.0.2 2.0.2 (HijackThis)
uninstall cmd: "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
publisher: TrendMicro

Microsoft Office Home and Student 2007 12.0.6215.1000 (HOMESTUDENTR)
install location: C:\Program Files\Microsoft Office
uninstall cmd: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
publisher: Microsoft Corporation

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

(InstallShield Uninstall Information)

NTI CD & DVD-Maker 7 (InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2})
version: 117440512
version (major): 7
estimated size: 87483
install date: 20070725
install location: C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\
install source: C:\AcerSW\CDMaker\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1033 CDM7
publisher: NewTech Infosystems
comments: Your Comments
contact: Customer Support Department
help link: http://www.yourcompany.com/help
help telephone: 1-555-555-4505

NTI Backup NOW! 4.7 1.00.0000 (InstallShield_{1598034D-7147-432C-8CA8-888E0632D124})
version: 16777216
version (major): 1
estimated size: 12518
install date: 20070725
install location: C:\Program Files\NewTech Infosystems\NTI Backup NOW! 4.7\
install source: C:\AcerSW\CDMAKER\BUN\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{1598034D-7147-432C-8CA8-888E0632D124}\setup.exe -runfromtemp -l0x0409
publisher: NewTech Infosystems
contact: Tech Support
help link: www.ntius.com
help telephone: 949-421-0712

Hoyle Card Games 2004 1.00.0000 (InstallShield_{744F6CCF-9F56-40A0-A33D-2A45D53B6046})
version: 16777216
version (major): 1
estimated size: 529572
install date: 20081019
install source: E:\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{744F6CCF-9F56-40A0-A33D-2A45D53B6046}
publisher: Sierra
comments: Patches on the Sierra site are in the Support then Downloads section.
contact: Sierra Entertainment Technical Support
help link: http://support.vugames.com
help telephone: 1-310-649-8033
readme: readme.txt

Ixquick Toolbar (IXQUICKTB.IXQUICKTBToolbar)
uninstall cmd: regsvr32 /u /s "C:\Program Files\Ixquick Toolbar\tbu07925\ix_quick.dll"

Security Update for CAPICOM (KB931906) 2.1.0.2 (KB931906)
uninstall cmd: MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931906

Launch Manager (LManager)
uninstall cmd: C:\Windows\UnInst32.exe LManager.UNI

(MobileOptionPack)

Mozilla Firefox (3.0.10) 3.0.10 (en-US) (Mozilla Firefox (3.0.10))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe
publisher: Mozilla
comments: Mozilla Firefox

Mozilla Thunderbird (2.0.0.16) 2.0.0.16 (en-US) (Mozilla Thunderbird (2.0.0.16))
install location: C:\Program Files\Mozilla Thunderbird
uninstall cmd: C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
publisher: Mozilla
comments: Mozilla Thunderbird

(MPlayer2)

McAfee SecurityCenter (MSC)
install location: C:\Program Files\McAfee
uninstall cmd: C:\Program Files\McAfee\MSC\mcuninst.exe
publisher: McAfee, Inc.

(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

RealPlayer (RealPlayer 6.0)
install location: D:\Realplayer dl\realplay.exe
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
publisher: RealNetworks
comments: Play, Save, and Organize your music and videos, Burn a CD, or simply take your music with you.
contact: RealNetworks

(SchedulingAgent)

EPSON CX8400 User's Guide (Silent Package Run-Time Sample)
uninstall cmd: C:\Program Files\epson\guide\cx8400_e\uninstall.exe

Viewpoint Media Player (ViewpointMediaPlayer)
uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u

(Warcraft III)

Winamp 5.552 (Winamp)
uninstall cmd: "C:\Program Files\Winamp\UninstWA.exe"
publisher: Nullsoft, Inc
help link: http://forums.winamp.com

X3watch 5.0.6 (X3watch_is1)
install date: 20090216
install location: C:\Program Files\X3watch\
uninstall cmd: "C:\Program Files\X3watch\unins000.exe"
publisher: Tiger Green Productions
help link: http://www.x3watch.com

ZENcast Organizer (ZENcast Organizer)
uninstall cmd: "C:\Program Files\Creative Installation Information\ZENCAST_ORGANIZER\Setup.exe" /remove /l0x0009

ArcSoft PhotoImpression 6 ({063E409E-3D7C-4A4A-95AB-2F124B9224B3})
version (major): 6
install location: D:\arcsoft\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{063E409E-3D7C-4A4A-95AB-2F124B9224B3}\setup.exe" -l0x9
publisher: ArcSoft

Bonjour 1.0.106 ({07287123-B8AC-41CE-8346-3D777245C35B})
version: 16777322
version (major): 1
estimated size: 493
install date: 20090201
install location: C:\Program Files\Bonjour\
install source: C:\Users\Landon\AppData\Local\Apple\Apple Software Update\
uninstall cmd: MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

ArcSoft Print Creations ({0D6D96F4-0CAF-4522-B05F-70A88EDECDFD})
version (major): 1
install location: C:\Program Files\ArcSoft\Print Creations
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0D6D96F4-0CAF-4522-B05F-70A88EDECDFD}\Setup.exe" -l0x9
publisher: ArcSoft

Security Update for CAPICOM (KB931906) 2.1.0.2 ({0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A})
version: 33619968
version (major): 2
version (minor): 1
estimated size: 770
install date: 20080327
install source: C:\Windows\TEMP\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
publisher: Microsoft Corporation

Acer Mobility Center Plug-In 1.0.3003 ({11316260-6666-467B-AC34-183FCB5D4335})
version: 16780219
install date: 20070725
install location: C:\Acer\Mobility Center\
install source: C:\AcerSW\AMCS\Setup.EXE
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x9 -removeonly
publisher: Acer Inc.

Acer eLock Management 2.5.4005 ({116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3})
version: 33886117
install date: 20070725
install location: C:\Acer\Empowering Technology\eLock
install source: C:\AcerSW\eLock\Setup.EXE
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x9 -removeonly
publisher: Acer Inc.

NTI CD & DVD-Maker 7 ({1577A05B-EE62-4BBC-9DB7-FE748FA44EC2})
version: 117440512
version (major): 7
estimated size: 87483
install date: 20070725
install location: C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\
install source: C:\AcerSW\CDMaker\
publisher: NewTech Infosystems
comments: Your Comments
contact: Customer Support Department
help link: http://www.yourcompany.com/help
help telephone: 1-555-555-4505

NTI Backup NOW! 4.7 1.00.0000 ({1598034D-7147-432C-8CA8-888E0632D124})
version: 16777216
version (major): 1
estimated size: 12518
install date: 20070725
install location: C:\Program Files\NewTech Infosystems\NTI Backup NOW! 4.7\
install source: C:\AcerSW\CDMAKER\BUN\
uninstall cmd: "C:\Program Files\InstallShield Installation Information\{1598034D-7147-432C-8CA8-888E0632D124}\setup.exe" -removeonly
publisher: NewTech Infosystems
contact: Tech Support
help link: www.ntius.com
help telephone: 949-421-0712

Computrace 1.0.0.65 ({20159B36-3A64-49AB-B3AA-FE6DE1D93C7C})
version: 16777216
version (major): 1
estimated size: 34
install date: 20080611
install source: C:\Users\Landon\AppData\Local\Temp\
uninstall cmd: MsiExec.exe /X{20159B36-3A64-49AB-B3AA-FE6DE1D93C7C}
publisher: Absolute Software Inc.

QuickTime 7.60.92.0 ({216AB108-2AE1-4130-B3D5-20B2C4C80F8F})
version: 121372764
version (major): 7
version (minor): 60
estimated size: 76135
install date: 20090404
install location: C:\Program Files\QuickTime\
install source: C:\Users\Landon\AppData\Local\Apple\Apple Software Update\
uninstall cmd: MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

EPSON Stylus CX8400 Series Scanner Driver Update ({24ADC0E4-8D3E-40C4-9106-F2DE5E9112F1})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ADC0E4-8D3E-40C4-9106-F2DE5E9112F1}\Setup.exe" -l0x9

MobileMe Control Panel 2.1.1.13 ({2604C0F9-BFD3-4BA0-9EB5-22537C648F03})
version: 33619969
version (major): 2
version (minor): 1
estimated size: 5263
install date: 20081105
install location: C:\Program Files\Common Files\Apple\Mobile Device Support\
install source: C:\Users\Landon\AppData\Local\Apple\Apple Software Update\
uninstall cmd: MsiExec.exe /I{2604C0F9-BFD3-4BA0-9EB5-22537C648F03}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Java(TM) 6 Update 13 6.0.130 ({26A24AE4-039D-4CA4-87B4-2F83216011FF})
version: 100663406
version (major): 6
estimated size: 96644
install date: 20090125
install location: C:\Program Files\Java\jre6\
install source: C:\Users\Landon\AppData\LocalLow\Sun\Java\jre1.6.0_11\
uninstall cmd: MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre6\README.txt

({26A24AE4-039D-4CA4-87B4-2F83216013FB})

({31403E22-2FDB-452F-AE9E-20854633226D})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{31403E22-2FDB-452F-AE9E-20854633226D}\Setup.EXE" -uninst

Java(TM) 6 Update 5 1.6.0.50 ({3248F0A8-6813-11D6-A77B-00B0D0160050})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 139422
install date: 20080327
install source: http://javadl.sun.com/webapps/download/GetFile/1.6.0_05-b13/windows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0_05\README.txt

Java(TM) 6 Update 6 1.6.0.60 ({3248F0A8-6813-11D6-A77B-00B0D0160060})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 139466
install date: 20080628
install source: http://javadl.sun.com/webapps/download/GetFile/1.6.0_06-b02/windows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0_06\README.txt

Java(TM) 6 Update 7 1.6.0.70 ({3248F0A8-6813-11D6-A77B-00B0D0160070})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 139514
install date: 20080723
install source: http://javadl.sun.com/webapps/download/GetFile/1.6.0_07-b06/windows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0_07\README.txt

Acer Crystal Eye webcam 5.7.29.500-1.0 ({399C37FB-08AF-493B-BFED-20FBD85EDF7F})
version: 84348232
install date: 20080115
install location: C:\Program Files\Sonix\Acer Crystal Eye webcam
install source: c:\DRV\CCD\Suyin\Setup.exe
uninstall cmd: C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x0009 -removeonly -u
publisher: Sonix

Hoyle Casino 1.0.0 ({3F99D180-34C3-4151-8C6C-86FC5D7BDFBD})
version: 16777216
version (major): 1
estimated size: 450084
install date: 20080716
install location: C:\Program Files\Encore\
install source: E:\
uninstall cmd: MsiExec.exe /X{3F99D180-34C3-4151-8C6C-86FC5D7BDFBD}
publisher: Encore

Acer ePower Management 2.5.4014 ({58E5844B-7CE2-413D-83D1-99294BF6C74F})
version: 33886126
install date: 20070725
install location: C:\Acer\Empowering Technology\ePower
install source: c:\AcerSW\ePM\Setup.EXE
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x9 -removeonly
publisher: Acer Inc.
help link: http://www.acer.com

Skype™ 3.8 3.8.115 ({5C82DAE5-6EB0-4374-9254-BE3319BA4E82})
version: 50856051
version (major): 3
version (minor): 8
estimated size: 31515
install date: 20080516
install location: C:\Program Files\Skype\
install source: C:\ProgramData\Skype\{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}\
uninstall cmd: MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
publisher: Skype Technologies S.A.
help link: http://ui.skype.com/ui/0/3.8.0.115/en/help

iTunes 8.1.1.10 ({5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3})
version: 134283265
version (major): 8
version (minor): 1
estimated size: 111681
install date: 20090505
install location: C:\Program Files\iTunes\
install source: C:\Users\Landon\AppData\Local\Apple\Apple Software Update\
uninstall cmd: MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Activation Assistant for the 2007 Microsoft Office suites 1.0 ({65DA2EC9-0642-47E9-AAE2-B5267AA14D75})
version: 16777216
version (major): 1
estimated size: 13920
install date: 20070725
install source: C:\Users\ADMINI~1\AppData\Local\Temp\mia1\
publisher: Microsoft Corporation

Apple Software Update 2.1.1.116 ({6956856F-B6B3-4BE0-BA0B-8F495BE32033})
version: 33619969
version (major): 2
version (minor): 1
estimated size: 2208
install date: 20081105
install location: C:\Program Files\Apple Software Update\
install source: C:\Users\Landon\AppData\Local\Apple\Apple Software Update\
uninstall cmd: MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Windows Media Player Firefox Plugin 1.0.0.8 ({69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4})
version: 16777216
version (major): 1
estimated size: 296
install date: 20080326
install source: C:\Users\Landon\AppData\Local\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
publisher: Microsoft Corp

OVT Scanner X86 1.00.0000 ({6B566EFE-DC1D-471F-93DD-84832663F140})
version: 16777216
version (major): 1
estimated size: 1740
install date: 20081226
install location: C:\Program Files\OVT\My Product Name\
install source: E:\Driver\32BitDriver\
uninstall cmd: MsiExec.exe /I{6B566EFE-DC1D-471F-93DD-84832663F140}
publisher: OVT

({6CD40625-E6A7-4C02-B281-3A4CB0D94AA9})

Hoyle Card Games 2004 1.00.0000 ({744F6CCF-9F56-40A0-A33D-2A45D53B6046})
version: 16777216
version (major): 1
estimated size: 529572
install date: 20081019
install source: E:\
publisher: Sierra
comments: Patches on the Sierra site are in the Support then Downloads section.
contact: Sierra Entertainment Technical Support
help link: http://support.vugames.com
help telephone: 1-310-649-8033
readme: readme.txt

Acer ScreenSaver 1.11.20070515 ({79DD56FC-DB8B-47F5-9C80-78B62E05F9BC})
install date: 20080115
install location: C:\Program Files\Acer Inc.\Acer ScreenSaver
install source: C:\Acer\AS.EXE
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
publisher: Acer Inc.

MSXML 4.0 SP2 (KB954430) 4.20.9870.0 ({86493ADD-824D-4B8E-BD72-8C5DCDC52A71})
version: 68429454
version (major): 4
version (minor): 20
estimated size: 1309
install date: 20081112
install source: d:\5560e007840e98ec61af1e7140b3\
uninstall cmd: MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/954430

Microsoft Silverlight 2.0.40115.0 ({89F4137D-6C26-4A84-BDB8-2E5A4BB71E00})
version: 33594547
version (major): 2
estimated size: 24349
install date: 20090228
install location: C:\Program Files\Microsoft Silverlight\
install source: d:\b6773fac58b35d26686f45a6d7f1eb\
uninstall cmd: MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkID=91955

Microsoft Office Excel MUI (English) 2007 12.0.6215.1000 ({90120000-0016-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 74948
install date: 20090502
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0016-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

Update for Microsoft Office Excel 2007 Help (KB963678) ({90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9})
uninstall cmd: msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
publisher: Microsoft
help link: http://support.microsoft.com/kb/963678

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office PowerPoint MUI (English) 2007 12.0.6215.1000 ({90120000-0018-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 42997
install date: 20090502
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0018-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

Update for Microsoft Office Powerpoint 2007 Help (KB963669) ({90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876})
uninstall cmd: msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
publisher: Microsoft
help link: http://support.microsoft.com/kb/963669

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Word MUI (English) 2007 12.0.6215.1000 ({90120000-001B-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 48093
install date: 20090502
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-001B-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Update for Microsoft Office Word 2007 Help (KB963665) ({90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726})
uninstall cmd: msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
publisher: Microsoft
help link: http://support.microsoft.com/kb/963665

Microsoft Office Proof (English) 2007 12.0.6213.1000 ({90120000-001F-0409-0000-0000000FF1CE})
version: 201332805
version (major): 12
estimated size: 56807
install date: 20080417
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.en\
uninstall cmd: MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173})
uninstall cmd: msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Proof (French) 2007 12.0.6213.1000 ({90120000-001F-040C-0000-0000000FF1CE})
version: 201332805
version (major): 12
estimated size: 23736
install date: 20080417
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.fr\
uninstall cmd: MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C})
uninstall cmd: msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Proof (Spanish) 2007 12.0.6213.1000 ({90120000-001F-0C0A-0000-0000000FF1CE})
version: 201332805
version (major): 12
estimated size: 38517
install date: 20080417
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.es\
uninstall cmd: MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1})
uninstall cmd: msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Proofing (English) 2007 12.0.4518.1014 ({90120000-002C-0409-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 506
install date: 20070725
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Shared MUI (English) 2007 12.0.6215.1000 ({90120000-006E-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 53822
install date: 20090428
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

Update for Microsoft Office 2007 Help for Common Features (KB963673) ({90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42})
uninstall cmd: msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
publisher: Microsoft
help link: http://support.microsoft.com/kb/963673

Update for Microsoft Office Script Editor Help (KB963671) ({90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C})
uninstall cmd: msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
publisher: Microsoft
help link: http://support.microsoft.com/kb/963671

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85})
uninstall cmd: msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office OneNote MUI (English) 2007 12.0.6215.1000 ({90120000-00A1-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 41606
install date: 20090428
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-00A1-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

Update for Microsoft Office OneNote 2007 Help (KB963670) ({90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245})
uninstall cmd: msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
publisher: Microsoft
help link: http://support.microsoft.com/kb/963670

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})
uninstall cmd: msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Shared Setup Metadata MUI (English) 2007 12.0.6215.1000 ({90120000-0115-0409-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 502
install date: 20080417
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85})
uninstall cmd: msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Microsoft Office Home and Student 2007 12.0.6215.1000 ({91120000-002F-0000-0000-0000000FF1CE})
version: 201332807
version (major): 12
estimated size: 828721
install date: 20090513
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{91120000-002F-0000-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
publisher: Microsoft Corporation

Security Update for Microsoft Office Word 2007 (KB956358) ({91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{4551666D-0FD6-4C69-8A81-1C6F2E64517C})
uninstall cmd: msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
publisher: Microsoft
help link: http://support.microsoft.com/kb/956358

Security Update for Microsoft Office system 2007 (KB954326) ({91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5F7F6FFF-395D-480E-8450-64F385D82C5F})
uninstall cmd: msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
publisher: Microsoft
help link: http://support.microsoft.com/kb/954326

Security Update for Visio 2007 (KB947590) ({91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6BAD036C-261F-4BEF-96CF-C20678D07A41})
uninstall cmd: msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
publisher: Microsoft
help link: http://support.microsoft.com/kb/947590

Security Update for Microsoft Office PowerPoint 2007 (KB957789) ({91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7559E742-FF9F-4FAE-B279-008ED296CB4D})
uninstall cmd: msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
publisher: Microsoft
help link: http://support.microsoft.com/kb/957789

Security Update for 2007 Microsoft Office System (KB951944) ({91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{797AE457-BA17-4BBC-B501-25FB3A0103C7})
uninstall cmd: msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
publisher: Microsoft
help link: http://support.microsoft.com/kb/951944

Security Update for Microsoft Office system 2007 (KB956828) ({91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{885E081B-72BD-4E76-8E98-30B4BE468FAC})
uninstall cmd: msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
publisher: Microsoft
help link: http://support.microsoft.com/kb/956828

Security Update for Microsoft Office Excel 2007 (KB959997) ({91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{9EAC3AEC-5C81-4856-A05B-DE9DC236D740})
uninstall cmd: msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740}
publisher: Microsoft
help link: http://support.microsoft.com/kb/959997

Security Update for 2007 Microsoft Office System (KB951550) ({91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B243E9A5-ED77-4F1B-B338-2486FD82DC85})
uninstall cmd: msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
publisher: Microsoft
help link: http://support.microsoft.com/kb/951550

2007 Microsoft Office Suite Service Pack 1 (SP1) ({91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419})
uninstall cmd: msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
publisher: Microsoft
help link: http://support.microsoft.com/kb/936982

Update for 2007 Microsoft Office System (KB967642) ({91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D})
uninstall cmd: msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
publisher: Microsoft
help link: http://support.microsoft.com/kb/967642

Security Update for 2007 Microsoft Office System (KB960003) ({91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F04F8702-18D0-458D-921E-146FB7CD38CF})
uninstall cmd: msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF}
publisher: Microsoft
help link: http://support.microsoft.com/kb/960003

Security Update for Microsoft Office OneNote 2007 (KB950130) ({91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F1B2401C-B610-4BF2-AA1C-52C55827A8F4})
uninstall cmd: msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
publisher: Microsoft
help link: http://support.microsoft.com/kb/950130

ALPS Touch Pad Driver ({9F72EF8B-AEC9-4CA5-B483-143980AFD6FD})
uninstall cmd: C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
publisher: Alps Electric

1.0.2924.0 ({A450831D-25F6-4F42-9662-D000B25E0D82})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\setup.exe" -uninstall

Microsoft Visual C++ 2005 Redistributable 8.0.50727.42 ({A49F249F-0C91-497F-86DF-B2585E8E76B7})
version: 134268455
version (major): 8
estimated size: 558
install date: 20070725
install source: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
publisher: Microsoft Corporation

landon42
2009-06-24, 18:27
Acer Crystal Eye webcam 1.0.13 ({AA047D7C-5E7C-4878-B75C-77589151B563})
version: 16777229
install date: 20080115
install location: C:\Program Files\SUYIN\Acer Crystal Eye webcam
install source: c:\DRV\CCD\Suyin\SYU.exe
uninstall cmd: C:\Program Files\InstallShield Installation Information\{AA047D7C-5E7C-4878-B75C-77589151B563}\setup.exe -runfromtemp -l0x0009 -removeonly
publisher: SUYIN

1.11.4124 ({AA4BF92B-2AAF-11DA-9D78-000129760D75})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\setup.exe" -uninstall
publisher: CyberLink Corporation

Pando 2.2.0101 ({AB480DA0-7EE9-465D-9C12-4CDE65BF18FB})
version: 33685605
version (major): 2
version (minor): 2
estimated size: 7293
install date: 20081201
install location: C:\Program Files\Pando Networks\Pando\
install source: C:\Users\Landon\AppData\Local\{7326CE9D-C0D2-433A-8A57-B7934EA13EC8}\
uninstall cmd: MsiExec.exe /I{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}
publisher: Pando Networks Inc.

Acer Empowering Technology 2.5.4006 ({AB6097D9-D722-4987-BD9E-A076E2848EE2})
version: 33886118
install date: 20070725
install location: C:\Acer\Empowering Technology
install source: c:\AcerSW\eFrame\setup.exe
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x9 -removeonly
publisher: Acer Inc.

Adobe Reader 8.1.3 8.1.3 ({AC76BA86-7AD7-1033-7B44-A81300000003})
version: 134283267
version (major): 8
version (minor): 1
estimated size: 87112
install date: 20090228
install source: C:\Users\Landon\AppData\Local\Adobe\Updater5\Install\reader8rdr-en_US\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
publisher: Adobe Systems Incorporated
comments:
contact: Customer Support
help link: http://www.adobe.com/support/main.html
readme: C:\Program Files\Adobe\Reader 8.0\Reader\Readme.htm

Acer eDataSecurity Management 2.5.4241 ({AEEAE013-92F1-4515-B278-139F1A692A36})
version: 33886353
version (major): 2
version (minor): 5
estimated size: 30696
install date: 20070725
install location: C:\Acer\Empowering Technology\eDataSecurity\
install source: C:\Users\ADMINI~1\AppData\Local\Temp\_isADAC\
uninstall cmd: C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL
publisher: HiTRUST Inc.
comments: Power by egis , PowerSaving Version
help link: http://www.hiegis.com/acer.jsp

Apple Mobile Device Support 2.4.1.7 ({AFA20D47-69C3-4030-8DF8-D37466E70F13})
version: 33816577
version (major): 2
version (minor): 4
estimated size: 39272
install date: 20090505
install location: C:\Program Files\Common Files\Apple\Mobile Device Support\
install source: C:\Users\Landon\AppData\Local\Apple\Apple Software Update\
uninstall cmd: MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

3.0.1729 ({B145EC69-66F5-11D8-9D75-000129760D75})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall
publisher: CyberLink Corporation

Spybot - Search & Destroy 1.6.2 ({B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1)
install date: 20090216
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited
help link: http://www.safer-networking.org/index.php?page=support

PowerProducer 3.72 074117(3.7)_Vista_Acer ({B7A0CE06-068E-11D6-97FD-0050BACBF861})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.EXE" -uninstall
publisher: CyberLink Corporation

2.0.1910 ({B804C424-B66D-447A-84BD-C6B88C392C3A})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
publisher: CyberLink Corporation

Acer ePresentation Management 2.5.4002 ({BF839132-BD43-4056-ACBF-4377F4A88E2A})
version: 33886114
install date: 20070725
install location: C:\Acer\Empowering Technology\ePresentation
install source: c:\AcerSW\ePresent\Setup.EXE
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x9 -removeonly
publisher: Acer Inc.

MSXML 4.0 SP2 (KB936181) 4.20.9848.0 ({C04E32E0-0416-434D-AFB9-6969D703A9EF})
version: 68429432
version (major): 4
version (minor): 20
estimated size: 1296
install date: 20080327
install source: d:\cb9c90b7f8fdecba188e26b9\
uninstall cmd: MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/936181

Acer eNet Management 2.6.4007 ({C06554A1-2C1E-4D20-B613-EE62C79927CC})
version: 33951655
install date: 20070725
install location: C:\Acer\Empowering Technology\eNet
install source: C:\AcerSW\eNet\Setup.EXE
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x9 -removeonly
publisher: Acer Inc.

MSXML 4.0 SP2 (KB941833) 4.20.9849.0 ({C523D256-313D-4866-B36A-F3DE528246EF})
version: 68429433
version (major): 4
version (minor): 20
estimated size: 1296
install date: 20080329
install source: d:\1a77b6ab59b6d599c3893d\
uninstall cmd: MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/941833

LightScribe 1.4.142.1 1.4.142.1 ({CE386A4E-D0DA-4208-8235-BCE43275C694})
version: 17039502
version (major): 1
version (minor): 4
estimated size: 4320
install date: 20070725
install location: C:\Program Files\Common Files\LightScribe\
install source: C:\Windows\system32\
publisher: http://www.lightscribe.com
comments: LightScribe
contact: LightScribe
help link: http://www.lightscribe.com
help telephone: 1-000-000-0000

Acer eSettings Management 2.5.4008 ({CE65A9A0-9686-45C6-9098-3C9543A412F0})
version: 33886120
install date: 20070725
install location: C:\Acer\Empowering Technology\eSettings
install source: C:\AcerSW\eSetting\Setup.exe
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0x9 -removeonly
publisher: Acer Inc.

Microsoft SharedView 8.0.3730.0 ({E6DE9A54-8514-446E-9D11-530DC599C355})
version: 134221458
version (major): 8
estimated size: 7938
install date: 20080412
install source: C:\Users\Landon\Desktop\
uninstall cmd: MsiExec.exe /I{E6DE9A54-8514-446E-9D11-530DC599C355}
publisher: Microsoft Corporation
help link: http://r.office.microsoft.com/r/rlidSV?clid=1033&p1=1&p2=H_HHT_S2

Pinnacle Instant DVD Recorder ({EF781A5C-58F5-4BFD-87F9-E4F14D382F25})

Acer Arcade Deluxe 1.12.4324 ({EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\setup.exe" -uninstall
publisher: CyberLink Corporation

Realtek High Definition Audio Driver 6.0.1.5443 ({F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC})
version: 35913728
install date: 20070725
install location: C:\Program Files\Realtek\InstallShield\
install source: C:\DRV0\Audio\
uninstall cmd: RtlUpd.exe -r -m
publisher: Realtek Semiconductor Corp.

1.2.1730 ({F79A208D-D929-11D9-9D77-000129760D75})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall
publisher: CyberLink Corporation

Hoyle Puzzle and Board Games 1.0.0 ({F8024EB8-5B34-46FE-B15D-20ACF26FC20E})
version: 16777216
version (major): 1
estimated size: 868416
install date: 20080623
install location: C:\Program Files\Encore\
install source: E:\
uninstall cmd: MsiExec.exe /X{F8024EB8-5B34-46FE-B15D-20ACF26FC20E}
publisher: Encore

Sansa Media Converter 1.0-B4.256 ({FC053571-8507-44E4-8B6D-AACEAB8CA57C})
version (major): 1
install location: C:\Program Files\SanDisk\Sansa Media Converter 2
uninstall cmd: "C:\Program Files\InstallShield Installation Information\{FC053571-8507-44E4-8B6D-AACEAB8CA57C}\setup.exe" --u:{FC053571-8507-44E4-8B6D-AACEAB8CA57C}
contact: support@intervideo.com
help link: http://www.intervideo.com/jsp/Support.jsp



--- System Services ---
Service (registry key): .NET CLR Data
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET CLR Networking
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for Oracle
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for SqlServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NETFramework
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ACDaemon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ArcSoft Connect Daemon
Object name: LocalSystem
Image path: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
Image size: 109056
Image MD5: 769DB4F484957CC98153B3C1B5D1162F
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0

Service (registry key): ACPI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft ACPI Driver
Image path: system32\drivers\acpi.sys
Image size: 266808
Image MD5: FCB8C7210F0135E24C6580F7F649C73C
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): adp94xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\adp94xx.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpahci
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\adpahci.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu160m
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\adpu160m.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu320
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\adpu320.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): adsi
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): AeLookupSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\aelupsvc.dll,-1
Description: @%SystemRoot%\system32\aelupsvc.dll,-2
Object name: localSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): Afc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PPdus ASPI Shell
Image path: system32\drivers\Afc.sys
Image size: 18688
Image MD5: FE3EA6E9AFC1A78E6EDCA121E006AFB7
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): AFD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Ancilliary Function Driver for Winsock
Description: Ancilliary Function Driver for Winsock
Image path: \SystemRoot\system32\drivers\afd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): agp440
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel AGP Bus Filter
Image path: \SystemRoot\system32\drivers\agp440.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): aic78xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\djsvs.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ALaunchService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ALaunch Service
Description: Acer ALaunch Service
Object name: LocalSystem
Image path: C:\Acer\ALaunch\ALaunchSvc.exe
Image size: 50688
Image MD5: 3845B6555DE995F6C0C07AE2ABCC0532
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 0

Service (registry key): ALG
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\Alg.exe,-112
Description: @%SystemRoot%\system32\Alg.exe,-113
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 59392
Image MD5: A1545B731579895D8CC44FC0481C1192
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): aliide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\aliide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): amdagp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AMD AGP Bus Filter Driver
Image path: \SystemRoot\system32\drivers\amdagp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): amdide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\amdide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): AmdK7
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AMD K7 Processor Driver
Image path: \SystemRoot\system32\drivers\amdk7.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): AmdK8
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AMD K8 Processor Driver
Image path: \SystemRoot\system32\drivers\amdk8.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ApfiltrService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Alps Pointing-device Filter Driver
Image path: system32\DRIVERS\Apfiltr.sys
Image size: 154624
Image MD5: DB8EA68E5864ADF61B73516788659E71
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): APL531
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: OVT Scanner
Image path: System32\Drivers\ov550i.sys
Image size: 580992
Image MD5: 1FC8A7E5C3AED31F00940C6AB2FD9B49
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Appinfo
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\appinfo.dll,-100
Description: @%systemroot%\system32\appinfo.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,ProfSvc

Service (registry key): Apple Mobile Device
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Apple Mobile Device
Description: Provides the interface to Apple mobile devices.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
Image size: 132424
Image MD5: 367592EFCA7FF8B4CE11AB6B0744E1E2
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: Tcpip

Service (registry key): AppMgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): arc
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\arc.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): arcsas
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\arcsas.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): AsyncMac
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: RAS Asynchronous Media Driver
Description: RAS Asynchronous Media Driver
Image path: system32\DRIVERS\asyncmac.sys
Image size: 17408
Image MD5: 53B202ABEE6455406254444303E87BE1
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): atapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IDE Channel
Image path: system32\drivers\atapi.sys
Image size: 21560
Image MD5: 2D9C903DC76A66813D350A562DE40ED9
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): athr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Atheros Extensible Wireless LAN device driver
Image path: system32\DRIVERS\athr.sys
Image size: 952832
Image MD5: ACDB46B1A467752A2F280C68C8461556
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): AudioEndpointBuilder
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\audiosrv.dll,-204
Description: @%SystemRoot%\System32\audiosrv.dll,-205
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay

Service (registry key): Audiosrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\audiosrv.dll,-200
Description: @%SystemRoot%\System32\audiosrv.dll,-201
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: AudioEndpointBuilder,RpcSs,MMCSS

Service (registry key): b57nd60x
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0
Image path: system32\DRIVERS\b57nd60x.sys
Image size: 179712
Image MD5: C7EA0E3E37FF1CD2BB65636448322572
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BattC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Beep
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Beep
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): BFE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\bfe.dll,-1001
Description: @%SystemRoot%\system32\bfe.dll,-1002
Object name: NT AUTHORITY\LocalService
Image path: %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): BITS
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): blbdrive
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\blbdrive.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Bonjour Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bonjour Service
Description: Bonjour allows applications like iTunes and Safari to advertise and discover services on the local network. Having Bonjour running enables you to connect to hardware devices like Apple TV and software services like iTunes sharing and AirTunes. If you disable Bonjour, any network service that explicitly depends on it will fail to start.
Object name: LocalSystem
Image path: "C:\Program Files\Bonjour\mDNSResponder.exe"
Image size: 238888
Image MD5: 3F56903E124E820AEECE6D471583C6C1
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: Tcpip

Service (registry key): bowser
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bowser
Description: Implements the datagram receiver for the computer browser browser service.
Image path: system32\DRIVERS\bowser.sys
Image size: 69632
Image MD5: 74B442B2BE1260B7588C136177CEAC66
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): BrFiltLo
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother USB Mass-Storage Lower Filter Driver
Image path: \SystemRoot\system32\drivers\brfiltlo.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BrFiltUp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother USB Mass-Storage Upper Filter Driver
Image path: \SystemRoot\system32\drivers\brfiltup.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Browser
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Brserid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother MFC Serial Port Interface Driver (WDM)
Image path: \SystemRoot\system32\drivers\brserid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): BrSerWdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother WDM Serial driver
Image path: \SystemRoot\system32\drivers\brserwdm.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): BrUsbMdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother MFC USB Fax Only Modem
Image path: \SystemRoot\system32\drivers\brusbmdm.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): BrUsbSer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother MFC USB Serial WDM Driver
Image path: \SystemRoot\system32\drivers\brusbser.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BTHMODEM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth Serial Communications Driver
Image path: \SystemRoot\system32\drivers\bthmodem.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): catchme
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \??\C:\Users\Landon\AppData\Local\Temp\catchme.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): cdfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD/DVD File System Reader
Description: ISO9660/Joliet File System Reader for CD/DVDs. (Core) (All pieces)
Image path: system32\DRIVERS\cdfs.sys
Image size: 70144
Image MD5: 7ADD03E75BEB9E6DD102C3081D29840A
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"

Service (registry key): cdrom
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD-ROM Driver
Image path: system32\DRIVERS\cdrom.sys
Image size: 67072
Image MD5: 1EC25CEA0DE6AC4718BF89F9E1778B57
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): CertPropSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\certprop.dll,-11
Description: @%SystemRoot%\System32\certprop.dll,-12
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): circlass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Consumer IR Devices
Image path: \SystemRoot\system32\drivers\circlass.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): CLFS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Common Log (CLFS)
Description: Common Log (CLFS)
Image path: System32\CLFS.sys
Image size: 247352
Image MD5: 465745561C832B29F7C48B488AAB3842
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): clr_optimization_v2.0.50727_32
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft .NET Framework NGEN v2.0.50727_X86
Description: Microsoft .NET Framework NGEN
Object name: LocalSystem
Image path: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Image size: 70144
Image MD5: A4AF4201BD519971F8F34724F3CA9DBB
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0

Service (registry key): CLTNetCnService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Lic NetConnect service
Description: Symantec Lic NetConnect Service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0

Service (registry key): CmBatt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft ACPI Control Method Battery Driver
Image path: system32\DRIVERS\CmBatt.sys
Image size: 14208
Image MD5: 99AFC3795B58CC478FBBBCDC658FCB56
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): cmdide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\cmdide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): Compbatt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Composite Battery Driver
Image path: system32\DRIVERS\compbatt.sys
Image size: 20792
Image MD5: 6AFEF0B60FA25DE07C0968983EE4F60A
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): COMSysApp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @comres.dll,-947
Description: @comres.dll,-948
Object name: LocalSystem
Image path: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Image size: 7168
Image MD5: BE01E566D1F569AAB32D0335613E1EEA
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RpcSs,EventSystem,SENS

Service (registry key): crcdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Crcdisk Filter Driver
Image path: system32\drivers\crcdisk.sys
Image size: 22632
Image MD5: 2A213AE086BBEC5E937553C7D9A2B22C
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): Crusoe
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Transmeta Crusoe Processor Driver
Image path: \SystemRoot\system32\drivers\crusoe.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): crypt32
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): CSC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): DCamUSBEMPIA
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Dazzle DVC Video Device
Image path: system32\DRIVERS\emDevice.sys
Image size: 100957
Image MD5: 5118EA8A2F55FA4D4295516500B78229
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): DCLocator
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): DcomLaunch
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @oleres.dll,-5012
Description: @oleres.dll,-5013
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k DcomLaunch
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): DfsC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\drivers\dfsc.sys,-101
Description: @%systemroot%\system32\drivers\dfsc.sys,-102
Image path: System32\Drivers\dfsc.sys
Image size: 75264
Image MD5: 9E635AE5E8AD93E2B5989E2E23679F97
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Depends On services: Mup

Service (registry key): DFSR
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @dfsrres.dll,-101
Description: @dfsrres.dll,-102
Object name: LocalSystem
Image path: %SystemRoot%\system32\DFSR.exe
Image size: 2091520
Image MD5: FA3463F25F9CC9C3BCF1E7912FEFF099
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RpcSs,EventSystem

Service (registry key): Dhcp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\dhcpcsvc.dll,-100
Description: @%SystemRoot%\system32\dhcpcsvc.dll,-101
Object name: NT Authority\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: NSI,Tdx,Afd

Service (registry key): disk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Disk Driver
Image path: system32\drivers\disk.sys
Image size: 55352
Image MD5: 64109E623ABD6955C8FB110B592E68B7
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): DKbFltr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Dritek Keyboard Filter Driver
Image path: system32\DRIVERS\DKbFltr.sys
Image size: 21264
Image MD5: 73BAF270D24FE726B9CD7F80BB17A23D
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): Dnscache
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\dnsapi.dll,-101
Description: @%SystemRoot%\System32\dnsapi.dll,-102
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Tdx

Service (registry key): dot3svc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\dot3svc.dll,-1102
Description: @%systemroot%\system32\dot3svc.dll,-1103
Object name: localSystem
Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,Ndisuio,Eaphost

Service (registry key): DPS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\dps.dll,-500
Description: @%systemroot%\system32\dps.dll,-501
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): DritekPortIO
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Dritek General Port I/O
Image path: \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): drmkaud
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel DRM Audio Descrambler
Image path: system32\drivers\drmkaud.sys
Image size: 5632
Image MD5: 97FEF831AB90BEE128C9AF390E243F80
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): DXGKrnl
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: LDDM Graphics Subsystem
Description: Controls the underlying video driver stacks to provide fully-featured display capabilities.
Image path: \SystemRoot\System32\drivers\dxgkrnl.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): E1G60
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) PRO/1000 NDIS 6 Adapter Driver
Image path: system32\DRIVERS\E1G60I32.sys
Image size: 117760
Image MD5: F88FB26547FD2CE6D0A5AF2985892C48
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): EapHost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\eapsvc.dll,-1
Description: @%systemroot%\system32\eapsvc.dll,-2
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS,KeyIso

Service (registry key): Ecache
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ReadyBoost Caching Driver
Description: ReadyBoost Caching Driver
Image path: System32\drivers\ecache.sys
Image size: 143416
Image MD5: DD2CD259D83D8B72C02C5F2331FF9D68
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): eDataSecurity Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: eDataSecurity Service
Description: eDataSecurity Service
Object name: LocalSystem
Image path: "C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe"
Image size: 457512
Image MD5: F54907AA07F60AFF81E1E09E97AF98B0
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): ehRecvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\ehome\ehrecvr.exe,-101
Description: @%SystemRoot%\ehome\ehrecvr.exe,-102
Object name: NT AUTHORITY\networkService
Image path: %systemroot%\ehome\ehRecvr.exe
Image size: 292352
Image MD5: 9BE3744D295A7701EB425332014F0797
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Depends On services: RPCSS

Service (registry key): ehSched
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\ehome\ehsched.exe,-101
Description: @%SystemRoot%\ehome\ehsched.exe,-102
Object name: NT AUTHORITY\networkService
Image path: %systemroot%\ehome\ehsched.exe
Image size: 131072
Image MD5: AD1870C8E5D6DD340C829E6074BF3C3F
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Depends On services: RPCSS

Service (registry key): ehstart
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\ehome\ehstart.dll,-101
Description: @%SystemRoot%\ehome\ehstart.dll,-102
Object name: NT AUTHORITY\LocalService
Image path: %windir%\system32\svchost.exe -k LocalServiceNoNetwork
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS

Service (registry key): eLockService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: eLock Service
Description: Acer eLock Management Service
Object name: LocalSystem
Image path: C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
Image size: 24576
Image MD5: FB5383BFD4DEC6792AAEF76C9343ECFF
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): elxstor
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\elxstor.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): emAudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Dazzle DVC Audio Device
Image path: system32\drivers\emAudio.sys
Image size: 19712
Image MD5: FFA45148A2D5D05DBB3C0997E579FC9C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): EmdCache
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): EMDMgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ReadyBoost
Description: @%SystemRoot%\system32\emdmgmt.dll,-1001
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: rpcss,ecache,slsvc,fileinfo

Service (registry key): eNet Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: eNet Service
Description: Acer eNet Management Service
Object name: LocalSystem
Image path: C:\Acer\Empowering Technology\eNet\eNet Service.exe
Image size: 135168
Image MD5: 9316C26F089CF2CEA2BD1496AC9F38A4
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1

Service (registry key): eRecoveryService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: eRecovery Service
Description: Acer eRecovery Management
Object name: LocalSystem
Image path: C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
Image size: 53248
Image MD5: 3D184410EF5EE017E186AC96181B3FF8
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: winmgmt

Service (registry key): ESENT
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): eSettingsService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: eSettings Service
Description: Acer eSettings Management Service
Object name: LocalSystem
Image path: C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
Image size: 24576
Image MD5: CF2584CDF90DA24D3044021AAAD5DBAB
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: int15,winmgmt

Service (registry key): Eventlog
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\wevtsvc.dll,-200
Description: @%SystemRoot%\system32\wevtsvc.dll,-201
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): EventSystem
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @comres.dll,-2450
Description: @comres.dll,-2451
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: rpcss

Service (registry key): exfat
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: exFAT File System Driver
Description: exFAT File System Driver
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): fastfat
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: FAT12/16/32 File System Driver
Description: Note - dependance on CDROM.SYS only if required to read/write DVD-RAM media (which appears as CD class device). (Core) (All pieces)
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): fdc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Floppy Disk Controller Driver
Image path: system32\DRIVERS\fdc.sys
Image size: 25088
Image MD5: 63BDADA84951B9C03E641800E176898A
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): fdPHost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\fdPHost.dll,-100
Description: @%systemroot%\system32\fdPHost.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,http

Service (registry key): FDResPub
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\fdrespub.dll,-100
Description: @%systemroot%\system32\fdrespub.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,http

Service (registry key): FileInfo
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: File Information FS MiniFilter
Description: Collects information about files in memory to be consumed by other system services.
Image path: system32\drivers\fileinfo.sys
Image size: 58936
Image MD5: A8C0139A884861E3AAE9CFE73B208A9F
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1
Depends On services: fltmgr

Service (registry key): Filetrace
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: FileTrace
Description: ETW File Trace Filter
Image path: system32\drivers\filetrace.sys
Image size: 27648
Image MD5: 0AE429A696AECBC5970E3CF2C62635AE
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: FltMgr

Service (registry key): FiltUSBEMPIA
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB Device Lower Filter
Image path: system32\DRIVERS\emFilter.sys
Image size: 5245
Image MD5: 6F87E4706F59463B74BC4FAD0F67338F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): flpydisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Floppy Disk Driver
Image path: system32\DRIVERS\flpydisk.sys
Image size: 20480
Image MD5: 6603957EFF5EC62D25075EA8AC27DE68
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): FltMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: FltMgr
Description: File System Filter Manager Driver
Image path: system32\drivers\fltmgr.sys
Image size: 192056
Image MD5: 05EA53AFE985443011E36DAB07343B46
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 3

Service (registry key): FontCache3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\PresentationHost.exe,-3309
Description: @%SystemRoot%\system32\PresentationHost.exe,-3310
Object name: NT Authority\LocalService
Image path: %systemroot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
Image size: 36864
Image MD5: 993883524AA9CF1C90E1545411A9AC9C
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): Fs_Rec
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 8
Error Control: 0

Service (registry key): gagp30kx
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms
Image path: \SystemRoot\system32\drivers\gagp30kx.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): GEARAspiWDM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: GEAR ASPI Filter Driver
Image path: System32\Drivers\GEARAspiWDM.sys
Image size: 23400
Image MD5: F2F431D1573EE632975C524418655B84
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): gpsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @gpapi.dll,-112
Description: @gpapi.dll,-113
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,Mup

Service (registry key): HdAudAddService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft 1.1 UAA Function Driver for High Definition Audio Service
Image path: system32\drivers\HdAudio.sys
Image size: 235520
Image MD5: CB04C744BE0A61B1D648FAED182C3B59
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): HDAudBus
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft UAA Bus Driver for High Definition Audio
Image path: system32\DRIVERS\HDAudBus.sys
Image size: 53760
Image MD5: C87B1EE051C0464491C1A7B03FA0BC99
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): HidBth
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Bluetooth HID Miniport
Image path: \SystemRoot\system32\drivers\hidbth.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0

Service (registry key): HidIr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Infrared HID Driver
Image path: \SystemRoot\system32\drivers\hidir.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0

Service (registry key): hidserv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\hidserv.dll,-101
Description: @%SystemRoot%\System32\hidserv.dll,-102
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): HidUsb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft HID Class Driver
Image path: system32\DRIVERS\hidusb.sys
Image size: 12288
Image MD5: 854CA287AB7FAF949617A788306D967E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): hkmsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\kmsvc.dll,-6
Description: @%SystemRoot%\system32\kmsvc.dll,-7
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): HpCISSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\hpcisss.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): HSFHWAZL
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\VSTAZL3.SYS
Image size: 200704
Image MD5: 46D67209550973257601A533E2AC5785
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): HSF_DPV
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\HSX_DPV.sys
Image size: 984064
Image MD5: 3F53B4AF98F8FD83B7F0B8B65D2D90A7
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): HSXHWAZL
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\HSXHWAZL.sys
Image size: 208384
Image MD5: 194BC52FC0F53E540FAF9DE8A9C05255
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): HTTP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: HTTP
Description: This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start.
Image path: system32\drivers\HTTP.sys
Image size: 401408
Image MD5: 406C027C18E98A396FAA1963DAD5FF70
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): i2omp
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\i2omp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): i8042prt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: i8042 Keyboard and PS/2 Mouse Port Driver
Image path: system32\DRIVERS\i8042prt.sys
Image size: 54784
Image MD5: 22D56C8184586B7A1F6FA60BE5F5A2BD
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): ialm
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): iaStor
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel AHCI Controller
Image path: \SystemRoot\system32\drivers\iastor.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): iaStorV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel RAID Controller Vista
Image path: system32\drivers\iastorv.sys
Image size: 232040
Image MD5: C957BF4B5D80B46C5017BF0101E6C906
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): idsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193
Description: @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8192
Object name: LocalSystem
Image path: "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
Image size: 864256
Image MD5: E7CC3AEAED9893A88876744CD439F76C
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): igfx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\igdkmd32.sys
Image size: 2302976
Image MD5: 9378D57E2B96C0A185D844770AD49948
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): iirsp
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\iirsp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

landon42
2009-06-24, 18:28
Service (registry key): IKEEXT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\ikeext.dll,-501
Description: @%SystemRoot%\system32\ikeext.dll,-502
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: BFE

Service (registry key): inetaccs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): int15
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: int15
Description: Acer int15 service
Image path: \??\C:\Acer\Empowering Technology\eRecovery\int15.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1

Service (registry key): IntcAzAudAddService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Service for Realtek HD Audio (WDM)
Image path: system32\drivers\RTKVHDA.sys
Image size: 1792792
Image MD5: 90A10B39896040B3154613C11C932AEB
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): intelide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\intelide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): intelppm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel Processor Driver
Image path: system32\DRIVERS\intelppm.sys
Image size: 41472
Image MD5: 224191001E78C89DFA78924C3EA595FF
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): IPBusEnum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\IPBusEnum.dll,-102
Description: @%systemroot%\system32\IPBusEnum.dll,-103
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,fdPHost

Service (registry key): IpFilterDriver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\rascfg.dll,-32013
Description: @%systemroot%\system32\rascfg.dll,-32013
Image path: system32\DRIVERS\ipfltdrv.sys
Image size: 47616
Image MD5: 62C265C38769B864CB25B4BCF62DF6C3
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): iphlpsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\iphlpsvc.dll,-200
Description: @%SystemRoot%\system32\iphlpsvc.dll,-201
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k NetSvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSS,Tdx,winmgmt,tcpip,nsi

Service (registry key): IpInIp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP in IP Tunnel Driver
Description: IP in IP Tunnel Driver
Image path: system32\DRIVERS\ipinip.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IPMIDRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\ipmidrv.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): IPNAT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IP Network Address Translator
Description: IP Network Address Translator
Image path: system32\DRIVERS\ipnat.sys
Image size: 100864
Image MD5: 8793643A67B42CEC66490B2A0CF92D68
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): iPod Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: iPod Service
Description: iPod hardware management services
Object name: LocalSystem
Image path: "C:\Program Files\iPod\bin\iPodService.exe"
Image size: 656168
Image MD5: F055C1760ABFA52B159985E551EA0EDC
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RpcSs

Service (registry key): IRENUM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IR Bus Enumerator
Description: IR Bus Enumerator
Image path: system32\drivers\irenum.sys
Image size: 13312
Image MD5: 109C0DFB82C3632FBD11949B73AEEAC9
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): isapnp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PnP ISA/EISA Bus Driver
Image path: \SystemRoot\system32\drivers\isapnp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): iScsiPrt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: iScsiPort Driver
Image path: system32\DRIVERS\msiscsi.sys
Image size: 181304
Image MD5: F247EEC28317F6C739C16DE420097301
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): iteatapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ITEATAPI_Service_Install
Image path: \SystemRoot\system32\drivers\iteatapi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): iteraid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ITERAID_Service_Install
Image path: \SystemRoot\system32\drivers\iteraid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): kbdclass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Keyboard Class Driver
Image path: system32\DRIVERS\kbdclass.sys
Image size: 35384
Image MD5: 37605E0A8CF00CBBA538E753E4344C6E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): kbdhid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Keyboard HID Driver
Image path: \SystemRoot\system32\drivers\kbdhid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0

Service (registry key): KeyIso
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @keyiso.dll,-100
Description: @keyiso.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 9728
Image MD5: DCF733788C7D088D814E5F80EB4B3E0F
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): KSecDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\Drivers\ksecdd.sys
Image size: 441400
Image MD5: 5367DC846CAE9639B899BFD13B97A8C9
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): KtmRm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @comres.dll,-2946
Description: @comres.dll,-2947
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\System32\svchost.exe -k NetworkService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,SamSS

Service (registry key): LanmanServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\srvsvc.dll,-100
Description: @%systemroot%\system32\srvsvc.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: SamSS,Srv

Service (registry key): LanmanWorkstation
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\wkssvc.dll,-100
Description: @%systemroot%\system32\wkssvc.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Bowser,MRxSmb10,MRxSmb20,NSI

Service (registry key): ldap
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): LightScribeService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: LightScribeService Direct Disc Labeling Service
Description: Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
Image size: 61440
Image MD5: 793FF718477345CD5D232C50BED1E452
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0

Service (registry key): lltdio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Link-Layer Topology Discovery Mapper I/O Driver
Image path: system32\DRIVERS\lltdio.sys
Image size: 47104
Image MD5: D1C5883087A0C3F1344D9D55A44901F6
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1

Service (registry key): lltdsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\lltdres.dll,-1
Description: @%SystemRoot%\system32\lltdres.dll,-2
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: rpcss,lltdio

Service (registry key): lmhosts
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\lmhsvc.dll,-101
Description: @%SystemRoot%\system32\lmhsvc.dll,-102
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: NetBT,Afd

Service (registry key): Lsa
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): LSI_FC
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\lsi_fc.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): LSI_SAS
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\lsi_sas.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): LSI_SCSI
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\lsi_scsi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): luafv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: UAC File Virtualization
Description: Virtualizes file write failures to per-user locations.
Image path: \SystemRoot\system32\drivers\luafv.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 2
Error Control: 1
Depends On services: FltMgr

Service (registry key): MarvinBus
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Pinnacle Marvin Bus
Image path: system32\DRIVERS\MarvinBus.sys
Image size: 171008
Image MD5: 269C14D512B74CC28D2812FF7D1EB066
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): mcmscsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: McAfee Services
Description: McAfee Protection Manager
Object name: LocalSystem
Image path: C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
Image size: 767976
Image MD5: CB3A8976DE2F65349322DA7627CEA223
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): McNASvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: McAfee Network Agent
Description: Allows McAfee applications to communicate securely on the local network.
Object name: LocalSystem
Image path: "c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe"
Image size: 2458128
Image MD5: C69E71E00B30B60556D3E096699BD423
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): McODS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: McAfee Scanner
Description: Scans specified locations on this computer for viruses and other threats. The service runs for scheduled scans and manual scans.
Object name: LocalSystem
Image path: C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
Image size: 378184
Image MD5: 21456F3051CBEFD1F2D60D8B9AB9C6EE
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): McProxy
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: McAfee Proxy Service
Description: McAfee Proxy Service
Object name: LocalSystem
Image path: c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
Image size: 359248
Image MD5: 8CF3DA0BE6094C34D7C4A85493E60547
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): McShield
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: McAfee Real-time Scanner
Description: Scans files for viruses and other threats when they are accessed by this computer.
Object name: LocalSystem
Image path: C:\Program Files\McAfee\VirusScan\McShield.exe
Image size: 144704
Image MD5: 33734ABFA52EC8D096A1254D645E9B4F
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): McSysmon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: McAfee SystemGuards
Description: Monitors potentially unauthorized changes to this computer.
Object name: LocalSystem
Image path: C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
Image size: 695624
Image MD5: FD47DF2BCC3544DF65B01AD6B6062430
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): Mcx2Svc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\ehome\ehres.dll,-15501
Description: @%SystemRoot%\ehome\ehres.dll,-15502
Object name: NT Authority\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: SSDPSRV,IPBusEnum,TermService,fdphost

Service (registry key): mdmxsdk
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\mdmxsdk.sys
Image size: 12672
Image MD5: 0CEA2D0D3FA284B85ED5B68365114F76
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0

Service (registry key): megasas
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\megasas.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): mfeavfk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: McAfee Inc. mfeavfk
Image path: system32\drivers\mfeavfk.sys
Image size: 79304
Image MD5: C97CBFD71C1C215150A3B3E55F77A7A3
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): mfebopk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: McAfee Inc. mfebopk
Image path: system32\drivers\mfebopk.sys
Image size: 35240
Image MD5: 5447338B83A1A2354FB2FEA7604387FD
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): mfehidk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: McAfee Inc. mfehidk
Image path: system32\drivers\mfehidk.sys
Image size: 201320
Image MD5: 6C9A6ED60B8FC3BAF72FE1B1D096445B
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): mferkdk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: McAfee Inc. mferkdk
Image path: system32\drivers\mferkdk.sys
Image size: 33832
Image MD5: A551154B51D6A93FCCF70FC4E8EAF4BD
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): mfesmfk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: McAfee Inc. mfesmfk
Image path: system32\drivers\mfesmfk.sys
Image size: 40488
Image MD5: 299A86B780C9627AAA24E74292363ED2
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MMCSS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\mmcss.dll,-100
Description: @%systemroot%\system32\mmcss.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): MobilityService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MobilityService
Object name: LocalSystem
Image path: C:\Acer\Mobility Center\MobilityService.exe -p
Image size: 107008
Image MD5: 842684E0DF20A59E293DA1C6F0DFE261
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1

Service (registry key): Modem
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\drivers\modem.sys
Image size: 31744
Image MD5: E13B5EA0F51BA5B1512EC671393D09BA
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): monitor
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Monitor Class Function Driver Service
Image path: system32\DRIVERS\monitor.sys
Image size: 41984
Image MD5: 0A9BB33B56E294F686ABB7C1E4E2D8A8
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): mouclass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mouse Class Driver
Image path: system32\DRIVERS\mouclass.sys
Image size: 34360
Image MD5: 5BF6A1326A335C5298477754A506D263
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): mouhid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mouse HID Driver
Image path: system32\DRIVERS\mouhid.sys
Image size: 15872
Image MD5: 93B8D4869E12CFBE663915502900876F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): MountMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mount Point Manager
Description: Driver responsible with maintaining persistent drive letters and names for volumes
Image path: System32\drivers\mountmgr.sys
Image size: 57400
Image MD5: BDAFC88AA6B92F7842416EA6A48E1600
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): MPFP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: MPFP
Image path: System32\Drivers\Mpfp.sys
Image size: 125728
Image MD5: 96CF5286BC370B558735A7B891232D92
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: TcpIp

Service (registry key): MpfService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: McAfee Personal Firewall Service
Description: MpfService
Object name: LocalSystem
Image path: "C:\Program Files\McAfee\MPF\MPFSrv.exe"
Image size: 856864
Image MD5: 346F30F1FF73553AA466F4AE7948DA00
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): mpio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Multi-Path Bus Driver
Image path: \SystemRoot\system32\drivers\mpio.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): mpsdrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\FirewallAPI.dll,-23092
Description: @%SystemRoot%\system32\FirewallAPI.dll,-23093
Image path: System32\drivers\mpsdrv.sys
Image size: 64000
Image MD5: 22241FEBA9B2DEFA669C8CB0A8DD7D2E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MpsSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\FirewallAPI.dll,-23090
Description: @%SystemRoot%\system32\FirewallAPI.dll,-23091
Object name: NT Authority\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: mpsdrv,bfe

Service (registry key): Mraid35x
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\mraid35x.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): MRxDAV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WebDav Client Redirector Driver
Description: WebDav Client Redirector Driver
Image path: \SystemRoot\system32\drivers\mrxdav.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: rdbss

Service (registry key): mrxsmb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SMB MiniRedirector Wrapper and Engine
Description: Implements the framework for the SMB filesystem redirector
Image path: system32\DRIVERS\mrxsmb.sys
Image size: 105472
Image MD5: C4AD205530888404E2B5FC8D9319B119
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: rdbss

Service (registry key): mrxsmb10
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SMB 1.x MiniRedirector
Description: Implements the SMB 1.x (CIFS) protocol. This protocol provides connectivity to network resources on pre-Windows Vista servers
Image path: system32\DRIVERS\mrxsmb10.sys
Image size: 212480
Image MD5: 0A986B34F1678A2697574D7B1664E2DD
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: mrxsmb

Service (registry key): mrxsmb20
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SMB 2.0 MiniRedirector
Description: Implements the SMB 2.0 protocol, which provides connectivity to network resources on Windows Vista and later servers
Image path: system32\DRIVERS\mrxsmb20.sys
Image size: 78848
Image MD5: 3268B8C3FA92BFC086355C39B45E9CC9
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: mrxsmb

Service (registry key): msahci
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\msahci.sys
Image size: 28728
Image MD5: 28023E86F17001F7CD9B15A5BC9AE07D
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): msdsm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Multi-Path Device Specific Module
Image path: \SystemRoot\system32\drivers\msdsm.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): MSDTC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @comres.dll,-2797
Description: @comres.dll,-2798
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\System32\msdtc.exe
Image size: 105984
Image MD5: FD7520CC3A80C5FC8C48852BB24C6DED
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS,SamSS

Service (registry key): MSDTC Bridge 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Msfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): msisadrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ISA/EISA Class Driver
Image path: system32\drivers\msisadrv.sys
Image size: 16440
Image MD5: 0F400E306F385C56317357D6DEA56F62
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): MSiSCSI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\iscsidsc.dll,-5000
Description: @%SystemRoot%\system32\iscsidsc.dll,-5001
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): msiserver
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\msimsg.dll,-27
Description: @%SystemRoot%\system32\msimsg.dll,-32
Object name: LocalSystem
Image path: %systemroot%\system32\msiexec.exe /V
Image size: 71680
Image MD5: A1716D02EB4DE411E0CEC7CF2C165F5A
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: rpcss

Service (registry key): MSKSSRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Service Proxy
Image path: system32\drivers\MSKSSRV.sys
Image size: 8192
Image MD5: D8C63D34D9C9E56C059E24EC7185CC07
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPCLOCK
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Clock Proxy
Image path: system32\drivers\MSPCLOCK.sys
Image size: 5888
Image MD5: 1D373C90D62DDB641D50E55B9E78D65E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPQM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Quality Manager Proxy
Image path: system32\drivers\MSPQM.sys
Image size: 5504
Image MD5: B572DA05BF4E098D4BBA3A4734FB505B
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MsRPC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSSCNTRS
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): mssmbios
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft System Management BIOS Driver
Image path: system32\DRIVERS\mssmbios.sys
Image size: 31288
Image MD5: E384487CB84BE41D09711C30CA79646C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSTEE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Streaming Tee/Sink-to-Sink Converter
Image path: system32\drivers\MSTEE.sys
Image size: 6016
Image MD5: 7199C1EEC1E4993CAF96B8C0A26BD58A
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Mup
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Mup
Description: Multiple UNC Provider
Image path: System32\Drivers\mup.sys
Image size: 49720
Image MD5: 6DFD1D322DE55B0B7DB7D21B90BEC49C
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1

Service (registry key): napagent
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\qagentrt.dll,-6
Description: @%SystemRoot%\system32\qagentrt.dll,-7
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\System32\svchost.exe -k NetworkService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): NativeWifiP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NativeWiFi Filter
Image path: system32\DRIVERS\nwifi.sys
Image size: 148480
Image MD5: 3C21CE48FF529BB73DADB98770B54025
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NDIS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NDIS System Driver
Description: NDIS System Driver
Image path: system32\drivers\ndis.sys
Image size: 529464
Image MD5: 9BDC71790FA08F0A0B5F10462B1BD0B1
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): NdisTapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\rascfg.dll,-32001
Description: @%systemroot%\system32\rascfg.dll,-32001
Image path: system32\DRIVERS\ndistapi.sys
Image size: 20992
Image MD5: 0E186E90404980569FB449BA7519AE61
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Ndisuio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NDIS Usermode I/O Protocol
Image path: system32\DRIVERS\ndisuio.sys
Image size: 16896
Image MD5: D6973AA34C4D5D76C0430B181C3CD389
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NdisWan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\rascfg.dll,-32002
Description: @%systemroot%\system32\rascfg.dll,-32002
Image path: system32\DRIVERS\ndiswan.sys
Image size: 121344
Image MD5: 3D14C3B3496F88890D431E8AA022A411
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NDProxy
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NetBIOS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NetBIOS Interface
Description: NetBIOS Interface
Image path: system32\DRIVERS\netbios.sys
Image size: 35840
Image MD5: BCD093A5A6777CF626434568DC7DBA78
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): netbt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NETBT
Description: This service implements NetBios over TCP/IP.
Image path: System32\DRIVERS\netbt.sys
Image size: 184320
Image MD5: 7C5FEE5B1C5728507CD96FB4A13E7A02
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: Tdx,tcpip,MPFP

Service (registry key): Netlogon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\netlogon.dll,-102
Description: @%SystemRoot%\System32\netlogon.dll,-103
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 9728
Image MD5: DCF733788C7D088D814E5F80EB4B3E0F
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): Netman
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\netman.dll,-109
Description: @%SystemRoot%\system32\netman.dll,-110
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,nsi

Service (registry key): netprofm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\netprof.dll,-246
Description: @%SystemRoot%\system32\netprof.dll,-247
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,nlasvc

Service (registry key): NetTcpPortSharing
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201
Description: @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8200
Object name: NT AUTHORITY\LocalService
Image path: "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Image size: 122880
Image MD5: F9102685F97F9BA85F4A70AFCF722CFE
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1

Service (registry key): nfrd960
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\nfrd960.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): NlaSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\nlasvc.dll,-1
Description: @%SystemRoot%\System32\nlasvc.dll,-2
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\System32\svchost.exe -k NetworkService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: NSI,RpcSs,TcpIp

Service (registry key): Npfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1

Service (registry key): nsi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\nsisvc.dll,-200
Description: @%SystemRoot%\system32\nsisvc.dll,-201
Object name: NT Authority\LocalService
Image path: %systemroot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: nsiproxy

Service (registry key): nsiproxy
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NSI proxy service
Description: NSI proxy service
Image path: system32\drivers\nsiproxy.sys
Image size: 16384
Image MD5: 609773E344A97410CE4EBF74A8914FCF
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): NTDS
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Ntfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): NTIDrvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Upper Class Filter Driver
Image path: system32\DRIVERS\NTIDrvr.sys
Image size: 6144
Image MD5: 7F1C1F78D709C4A54CBB46EDE7E0B48D
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): ntrigdigi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: N-trig HID Tablet Driver
Image path: \SystemRoot\system32\drivers\ntrigdigi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Null
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): nvraid
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\nvraid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): nvstor
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\nvstor.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): nv_agp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NVIDIA nForce AGP Bus Filter
Image path: \SystemRoot\system32\drivers\nv_agp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): NwlnkFlt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPX Traffic Filter Driver
Description: IPX Traffic Filter Driver
Image path: system32\DRIVERS\nwlnkflt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: NwlnkFwd

Service (registry key): NwlnkFwd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IPX Traffic Forwarder Driver
Description: IPX Traffic Forwarder Driver
Image path: system32\DRIVERS\nwlnkfwd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): odserv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Office Diagnostics Service
Description: Run portions of Microsoft Office Diagnostics.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
Image size: 443776
Image MD5: E54AA592A65F317390EEE386A8821692
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): ohci1394
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: NEC FireWarden OHCI Compliant IEEE 1394 Host Controller
Image path: \SystemRoot\system32\drivers\ohci1394.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ose
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Office Source Engine
Description: Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Image size: 145184
Image MD5: 5A432A042DAE460ABE7199B758E8606C
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): p2pimsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\p2psvc.dll,-8004
Description: @%SystemRoot%\system32\p2psvc.dll,-8005
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): p2psvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\p2psvc.dll,-8006
Description: @%SystemRoot%\system32\p2psvc.dll,-8007
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: p2pimsvc,PNRPSvc

Service (registry key): Parport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Parallel port driver
Image path: \SystemRoot\system32\drivers\parport.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): partmgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Partition Manager
Description: Disk class filter driver that auctions out partitions to volume managers
Image path: System32\drivers\partmgr.sys
Image size: 56376
Image MD5: 3B38467E7C3DAED009DFE359E17F139F
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): Parvdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\parvdm.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0
Depends On services: Parport
Depends On group: "Parallel arbitrator"

Service (registry key): PcaSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\pcasvc.dll,-1
Description: @%SystemRoot%\system32\pcasvc.dll,-2
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): pci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PCI Bus Driver
Image path: system32\drivers\pci.sys
Image size: 151096
Image MD5: 01B94418DEB235DFF777CC80076354B4
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): pciide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\pciide.sys
Image size: 16440
Image MD5: FC175F5DDAB666D7F4D17449A547626F
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): PCLEPCI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PCLEPCI
Image path: \??\C:\Windows\system32\drivers\pclepci.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): pcmcia
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\pcmcia.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): PEAUTH
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PEAUTH
Image path: system32\drivers\peauth.sys
Image size: 878080
Image MD5: 6349F6ED9C623B44B52EA3C63C831A92
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1

Service (registry key): PerfDisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfNet
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfOS
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfProc
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PinnacleMarvinUsb
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): pla
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\pla.dll,-500
Description: @%systemroot%\system32\pla.dll,-501
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): PlugPlay
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\umpnpmgr.dll,-100
Description: @%SystemRoot%\system32\umpnpmgr.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k DcomLaunch
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): PNRPAutoReg
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\p2psvc.dll,-8002
Description: @%SystemRoot%\system32\p2psvc.dll,-8003
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: pnrpsvc

Service (registry key): PNRPsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\p2psvc.dll,-8000
Description: @%SystemRoot%\system32\p2psvc.dll,-8001
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: p2pimsvc

Service (registry key): PolicyAgent
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\polstore.dll,-5010
Description: @%SystemRoot%\system32\polstore.dll,-5011
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip,bfe

Service (registry key): PortProxy
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PptpMiniport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Image path: system32\DRIVERS\raspptp.sys
Image size: 62976
Image MD5: ECFFFAEC0C1ECD8DBC77F39070EA1DB1
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Processor
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Processor Driver
Image path: \SystemRoot\system32\drivers\processr.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ProfSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\profsvc.dll,-300
Description: @%systemroot%\system32\profsvc.dll,-301
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): ProtectedStorage
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\psbase.dll,-300
Description: @%systemroot%\system32\psbase.dll,-301
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 9728
Image MD5: DCF733788C7D088D814E5F80EB4B3E0F
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): PSched
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\drivers\pacer.sys,-101
Description: @%SystemRoot%\System32\drivers\pacer.sys,-101
Image path: system32\DRIVERS\pacer.sys
Image size: 72192
Image MD5: BFEF604508A0ED1EAE2A73E872555FFB
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): PSDFilter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PSDFilter
Description: PSDFilter Filter Driver
Image path: system32\DRIVERS\psdfilter.sys
Image size: 20776
Image MD5: E801D5CC24E1CF18FA87D24D7074B876
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 2

Service (registry key): PSDNServ
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PSDNSERVER
Image path: system32\drivers\PSDNServ.sys
Image size: 16680
Image MD5: 24B5E3429F7F0E779FC2E6E36A0A5F73
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): psdvdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: psdvdisk
Image path: system32\drivers\psdvdisk.sys
Image size: 60712
Image MD5: 01CBFD08C0E8A6106BB26FCDA297154E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): PxHelp20
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: PxHelp20
Image path: System32\Drivers\PxHelp20.sys
Image size: 36624
Image MD5: 1962166E0CEB740704F30FA55AD3D509
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): ql2300
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: QLogic Fibre Channel Miniport Driver
Image path: \SystemRoot\system32\drivers\ql2300.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql40xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: QLogic iSCSI Miniport Driver
Image path: \SystemRoot\system32\drivers\ql40xx.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): QWAVE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\qwave.dll,-1
Description: @%SystemRoot%\system32\qwave.dll,-2
Object name: NT AUTHORITY\LocalService
Image path: %windir%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: rpcss,psched,QWAVEdrv,LLTDIO

Service (registry key): QWAVEdrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\drivers\qwavedrv.sys,-1
Description: @%SystemRoot%\system32\drivers\qwavedrv.sys,-2
Image path: \SystemRoot\system32\drivers\qwavedrv.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): RasAcd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Image path: System32\DRIVERS\rasacd.sys
Image size: 11776
Image MD5: 147D7F9C556D259924351FEB0DE606C3
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): RasAuto
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%Systemroot%\system32\rasauto.dll,-200
Description: @%Systemroot%\system32\rasauto.dll,-201
Object name: localSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RasMan,Tapisrv

Service (registry key): Rasl2tp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Image path: system32\DRIVERS\rasl2tp.sys
Image size: 76288
Image MD5: A214ADBAF4CB47DD2728859EF31F26B0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): RasMan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%Systemroot%\system32\rasmans.dll,-200
Description: @%Systemroot%\system32\rasmans.dll,-201
Object name: localSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet

landon42
2009-06-24, 18:30
Start: 3
Type: 32
Error Control: 1
Depends On services: Tapisrv,SstpSvc

Service (registry key): RasPppoe
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\rascfg.dll,-32007
Description: @%systemroot%\system32\rascfg.dll,-32007
Image path: system32\DRIVERS\raspppoe.sys
Image size: 41472
Image MD5: 3E9D9B048107B40D87B97DF2E48E0744
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): RasSstp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\sstpsvc.dll,-202
Description: @%systemroot%\system32\sstpsvc.dll,-202
Image path: system32\DRIVERS\rassstp.sys
Image size: 69120
Image MD5: A7D141684E9500AC928A772ED8E6B671
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): rdbss
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Redirected Buffering Sub Sysytem
Description: Provides the framework for network mini-redirectors
Image path: system32\DRIVERS\rdbss.sys
Image size: 224768
Image MD5: 6E1C5D0457622F9EE35F683110E93D14
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Depends On services: Mup

Service (registry key): RDPCDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: RDPCDD
Description: RDPDD Chained DD
Image path: System32\DRIVERS\RDPCDD.sys
Image size: 6144
Image MD5: 89E59BE9A564262A3FB6C4F4F1CD9899
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): RDPDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): rdpdr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Server Device Redirector Driver
Image path: \SystemRoot\system32\drivers\rdpdr.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): RDPENCDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Image path: system32\drivers\rdpencdd.sys
Image size: 6144
Image MD5: 9D91FE5286F748862ECFFA05F8A0710C
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): RDPNP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\drprov.dll,-100
Description: @%systemroot%\system32\drprov.dll,-101
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): RDPWD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: RDP Winstation Driver
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): RemoteAccess
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%Systemroot%\system32\mprdim.dll,-200
Description: @%Systemroot%\system32\mprdim.dll,-201
Object name: localSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSS,RasMan,bfe
Depends On group: NetBIOSGroup

Service (registry key): RemoteRegistry
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @regsvc.dll,-1
Description: @regsvc.dll,-2
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k regsvc
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): RichVideo
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Cyberlink RichVideo Service(CRVS)
Object name: LocalSystem
Image path: "C:\Program Files\CyberLink\Shared Files\RichVideo.exe"
Image size: 266343
Image MD5: 0A468612A19FEB657D127E7C4810F6FC
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): RpcLocator
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\Locator.exe,-2
Description: @%systemroot%\system32\Locator.exe,-3
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\locator.exe
Image size: 7680
Image MD5: 5123F83CBC4349D065534EEB6BBDC42B
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): Rpcnet
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Procedure Call (RPC) Net
Object name: LocalSystem
Image path: C:\Windows\System32\rpcnet.exe
Image size: 56680
Image MD5: 449BF2E12822299C0B153B61C5B8D58E
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): RpcSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @oleres.dll,-5010
Description: @oleres.dll,-5011
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k rpcss
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: DcomLaunch

Service (registry key): rspndr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Link-Layer Topology Discovery Responder
Image path: system32\DRIVERS\rspndr.sys
Image size: 60416
Image MD5: 9C508F4074A39E8B4B31D27198146FAD
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1

Service (registry key): SamSs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\samsrv.dll,-1
Description: @%SystemRoot%\system32\samsrv.dll,-2
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 9728
Image MD5: DCF733788C7D088D814E5F80EB4B3E0F
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): sbp2port
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SBP-2 Transport/Protocol Bus Driver
Image path: \SystemRoot\system32\drivers\sbp2port.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): SBSDWSCService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SBSD Security Center Service
Object name: LocalSystem
Image path: C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
Image size: 1153368
Image MD5: 794D4B48DFB6E999537C7C3947863463
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: wscsvc

Service (registry key): ScanUSBEMPIA
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB Still Image Capture Device
Image path: system32\DRIVERS\emScan.sys
Image size: 4493
Image MD5: F5A633609777C212EC5FF19927FC5955
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SCardSvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\SCardSvr.dll,-1
Description: @%SystemRoot%\System32\SCardSvr.dll,-5
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: PlugPlay

Service (registry key): Schedule
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\schedsvc.dll,-100
Description: @%SystemRoot%\system32\schedsvc.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,EventLog

Service (registry key): SCPolicySvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\certprop.dll,-13
Description: @%SystemRoot%\System32\certprop.dll,-14
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): SDRSVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\sdrsvc.dll,-107
Description: @%SystemRoot%\system32\sdrsvc.dll,-102
Object name: localSystem
Image path: %SystemRoot%\system32\svchost.exe -k SDRSVC
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): secdrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Security Driver
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1

Service (registry key): seclogon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\seclogon.dll,-7001
Description: @%SystemRoot%\system32\seclogon.dll,-7000
Object name: LocalSystem
Image path: %windir%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): SENS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\Sens.dll,-200
Description: @%SystemRoot%\system32\Sens.dll,-201
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: EventSystem

Service (registry key): Serenum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Serenum Filter Driver
Image path: \SystemRoot\system32\drivers\serenum.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Serial
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Serial Port Driver
Image path: \SystemRoot\system32\drivers\serial.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 0

Service (registry key): sermouse
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Serial Mouse Driver
Image path: \SystemRoot\system32\drivers\sermouse.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ServiceModelEndpoint 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ServiceModelOperation 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ServiceModelService 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): SessionEnv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\SessEnv.dll,-1026
Description: @%SystemRoot%\System32\SessEnv.dll,-1027
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS,LanmanWorkstation

Service (registry key): sffdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SFF Storage Class Driver
Image path: \SystemRoot\system32\drivers\sffdisk.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): sffp_mmc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SFF Storage Protocol Driver for MMC
Image path: \SystemRoot\system32\drivers\sffp_mmc.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): sffp_sd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SFF Storage Protocol Driver for SDBus
Image path: \SystemRoot\system32\drivers\sffp_sd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): sfloppy
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: High-Capacity Floppy Disk Drive
Image path: \SystemRoot\system32\drivers\sfloppy.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): SharedAccess
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\ipnathlp.dll,-106
Description: @%SystemRoot%\system32\ipnathlp.dll,-107
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Netman,WinMgmt,RasMan,BFE

Service (registry key): ShellHWDetection
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\shsvcs.dll,-12288
Description: @%SystemRoot%\System32\shsvcs.dll,-12289
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSs

Service (registry key): sisagp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SIS AGP Bus Filter
Image path: \SystemRoot\system32\drivers\sisagp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SiSRaid2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\sisraid2.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): SiSRaid4
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\sisraid4.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): slsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\SLsvc.exe,-101
Description: @%SystemRoot%\system32\SLsvc.exe,-100
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\SLsvc.exe
Image size: 2623488
Image MD5: 0BA91E1358AD25236863039BB2609A2E
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RpcSs

Service (registry key): SLUINotify
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\SLUINotify.dll,-103
Description: @%SystemRoot%\system32\SLUINotify.dll,-102
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: SLSvc,netprofm,EventSystem

Service (registry key): Smb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\tcpipcfg.dll,-50005
Description: @%SystemRoot%\system32\tcpipcfg.dll,-50006
Image path: system32\DRIVERS\smb.sys
Image size: 66560
Image MD5: 031E6BCD53C9B2B9ACE111EAFEC347B6
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): SMSvcHost 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): SndTAudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: SndTAudio
Image path: system32\drivers\SndTAudio.sys
Image size: 23096
Image MD5: 9B6771C9451D8009A70A776BD5A3758F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): SndTVideo
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\SndTVideo.sys
Image size: 3768
Image MD5: DE155A93101B1A0E590AB8D6C795B872
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): SNMPTRAP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\snmptrap.exe,-3
Description: @%SystemRoot%\system32\snmptrap.exe,-4
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\snmptrap.exe
Image size: 12800
Image MD5: 2A146A055B4401C16EE62D18B8E2A032
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): SNP2UVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB2.0 PC Camera (SNP2UVC)
Image path: system32\DRIVERS\snp2uvc.sys
Image size: 1729152
Image MD5: 1C550748F896E53B7B0FE7717845132B
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): spldr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Security Processor Loader Driver
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): Spooler
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\spoolsv.exe,-1
Description: @%systemroot%\system32\spoolsv.exe,-2
Object name: LocalSystem
Image path: %SystemRoot%\System32\spoolsv.exe
Image size: 125952
Image MD5: 846CDF9A3CF4DA9B306ADFB7D55EE4C2
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS,http

Service (registry key): srv
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\srv.sys
Image size: 288768
Image MD5: 73DDDBEEC61E78568082916A27AADAEE
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: srv2

Service (registry key): srv2
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: srv2
Description: Default SDDL for Windows Resource Protected file
Image path: System32\DRIVERS\srv2.sys
Image size: 144384
Image MD5: 805FAC010405AD3F82EF8DF0BB035D81
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1
Depends On services: srvnet

Service (registry key): srvnet
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\DRIVERS\srvnet.sys
Image size: 98304
Image MD5: F63A0A58AAFE34D7A1A0A74ABCCDD9C0
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): SSDPSRV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\ssdpsrv.dll,-100
Description: @%systemroot%\system32\ssdpsrv.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP

Service (registry key): SstpSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\sstpsvc.dll,-200
Description: @%SystemRoot%\system32\sstpsvc.dll,-201
Object name: NT Authority\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): stisvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\wiaservc.dll,-9
Description: @%SystemRoot%\system32\wiaservc.dll,-10
Object name: NT Authority\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k imgsvc
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: RpcSs,ShellHWDetection

Service (registry key): swenum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Software Bus Driver
Image path: system32\DRIVERS\swenum.sys
Image size: 15288
Image MD5: 7BA58ECF0C0A9A69D44B3DCA62BECF56
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): swprv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\swprv.dll,-103
Description: @%SystemRoot%\System32\swprv.dll,-102
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k swprv
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): Symc8xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\symc8xx.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Sym_hi
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\sym_hi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Sym_u3
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\sym_u3.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): SysMain
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\sysmain.dll,-1000
Description: @%SystemRoot%\system32\sysmain.dll,-1001
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: rpcss,fileinfo

Service (registry key): TabletInputService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\TabSvc.dll,-100
Description: @%SystemRoot%\system32\TabSvc.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): TapiSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\tapisrv.dll,-10100
Description: @%SystemRoot%\system32\tapisrv.dll,-10101
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\System32\svchost.exe -k NetworkService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): TBS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\tbssvc.dll,-100
Description: @%SystemRoot%\system32\tbssvc.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): Tcpip
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\tcpipcfg.dll,-50003
Description: @%SystemRoot%\system32\tcpipcfg.dll,-50003
Image path: System32\drivers\tcpip.sys
Image size: 891448
Image MD5: 82E266BEE5F0167E41C6ECFDD2A79C02
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): Tcpip6
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft IPv6 Protocol Driver
Description: Microsoft IPv6 Protocol Driver
Image path: system32\DRIVERS\tcpip.sys
Image size: 891448
Image MD5: 82E266BEE5F0167E41C6ECFDD2A79C02
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): tcpipreg
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TCP/IP Registry Compatibility
Description: Provides compatibility for legacy applications which interact with TCP/IP through the registry. If this service is stopped, certain applications may have impaired functionality.
Image path: System32\drivers\tcpipreg.sys
Image size: 30208
Image MD5: D4A2E4A4B011F3A883AF77315A5AE76B
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1
Depends On services: tcpip

Service (registry key): TDPIPE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TDPIPE
Image path: system32\drivers\tdpipe.sys
Image size: 17920
Image MD5: 5DCF5E267BE67A1AE926F2DF77FBCC56
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): TDTCP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: TDTCP
Image path: system32\drivers\tdtcp.sys
Image size: 29184
Image MD5: 389C63E32B3CEFED425B61ED92D3F021
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): tdx
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\tcpipcfg.dll,-50004
Description: @%SystemRoot%\system32\tcpipcfg.dll,-50004
Image path: system32\DRIVERS\tdx.sys
Image size: 71680
Image MD5: D09276B1FAB033CE1D40DCBDF303D10F
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): TermDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Device Driver
Image path: system32\DRIVERS\termdd.sys
Image size: 54328
Image MD5: A048056F5E1A96A9BF3071B91741A5AA
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): TermService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\termsrv.dll,-268
Description: @%SystemRoot%\System32\termsrv.dll,-267
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\System32\svchost.exe -k NetworkService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,TermDD

Service (registry key): Themes
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\shsvcs.dll,-8192
Description: @%SystemRoot%\System32\shsvcs.dll,-8193
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): THREADORDER
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\mmcss.dll,-102
Description: @%systemroot%\system32\mmcss.dll,-103
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): TrkWks
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\trkwks.dll,-1
Description: @%SystemRoot%\system32\trkwks.dll,-2
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): TrustedInstaller
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\servicing\TrustedInstaller.exe,-100
Description: @%SystemRoot%\servicing\TrustedInstaller.exe,-101
Object name: localSystem
Image path: %SystemRoot%\servicing\TrustedInstaller.exe
Image size: 39424
Image MD5: 16613A1BAD034D4ECF957AF18B7C2FF5
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): TSDDD
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): tssecsrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Terminal Services Security Filter Driver
Description: Terminal Services Security Filter Driver
Image path: System32\DRIVERS\tssecsrv.sys
Image size: 23552
Image MD5: DCF0F056A2E4F52287264F5AB29CF206
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): tunmp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Tun Miniport Adapter Driver
Image path: system32\DRIVERS\tunmp.sys
Image size: 15360
Image MD5: CAECC0120AC49E3D2F758B9169872D38
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): tunnel
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft IPv6 Tunnel Miniport Adapter Driver
Image path: system32\DRIVERS\tunnel.sys
Image size: 23040
Image MD5: 119B8184E106BAEDC83FCE5DDF3950DA
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): uagp35
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft AGPv3.5 Filter
Image path: \SystemRoot\system32\drivers\uagp35.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): udfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: udfs
Description: Reads/Writes UDF 1.02,1.5,2.0x,2.5 disc formats, usually found on C/DVD discs. (Core) (All pieces)
Image path: system32\DRIVERS\udfs.sys
Image size: 226816
Image MD5: 8B5088058FA1D1CD897A2113CCFF6C58
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1

Service (registry key): UGatherer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): UGTHRSVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): UI0Detect
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\ui0detect.exe,-101
Description: @%SystemRoot%\system32\ui0detect.exe,-102
Object name: LocalSystem
Image path: %SystemRoot%\system32\UI0Detect.exe
Image size: 35840
Image MD5: ECEF404F62863755951E09C802C94AD5
Control Set: CurrentControlSet
Start: 3
Type: 272
Error Control: 1

Service (registry key): uliagpkx
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Uli AGP Bus Filter
Image path: \SystemRoot\system32\drivers\uliagpkx.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): uliahci
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\uliahci.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): UlSata
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\ulsata.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ulsata2
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\ulsata2.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): umbus
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: UMBus Enumerator Driver
Image path: system32\DRIVERS\umbus.sys
Image size: 34816
Image MD5: 32CFF9F809AE9AED85464492BF3E32D2
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): upnphost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\upnphost.dll,-213
Description: @%systemroot%\system32\upnphost.dll,-214
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: SSDPSRV,HTTP

Service (registry key): usb
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): usbaudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB Audio Driver (WDM)
Image path: system32\drivers\usbaudio.sys
Image size: 73088
Image MD5: 292A25BB75A568AE2C67169BA2C6365A
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbccgp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Generic Parent Driver
Image path: system32\DRIVERS\usbccgp.sys
Image size: 73216
Image MD5: CAF811AE4C147FFCD5B51750C7F09142
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbcir
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: eHome Infrared Receiver (USBCIR)
Image path: \SystemRoot\system32\drivers\usbcir.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): usbehci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB 2.0 Enhanced Host Controller Miniport Driver
Image path: system32\DRIVERS\usbehci.sys
Image size: 39424
Image MD5: CEBE90821810E76320155BEBA722FCF9
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbhub
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB2 Enabled Hub
Image path: system32\DRIVERS\usbhub.sys
Image size: 194560
Image MD5: CC6B28E4CE39951357963119CE47B143
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbohci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Open Host Controller Miniport Driver
Image path: \SystemRoot\system32\drivers\usbohci.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): usbprint
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB PRINTER Class
Image path: system32\DRIVERS\usbprint.sys
Image size: 18944
Image MD5: E75C4B5269091D15A2E7DC0B6D35F2F5
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbscan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB Scanner Driver
Image path: system32\DRIVERS\usbscan.sys
Image size: 35328
Image MD5: A508C9BD8724980512136B039BBA65E9
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): USBSTOR
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB Mass Storage Driver
Image path: system32\DRIVERS\USBSTOR.SYS
Image size: 55296
Image MD5: 87BA6B83C5D19B69160968D07D6E2982
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbuhci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft USB Universal Host Controller Miniport Driver
Image path: system32\DRIVERS\usbuhci.sys
Image size: 23552
Image MD5: 814D653EFC4D48BE3B04A307ECEFF56F
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): UxSms
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\dwm.exe,-2000
Description: @%SystemRoot%\system32\dwm.exe,-2001
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): vds
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\vds.exe,-100
Description: @%SystemRoot%\system32\vds.exe,-112
Object name: LocalSystem
Image path: %SystemRoot%\System32\vds.exe
Image size: 382976
Image MD5: B13BC395B9D6116628F5AF47E0802AC4
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RpcSs,PlugPlay

Service (registry key): vga
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\vgapnp.sys
Image size: 26112
Image MD5: 7D92BE0028ECDEDEC74617009084B5EF
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): VgaSave
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\System32\drivers\vga.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 0

Service (registry key): viaagp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: VIA AGP Bus Filter
Image path: \SystemRoot\system32\drivers\viaagp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ViaC7
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: VIA C7 Processor Driver
Image path: \SystemRoot\system32\drivers\viac7.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): viaide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\viaide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): Viewpoint Manager Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Viewpoint Manager Service
Description: Ensures Viewpoint 3D and Rich Media Technologies are up to date
Object name: LocalSystem
Image path: "C:\Program Files\Viewpoint\Common\ViewpointService.exe"
Image size: 24652
Image MD5: 5F974FDE801C73952770736BECDE11E7
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): volmgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Volume Manager Driver
Image path: system32\drivers\volmgr.sys
Image size: 52792
Image MD5: 69503668AC66C77C6CD7AF86FBDF8C43
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): volmgrx
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Dynamic Volume Manager
Description: Extension of the volume manager driver that manages software RAID volumes (spanned, striped, mirrored, RAID-5) on dynamic disks
Image path: System32\drivers\volmgrx.sys
Image size: 294456
Image MD5: 98F5FFE6316BD74E9E2C97206C190196
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): volsnap
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Storage volumes
Image path: system32\drivers\volsnap.sys
Image size: 227896
Image MD5: D8B4A53DD2769F226B3EB374374987C9
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): vsmraid
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\vsmraid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): VSS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\vssvc.exe,-102
Description: @%systemroot%\system32\vssvc.exe,-101
Object name: LocalSystem
Image path: %systemroot%\system32\vssvc.exe
Image size: 1054720
Image MD5: D5FB73D19C46ADE183F968E13F186B23
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): W32Time
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\w32time.dll,-200
Description: @%SystemRoot%\system32\w32time.dll,-201
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): W3SVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): WacomPen
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Wacom Serial Pen HID Driver
Image path: \SystemRoot\system32\drivers\wacompen.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Wanarp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Image path: system32\DRIVERS\wanarp.sys
Image size: 62464
Image MD5: 55201897378CCA7AF8B5EFD874374A26
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Wanarpv6
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Image path: system32\DRIVERS\wanarp.sys
Image size: 62464
Image MD5: 55201897378CCA7AF8B5EFD874374A26
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): wcncsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\wcncsvc.dll,-3
Description: @%SystemRoot%\system32\wcncsvc.dll,-4
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: rpcss

Service (registry key): WcsPlugInService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\WcsPlugInService.dll,-200
Description: @%SystemRoot%\system32\WcsPlugInService.dll,-201
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k wcssvc
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Wd
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Watchdog Timer Driver
Image path: \SystemRoot\system32\drivers\wd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Wdf01000
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Kernel Mode Driver Frameworks service
Image path: system32\drivers\Wdf01000.sys
Image size: 503864
Image MD5: B6F0A7AD6D4BD325FBCD8BAC96CD8D96
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): WdiServiceHost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\wdi.dll,-502
Description: @%systemroot%\system32\wdi.dll,-503
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k wdisvc
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): WdiSystemHost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\wdi.dll,-500
Description: @%systemroot%\system32\wdi.dll,-501
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): WebClient
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\webclnt.dll,-100
Description: @%systemroot%\system32\webclnt.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: MRxDAV

Service (registry key): Wecsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\wecsvc.dll,-200
Description: @%SystemRoot%\system32\wecsvc.dll,-201
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP,Eventlog,mpssvc

Service (registry key): wercplsupport
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\wercplsupport.dll,-101
Description: @%SystemRoot%\System32\wercplsupport.dll,-100
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): WerSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Error Reporting Service
Description: @%SystemRoot%\System32\wersvc.dll,-101
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k WerSvcGroup
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 0

Service (registry key): winachsf
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\HSX_CNXT.sys
Image size: 660480
Image MD5: C9C63410D8CF98F621B9CC62243FB877
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): WinDefend
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Defender
Description: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-3068
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k secsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Windows Workflow Foundation 3.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): WinHttpAutoProxySvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\winhttp.dll,-100
Description: @%SystemRoot%\system32\winhttp.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: Dhcp

Service (registry key): Winmgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%Systemroot%\system32\wbem\wmisvc.dll,-205
Description: @%Systemroot%\system32\wbem\wmisvc.dll,-204
Object name: localSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS

Service (registry key): WinRM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%Systemroot%\system32\wsmsvc.dll,-101
Description: @%Systemroot%\system32\wsmsvc.dll,-102
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\System32\svchost.exe -k NetworkService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS,HTTP

Service (registry key): Winsock
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 3
Type: 4
Error Control: 1

Service (registry key): WinSock2
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Wlansvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\wlansvc.dll,-257
Description: @%SystemRoot%\System32\wlansvc.dll,-258
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: nativewifip,RpcSs,Ndisuio,Eaphost

Service (registry key): WmiAcpi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Windows Management Interface for ACPI
Image path: system32\DRIVERS\wmiacpi.sys
Image size: 11264
Image MD5: 2E7255D172DF0B8283CDFB7B433B864E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): WmiApRpl
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): wmiApSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110
Description: @%Systemroot%\system32\wbem\wmiapsrv.exe,-111
Object name: localSystem
Image path: %systemroot%\system32\wbem\WmiApSrv.exe
Image size: 137728
Image MD5: ABA4CF9F856D9A3A25F4DDD7690A6E9D
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): WMIService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ePower Service
Description: Acer ePower Management Service
Object name: LocalSystem
Image path: C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
Image size: 163840
Image MD5: EE80AC462A171DBF06EEB2058B5D3BC6
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 0
Depends On services: winmgmt

Service (registry key): WMPNetworkSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101
Description: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-102
Object name: NT AUTHORITY\NetworkService
Image path: "%ProgramFiles%\Windows Media Player\wmpnetwk.exe"
Image size: 896512
Image MD5: 3978704576A121A9204F8CC49A301A9B
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: UPnPHost,http

Service (registry key): WPCSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\wpcsvc.dll,-100
Description: @%SystemRoot%\system32\wpcsvc.dll,-101
Object name: NT Authority\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): WPDBusEnum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\wpdbusenum.dll,-100
Description: @%SystemRoot%\system32\wpdbusenum.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): WpdUsb
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: WpdUsb
Image path: system32\DRIVERS\wpdusb.sys
Image size: 39936
Image MD5: 0CEC23084B51B8288099EB710224E955
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ws2ifsl
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Socket 2.0 Non-IFS Service Provider Support Environment
Description: Winsock IFS driver
Image path: \SystemRoot\system32\drivers\ws2ifsl.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): wscsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\wscsvc.dll,-200
Description: @%SystemRoot%\System32\wscsvc.dll,-201
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,winmgmt

Service (registry key): WSearch
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Windows Search
Description: @%systemroot%\system32\SearchIndexer.exe,-104
Object name: LocalSystem
Image path: %systemroot%\system32\SearchIndexer.exe /Embedding
Image size: 439808
Image MD5: 7778BDFA3F6F6FBA0E75B9594098F737
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): WSearchIdxPi
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): wuauserv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\wuaueng.dll,-105
Description: @%systemroot%\system32\wuaueng.dll,-106
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: rpcss

Service (registry key): WUDFRd
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\WUDFRd.sys
Image size: 83328
Image MD5: AC13CB789D93412106B0FB6C7EB2BCB6
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): wudfsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\wudfsvc.dll,-1000
Description: @%SystemRoot%\system32\wudfsvc.dll,-1001
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay

Service (registry key): XAudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\xaudio.sys
Image size: 8704
Image MD5: 2E579520E114A9CA309F13BF40AD8292
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 0

Service (registry key): XAudioService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: XAudioService
Description: User-mode gate for Modem Speakerphone
Object name: LocalSystem
Image path: %SystemRoot%\system32\DRIVERS\xaudio.exe
Image size: 386560
Image MD5: F82FC2C30A19442B95AE554215837C46
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): xmlprov
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): {2AEC3DE6-CA55-4741-9B18-3F7B52AAA50A}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}
Image path: \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1

Service (registry key): {F8ABD7D9-4874-4FBC-8D77-2762788F795B}
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

tashi
2009-06-30, 07:39
New topic: http://forums.spybot.info/showthread.php?t=49687