And like I mentioned in my earlier post, the uninstall list of this RSIT log will probably be missing AIM and the MySonic DVD programs. I also needed to install or update Adobe AIR before Amazon would allow me to install use its new Cloud remote storage to get some of my music out of the way for space-freeing.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Dillon at 2011-04-27 09:03:59
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 6 GB (15%) free of 38 GB
Total RAM: 502 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:04:18 AM, on 4/27/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
C:\WINDOWS\system32\hphmon03.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\KNAB8VGR\setup[1].exe
C:\program files\common files\microsoft shared\dw\3082\errorreporting12.0.4518.1004.exe
C:\program files\quicktime\qtsystem\quicktimempeg4.resources\nl.lproj\quicktimequicktimeresources.exe
C:\program files\quicktime\qtsystem\quicktimeauthoring.resources\zh_cn.lproj\quicktimeauthoringquicktime.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
c:\program files\quicktime\qtsystem\quicktimewebhelper.resources\it.lproj\quicktimewebhelperquicktime7.6.51327.79.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Dillon\Desktop\RSIT.exe
C:\Program Files\trend micro\Dillon.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.comcast.net?cid=ie8_0904R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/customi ... ch/ie.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://red.clientapps.yahoo.com/customi ... .yahoo.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [setup[1]] C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\KNAB8VGR\setup[1].exe
O4 - HKLM\..\Run: [DWIntl20Application] c:\program files\common files\microsoft shared\dw\3082\errorreporting12.0.4518.1004.exe
O4 - HKLM\..\Run: [quicktimequicktimeresources] c:\program files\quicktime\qtsystem\quicktimempeg4.resources\nl.lproj\quicktimequicktimeresources.exe
O4 - HKLM\..\Run: [QuickTimeQuickTimeAuthoringQuickTime1788] c:\program files\quicktime\qtsystem\quicktimeauthoring.resources\zh_cn.lproj\quicktimeauthoringquicktime.exe
O4 - HKLM\..\Run: [ReportingDWIntl20] C:\program files\common files\microsoft shared\dw\3082\errorreporting12.0.4518.1004.exe
O4 - HKLM\..\RunServices: [setup[1]] C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\KNAB8VGR\setup[1].exe
O4 - HKLM\..\RunServices: [recursosquicktimequicktime] c:\program files\quicktime\qtsystem\quicktimevrauthoring.resources\pt.lproj\recursosquicktimequicktime.exe
O4 - HKLM\..\RunServices: [quicktimeresourcesquicktime] c:\program files\quicktime\qtsystem\quicktimeessentials.resources\ru.lproj\quicktimeresourcesquicktime.exe
O4 - HKLM\..\RunServices: [QuickTimeWebHelperQuickTimeWebHelperQuickTime765132779] c:\program files\quicktime\qtsystem\quicktimewebhelper.resources\it.lproj\quicktimewebhelperquicktime7.6.51327.79.exe
O4 - HKLM\..\RunServices: [ReportingError] C:\program files\common files\microsoft shared\dw\3082\errorreporting12.0.4518.1004.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [irafnank] C:\Documents and Settings\Dillon\Local Settings\Application Data\enrmqj\flflsftav.exe
O4 - HKUS\S-1-5-18\..\Run: [AntiVirus_AntiSpyware_2011] "C:\WINDOWS\system32\config\systemprofile\Application Data\AntiVirus_AntiSpyware_2011\AntiVirus AntiSpyware.exe" /STARTUP (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AntiVirus AntiSpyware 2011 Security] C:\WINDOWS\system32\config\systemprofile\Application Data\AntiVirus_AntiSpyware_2011\securitymanager.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AntiVirus_AntiSpyware_2011] "C:\WINDOWS\system32\config\systemprofile\Application Data\AntiVirus_AntiSpyware_2011\AntiVirus AntiSpyware.exe" /STARTUP (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) -
http://www.nintendowifi.com/troubleshoo ... aptest.cabO16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) -
http://upload.facebook.com/controls/200 ... oader5.cabO16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) -
http://h20278.www2.hp.com/HPISWeb/Custo ... anager.CABO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) -
http://h20270.www2.hp.com/ediags/gmn/in ... er_gmn.cabO16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/Shar ... vSniff.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace.com/upload/MySpaceUploader1006.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail.com/mail/w2/pr02/re ... NPUpld.cabO16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/Shar ... /cabsa.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 7434653125O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} -
http://mediaplayer.walmart.com/installer/install.cabO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) -
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} (MsnMusicAx Class) -
http://entimg.msn.com/client/msnmusax3718.cabO16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/iss-l ... cfscan.cabO22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PEVSystemStart - Unknown owner - C:\zzz\PEV.cfxxe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 13675 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{432DC279-F38A-4F95-9128-676D04ECB646}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-05 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-04-05 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - HP view - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll [2003-11-21 98304]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-11-04 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-11-04 688218]
"eabconfg.cpl"=C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2006-04-18 405504]
"Cpqset"=C:\Program Files\HPQ\Default Settings\cpqset.exe [2005-02-17 233534]
"LSBWatcher"=c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 253952]
"hpWirelessAssistant"=C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe [2005-01-21 790528]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [2003-03-11 172032]
"HPHmon03"=C:\WINDOWS\system32\hphmon03.exe [2003-01-30 311296]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-02-07 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-02-07 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-02-07 118784]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-03-20 86960]
"DeviceDiscovery"=C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe [2002-12-02 40960]
"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-10-07 111856]
"ddoctorv2"=C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe [2008-04-24 202560]
""= []
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [2002-12-17 49152]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-11 417792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"setup[1]"=C:\WINDOWS\system32\config\system [2011-04-27 7864320]
"DWIntl20Application"=c:\program files\common files\microsoft shared\dw\3082\errorreporting12.0.4518.1004.exe [2011-04-26 136704]
"quicktimequicktimeresources"=c:\program files\quicktime\qtsystem\quicktimempeg4.resources\nl.lproj\quicktimequicktimeresources.exe [2011-04-26 136704]
"QuickTimeQuickTimeAuthoringQuickTime1788"=c:\program files\quicktime\qtsystem\quicktimeauthoring.resources\zh_cn.lproj\quicktimeauthoringquicktime.exe [2011-04-26 136704]
"ReportingDWIntl20"=C:\program files\common files\microsoft shared\dw\3082\errorreporting12.0.4518.1004.exe [2011-04-26 136704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"Search Protection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-10-07 111856]
"irafnank"=C:\Documents and Settings\Dillon\Local Settings\Application Data\enrmqj\flflsftav.exe []
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-02-07 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SMR161]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Yahoo!\Messenger\YPager.exe"="C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Hp\HP Software Update\HPWUCli.exe"="C:\Program Files\Hp\HP Software Update\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\Program Files\Common Files\AOL\1141440620\ee\aim6.exe"="C:\Program Files\Common Files\AOL\1141440620\ee\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\mshta.exe"="C:\WINDOWS\system32\mshta.exe:*:Enabled:Microsoft (R) HTML Application host"
"C:\Program Files\Sierra\FEAR\fpupdate.exe"="C:\Program Files\Sierra\FEAR\fpupdate.exe:*:Disabled:fpupdate"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Disabled:AOL Loader"
"C:\Program Files\Common Files\AOL\1141440620\ee\aolsoftware.exe"="C:\Program Files\Common Files\AOL\1141440620\ee\aolsoftware.exe:*:Disabled:AOL Services"
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Disabled:Earthlink"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 3 months======
2011-04-26 22:51:11 ----ASH---- C:\hiberfil.sys
2011-04-26 22:02:43 ----SD---- C:\zzz
2011-04-26 08:31:03 ----D---- C:\Documents and Settings\Dillon\Application Data\com.amazon.music.uploader
2011-04-26 08:27:31 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-04-24 16:24:26 ----A---- C:\Boot.bak
2011-04-24 16:24:16 ----RASHD---- C:\cmdcons
2011-04-24 16:18:32 ----A---- C:\WINDOWS\zip.exe
2011-04-24 16:18:32 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-04-24 16:18:32 ----A---- C:\WINDOWS\SWSC.exe
2011-04-24 16:18:32 ----A---- C:\WINDOWS\SWREG.exe
2011-04-24 16:18:32 ----A---- C:\WINDOWS\sed.exe
2011-04-24 16:18:32 ----A---- C:\WINDOWS\PEV.exe
2011-04-24 16:18:32 ----A---- C:\WINDOWS\NIRCMD.exe
2011-04-24 16:18:32 ----A---- C:\WINDOWS\MBR.exe
2011-04-24 16:18:32 ----A---- C:\WINDOWS\grep.exe
2011-04-24 16:18:17 ----D---- C:\WINDOWS\ERDNT
2011-04-24 16:17:31 ----D---- C:\Qoobox
2011-04-24 09:01:42 ----D---- C:\Program Files\trend micro
2011-04-24 09:01:36 ----D---- C:\rsit
2011-04-14 14:09:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-04-14 14:06:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-04-14 14:01:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-04-14 13:51:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-04-14 13:50:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-04-14 13:49:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-04-14 13:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-04-14 13:49:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-04-14 13:48:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-04-14 13:43:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-04-05 18:49:25 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2011-04-05 18:48:41 ----A---- C:\WINDOWS\system32\javaws.exe
2011-04-05 18:48:41 ----A---- C:\WINDOWS\system32\javaw.exe
2011-04-05 18:48:41 ----A---- C:\WINDOWS\system32\java.exe
2011-04-05 18:48:41 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-03-23 21:59:25 ----D---- C:\Program Files\NOS
2011-03-23 12:03:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
2011-03-22 15:13:53 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2011-03-22 15:10:22 ----D---- C:\Program Files\Microsoft Security Client
2011-03-12 23:03:39 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-03-09 08:57:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-03-09 08:53:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-02-27 21:18:19 ----D---- C:\Program Files\Windows Sidebar
2011-02-27 20:56:27 ----A---- C:\WINDOWS\ntbtlog.txt
2011-02-27 08:54:06 ----D---- C:\Documents and Settings\All Users\Application Data\mMcHmPf06300
2011-02-09 17:49:53 ----D---- C:\Program Files\Microsoft
2011-02-09 15:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-09 15:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-09 15:02:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-09 15:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-09 10:35:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-09 10:34:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-09 10:32:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
======List of files/folders modified in the last 3 months======
2011-04-27 09:04:10 ----D---- C:\WINDOWS\Temp
2011-04-27 09:04:03 ----D---- C:\WINDOWS\Prefetch
2011-04-27 08:42:27 ----SD---- C:\WINDOWS\Tasks
2011-04-27 08:37:46 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-26 23:41:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-26 22:04:53 ----D---- C:\WINDOWS\system32\drivers
2011-04-26 22:04:48 ----D---- C:\WINDOWS\system32
2011-04-26 22:04:48 ----D---- C:\WINDOWS
2011-04-26 08:30:13 ----SHD---- C:\WINDOWS\Installer
2011-04-26 08:30:13 ----HD---- C:\Config.Msi
2011-04-26 08:29:42 ----D---- C:\Program Files\Adobe
2011-04-26 08:27:31 ----D---- C:\Program Files\Common Files
2011-04-26 08:26:46 ----D---- C:\Program Files\Amazon
2011-04-25 23:44:18 ----D---- C:\Downloads
2011-04-25 23:39:33 ----HD---- C:\WINDOWS\inf
2011-04-25 23:39:30 ----D---- C:\Program Files\Common Files\Sonic Shared
2011-04-25 23:37:31 ----RD---- C:\Program Files
2011-04-25 23:19:10 ----D---- C:\Program Files\Common Files\AOL
2011-04-25 23:18:50 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-04-24 16:24:26 ----RASH---- C:\boot.ini
2011-04-24 16:09:36 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2011-04-24 16:08:58 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-04-15 12:07:26 ----D---- C:\WINDOWS\Microsoft.NET
2011-04-15 12:07:19 ----RSD---- C:\WINDOWS\assembly
2011-04-14 14:11:12 ----A---- C:\WINDOWS\win.ini
2011-04-14 14:09:23 ----HD---- C:\WINDOWS\$hf_mig$
2011-04-14 14:06:19 ----A---- C:\WINDOWS\imsins.BAK
2011-04-14 14:06:15 ----RSHD---- C:\WINDOWS\system32\dllcache
2011-04-14 14:04:26 ----D---- C:\Program Files\Internet Explorer
2011-04-14 14:02:05 ----D---- C:\WINDOWS\WinSxS
2011-04-14 13:58:55 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-14 13:44:15 ----A---- C:\WINDOWS\system32\MRT.exe
2011-04-14 13:43:06 ----D---- C:\WINDOWS\ie8updates
2011-04-05 18:49:18 ----D---- C:\Program Files\Common Files\Java
2011-04-05 18:43:10 ----D---- C:\Program Files\Java
2011-03-23 21:59:40 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2011-03-22 15:11:01 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2011-03-22 14:57:06 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2011-03-22 14:57:00 ----SHD---- C:\System Volume Information
2011-03-22 14:53:50 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-03-06 22:33:50 ----A---- C:\WINDOWS\system32\inetcomm.dll
2011-03-03 23:37:06 ----A---- C:\WINDOWS\system32\vbscript.dll
2011-03-03 23:37:06 ----A---- C:\WINDOWS\system32\jscript.dll
2011-03-02 23:55:19 ----A---- C:\WINDOWS\system32\dnsapi.dll
2011-03-01 08:35:49 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2011-02-28 09:56:56 ----D---- C:\Documents and Settings\Dillon\Application Data\Move Networks
2011-02-27 20:26:46 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2011-02-27 20:06:59 ----D---- C:\Documents and Settings
2011-02-27 13:43:02 ----AD---- C:\SwSetup
2011-02-23 19:40:16 ----D---- C:\WINDOWS\Help
2011-02-22 16:06:29 ----N---- C:\WINDOWS\system32\occache.dll
2011-02-22 16:06:29 ----N---- C:\WINDOWS\system32\mstime.dll
2011-02-22 16:06:29 ----N---- C:\WINDOWS\system32\jsproxy.dll
2011-02-22 16:06:29 ----A---- C:\WINDOWS\system32\wininet.dll
2011-02-22 16:06:29 ----A---- C:\WINDOWS\system32\urlmon.dll
2011-02-22 16:06:29 ----A---- C:\WINDOWS\system32\mshtmled.dll
2011-02-22 16:06:29 ----A---- C:\WINDOWS\system32\mshtml.dll
2011-02-22 16:06:29 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2011-02-22 16:06:29 ----A---- C:\WINDOWS\system32\msfeeds.dll
2011-02-22 16:06:29 ----A---- C:\WINDOWS\system32\licmgr10.dll
2011-02-22 16:06:28 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2011-02-22 16:06:28 ----A---- C:\WINDOWS\system32\iertutil.dll
2011-02-22 16:06:28 ----A---- C:\WINDOWS\system32\iepeers.dll
2011-02-22 16:06:28 ----A---- C:\WINDOWS\system32\ieframe.dll
2011-02-18 04:49:53 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2011-02-17 05:32:12 ----A---- C:\WINDOWS\system32\xpsp4res.dll
2011-02-15 05:56:39 ----A---- C:\WINDOWS\system32\atmfd.dll
2011-02-09 06:53:52 ----A---- C:\WINDOWS\system32\sbe.dll
2011-02-09 06:53:52 ----A---- C:\WINDOWS\system32\encdec.dll
2011-02-08 06:33:55 ----A---- C:\WINDOWS\system32\mfc42u.dll
2011-02-08 06:33:55 ----A---- C:\WINDOWS\system32\mfc42.dll
2011-02-02 00:58:35 ----A---- C:\WINDOWS\system32\mstscax.dll
2011-01-31 15:32:22 ----D---- C:\Program Files\FreeTime
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 IFP800;iriver Internet Audio Player IFP-800; C:\WINDOWS\system32\drivers\ifp800.sys [2004-03-29 14531]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\system32\drivers\EABFiltr.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKsl4bf84545;MpKsl4bf84545; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C0A36BD7-A7D0-4956-A11B-B258732A530D}\MpKsl4bf84545.sys []
R1 MpKsl55d14db8;MpKsl55d14db8; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C0A36BD7-A7D0-4956-A11B-B258732A530D}\MpKsl55d14db8.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 MCSTRM;MCSTRM; C:\WINDOWS\system32\drivers\MCSTRM.sys [2007-11-14 8413]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-16 13059]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2004-11-29 1337850]
R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camc6aud.sys [2005-02-17 38016]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camc6hal.sys [2005-02-17 349696]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-14 1038208]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-12-14 207232]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-02-07 1399615]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-11-04 186016]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-09-20 162432]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2006-12-11 2209536]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-14 703232]
S1 MpKsl18e74faf;MpKsl18e74faf; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DB9DBF00-4EC0-4AD2-BB90-EE9BBF296FF5}\MpKsl18e74faf.sys []
S1 MpKsl3012dce8;MpKsl3012dce8; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DB9DBF00-4EC0-4AD2-BB90-EE9BBF296FF5}\MpKsl3012dce8.sys []
S1 MpKsl47654546;MpKsl47654546; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0D190D73-1BCB-4679-8637-0F4A7F3402EF}\MpKsl47654546.sys []
S1 MpKsl5cae0751;MpKsl5cae0751; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FA28EEDE-0D14-4B93-AAEE-E5F4435B9BDD}\MpKsl5cae0751.sys []
S1 MpKsl5e870acb;MpKsl5e870acb; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5363D11A-073A-477C-AF8C-5911FB120E4D}\MpKsl5e870acb.sys []
S1 MpKsl8256047d;MpKsl8256047d; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{42B3415E-53FF-49B0-A788-E1651AE75A36}\MpKsl8256047d.sys []
S1 MpKsldd31af8b;MpKsldd31af8b; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C14E954D-98C7-44A9-82BC-41AA19C485DA}\MpKsldd31af8b.sys []
S3 2WIREPCP;2Wire USB; C:\WINDOWS\system32\DRIVERS\2WirePCP.sys [2002-09-23 68672]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2004-11-29 399616]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2004-11-29 148040]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2004-11-29 55320]
S3 catchme;catchme; \??\C:\DOCUME~1\Dillon\LOCALS~1\Temp\catchme.sys []
S3 Dot4 HPH09;Dot4 HPH09; C:\WINDOWS\system32\DRIVERS\hphid409.sys [2003-01-30 50800]
S3 Dot4Print HPH09;Print Class Driver for IEEE-1284.4 HPH09; C:\WINDOWS\system32\DRIVERS\hphipr09.sys [2003-01-30 16112]
S3 Dot4Storage HPH09;Storage Class Driver for IEEE-1284.4 (HPH09); C:\WINDOWS\System32\Drivers\hphs2k09.sys [2003-01-30 50211]
S3 Dot4Usb HPH09;Dot4Usb HPH09; C:\WINDOWS\System32\drivers\hphius09.sys [2003-01-30 18864]
S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 GT680x;GrandTechICNameNT; C:\WINDOWS\System32\Drivers\gt680x.sys [2001-11-08 18120]
S3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2009-09-16 79816]
S3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2009-09-16 35272]
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2009-09-16 34248]
S3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2009-09-16 40552]
S3 o1394bul;o1394bul; \??\C:\DOCUME~1\Dillon\LOCALS~1\Temp\o1394bul.sys []
S3 PalmUSBD;PalmUSBD; C:\WINDOWS\system32\drivers\PalmUSBD.sys [2001-11-20 12338]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 RT25USBAP;Nintendo Wi-Fi USB Connector Service; C:\WINDOWS\system32\DRIVERS\rt25usbap.sys [2006-04-10 162816]
S3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-08-17 35913]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2010-12-20 96488]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2010-12-20 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2010-12-20 121576]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2004-11-29 254007]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2005-12-22 98304]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-04-05 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-01-13 38912]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 sprtsvc_ddoctorv2;SupportSoft Sprocket Service (ddoctorv2); C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe [2008-04-24 202560]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 PEVSystemStart;PEVSystemStart; C:\zzz\PEV.cfxxe [2010-04-26 256512]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\SHARED\HPQWMI.exe [2004-11-17 98304]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver;Pml Driver; C:\WINDOWS\system32\HPHipm09.exe [2003-01-30 77824]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------