Epsilon

========== OTL ========== Error: Unable to stop service mfehidk! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mfehidk deleted successfully. C:\WINDOWS\system32\drivers\mfehidk.sys moved successfully. Service mfeavfk stopped successfully! Service mfeavfk deleted successfully! C:\WINDOWS\system32\drivers\mfeavfk.sys moved successfully. Service mfesmfk stopped successfully! Service mfesmfk deleted successfully! C:\WINDOWS\system32\drivers\mfesmfk.sys moved successfully. Service mfebopk stopped successfully! Service mfebopk deleted successfully! C:\WINDOWS\system32\drivers\mfebopk.sys moved successfully. Service mferkdk stopped successfully! Service mferkdk deleted successfully! C:\WINDOWS\system32\drivers\mferkdk.sys moved successfully. C:\Documents and Settings\All Users\Application Data\avg9\Log folder moved successfully. C:\Documents and Settings\All Users\Application Data\avg9 folder moved successfully. C:\Documents and Settings\Jennifer\Local Settings\Application Data\prvlcl.dat moved successfully. C:\Documents and Settings\All Users\Application Data\Kaspersky SDK folder moved successfully. Prefs.js: "127.0.0.1" removed from network.proxy.http Prefs.js: 53980 removed from network.proxy.http_port Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry value HKEY_USERS\S-1-5-21-2025429265-1957994488-1417001333-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{d9288080-1baa-4bc4-9cf8-a92d743db949}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9288080-1baa-4bc4-9cf8-a92d743db949}\ not found. ========== FILES ========== C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\18\53376e12-531f86a2 moved successfully. File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Download.exe not found. File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\plugtmp-4\plugin-pdf2-1.php not found. File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\plugtmp-4\plugin-pdf2.php not found. C:\Program Files\Windows Live\Messenger\msimg32.dll moved successfully. C:\Program Files\Windows Live\Messenger\riched20.dll moved successfully. C:\Program Files\Yontoo Layers\YontooIEClient.dll moved successfully. C:\~ErdUserProfile.$$$\$PowerISO$\PROGRAMS\sdfix\SDFix.exe moved successfully. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\\AvgUninstallURL deleted successfully. ========== COMMANDS ========== OTL by OldTimer - Version 3.2.22.3 log created on 05012011_153741

everything is great thanks for all your help

here is the otlpe scan OTL.txt Extras.txt

ESET scan C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\18\53376e12-531f86a2 multiple threats C:\Documents and Settings\Owner\Local Settings\Temp\Download.exe multiple threats C:\Documents and Settings\Owner\Local Settings\Temp\plugtmp-4\plugin-pdf2-1.php JS/Exploit.Pdfka.OVN trojan C:\Documents and Settings\Owner\Local Settings\Temp\plugtmp-4\plugin-pdf2.php JS/Exploit.Pdfka.OVN trojan C:\Downloads\NCH WavePad Sound Editor Master's Edition 4.24 + Keygen [RH]\NCH.WPSEME.4.24_[RH].rar a variant of Win32/Keygen.AT application C:\Program Files\Windows Live\Messenger\msimg32.dll Win32/Toolbar.MyWebSearch application C:\Program Files\Windows Live\Messenger\riched20.dll Win32/Toolbar.MyWebSearch application C:\Program Files\Yontoo Layers\YontooIEClient.dll Win32/Adware.Yontoo.A application C:\~ErdUserProfile.$$$\$PowerISO$\PROGRAMS\sdfix\SDFix.exe Win32/PrcView application

[uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!LoadImageW] [66044CFA] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SendMessageW] [66045EBD] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SizeofResource] [66042A55] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FindResourceW] [66044C25] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadResource] [66042B1A] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6604255C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!LoadStringW] [66042B1F] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!LoadImageW] [66044CFA] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SendMessageW] [66045EBD] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowPlacement] [66603F30] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [06D95D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [06D95E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [06D95E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [06D95D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [06D95E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [06D95E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [06D95D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\wininet.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!CallWindowProcA] [666040F4] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowPlacement] [66603F30] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowPlacement] [66603F30] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowPlacement] [66603F30] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!CallWindowProcA] [666040F4] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [01415DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [01415DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [01415DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [01415D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [01415DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [01415E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [01415E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [01415DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [01415D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [01415E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowPlacement] [66603F30] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [01415E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [01415DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [01415D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [01415DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software) AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.) AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software) Device \FileSystem\Fastfat \FatCdrom aswSP.SYS (avast! self protection module/AVAST Software) AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software) AttachedDevice \FileSystem\Fastfat \Fat mfehidk.sys (McAfee Link Driver/McAfee, Inc.) AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software) ---- EOF - GMER 1.0.15 ----

GMER 1.0.15.15570 - http://www.gmer.net Rootkit scan 2011-04-26 22:01:02 Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK6034GSX rev.AH101A Running: 2iyfhep1.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\fgryypog.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xF25B5CF0] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xF25B5BAC] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xF25B6160] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xF25B608A] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0xF25B5782] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xF25B5C86] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xF25B56C2] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0xF25B5726] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xF25B5DA6] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xF25B622E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xF25B5D66] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xF25B5EE6] SSDT \??\C:\WINDOWS\system32\Drivers\uphcleanhlp.sys ZwUnloadKey [0xEE5F66D0] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xF25C2BAE] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xF25C29D2] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xF25C2B0C] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject ---- Kernel code sections - GMER 1.0.15 ---- ? C:\WINDOWS\system32\Drivers\uphcleanhlp.sys The system cannot find the file specified. ! ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Mozilla Firefox\plugin-container.exe[1100] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 10402024 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP } .text C:\Program Files\Mozilla Firefox\firefox.exe[3356] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\system32\services.exe[636] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 006C0002 IAT C:\WINDOWS\system32\services.exe[636] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 006C0000 IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowPlacement] [66603F30] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!CallWindowProcA] [666040F4] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\System32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\System32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\system32\svchost.exe[1180] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!SetWindowPlacement] [66603F0E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!GetWindowPlacement] [66603F30] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!LoadImageW] [66044CFA] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!SendMessageW] [66045EBD] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SendMessageW] [66045EBD] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!LoadImageW] [66044CFA] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation) IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll

o DDS.scr <<<<<<<freezes my pc and does not show logfile o DDS.pif <<<<<<<link doesnt work shows nothing but ascii coding

Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6448 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 4/26/2011 3:25:36 PM mbam-log-2011-04-26 (15-25-36).txt Scan type: Full scan (C:\|D:\|E:\|) Objects scanned: 205605 Time elapsed: 1 hour(s), 2 minute(s), 34 second(s) Memory Processes Infected: 0 Memory Modules Infected: 1 Registry Keys Infected: 14 Registry Values Infected: 2 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 16 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: c:\program files\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Not selected for removal. Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Value: ForceClassicControlPanel -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: c:\program files\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Not selected for removal. c:\documents and settings\owner\application data\microsoft\conhost.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. c:\documents and settings\owner\local settings\temp\0.7136287937684387.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. c:\documents and settings\Owner\local settings\Temp\pagerage.EXE (Adware.Agent) -> Quarantined and deleted successfully. c:\_OTL\movedfiles\04252011_202816\c_documents and settings\Jennifer\application data\svchost.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. c:\_OTL\movedfiles\04252011_202816\c_documents and settings\Owner\application data\svchost.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. c:\program files\windows live\messenger\riched20.dll (PUP.FunWebProducts) -> Not selected for removal. c:\system volume information\_restore{303aba47-183c-4ae6-a22e-3a14b04914cd}\RP48\A0167726.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. c:\system volume information\_restore{303aba47-183c-4ae6-a22e-3a14b04914cd}\RP48\A0170731.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. c:\system volume information\_restore{303aba47-183c-4ae6-a22e-3a14b04914cd}\RP48\A0173728.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. c:\system volume information\_restore{303aba47-183c-4ae6-a22e-3a14b04914cd}\RP48\A0174726.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. c:\system volume information\_restore{303aba47-183c-4ae6-a22e-3a14b04914cd}\rp49\a0178853.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. c:\downloads\nch wavepad sound editor master's edition 4.24 + keygen [rh]\nch wavepad sound editor master's edition 4.24\Keygen\wavepad sound editor 4.24- keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. c:\documents and settings\Owner\local settings\Temp\0.42879696888681174.exe (Trojan.Dropper) -> Quarantined and deleted successfully. c:\documents and settings\Owner\local settings\Temp\0.4384814362035844.exe (Trojan.Dropper) -> Quarantined and deleted successfully. c:\documents and settings\Owner\local settings\Temp\0.8632044618813891.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

thank you Georgi and thank you Malwarebytes. problem solved

i think one of these 2 files may have caused this problem [2011/04/24 21:57:30 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers [2011/04/24 21:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer

========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ie.msn.com/?ocid=iehp IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ie IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 D1 8C 13 38 AD CA 01 [binary data] IE - HKU\Jennifer_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKU\Jennifer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Jennifer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:52323 IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=18707 IE - HKU\Owner_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.* IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:53980 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AIM Search" FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us" FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-type: "${8}" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.aol.com/?src=aim&ncid=snsusaimc00000001" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63 FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.27.2 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16 FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query=" FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 53980 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/01/25 05:08:37 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010/01/22 16:19:10 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/24 22:16:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/24 22:16:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/12/21 05:05:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/03/03 02:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions [2010/02/14 16:20:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010/03/17 22:28:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2010/03/03 02:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\IMVUClientXUL@imvu.com [2011/04/24 23:02:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions [2010/11/20 02:08:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/04/24 21:59:32 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2011/04/24 22:16:50 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2011/04/24 22:13:53 | 000,000,000 | ---D | M] ("AOL Messaging Toolbar") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760} [2010/04/02 01:25:24 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010/04/02 23:41:36 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\searchplugins\aim-search.xml [2011/04/24 23:02:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/04/23 21:20:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2010/01/22 23:53:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2010/01/22 16:19:10 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011/04/23 21:19:51 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll [2011/04/23 21:19:51 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll [2011/04/15 12:20:18 | 001,034,544 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll [2009/10/11 10:17:27 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll [2009/11/14 00:47:38 | 000,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll [2009/02/06 18:44:28 | 001,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll [2011/04/23 21:20:02 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll [2009/12/22 00:34:06 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll [2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll [2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll [2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll [2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll [2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll [2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll [2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll [2010/01/13 22:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2010/03/22 20:53:24 | 000,032,576 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll [2011/04/23 21:20:05 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml [2011/04/23 21:20:06 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml [2011/04/23 21:20:06 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml [2011/04/23 21:20:06 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml [2011/04/23 21:20:06 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml [2011/04/23 21:20:06 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml [2011/04/23 21:20:06 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml O1 HOSTS File: ([2010/01/22 16:22:51 | 000,000,862 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers\YontooIEClient.dll (Yontoo Technology, Inc.) O3 - HKU\Jennifer_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKU\Owner_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - File not found O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [bootSkin Startup Jobs] C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe () O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\Jennifer_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\Jennifer_ON_C..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKU\LocalService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\NetworkService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\Owner_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\Owner_ON_C..\Run: [Google Update] C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.) O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation) O4 - HKU\LocalService_ON_C..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation) O4 - HKU\NetworkService_ON_C..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Jennifer_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 18 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - File not found O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Jennifer\Application Data\svchost.exe) - File not found O20 - HKLM Winlogon: UIHost - (C:\WINDOWS\system32\logonuix.exe) - C:\WINDOWS\system32\logonuix.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - HKU\Jennifer_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKU\Jennifer_ON_C Winlogon: Shell - (C:\Documents and Settings\Jennifer\Application Data\dwm.exe) - File not found O20 - HKU\Owner_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKU\Owner_ON_C Winlogon: Shell - (C:\Documents and Settings\Owner\Application Data\dwm.exe) - File not found O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\WBSrv: DllName - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation) O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (My Current Home Page) - About:Home O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/01/22 16:10:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2004/11/02 21:05:00 | 000,000,046 | R--- | M] () - X:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/04/26 01:32:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2011/04/25 22:59:22 | 000,000,000 | ---D | C] -- C:\~ErdUserProfile.$$$ [2011/04/25 22:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO [2011/04/25 22:37:13 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn [2011/04/25 22:25:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2011/04/25 20:28:22 | 002,234,368 | ---- | C] (OldTimer Tools) -- C:\OTLPE.exe [2011/04/25 20:28:17 | 000,000,000 | ---D | C] -- C:\_OTL [2011/04/25 03:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software [2011/04/25 03:39:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\ringtones [2011/04/24 22:32:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound [2011/04/24 22:32:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite [2011/04/24 22:32:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Audio Related Programs [2011/04/24 22:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WavePad Sound Editor [2011/04/24 22:32:15 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound [2011/04/24 22:17:24 | 000,000,000 | ---D | C] -- C:\Downloads [2011/04/24 22:16:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BitComet [2011/04/24 22:16:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\BitComet [2011/04/24 22:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet [2011/04/24 21:57:30 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers [2011/04/24 21:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer [2011/04/24 21:47:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound [2011/04/14 18:38:29 | 000,049,904 | R--- | C] (Avanquest Software) -- C:\WINDOWS\System32\drivers\BVRPMPR5.SYS [2011/04/14 18:15:37 | 000,000,000 | ---D | C] -- C:\Netgear [2011/04/13 19:42:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX [2011/04/13 19:26:29 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe [2011/04/13 19:26:28 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll [2011/04/13 19:26:23 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll [2011/04/13 19:26:13 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32.dll [2011/04/13 19:26:12 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll [2011/04/13 19:26:12 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll [2011/04/13 19:26:12 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll [2011/04/13 19:26:12 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll [2011/04/13 19:26:12 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb [2011/04/13 19:26:12 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb [2011/04/13 19:26:12 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb [2011/04/13 19:26:12 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb [2011/04/13 19:26:12 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb [2011/04/13 19:25:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shsvcs.dll [2011/04/13 19:24:52 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys [2011/04/13 19:24:51 | 000,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys [2011/04/13 19:24:51 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll [2011/04/13 19:24:51 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll [2011/04/13 19:24:51 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsrslvr.dll [2010/04/19 22:48:14 | 000,939,792 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MFC42U.DLL [2010/04/19 22:48:14 | 000,271,632 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MSVCRT.DLL [2010/04/19 22:48:14 | 000,032,528 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\OLEPRO32.DLL [2010/04/19 22:48:13 | 000,941,840 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MFC42.DLL [2010/04/19 22:48:09 | 000,330,512 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MSPAINT.EXE [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\Owner\Application Data\*.tmp files -> C:\Documents and Settings\Owner\Application Data\*.tmp -> ] [1 C:\Documents and Settings\Jennifer\Application Data\*.tmp files -> C:\Documents and Settings\Jennifer\Application Data\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/04/26 01:32:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/04/26 01:32:39 | 000,482,056 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2011/04/26 01:31:32 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/04/26 01:30:17 | 467,914,752 | -HS- | M] () -- C:\hiberfil.sys [2011/04/25 23:35:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004UA.job [2011/04/25 23:34:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/04/25 23:25:05 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/04/25 22:44:39 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk [2011/04/25 22:37:15 | 000,001,512 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk [2011/04/25 19:32:47 | 000,000,245 | -HS- | M] () -- C:\boot.ini [2011/04/25 04:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight [2011/04/24 22:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite [2011/04/24 22:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Audio Related Programs [2011/04/24 22:32:19 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WavePad Sound Editor.lnk [2011/04/24 22:32:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\WavePad Sound Editor [2011/04/24 22:16:49 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitComet.lnk [2011/04/24 22:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\BitComet [2011/04/24 21:35:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004Core.job [2011/04/24 14:39:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011/04/15 23:27:32 | 000,200,144 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/04/13 21:47:31 | 000,441,692 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/04/13 21:47:31 | 000,071,462 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/04/13 20:27:41 | 000,115,712 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/04/13 19:35:30 | 000,000,633 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\pacemaker.ini [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\Owner\Application Data\*.tmp files -> C:\Documents and Settings\Owner\Application Data\*.tmp -> ] [1 C:\Documents and Settings\Jennifer\Application Data\*.tmp files -> C:\Documents and Settings\Jennifer\Application Data\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/04/25 23:13:16 | 467,914,752 | -HS- | C] () -- C:\hiberfil.sys [2011/04/25 22:44:39 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk [2011/04/25 22:37:15 | 000,001,512 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk [2011/04/24 22:32:19 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WavePad Sound Editor.lnk [2011/04/24 22:16:49 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitComet.lnk [2011/04/23 21:30:11 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004UA.job [2011/04/23 21:30:08 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004Core.job [2011/04/17 00:39:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011/04/13 19:26:33 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll [2011/04/13 19:26:33 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll [2010/12/15 06:41:42 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2010/11/29 05:25:03 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010/11/21 06:25:29 | 000,482,056 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2010/04/25 17:48:11 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/04/20 19:34:54 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat [2010/04/09 00:14:40 | 000,000,633 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pacemaker.ini [2010/03/19 20:27:45 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini [2010/03/19 19:46:13 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe [2010/03/19 19:46:04 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\hpodinet.dll [2010/03/19 19:45:55 | 000,004,760 | ---- | C] () -- C:\WINDOWS\hphmdl11.dat [2010/02/26 06:06:54 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Owner\pool.bin [2010/02/07 02:24:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\prvlcl.dat [2010/02/07 01:41:58 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin [2010/02/06 04:10:49 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat [2010/01/29 20:19:32 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\E0691A13AF.sys [2010/01/29 20:19:31 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys [2010/01/29 19:53:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\prvlcl.dat [2010/01/27 02:12:01 | 000,115,712 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/01/27 02:02:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini [2010/01/23 03:26:37 | 000,058,616 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll [2010/01/23 03:15:36 | 000,163,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\vidstub.sys [2010/01/23 00:05:17 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ1.dat [2010/01/23 00:05:17 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat [2010/01/23 00:05:09 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2010/01/23 00:05:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2010/01/22 23:39:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010/01/22 16:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010/01/22 16:54:37 | 000,200,144 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/01/22 16:10:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010/01/22 16:07:08 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/01/22 16:05:19 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\libpng13.dll [2010/01/22 16:05:17 | 000,394,752 | ---- | C] () -- C:\WINDOWS\System32\cygwinb19.dll [2010/01/22 16:05:14 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll [2009/11/06 15:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009/08/03 20:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009/08/03 20:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe [2008/04/14 11:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008/04/14 11:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008/04/14 11:00:00 | 000,441,692 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008/04/14 11:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008/04/14 11:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008/04/14 11:00:00 | 000,071,462 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008/04/14 11:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008/04/14 11:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008/04/14 11:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008/04/14 11:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008/04/14 11:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008/04/14 11:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2005/06/10 21:59:16 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2002/03/19 16:30:00 | 000,045,632 | ---- | C] () -- C:\WINDOWS\System32\TaskSwitch.exe ========== LOP Check ========== [2010/03/01 10:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\ATTTOOLBAR [2010/04/21 13:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\CheckPoint [2011/04/13 19:45:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Research In Motion [2011/04/13 19:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Azureus [2011/04/24 22:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BitComet [2010/04/20 19:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\CheckPoint [2011/04/25 03:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FrostWire [2010/01/29 21:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterVideo [2010/11/21 04:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\motorola [2011/04/24 22:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound [2010/12/15 07:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Notepad++ [2011/04/13 19:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Research In Motion [2010/01/23 03:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Stardock [2010/01/23 02:46:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TeamViewer [2010/02/14 16:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Thunderbird [2010/02/10 15:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WeatherBug [2010/12/15 09:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2010/12/15 06:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9 [2010/04/09 00:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Entertainer [2010/04/20 20:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky SDK [2011/04/13 19:52:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motorola [2010/04/08 19:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Native Instruments [2011/04/24 21:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound [2010/04/09 00:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Owner [2010/01/23 03:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock [2011/04/24 21:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer [2010/01/29 18:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp [2010/04/08 19:42:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{20EFD19B-675C-417B-A498-B0161D72FF88} [2010/01/23 03:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2010/01/23 03:17:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{88B68E15-BA37-4CF1-9E41-321E9BEFCF60} [2010/04/08 19:14:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B5F0C192-874D-49A8-88D7-8431E3714756} ========== Purity Check ========== ========== Custom Scans ========== < MD5 for: EXPLORER.EXE > [2008/11/14 22:32:41 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=2BB75B7F548D82A099125D0C5971DE7D -- C:\WINDOWS\explorer.exe [2004/08/04 12:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\EXPLORER.EXE < MD5 for: USERINIT.EXE > [2004/08/04 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\SYSTEM32\USERINIT.EXE [2008/04/14 11:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe < MD5 for: VOLSNAP.SYS > [2008/04/14 11:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\drivers\volsnap.sys < MD5 for: WINLOGON.EXE > [2004/08/04 12:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\SYSTEM32\WINLOGON.EXE [2008/11/14 22:34:04 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=D1BAC55BC35A0CA735AEA19F609F2B22 -- C:\WINDOWS\system32\winlogon.exe < End of report >

========== Driver Services (All) ========== DRV - File not found [Kernel | On_Demand] -- -- (WDICA) DRV - File not found [Kernel | Disabled] -- -- (ViaIde) DRV - File not found [Kernel | Disabled] -- -- (TosIde) DRV - File not found [Kernel | Disabled] -- -- (Simbad) DRV - File not found [Kernel | On_Demand] -- -- (RimUsb) DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) DRV - File not found [Kernel | System] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand] -- -- (MRENDIS5) DRV - File not found [Kernel | On_Demand] -- -- (MREMPR5) DRV - File not found [Kernel | System] -- -- (lbrtfdc) DRV - File not found [Kernel | Disabled] -- -- (IntelIde) DRV - File not found [Kernel | Disabled] -- -- (CmdIde) DRV - File not found [Kernel | System] -- -- (Changer) DRV - File not found [Kernel | Disabled] -- -- (Atdisk) DRV - File not found [Kernel | Disabled] -- -- (AliIde) DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk) DRV - [2011/02/17 13:19:38 | 000,457,472 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb) DRV - [2011/02/17 13:19:17 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv) DRV - [2010/11/02 15:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy) DRV - [2010/09/07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/09/07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/09/07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/09/07 15:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010/09/07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010/09/07 15:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010/01/25 05:04:56 | 000,163,584 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\vidstub.sys -- (BootScreen) DRV - [2010/01/06 00:04:02 | 000,385,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk) DRV - [2009/11/11 17:14:44 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2009/11/11 17:14:44 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2009/11/11 17:14:44 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk) DRV - [2009/11/11 17:14:12 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk) DRV - [2009/10/20 16:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP) DRV - [2009/09/04 17:46:04 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50) DRV - [2009/09/04 17:46:04 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50) DRV - [2009/08/19 21:49:22 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5) DRV - [2009/06/24 10:28:51 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD) DRV - [2009/04/28 20:20:06 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20) DRV - [2009/01/09 22:18:02 | 000,027,136 | R--- | M] (Research in Motion Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RimSerial.sys -- (RimVSerPort) DRV - [2008/11/14 22:45:23 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\parport.sys -- (Parport) DRV - [2008/11/14 22:45:23 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem) DRV - [2008/11/14 22:45:23 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass) DRV - [2008/11/14 22:45:23 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios) DRV - [2008/11/14 22:45:23 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio) DRV - [2008/11/14 22:45:23 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum) DRV - [2008/11/14 22:44:39 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio) DRV - [2008/11/14 22:40:06 | 000,069,168 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2008/11/14 22:40:04 | 000,010,632 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\amdide.sys -- (amdide) DRV - [2008/11/14 22:39:28 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip) DRV - [2008/11/14 22:37:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wudfrd.sys -- (WudfRd) DRV - [2008/11/14 22:37:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wudfpf.sys -- (WudfPf) DRV - [2008/11/14 22:37:22 | 000,062,848 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\rspndr.sys -- (rspndr) DRV - [2008/11/14 22:33:58 | 000,030,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci) DRV - [2008/11/14 22:33:58 | 000,017,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbohci.sys -- (usbohci) DRV - [2008/11/14 22:33:38 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD) DRV - [2008/11/14 22:33:37 | 000,174,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss) DRV - [2008/11/14 22:33:27 | 000,182,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS) DRV - [2008/11/14 22:33:27 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan) DRV - [2008/11/14 22:33:26 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup) DRV - [2008/11/14 22:33:04 | 000,179,712 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV) DRV - [2008/11/14 22:32:38 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk) DRV - [2008/11/14 22:32:33 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom) DRV - [2008/10/16 15:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD) DRV - [2008/09/08 10:06:00 | 000,195,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr) DRV - [2008/04/22 19:09:20 | 000,032,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp) DRV - [2008/04/22 12:45:52 | 000,576,384 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs) DRV - [2008/04/14 11:00:00 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot) DRV - [2008/04/14 11:00:00 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update) DRV - [2008/04/14 11:00:00 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI) DRV - [2008/04/14 11:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT) DRV - [2008/04/14 11:00:00 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio) DRV - [2008/04/14 11:00:00 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat) DRV - [2008/04/14 11:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008/04/14 11:00:00 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat) DRV - [2008/04/14 11:00:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\fltMgr.sys -- (FltMgr) DRV - [2008/04/14 11:00:00 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk) DRV - [2008/04/14 11:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec) DRV - [2008/04/14 11:00:00 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr) DRV - [2008/04/14 11:00:00 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched) DRV - [2008/04/14 11:00:00 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI) DRV - [2008/04/14 11:00:00 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs) DRV - [2008/04/14 11:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial) DRV - [2008/04/14 11:00:00 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs) DRV - [2008/04/14 11:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc) DRV - [2008/04/14 11:00:00 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub) DRV - [2008/04/14 11:00:00 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt) DRV - [2008/04/14 11:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap) DRV - [2008/04/14 11:00:00 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP) DRV - [2008/04/14 11:00:00 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP) DRV - [2008/04/14 11:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips) DRV - [2008/04/14 11:00:00 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr) DRV - [2008/04/14 11:00:00 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi) DRV - [2008/04/14 11:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe) DRV - [2008/04/14 11:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp) DRV - [2008/04/14 11:00:00 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw) DRV - [2008/04/14 11:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm) DRV - [2008/04/14 11:00:00 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc) DRV - [2008/04/14 11:00:00 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS) DRV - [2008/04/14 11:00:00 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp) DRV - [2008/04/14 11:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver) DRV - [2008/04/14 11:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd) DRV - [2008/04/14 11:00:00 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs) DRV - [2008/04/14 11:00:00 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc) DRV - [2008/04/14 11:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass) DRV - [2008/04/14 11:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP) DRV - [2008/04/14 11:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave) DRV - [2008/04/14 11:00:00 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp) DRV - [2008/04/14 11:00:00 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk) DRV - [2008/04/14 11:00:00 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2008/04/14 11:00:00 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr) DRV - [2008/04/14 11:00:00 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs) DRV - [2008/04/14 11:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2008/04/14 11:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti) DRV - [2008/04/14 11:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac) DRV - [2008/04/14 11:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt) DRV - [2008/04/14 11:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE) DRV - [2008/04/14 11:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC) DRV - [2008/04/14 11:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy) DRV - [2008/04/14 11:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM) DRV - [2008/04/14 11:00:00 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi) DRV - [2008/04/14 11:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd) DRV - [2008/04/14 11:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec) DRV - [2008/04/14 11:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm) DRV - [2008/04/14 11:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload) DRV - [2008/04/14 11:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD) DRV - [2008/04/14 11:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep) DRV - [2008/04/14 11:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\pciide.sys -- (PCIIde) DRV - [2008/04/14 11:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null) DRV - [2008/04/14 11:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\winsock.dll -- (Winsock) DRV - [2008/04/14 05:47:20 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud) DRV - [2008/04/14 05:45:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio) DRV - [2008/04/14 05:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR) DRV - [2008/04/14 05:15:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb) DRV - [2008/04/14 05:15:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud) DRV - [2008/04/14 05:15:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer) DRV - [2008/04/14 05:15:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi) DRV - [2008/04/14 05:15:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter) DRV - [2008/04/14 05:15:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic) DRV - [2008/04/14 05:09:54 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV) DRV - [2008/04/14 05:09:52 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK) DRV - [2008/04/14 05:09:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM) DRV - [2008/04/14 04:17:38 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint) DRV - [2008/04/14 04:15:36 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan) DRV - [2008/04/14 04:09:48 | 000,206,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Dot4.sys -- (dot4) DRV - [2008/04/14 03:43:22 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD) DRV - [2008/04/14 03:09:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec) DRV - [2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi) DRV - [2008/04/13 23:10:28 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook) DRV - [2008/04/13 23:06:38 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CmBatt.sys -- (CmBatt) DRV - [2008/04/13 23:06:38 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\compbatt.sys -- (Compbatt) DRV - [2008/04/13 22:06:44 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pcmcia.sys -- (Pcmcia) DRV - [2007/12/13 10:21:56 | 000,547,904 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211) DRV - [2006/01/06 19:07:27 | 000,050,276 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphs2k11.sys -- (Dot4Storage HPH11) Storage Class Driver for IEEE-1284.4 (HPH11) DRV - [2006/01/06 19:07:27 | 000,018,928 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphius11.sys -- (Dot4Usb HPH11) DRV - [2006/01/06 19:07:27 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphipr11.sys -- (Dot4Print HPH11) DRV - [2006/01/06 19:07:26 | 000,050,896 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphid411.sys -- (Dot4 HPH11) DRV - [2005/11/10 22:44:12 | 004,064,256 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005/08/04 04:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005/03/04 17:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp) DRV - [2001/08/17 18:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid) DRV - [2001/08/17 17:47:32 | 000,023,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Dot4usb.sys -- (dot4usb) DRV - [2001/08/17 17:47:32 | 000,012,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Dot4Prt.sys -- (Dot4Print) DRV - [2001/08/17 12:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub) ========== Standard Registry (All) ==========

OTL logfile created on: 4/26/2011 2:15:04 AM - Run OTLPE by OldTimer - Version 3.1.46.0 Folder = D:\OTLPE\OTLPE Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 446.00 Mb Total Physical Memory | 169.00 Mb Available Physical Memory | 38.00% Memory free 366.00 Mb Paging File | 201.00 Mb Available in Paging File | 55.00% Paging File free Paging file location(s): C:\pagefile.sys 2000 4000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 55.65 Gb Total Space | 12.93 Gb Free Space | 23.24% Space Free | Partition Type: NTFS Drive D: | 3.73 Gb Total Space | 3.11 Gb Free Space | 83.17% Space Free | Partition Type: FAT32 Drive X: | 635.88 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: BARTPE-31520 | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet006 ========== Win32 Services (All) ========== SRV - [2010/12/14 16:19:30 | 000,136,176 | ---- | M] (Google Inc.) [Auto] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate) SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/08/27 06:05:07 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer) SRV - [2010/08/17 13:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler) SRV - [2010/03/22 20:53:24 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus® SRV - [2010/02/26 16:19:54 | 003,623,424 | ---- | M] (Native Instruments GmbH) [Auto] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService) SRV - [2009/10/11 10:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2009/09/04 17:41:22 | 000,319,488 | ---- | M] (Alcatel-Lucent) [Auto] -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService) SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes) SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection) SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility) SRV - [2009/06/10 06:17:16 | 000,134,144 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation) SRV - [2009/04/20 17:06:44 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache) SRV - [2009/02/10 18:26:38 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi) SRV - [2009/02/09 10:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Remote Procedure Call (RPC) SRV - [2009/02/09 10:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch) SRV - [2009/02/06 11:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (PlugPlay) SRV - [2009/02/06 11:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (Eventlog) SRV - [2008/12/12 17:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2008/11/14 22:45:23 | 000,483,328 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC) SRV - [2008/11/14 22:37:50 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\wudfsvc.dll -- (WudfSvc) SRV - [2008/11/14 22:37:38 | 000,913,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc) SRV - [2008/11/14 22:34:37 | 000,025,800 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv) SRV - [2008/11/14 22:34:00 | 000,175,616 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\w32time.dll -- (W32Time) SRV - [2008/11/14 22:33:54 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv) SRV - [2008/11/14 22:33:23 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) Network Location Awareness (NLA) SRV - [2008/11/14 22:33:20 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN) SRV - [2008/11/14 22:33:18 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer) SRV - [2008/11/14 22:32:57 | 000,330,752 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess) Windows Firewall/Internet Connection Sharing (ICS) SRV - [2008/11/14 22:32:40 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\es.dll -- (EventSystem) SRV - [2008/11/14 22:32:37 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp) SRV - [2008/11/14 22:32:32 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\browser.dll -- (Browser) SRV - [2008/11/09 20:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/07/30 00:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) SRV - [2008/07/29 22:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) SRV - [2008/07/29 22:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2008/07/25 14:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/07/25 14:16:40 | 000,034,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) SRV - [2008/04/14 11:00:00 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc) SRV - [2008/04/14 11:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\qmgr.dll -- (BITS) SRV - [2008/04/14 11:00:00 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Windows Image Acquisition (WIA) SRV - [2008/04/14 11:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\termsrv.dll -- (TermService) SRV - [2008/04/14 11:00:00 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent) SRV - [2008/04/14 11:00:00 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\vssvc.exe -- (VSS) SRV - [2008/04/14 11:00:00 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin) SRV - [2008/04/14 11:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\netman.dll -- (Netman) SRV - [2008/04/14 11:00:00 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule) SRV - [2008/04/14 11:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan) SRV - [2008/04/14 11:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost) SRV - [2008/04/14 11:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srsvc.dll -- (srservice) SRV - [2008/04/14 11:00:00 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt) SRV - [2008/04/14 11:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt) SRV - [2008/04/14 11:00:00 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr) SRV - [2008/04/14 11:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP) SRV - [2008/04/14 11:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc) SRV - [2008/04/14 11:00:00 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov) SRV - [2008/04/14 11:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv) SRV - [2008/04/14 11:00:00 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm) SRV - [2008/04/14 11:00:00 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE) SRV - [2008/04/14 11:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr) SRV - [2008/04/14 11:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks) SRV - [2008/04/14 11:00:00 | 000,089,600 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog) SRV - [2008/04/14 11:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto) SRV - [2008/04/14 11:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Remote Procedure Call (RPC) SRV - [2008/04/14 11:00:00 | 000,073,216 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr) SRV - [2008/04/14 11:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV) SRV - [2008/04/14 11:00:00 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient) SRV - [2008/04/14 11:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc) SRV - [2008/04/14 11:00:00 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc) SRV - [2008/04/14 11:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry) SRV - [2008/04/14 11:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess) SRV - [2008/04/14 11:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\alg.exe -- (ALG) SRV - [2008/04/14 11:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv) SRV - [2008/04/14 11:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\sens.dll -- (SENS) SRV - [2008/04/14 11:00:00 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2008/04/14 11:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger) SRV - [2008/04/14 11:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost) SRV - [2008/04/14 11:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv) SRV - [2008/04/14 11:00:00 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver) SRV - [2008/04/14 11:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc) SRV - [2008/04/14 11:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon) SRV - [2008/04/14 11:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ups.exe -- (UPS) SRV - [2008/04/14 11:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter) SRV - [2008/04/14 11:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter) SRV - [2008/04/14 11:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts) SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (SamSs) SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage) SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent) SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp) SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon) SRV - [2008/04/14 11:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC) SRV - [2008/04/14 11:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc) SRV - [2008/04/14 11:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv) SRV - [2008/04/14 11:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp) SRV - [2008/04/14 10:41:56 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ) SRV - [2006/01/06 19:07:26 | 000,077,824 | ---- | M] (HP) [On_Demand] -- C:\WINDOWS\system32\hphipm11.exe -- (Pml Driver HPH11) SRV - [2005/08/04 04:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) [Auto] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller) SRV - [2005/04/27 13:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean) SRV - [2004/10/22 09:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003/07/28 17:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

OTL Extras logfile created on: 4/26/2011 2:15:06 AM - Run OTLPE by OldTimer - Version 3.1.46.0 Folder = D:\OTLPE\OTLPE Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 446.00 Mb Total Physical Memory | 169.00 Mb Available Physical Memory | 38.00% Memory free 366.00 Mb Paging File | 201.00 Mb Available in Paging File | 55.00% Paging File free Paging file location(s): C:\pagefile.sys 2000 4000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 55.65 Gb Total Space | 12.93 Gb Free Space | 23.24% Space Free | Partition Type: NTFS Drive D: | 3.73 Gb Total Space | 3.11 Gb Free Space | 83.17% Space Free | Partition Type: FAT32 Drive X: | 635.88 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: BARTPE-31520 | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet006 ========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation) .js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation) .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation) hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.) "C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.) "C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group) "C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM "C:\Program Files\Ipswitch\WS_FTP 12\wsftpgui.exe" = C:\Program Files\Ipswitch\WS_FTP 12\wsftpgui.exe:*:Enabled:WS_FTP Pro/LE "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation) "C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google) "C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze "C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor "{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22439E2F-1CF7-4F8B-992A-3AA3C0553929}" = Yu-Gi-Oh! ONLINE 3 "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java 6 Update 17 "{2E510276-F614-4AC5-9ACC-465735484A4F}" = Show Presenter "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com "{6855CCDD-BDF9-48E4-B80A-80DFB96FE36C}" = CmdHere Powertoy For Windows XP "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6DB7AD00-F781-11DF-9EEF-001279CD8240}" = Google Earth "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers 1.10.01 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9FA2E0CF-64E8-3536-BA71-618A48D9AF55}" = Google Talk Plugin "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls "{A7050037-F0EA-4BAB-BCD5-FC05507D6147}" = Alt-Tab Task Switcher Powertoy for Windows XP "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter "{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1 "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player "{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}" = Windows Rights Management Client with Service Pack 2 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 Service Pack 1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call "{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse "{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2 "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service "6ED11016CDD566A27C3E3432CC546D9FA64E636C" = Windows Driver Package - Realtek Semiconductor Corp. (RTL8023xp) Net (02/25/2008 5.687.0225.2008) "7-Zip" = 7-Zip 4.60 beta "8916FCDA42DB427750EB06B23F022EAFDE7A24FA" = Windows Driver Package - ENE TECHNOLOGY INC. PCMCIA (08/14/2002 5.1.2600.1010) "AbiWord2" = AbiWord 2.6.4 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "All ATI Software" = ATI - Software Uninstall Utility "ATI Display Driver" = ATI Display Driver "avast5" = avast! Free Antivirus "B401FBF1B09B882D9896BCD7132C6DDC5A787A91" = Windows Driver Package - Atheros (AR5211) Net (07/26/2007 5.3.0.67) "BitComet" = BitComet 1.27 "BootSkin" = BootSkin "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "FrostWire" = FrostWire 4.18.6 "Google Chrome" = Google Chrome "hphuni04" = Photosmart 130,230,7150,7345,7350,7550 (Remove only) "ie8" = Windows Internet Explorer 8 "Impulse" = Impulse "InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8 "LogonStudio" = LogonStudio "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Silverlight" = Microsoft Silverlight "Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16) "Mozilla Thunderbird (3.1.6)" = Mozilla Thunderbird (3.1.6) "Native Instruments Controller Editor" = Native Instruments Controller Editor "Native Instruments Service Center" = Native Instruments Service Center "Native Instruments Traktor DJ Studio 3" = Native Instruments Traktor DJ Studio 3 "Notepad++" = Notepad++ "PCDJ VJ" = PCDJ VJ "PCDJDex" = PCDJ DEX (remove only) "TeamViewer 5" = TeamViewer 5 "VLC media player" = VLC media player 1.0.1 "WavePad" = WavePad Sound Editor "Winamp" = Winamp "WindowBlinds 7" = WindowBlinds 7 "Windows Rights Management Client" = Windows Rights Management Client with Service Pack 2 "Windows Rights Management Client Backwards" = Windows Rights Management Client Backwards Compatibility SP2 "WinLiveSuite_Wave3" = Windows Live Essentials "Yahoo! Messenger" = Yahoo! Messenger "Yahoo! Software Update" = Yahoo! Software Update ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Winamp Detector Plug-in < End of report >

this did not help the problem it has in a way made it worse when i log into profiles on my pc now when i log in it immediately logs me out i am still unable to access my pc

========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ie.msn.com/?ocid=iehp IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ie IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 D1 8C 13 38 AD CA 01 [binary data] IE - HKU\Jennifer_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKU\Jennifer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Jennifer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:52323 IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=18707 IE - HKU\Owner_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.* IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:53980 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AIM Search" FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us" FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-type: "${8}" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.aol.com/?src=aim&ncid=snsusaimc00000001" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63 FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.27.2 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16 FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query=" FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 53980 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/01/25 05:08:37 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010/01/22 16:19:10 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/24 22:16:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/24 22:16:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/12/21 05:05:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/03/03 02:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions [2010/02/14 16:20:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010/03/17 22:28:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2010/03/03 02:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\IMVUClientXUL@imvu.com [2011/04/24 23:02:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions [2010/11/20 02:08:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/04/24 21:59:32 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2011/04/24 22:16:50 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2011/04/24 22:13:53 | 000,000,000 | ---D | M] ("AOL Messaging Toolbar") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760} [2010/04/02 01:25:24 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010/04/02 23:41:36 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\searchplugins\aim-search.xml [2011/04/24 23:02:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/04/23 21:20:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2010/01/22 23:53:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2010/01/22 16:19:10 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011/04/23 21:19:51 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll [2011/04/23 21:19:51 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll [2011/04/15 12:20:18 | 001,034,544 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll [2009/10/11 10:17:27 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll [2009/11/14 00:47:38 | 000,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll [2009/02/06 18:44:28 | 001,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll [2011/04/23 21:20:02 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll [2009/12/22 00:34:06 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll [2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll [2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll [2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll [2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll [2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll [2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll [2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll [2010/01/13 22:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2010/03/22 20:53:24 | 000,032,576 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll [2011/04/23 21:20:05 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml [2011/04/23 21:20:06 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml [2011/04/23 21:20:06 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml [2011/04/23 21:20:06 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml [2011/04/23 21:20:06 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml [2011/04/23 21:20:06 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml [2011/04/23 21:20:06 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml O1 HOSTS File: ([2010/01/22 16:22:51 | 000,000,862 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers\YontooIEClient.dll (Yontoo Technology, Inc.) O3 - HKU\Jennifer_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKU\Owner_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - File not found O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [bootSkin Startup Jobs] C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe () O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\Jennifer_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\Jennifer_ON_C..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKU\LocalService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\NetworkService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\Owner_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\Owner_ON_C..\Run: [Google Update] C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.) O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation) O4 - HKU\LocalService_ON_C..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation) O4 - HKU\NetworkService_ON_C..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Jennifer_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 18 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - File not found O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Jennifer\Application Data\svchost.exe) - C:\Documents and Settings\Jennifer\Application Data\svchost.exe (Ooounom Software) O20 - HKLM Winlogon: UIHost - (C:\WINDOWS\system32\logonuix.exe) - C:\WINDOWS\system32\logonuix.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - HKU\Jennifer_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKU\Jennifer_ON_C Winlogon: Shell - (C:\Documents and Settings\Jennifer\Application Data\dwm.exe) - File not found O20 - HKU\Owner_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKU\Owner_ON_C Winlogon: Shell - (C:\Documents and Settings\Owner\Application Data\dwm.exe) - File not found O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\WBSrv: DllName - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation) O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (My Current Home Page) - About:Home O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/01/22 16:10:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2004/11/02 21:05:00 | 000,000,046 | R--- | M] () - X:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Desktop Manager.lnk - - File not found MsConfig - StartUpFolder: C:^Documents and Settings^Owner^Start Menu^Programs^Startup^ImpulseNow.lnk - C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe - (Stardock Corporation) MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: Aim - hkey= - key= - File not found MsConfig - StartUpReg: Alcmtr - hkey= - key= - C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) MsConfig - StartUpReg: ATT-SST_McciTrayApp - hkey= - key= - File not found MsConfig - StartUpReg: BlackBerryAutoUpdate - hkey= - key= - File not found MsConfig - StartUpReg: CoolSwitch - hkey= - key= - File not found MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig - StartUpReg: HPDJ Taskbar Utility - hkey= - key= - File not found MsConfig - StartUpReg: HPHmon04 - hkey= - key= - File not found MsConfig - StartUpReg: HPHUPD04 - hkey= - key= - File not found MsConfig - StartUpReg: IMJPMIG8.1 - hkey= - key= - C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) MsConfig - StartUpReg: ISUSPM - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) MsConfig - StartUpReg: ISW - hkey= - key= - File not found MsConfig - StartUpReg: iTunesHelper - hkey= - key= - File not found MsConfig - StartUpReg: Meebo Notifier - hkey= - key= - File not found MsConfig - StartUpReg: PHIME2002A - hkey= - key= - File not found MsConfig - StartUpReg: PHIME2002ASync - hkey= - key= - File not found MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) MsConfig - StartUpReg: RoxWatchTray - hkey= - key= - File not found MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.) MsConfig - StartUpReg: SpybotSD TeaTimer - hkey= - key= - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: TFncKy - hkey= - key= - File not found MsConfig - StartUpReg: Weather - hkey= - key= - File not found MsConfig - StartUpReg: WinampAgent - hkey= - key= - File not found MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: mcmscsvc - Service SafeBootMin: MCODS - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: mcmscsvc - Service SafeBootNet: MCODS - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: vsmon - Service SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447) ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7 ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error. ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: Microsoft Base Smart Card Crypto Provider Package - Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) ========== Files/Folders - Created Within 30 Days ========== [2011/04/25 22:59:22 | 000,000,000 | ---D | C] -- C:\~ErdUserProfile.$$$ [2011/04/25 22:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO [2011/04/25 22:37:13 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn [2011/04/25 22:25:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2011/04/25 03:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software [2011/04/25 03:39:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\ringtones [2011/04/25 01:16:29 | 000,078,424 | ---- | C] (Ooounom Software) -- C:\Documents and Settings\Jennifer\Application Data\svchost.exe [2011/04/24 22:32:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound [2011/04/24 22:32:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite [2011/04/24 22:32:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Audio Related Programs [2011/04/24 22:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WavePad Sound Editor [2011/04/24 22:32:15 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound [2011/04/24 22:17:24 | 000,000,000 | ---D | C] -- C:\Downloads [2011/04/24 22:16:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BitComet [2011/04/24 22:16:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\BitComet [2011/04/24 22:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet [2011/04/24 21:57:30 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers [2011/04/24 21:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer [2011/04/24 21:54:36 | 000,078,424 | ---- | C] (Ooounom Software) -- C:\Documents and Settings\Owner\Application Data\svchost.exe [2011/04/24 21:47:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound [2011/04/14 18:38:29 | 000,049,904 | R--- | C] (Avanquest Software) -- C:\WINDOWS\System32\drivers\BVRPMPR5.SYS [2011/04/14 18:15:37 | 000,000,000 | ---D | C] -- C:\Netgear [2011/04/13 19:42:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX [2011/04/13 19:26:29 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe [2011/04/13 19:26:28 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll [2011/04/13 19:26:23 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll [2011/04/13 19:26:13 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32.dll [2011/04/13 19:26:12 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll [2011/04/13 19:26:12 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll [2011/04/13 19:26:12 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll [2011/04/13 19:26:12 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll [2011/04/13 19:26:12 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb [2011/04/13 19:26:12 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb [2011/04/13 19:26:12 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb [2011/04/13 19:26:12 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb [2011/04/13 19:26:12 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb [2011/04/13 19:25:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shsvcs.dll [2011/04/13 19:24:52 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys [2011/04/13 19:24:51 | 000,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys [2011/04/13 19:24:51 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll [2011/04/13 19:24:51 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll [2011/04/13 19:24:51 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsrslvr.dll [2010/04/19 22:48:14 | 000,939,792 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MFC42U.DLL [2010/04/19 22:48:14 | 000,271,632 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MSVCRT.DLL [2010/04/19 22:48:14 | 000,032,528 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\OLEPRO32.DLL [2010/04/19 22:48:13 | 000,941,840 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MFC42.DLL [2010/04/19 22:48:09 | 000,330,512 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MSPAINT.EXE [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\Owner\Application Data\*.tmp files -> C:\Documents and Settings\Owner\Application Data\*.tmp -> ] [1 C:\Documents and Settings\Jennifer\Application Data\*.tmp files -> C:\Documents and Settings\Jennifer\Application Data\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/04/25 23:35:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004UA.job [2011/04/25 23:34:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/04/25 23:33:40 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/04/25 23:33:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/04/25 23:33:13 | 467,914,752 | -HS- | M] () -- C:\hiberfil.sys [2011/04/25 23:25:05 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/04/25 23:09:53 | 000,000,245 | -HS- | M] () -- C:\boot.ini [2011/04/25 22:44:39 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk [2011/04/25 22:37:15 | 000,001,512 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk [2011/04/25 05:36:19 | 000,482,056 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2011/04/25 04:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight [2011/04/24 22:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite [2011/04/24 22:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Audio Related Programs [2011/04/24 22:32:19 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WavePad Sound Editor.lnk [2011/04/24 22:32:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\WavePad Sound Editor [2011/04/24 22:16:49 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitComet.lnk [2011/04/24 22:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\BitComet [2011/04/24 21:55:00 | 000,078,424 | ---- | M] (Ooounom Software) -- C:\Documents and Settings\Owner\Application Data\svchost.exe [2011/04/24 21:55:00 | 000,078,424 | ---- | M] (Ooounom Software) -- C:\Documents and Settings\Jennifer\Application Data\svchost.exe [2011/04/24 21:35:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004Core.job [2011/04/24 14:39:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011/04/15 23:27:32 | 000,200,144 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/04/13 21:47:31 | 000,441,692 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/04/13 21:47:31 | 000,071,462 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/04/13 20:27:41 | 000,115,712 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/04/13 19:35:30 | 000,000,633 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\pacemaker.ini [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\Owner\Application Data\*.tmp files -> C:\Documents and Settings\Owner\Application Data\*.tmp -> ] [1 C:\Documents and Settings\Jennifer\Application Data\*.tmp files -> C:\Documents and Settings\Jennifer\Application Data\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/04/25 23:13:16 | 467,914,752 | -HS- | C] () -- C:\hiberfil.sys [2011/04/25 22:44:39 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk [2011/04/25 22:37:15 | 000,001,512 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk [2011/04/24 22:32:19 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WavePad Sound Editor.lnk [2011/04/24 22:16:49 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitComet.lnk [2011/04/23 21:30:11 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004UA.job [2011/04/23 21:30:08 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004Core.job [2011/04/17 00:39:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011/04/13 19:26:33 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll [2011/04/13 19:26:33 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll [2010/12/22 04:32:57 | 000,001,824 | ---- | C] () -- C:\Documents and Settings\Jennifer\Application Data\8AF6.919 [2010/12/21 10:16:03 | 000,009,645 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\8AF6.919 [2010/12/15 06:41:42 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2010/11/29 05:25:03 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010/11/21 06:25:29 | 000,482,056 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2010/04/25 17:48:11 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/04/20 19:34:54 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat [2010/04/09 00:14:40 | 000,000,633 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pacemaker.ini [2010/03/19 20:27:45 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini [2010/03/19 19:46:13 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe [2010/03/19 19:46:04 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\hpodinet.dll [2010/03/19 19:45:55 | 000,004,760 | ---- | C] () -- C:\WINDOWS\hphmdl11.dat [2010/02/26 06:06:54 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Owner\pool.bin [2010/02/07 02:24:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\prvlcl.dat [2010/02/07 01:41:58 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin [2010/02/06 04:10:49 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat [2010/01/29 20:19:32 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\E0691A13AF.sys [2010/01/29 20:19:31 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys [2010/01/29 19:53:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\prvlcl.dat [2010/01/27 02:12:01 | 000,115,712 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/01/27 02:02:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini [2010/01/23 03:26:37 | 000,058,616 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll [2010/01/23 03:15:36 | 000,163,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\vidstub.sys [2010/01/23 00:05:17 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ1.dat [2010/01/23 00:05:17 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat [2010/01/23 00:05:09 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2010/01/23 00:05:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2010/01/22 23:39:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010/01/22 16:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010/01/22 16:54:37 | 000,200,144 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/01/22 16:10:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010/01/22 16:07:08 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/01/22 16:05:19 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\libpng13.dll [2010/01/22 16:05:17 | 000,394,752 | ---- | C] () -- C:\WINDOWS\System32\cygwinb19.dll [2010/01/22 16:05:14 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll [2009/11/06 15:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009/08/03 20:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009/08/03 20:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe [2008/04/14 11:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008/04/14 11:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008/04/14 11:00:00 | 000,441,692 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008/04/14 11:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008/04/14 11:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008/04/14 11:00:00 | 000,071,462 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008/04/14 11:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008/04/14 11:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008/04/14 11:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008/04/14 11:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008/04/14 11:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008/04/14 11:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2005/06/10 21:59:16 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2002/03/19 16:30:00 | 000,045,632 | ---- | C] () -- C:\WINDOWS\System32\TaskSwitch.exe ========== LOP Check ========== [2010/03/01 10:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\ATTTOOLBAR [2010/04/21 13:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\CheckPoint [2011/04/13 19:45:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Research In Motion [2011/04/13 19:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Azureus [2011/04/24 22:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BitComet [2010/04/20 19:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\CheckPoint [2011/04/25 03:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FrostWire [2010/01/29 21:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterVideo [2010/11/21 04:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\motorola [2011/04/24 22:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound [2010/12/15 07:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Notepad++ [2011/04/13 19:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Research In Motion [2010/01/23 03:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Stardock [2010/01/23 02:46:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TeamViewer [2010/02/14 16:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Thunderbird [2010/02/10 15:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WeatherBug [2010/12/15 09:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2010/12/15 06:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9 [2010/04/09 00:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Entertainer [2010/04/20 20:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky SDK [2011/04/13 19:52:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motorola [2010/04/08 19:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Native Instruments [2011/04/24 21:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound [2010/04/09 00:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Owner [2010/01/23 03:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock [2011/04/24 21:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer [2010/01/29 18:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp [2010/04/08 19:42:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{20EFD19B-675C-417B-A498-B0161D72FF88} [2010/01/23 03:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2010/01/23 03:17:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{88B68E15-BA37-4CF1-9E41-321E9BEFCF60} [2010/04/08 19:14:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B5F0C192-874D-49A8-88D7-8431E3714756} ========== Purity Check ========== ========== Custom Scans ========== Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*. Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe Invalid Environment Variable: %APPDATA%\*. Invalid Environment Variable: %APPDATA%\*.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008/11/14 22:45:23 | 009,129,064 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys < MD5 for: AHCIX86.SYS > [2008/11/14 22:40:08 | 000,164,352 | ---- | M] (AMD Technologies Inc.) MD5=746C6E7AE2C6449F3CF3CF0D5E3A9222 -- C:\WINDOWS\NLDRV\010\ahcix86.sys < MD5 for: ATAPI.SYS > [2008/11/14 22:45:23 | 009,129,064 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/04 12:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\SYSTEM32\DRIVERS\ATAPI.SYS < MD5 for: EVENTLOG.DLL > [2008/04/14 11:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll [2004/08/04 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\SYSTEM32\EVENTLOG.DLL < MD5 for: IASTOR.SYS > [2008/11/14 22:40:10 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\WINDOWS\NLDRV\011\iastor.sys < MD5 for: NETLOGON.DLL > [2008/11/14 22:33:28 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=06CF9EEDB7E827205C6948C9DAF56974 -- C:\WINDOWS\system32\netlogon.dll [2004/08/04 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\SYSTEM32\NETLOGON.DLL < MD5 for: NVGTS.SYS > [2008/11/14 22:40:21 | 000,105,984 | ---- | M] (NVIDIA Corporation) MD5=F0BF71E77BB6D96D0A34537D151B78D1 -- C:\WINDOWS\NLDRV\013\nvgts.sys [2008/11/14 22:40:23 | 000,105,984 | ---- | M] (NVIDIA Corporation) MD5=F0BF71E77BB6D96D0A34537D151B78D1 -- C:\WINDOWS\NLDRV\014\nvgts.sys < MD5 for: SCECLI.DLL > [2004/08/04 12:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\SYSTEM32\SCECLI.DLL [2008/04/14 11:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll < MD5 for: USERINIT.EXE > [2004/08/04 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\SYSTEM32\USERINIT.EXE [2008/04/14 11:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe < MD5 for: VIAMRAID.SYS > [2008/11/14 22:40:27 | 000,117,248 | ---- | M] (VIA Technologies inc,.ltd) MD5=3A82A61E312ADDB3BE8F1FE3481842B1 -- C:\WINDOWS\NLDRV\021\viamraid.sys < MD5 for: VIPRT.SYS > [2008/11/14 22:40:27 | 000,052,736 | ---- | M] (VIA Technologies, Inc.) MD5=884D400F106C5206602185D9B8E34FE4 -- C:\WINDOWS\NLDRV\020\viprt.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2010/01/22 16:53:51 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2010/01/22 16:53:50 | 001,081,344 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2010/01/22 16:53:50 | 000,786,432 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2011/03/03 06:53:49 | 000,149,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll [2011/02/22 23:06:28 | 011,080,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll [2011/02/22 23:06:28 | 001,991,680 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll [2008/04/14 11:00:00 | 000,274,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll [2008/11/14 22:33:28 | 000,068,096 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll [2011/01/21 14:42:25 | 008,463,360 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll [10 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\system32\drivers\*.sys /90 > [2011/02/17 13:19:38 | 000,457,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys [2011/02/17 13:19:17 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys < CREATERESTOREPOINT > < End of report >

========== Driver Services (All) ========== DRV - File not found [Kernel | On_Demand] -- -- (WDICA) DRV - File not found [Kernel | Disabled] -- -- (ViaIde) DRV - File not found [Kernel | Disabled] -- -- (TosIde) DRV - File not found [Kernel | Disabled] -- -- (Simbad) DRV - File not found [Kernel | On_Demand] -- -- (RimUsb) DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) DRV - File not found [Kernel | System] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand] -- -- (MRENDIS5) DRV - File not found [Kernel | On_Demand] -- -- (MREMPR5) DRV - File not found [Kernel | System] -- -- (lbrtfdc) DRV - File not found [Kernel | Disabled] -- -- (IntelIde) DRV - File not found [Kernel | Disabled] -- -- (CmdIde) DRV - File not found [Kernel | System] -- -- (Changer) DRV - File not found [Kernel | Disabled] -- -- (Atdisk) DRV - File not found [Kernel | Disabled] -- -- (AliIde) DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk) DRV - [2011/02/17 13:19:38 | 000,457,472 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb) DRV - [2011/02/17 13:19:17 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv) DRV - [2010/11/02 15:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy) DRV - [2010/09/07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/09/07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/09/07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/09/07 15:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010/09/07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010/09/07 15:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010/01/25 05:04:56 | 000,163,584 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\vidstub.sys -- (BootScreen) DRV - [2010/01/06 00:04:02 | 000,385,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk) DRV - [2009/11/11 17:14:44 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2009/11/11 17:14:44 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2009/11/11 17:14:44 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk) DRV - [2009/11/11 17:14:12 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk) DRV - [2009/10/20 16:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP) DRV - [2009/09/04 17:46:04 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50) DRV - [2009/09/04 17:46:04 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50) DRV - [2009/08/19 21:49:22 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5) DRV - [2009/06/24 10:28:51 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD) DRV - [2009/04/28 20:20:06 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20) DRV - [2009/01/09 22:18:02 | 000,027,136 | R--- | M] (Research in Motion Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RimSerial.sys -- (RimVSerPort) DRV - [2008/11/14 22:45:23 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\parport.sys -- (Parport) DRV - [2008/11/14 22:45:23 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem) DRV - [2008/11/14 22:45:23 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass) DRV - [2008/11/14 22:45:23 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios) DRV - [2008/11/14 22:45:23 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio) DRV - [2008/11/14 22:45:23 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum) DRV - [2008/11/14 22:44:39 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio) DRV - [2008/11/14 22:40:06 | 000,069,168 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2008/11/14 22:40:04 | 000,010,632 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\amdide.sys -- (amdide) DRV - [2008/11/14 22:39:28 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip) DRV - [2008/11/14 22:37:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wudfrd.sys -- (WudfRd) DRV - [2008/11/14 22:37:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wudfpf.sys -- (WudfPf) DRV - [2008/11/14 22:37:22 | 000,062,848 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\rspndr.sys -- (rspndr) DRV - [2008/11/14 22:33:58 | 000,030,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci) DRV - [2008/11/14 22:33:58 | 000,017,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbohci.sys -- (usbohci) DRV - [2008/11/14 22:33:38 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD) DRV - [2008/11/14 22:33:37 | 000,174,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss) DRV - [2008/11/14 22:33:27 | 000,182,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS) DRV - [2008/11/14 22:33:27 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan) DRV - [2008/11/14 22:33:26 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup) DRV - [2008/11/14 22:33:04 | 000,179,712 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV) DRV - [2008/11/14 22:32:38 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk) DRV - [2008/11/14 22:32:33 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom) DRV - [2008/10/16 15:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD) DRV - [2008/09/08 10:06:00 | 000,195,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr) DRV - [2008/04/22 19:09:20 | 000,032,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp) DRV - [2008/04/22 12:45:52 | 000,576,384 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs) DRV - [2008/04/14 11:00:00 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot) DRV - [2008/04/14 11:00:00 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update) DRV - [2008/04/14 11:00:00 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI) DRV - [2008/04/14 11:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT) DRV - [2008/04/14 11:00:00 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio) DRV - [2008/04/14 11:00:00 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat) DRV - [2008/04/14 11:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008/04/14 11:00:00 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat) DRV - [2008/04/14 11:00:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\fltMgr.sys -- (FltMgr) DRV - [2008/04/14 11:00:00 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk) DRV - [2008/04/14 11:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec) DRV - [2008/04/14 11:00:00 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr) DRV - [2008/04/14 11:00:00 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched) DRV - [2008/04/14 11:00:00 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI) DRV - [2008/04/14 11:00:00 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs) DRV - [2008/04/14 11:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial) DRV - [2008/04/14 11:00:00 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs) DRV - [2008/04/14 11:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc) DRV - [2008/04/14 11:00:00 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub) DRV - [2008/04/14 11:00:00 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt) DRV - [2008/04/14 11:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap) DRV - [2008/04/14 11:00:00 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP) DRV - [2008/04/14 11:00:00 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP) DRV - [2008/04/14 11:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips) DRV - [2008/04/14 11:00:00 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr) DRV - [2008/04/14 11:00:00 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi) DRV - [2008/04/14 11:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe) DRV - [2008/04/14 11:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp) DRV - [2008/04/14 11:00:00 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw) DRV - [2008/04/14 11:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm) DRV - [2008/04/14 11:00:00 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc) DRV - [2008/04/14 11:00:00 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS) DRV - [2008/04/14 11:00:00 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp) DRV - [2008/04/14 11:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver) DRV - [2008/04/14 11:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd) DRV - [2008/04/14 11:00:00 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs) DRV - [2008/04/14 11:00:00 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc) DRV - [2008/04/14 11:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass) DRV - [2008/04/14 11:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP) DRV - [2008/04/14 11:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave) DRV - [2008/04/14 11:00:00 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp) DRV - [2008/04/14 11:00:00 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk) DRV - [2008/04/14 11:00:00 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2008/04/14 11:00:00 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr) DRV - [2008/04/14 11:00:00 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs) DRV - [2008/04/14 11:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2008/04/14 11:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti) DRV - [2008/04/14 11:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac) DRV - [2008/04/14 11:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt) DRV - [2008/04/14 11:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE) DRV - [2008/04/14 11:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC) DRV - [2008/04/14 11:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy) DRV - [2008/04/14 11:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM) DRV - [2008/04/14 11:00:00 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi) DRV - [2008/04/14 11:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd) DRV - [2008/04/14 11:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec) DRV - [2008/04/14 11:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm) DRV - [2008/04/14 11:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload) DRV - [2008/04/14 11:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD) DRV - [2008/04/14 11:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep) DRV - [2008/04/14 11:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\pciide.sys -- (PCIIde) DRV - [2008/04/14 11:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null) DRV - [2008/04/14 11:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\winsock.dll -- (Winsock) DRV - [2008/04/14 05:47:20 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud) DRV - [2008/04/14 05:45:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio) DRV - [2008/04/14 05:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR) DRV - [2008/04/14 05:15:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb) DRV - [2008/04/14 05:15:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud) DRV - [2008/04/14 05:15:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer) DRV - [2008/04/14 05:15:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi) DRV - [2008/04/14 05:15:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter) DRV - [2008/04/14 05:15:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic) DRV - [2008/04/14 05:09:54 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV) DRV - [2008/04/14 05:09:52 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK) DRV - [2008/04/14 05:09:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM) DRV - [2008/04/14 04:17:38 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint) DRV - [2008/04/14 04:15:36 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan) DRV - [2008/04/14 04:09:48 | 000,206,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Dot4.sys -- (dot4) DRV - [2008/04/14 03:43:22 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD) DRV - [2008/04/14 03:09:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec) DRV - [2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi) DRV - [2008/04/13 23:10:28 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook) DRV - [2008/04/13 23:06:38 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CmBatt.sys -- (CmBatt) DRV - [2008/04/13 23:06:38 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\compbatt.sys -- (Compbatt) DRV - [2008/04/13 22:06:44 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pcmcia.sys -- (Pcmcia) DRV - [2007/12/13 10:21:56 | 000,547,904 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211) DRV - [2006/01/06 19:07:27 | 000,050,276 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphs2k11.sys -- (Dot4Storage HPH11) Storage Class Driver for IEEE-1284.4 (HPH11) DRV - [2006/01/06 19:07:27 | 000,018,928 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphius11.sys -- (Dot4Usb HPH11) DRV - [2006/01/06 19:07:27 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphipr11.sys -- (Dot4Print HPH11) DRV - [2006/01/06 19:07:26 | 000,050,896 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphid411.sys -- (Dot4 HPH11) DRV - [2005/11/10 22:44:12 | 004,064,256 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005/08/04 04:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005/03/04 17:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp) DRV - [2001/08/17 18:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid) DRV - [2001/08/17 17:47:32 | 000,023,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Dot4usb.sys -- (dot4usb) DRV - [2001/08/17 17:47:32 | 000,012,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Dot4Prt.sys -- (Dot4Print) DRV - [2001/08/17 12:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub) ========== Standard Registry (All) ==========

OTL logfile created on: 4/25/2011 7:01:52 PM - Run OTLPE by OldTimer - Version 3.1.46.0 Folder = D:\OTLPE\OTLPE Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 446.00 Mb Total Physical Memory | 142.00 Mb Available Physical Memory | 32.00% Memory free 366.00 Mb Paging File | 174.00 Mb Available in Paging File | 48.00% Paging File free Paging file location(s): C:\pagefile.sys 2000 4000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 55.65 Gb Total Space | 12.96 Gb Free Space | 23.28% Space Free | Partition Type: NTFS Drive D: | 3.73 Gb Total Space | 3.11 Gb Free Space | 83.17% Space Free | Partition Type: FAT32 Drive X: | 635.88 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: BARTPE-10137 | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet006 ========== Win32 Services (All) ========== SRV - [2010/12/14 16:19:30 | 000,136,176 | ---- | M] (Google Inc.) [Auto] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate) SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/08/27 06:05:07 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer) SRV - [2010/08/17 13:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler) SRV - [2010/03/22 20:53:24 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus® SRV - [2010/02/26 16:19:54 | 003,623,424 | ---- | M] (Native Instruments GmbH) [Auto] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService) SRV - [2009/10/11 10:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2009/09/04 17:41:22 | 000,319,488 | ---- | M] (Alcatel-Lucent) [Auto] -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService) SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes) SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection) SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility) SRV - [2009/06/10 06:17:16 | 000,134,144 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation) SRV - [2009/04/20 17:06:44 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache) SRV - [2009/02/10 18:26:38 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi) SRV - [2009/02/09 10:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Remote Procedure Call (RPC) SRV - [2009/02/09 10:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch) SRV - [2009/02/06 11:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (PlugPlay) SRV - [2009/02/06 11:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (Eventlog) SRV - [2008/12/12 17:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2008/11/14 22:45:23 | 000,483,328 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC) SRV - [2008/11/14 22:37:50 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\wudfsvc.dll -- (WudfSvc) SRV - [2008/11/14 22:37:38 | 000,913,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc) SRV - [2008/11/14 22:34:37 | 000,025,800 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv) SRV - [2008/11/14 22:34:00 | 000,175,616 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\w32time.dll -- (W32Time) SRV - [2008/11/14 22:33:54 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv) SRV - [2008/11/14 22:33:23 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) Network Location Awareness (NLA) SRV - [2008/11/14 22:33:20 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN) SRV - [2008/11/14 22:33:18 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer) SRV - [2008/11/14 22:32:57 | 000,330,752 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess) Windows Firewall/Internet Connection Sharing (ICS) SRV - [2008/11/14 22:32:40 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\es.dll -- (EventSystem) SRV - [2008/11/14 22:32:37 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp) SRV - [2008/11/14 22:32:32 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\browser.dll -- (Browser) SRV - [2008/11/09 20:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/07/30 00:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) SRV - [2008/07/29 22:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) SRV - [2008/07/29 22:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2008/07/25 14:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/07/25 14:16:40 | 000,034,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) SRV - [2008/04/14 11:00:00 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc) SRV - [2008/04/14 11:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\qmgr.dll -- (BITS) SRV - [2008/04/14 11:00:00 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Windows Image Acquisition (WIA) SRV - [2008/04/14 11:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\termsrv.dll -- (TermService) SRV - [2008/04/14 11:00:00 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent) SRV - [2008/04/14 11:00:00 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\vssvc.exe -- (VSS) SRV - [2008/04/14 11:00:00 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin) SRV - [2008/04/14 11:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\netman.dll -- (Netman) SRV - [2008/04/14 11:00:00 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule) SRV - [2008/04/14 11:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan) SRV - [2008/04/14 11:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost) SRV - [2008/04/14 11:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srsvc.dll -- (srservice) SRV - [2008/04/14 11:00:00 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt) SRV - [2008/04/14 11:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt) SRV - [2008/04/14 11:00:00 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr) SRV - [2008/04/14 11:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP) SRV - [2008/04/14 11:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc) SRV - [2008/04/14 11:00:00 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov) SRV - [2008/04/14 11:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv) SRV - [2008/04/14 11:00:00 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm) SRV - [2008/04/14 11:00:00 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE) SRV - [2008/04/14 11:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr) SRV - [2008/04/14 11:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks) SRV - [2008/04/14 11:00:00 | 000,089,600 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog) SRV - [2008/04/14 11:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto) SRV - [2008/04/14 11:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Remote Procedure Call (RPC) SRV - [2008/04/14 11:00:00 | 000,073,216 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr) SRV - [2008/04/14 11:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV) SRV - [2008/04/14 11:00:00 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient) SRV - [2008/04/14 11:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc) SRV - [2008/04/14 11:00:00 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc) SRV - [2008/04/14 11:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry) SRV - [2008/04/14 11:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess) SRV - [2008/04/14 11:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\alg.exe -- (ALG) SRV - [2008/04/14 11:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv) SRV - [2008/04/14 11:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\sens.dll -- (SENS) SRV - [2008/04/14 11:00:00 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2008/04/14 11:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger) SRV - [2008/04/14 11:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost) SRV - [2008/04/14 11:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv) SRV - [2008/04/14 11:00:00 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver) SRV - [2008/04/14 11:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc) SRV - [2008/04/14 11:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon) SRV - [2008/04/14 11:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ups.exe -- (UPS) SRV - [2008/04/14 11:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter) SRV - [2008/04/14 11:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter) SRV - [2008/04/14 11:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts) SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (SamSs) SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage) SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent) SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp) SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon) SRV - [2008/04/14 11:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC) SRV - [2008/04/14 11:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc) SRV - [2008/04/14 11:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv) SRV - [2008/04/14 11:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp) SRV - [2008/04/14 10:41:56 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ) SRV - [2006/01/06 19:07:26 | 000,077,824 | ---- | M] (HP) [On_Demand] -- C:\WINDOWS\system32\hphipm11.exe -- (Pml Driver HPH11) SRV - [2005/08/04 04:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) [Auto] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller) SRV - [2005/04/27 13:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean) SRV - [2004/10/22 09:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003/07/28 17:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

ok here is my OTL PE log file

i will try too

i wish i could do this but the only other pc i have available is a mini with no cd/dvd drive

i have this unknown ransom Trojan on my main PC. i believe one of my kids may have downloaded it from a gaming website. problem is with this Trojan, i cannot enter anything. this includes safe mode. how would i go by removing this. System plugin at address 0x00874324 got critical error, please follow these steps to deactivate it. "lists international numbers" enter code this is a bad one ladies and gentleman can you please help me to remove it i am on full system lock down until. the following attachment is all i can see i cannot access any function on my pc Thank you Epsilon