CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\hp games\bejeweled 2 deluxe\wtmui_de\sounds\firecrackle.ogg
c:\program files\hp games\bejeweled 2 deluxe\wtmui_default\sounds\firecrackle.ogg
c:\program files\hp games\bejeweled 2 deluxe\wtmui_es\sounds\firecrackle.ogg
c:\program files\hp games\bejeweled 2 deluxe\wtmui_fr\sounds\firecrackle.ogg
c:\program files\hp games\bejeweled 2 deluxe\wtmui_it\sounds\firecrackle.ogg
scanner sequence 3.EM.11
----- EOF -----
gmerRK.txt
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2010-12-29 12:28:25
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-5 TOSHIBA_MK1652GSX rev.LV011C
Running: smg7w720.exe; Driver: C:\Users\Phyllis\AppData\Local\Temp\pxtdyfod.sys
---- System - GMER 1.0.15 ----
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8E2A6BAE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x8E2A69D2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0x8E2A6B0C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-4 dvd43llh.sys (dvd43llh.sys/RIF)
Device \Driver\atapi \Device\Ide\IdePort0 dvd43llh.sys (dvd43llh.sys/RIF)
Device \Driver\atapi \Device\Ide\IdePort1 dvd43llh.sys (dvd43llh.sys/RIF)
Device \Driver\atapi \Device\Ide\IdePort2 dvd43llh.sys (dvd43llh.sys/RIF)
Device \Driver\atapi \Device\Ide\IdePort3 dvd43llh.sys (dvd43llh.sys/RIF)
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-5 dvd43llh.sys (dvd43llh.sys/RIF)
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
Here are my hijack this info:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Phyllis at 2010-12-29 10:33:12
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 5 GB (3%) free of 143 GB
Total RAM: 1790 MB (30% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:34:58 AM, on 29/12/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\dvd43\DVD43_Tray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\Phyllis\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Windows\ehome\ehmsas.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
C:\PROGRA~1\MICROS~2\WkDStore.exe
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
C:\Windows\system32\conime.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Users\Phyllis\Downloads\RSIT.exe
C:\Program Files\trend micro\Phyllis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [lxdxmon.exe] "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Bell Canada Connection Manager] "C:\Program Files\Bell\Mobile Connect\BellCanadaCM.exe" -a
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WeatherEye] C:\Users\Phyllis\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O12 - Plugin for .csm: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .csml: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .cub: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .cube: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .dx: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .emb: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .embl: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .gau: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .jdx: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .mol: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .mop: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .pdb: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .rxn: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .scr: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .skc: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .spt: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .tgf: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .xyz: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O15 - Trusted Zone: http://staplescanada.webprint.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resourc ... den-ca.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/ph ... den-ca.cab
O18 - Filter: video/x-flv - {08C72DD4-19AD-49f1-83DA-8542B4D302C5} - C:\Users\Phyllis\AppData\Local\Temp\11E0.tmp
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: SMSI Con App Svc (CASMSI) - SmithMicro Inc. - C:\Program Files\Bell\Mobile Connect\ConAppsSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdxserv.exe
O23 - Service: lxdx_device - - C:\Windows\system32\lxdxcoms.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NovaCore SDK Service (NvtlService) - Unknown owner - C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
O23 - Service: Native WiFi Profile Importer (ProfileImpSvc) - SmithMicro Inc. - C:\Program Files\Bell\Mobile Connect\ProfileImpSvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SMSI Rc App Svc (SMSIRcAppSvc) - SmithMicro Inc. - C:\Program Files\Bell\Mobile Connect\RcAppSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 14554 bytes
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{DE0F15B6-5362-4275-B5D9-3DB99A5D7DF3}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-04-03 61888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-03 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-11-13 3913000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-11-13 3913000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-11-13 3913000]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-11-13 3913000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-04-01 468264]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-20 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-20 215552]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-09-21 47904]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16 75008]
"lxdxmon.exe"=C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe [2008-06-13 668328]
"EzPrint"=C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe [2008-06-13 107176]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-23 13797920]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-11-02 281768]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-07 2838912]
"Bell Canada Connection Manager"=C:\Program Files\Bell\Mobile Connect\BellCanadaCM.exe [2010-06-15 87320]
"dvd43"=C:\Program Files\dvd43\dvd43_tray.exe [2009-10-23 827904]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-12-13 421160]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"WeatherEye"=C:\Users\Phyllis\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe [2009-10-26 718232]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-20 202240]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-12-02 395128]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Clean Access Agent.lnk - C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
C:\Users\Phyllis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"DisallowRun"=0
"NoFind"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Program Files\Internet Explorer\Iexplore.exe" %1
======List of files/folders created in the last 3 months======
2010-12-29 10:33:16 ----D---- C:\Program Files\trend micro
2010-12-29 10:33:12 ----D---- C:\rsit
2010-12-29 09:41:23 ----D---- C:\Users\Phyllis\AppData\Roaming\Media Player Classic
2010-12-29 09:38:30 ----A---- C:\Windows\avisplitter.ini
2010-12-29 09:38:18 ----A---- C:\Windows\system32\yv12vfw.dll
2010-12-29 09:38:17 ----A---- C:\Windows\system32\xvidvfw.dll
2010-12-29 09:38:17 ----A---- C:\Windows\system32\xvidcore.dll
2010-12-29 09:38:16 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2010-12-29 09:38:15 ----A---- C:\Windows\system32\ff_vfw.dll
2010-12-29 09:06:56 ----D---- C:\Users\Phyllis\AppData\Roaming\Leawo
2010-12-29 09:06:56 ----D---- C:\ProgramData\Leawo
2010-12-29 09:05:55 ----A---- C:\Windows\system32\unrar.dll
2010-12-29 09:05:48 ----D---- C:\Program Files\K-Lite Codec Pack
2010-12-29 09:05:00 ----D---- C:\Program Files\Leawo
2010-12-19 19:27:59 ----D---- C:\Program Files\iPod
2010-12-19 19:18:29 ----D---- C:\Windows\LastGood.Tmp
2010-12-16 11:26:41 ----D---- C:\Program Files\QuickTime
2010-12-15 17:50:49 ----A---- C:\Windows\system32\tzres.dll
2010-12-15 17:50:24 ----A---- C:\Windows\system32\win32k.sys
2010-12-15 17:45:04 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-15 17:45:03 ----A---- C:\Windows\system32\taskschd.dll
2010-12-15 17:45:02 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-15 17:45:01 ----A---- C:\Windows\system32\taskeng.exe
2010-12-15 17:45:00 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-15 17:44:56 ----A---- C:\Windows\system32\consent.exe
2010-12-15 17:44:51 ----A---- C:\Windows\system32\atmlib.dll
2010-12-15 17:44:51 ----A---- C:\Windows\system32\atmfd.dll
2010-12-15 17:44:50 ----A---- C:\Windows\system32\fontsub.dll
2010-12-15 17:44:34 ----A---- C:\Windows\system32\iertutil.dll
2010-12-15 17:44:32 ----A---- C:\Windows\system32\mshtml.dll
2010-12-15 17:44:31 ----A---- C:\Windows\system32\mstime.dll
2010-12-15 17:44:31 ----A---- C:\Windows\system32\ieframe.dll
2010-12-15 17:44:21 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-15 17:44:20 ----A---- C:\Windows\system32\wininet.dll
2010-12-15 17:44:19 ----A---- C:\Windows\system32\urlmon.dll
2010-12-15 17:44:19 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-15 17:44:19 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-15 17:44:19 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-15 17:44:17 ----A---- C:\Windows\system32\ieui.dll
2010-12-15 17:44:16 ----A---- C:\Windows\system32\occache.dll
2010-12-15 17:44:16 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-15 17:44:16 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-15 17:44:16 ----A---- C:\Windows\system32\iepeers.dll
2010-12-15 17:44:15 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-15 17:44:15 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-15 17:44:15 ----A---- C:\Windows\system32\iesetup.dll
2010-12-15 17:44:14 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-15 17:44:14 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-15 17:44:14 ----A---- C:\Windows\system32\iernonce.dll
2010-12-04 10:30:56 ----D---- C:\Program Files\OurBabyMaker_27EI
2010-12-03 22:53:52 ----A---- C:\Windows\ITBackEnd.INI
2010-12-03 19:49:20 ----D---- C:\MAGICDVDCOPY_TEMP
2010-12-03 16:56:24 ----D---- C:\ProgramData\vsosdk
2010-12-03 16:40:16 ----A---- C:\Windows\system32\drivers\pcouffin.sys
2010-12-03 16:40:16 ----A---- C:\Users\Phyllis\AppData\Roaming\pcouffin.sys
2010-12-03 16:40:16 ----A---- C:\Users\Phyllis\AppData\Roaming\inst.exe
2010-12-03 16:40:13 ----D---- C:\Users\Phyllis\AppData\Roaming\Vso
2010-12-03 16:39:36 ----D---- C:\Program Files\MagicDVDCopier
2010-12-03 15:57:34 ----D---- C:\temp_dvd
2010-12-03 00:55:05 ----D---- C:\AoATemp
2010-12-03 00:54:54 ----D---- C:\Users\Phyllis\AppData\Roaming\dvdcss
2010-12-03 00:54:38 ----AD---- C:\ProgramData\TEMP
2010-12-03 00:54:30 ----D---- C:\Program Files\AoA DVD Copy
2010-12-02 23:44:59 ----D---- C:\Program Files\Conduit
2010-12-02 23:44:54 ----D---- C:\Program Files\ConduitEngine
2010-12-02 23:44:45 ----D---- C:\Program Files\uTorrentBar
2010-12-02 23:44:01 ----D---- C:\Program Files\uTorrent
2010-12-02 23:41:35 ----D---- C:\Users\Phyllis\AppData\Roaming\uTorrent
2010-12-02 23:33:07 ----D---- C:\Users\Phyllis\AppData\Roaming\FrostWire
2010-12-02 23:32:53 ----D---- C:\Program Files\Ask.com
2010-12-02 23:32:09 ----D---- C:\Program Files\FrostWire
2010-12-02 22:16:19 ----A---- C:\Windows\system32\drivers\dvd43llh.sys
2010-12-02 22:16:18 ----D---- C:\Program Files\dvd43
2010-12-02 22:13:06 ----A---- C:\Windows\DVDShrink.txt
2010-12-02 22:12:56 ----D---- C:\Users\Phyllis\AppData\Roaming\AVS4YOU
2010-12-02 22:12:56 ----D---- C:\ProgramData\AVS4YOU
2010-12-02 22:11:43 ----D---- C:\Program Files\Common Files\AVSMedia
2010-12-02 22:11:42 ----A---- C:\Windows\system32\msxml3a.dll
2010-12-02 22:11:42 ----A---- C:\Windows\system32\mfc70.dll
2010-12-02 22:11:35 ----D---- C:\Program Files\AVS4YOU
2010-11-12 18:52:43 ----A---- C:\Windows\system32\wdapi811.dll
2010-11-12 18:48:28 ----N---- C:\Windows\system32\drivers\wdmstub.sys
2010-11-12 18:48:28 ----N---- C:\Windows\system32\drivers\tiehdusb.sys
2010-11-12 18:48:28 ----D---- C:\Program Files\Common Files\TI Shared
2010-11-12 18:42:36 ----A---- C:\Windows\system32\drivers\windrvr6.sys
2010-11-12 18:42:35 ----N---- C:\Windows\system32\wd_utils.dll
2010-11-12 18:42:30 ----D---- C:\Program Files\Common Files\Vernier Software
2010-11-12 18:42:23 ----D---- C:\Program Files\Vernier Software
2010-11-09 10:04:27 ----D---- C:\ProgramData\NOS
2010-11-09 10:04:27 ----D---- C:\Program Files\NOS
2010-10-27 08:35:06 ----A---- C:\Windows\system32\gameux.dll
2010-10-27 08:35:02 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-10-27 08:35:00 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-10-25 16:46:05 ----D---- C:\ProgramData\DataCardService
2010-10-25 16:43:30 ----A---- C:\Windows\system32\webservices.dll
2010-10-25 16:37:44 ----D---- C:\Program Files\Common Files\PctelEapPeer Authentication
2010-10-25 16:37:43 ----D---- C:\Program Files\Sierra Wireless
2010-10-25 16:37:43 ----D---- C:\Program Files\Bell
2010-10-25 16:17:32 ----D---- C:\Program Files\Novatel Wireless
2010-10-13 16:34:55 ----A---- C:\Windows\system32\wmp.dll
2010-10-13 16:34:52 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-13 16:34:25 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-13 16:34:24 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-13 16:34:24 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-13 16:34:23 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-13 16:34:20 ----A---- C:\Windows\system32\netevent.dll
2010-10-13 16:34:09 ----A---- C:\Windows\system32\schannel.dll
2010-10-13 16:34:06 ----A---- C:\Windows\system32\ole32.dll
2010-10-13 16:34:03 ----A---- C:\Windows\system32\t2embed.dll
2010-10-13 16:33:41 ----A---- C:\Windows\system32\mfc40.dll
2010-10-13 16:33:40 ----A---- C:\Windows\system32\mfc40u.dll
2010-10-13 16:33:32 ----A---- C:\Windows\system32\msshsq.dll
2010-10-13 16:33:29 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-13 16:33:26 ----A---- C:\Windows\system32\comctl32.dll
2010-10-11 09:05:45 ----D---- C:\Users\Phyllis\AppData\Roaming\Research In Motion
2010-10-11 08:57:11 ----A---- C:\Windows\system32\drivers\RimSerial.sys
2010-10-11 08:56:07 ----D---- C:\ProgramData\Research In Motion
2010-10-11 08:55:30 ----D---- C:\Program Files\Research In Motion
2010-10-11 08:55:30 ----D---- C:\Program Files\Common Files\Research In Motion
======List of files/folders modified in the last 3 months======
2010-12-29 10:34:52 ----D---- C:\Users\Phyllis\AppData\Roaming\LimeWire
2010-12-29 10:33:46 ----D---- C:\Windows\Temp
2010-12-29 10:33:16 ----RD---- C:\Program Files
2010-12-29 09:52:19 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-12-29 09:52:18 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-12-29 09:41:18 ----D---- C:\Users\Phyllis\AppData\Roaming\DivX
2010-12-29 09:38:30 ----D---- C:\Windows
2010-12-29 09:38:19 ----D---- C:\Windows\System32
2010-12-29 09:06:56 ----HD---- C:\ProgramData
2010-12-29 09:05:46 ----SHD---- C:\Windows\Installer
2010-12-29 07:49:07 ----D---- C:\Windows\Prefetch
2010-12-29 07:42:41 ----D---- C:\Windows\system32\catroot
2010-12-29 07:28:02 ----SHD---- C:\System Volume Information
2010-12-28 10:06:01 ----D---- C:\ProgramData\Microsoft Help
2010-12-21 15:10:14 ----D---- C:\Windows\Web
2010-12-19 19:29:38 ----D---- C:\Program Files\iTunes
2010-12-19 19:27:56 ----D---- C:\Program Files\Common Files\Apple
2010-12-19 19:20:30 ----D---- C:\Windows\inf
2010-12-19 19:08:59 ----D---- C:\Program Files\Safari
2010-12-18 03:24:56 ----D---- C:\Windows\Microsoft.NET
2010-12-18 03:24:55 ----RSD---- C:\Windows\assembly
2010-12-18 03:13:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-18 03:07:43 ----D---- C:\Windows\system32\en-US
2010-12-18 03:07:31 ----D---- C:\Program Files\Microsoft.NET
2010-12-16 13:10:36 ----D---- C:\Windows\rescache
2010-12-16 12:52:52 ----D---- C:\Windows\winsxs
2010-12-16 12:37:25 ----D---- C:\Program Files\Windows Mail
2010-12-16 12:37:24 ----D---- C:\Windows\system32\migration
2010-12-16 12:37:24 ----D---- C:\Program Files\Internet Explorer
2010-12-16 12:07:31 ----D---- C:\Program Files\Microsoft Works
2010-12-16 11:37:25 ----D---- C:\Windows\system32\fr-FR
2010-12-16 11:29:12 ----D---- C:\Windows\system32\catroot2
2010-12-16 10:13:45 ----A---- C:\Windows\system32\mrt.exe
2010-12-05 13:02:25 ----D---- C:\Program Files\LimeWire
2010-12-03 16:41:40 ----D---- C:\Windows\system32\drivers
2010-12-02 23:33:35 ----D---- C:\Windows\system32\Tasks
2010-12-02 22:11:43 ----D---- C:\Program Files\Common Files
2010-11-12 18:52:28 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-12 18:42:30 ----RSD---- C:\Windows\Fonts
2010-10-28 02:20:24 ----D---- C:\Windows\AppPatch
2010-10-25 16:43:05 ----D---- C:\Program Files\Common Files\microsoft shared
2010-10-25 16:42:02 ----D---- C:\Program Files\Microsoft
2010-10-25 16:37:43 ----D---- C:\ProgramData\Bell
2010-10-19 10:41:44 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-14 02:38:26 ----D---- C:\Program Files\Windows Media Player
2010-09-30 19:40:27 ----D---- C:\Program Files\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-12-20 135096]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-11-22 61960]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-17 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-04-17 203776]
R3 dvd43llh;dvd43llh; C:\Windows\System32\DRIVERS\dvd43llh.sys [2010-12-02 18816]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-10-31 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-10-31 208896]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-03 42528]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-23 9791072]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-24 14848]
R3 NWADI;NWADI Bus Enumerator; C:\Windows\system32\DRIVERS\NWADIenum.sys [2009-07-15 230400]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-12-03 47360]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-20 8192]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-20 9216]
R3 swmsflt;swmsflt; C:\Windows\System32\drivers\swmsflt.sys [2008-02-29 24840]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-10-31 661504]
R3 WinDriver6;WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [2008-04-22 194362]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 101504]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2010-03-20 116736]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HP1319EWS;HP1319EWS; C:\Windows\System32\Drivers\HP1319EWS.sys [2008-11-10 12800]
S3 HP1319FAX;HP1319MFP FAX; C:\Windows\System32\Drivers\HP1319FAX.sys [2008-11-10 13824]
S3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-20 200704]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2010-03-25 105984]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 101120]
S3 motmodem;Motorola USB CDC ACM Driver; C:\Windows\system32\DRIVERS\motmodem.sys [2007-06-18 23680]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2009-11-20 27072]
S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\Windows\system32\PCTINDIS5.SYS [2010-05-23 32408]
S3 pxtdyfod;pxtdyfod; \??\C:\Users\Phyllis\AppData\Local\Temp\pxtdyfod.sys []
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2008-05-20 22784]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\Windows\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s125mdm.sys [2007-04-24 108680]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s125mgmt.sys [2007-04-24 100488]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s125obex.sys [2007-04-24 98696]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-10 15872]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-10-16 41472]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-20 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-09-30 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-20 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-11-02 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-12-08 267944]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 DCService.exe;DCService.exe; C:\ProgramData\DatacardService\DCService.exe [2010-05-29 229376]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-16 94208]
R2 lxdx_device;lxdx_device; C:\Windows\system32\lxdxcoms.exe [2008-02-27 594600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 211488]
R2 NvtlService;NovaCore SDK Service; C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe [2009-11-20 82944]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-20 21504]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-04-25 361808]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-20 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-17 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-12-13 820008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 lxdxCATSCustConnectService;lxdxCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdxserv.exe [2008-02-27 98984]
S3 CASMSI;SMSI Con App Svc; C:\Program Files\Bell\Mobile Connect\ConAppsSvc.exe [2010-05-23 124184]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-20 21504]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2010-04-07 246520]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\Windows\System32\svchost.exe [2008-01-20 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ProfileImpSvc;Native WiFi Profile Importer; C:\Program Files\Bell\Mobile Connect\ProfileImpSvc.exe [2010-05-23 169240]
S3 SMSIRcAppSvc;SMSI Rc App Svc; C:\Program Files\Bell\Mobile Connect\RcAppSvc.exe [2010-05-23 120088]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------