Jump to content

Ransom Locker


Recommended Posts

i have this unknown ransom Trojan on my main PC. i believe one of my kids may have downloaded it from a gaming website. problem is with this Trojan, i cannot enter anything. this includes safe mode. how would i go by removing this.

System plugin at address 0x00874324 got critical error, please follow these steps to deactivate it.

"lists international numbers"

enter code

this is a bad one ladies and gentleman

can you please help me to remove it

i am on full system lock down until.

the following attachment is all i can see

i cannot access any function on my pc

Thank you

Epsilon

post-78151-0-41123800-1303714057.jpg

Link to post
Share on other sites

Hello Epsilon ! Welcome to Malwarebytes Forums! :welcome:

My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

Let's try to boot your computer using the Ultimate Boot CD for Windows (UBCD4win).

Please print this guide for future reference!

You will need a blank CD, a clean computer and a flash drive.

Please follow the steps below and let me know if you were successful. If you were unable to create the UBCD4win, please tell me what error messages you got and/or what steps you got hung up on.

1. Download and Run Ultimate Boot CD for Windows

  • Save it to your Desktop.
  • Double-Click on the UBCD4Win.EXE that you just downloaded to your desktop.
  • Follow all of the instructions/prompts that come up.
    NOTES:
    • Do not install to a folder with spaces in it's name.
    • Your Anti-Virus may report viruses or trojans when you extract UBCD4Win, these are "False-Positives." Read HERE for information regarding the files that normally trigger AV software.

2. Insert your XP CD with SP1/SP2/SP3 into a CD Rom drive

  • Double-Click on UBCD4WinBuilder.exe located in your C:\ubcd4win folder.
  • Click "I agree" to the Builders License.
  • Click NO to Search for Windows Installation Files
  • Make the following selections from the Main Screen that pops up:
    • Builder
      • Source:(path to Windows installation files)
        • Enter the path to the drive where your XP CD is located.
        • You can click on the "..." button on the right to navigate to the path as well.

        [*]Custom: (include files and folders from this directory)

        • No information is necessary, leave blank.

        [*]Output: (C:\ubcd4win\BartPE)

        • Keep the default BartPE

    • Media output
      • Choose Create ISO image

      • Do not choose Burn to CD/DVD

      Please note: If your XP install disc is SP1 then please .....

      1. Disable- DComLaunch Service
      2. Enable- LargeIDE Fix
        This can be done by pressing the "Plugin" button and checking or unchecking the appropriate selections

      Also note: If you have a Dell XP install disc you will need to follow the instructions here

      http://www.ubcd4win.com/faq.htm#dell

    3. Click on the "Build" button

    • You will see the Windows EULA message. Click on I Agree
    • You will now see the Build Screen. Let it run it's course
    • When the Build is finished you can click close, then exit

    4. Burn your ISO file to CD

    • Please see HERE on how to burn an ISO to CD.

==========

Next........

From your clean computer..

Please download OTLPE.zip and save it to a flash drive.

http://oldtimer.geekstogo.com/OTLPE.zip

http://www.itxassociates.com/OT-Tools/OTLPE.zip

Double click and unzip OTLPE.zip to its own folder on your flash drive. Name it OTLPE <-- Important!!

==========

Plug your flash drive into your sick computer now and do as instructed below..

==========

1. Restart Your sick Computer Using the UBCD4Win Disc That You Have Created

  • Insert the UBCD4Win disc in to one of your CD/DVD drives.
  • Restart your computer.
    • The computer should choose to boot from the UBCD4Win CD automatically. If it doesn't and you are asked if you want to boot from CD, then choose that option.

    [*]In the window that pops up select Launch The Ultimate Boot CD For Windows and press Enter.

    • It may take a little longer for the Desktop to appear than it does when you start your computer normally. Just let the process run itself until the desktop appears.

    [*]Once the desktop appears, you will receive a message asking: Do you want to start Network support?

    • Click on Yes if you want to use the PE environment to get online post your log and reply by way of an Ethernet connection.

    [*]You should now have a desktop that looks like this:

    Main.jpg

==========

Single click My computer from your UBCD4W desktop to navigate to the OTLPE folder that you saved to your flash drive.

Open the OTLPE folder and double click Start.cmd.

  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTLPE should now start
    Change the following settings
    • Change Services, Drivers, Standard and Extra Registry to All

    [*]Copy and Paste the following code into the customFix.png textbox. Do not include the word "Code"

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    userinit.exe
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    /md5stop
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\drivers\*.sys /90
    CREATERESTOREPOINT

    [*]Push runscanbutton.png

    [*]A report will open. Save that log to your flash drive. Copy and Paste that report in your next reply.

=========

With your next post please provide:

* OTLPE.txt

Kind regards,

Georgi

Link to post
Share on other sites

ok here is my OTL PE log file

OTL Extras logfile created on: 4/25/2011 7:01:52 PM - Run

OTLPE by OldTimer - Version 3.1.46.0 Folder = D:\OTLPE\OTLPE

Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.00 Mb Total Physical Memory | 142.00 Mb Available Physical Memory | 32.00% Memory free

366.00 Mb Paging File | 174.00 Mb Available in Paging File | 48.00% Paging File free

Paging file location(s): C:\pagefile.sys 2000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 55.65 Gb Total Space | 12.96 Gb Free Space | 23.28% Space Free | Partition Type: NTFS

Drive D: | 3.73 Gb Total Space | 3.11 Gb Free Space | 83.17% Space Free | Partition Type: FAT32

Drive X: | 635.88 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: BARTPE-10137 | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet006

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)

.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)

.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)

.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)

.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)

.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)

.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)

batfile [open] -- "%1" %*

batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)

cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)

cmdfile [open] -- "%1" %*

cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)

hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)

htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)

inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)

inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)

inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)

jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)

jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)

jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)

jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)

regfile [open] -- regedit.exe "%1" (Microsoft Corporation)

regfile [merge] -- Reg Error: Key error.

regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)

txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)

vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)

vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)

vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)

vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)

vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)

wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)

wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)

Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)

"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)

"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)

"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)

"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM

"C:\Program Files\Ipswitch\WS_FTP 12\wsftpgui.exe" = C:\Program Files\Ipswitch\WS_FTP 12\wsftpgui.exe:*:Enabled:WS_FTP Pro/LE

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)

"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze

"C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable

"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour

"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor

"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel

"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{22439E2F-1CF7-4F8B-992A-3AA3C0553929}" = Yu-Gi-Oh! ONLINE 3

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java 6 Update 17

"{2E510276-F614-4AC5-9ACC-465735484A4F}" = Show Presenter

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker

"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant

"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com

"{6855CCDD-BDF9-48E4-B80A-80DFB96FE36C}" = CmdHere Powertoy For Windows XP

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6DB7AD00-F781-11DF-9EEF-001279CD8240}" = Google Earth

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers 1.10.01

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003

"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules

"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9FA2E0CF-64E8-3536-BA71-618A48D9AF55}" = Google Talk Plugin

"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175

"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls

"{A7050037-F0EA-4BAB-BCD5-FC05507D6147}" = Alt-Tab Task Switcher Powertoy for Windows XP

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder

"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter

"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1

"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder

"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player

"{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}" = Windows Rights Management Client with Service Pack 2

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 Service Pack 1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager

"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call

"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse

"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2

"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service

"6ED11016CDD566A27C3E3432CC546D9FA64E636C" = Windows Driver Package - Realtek Semiconductor Corp. (RTL8023xp) Net (02/25/2008 5.687.0225.2008)

"7-Zip" = 7-Zip 4.60 beta

"8916FCDA42DB427750EB06B23F022EAFDE7A24FA" = Windows Driver Package - ENE TECHNOLOGY INC. PCMCIA (08/14/2002 5.1.2600.1010)

"AbiWord2" = AbiWord 2.6.4

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"All ATI Software" = ATI - Software Uninstall Utility

"ATI Display Driver" = ATI Display Driver

"avast5" = avast! Free Antivirus

"B401FBF1B09B882D9896BCD7132C6DDC5A787A91" = Windows Driver Package - Atheros (AR5211) Net (07/26/2007 5.3.0.67)

"BitComet" = BitComet 1.27

"BootSkin" = BootSkin

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters

"FrostWire" = FrostWire 4.18.6

"Google Chrome" = Google Chrome

"hphuni04" = Photosmart 130,230,7150,7345,7350,7550 (Remove only)

"ie8" = Windows Internet Explorer 8

"Impulse" = Impulse

"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8

"LogonStudio" = LogonStudio

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft Silverlight" = Microsoft Silverlight

"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)

"Mozilla Thunderbird (3.1.6)" = Mozilla Thunderbird (3.1.6)

"Native Instruments Controller Editor" = Native Instruments Controller Editor

"Native Instruments Service Center" = Native Instruments Service Center

"Native Instruments Traktor DJ Studio 3" = Native Instruments Traktor DJ Studio 3

"Notepad++" = Notepad++

"PCDJ VJ" = PCDJ VJ

"PCDJDex" = PCDJ DEX (remove only)

"TeamViewer 5" = TeamViewer 5

"VLC media player" = VLC media player 1.0.1

"WavePad" = WavePad Sound Editor

"Winamp" = Winamp

"WindowBlinds 7" = WindowBlinds 7

"Windows Rights Management Client" = Windows Rights Management Client with Service Pack 2

"Windows Rights Management Client Backwards" = Windows Rights Management Client Backwards Compatibility SP2

"WinLiveSuite_Wave3" = Windows Live Essentials

"Yahoo! Messenger" = Yahoo! Messenger

"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Winamp Detect" = Winamp Detector Plug-in

< End of report >

Link to post
Share on other sites

OTL logfile created on: 4/25/2011 7:01:52 PM - Run

OTLPE by OldTimer - Version 3.1.46.0 Folder = D:\OTLPE\OTLPE

Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.00 Mb Total Physical Memory | 142.00 Mb Available Physical Memory | 32.00% Memory free

366.00 Mb Paging File | 174.00 Mb Available in Paging File | 48.00% Paging File free

Paging file location(s): C:\pagefile.sys 2000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 55.65 Gb Total Space | 12.96 Gb Free Space | 23.28% Space Free | Partition Type: NTFS

Drive D: | 3.73 Gb Total Space | 3.11 Gb Free Space | 83.17% Space Free | Partition Type: FAT32

Drive X: | 635.88 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: BARTPE-10137 | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet006

========== Win32 Services (All) ==========

SRV - [2010/12/14 16:19:30 | 000,136,176 | ---- | M] (Google Inc.) [Auto] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)

SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)

SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)

SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2010/08/27 06:05:07 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)

SRV - [2010/08/17 13:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)

SRV - [2010/03/22 20:53:24 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®

SRV - [2010/02/26 16:19:54 | 003,623,424 | ---- | M] (Native Instruments GmbH) [Auto] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)

SRV - [2009/10/11 10:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2009/09/04 17:41:22 | 000,319,488 | ---- | M] (Alcatel-Lucent) [Auto] -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService)

SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)

SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)

SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)

SRV - [2009/06/10 06:17:16 | 000,134,144 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)

SRV - [2009/04/20 17:06:44 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)

SRV - [2009/02/10 18:26:38 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)

SRV - [2009/02/09 10:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Remote Procedure Call (RPC)

SRV - [2009/02/09 10:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)

SRV - [2009/02/06 11:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)

SRV - [2009/02/06 11:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (Eventlog)

SRV - [2008/12/12 17:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)

SRV - [2008/11/14 22:45:23 | 000,483,328 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)

SRV - [2008/11/14 22:37:50 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\wudfsvc.dll -- (WudfSvc)

SRV - [2008/11/14 22:37:38 | 000,913,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)

SRV - [2008/11/14 22:34:37 | 000,025,800 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)

SRV - [2008/11/14 22:34:00 | 000,175,616 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)

SRV - [2008/11/14 22:33:54 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)

SRV - [2008/11/14 22:33:23 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) Network Location Awareness (NLA)

SRV - [2008/11/14 22:33:20 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN)

SRV - [2008/11/14 22:33:18 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)

SRV - [2008/11/14 22:32:57 | 000,330,752 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess) Windows Firewall/Internet Connection Sharing (ICS)

SRV - [2008/11/14 22:32:40 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\es.dll -- (EventSystem)

SRV - [2008/11/14 22:32:37 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)

SRV - [2008/11/14 22:32:32 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\browser.dll -- (Browser)

SRV - [2008/11/09 20:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

SRV - [2008/07/30 00:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)

SRV - [2008/07/29 22:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)

SRV - [2008/07/29 22:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)

SRV - [2008/07/25 14:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008/07/25 14:16:40 | 000,034,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)

SRV - [2008/04/14 11:00:00 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)

SRV - [2008/04/14 11:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)

SRV - [2008/04/14 11:00:00 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Windows Image Acquisition (WIA)

SRV - [2008/04/14 11:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)

SRV - [2008/04/14 11:00:00 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent)

SRV - [2008/04/14 11:00:00 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)

SRV - [2008/04/14 11:00:00 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)

SRV - [2008/04/14 11:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\netman.dll -- (Netman)

SRV - [2008/04/14 11:00:00 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)

SRV - [2008/04/14 11:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)

SRV - [2008/04/14 11:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)

SRV - [2008/04/14 11:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)

SRV - [2008/04/14 11:00:00 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)

SRV - [2008/04/14 11:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)

SRV - [2008/04/14 11:00:00 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)

SRV - [2008/04/14 11:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)

SRV - [2008/04/14 11:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)

SRV - [2008/04/14 11:00:00 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)

SRV - [2008/04/14 11:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)

SRV - [2008/04/14 11:00:00 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)

SRV - [2008/04/14 11:00:00 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)

SRV - [2008/04/14 11:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)

SRV - [2008/04/14 11:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)

SRV - [2008/04/14 11:00:00 | 000,089,600 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)

SRV - [2008/04/14 11:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)

SRV - [2008/04/14 11:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Remote Procedure Call (RPC)

SRV - [2008/04/14 11:00:00 | 000,073,216 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)

SRV - [2008/04/14 11:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)

SRV - [2008/04/14 11:00:00 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)

SRV - [2008/04/14 11:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)

SRV - [2008/04/14 11:00:00 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc)

SRV - [2008/04/14 11:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)

SRV - [2008/04/14 11:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)

SRV - [2008/04/14 11:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\alg.exe -- (ALG)

SRV - [2008/04/14 11:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)

SRV - [2008/04/14 11:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\sens.dll -- (SENS)

SRV - [2008/04/14 11:00:00 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)

SRV - [2008/04/14 11:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)

SRV - [2008/04/14 11:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)

SRV - [2008/04/14 11:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)

SRV - [2008/04/14 11:00:00 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)

SRV - [2008/04/14 11:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)

SRV - [2008/04/14 11:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)

SRV - [2008/04/14 11:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ups.exe -- (UPS)

SRV - [2008/04/14 11:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)

SRV - [2008/04/14 11:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)

SRV - [2008/04/14 11:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)

SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)

SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)

SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)

SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)

SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)

SRV - [2008/04/14 11:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)

SRV - [2008/04/14 11:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)

SRV - [2008/04/14 11:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)

SRV - [2008/04/14 11:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)

SRV - [2008/04/14 10:41:56 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)

SRV - [2006/01/06 19:07:26 | 000,077,824 | ---- | M] (HP) [On_Demand] -- C:\WINDOWS\system32\hphipm11.exe -- (Pml Driver HPH11)

SRV - [2005/08/04 04:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) [Auto] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)

SRV - [2005/04/27 13:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)

SRV - [2004/10/22 09:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)

SRV - [2003/07/28 17:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

Link to post
Share on other sites

========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)

DRV - File not found [Kernel | Disabled] -- -- (ViaIde)

DRV - File not found [Kernel | Disabled] -- -- (TosIde)

DRV - File not found [Kernel | Disabled] -- -- (Simbad)

DRV - File not found [Kernel | On_Demand] -- -- (RimUsb)

DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)

DRV - File not found [Kernel | System] -- -- (PCIDump)

DRV - File not found [Kernel | On_Demand] -- -- (MRENDIS5)

DRV - File not found [Kernel | On_Demand] -- -- (MREMPR5)

DRV - File not found [Kernel | System] -- -- (lbrtfdc)

DRV - File not found [Kernel | Disabled] -- -- (IntelIde)

DRV - File not found [Kernel | Disabled] -- -- (CmdIde)

DRV - File not found [Kernel | System] -- -- (Changer)

DRV - File not found [Kernel | Disabled] -- -- (Atdisk)

DRV - File not found [Kernel | Disabled] -- -- (AliIde)

DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)

DRV - [2011/02/17 13:19:38 | 000,457,472 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)

DRV - [2011/02/17 13:19:17 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)

DRV - [2010/11/02 15:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)

DRV - [2010/09/07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2010/09/07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2010/09/07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2010/09/07 15:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2010/09/07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2010/09/07 15:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2010/01/25 05:04:56 | 000,163,584 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\vidstub.sys -- (BootScreen)

DRV - [2010/01/06 00:04:02 | 000,385,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)

DRV - [2009/11/11 17:14:44 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)

DRV - [2009/11/11 17:14:44 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)

DRV - [2009/11/11 17:14:44 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)

DRV - [2009/11/11 17:14:12 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)

DRV - [2009/10/20 16:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)

DRV - [2009/09/04 17:46:04 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)

DRV - [2009/09/04 17:46:04 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)

DRV - [2009/08/19 21:49:22 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)

DRV - [2009/06/24 10:28:51 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)

DRV - [2009/04/28 20:20:06 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20)

DRV - [2009/01/09 22:18:02 | 000,027,136 | R--- | M] (Research in Motion Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RimSerial.sys -- (RimVSerPort)

DRV - [2008/11/14 22:45:23 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\parport.sys -- (Parport)

DRV - [2008/11/14 22:45:23 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)

DRV - [2008/11/14 22:45:23 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)

DRV - [2008/11/14 22:45:23 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)

DRV - [2008/11/14 22:45:23 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)

DRV - [2008/11/14 22:45:23 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)

DRV - [2008/11/14 22:44:39 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)

DRV - [2008/11/14 22:40:06 | 000,069,168 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)

DRV - [2008/11/14 22:40:04 | 000,010,632 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\amdide.sys -- (amdide)

DRV - [2008/11/14 22:39:28 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)

DRV - [2008/11/14 22:37:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wudfrd.sys -- (WudfRd)

DRV - [2008/11/14 22:37:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wudfpf.sys -- (WudfPf)

DRV - [2008/11/14 22:37:22 | 000,062,848 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\rspndr.sys -- (rspndr)

DRV - [2008/11/14 22:33:58 | 000,030,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)

DRV - [2008/11/14 22:33:58 | 000,017,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbohci.sys -- (usbohci)

DRV - [2008/11/14 22:33:38 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)

DRV - [2008/11/14 22:33:37 | 000,174,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)

DRV - [2008/11/14 22:33:27 | 000,182,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)

DRV - [2008/11/14 22:33:27 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)

DRV - [2008/11/14 22:33:26 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)

DRV - [2008/11/14 22:33:04 | 000,179,712 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)

DRV - [2008/11/14 22:32:38 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)

DRV - [2008/11/14 22:32:33 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)

DRV - [2008/10/16 15:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)

DRV - [2008/09/08 10:06:00 | 000,195,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)

DRV - [2008/04/22 19:09:20 | 000,032,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)

DRV - [2008/04/22 12:45:52 | 000,576,384 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)

DRV - [2008/04/14 11:00:00 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)

DRV - [2008/04/14 11:00:00 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)

DRV - [2008/04/14 11:00:00 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)

DRV - [2008/04/14 11:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)

DRV - [2008/04/14 11:00:00 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)

DRV - [2008/04/14 11:00:00 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)

DRV - [2008/04/14 11:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2008/04/14 11:00:00 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)

DRV - [2008/04/14 11:00:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\fltMgr.sys -- (FltMgr)

DRV - [2008/04/14 11:00:00 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)

DRV - [2008/04/14 11:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)

DRV - [2008/04/14 11:00:00 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)

DRV - [2008/04/14 11:00:00 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)

DRV - [2008/04/14 11:00:00 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)

DRV - [2008/04/14 11:00:00 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)

DRV - [2008/04/14 11:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial)

DRV - [2008/04/14 11:00:00 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)

DRV - [2008/04/14 11:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)

DRV - [2008/04/14 11:00:00 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)

DRV - [2008/04/14 11:00:00 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)

DRV - [2008/04/14 11:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)

DRV - [2008/04/14 11:00:00 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)

DRV - [2008/04/14 11:00:00 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)

DRV - [2008/04/14 11:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)

DRV - [2008/04/14 11:00:00 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)

DRV - [2008/04/14 11:00:00 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)

DRV - [2008/04/14 11:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)

DRV - [2008/04/14 11:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)

DRV - [2008/04/14 11:00:00 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)

DRV - [2008/04/14 11:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)

DRV - [2008/04/14 11:00:00 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)

DRV - [2008/04/14 11:00:00 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)

DRV - [2008/04/14 11:00:00 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)

DRV - [2008/04/14 11:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)

DRV - [2008/04/14 11:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)

DRV - [2008/04/14 11:00:00 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)

DRV - [2008/04/14 11:00:00 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc)

DRV - [2008/04/14 11:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)

DRV - [2008/04/14 11:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)

DRV - [2008/04/14 11:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)

DRV - [2008/04/14 11:00:00 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)

DRV - [2008/04/14 11:00:00 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk)

DRV - [2008/04/14 11:00:00 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)

DRV - [2008/04/14 11:00:00 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)

DRV - [2008/04/14 11:00:00 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)

DRV - [2008/04/14 11:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)

DRV - [2008/04/14 11:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)

DRV - [2008/04/14 11:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)

DRV - [2008/04/14 11:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)

DRV - [2008/04/14 11:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)

DRV - [2008/04/14 11:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC)

DRV - [2008/04/14 11:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)

DRV - [2008/04/14 11:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)

DRV - [2008/04/14 11:00:00 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)

DRV - [2008/04/14 11:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)

DRV - [2008/04/14 11:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)

DRV - [2008/04/14 11:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)

DRV - [2008/04/14 11:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)

DRV - [2008/04/14 11:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)

DRV - [2008/04/14 11:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)

DRV - [2008/04/14 11:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\pciide.sys -- (PCIIde)

DRV - [2008/04/14 11:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)

DRV - [2008/04/14 11:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)

DRV - [2008/04/14 05:47:20 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)

DRV - [2008/04/14 05:45:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)

DRV - [2008/04/14 05:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR)

DRV - [2008/04/14 05:15:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)

DRV - [2008/04/14 05:15:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)

DRV - [2008/04/14 05:15:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)

DRV - [2008/04/14 05:15:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)

DRV - [2008/04/14 05:15:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)

DRV - [2008/04/14 05:15:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic)

DRV - [2008/04/14 05:09:54 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV)

DRV - [2008/04/14 05:09:52 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK)

DRV - [2008/04/14 05:09:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM)

DRV - [2008/04/14 04:17:38 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)

DRV - [2008/04/14 04:15:36 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)

DRV - [2008/04/14 04:09:48 | 000,206,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Dot4.sys -- (dot4)

DRV - [2008/04/14 03:43:22 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)

DRV - [2008/04/14 03:09:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)

DRV - [2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)

DRV - [2008/04/13 23:10:28 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)

DRV - [2008/04/13 23:06:38 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CmBatt.sys -- (CmBatt)

DRV - [2008/04/13 23:06:38 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\compbatt.sys -- (Compbatt)

DRV - [2008/04/13 22:06:44 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pcmcia.sys -- (Pcmcia)

DRV - [2007/12/13 10:21:56 | 000,547,904 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)

DRV - [2006/01/06 19:07:27 | 000,050,276 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphs2k11.sys -- (Dot4Storage HPH11) Storage Class Driver for IEEE-1284.4 (HPH11)

DRV - [2006/01/06 19:07:27 | 000,018,928 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphius11.sys -- (Dot4Usb HPH11)

DRV - [2006/01/06 19:07:27 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphipr11.sys -- (Dot4Print HPH11)

DRV - [2006/01/06 19:07:26 | 000,050,896 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphid411.sys -- (Dot4 HPH11)

DRV - [2005/11/10 22:44:12 | 004,064,256 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2005/08/04 04:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2005/03/04 17:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)

DRV - [2001/08/17 18:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)

DRV - [2001/08/17 17:47:32 | 000,023,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Dot4usb.sys -- (dot4usb)

DRV - [2001/08/17 17:47:32 | 000,012,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Dot4Prt.sys -- (Dot4Print)

DRV - [2001/08/17 12:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)

========== Standard Registry (All) ==========

Link to post
Share on other sites

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ie.msn.com/?ocid=iehp

IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ie

IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 D1 8C 13 38 AD CA 01 [binary data]

IE - HKU\Jennifer_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKU\Jennifer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Jennifer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:52323

IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=18707

IE - HKU\Owner_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*

IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:53980

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"

FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us"

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-type: "${8}"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.aol.com/?src=aim&ncid=snsusaimc00000001"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17

FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63

FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.27.2

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16

FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query="

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 53980

FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/01/25 05:08:37 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010/01/22 16:19:10 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/24 22:16:49 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/24 22:16:49 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/12/21 05:05:11 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2010/03/03 02:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions

[2010/02/14 16:20:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2010/03/17 22:28:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2010/03/03 02:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\IMVUClientXUL@imvu.com

[2011/04/24 23:02:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions

[2010/11/20 02:08:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/04/24 21:59:32 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2011/04/24 22:16:50 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

[2011/04/24 22:13:53 | 000,000,000 | ---D | M] ("AOL Messaging Toolbar") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}

[2010/04/02 01:25:24 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

[2010/04/02 23:41:36 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\searchplugins\aim-search.xml

[2011/04/24 23:02:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011/04/23 21:20:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2010/01/22 23:53:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

[2010/01/22 16:19:10 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2011/04/23 21:19:51 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll

[2011/04/23 21:19:51 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll

[2011/04/15 12:20:18 | 001,034,544 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll

[2009/10/11 10:17:27 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll

[2009/11/14 00:47:38 | 000,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll

[2009/02/06 18:44:28 | 001,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll

[2011/04/23 21:20:02 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll

[2009/12/22 00:34:06 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

[2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

[2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

[2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

[2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

[2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

[2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

[2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

[2010/01/13 22:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

[2010/03/22 20:53:24 | 000,032,576 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll

[2011/04/23 21:20:05 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml

[2011/04/23 21:20:06 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml

[2011/04/23 21:20:06 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml

[2011/04/23 21:20:06 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml

[2011/04/23 21:20:06 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml

[2011/04/23 21:20:06 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml

[2011/04/23 21:20:06 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010/01/22 16:22:51 | 000,000,862 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers\YontooIEClient.dll (Yontoo Technology, Inc.)

O3 - HKU\Jennifer_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKU\Owner_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - File not found

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [bootSkin Startup Jobs] C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe ()

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)

O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\Jennifer_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\Jennifer_ON_C..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

O4 - HKU\LocalService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\NetworkService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\Owner_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\Owner_ON_C..\Run: [Google Update] C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)

O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)

O4 - HKU\.DEFAULT..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)

O4 - HKU\LocalService_ON_C..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)

O4 - HKU\NetworkService_ON_C..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\Jennifer_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 18

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1

O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)

O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - File not found

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Jennifer\Application Data\svchost.exe) - C:\Documents and Settings\Jennifer\Application Data\svchost.exe (Ooounom Software)

O20 - HKLM Winlogon: UIHost - (C:\WINDOWS\system32\logonuix.exe) - C:\WINDOWS\system32\logonuix.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - HKU\Jennifer_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKU\Jennifer_ON_C Winlogon: Shell - (C:\Documents and Settings\Jennifer\Application Data\dwm.exe) - File not found

O20 - HKU\Owner_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKU\Owner_ON_C Winlogon: Shell - (C:\Documents and Settings\Owner\Application Data\dwm.exe) - File not found

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\WBSrv: DllName - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O24 - Desktop WallPaper:

O24 - Desktop BackupWallPaper:

O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/01/22 16:10:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2004/11/02 21:05:00 | 000,000,046 | R--- | M] () - X:\autorun.inf -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Desktop Manager.lnk - - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^Owner^Start Menu^Programs^Startup^ImpulseNow.lnk - C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe - (Stardock Corporation)

MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

MsConfig - StartUpReg: Aim - hkey= - key= - File not found

MsConfig - StartUpReg: Alcmtr - hkey= - key= - C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

MsConfig - StartUpReg: ATT-SST_McciTrayApp - hkey= - key= - File not found

MsConfig - StartUpReg: BlackBerryAutoUpdate - hkey= - key= - File not found

MsConfig - StartUpReg: CoolSwitch - hkey= - key= - File not found

MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found

MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)

MsConfig - StartUpReg: HPDJ Taskbar Utility - hkey= - key= - File not found

MsConfig - StartUpReg: HPHmon04 - hkey= - key= - File not found

MsConfig - StartUpReg: HPHUPD04 - hkey= - key= - File not found

MsConfig - StartUpReg: IMJPMIG8.1 - hkey= - key= - C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

MsConfig - StartUpReg: ISUSPM - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)

MsConfig - StartUpReg: ISW - hkey= - key= - File not found

MsConfig - StartUpReg: iTunesHelper - hkey= - key= - File not found

MsConfig - StartUpReg: Meebo Notifier - hkey= - key= - File not found

MsConfig - StartUpReg: PHIME2002A - hkey= - key= - File not found

MsConfig - StartUpReg: PHIME2002ASync - hkey= - key= - File not found

MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)

MsConfig - StartUpReg: RoxWatchTray - hkey= - key= - File not found

MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)

MsConfig - StartUpReg: SpybotSD TeaTimer - hkey= - key= - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

MsConfig - StartUpReg: TFncKy - hkey= - key= - File not found

MsConfig - StartUpReg: Weather - hkey= - key= - File not found

MsConfig - StartUpReg: WinampAgent - hkey= - key= - File not found

MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 0

MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: mcmscsvc - Service

SafeBootMin: MCODS - Service

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: mcmscsvc - Service

SafeBootNet: MCODS - Service

SafeBootNet: MpfService - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: vsmon - Service

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

========== Files/Folders - Created Within 30 Days ==========

[2011/04/25 22:59:22 | 000,000,000 | ---D | C] -- C:\~ErdUserProfile.$$$

[2011/04/25 22:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO

[2011/04/25 22:37:13 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn

[2011/04/25 22:25:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC

[2011/04/25 03:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software

[2011/04/25 03:39:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\ringtones

[2011/04/25 01:16:29 | 000,078,424 | ---- | C] (Ooounom Software) -- C:\Documents and Settings\Jennifer\Application Data\svchost.exe

[2011/04/24 22:32:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound

[2011/04/24 22:32:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite

[2011/04/24 22:32:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Audio Related Programs

[2011/04/24 22:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WavePad Sound Editor

[2011/04/24 22:32:15 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound

[2011/04/24 22:17:24 | 000,000,000 | ---D | C] -- C:\Downloads

[2011/04/24 22:16:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BitComet

[2011/04/24 22:16:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\BitComet

[2011/04/24 22:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet

[2011/04/24 21:57:30 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers

[2011/04/24 21:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer

[2011/04/24 21:54:36 | 000,078,424 | ---- | C] (Ooounom Software) -- C:\Documents and Settings\Owner\Application Data\svchost.exe

[2011/04/24 21:47:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound

[2011/04/14 18:38:29 | 000,049,904 | R--- | C] (Avanquest Software) -- C:\WINDOWS\System32\drivers\BVRPMPR5.SYS

[2011/04/14 18:15:37 | 000,000,000 | ---D | C] -- C:\Netgear

[2011/04/13 19:42:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX

[2011/04/13 19:26:29 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe

[2011/04/13 19:26:28 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll

[2011/04/13 19:26:23 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll

[2011/04/13 19:26:13 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32.dll

[2011/04/13 19:26:12 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll

[2011/04/13 19:26:12 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll

[2011/04/13 19:26:12 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll

[2011/04/13 19:26:12 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll

[2011/04/13 19:26:12 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb

[2011/04/13 19:26:12 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb

[2011/04/13 19:26:12 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb

[2011/04/13 19:26:12 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb

[2011/04/13 19:26:12 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb

[2011/04/13 19:25:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shsvcs.dll

[2011/04/13 19:24:52 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys

[2011/04/13 19:24:51 | 000,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys

[2011/04/13 19:24:51 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll

[2011/04/13 19:24:51 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll

[2011/04/13 19:24:51 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsrslvr.dll

[2010/04/19 22:48:14 | 000,939,792 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MFC42U.DLL

[2010/04/19 22:48:14 | 000,271,632 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MSVCRT.DLL

[2010/04/19 22:48:14 | 000,032,528 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\OLEPRO32.DLL

[2010/04/19 22:48:13 | 000,941,840 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MFC42.DLL

[2010/04/19 22:48:09 | 000,330,512 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MSPAINT.EXE

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Documents and Settings\Owner\Application Data\*.tmp files -> C:\Documents and Settings\Owner\Application Data\*.tmp -> ]

[1 C:\Documents and Settings\Jennifer\Application Data\*.tmp files -> C:\Documents and Settings\Jennifer\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/25 23:35:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004UA.job

[2011/04/25 23:34:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/04/25 23:33:40 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011/04/25 23:33:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/04/25 23:33:13 | 467,914,752 | -HS- | M] () -- C:\hiberfil.sys

[2011/04/25 23:25:05 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011/04/25 23:09:53 | 000,000,245 | -HS- | M] () -- C:\boot.ini

[2011/04/25 22:44:39 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk

[2011/04/25 22:37:15 | 000,001,512 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk

[2011/04/25 05:36:19 | 000,482,056 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

[2011/04/25 04:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight

[2011/04/24 22:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite

[2011/04/24 22:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Audio Related Programs

[2011/04/24 22:32:19 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WavePad Sound Editor.lnk

[2011/04/24 22:32:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\WavePad Sound Editor

[2011/04/24 22:16:49 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitComet.lnk

[2011/04/24 22:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\BitComet

[2011/04/24 21:55:00 | 000,078,424 | ---- | M] (Ooounom Software) -- C:\Documents and Settings\Owner\Application Data\svchost.exe

[2011/04/24 21:55:00 | 000,078,424 | ---- | M] (Ooounom Software) -- C:\Documents and Settings\Jennifer\Application Data\svchost.exe

[2011/04/24 21:35:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004Core.job

[2011/04/24 14:39:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/04/15 23:27:32 | 000,200,144 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/04/13 21:47:31 | 000,441,692 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/04/13 21:47:31 | 000,071,462 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/04/13 20:27:41 | 000,115,712 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/04/13 19:35:30 | 000,000,633 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\pacemaker.ini

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Documents and Settings\Owner\Application Data\*.tmp files -> C:\Documents and Settings\Owner\Application Data\*.tmp -> ]

[1 C:\Documents and Settings\Jennifer\Application Data\*.tmp files -> C:\Documents and Settings\Jennifer\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/25 23:13:16 | 467,914,752 | -HS- | C] () -- C:\hiberfil.sys

[2011/04/25 22:44:39 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk

[2011/04/25 22:37:15 | 000,001,512 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk

[2011/04/24 22:32:19 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WavePad Sound Editor.lnk

[2011/04/24 22:16:49 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitComet.lnk

[2011/04/23 21:30:11 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004UA.job

[2011/04/23 21:30:08 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004Core.job

[2011/04/17 00:39:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/04/13 19:26:33 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll

[2011/04/13 19:26:33 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll

[2010/12/22 04:32:57 | 000,001,824 | ---- | C] () -- C:\Documents and Settings\Jennifer\Application Data\8AF6.919

[2010/12/21 10:16:03 | 000,009,645 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\8AF6.919

[2010/12/15 06:41:42 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2010/11/29 05:25:03 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2010/11/21 06:25:29 | 000,482,056 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

[2010/04/25 17:48:11 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/04/20 19:34:54 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat

[2010/04/09 00:14:40 | 000,000,633 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pacemaker.ini

[2010/03/19 20:27:45 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini

[2010/03/19 19:46:13 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe

[2010/03/19 19:46:04 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\hpodinet.dll

[2010/03/19 19:45:55 | 000,004,760 | ---- | C] () -- C:\WINDOWS\hphmdl11.dat

[2010/02/26 06:06:54 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Owner\pool.bin

[2010/02/07 02:24:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\prvlcl.dat

[2010/02/07 01:41:58 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin

[2010/02/06 04:10:49 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat

[2010/01/29 20:19:32 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\E0691A13AF.sys

[2010/01/29 20:19:31 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys

[2010/01/29 19:53:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\prvlcl.dat

[2010/01/27 02:12:01 | 000,115,712 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/01/27 02:02:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini

[2010/01/23 03:26:37 | 000,058,616 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll

[2010/01/23 03:15:36 | 000,163,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\vidstub.sys

[2010/01/23 00:05:17 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ1.dat

[2010/01/23 00:05:17 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat

[2010/01/23 00:05:09 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll

[2010/01/23 00:05:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2010/01/22 23:39:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2010/01/22 16:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2010/01/22 16:54:37 | 000,200,144 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/01/22 16:10:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2010/01/22 16:07:08 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2010/01/22 16:05:19 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\libpng13.dll

[2010/01/22 16:05:17 | 000,394,752 | ---- | C] () -- C:\WINDOWS\System32\cygwinb19.dll

[2010/01/22 16:05:14 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll

[2009/11/06 15:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2009/08/03 20:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll

[2009/08/03 20:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe

[2008/04/14 11:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2008/04/14 11:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2008/04/14 11:00:00 | 000,441,692 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2008/04/14 11:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2008/04/14 11:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2008/04/14 11:00:00 | 000,071,462 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2008/04/14 11:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2008/04/14 11:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2008/04/14 11:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2008/04/14 11:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2008/04/14 11:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

[2008/04/14 11:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2005/06/10 21:59:16 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2002/03/19 16:30:00 | 000,045,632 | ---- | C] () -- C:\WINDOWS\System32\TaskSwitch.exe

========== LOP Check ==========

[2010/03/01 10:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\ATTTOOLBAR

[2010/04/21 13:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\CheckPoint

[2011/04/13 19:45:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Research In Motion

[2011/04/13 19:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Azureus

[2011/04/24 22:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BitComet

[2010/04/20 19:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\CheckPoint

[2011/04/25 03:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FrostWire

[2010/01/29 21:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterVideo

[2010/11/21 04:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\motorola

[2011/04/24 22:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound

[2010/12/15 07:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Notepad++

[2011/04/13 19:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Research In Motion

[2010/01/23 03:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Stardock

[2010/01/23 02:46:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TeamViewer

[2010/02/14 16:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Thunderbird

[2010/02/10 15:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WeatherBug

[2010/12/15 09:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software

[2010/12/15 06:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9

[2010/04/09 00:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Entertainer

[2010/04/20 20:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky SDK

[2011/04/13 19:52:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motorola

[2010/04/08 19:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Native Instruments

[2011/04/24 21:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound

[2010/04/09 00:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Owner

[2010/01/23 03:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock

[2011/04/24 21:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer

[2010/01/29 18:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp

[2010/04/08 19:42:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{20EFD19B-675C-417B-A498-B0161D72FF88}

[2010/01/23 03:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2010/01/23 03:17:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{88B68E15-BA37-4CF1-9E41-321E9BEFCF60}

[2010/04/08 19:14:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B5F0C192-874D-49A8-88D7-8431E3714756}

========== Purity Check ==========

========== Custom Scans ==========

Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.

Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe

Invalid Environment Variable: %APPDATA%\*.

Invalid Environment Variable: %APPDATA%\*.exe

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >

[2008/11/14 22:45:23 | 009,129,064 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: AHCIX86.SYS >

[2008/11/14 22:40:08 | 000,164,352 | ---- | M] (AMD Technologies Inc.) MD5=746C6E7AE2C6449F3CF3CF0D5E3A9222 -- C:\WINDOWS\NLDRV\010\ahcix86.sys

< MD5 for: ATAPI.SYS >

[2008/11/14 22:45:23 | 009,129,064 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2004/08/04 12:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\SYSTEM32\DRIVERS\ATAPI.SYS

< MD5 for: EVENTLOG.DLL >

[2008/04/14 11:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll

[2004/08/04 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\SYSTEM32\EVENTLOG.DLL

< MD5 for: IASTOR.SYS >

[2008/11/14 22:40:10 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\WINDOWS\NLDRV\011\iastor.sys

< MD5 for: NETLOGON.DLL >

[2008/11/14 22:33:28 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=06CF9EEDB7E827205C6948C9DAF56974 -- C:\WINDOWS\system32\netlogon.dll

[2004/08/04 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\SYSTEM32\NETLOGON.DLL

< MD5 for: NVGTS.SYS >

[2008/11/14 22:40:21 | 000,105,984 | ---- | M] (NVIDIA Corporation) MD5=F0BF71E77BB6D96D0A34537D151B78D1 -- C:\WINDOWS\NLDRV\013\nvgts.sys

[2008/11/14 22:40:23 | 000,105,984 | ---- | M] (NVIDIA Corporation) MD5=F0BF71E77BB6D96D0A34537D151B78D1 -- C:\WINDOWS\NLDRV\014\nvgts.sys

< MD5 for: SCECLI.DLL >

[2004/08/04 12:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\SYSTEM32\SCECLI.DLL

[2008/04/14 11:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USERINIT.EXE >

[2004/08/04 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\SYSTEM32\USERINIT.EXE

[2008/04/14 11:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: VIAMRAID.SYS >

[2008/11/14 22:40:27 | 000,117,248 | ---- | M] (VIA Technologies inc,.ltd) MD5=3A82A61E312ADDB3BE8F1FE3481842B1 -- C:\WINDOWS\NLDRV\021\viamraid.sys

< MD5 for: VIPRT.SYS >

[2008/11/14 22:40:27 | 000,052,736 | ---- | M] (VIA Technologies, Inc.) MD5=884D400F106C5206602185D9B8E34FE4 -- C:\WINDOWS\NLDRV\020\viprt.sys

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

[2010/01/22 16:53:51 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

[2010/01/22 16:53:50 | 001,081,344 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav

[2010/01/22 16:53:50 | 000,786,432 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

[2011/03/03 06:53:49 | 000,149,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll

[2011/02/22 23:06:28 | 011,080,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

[2011/02/22 23:06:28 | 001,991,680 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll

[2008/04/14 11:00:00 | 000,274,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll

[2008/11/14 22:33:28 | 000,068,096 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll

[2011/01/21 14:42:25 | 008,463,360 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll

[10 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /90 >

[2011/02/17 13:19:38 | 000,457,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys

[2011/02/17 13:19:17 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys

< CREATERESTOREPOINT >

< End of report >

Link to post
Share on other sites

Hi again Epsilon,

Thanks for the logs.

Did you set those proxy settings ?

IE - HKU\Jennifer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:52323

IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*

IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:53980

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 53980

Please rerun OTLPE, copy/paste the following text into the "custom scan/fix" field and click Run Fix. When done, try to reboot normally and let me know how things are running.


:OTL
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Jennifer\Application Data\svchost.exe) - C:\Documents and Settings\Jennifer\Application Data\svchost.exe (Ooounom Software)
O20 - HKU\Jennifer_ON_C Winlogon: Shell - (C:\Documents and Settings\Jennifer\Application Data\dwm.exe) - File not found
O20 - HKU\Owner_ON_C Winlogon: Shell - (C:\Documents and Settings\Owner\Application Data\dwm.exe) - File not found
:files
C:\Documents and Settings\Jennifer\Application Data\svchost.exe
C:\Documents and Settings\Owner\Application Data\svchost.exe
C:\Documents and Settings\Jennifer\Application Data\8AF6.919
C:\Documents and Settings\Owner\Application Data\8AF6.919
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\Userinit.exe,"
:commands
[Reboot]

Regards,

Georgi

Link to post
Share on other sites

Hello,

Sorry for the delay.

We have different time zones.

Could you please post me the resulting log after the fix ?

Next please rerun OTLPE with the following settings:

  • Copy and Paste the following code into the customFix.png textbox.

    /md5start
    userinit.exe
    explorer.exe
    winlogon.exe
    wininit.exe
    hlp.dat
    volsnap.sys
    /md5stop


  • Push runscanbutton.png
  • A report will open. Save that log to your flash drive. Copy and Paste that report in your next reply.

Regards,

Georgi

Link to post
Share on other sites

OTL Extras logfile created on: 4/26/2011 2:15:06 AM - Run

OTLPE by OldTimer - Version 3.1.46.0 Folder = D:\OTLPE\OTLPE

Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.00 Mb Total Physical Memory | 169.00 Mb Available Physical Memory | 38.00% Memory free

366.00 Mb Paging File | 201.00 Mb Available in Paging File | 55.00% Paging File free

Paging file location(s): C:\pagefile.sys 2000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 55.65 Gb Total Space | 12.93 Gb Free Space | 23.24% Space Free | Partition Type: NTFS

Drive D: | 3.73 Gb Total Space | 3.11 Gb Free Space | 83.17% Space Free | Partition Type: FAT32

Drive X: | 635.88 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: BARTPE-31520 | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet006

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)

.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)

.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)

.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)

.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)

.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)

.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)

batfile [open] -- "%1" %*

batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)

cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)

cmdfile [open] -- "%1" %*

cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)

hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)

htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)

inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)

inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)

inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)

jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)

jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)

jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)

jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)

regfile [open] -- regedit.exe "%1" (Microsoft Corporation)

regfile [merge] -- Reg Error: Key error.

regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)

txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)

vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)

vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)

vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)

vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)

vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)

wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)

wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)

Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)

"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)

"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)

"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)

"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM

"C:\Program Files\Ipswitch\WS_FTP 12\wsftpgui.exe" = C:\Program Files\Ipswitch\WS_FTP 12\wsftpgui.exe:*:Enabled:WS_FTP Pro/LE

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)

"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze

"C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable

"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour

"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor

"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel

"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{22439E2F-1CF7-4F8B-992A-3AA3C0553929}" = Yu-Gi-Oh! ONLINE 3

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java 6 Update 17

"{2E510276-F614-4AC5-9ACC-465735484A4F}" = Show Presenter

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker

"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant

"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com

"{6855CCDD-BDF9-48E4-B80A-80DFB96FE36C}" = CmdHere Powertoy For Windows XP

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6DB7AD00-F781-11DF-9EEF-001279CD8240}" = Google Earth

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers 1.10.01

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003

"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules

"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9FA2E0CF-64E8-3536-BA71-618A48D9AF55}" = Google Talk Plugin

"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175

"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls

"{A7050037-F0EA-4BAB-BCD5-FC05507D6147}" = Alt-Tab Task Switcher Powertoy for Windows XP

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder

"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter

"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1

"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder

"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player

"{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}" = Windows Rights Management Client with Service Pack 2

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 Service Pack 1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager

"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call

"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse

"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2

"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service

"6ED11016CDD566A27C3E3432CC546D9FA64E636C" = Windows Driver Package - Realtek Semiconductor Corp. (RTL8023xp) Net (02/25/2008 5.687.0225.2008)

"7-Zip" = 7-Zip 4.60 beta

"8916FCDA42DB427750EB06B23F022EAFDE7A24FA" = Windows Driver Package - ENE TECHNOLOGY INC. PCMCIA (08/14/2002 5.1.2600.1010)

"AbiWord2" = AbiWord 2.6.4

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"All ATI Software" = ATI - Software Uninstall Utility

"ATI Display Driver" = ATI Display Driver

"avast5" = avast! Free Antivirus

"B401FBF1B09B882D9896BCD7132C6DDC5A787A91" = Windows Driver Package - Atheros (AR5211) Net (07/26/2007 5.3.0.67)

"BitComet" = BitComet 1.27

"BootSkin" = BootSkin

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters

"FrostWire" = FrostWire 4.18.6

"Google Chrome" = Google Chrome

"hphuni04" = Photosmart 130,230,7150,7345,7350,7550 (Remove only)

"ie8" = Windows Internet Explorer 8

"Impulse" = Impulse

"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8

"LogonStudio" = LogonStudio

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft Silverlight" = Microsoft Silverlight

"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)

"Mozilla Thunderbird (3.1.6)" = Mozilla Thunderbird (3.1.6)

"Native Instruments Controller Editor" = Native Instruments Controller Editor

"Native Instruments Service Center" = Native Instruments Service Center

"Native Instruments Traktor DJ Studio 3" = Native Instruments Traktor DJ Studio 3

"Notepad++" = Notepad++

"PCDJ VJ" = PCDJ VJ

"PCDJDex" = PCDJ DEX (remove only)

"TeamViewer 5" = TeamViewer 5

"VLC media player" = VLC media player 1.0.1

"WavePad" = WavePad Sound Editor

"Winamp" = Winamp

"WindowBlinds 7" = WindowBlinds 7

"Windows Rights Management Client" = Windows Rights Management Client with Service Pack 2

"Windows Rights Management Client Backwards" = Windows Rights Management Client Backwards Compatibility SP2

"WinLiveSuite_Wave3" = Windows Live Essentials

"Yahoo! Messenger" = Yahoo! Messenger

"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Winamp Detect" = Winamp Detector Plug-in

< End of report >

Link to post
Share on other sites

OTL logfile created on: 4/26/2011 2:15:04 AM - Run

OTLPE by OldTimer - Version 3.1.46.0 Folder = D:\OTLPE\OTLPE

Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.00 Mb Total Physical Memory | 169.00 Mb Available Physical Memory | 38.00% Memory free

366.00 Mb Paging File | 201.00 Mb Available in Paging File | 55.00% Paging File free

Paging file location(s): C:\pagefile.sys 2000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 55.65 Gb Total Space | 12.93 Gb Free Space | 23.24% Space Free | Partition Type: NTFS

Drive D: | 3.73 Gb Total Space | 3.11 Gb Free Space | 83.17% Space Free | Partition Type: FAT32

Drive X: | 635.88 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: BARTPE-31520 | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet006

========== Win32 Services (All) ==========

SRV - [2010/12/14 16:19:30 | 000,136,176 | ---- | M] (Google Inc.) [Auto] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)

SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)

SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)

SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2010/08/27 06:05:07 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)

SRV - [2010/08/17 13:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)

SRV - [2010/03/22 20:53:24 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®

SRV - [2010/02/26 16:19:54 | 003,623,424 | ---- | M] (Native Instruments GmbH) [Auto] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)

SRV - [2009/10/11 10:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2009/09/04 17:41:22 | 000,319,488 | ---- | M] (Alcatel-Lucent) [Auto] -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService)

SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)

SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)

SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)

SRV - [2009/06/10 06:17:16 | 000,134,144 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)

SRV - [2009/04/20 17:06:44 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)

SRV - [2009/02/10 18:26:38 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)

SRV - [2009/02/09 10:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Remote Procedure Call (RPC)

SRV - [2009/02/09 10:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)

SRV - [2009/02/06 11:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)

SRV - [2009/02/06 11:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (Eventlog)

SRV - [2008/12/12 17:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)

SRV - [2008/11/14 22:45:23 | 000,483,328 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)

SRV - [2008/11/14 22:37:50 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\wudfsvc.dll -- (WudfSvc)

SRV - [2008/11/14 22:37:38 | 000,913,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)

SRV - [2008/11/14 22:34:37 | 000,025,800 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)

SRV - [2008/11/14 22:34:00 | 000,175,616 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)

SRV - [2008/11/14 22:33:54 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)

SRV - [2008/11/14 22:33:23 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) Network Location Awareness (NLA)

SRV - [2008/11/14 22:33:20 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN)

SRV - [2008/11/14 22:33:18 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)

SRV - [2008/11/14 22:32:57 | 000,330,752 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess) Windows Firewall/Internet Connection Sharing (ICS)

SRV - [2008/11/14 22:32:40 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\es.dll -- (EventSystem)

SRV - [2008/11/14 22:32:37 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)

SRV - [2008/11/14 22:32:32 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\browser.dll -- (Browser)

SRV - [2008/11/09 20:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

SRV - [2008/07/30 00:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)

SRV - [2008/07/29 22:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)

SRV - [2008/07/29 22:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)

SRV - [2008/07/25 14:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008/07/25 14:16:40 | 000,034,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)

SRV - [2008/04/14 11:00:00 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)

SRV - [2008/04/14 11:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)

SRV - [2008/04/14 11:00:00 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Windows Image Acquisition (WIA)

SRV - [2008/04/14 11:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)

SRV - [2008/04/14 11:00:00 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent)

SRV - [2008/04/14 11:00:00 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)

SRV - [2008/04/14 11:00:00 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)

SRV - [2008/04/14 11:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\netman.dll -- (Netman)

SRV - [2008/04/14 11:00:00 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)

SRV - [2008/04/14 11:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)

SRV - [2008/04/14 11:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)

SRV - [2008/04/14 11:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)

SRV - [2008/04/14 11:00:00 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)

SRV - [2008/04/14 11:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)

SRV - [2008/04/14 11:00:00 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)

SRV - [2008/04/14 11:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)

SRV - [2008/04/14 11:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)

SRV - [2008/04/14 11:00:00 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)

SRV - [2008/04/14 11:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)

SRV - [2008/04/14 11:00:00 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)

SRV - [2008/04/14 11:00:00 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)

SRV - [2008/04/14 11:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)

SRV - [2008/04/14 11:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)

SRV - [2008/04/14 11:00:00 | 000,089,600 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)

SRV - [2008/04/14 11:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)

SRV - [2008/04/14 11:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Remote Procedure Call (RPC)

SRV - [2008/04/14 11:00:00 | 000,073,216 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)

SRV - [2008/04/14 11:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)

SRV - [2008/04/14 11:00:00 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)

SRV - [2008/04/14 11:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)

SRV - [2008/04/14 11:00:00 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc)

SRV - [2008/04/14 11:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)

SRV - [2008/04/14 11:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)

SRV - [2008/04/14 11:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\alg.exe -- (ALG)

SRV - [2008/04/14 11:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)

SRV - [2008/04/14 11:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\sens.dll -- (SENS)

SRV - [2008/04/14 11:00:00 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)

SRV - [2008/04/14 11:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)

SRV - [2008/04/14 11:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)

SRV - [2008/04/14 11:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)

SRV - [2008/04/14 11:00:00 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)

SRV - [2008/04/14 11:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)

SRV - [2008/04/14 11:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)

SRV - [2008/04/14 11:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ups.exe -- (UPS)

SRV - [2008/04/14 11:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)

SRV - [2008/04/14 11:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)

SRV - [2008/04/14 11:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)

SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)

SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)

SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)

SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)

SRV - [2008/04/14 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)

SRV - [2008/04/14 11:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)

SRV - [2008/04/14 11:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)

SRV - [2008/04/14 11:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)

SRV - [2008/04/14 11:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)

SRV - [2008/04/14 10:41:56 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)

SRV - [2006/01/06 19:07:26 | 000,077,824 | ---- | M] (HP) [On_Demand] -- C:\WINDOWS\system32\hphipm11.exe -- (Pml Driver HPH11)

SRV - [2005/08/04 04:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) [Auto] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)

SRV - [2005/04/27 13:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)

SRV - [2004/10/22 09:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)

SRV - [2003/07/28 17:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

Link to post
Share on other sites

========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)

DRV - File not found [Kernel | Disabled] -- -- (ViaIde)

DRV - File not found [Kernel | Disabled] -- -- (TosIde)

DRV - File not found [Kernel | Disabled] -- -- (Simbad)

DRV - File not found [Kernel | On_Demand] -- -- (RimUsb)

DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)

DRV - File not found [Kernel | System] -- -- (PCIDump)

DRV - File not found [Kernel | On_Demand] -- -- (MRENDIS5)

DRV - File not found [Kernel | On_Demand] -- -- (MREMPR5)

DRV - File not found [Kernel | System] -- -- (lbrtfdc)

DRV - File not found [Kernel | Disabled] -- -- (IntelIde)

DRV - File not found [Kernel | Disabled] -- -- (CmdIde)

DRV - File not found [Kernel | System] -- -- (Changer)

DRV - File not found [Kernel | Disabled] -- -- (Atdisk)

DRV - File not found [Kernel | Disabled] -- -- (AliIde)

DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)

DRV - [2011/02/17 13:19:38 | 000,457,472 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)

DRV - [2011/02/17 13:19:17 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)

DRV - [2010/11/02 15:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)

DRV - [2010/09/07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2010/09/07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2010/09/07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2010/09/07 15:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2010/09/07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2010/09/07 15:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2010/01/25 05:04:56 | 000,163,584 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\vidstub.sys -- (BootScreen)

DRV - [2010/01/06 00:04:02 | 000,385,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)

DRV - [2009/11/11 17:14:44 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)

DRV - [2009/11/11 17:14:44 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)

DRV - [2009/11/11 17:14:44 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)

DRV - [2009/11/11 17:14:12 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)

DRV - [2009/10/20 16:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)

DRV - [2009/09/04 17:46:04 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)

DRV - [2009/09/04 17:46:04 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)

DRV - [2009/08/19 21:49:22 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)

DRV - [2009/06/24 10:28:51 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)

DRV - [2009/04/28 20:20:06 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20)

DRV - [2009/01/09 22:18:02 | 000,027,136 | R--- | M] (Research in Motion Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RimSerial.sys -- (RimVSerPort)

DRV - [2008/11/14 22:45:23 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\parport.sys -- (Parport)

DRV - [2008/11/14 22:45:23 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)

DRV - [2008/11/14 22:45:23 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)

DRV - [2008/11/14 22:45:23 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)

DRV - [2008/11/14 22:45:23 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)

DRV - [2008/11/14 22:45:23 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)

DRV - [2008/11/14 22:44:39 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)

DRV - [2008/11/14 22:40:06 | 000,069,168 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)

DRV - [2008/11/14 22:40:04 | 000,010,632 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\amdide.sys -- (amdide)

DRV - [2008/11/14 22:39:28 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)

DRV - [2008/11/14 22:37:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wudfrd.sys -- (WudfRd)

DRV - [2008/11/14 22:37:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wudfpf.sys -- (WudfPf)

DRV - [2008/11/14 22:37:22 | 000,062,848 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\rspndr.sys -- (rspndr)

DRV - [2008/11/14 22:33:58 | 000,030,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)

DRV - [2008/11/14 22:33:58 | 000,017,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbohci.sys -- (usbohci)

DRV - [2008/11/14 22:33:38 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)

DRV - [2008/11/14 22:33:37 | 000,174,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)

DRV - [2008/11/14 22:33:27 | 000,182,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)

DRV - [2008/11/14 22:33:27 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)

DRV - [2008/11/14 22:33:26 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)

DRV - [2008/11/14 22:33:04 | 000,179,712 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)

DRV - [2008/11/14 22:32:38 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)

DRV - [2008/11/14 22:32:33 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)

DRV - [2008/10/16 15:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)

DRV - [2008/09/08 10:06:00 | 000,195,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)

DRV - [2008/04/22 19:09:20 | 000,032,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)

DRV - [2008/04/22 12:45:52 | 000,576,384 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)

DRV - [2008/04/14 11:00:00 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)

DRV - [2008/04/14 11:00:00 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)

DRV - [2008/04/14 11:00:00 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)

DRV - [2008/04/14 11:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)

DRV - [2008/04/14 11:00:00 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)

DRV - [2008/04/14 11:00:00 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)

DRV - [2008/04/14 11:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2008/04/14 11:00:00 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)

DRV - [2008/04/14 11:00:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\fltMgr.sys -- (FltMgr)

DRV - [2008/04/14 11:00:00 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)

DRV - [2008/04/14 11:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)

DRV - [2008/04/14 11:00:00 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)

DRV - [2008/04/14 11:00:00 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)

DRV - [2008/04/14 11:00:00 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)

DRV - [2008/04/14 11:00:00 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)

DRV - [2008/04/14 11:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial)

DRV - [2008/04/14 11:00:00 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)

DRV - [2008/04/14 11:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)

DRV - [2008/04/14 11:00:00 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)

DRV - [2008/04/14 11:00:00 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)

DRV - [2008/04/14 11:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)

DRV - [2008/04/14 11:00:00 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)

DRV - [2008/04/14 11:00:00 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)

DRV - [2008/04/14 11:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)

DRV - [2008/04/14 11:00:00 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)

DRV - [2008/04/14 11:00:00 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)

DRV - [2008/04/14 11:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)

DRV - [2008/04/14 11:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)

DRV - [2008/04/14 11:00:00 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)

DRV - [2008/04/14 11:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)

DRV - [2008/04/14 11:00:00 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)

DRV - [2008/04/14 11:00:00 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)

DRV - [2008/04/14 11:00:00 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)

DRV - [2008/04/14 11:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)

DRV - [2008/04/14 11:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)

DRV - [2008/04/14 11:00:00 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)

DRV - [2008/04/14 11:00:00 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc)

DRV - [2008/04/14 11:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)

DRV - [2008/04/14 11:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)

DRV - [2008/04/14 11:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)

DRV - [2008/04/14 11:00:00 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)

DRV - [2008/04/14 11:00:00 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk)

DRV - [2008/04/14 11:00:00 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)

DRV - [2008/04/14 11:00:00 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)

DRV - [2008/04/14 11:00:00 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)

DRV - [2008/04/14 11:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)

DRV - [2008/04/14 11:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)

DRV - [2008/04/14 11:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)

DRV - [2008/04/14 11:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)

DRV - [2008/04/14 11:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)

DRV - [2008/04/14 11:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC)

DRV - [2008/04/14 11:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)

DRV - [2008/04/14 11:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)

DRV - [2008/04/14 11:00:00 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)

DRV - [2008/04/14 11:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)

DRV - [2008/04/14 11:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)

DRV - [2008/04/14 11:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)

DRV - [2008/04/14 11:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)

DRV - [2008/04/14 11:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)

DRV - [2008/04/14 11:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)

DRV - [2008/04/14 11:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\pciide.sys -- (PCIIde)

DRV - [2008/04/14 11:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)

DRV - [2008/04/14 11:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)

DRV - [2008/04/14 05:47:20 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)

DRV - [2008/04/14 05:45:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)

DRV - [2008/04/14 05:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR)

DRV - [2008/04/14 05:15:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)

DRV - [2008/04/14 05:15:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)

DRV - [2008/04/14 05:15:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)

DRV - [2008/04/14 05:15:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)

DRV - [2008/04/14 05:15:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)

DRV - [2008/04/14 05:15:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic)

DRV - [2008/04/14 05:09:54 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV)

DRV - [2008/04/14 05:09:52 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK)

DRV - [2008/04/14 05:09:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM)

DRV - [2008/04/14 04:17:38 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)

DRV - [2008/04/14 04:15:36 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)

DRV - [2008/04/14 04:09:48 | 000,206,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Dot4.sys -- (dot4)

DRV - [2008/04/14 03:43:22 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)

DRV - [2008/04/14 03:09:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)

DRV - [2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)

DRV - [2008/04/13 23:10:28 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)

DRV - [2008/04/13 23:06:38 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CmBatt.sys -- (CmBatt)

DRV - [2008/04/13 23:06:38 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\compbatt.sys -- (Compbatt)

DRV - [2008/04/13 22:06:44 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pcmcia.sys -- (Pcmcia)

DRV - [2007/12/13 10:21:56 | 000,547,904 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)

DRV - [2006/01/06 19:07:27 | 000,050,276 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphs2k11.sys -- (Dot4Storage HPH11) Storage Class Driver for IEEE-1284.4 (HPH11)

DRV - [2006/01/06 19:07:27 | 000,018,928 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphius11.sys -- (Dot4Usb HPH11)

DRV - [2006/01/06 19:07:27 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphipr11.sys -- (Dot4Print HPH11)

DRV - [2006/01/06 19:07:26 | 000,050,896 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphid411.sys -- (Dot4 HPH11)

DRV - [2005/11/10 22:44:12 | 004,064,256 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2005/08/04 04:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2005/03/04 17:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)

DRV - [2001/08/17 18:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)

DRV - [2001/08/17 17:47:32 | 000,023,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Dot4usb.sys -- (dot4usb)

DRV - [2001/08/17 17:47:32 | 000,012,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Dot4Prt.sys -- (Dot4Print)

DRV - [2001/08/17 12:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)

========== Standard Registry (All) ==========

Link to post
Share on other sites

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ie.msn.com/?ocid=iehp

IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ie

IE - HKU\Jennifer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 D1 8C 13 38 AD CA 01 [binary data]

IE - HKU\Jennifer_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKU\Jennifer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Jennifer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:52323

IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=18707

IE - HKU\Owner_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*

IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:53980

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"

FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us"

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-type: "${8}"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.aol.com/?src=aim&ncid=snsusaimc00000001"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17

FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63

FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.27.2

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16

FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query="

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 53980

FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/01/25 05:08:37 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010/01/22 16:19:10 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/24 22:16:49 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/24 22:16:49 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/12/21 05:05:11 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2010/03/03 02:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions

[2010/02/14 16:20:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2010/03/17 22:28:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2010/03/03 02:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\IMVUClientXUL@imvu.com

[2011/04/24 23:02:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions

[2010/11/20 02:08:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/04/24 21:59:32 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2011/04/24 22:16:50 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

[2011/04/24 22:13:53 | 000,000,000 | ---D | M] ("AOL Messaging Toolbar") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}

[2010/04/02 01:25:24 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

[2010/04/02 23:41:36 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lcjdlapj.default\searchplugins\aim-search.xml

[2011/04/24 23:02:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011/04/23 21:20:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2010/01/22 23:53:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

[2010/01/22 16:19:10 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2011/04/23 21:19:51 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll

[2011/04/23 21:19:51 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll

[2011/04/15 12:20:18 | 001,034,544 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll

[2009/10/11 10:17:27 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll

[2009/11/14 00:47:38 | 000,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll

[2009/02/06 18:44:28 | 001,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll

[2011/04/23 21:20:02 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll

[2009/12/22 00:34:06 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

[2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

[2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

[2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

[2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

[2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

[2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

[2010/11/20 22:07:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

[2010/01/13 22:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

[2010/03/22 20:53:24 | 000,032,576 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll

[2011/04/23 21:20:05 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml

[2011/04/23 21:20:06 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml

[2011/04/23 21:20:06 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml

[2011/04/23 21:20:06 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml

[2011/04/23 21:20:06 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml

[2011/04/23 21:20:06 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml

[2011/04/23 21:20:06 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010/01/22 16:22:51 | 000,000,862 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers\YontooIEClient.dll (Yontoo Technology, Inc.)

O3 - HKU\Jennifer_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKU\Owner_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - File not found

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [bootSkin Startup Jobs] C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe ()

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)

O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\Jennifer_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\Jennifer_ON_C..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

O4 - HKU\LocalService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\NetworkService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\Owner_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\Owner_ON_C..\Run: [Google Update] C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)

O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)

O4 - HKU\.DEFAULT..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)

O4 - HKU\LocalService_ON_C..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)

O4 - HKU\NetworkService_ON_C..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\Jennifer_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 18

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1

O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1

O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)

O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - File not found

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Jennifer\Application Data\svchost.exe) - File not found

O20 - HKLM Winlogon: UIHost - (C:\WINDOWS\system32\logonuix.exe) - C:\WINDOWS\system32\logonuix.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - HKU\Jennifer_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKU\Jennifer_ON_C Winlogon: Shell - (C:\Documents and Settings\Jennifer\Application Data\dwm.exe) - File not found

O20 - HKU\Owner_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKU\Owner_ON_C Winlogon: Shell - (C:\Documents and Settings\Owner\Application Data\dwm.exe) - File not found

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\WBSrv: DllName - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O24 - Desktop WallPaper:

O24 - Desktop BackupWallPaper:

O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/01/22 16:10:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2004/11/02 21:05:00 | 000,000,046 | R--- | M] () - X:\autorun.inf -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/26 01:32:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood

[2011/04/25 22:59:22 | 000,000,000 | ---D | C] -- C:\~ErdUserProfile.$$$

[2011/04/25 22:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO

[2011/04/25 22:37:13 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn

[2011/04/25 22:25:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC

[2011/04/25 20:28:22 | 002,234,368 | ---- | C] (OldTimer Tools) -- C:\OTLPE.exe

[2011/04/25 20:28:17 | 000,000,000 | ---D | C] -- C:\_OTL

[2011/04/25 03:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software

[2011/04/25 03:39:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\ringtones

[2011/04/24 22:32:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound

[2011/04/24 22:32:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite

[2011/04/24 22:32:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Audio Related Programs

[2011/04/24 22:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WavePad Sound Editor

[2011/04/24 22:32:15 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound

[2011/04/24 22:17:24 | 000,000,000 | ---D | C] -- C:\Downloads

[2011/04/24 22:16:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BitComet

[2011/04/24 22:16:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\BitComet

[2011/04/24 22:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet

[2011/04/24 21:57:30 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers

[2011/04/24 21:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer

[2011/04/24 21:47:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound

[2011/04/14 18:38:29 | 000,049,904 | R--- | C] (Avanquest Software) -- C:\WINDOWS\System32\drivers\BVRPMPR5.SYS

[2011/04/14 18:15:37 | 000,000,000 | ---D | C] -- C:\Netgear

[2011/04/13 19:42:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX

[2011/04/13 19:26:29 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe

[2011/04/13 19:26:28 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll

[2011/04/13 19:26:23 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll

[2011/04/13 19:26:13 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32.dll

[2011/04/13 19:26:12 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll

[2011/04/13 19:26:12 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll

[2011/04/13 19:26:12 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll

[2011/04/13 19:26:12 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll

[2011/04/13 19:26:12 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb

[2011/04/13 19:26:12 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb

[2011/04/13 19:26:12 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb

[2011/04/13 19:26:12 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb

[2011/04/13 19:26:12 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb

[2011/04/13 19:25:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shsvcs.dll

[2011/04/13 19:24:52 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys

[2011/04/13 19:24:51 | 000,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys

[2011/04/13 19:24:51 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll

[2011/04/13 19:24:51 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll

[2011/04/13 19:24:51 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsrslvr.dll

[2010/04/19 22:48:14 | 000,939,792 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MFC42U.DLL

[2010/04/19 22:48:14 | 000,271,632 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MSVCRT.DLL

[2010/04/19 22:48:14 | 000,032,528 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\OLEPRO32.DLL

[2010/04/19 22:48:13 | 000,941,840 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MFC42.DLL

[2010/04/19 22:48:09 | 000,330,512 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\MSPAINT.EXE

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Documents and Settings\Owner\Application Data\*.tmp files -> C:\Documents and Settings\Owner\Application Data\*.tmp -> ]

[1 C:\Documents and Settings\Jennifer\Application Data\*.tmp files -> C:\Documents and Settings\Jennifer\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/26 01:32:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/04/26 01:32:39 | 000,482,056 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

[2011/04/26 01:31:32 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011/04/26 01:30:17 | 467,914,752 | -HS- | M] () -- C:\hiberfil.sys

[2011/04/25 23:35:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004UA.job

[2011/04/25 23:34:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/04/25 23:25:05 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011/04/25 22:44:39 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk

[2011/04/25 22:37:15 | 000,001,512 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk

[2011/04/25 19:32:47 | 000,000,245 | -HS- | M] () -- C:\boot.ini

[2011/04/25 04:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight

[2011/04/24 22:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite

[2011/04/24 22:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Audio Related Programs

[2011/04/24 22:32:19 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WavePad Sound Editor.lnk

[2011/04/24 22:32:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\WavePad Sound Editor

[2011/04/24 22:16:49 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitComet.lnk

[2011/04/24 22:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\BitComet

[2011/04/24 21:35:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004Core.job

[2011/04/24 14:39:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/04/15 23:27:32 | 000,200,144 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/04/13 21:47:31 | 000,441,692 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/04/13 21:47:31 | 000,071,462 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/04/13 20:27:41 | 000,115,712 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/04/13 19:35:30 | 000,000,633 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\pacemaker.ini

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Documents and Settings\Owner\Application Data\*.tmp files -> C:\Documents and Settings\Owner\Application Data\*.tmp -> ]

[1 C:\Documents and Settings\Jennifer\Application Data\*.tmp files -> C:\Documents and Settings\Jennifer\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/25 23:13:16 | 467,914,752 | -HS- | C] () -- C:\hiberfil.sys

[2011/04/25 22:44:39 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk

[2011/04/25 22:37:15 | 000,001,512 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk

[2011/04/24 22:32:19 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WavePad Sound Editor.lnk

[2011/04/24 22:16:49 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitComet.lnk

[2011/04/23 21:30:11 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004UA.job

[2011/04/23 21:30:08 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1957994488-1417001333-1004Core.job

[2011/04/17 00:39:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/04/13 19:26:33 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll

[2011/04/13 19:26:33 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll

[2010/12/15 06:41:42 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2010/11/29 05:25:03 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2010/11/21 06:25:29 | 000,482,056 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

[2010/04/25 17:48:11 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/04/20 19:34:54 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat

[2010/04/09 00:14:40 | 000,000,633 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pacemaker.ini

[2010/03/19 20:27:45 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini

[2010/03/19 19:46:13 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe

[2010/03/19 19:46:04 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\hpodinet.dll

[2010/03/19 19:45:55 | 000,004,760 | ---- | C] () -- C:\WINDOWS\hphmdl11.dat

[2010/02/26 06:06:54 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Owner\pool.bin

[2010/02/07 02:24:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\prvlcl.dat

[2010/02/07 01:41:58 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin

[2010/02/06 04:10:49 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat

[2010/01/29 20:19:32 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\E0691A13AF.sys

[2010/01/29 20:19:31 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys

[2010/01/29 19:53:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\prvlcl.dat

[2010/01/27 02:12:01 | 000,115,712 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/01/27 02:02:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini

[2010/01/23 03:26:37 | 000,058,616 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll

[2010/01/23 03:15:36 | 000,163,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\vidstub.sys

[2010/01/23 00:05:17 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ1.dat

[2010/01/23 00:05:17 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat

[2010/01/23 00:05:09 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll

[2010/01/23 00:05:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2010/01/22 23:39:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2010/01/22 16:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2010/01/22 16:54:37 | 000,200,144 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/01/22 16:10:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2010/01/22 16:07:08 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2010/01/22 16:05:19 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\libpng13.dll

[2010/01/22 16:05:17 | 000,394,752 | ---- | C] () -- C:\WINDOWS\System32\cygwinb19.dll

[2010/01/22 16:05:14 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll

[2009/11/06 15:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2009/08/03 20:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll

[2009/08/03 20:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe

[2008/04/14 11:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2008/04/14 11:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2008/04/14 11:00:00 | 000,441,692 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2008/04/14 11:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2008/04/14 11:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2008/04/14 11:00:00 | 000,071,462 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2008/04/14 11:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2008/04/14 11:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2008/04/14 11:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2008/04/14 11:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2008/04/14 11:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

[2008/04/14 11:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2005/06/10 21:59:16 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2002/03/19 16:30:00 | 000,045,632 | ---- | C] () -- C:\WINDOWS\System32\TaskSwitch.exe

========== LOP Check ==========

[2010/03/01 10:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\ATTTOOLBAR

[2010/04/21 13:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\CheckPoint

[2011/04/13 19:45:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Research In Motion

[2011/04/13 19:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Azureus

[2011/04/24 22:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BitComet

[2010/04/20 19:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\CheckPoint

[2011/04/25 03:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FrostWire

[2010/01/29 21:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterVideo

[2010/11/21 04:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\motorola

[2011/04/24 22:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound

[2010/12/15 07:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Notepad++

[2011/04/13 19:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Research In Motion

[2010/01/23 03:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Stardock

[2010/01/23 02:46:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TeamViewer

[2010/02/14 16:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Thunderbird

[2010/02/10 15:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WeatherBug

[2010/12/15 09:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software

[2010/12/15 06:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9

[2010/04/09 00:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Entertainer

[2010/04/20 20:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky SDK

[2011/04/13 19:52:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motorola

[2010/04/08 19:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Native Instruments

[2011/04/24 21:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound

[2010/04/09 00:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Owner

[2010/01/23 03:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock

[2011/04/24 21:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer

[2010/01/29 18:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp

[2010/04/08 19:42:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{20EFD19B-675C-417B-A498-B0161D72FF88}

[2010/01/23 03:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2010/01/23 03:17:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{88B68E15-BA37-4CF1-9E41-321E9BEFCF60}

[2010/04/08 19:14:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B5F0C192-874D-49A8-88D7-8431E3714756}

========== Purity Check ==========

========== Custom Scans ==========

< MD5 for: EXPLORER.EXE >

[2008/11/14 22:32:41 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=2BB75B7F548D82A099125D0C5971DE7D -- C:\WINDOWS\explorer.exe

[2004/08/04 12:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\EXPLORER.EXE

< MD5 for: USERINIT.EXE >

[2004/08/04 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\SYSTEM32\USERINIT.EXE

[2008/04/14 11:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: VOLSNAP.SYS >

[2008/04/14 11:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\drivers\volsnap.sys

< MD5 for: WINLOGON.EXE >

[2004/08/04 12:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\~ErdUserProfile.$$$\$PowerISO$\I386\SYSTEM32\WINLOGON.EXE

[2008/11/14 22:34:04 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=D1BAC55BC35A0CA735AEA19F609F2B22 -- C:\WINDOWS\system32\winlogon.exe

< End of report >

Link to post
Share on other sites

i think one of these 2 files may have caused this problem

[2011/04/24 21:57:30 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers

[2011/04/24 21:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer

Link to post
Share on other sites

Hi Epsilon, :)

You will have to re do the OTL part you left out a bit and it caused the fix to fail.

Please repaste the entire code beginning with this line:

:OTL

Please rerun OTLPE, copy/paste the following text into the "custom scan/fix" field and click Run Fix.


:OTL
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Jennifer\Application Data\svchost.exe) - File not found
O20 - HKU\Jennifer_ON_C Winlogon: Shell - (C:\Documents and Settings\Jennifer\Application Data\dwm.exe) - File not found
O20 - HKU\Owner_ON_C Winlogon: Shell - (C:\Documents and Settings\Owner\Application Data\dwm.exe) - File not found
:reg
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
:commands
[Reboot]

Then try to reboot normally and see if you can get into Windows that way.

Regards,

Georgi

Link to post
Share on other sites

Hello,

We still have some work to do.

Now let's check for leftovers...

Run Scan with Malwarebytes

Please download Malwarebytes Anti-Malware 1.50.1 Final and save it to your desktop.

Download Link 1
Download Link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware

    [*]Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.

On the Scanner tab:

  • Make sure the "Perform FULL Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.

Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

I want to be sure that nothing reappeared. Please perform the following scan:

  • Download DDS by sUBs from one of the following links. Save it to your desktop.

    [*]Double click on the DDS icon, allow it to run.

    [*]A small box will open, with an explaination about the tool. No input is needed, the scan is running.

    [*]Notepad will open with the results.

    [*]Follow the instructions that pop up for posting the results.

    [*]Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.

  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
    gmer_zip.gif
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

-- If you encounter any problems, try running GMER in safe mode.

-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning.

Regards,

Georgi

Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6448

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

4/26/2011 3:25:36 PM

mbam-log-2011-04-26 (15-25-36).txt

Scan type: Full scan (C:\|D:\|E:\|)

Objects scanned: 205605

Time elapsed: 1 hour(s), 2 minute(s), 34 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 1

Registry Keys Infected: 14

Registry Values Infected: 2

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 16

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

c:\program files\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Not selected for removal.

Registry Keys Infected:

HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Value: ForceClassicControlPanel -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> Quarantined and deleted successfully.

Registry Data Items Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

c:\program files\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Not selected for removal.

c:\documents and settings\owner\application data\microsoft\conhost.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.

c:\documents and settings\owner\local settings\temp\0.7136287937684387.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.

c:\documents and settings\Owner\local settings\Temp\pagerage.EXE (Adware.Agent) -> Quarantined and deleted successfully.

c:\_OTL\movedfiles\04252011_202816\c_documents and settings\Jennifer\application data\svchost.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.

c:\_OTL\movedfiles\04252011_202816\c_documents and settings\Owner\application data\svchost.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.

c:\program files\windows live\messenger\riched20.dll (PUP.FunWebProducts) -> Not selected for removal.

c:\system volume information\_restore{303aba47-183c-4ae6-a22e-3a14b04914cd}\RP48\A0167726.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.

c:\system volume information\_restore{303aba47-183c-4ae6-a22e-3a14b04914cd}\RP48\A0170731.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.

c:\system volume information\_restore{303aba47-183c-4ae6-a22e-3a14b04914cd}\RP48\A0173728.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.

c:\system volume information\_restore{303aba47-183c-4ae6-a22e-3a14b04914cd}\RP48\A0174726.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.

c:\system volume information\_restore{303aba47-183c-4ae6-a22e-3a14b04914cd}\rp49\a0178853.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.

c:\downloads\nch wavepad sound editor master's edition 4.24 + keygen [rh]\nch wavepad sound editor master's edition 4.24\Keygen\wavepad sound editor 4.24- keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

c:\documents and settings\Owner\local settings\Temp\0.42879696888681174.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

c:\documents and settings\Owner\local settings\Temp\0.4384814362035844.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

c:\documents and settings\Owner\local settings\Temp\0.8632044618813891.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

Link to post
Share on other sites

GMER 1.0.15.15570 - http://www.gmer.net

Rootkit scan 2011-04-26 22:01:02

Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK6034GSX rev.AH101A

Running: 2iyfhep1.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\fgryypog.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xF25B5CF0]

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xF25B5BAC]

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xF25B6160]

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xF25B608A]

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0xF25B5782]

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xF25B5C86]

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xF25B56C2]

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0xF25B5726]

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xF25B5DA6]

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xF25B622E]

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xF25B5D66]

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xF25B5EE6]

SSDT \??\C:\WINDOWS\system32\Drivers\uphcleanhlp.sys ZwUnloadKey [0xEE5F66D0]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xF25C2BAE]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xF25C29D2]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xF25C2B0C]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

? C:\WINDOWS\system32\Drivers\uphcleanhlp.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\plugin-container.exe[1100] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 10402024 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }

.text C:\Program Files\Mozilla Firefox\firefox.exe[3356] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\system32\Ati2evxx.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\system32\services.exe[636] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 006C0002

IAT C:\WINDOWS\system32\services.exe[636] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 006C0000

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowPlacement] [66603F30] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!CallWindowProcA] [666040F4] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\System32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\System32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\System32\svchost.exe[980] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\system32\svchost.exe[1180] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!SetWindowPlacement] [66603F0E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!GetWindowPlacement] [66603F30] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!LoadImageW] [66044CFA] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!SendMessageW] [66045EBD] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SendMessageW] [66045EBD] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!LoadImageW] [66044CFA] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll

Link to post
Share on other sites

[uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!LoadImageW] [66044CFA] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SendMessageW] [66045EBD] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SizeofResource] [66042A55] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FindResourceW] [66044C25] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadResource] [66042B1A] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6604255C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!LoadStringW] [66042B1F] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!LoadImageW] [66044CFA] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SendMessageW] [66045EBD] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowPlacement] [66603F30] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\WINDOWS\Explorer.EXE[1292] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [06D95D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [06D95E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [06D95E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [06D95D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [06D95E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [06D95E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [06D95D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] [06D95DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] [06D95D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1464] @ C:\WINDOWS\system32\wininet.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[2068] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!CallWindowProcA] [666040F4] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowPlacement] [66603F30] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Windows Media Player\WMPNetwk.exe[2368] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowPlacement] [66603F30] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Documents and Settings\Owner\My Documents\Downloads\2iyfhep1.exe[2672] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowPlacement] [66603F30] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!CallWindowProcA] [666040F4] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!CallWindowProcW] [66604121] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[3564] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [01415DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [01415DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [01415DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [01415D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [01415DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [01415E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [01415E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [01415DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [01415D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [01415E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DeferWindowPos] [66603E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetWindowPlacement] [66603F30] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [01415E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [01415DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [01415D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!MoveWindow] [66603F52] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [01415DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!GetWindowRect] [66603FB5] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetWindowPos] [66603F82] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3596] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [01415D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [66603E7C] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [66045E71] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [66045E28] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66045D4E] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetWindowLongW] [66603EA3] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [66045DAB] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3728] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [66045D54] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

Device \FileSystem\Fastfat \FatCdrom aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Fastfat \Fat mfehidk.sys (McAfee Link Driver/McAfee, Inc.)

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

---- EOF - GMER 1.0.15 ----

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.